contensis-cli 1.0.12-beta.8 → 1.1.1-beta.0

package/dist/util/json.formatter.js

@@ -1,7 +1,9 @@
 "use strict";
+var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -15,15 +17,45 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var json_formatter_exports = {};
 __export(json_formatter_exports, {
-  jsonFormatter: () => jsonFormatter
+  flattenObject: () => flattenObject,
+  jsonFormatter: () => jsonFormatter,
+  limitFields: () => limitFields
 });
 module.exports = __toCommonJS(json_formatter_exports);
-const jsonFormatter = (obj) => JSON.stringify(obj, null, 2);
+var import_flat = require("flat");
+var import_deep_cleaner = __toESM(require("deep-cleaner"));
+const jsonFormatter = (obj, fields) => JSON.stringify(limitFields(obj, fields), null, 2);
+const flattenObject = (obj) => (0, import_flat.flatten)((0, import_deep_cleaner.default)(obj, ["workflow"]));
+const limitFields = (obj, fields) => {
+  if (!fields)
+    return obj;
+  if (obj && Array.isArray(obj)) {
+    const arr = [];
+    for (const child of obj)
+      arr.push(limitFields(child, fields));
+    return arr;
+  }
+  if (obj && typeof obj === "object") {
+    const flattenedObj = (0, import_flat.flatten)(obj);
+    const sortedObj = {};
+    for (const field of fields) {
+      sortedObj[field] = flattenedObj[field];
+    }
+    return (0, import_flat.unflatten)(sortedObj);
+  }
+  return obj;
+};
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
-  jsonFormatter
+  flattenObject,
+  jsonFormatter,
+  limitFields
 });
 //# sourceMappingURL=json.formatter.js.map

package/dist/util/json.formatter.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../../src/util/json.formatter.ts"],
-  "sourcesContent": ["export const jsonFormatter = <T>(obj: T) => JSON.stringify(obj, null, 2);\n"],
-  "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,MAAM,gBAAgB,CAAI,QAAW,KAAK,UAAU,KAAK,MAAM,CAAC;",
-  "names": []
+  "sourcesContent": ["import { flatten, unflatten } from 'flat';\nimport cleaner from 'deep-cleaner';\n\n// Format a JSON object for a nice output\nexport const jsonFormatter = <T>(obj: T, fields?: string[]) =>\n  JSON.stringify(limitFields(obj, fields), null, 2);\n\n// Flatten a JSON object such as an entry so there are no\n// nested object and the keys are presented like \"sys.version.versionNo\": \"1.0\"\nexport const flattenObject = (obj: any) => flatten(cleaner(obj, ['workflow']));\n\n// Will limit and sort an object's keys by an array of supplied fields\nexport const limitFields = (obj: any, fields?: string[]): any => {\n  if (!fields) return obj;\n  if (obj && Array.isArray(obj)) {\n    const arr = [];\n    for (const child of obj) arr.push(limitFields(child, fields));\n    return arr;\n  }\n\n  if (obj && typeof obj === 'object') {\n    const flattenedObj = flatten(obj) as any;\n    const sortedObj = {} as any;\n    for (const field of fields) {\n      sortedObj[field] = flattenedObj[field];\n    }\n\n    return unflatten(sortedObj);\n  }\n\n  return obj;\n};\n"],
+  "mappings": ";;;;;;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,kBAAmC;AACnC,0BAAoB;AAGb,MAAM,gBAAgB,CAAI,KAAQ,WACvC,KAAK,UAAU,YAAY,KAAK,MAAM,GAAG,MAAM,CAAC;AAI3C,MAAM,gBAAgB,CAAC,YAAa,yBAAQ,oBAAAA,SAAQ,KAAK,CAAC,UAAU,CAAC,CAAC;AAGtE,MAAM,cAAc,CAAC,KAAU,WAA2B;AAC/D,MAAI,CAAC;AAAQ,WAAO;AACpB,MAAI,OAAO,MAAM,QAAQ,GAAG,GAAG;AAC7B,UAAM,MAAM,CAAC;AACb,eAAW,SAAS;AAAK,UAAI,KAAK,YAAY,OAAO,MAAM,CAAC;AAC5D,WAAO;AAAA,EACT;AAEA,MAAI,OAAO,OAAO,QAAQ,UAAU;AAClC,UAAM,mBAAe,qBAAQ,GAAG;AAChC,UAAM,YAAY,CAAC;AACnB,eAAW,SAAS,QAAQ;AAC1B,gBAAU,SAAS,aAAa;AAAA,IAClC;AAEA,eAAO,uBAAU,SAAS;AAAA,EAC5B;AAEA,SAAO;AACT;",
+  "names": ["cleaner"]
 }

package/dist/version.js

@@ -21,7 +21,7 @@ __export(version_exports, {
   LIB_VERSION: () => LIB_VERSION
 });
 module.exports = __toCommonJS(version_exports);
-const LIB_VERSION = "1.0.12-beta.8";
+const LIB_VERSION = "1.1.1-beta.0";
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   LIB_VERSION

package/dist/version.js.map

@@ -1,7 +1,7 @@
 {
   "version": 3,
   "sources": ["../src/version.ts"],
-  "sourcesContent": ["export const LIB_VERSION = \"1.0.12-beta.8\";\n"],
+  "sourcesContent": ["export const LIB_VERSION = \"1.1.1-beta.0\";\n"],
   "mappings": ";;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAO,MAAM,cAAc;",
   "names": []
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "contensis-cli",
-  "version": "1.0.12-beta.8",
+  "version": "1.1.1-beta.0",
   "description": "A fully featured Contensis command line interface with a shell UI provides simple and intuitive ways to manage or profile your content in any NodeJS terminal.",
   "repository": "https://github.com/contensis/cli",
   "homepage": "https://github.com/contensis/cli/tree/main/packages/contensis-cli#readme",

package/src/localisation/en-GB.ts

@@ -451,7 +451,7 @@ export const LogMessages = {
     ) =>
       `
       Project: ${Logger.standardText(name)}
-      - Home: ${Logger.standardText(process.cwd())}
+      - Home: ${Logger.standardText(git.gitcwd())}
       - Repository: ${Logger.standardText(git.home)} 
       - Block id: ${Logger.highlightText(blockId)}
     
@@ -551,9 +551,10 @@ export const LogMessages = {
       } ${Logger.highlightText(`CONTENSIS_SHARED_SECRET`)}\n    ${
         git.type === 'github' ? `Secret:` : `Value:`
       } ${Logger.standardText(secret)}`,
-    accessTokenFetch: () => `Please wait, fecthing Delivery API token ⏳`,
+    accessTokenFetch: () =>
+      `Please wait, fetching Delivery API access token ⏳`,
     accessTokenSuccess: (token: string) =>
-      `Successfully fetched Delivery API token 👉 ${Logger.infoText(token)}`,
+      `Successfully fetched Delivery API token\n  ${Logger.infoText(token)}`,
     accessTokenFailed: () =>
       `Something went wrong! If the problem persists, please contact our support team 🛟`,
     accessTokenPermission: () =>
@@ -572,6 +573,8 @@ export const LogMessages = {
     failed: () => `Contensis developer environment initialisation failed`,
     dryRun: () =>
       `Contensis developer environment initialisation dry run completed`,
+    dryRunKeyMessage: (dryRun: boolean) =>
+      dryRun ? '<< not created: dry-run >>' : undefined,
     noChanges: () =>
       `No changes were made to your project, run the command again without the ${Logger.highlightText(
         '--dry-run'

package/src/mappers/DevInit-to-CIWorkflow.ts

@@ -102,12 +102,10 @@ const mapGitLabCIWorkflowContent = async (
       alias: cli.currentEnv,
       project_id: cli.currentProject,
       client_id:
-        loc === 'env'
-          ? cli.devinit?.credentials.clientId
-          : '$CONTENSIS_CLIENT_ID',
+        loc === 'env' ? cli.deployCredentials.clientId : '$CONTENSIS_CLIENT_ID',
       shared_secret:
         loc === 'env'
-          ? cli.devinit?.credentials.clientSecret
+          ? cli.deployCredentials.clientSecret
           : '$CONTENSIS_SHARED_SECRET',
     },
   };
@@ -120,12 +118,14 @@ const mapGitLabCIWorkflowContent = async (
     setWorkflowElement(
       workflowDoc,
       `variables.CONTENSIS_CLIENT_ID`,
-      `${cli.devinit.credentials.clientId}`
+      cli.deployCredentials.clientId ||
+        cli.messages.devinit.dryRunKeyMessage(!!cli.command.options.dryRun)
     );
     setWorkflowElement(
       workflowDoc,
       `variables.CONTENSIS_CLIENT_SECRET`,
-      `${cli.devinit.credentials.clientSecret}`
+      cli.deployCredentials.clientSecret ||
+        cli.messages.devinit.dryRunKeyMessage(!!cli.command.options.dryRun)
     );
   }
 
@@ -298,12 +298,12 @@ const mapGitHubActionCIWorkflowContent = async (
     setWorkflowElement(
       workflowDoc,
       `env.CONTENSIS_CLIENT_ID`,
-      cli.devinit?.credentials.clientId
+      cli.deployCredentials.clientId
     );
     setWorkflowElement(
       workflowDoc,
       'env.CONTENSIS_SHARED_SECRET',
-      cli.devinit?.credentials.clientSecret
+      cli.deployCredentials.clientSecret
     );
   }
 

package/src/mappers/DevInit-to-RolePermissions.ts

@@ -1,15 +1,17 @@
 import { Role } from 'contensis-management-api/lib/models';
 
 export const devKeyPermissions = {} as Partial<Role['permissions']>;
+
 export const deployKeyPermissions = {
   blocks: { actions: ['push', 'release', 'view'] },
 } as Role['permissions'];
 
 export const devKeyRole = (
   keyName: string,
+  roleName: string,
   description: string
 ): Partial<Role> => ({
-  name: keyName,
+  name: roleName,
   description,
   assignments: {
     apiKeys: [keyName],
@@ -20,9 +22,10 @@ export const devKeyRole = (
 
 export const deployKeyRole = (
   keyName: string,
+  roleName: string,
   description: string
 ): Partial<Role> => ({
-  name: keyName,
+  name: roleName,
   description,
   assignments: {
     apiKeys: [keyName],

package/src/models/Cache.d.ts

@@ -19,7 +19,8 @@ type EnvironmentCache = {
 
 type CliCommand = {
   createdDate: string;
-  createdUserId: string;
+  invokedBy: string;
   commandText: string;
+  options: { [key: string]: string | boolean };
   result?: any;
 };

package/src/services/ContensisAuthService.ts

@@ -59,7 +59,7 @@ class ContensisAuthService {
     });
   }
 
-  ClassicToken = async () => {
+  ClassicToken = async (): Promise<string | null | undefined> => {
     // make sure our token isn't expried.
     await this.client.ensureBearerToken();
     return (this.client as any).contensisClassicToken;

package/src/services/ContensisCliService.ts

@@ -46,7 +46,7 @@ import {
 } from '~/util/console.printer';
 import { csvFormatter } from '~/util/csv.formatter';
 import { xmlFormatter } from '~/util/xml.formatter';
-import { jsonFormatter } from '~/util/json.formatter';
+import { jsonFormatter, limitFields } from '~/util/json.formatter';
 import { diffLogStrings } from '~/util/diff';
 import { logError, Logger } from '~/util/logger';
 import { promiseDelay } from '~/util/timers';
@@ -63,23 +63,16 @@ class ContensisCli {
     process.exit(exitCode);
   };
 
-  private command: CliCommand;
   private format?: OutputFormat;
   private output?: string;
   private session: SessionCacheProvider;
 
+  auth?: ContensisAuthService;
+  command: CliCommand;
   contensis?: ContensisMigrationService;
   contensisOpts: Partial<MigrateRequest>;
   currentProject: string;
 
-  devinit!: {
-    invokedBy: string;
-    credentials: {
-      clientId: string;
-      clientSecret: string;
-    };
-  };
-
   sourceAlias?: string;
   targetEnv?: string;
   urls:
@@ -99,10 +92,6 @@ class ContensisCli {
   noun: string;
   thirdArg: string;
 
-  get invokedBy() {
-    return this.command.createdUserId;
-  }
-
   get cache() {
     return this.session.Get();
   }
@@ -159,15 +148,19 @@ class ContensisCli {
     const environments = this.cache.environments || {};
     this.currentEnv = currentEnvironment;
 
+    // Set env from command options
     const env = this.env;
-
     if (outputOpts?.projectId) env.currentProject = outputOpts.projectId;
     if (outputOpts?.user) env.lastUserId = outputOpts.user;
     // setting this in env means passwordFallback is written to environments.json
     if (outputOpts?.password) env.passwordFallback = outputOpts.password;
     if (outputOpts?.clientId) env.lastUserId = outputOpts.clientId;
     if (outputOpts?.sharedSecret)
-      env.passwordFallback = outputOpts.sharedSecret;
+      if (outputOpts.sharedSecret.startsWith('-'))
+        throw new Error(
+          `Shared secret option provided a value of ${outputOpts.sharedSecret}`
+        );
+      else env.passwordFallback = outputOpts.sharedSecret;
 
     this.currentProject = env?.currentProject || 'null';
     this.sourceAlias = outputOpts?.sourceAlias || currentEnvironment;
@@ -178,8 +171,9 @@ class ContensisCli {
 
     this.command = {
       commandText,
+      options: outputOpts as any,
       createdDate: new Date().toISOString(),
-      createdUserId: env?.lastUserId,
+      invokedBy: env?.lastUserId,
     };
 
     if (currentEnvironment) {
@@ -419,7 +413,10 @@ class ContensisCli {
 
       if (credentialError && !credentials.current) {
         // Log problem with Credential Provider
-        log.error(credentialError as any);
+        log.error(
+          `Unable to find credentials for user ${userId} at ${currentEnv}`,
+          credentialError as any
+        );
         return;
       }
 
@@ -487,7 +484,7 @@ class ContensisCli {
           }
 
           if (inputPassword || cachedPassword || cachedSecret) {
-            const authService = new ContensisAuthService({
+            this.auth = new ContensisAuthService({
               username: userId,
               password: inputPassword || cachedPassword,
               projectId: env?.currentProject || 'website',
@@ -496,9 +493,7 @@ class ContensisCli {
               clientSecret: sharedSecret || cachedSecret,
             });
 
-            const [authError, bearerToken] = await to(
-              authService.BearerToken()
-            );
+            const [authError, bearerToken] = await to(this.auth.BearerToken());
 
             // Login successful
             if (bearerToken) {
@@ -2496,18 +2491,20 @@ class ContensisCli {
   };
   HandleFormattingAndOutput = <T>(obj: T, logFn: (obj: T) => void) => {
     const { format, log, messages, output } = this;
+    const fields = this.contensis?.payload.query?.fields;
+
     if (!format) {
       // print the object to console
       logFn(obj);
     } else if (format === 'csv') {
       log.raw('');
-      log.raw(log.infoText(csvFormatter(obj)));
+      log.raw(log.infoText(csvFormatter(limitFields(obj, fields))));
     } else if (format === 'xml') {
       log.raw('');
-      log.raw(log.infoText(xmlFormatter(obj)));
+      log.raw(log.infoText(xmlFormatter(limitFields(obj, fields))));
     } else if (format === 'json') {
       log.raw('');
-      log.raw(log.infoText(jsonFormatter(obj)));
+      log.raw(log.infoText(jsonFormatter(obj, fields)));
     }
     log.raw('');
 
@@ -2515,10 +2512,11 @@ class ContensisCli {
       let writeString = '';
       const isText = !tryParse(obj) && typeof obj === 'string';
       if (format === 'csv') {
-        writeString = csvFormatter(obj as any);
+        writeString = csvFormatter(limitFields(obj, fields));
       } else if (format === 'xml') {
-        writeString = xmlFormatter(obj as any);
-      } else writeString = isText ? (obj as string) : jsonFormatter(obj);
+        writeString = xmlFormatter(limitFields(obj, fields));
+      } else
+        writeString = isText ? (obj as string) : jsonFormatter(obj, fields);
       // write output to file
       if (writeString) {
         fs.writeFileSync(output, writeString);

package/src/services/ContensisDevService.ts

@@ -1,6 +1,8 @@
+import ansiEscapes from 'ansi-escapes';
 import to from 'await-to-js';
 import { spawn } from 'child_process';
 import inquirer from 'inquirer';
+import { createSpinner } from 'nanospinner';
 import path from 'path';
 
 import { Role } from 'contensis-management-api/lib/models';
@@ -20,15 +22,17 @@ import { GitHelper } from '~/util/git';
 import { jsonFormatter } from '~/util/json.formatter';
 import { winSlash } from '~/util/os';
 import { stringifyYaml } from '~/util/yaml';
-import { createSpinner } from 'nanospinner';
 import { mergeContentsToAddWithGitignore } from '~/util/gitignore';
-import ContensisAuthService from './ContensisAuthService';
-import ansiEscapes from 'ansi-escapes';
 
 class ContensisDev extends ContensisRole {
   git!: GitHelper;
   blockId!: string;
 
+  deployCredentials = {
+    clientId: '',
+    clientSecret: '',
+  };
+
   constructor(
     args: string[],
     outputOpts?: OutputOptionsConstructorArg,
@@ -49,8 +53,6 @@ class ContensisDev extends ContensisRole {
     const contensis = await this.ConnectContensis();
 
     if (contensis) {
-      this.devinit = { ...this.devinit, invokedBy: this.invokedBy };
-
       // First we need to get the block id from the user
       const validateBlockId = (blockId: string) => {
         const pattern = /^[0-9a-z](-?[0-9a-z])*$/;
@@ -64,6 +66,7 @@ class ContensisDev extends ContensisRole {
         prefix: '🧱',
         message: messages.devinit.blockIdQuestion,
         validate: validateBlockId,
+        default: git.name,
       });
       // make sure block id is lowercase
       this.blockId = blockId.toLowerCase();
@@ -93,65 +96,17 @@ class ContensisDev extends ContensisRole {
       const devKeyDescription = `Created by Contensis to allow API access from the running block`;
       let existingDevKey = apiKeyExists(devKeyName);
 
-      // if dev api key doesn't exisit go and create it (we need this for local development, we will store these details in the .env file).
-      if (!existingDevKey) {
-        existingDevKey = await this.CreateOrUpdateApiKey(
-          existingDevKey,
-          devKeyName,
-          devKeyDescription
-        );
-        log.success('Successfully created development key');
-      }
-
       const deployKeyName = `${apiKeyName}-ci`;
       const deployKeyDescription = `Created by the Contensis CLI for use in continuous integration`;
 
       let existingDeployKey = apiKeyExists(deployKeyName);
 
-      // if deploy api key doesn't exisit go and create it (we need this for yml file).
-      if (!existingDeployKey) {
-        existingDeployKey = await this.CreateOrUpdateApiKey(
-          existingDeployKey,
-          deployKeyName,
-          deployKeyDescription
-        );
-        log.success('Successfully created deploy key');
-      }
-
-      // check we have the deply key so we can assign them to this values
-      if (existingDeployKey) {
-        // Add client id and secret to global 'this'
-        this.devinit = {
-          ...this.devinit,
-          credentials: {
-            clientId: existingDeployKey?.id,
-            clientSecret: existingDeployKey?.sharedSecret,
-          },
-        };
-      }
-
-      // we need to credentials of the user so that we can create a auth service
-      const credentials = await this.GetCredentials(this.devinit.invokedBy);
-
-      // create new auth service using creds
-      let classicToken: string | undefined | null;
-      const auth = new ContensisAuthService({
-        username: credentials?.current?.account,
-        password: credentials?.current?.password,
-        projectId: currentProject,
-        rootUrl: `https://cms-${currentEnv}.cloud.contensis.com`,
-      });
-
-      // once we have auth service, we can go and fetch out classic token
-      classicToken = await auth.ClassicToken();
-
       // const blockId = git.name;
       const errors = [] as AppError[];
 
       // Start render console output
       log.raw('');
       log.success(messages.devinit.intro());
-      log.raw('');
       log.raw(
         log.infoText(
           messages.devinit.projectDetails(
@@ -193,7 +148,6 @@ class ContensisDev extends ContensisRole {
 
       log.raw(log.infoText(messages.devinit.ciDetails(ciFileName)));
 
-      let mappedWorkflow;
       // Location for Client ID / Secret.
       const { loc } = await inquirer.prompt({
         name: 'loc',
@@ -213,9 +167,8 @@ class ContensisDev extends ContensisRole {
         ],
       });
 
+      log.raw('');
       log.help(messages.devinit.ciIntro(git, loc));
-      // Update CI Workflow
-      mappedWorkflow = await mapCIWorkflowContent(this, loc);
 
       if (!dryRun) {
         // Confirm prompt
@@ -233,7 +186,6 @@ class ContensisDev extends ContensisRole {
 
       // Fetching access token
       let accessToken: string | undefined = undefined;
-      log.raw('');
 
       const spinner = createSpinner(messages.devinit.accessTokenFetch());
       spinner.start();
@@ -241,9 +193,9 @@ class ContensisDev extends ContensisRole {
       const token = await this.GetDeliveryApiKey();
 
       if (token) {
-        spinner.success();
-        this.log.success(messages.devinit.accessTokenSuccess(token));
         accessToken = token;
+        spinner.success({ text: messages.devinit.accessTokenSuccess(token) });
+        log.raw('');
       } else {
         spinner.error();
         this.log.error(messages.devinit.accessTokenFailed());
@@ -261,9 +213,48 @@ class ContensisDev extends ContensisRole {
       const [getRolesErr, roles] = await to(contensis.roles.GetRoles());
       if (!roles && getRolesErr) errors.push(getRolesErr);
       checkpoint(`fetched ${roles?.length} roles`);
+
       if (dryRun) {
         checkpoint(`skip api key creation (dry-run)`);
       } else {
+        // if dev api key doesn't exist go and create it (we need this for local development, we will store these details in the .env file).
+        const devKeyExisted = !!existingDevKey;
+        if (!existingDevKey) {
+          existingDevKey = await this.CreateOrUpdateApiKey(
+            existingDevKey,
+            devKeyName,
+            devKeyDescription
+          );
+          log.success(messages.devinit.createDevKey(devKeyName, devKeyExisted));
+        }
+        // NF 24/11/23 Added this commented code back in as we are not assigning the dev key to any role here
+        // // Ensure dev API key is assigned to a role
+        // let existingDevRole = findByIdOrName(roles || [], devKeyName, true) as
+        //   | Role
+        //   | undefined;
+        // existingDevRole = await this.CreateOrUpdateRole(
+        //   existingDevRole,
+        //   devKeyRole(devKeyName, devKeyDescription)
+        // );
+        // checkpoint('dev key role assigned');
+
+        // if deploy api key doesn't exist go and create it (we need this for yml file).
+        const deployKeyExisted = !!existingDeployKey;
+        if (!existingDeployKey) {
+          existingDeployKey = await this.CreateOrUpdateApiKey(
+            existingDeployKey,
+            deployKeyName,
+            deployKeyDescription
+          );
+        }
+
+        // check we have the deploy key so we can assign them to this values
+        if (existingDeployKey) {
+          // Add client id and secret to credentials
+          this.deployCredentials.clientId = existingDeployKey?.id;
+          this.deployCredentials.clientSecret = existingDeployKey?.sharedSecret;
+        }
+
         // Ensure deploy API key is assigned to a role with the right permissions
         const deployRoleName = `Role for CI push of block '${blockId}'`;
         const deplyRoleDescription = `Created by the Contensis CLI for use in continuous integration`;
@@ -274,11 +265,13 @@ class ContensisDev extends ContensisRole {
         ) as Role | undefined;
         existingDeployRole = await this.CreateOrUpdateRole(
           existingDeployRole,
-          deployKeyRole(deployKeyName, deplyRoleDescription)
+          deployKeyRole(deployKeyName, deployRoleName, deplyRoleDescription)
         );
 
         checkpoint('deploy key role assigned');
-        log.success(messages.devinit.createDeployKey(deployRoleName, true));
+        log.success(
+          messages.devinit.createDeployKey(deployRoleName, deployKeyExisted)
+        );
         checkpoint('api keys done');
       }
 
@@ -297,9 +290,11 @@ class ContensisDev extends ContensisRole {
       if (accessToken) envContentsToAdd['ACCESS_TOKEN'] = accessToken;
       // add client id and secret to the env file
       if (loc === 'env') {
-        envContentsToAdd['CONTENSIS_CLIENT_ID'] = existingDevKey?.id;
+        envContentsToAdd['CONTENSIS_CLIENT_ID'] =
+          existingDevKey?.id || messages.devinit.dryRunKeyMessage(dryRun);
         envContentsToAdd['CONTENSIS_CLIENT_SECRET'] =
-          existingDevKey?.sharedSecret;
+          existingDevKey?.sharedSecret ||
+          messages.devinit.dryRunKeyMessage(dryRun);
       }
 
       // if we have client id / secret in our env remove it
@@ -339,7 +334,7 @@ class ContensisDev extends ContensisRole {
         }
         checkpoint('skip .env file update (dry-run)');
       } else {
-        if (envDiff) log.info(`updating .env file ${winSlash(envFilePath)}`);
+        if (envDiff) log.info(`Updating .env file ${winSlash(envFilePath)}`);
         writeFile(envFilePath, envFileLines.join('\n'));
         checkpoint('.env file updated');
         log.success(messages.devinit.writeEnvFile());
@@ -347,9 +342,15 @@ class ContensisDev extends ContensisRole {
       }
 
       // Update git ignore
-      const gitIgnorePath = `${projectHome}/.gitignore`;
-      const gitIgnoreContentsToAdd = ['.env'];
-      mergeContentsToAddWithGitignore(gitIgnorePath, gitIgnoreContentsToAdd);
+      if (dryRun) {
+        checkpoint('skip .gitignore file update (dry-run)');
+      } else {
+        mergeContentsToAddWithGitignore(`${projectHome}/.gitignore`, ['.env']);
+        log.raw('');
+      }
+
+      // Update CI Workflow
+      const mappedWorkflow = await mapCIWorkflowContent(this, loc);
 
       // Update CI file -- different for GH/GL
       if (mappedWorkflow?.diff) {
@@ -372,6 +373,7 @@ class ContensisDev extends ContensisRole {
           } else {
             log.info(messages.devinit.ciFileNoChanges(`./${ciFileName}`));
           }
+          log.raw('');
           checkpoint('CI file updated');
         }
       }
@@ -382,8 +384,9 @@ class ContensisDev extends ContensisRole {
         log.help(
           messages.devinit.addGitSecretsHelp(
             git,
-            existingDeployKey?.id,
-            existingDeployKey?.sharedSecret
+            existingDeployKey?.id || messages.devinit.dryRunKeyMessage(dryRun),
+            existingDeployKey?.sharedSecret ||
+              messages.devinit.dryRunKeyMessage(dryRun)
           )
         );
       }
@@ -395,10 +398,13 @@ class ContensisDev extends ContensisRole {
         log.success(messages.devinit.success());
         log.help(messages.devinit.startProjectTip());
         // open the cms link -- if no classic token just return the cms url
+
+        // go and fetch the classic token from auth service
+        const classicToken = await this.auth?.ClassicToken();
         log.help(
           ansiEscapes.link(
             `Open Contensis`,
-            `https://cms-${currentEnv}.cloud.contensis.com${
+            `${this.urls?.cms}${
               classicToken ? `?SecurityToken=${classicToken}` : ''
             }`
           )