create-aws-project 1.2.1 → 1.3.0

package/dist/commands/initialize-github.js

@@ -0,0 +1,329 @@
+/**
+ * initialize-github command
+ *
+ * Configures GitHub Environment with AWS credentials for a single environment
+ * Must be run from inside a project directory
+ * Requires environment name as argument (dev, stage, prod)
+ */
+import ora from 'ora';
+import prompts from 'prompts';
+import pc from 'picocolors';
+import { execSync } from 'node:child_process';
+import { requireProjectContext } from '../utils/project-context.js';
+import { createCrossAccountIAMClient, createDeploymentUserWithCredentials, } from '../aws/iam.js';
+import { createGitHubClient, setEnvironmentCredentials, parseGitHubUrl, } from '../github/secrets.js';
+const VALID_ENVIRONMENTS = ['dev', 'stage', 'prod'];
+/**
+ * GitHub environment display names
+ */
+const GITHUB_ENV_NAMES = {
+    dev: 'Development',
+    stage: 'Staging',
+    prod: 'Production',
+};
+/**
+ * Validates environment argument
+ * @param env Environment name to validate
+ * @returns true if valid, false otherwise
+ */
+function isValidEnvironment(env) {
+    return VALID_ENVIRONMENTS.includes(env);
+}
+/**
+ * Attempts to extract GitHub repo owner/name from git remote
+ * @returns GitHubRepoInfo if successful, null if fails or not GitHub
+ */
+function getGitRemoteOrigin() {
+    try {
+        const remote = execSync('git remote get-url origin', {
+            encoding: 'utf-8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        }).trim();
+        return parseGitHubUrl(remote);
+    }
+    catch {
+        // Git not initialized, no remote, or parse failure
+        return null;
+    }
+}
+/**
+ * Prompts user for GitHub Personal Access Token
+ * @returns GitHub PAT string
+ */
+async function promptForGitHubPAT() {
+    console.log('');
+    console.log(pc.bold('GitHub Authentication'));
+    console.log('');
+    console.log('A Personal Access Token is required to configure GitHub secrets.');
+    console.log(pc.dim('Token must have "repo" scope for environment secrets access.'));
+    console.log('');
+    console.log('Create a token at: https://github.com/settings/tokens/new');
+    console.log('');
+    const response = await prompts({
+        type: 'password',
+        name: 'token',
+        message: 'GitHub Personal Access Token:',
+        validate: (value) => {
+            if (!value.trim()) {
+                return 'Token is required';
+            }
+            // GitHub tokens start with ghp_ (classic) or github_pat_ (fine-grained)
+            if (!value.startsWith('ghp_') && !value.startsWith('github_pat_')) {
+                return 'Invalid token format. Expected ghp_ or github_pat_ prefix.';
+            }
+            return true;
+        },
+    }, {
+        onCancel: () => {
+            console.log(`\n${pc.red('x')} Setup cancelled`);
+            process.exit(1);
+        },
+    });
+    if (!response.token) {
+        console.error(pc.red('Error:') + ' GitHub token is required.');
+        process.exit(1);
+    }
+    return response.token;
+}
+/**
+ * Prompts user to select environment from configured ones
+ * @param configuredEnvs List of environments with account IDs
+ * @returns Selected environment name
+ */
+async function promptForEnvironment(configuredEnvs) {
+    console.log('');
+    console.log(pc.bold('Environment Selection'));
+    console.log('');
+    const response = await prompts({
+        type: 'select',
+        name: 'env',
+        message: 'Select environment to configure:',
+        choices: configuredEnvs.map((env) => ({
+            title: `${env} (${GITHUB_ENV_NAMES[env]})`,
+            value: env,
+        })),
+    }, {
+        onCancel: () => {
+            console.log(`\n${pc.red('x')} Setup cancelled`);
+            process.exit(1);
+        },
+    });
+    if (!response.env) {
+        console.error(pc.red('Error:') + ' Environment selection is required.');
+        process.exit(1);
+    }
+    return response.env;
+}
+/**
+ * Prompts user for GitHub repository owner/name
+ * @returns GitHubRepoInfo with owner and repo
+ */
+async function promptForRepoInfo() {
+    console.log('');
+    console.log(pc.bold('GitHub Repository'));
+    console.log('');
+    console.log('Enter your GitHub repository in owner/repo format.');
+    console.log(pc.dim('Example: myusername/my-project'));
+    console.log('');
+    const response = await prompts({
+        type: 'text',
+        name: 'repo',
+        message: 'GitHub repository (owner/repo):',
+        validate: (value) => {
+            if (!value.trim()) {
+                return 'Repository is required';
+            }
+            if (!/^[^/]+\/[^/]+$/.test(value.trim())) {
+                return 'Format must be owner/repo (e.g., username/project-name)';
+            }
+            return true;
+        },
+    }, {
+        onCancel: () => {
+            console.log(`\n${pc.red('x')} Setup cancelled`);
+            process.exit(1);
+        },
+    });
+    if (!response.repo) {
+        console.error(pc.red('Error:') + ' Repository is required.');
+        process.exit(1);
+    }
+    return parseGitHubUrl(response.repo);
+}
+/**
+ * Handles AWS and GitHub errors with actionable messages
+ * @param error The error to handle
+ * @param env The environment being configured
+ * @returns never - always exits
+ */
+function handleError(error, env) {
+    console.error('');
+    if (!(error instanceof Error)) {
+        console.error(pc.red('Error:') + ' Unknown error occurred');
+        process.exit(1);
+    }
+    // AWS AssumeRole errors
+    if (error.name === 'AccessDenied' || error.message.includes('AssumeRole')) {
+        console.error(pc.red('Error: Cannot assume role in target account'));
+        console.error('');
+        console.error('This command requires cross-account access via:');
+        console.error(`  arn:aws:iam::<${env}-account-id>:role/OrganizationAccountAccessRole`);
+        console.error('');
+        console.error('Ensure:');
+        console.error(`  1. The ${env} account was created via setup-aws-envs`);
+        console.error('  2. Your credentials are from the management account');
+        console.error('  3. OrganizationAccountAccessRole exists in target account');
+        process.exit(1);
+    }
+    // IAM user already exists
+    if (error.message.includes('already exists')) {
+        console.error(pc.red('Error:') + ` ${error.message}`);
+        console.error('');
+        console.error('To retry, delete the IAM user first:');
+        console.error('  1. Go to AWS Console > IAM > Users');
+        console.error(`  2. Find and delete the existing deployment user`);
+        console.error('  3. Run this command again');
+        process.exit(1);
+    }
+    // Access key limit exceeded
+    if (error.name === 'LimitExceeded' || error.message.includes('LimitExceeded')) {
+        console.error(pc.red('Error: Access key limit exceeded'));
+        console.error('');
+        console.error('IAM users can only have 2 active access keys.');
+        console.error('Delete an existing key before creating a new one:');
+        console.error('  AWS Console > IAM > Users > Security credentials > Access keys');
+        process.exit(1);
+    }
+    // GitHub authentication errors
+    if (error.message.includes('authentication failed') || error.name === 'HttpError') {
+        console.error(pc.red('Error: GitHub authentication failed'));
+        console.error('');
+        console.error('Ensure your Personal Access Token:');
+        console.error('  1. Has "repo" scope enabled');
+        console.error('  2. Belongs to the repository owner or has access');
+        console.error('  3. Is not expired');
+        console.error('');
+        console.error('Create a new token at: https://github.com/settings/tokens/new');
+        process.exit(1);
+    }
+    // Default error handling
+    console.error(pc.red('Error:') + ` ${error.message}`);
+    if (error.name) {
+        console.error(pc.dim(`Error type: ${error.name}`));
+    }
+    process.exit(1);
+}
+/**
+ * Runs the initialize-github command
+ *
+ * @param args Command arguments - expects environment name as first arg (optional)
+ */
+export async function runInitializeGitHub(args) {
+    // 1. Validate we're in a project directory
+    const context = await requireProjectContext();
+    const { config } = context;
+    const { projectName, awsRegion } = config;
+    // 2. Determine environment
+    let env;
+    if (args[0]) {
+        // Environment provided as argument
+        const envArg = args[0];
+        // Validate it's lowercase (enforce consistency)
+        if (envArg !== envArg.toLowerCase()) {
+            console.error(pc.red('Error:') + ` Environment must be lowercase: ${pc.bold(envArg)}`);
+            console.error('');
+            console.error(`Did you mean: ${pc.cyan(envArg.toLowerCase())}?`);
+            process.exit(1);
+        }
+        if (!isValidEnvironment(envArg)) {
+            console.error(pc.red('Error:') + ` Invalid environment: ${pc.bold(envArg)}`);
+            console.error('');
+            console.error('Valid environments: ' + VALID_ENVIRONMENTS.join(', '));
+            process.exit(1);
+        }
+        env = envArg;
+    }
+    else {
+        // Interactive environment selection
+        const configuredEnvs = VALID_ENVIRONMENTS.filter((e) => config.accounts?.[e]);
+        if (configuredEnvs.length === 0) {
+            console.error(pc.red('Error:') + ' No environments configured.');
+            console.error('');
+            console.error('Run setup-aws-envs first to create environment accounts:');
+            console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
+            process.exit(1);
+        }
+        env = await promptForEnvironment(configuredEnvs);
+    }
+    // 3. Validate account ID exists for environment
+    const accountId = config.accounts?.[env];
+    if (!accountId) {
+        console.error(pc.red('Error:') + ` No account ID for ${env}.`);
+        console.error('');
+        console.error('Run setup-aws-envs first to create environment accounts:');
+        console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
+        process.exit(1);
+    }
+    // 4. Get repository info (try git remote, fallback to prompt)
+    let repoInfo = getGitRemoteOrigin();
+    if (!repoInfo) {
+        console.log('');
+        console.log(pc.yellow('Note:') + ' Could not detect GitHub repository from git remote.');
+        repoInfo = await promptForRepoInfo();
+    }
+    else {
+        console.log('');
+        console.log(`Detected repository: ${pc.cyan(`${repoInfo.owner}/${repoInfo.repo}`)}`);
+    }
+    // 5. Prompt for GitHub PAT (always interactive per CONTEXT.md)
+    const pat = await promptForGitHubPAT();
+    // 6. Execute AWS and GitHub setup
+    const spinner = ora(`Initializing ${env} environment...`).start();
+    try {
+        // Step 1: Create cross-account IAM client
+        spinner.text = `Assuming role in ${env} account (${accountId})...`;
+        const iamClient = createCrossAccountIAMClient(awsRegion, accountId);
+        // Step 2: Create deployment user and credentials
+        spinner.text = `Creating IAM deployment user...`;
+        const credentials = await createDeploymentUserWithCredentials(iamClient, projectName, env, accountId);
+        // Step 3: Configure GitHub
+        const githubEnvName = GITHUB_ENV_NAMES[env];
+        spinner.text = `Configuring GitHub Environment "${githubEnvName}"...`;
+        const githubClient = createGitHubClient(pat);
+        await setEnvironmentCredentials(githubClient, repoInfo.owner, repoInfo.repo, githubEnvName, credentials.accessKeyId, credentials.secretAccessKey);
+        spinner.succeed(`Configured ${githubEnvName} environment`);
+        // Success summary
+        console.log('');
+        console.log(pc.green(`${env} environment setup complete!`));
+        console.log('');
+        console.log('Resources created:');
+        console.log(`  IAM User: ${pc.cyan(`arn:aws:iam::${accountId}:user/deployment/${credentials.userName}`)}`);
+        console.log(`  GitHub Environment: ${pc.cyan(githubEnvName)}`);
+        console.log('');
+        console.log('View secrets at:');
+        console.log(`  ${pc.cyan(`https://github.com/${repoInfo.owner}/${repoInfo.repo}/settings/environments`)}`);
+        console.log('');
+        // Show next steps (other environments if any remain)
+        const remainingEnvs = VALID_ENVIRONMENTS.filter((e) => e !== env && config.accounts?.[e]);
+        if (remainingEnvs.length > 0) {
+            console.log(pc.bold('Next steps:'));
+            console.log('');
+            console.log('Configure remaining environments:');
+            for (const remainingEnv of remainingEnvs) {
+                console.log(`  ${pc.cyan(`npx create-aws-project initialize-github ${remainingEnv}`)}`);
+            }
+            console.log('');
+        }
+        else {
+            console.log(pc.bold('All environments configured!'));
+            console.log('');
+            console.log('Deploy your application by pushing to the main branch:');
+            console.log(`  ${pc.cyan('git push origin main')}`);
+            console.log('');
+        }
+    }
+    catch (error) {
+        spinner.fail(`Failed to configure ${env} environment`);
+        handleError(error, env);
+    }
+}

package/dist/commands/setup-aws-envs.d.ts

@@ -0,0 +1,14 @@
+/**
+ * setup-aws-envs command
+ *
+ * Sets up AWS Organizations and environment accounts (dev, stage, prod)
+ * Must be run from inside a project directory
+ */
+/**
+ * Runs the setup-aws-envs command
+ *
+ * Creates AWS Organizations and environment accounts (dev, stage, prod)
+ *
+ * @param _args Command arguments (unused)
+ */
+export declare function runSetupAwsEnvs(_args: string[]): Promise<void>;

package/dist/commands/setup-aws-envs.js

@@ -0,0 +1,233 @@
+/**
+ * setup-aws-envs command
+ *
+ * Sets up AWS Organizations and environment accounts (dev, stage, prod)
+ * Must be run from inside a project directory
+ */
+import ora from 'ora';
+import prompts from 'prompts';
+import pc from 'picocolors';
+import { readFileSync, writeFileSync } from 'node:fs';
+import { requireProjectContext } from '../utils/project-context.js';
+import { createOrganizationsClient, checkExistingOrganization, createOrganization, createAccount, waitForAccountCreation, } from '../aws/organizations.js';
+/**
+ * Environment names for account creation
+ */
+const ENVIRONMENTS = ['dev', 'stage', 'prod'];
+/**
+ * Validates an email address format
+ * @param value Email string to validate
+ * @returns true if valid, error message string if invalid
+ */
+function validateEmail(value) {
+    if (!value.trim()) {
+        return 'Email is required';
+    }
+    if (!/^[^\s@]+@[^\s@]+\.[^\s@]+$/.test(value)) {
+        return 'Invalid email format';
+    }
+    return true;
+}
+/**
+ * Validates email format and uniqueness
+ * @param value Email string to validate
+ * @param existing Array of already collected emails
+ * @returns true if valid and unique, error message string if invalid
+ */
+function validateUniqueEmail(value, existing) {
+    const emailValid = validateEmail(value);
+    if (emailValid !== true) {
+        return emailValid;
+    }
+    const lower = value.toLowerCase();
+    if (existing.some((e) => e?.toLowerCase() === lower)) {
+        return 'Each account requires a unique email address';
+    }
+    return true;
+}
+/**
+ * Collects unique email addresses for each environment account
+ * @param projectName Project name for display
+ * @returns EnvironmentEmails object with dev, stage, prod emails
+ */
+async function collectEmails(projectName) {
+    console.log('');
+    console.log(pc.bold('AWS Account Configuration'));
+    console.log('');
+    console.log(`Setting up environment accounts for ${pc.cyan(projectName)}`);
+    console.log('');
+    console.log('Each AWS environment account requires a unique root email address.');
+    console.log(pc.dim('Tip: Use email aliases like yourname+dev@company.com'));
+    console.log('');
+    const onCancel = () => {
+        console.log(`\n${pc.red('x')} Setup cancelled`);
+        process.exit(1);
+    };
+    // Collect emails sequentially to enable uniqueness validation
+    const devResponse = await prompts({
+        type: 'text',
+        name: 'dev',
+        message: 'Dev account root email:',
+        validate: validateEmail,
+    }, { onCancel });
+    if (!devResponse.dev) {
+        console.log(pc.red('Error:') + ' Dev email is required.');
+        process.exit(1);
+    }
+    const stageResponse = await prompts({
+        type: 'text',
+        name: 'stage',
+        message: 'Stage account root email:',
+        validate: (v) => validateUniqueEmail(v, [devResponse.dev]),
+    }, { onCancel });
+    if (!stageResponse.stage) {
+        console.log(pc.red('Error:') + ' Stage email is required.');
+        process.exit(1);
+    }
+    const prodResponse = await prompts({
+        type: 'text',
+        name: 'prod',
+        message: 'Prod account root email:',
+        validate: (v) => validateUniqueEmail(v, [devResponse.dev, stageResponse.stage]),
+    }, { onCancel });
+    if (!prodResponse.prod) {
+        console.log(pc.red('Error:') + ' Prod email is required.');
+        process.exit(1);
+    }
+    return {
+        dev: devResponse.dev,
+        stage: stageResponse.stage,
+        prod: prodResponse.prod,
+    };
+}
+/**
+ * Updates the config file with account IDs
+ * @param configPath Path to the config file
+ * @param accounts Record of environment to account ID
+ */
+function updateConfigAccounts(configPath, accounts) {
+    const content = readFileSync(configPath, 'utf-8');
+    const config = JSON.parse(content);
+    config.accounts = { ...config.accounts, ...accounts };
+    writeFileSync(configPath, JSON.stringify(config, null, 2) + '\n', 'utf-8');
+}
+/**
+ * Handles AWS-specific errors with actionable messages
+ * @param error The error to handle
+ * @returns never - always exits
+ */
+function handleAwsError(error) {
+    console.error('');
+    if (!(error instanceof Error)) {
+        console.error(pc.red('Error:') + ' Unknown error occurred');
+        process.exit(1);
+    }
+    switch (error.name) {
+        case 'AccessDeniedException':
+            console.error(pc.red('Error: Insufficient AWS permissions'));
+            console.error('');
+            console.error('Your AWS credentials need the following permissions:');
+            console.error('  - organizations:DescribeOrganization');
+            console.error('  - organizations:CreateOrganization');
+            console.error('  - organizations:CreateAccount');
+            console.error('  - organizations:DescribeCreateAccountStatus');
+            console.error('');
+            console.error('Ensure you are using credentials from the management account.');
+            break;
+        case 'AWSOrganizationsNotInUseException':
+            console.error(pc.red('Error: Unexpected state - no organization exists after creation attempt'));
+            console.error('This may be a temporary AWS issue. Please try again in a few minutes.');
+            break;
+        case 'ConstraintViolationException':
+            console.error(pc.red('Error: AWS Organizations limit reached'));
+            console.error('');
+            console.error(error.message);
+            console.error('');
+            console.error('You may have hit the account creation limit. Contact AWS Support.');
+            break;
+        case 'FinalizingOrganizationException':
+            console.error(pc.red('Error: AWS Organization is still initializing'));
+            console.error('Please wait about an hour and try again.');
+            break;
+        case 'TooManyRequestsException':
+            console.error(pc.red('Error: AWS rate limit exceeded'));
+            console.error('Please wait a few minutes and try again.');
+            break;
+        default:
+            console.error(pc.red('Error:') + ` ${error.message}`);
+            if (error.name) {
+                console.error(pc.dim(`Error type: ${error.name}`));
+            }
+    }
+    process.exit(1);
+}
+/**
+ * Runs the setup-aws-envs command
+ *
+ * Creates AWS Organizations and environment accounts (dev, stage, prod)
+ *
+ * @param _args Command arguments (unused)
+ */
+export async function runSetupAwsEnvs(_args) {
+    // 1. Validate we're in a project directory
+    const context = await requireProjectContext();
+    const { config, configPath } = context;
+    // 2. Check if already configured (warn but don't abort - allows retry after partial failure)
+    const existingAccounts = config.accounts ?? {};
+    if (Object.keys(existingAccounts).length > 0) {
+        console.log('');
+        console.log(pc.yellow('Warning:') + ' AWS accounts already configured in this project:');
+        for (const [env, id] of Object.entries(existingAccounts)) {
+            console.log(`  ${env}: ${id}`);
+        }
+        console.log('');
+        console.log(pc.dim('Continuing will create additional accounts...'));
+    }
+    // 3. Collect emails (all input before any AWS calls - per research pitfall #6)
+    const emails = await collectEmails(config.projectName);
+    // 4. Execute AWS operations with progress spinner
+    const spinner = ora('Starting AWS Organizations setup...').start();
+    try {
+        // Organizations API requires us-east-1 (region-locked per research pitfall #1)
+        const client = createOrganizationsClient('us-east-1');
+        // Check/create organization
+        spinner.text = 'Checking for existing AWS Organization...';
+        let orgId = await checkExistingOrganization(client);
+        if (!orgId) {
+            spinner.text = 'Creating AWS Organization...';
+            orgId = await createOrganization(client);
+            spinner.succeed(`Created AWS Organization: ${orgId}`);
+        }
+        else {
+            spinner.succeed(`Using existing AWS Organization: ${orgId}`);
+        }
+        // Create accounts sequentially (per research - AWS rate limits require sequential)
+        const accounts = {};
+        for (const env of ENVIRONMENTS) {
+            spinner.start(`Creating ${env} account (this may take several minutes)...`);
+            const accountName = `${config.projectName}-${env}`;
+            const { requestId } = await createAccount(client, emails[env], accountName);
+            spinner.text = `Waiting for ${env} account creation...`;
+            const result = await waitForAccountCreation(client, requestId);
+            accounts[env] = result.accountId;
+            // Save after EACH successful account (per research pitfall #3 - handle partial success)
+            updateConfigAccounts(configPath, accounts);
+            spinner.succeed(`Created ${env} account: ${result.accountId}`);
+        }
+        // Final success
+        console.log('');
+        console.log(pc.green('AWS environment setup complete!'));
+        console.log('');
+        console.log('Account IDs saved to config:');
+        for (const [env, id] of Object.entries(accounts)) {
+            console.log(`  ${env}: ${id}`);
+        }
+        console.log('');
+        console.log(pc.bold('Next step:'));
+        console.log(`  ${pc.cyan('npx create-aws-project initialize-github dev')}`);
+    }
+    catch (error) {
+        spinner.fail('AWS setup failed');
+        handleAwsError(error);
+    }
+}

package/dist/commands/setup-github.d.ts

@@ -1,3 +1,14 @@
+/**
+ * setup-github command module
+ *
+ * Orchestrates the complete flow of creating IAM deployment users
+ * and configuring GitHub repository secrets for each environment.
+ */
+/**
+ * Shows deprecation notice for the old setup-github command
+ * Exits with code 1 to indicate user should use new command
+ */
+export declare function showDeprecationNotice(): never;
 /**
  * Runs the setup-github command
  */

package/dist/commands/setup-github.js

@@ -10,6 +10,28 @@ import { createGitHubClient, setEnvironmentCredentials } from '../github/secrets
  * Orchestrates the complete flow of creating IAM deployment users
  * and configuring GitHub repository secrets for each environment.
  */
+/**
+ * Shows deprecation notice for the old setup-github command
+ * Exits with code 1 to indicate user should use new command
+ */
+export function showDeprecationNotice() {
+    console.log('');
+    console.log(pc.yellow('DEPRECATED:') + ' The setup-github command has been replaced.');
+    console.log('');
+    console.log('Use the new per-environment command instead:');
+    console.log('');
+    console.log(`  ${pc.cyan('npx create-aws-project initialize-github <env>')}`);
+    console.log('');
+    console.log('Where <env> is one of: dev, stage, prod');
+    console.log('');
+    console.log('Example workflow:');
+    console.log(`  1. ${pc.cyan('npx create-aws-project setup-aws-envs')}     # Create AWS accounts`);
+    console.log(`  2. ${pc.cyan('npx create-aws-project initialize-github dev')}  # Configure dev`);
+    console.log(`  3. ${pc.cyan('npx create-aws-project initialize-github prod')} # Configure prod`);
+    console.log('');
+    console.log(pc.dim('The new approach provides better error isolation per environment.'));
+    process.exit(1);
+}
 /**
  * Prints the setup-github command banner
  */

package/dist/templates/manifest.js

@@ -45,6 +45,10 @@ export function deriveTokenValues(config) {
         AUTH_AUTH0: config.auth.provider === 'auth0' ? 'true' : 'false',
         AUTH_SOCIAL_LOGIN: config.auth.features.includes('social-login') ? 'true' : 'false',
         AUTH_MFA: config.auth.features.includes('mfa') ? 'true' : 'false',
+        // Platform tokens for conditional documentation
+        WEB: config.platforms.includes('web') ? 'true' : 'false',
+        MOBILE: config.platforms.includes('mobile') ? 'true' : 'false',
+        API: config.platforms.includes('api') ? 'true' : 'false',
         // Organization tokens
         ORG_ENABLED: config.org?.enabled ? 'true' : 'false',
         ORG_NAME: config.org?.organizationName ?? '',
@@ -61,6 +65,7 @@ export function deriveTokenValues(config) {
  */
 export const templateManifest = {
     shared: [
+        { src: 'root/README.md', dest: 'README.md' },
         { src: 'root/package.json', dest: 'package.json' },
         { src: 'root/tsconfig.base.json', dest: 'tsconfig.base.json' },
         { src: 'root/nx.json', dest: 'nx.json' },

package/dist/templates/types.d.ts

@@ -11,6 +11,10 @@ export interface TokenValues {
     AUTH_AUTH0: string;
     AUTH_SOCIAL_LOGIN: string;
     AUTH_MFA: string;
+    /** Platform selection flags ('true' or 'false') */
+    WEB: string;
+    MOBILE: string;
+    API: string;
     /** Organization enabled flag ('true' or 'false') */
     ORG_ENABLED?: string;
     /** Organization name */