create-aws-project 1.5.1 → 1.7.0

package/dist/cli.js

@@ -8,6 +8,7 @@ import { showDeprecationNotice } from './commands/setup-github.js';
 import { runSetupAwsEnvs } from './commands/setup-aws-envs.js';
 import { runInitializeGitHub } from './commands/initialize-github.js';
 import { promptGitSetup, setupGitRepository } from './git/setup.js';
+import { loadNonInteractiveConfig } from './config/non-interactive.js';
 /**
  * Write project configuration file for downstream commands
  */
@@ -48,22 +49,29 @@ Scaffold a new AWS Starter Kit project with React, Lambda, and CDK infrastructur
 Commands:
   (default)           Create a new project (interactive wizard)
   setup-aws-envs      Set up AWS Organizations and environment accounts
-  initialize-github   Configure GitHub Environment for deployment
+  initialize-github   Configure GitHub Environment for deployment (supports batch mode)
   setup-github        ${pc.dim('[DEPRECATED]')} Use initialize-github instead
 
 Options:
   --help, -h          Show this help message
   --version, -v       Show version number
+  --config <path>     Create project from JSON config file (non-interactive)
 
 Usage:
-  create-aws-project                         Run interactive wizard
-  create-aws-project setup-aws-envs          Create AWS accounts
-  create-aws-project initialize-github dev   Configure dev environment
+  create-aws-project                              Run interactive wizard
+  create-aws-project --config project.json        Non-interactive mode
+  create-aws-project setup-aws-envs               Create AWS accounts
+  create-aws-project initialize-github dev        Configure dev environment
+  create-aws-project initialize-github --all      Configure all environments
+  create-aws-project initialize-github dev stage  Configure specific environments
 
 Examples:
   create-aws-project my-app
+  create-aws-project --config project.json
   create-aws-project setup-aws-envs
   create-aws-project initialize-github dev
+  create-aws-project initialize-github --all
+  create-aws-project initialize-github dev stage prod
   create-aws-project --help
 `.trim());
 }
@@ -83,33 +91,47 @@ function printWelcome() {
 /**
  * Print post-generation instructions
  */
-function printNextSteps(projectName, platforms) {
+function printNextSteps(projectName) {
     console.log('');
     console.log(pc.bold('Next steps:'));
     console.log('');
     console.log(`  ${pc.cyan('cd')} ${projectName}`);
-    console.log(`  ${pc.cyan('npm install')}`);
     console.log('');
-    if (platforms.includes('web')) {
-        console.log(`  ${pc.gray('# Start web app')}`);
-        console.log(`  ${pc.cyan('npm run web')}`);
-        console.log('');
-    }
-    if (platforms.includes('mobile')) {
-        console.log(`  ${pc.gray('# Start mobile app')}`);
-        console.log(`  ${pc.cyan('npm run mobile')}`);
-        console.log('');
-    }
-    if (platforms.includes('api')) {
-        console.log(`  ${pc.gray('# Deploy API')}`);
-        console.log(`  ${pc.cyan('npm run cdk:deploy')}`);
-        console.log('');
-    }
-    console.log(`  ${pc.gray('# Configure AWS environments')}`);
+    console.log(`  ${pc.gray('# Set up AWS accounts and credentials')}`);
     console.log(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
     console.log('');
+    console.log(`  ${pc.gray('# Push credentials to GitHub secrets')}`);
+    console.log(`  ${pc.cyan('npx create-aws-project initialize-github')}`);
+    console.log('');
     console.log(pc.gray('Happy coding!'));
 }
+/**
+ * Run project creation in non-interactive mode from a JSON config file.
+ * Skips all prompts and git setup (NI-02, NI-06).
+ */
+async function runNonInteractive(configPath) {
+    const config = loadNonInteractiveConfig(configPath);
+    const outputDir = resolve(process.cwd(), config.projectName);
+    // Check if directory already exists
+    if (existsSync(outputDir)) {
+        console.error(pc.red('Error:') + ` Directory ${pc.cyan(config.projectName)} already exists.`);
+        process.exit(1);
+    }
+    // Create project directory
+    mkdirSync(outputDir, { recursive: true });
+    // Generate project
+    console.log('');
+    await generateProject(config, outputDir);
+    // Write config file for downstream commands
+    writeConfigFile(outputDir, config);
+    // NI-06: Skip git setup entirely in non-interactive mode
+    // promptGitSetup() is NOT called
+    // Success message and next steps
+    console.log('');
+    console.log(pc.green('✔') + ` Created ${pc.bold(config.projectName)} successfully!`);
+    printNextSteps(config.projectName);
+    process.exit(0);
+}
 /**
  * Run the create project wizard flow
  * This is the default command when no subcommand is specified
@@ -117,6 +139,19 @@ function printNextSteps(projectName, platforms) {
 async function runCreate(args) {
     printWelcome();
     console.log(''); // blank line after banner
+    // Non-interactive path: --config flag provided
+    const configFlagIndex = args.findIndex(arg => arg === '--config');
+    if (configFlagIndex !== -1) {
+        const configPath = args[configFlagIndex + 1];
+        if (!configPath || configPath.startsWith('--')) {
+            console.error(pc.red('Error:') + ' --config requires a path argument');
+            console.error('  Example: npx create-aws-project --config project.json');
+            process.exit(1);
+        }
+        await runNonInteractive(configPath);
+        return;
+    }
+    // Interactive path (unchanged — existing code below)
     // Extract project name from CLI args (first non-flag argument)
     const nameArg = args.find(arg => !arg.startsWith('-'));
     const config = await runWizard(nameArg ? { defaultName: nameArg } : undefined);
@@ -148,7 +183,7 @@ async function runCreate(args) {
     // Success message and next steps
     console.log('');
     console.log(pc.green('✔') + ` Created ${pc.bold(config.projectName)} successfully!`);
-    printNextSteps(config.projectName, config.platforms);
+    printNextSteps(config.projectName);
     process.exit(0);
 }
 /**

package/dist/commands/initialize-github.js

@@ -10,7 +10,6 @@ import prompts from 'prompts';
 import pc from 'picocolors';
 import { execSync } from 'node:child_process';
 import { requireProjectContext } from '../utils/project-context.js';
-import { createCrossAccountIAMClient, createDeploymentUserWithCredentials, createAccessKey, } from '../aws/iam.js';
 import { createGitHubClient, setEnvironmentCredentials, parseGitHubUrl, } from '../github/secrets.js';
 const VALID_ENVIRONMENTS = ['dev', 'stage', 'prod'];
 /**
@@ -151,49 +150,55 @@ async function promptForRepoInfo() {
     return parseGitHubUrl(response.repo);
 }
 /**
- * Handles AWS and GitHub errors with actionable messages
+ * Determines batch environments from CLI args
+ * @param args Command arguments
+ * @param config Project config with deployment credentials
+ * @returns Array of environments to configure
+ */
+function determineBatchEnvironments(args, config) {
+    if (args.includes('--all')) {
+        const envs = VALID_ENVIRONMENTS.filter(env => config.deploymentCredentials?.[env]);
+        if (envs.length === 0) {
+            console.error(pc.red('Error:') + ' No environments have credentials configured.');
+            console.error('Run setup-aws-envs first to create deployment credentials:');
+            console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
+            process.exit(1);
+        }
+        return [...envs];
+    }
+    // Multiple positional arguments (filter out flags)
+    const envArgs = args.filter(arg => !arg.startsWith('--'));
+    for (const envArg of envArgs) {
+        if (envArg !== envArg.toLowerCase()) {
+            console.error(pc.red('Error:') + ` Environment must be lowercase: ${pc.bold(envArg)}`);
+            console.error(`Did you mean: ${pc.cyan(envArg.toLowerCase())}?`);
+            process.exit(1);
+        }
+        if (!isValidEnvironment(envArg)) {
+            console.error(pc.red('Error:') + ` Invalid environment: ${pc.bold(envArg)}`);
+            console.error('Valid environments: ' + VALID_ENVIRONMENTS.join(', '));
+            process.exit(1);
+        }
+        if (!config.deploymentCredentials?.[envArg]) {
+            console.error(pc.red('Error:') + ` No credentials for ${pc.bold(envArg)}.`);
+            console.error('Run setup-aws-envs first to create deployment credentials:');
+            console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
+            process.exit(1);
+        }
+    }
+    return envArgs;
+}
+/**
+ * Handles GitHub errors with actionable messages
  * @param error The error to handle
- * @param env The environment being configured
  * @returns never - always exits
  */
-function handleError(error, env) {
+function handleError(error) {
     console.error('');
     if (!(error instanceof Error)) {
         console.error(pc.red('Error:') + ' Unknown error occurred');
         process.exit(1);
     }
-    // AWS AssumeRole errors
-    if (error.name === 'AccessDenied' || error.message.includes('AssumeRole')) {
-        console.error(pc.red('Error: Cannot assume role in target account'));
-        console.error('');
-        console.error('This command requires cross-account access via:');
-        console.error(`  arn:aws:iam::<${env}-account-id>:role/OrganizationAccountAccessRole`);
-        console.error('');
-        console.error('Ensure:');
-        console.error(`  1. The ${env} account was created via setup-aws-envs`);
-        console.error('  2. Your credentials are from the management account');
-        console.error('  3. OrganizationAccountAccessRole exists in target account');
-        process.exit(1);
-    }
-    // IAM user already exists
-    if (error.message.includes('already exists')) {
-        console.error(pc.red('Error:') + ` ${error.message}`);
-        console.error('');
-        console.error('To retry, delete the IAM user first:');
-        console.error('  1. Go to AWS Console > IAM > Users');
-        console.error(`  2. Find and delete the existing deployment user`);
-        console.error('  3. Run this command again');
-        process.exit(1);
-    }
-    // Access key limit exceeded
-    if (error.name === 'LimitExceeded' || error.message.includes('LimitExceeded')) {
-        console.error(pc.red('Error: Access key limit exceeded'));
-        console.error('');
-        console.error('IAM users can only have 2 active access keys.');
-        console.error('Delete an existing key before creating a new one:');
-        console.error('  AWS Console > IAM > Users > Security credentials > Access keys');
-        process.exit(1);
-    }
     // GitHub authentication errors
     if (error.message.includes('authentication failed') || error.name === 'HttpError') {
         console.error(pc.red('Error: GitHub authentication failed'));
@@ -222,7 +227,84 @@ export async function runInitializeGitHub(args) {
     // 1. Validate we're in a project directory
     const context = await requireProjectContext();
     const { config } = context;
-    const { projectName, awsRegion } = config;
+    // 2. Detect batch mode
+    const nonFlagArgs = args.filter(a => !a.startsWith('--'));
+    const isBatchMode = args.includes('--all') || nonFlagArgs.length > 1;
+    if (isBatchMode) {
+        // BATCH MODE: Configure multiple environments
+        const environments = determineBatchEnvironments(args, config);
+        // Get repository info once (try git remote, fallback to prompt)
+        let repoInfo = getGitRemoteOrigin();
+        if (!repoInfo) {
+            console.log('');
+            console.log(pc.yellow('Note:') + ' Could not detect GitHub repository from git remote.');
+            repoInfo = await promptForRepoInfo();
+        }
+        else {
+            console.log('');
+            console.log(`Detected repository: ${pc.cyan(`${repoInfo.owner}/${repoInfo.repo}`)}`);
+        }
+        // Prompt for GitHub PAT once
+        const pat = await promptForGitHubPAT();
+        // Create GitHub client once
+        const githubClient = createGitHubClient(pat);
+        // Track results for each environment
+        const results = [];
+        // Process each environment
+        for (const env of environments) {
+            const spinner = ora(`Configuring ${env} environment...`).start();
+            try {
+                const credentials = config.deploymentCredentials?.[env];
+                if (!credentials) {
+                    throw new Error(`No deployment credentials found for ${env}`);
+                }
+                const githubEnvName = GITHUB_ENV_NAMES[env];
+                spinner.text = `Configuring GitHub Environment "${githubEnvName}"...`;
+                await setEnvironmentCredentials(githubClient, repoInfo.owner, repoInfo.repo, githubEnvName, credentials.accessKeyId, credentials.secretAccessKey);
+                spinner.succeed(`Configured ${githubEnvName} environment`);
+                results.push({ env, success: true });
+            }
+            catch (error) {
+                const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+                spinner.fail(`Failed ${env}`);
+                results.push({ env, success: false, error: errorMessage });
+            }
+        }
+        // Show batch summary
+        console.log('');
+        console.log(pc.bold('Batch Configuration Summary'));
+        console.log('');
+        for (const result of results) {
+            if (result.success) {
+                console.log(`  ${pc.green('✓')} Configured ${GITHUB_ENV_NAMES[result.env]} environment`);
+            }
+            else {
+                console.log(`  ${pc.red('✗')} Failed ${result.env}: ${result.error}`);
+            }
+        }
+        const successCount = results.filter(r => r.success).length;
+        console.log('');
+        console.log(`Successfully configured ${successCount} of ${results.length} environments`);
+        if (successCount < results.length) {
+            console.log('');
+            console.log('You can retry failed environments individually:');
+            for (const result of results) {
+                if (!result.success) {
+                    console.log(`  ${pc.cyan(`npx create-aws-project initialize-github ${result.env}`)}`);
+                }
+            }
+        }
+        console.log('');
+        console.log('View secrets at:');
+        console.log(`  ${pc.cyan(`https://github.com/${repoInfo.owner}/${repoInfo.repo}/settings/environments`)}`);
+        console.log('');
+        // Exit with error code if any failed
+        if (successCount < results.length) {
+            process.exit(1);
+        }
+        return;
+    }
+    // SINGLE MODE (existing behavior, unchanged)
     // 2. Determine environment
     let env;
     if (args[0]) {
@@ -245,26 +327,17 @@ export async function runInitializeGitHub(args) {
     }
     else {
         // Interactive environment selection
-        const configuredEnvs = VALID_ENVIRONMENTS.filter((e) => config.accounts?.[e]);
+        const configuredEnvs = VALID_ENVIRONMENTS.filter((e) => config.deploymentCredentials?.[e]);
         if (configuredEnvs.length === 0) {
             console.error(pc.red('Error:') + ' No environments configured.');
             console.error('');
-            console.error('Run setup-aws-envs first to create environment accounts:');
+            console.error('Run setup-aws-envs first to create deployment credentials:');
             console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
             process.exit(1);
         }
         env = await promptForEnvironment(configuredEnvs);
     }
-    // 3. Validate account ID exists for environment
-    const accountId = config.accounts?.[env];
-    if (!accountId) {
-        console.error(pc.red('Error:') + ` No account ID for ${env}.`);
-        console.error('');
-        console.error('Run setup-aws-envs first to create environment accounts:');
-        console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
-        process.exit(1);
-    }
-    // 4. Get repository info (try git remote, fallback to prompt)
+    // 3. Get repository info (try git remote, fallback to prompt)
     let repoInfo = getGitRemoteOrigin();
     if (!repoInfo) {
         console.log('');
@@ -275,33 +348,27 @@ export async function runInitializeGitHub(args) {
         console.log('');
         console.log(`Detected repository: ${pc.cyan(`${repoInfo.owner}/${repoInfo.repo}`)}`);
     }
-    // 5. Prompt for GitHub PAT (always interactive per CONTEXT.md)
+    // 4. Prompt for GitHub PAT (always interactive per CONTEXT.md)
     const pat = await promptForGitHubPAT();
-    // 6. Execute AWS and GitHub setup
+    // 5. Execute GitHub setup
     const spinner = ora(`Initializing ${env} environment...`).start();
     try {
-        // Step 1: Create cross-account IAM client
-        spinner.text = `Assuming role in ${env} account (${accountId})...`;
-        const iamClient = createCrossAccountIAMClient(awsRegion, accountId);
-        // Step 2: Get deployment user credentials
-        // If setup-aws-envs already created the user, just create an access key.
-        // Otherwise fall back to full user creation (backward compat with older projects).
-        const existingUserName = config.deploymentUsers?.[env];
-        let userName;
-        let credentials;
-        if (existingUserName) {
-            spinner.text = `Using existing deployment user: ${existingUserName}`;
-            userName = existingUserName;
-            credentials = await createAccessKey(iamClient, userName);
-            spinner.succeed(`Created access key for ${userName}`);
-        }
-        else {
-            spinner.text = `Creating IAM deployment user...`;
-            const fullCredentials = await createDeploymentUserWithCredentials(iamClient, projectName, env, accountId);
-            userName = fullCredentials.userName;
-            credentials = fullCredentials;
+        // Step 1: Validate deployment credentials exist in config
+        const credentials = config.deploymentCredentials?.[env];
+        if (!credentials) {
+            spinner.fail(`No deployment credentials found for ${env}`);
+            console.error('');
+            // Check if user exists but credentials don't (migration case)
+            if (config.deploymentUsers?.[env]) {
+                console.error(pc.yellow('Note:') + ' Deployment user exists but credentials were not found.');
+                console.error('Your project may have been set up with an older version.');
+                console.error('');
+            }
+            console.error('Run setup-aws-envs first to create deployment credentials:');
+            console.error(`  ${pc.cyan('npx create-aws-project setup-aws-envs')}`);
+            process.exit(1);
         }
-        // Step 3: Configure GitHub
+        // Step 2: Configure GitHub environment
         const githubEnvName = GITHUB_ENV_NAMES[env];
         spinner.text = `Configuring GitHub Environment "${githubEnvName}"...`;
         const githubClient = createGitHubClient(pat);
@@ -311,20 +378,16 @@ export async function runInitializeGitHub(args) {
         console.log('');
         console.log(pc.green(`${env} environment setup complete!`));
         console.log('');
-        console.log('Resources created:');
-        console.log(`  Deployment User: ${pc.cyan(userName)}`);
+        console.log('Credentials pushed to GitHub:');
+        console.log(`  Deployment User: ${pc.cyan(credentials.userName)}`);
+        console.log(`  Access Key ID: ${pc.cyan(credentials.accessKeyId)}`);
         console.log(`  GitHub Environment: ${pc.cyan(githubEnvName)}`);
-        // Add note if using existing user from setup-aws-envs
-        if (existingUserName) {
-            console.log('');
-            console.log(pc.dim('Note: Deployment user was created by setup-aws-envs. Access key created for GitHub.'));
-        }
         console.log('');
         console.log('View secrets at:');
         console.log(`  ${pc.cyan(`https://github.com/${repoInfo.owner}/${repoInfo.repo}/settings/environments`)}`);
         console.log('');
         // Show next steps (other environments if any remain)
-        const remainingEnvs = VALID_ENVIRONMENTS.filter((e) => e !== env && config.accounts?.[e]);
+        const remainingEnvs = VALID_ENVIRONMENTS.filter((e) => e !== env && config.deploymentCredentials?.[e]);
         if (remainingEnvs.length > 0) {
             console.log(pc.bold('Next steps:'));
             console.log('');
@@ -337,13 +400,29 @@ export async function runInitializeGitHub(args) {
         else {
             console.log(pc.bold('All environments configured!'));
             console.log('');
-            console.log('Deploy your application by pushing to the main branch:');
-            console.log(`  ${pc.cyan('git push origin main')}`);
+            console.log(pc.bold('Get started:'));
             console.log('');
+            console.log(`  ${pc.cyan('npm install')}`);
+            console.log('');
+            if (config.platforms?.includes('web')) {
+                console.log(`  ${pc.gray('# Start web app')}`);
+                console.log(`  ${pc.cyan('npm run web')}`);
+                console.log('');
+            }
+            if (config.platforms?.includes('mobile')) {
+                console.log(`  ${pc.gray('# Start mobile app')}`);
+                console.log(`  ${pc.cyan('npm run mobile')}`);
+                console.log('');
+            }
+            if (config.platforms?.includes('api')) {
+                console.log(`  ${pc.gray('# Deploy API')}`);
+                console.log(`  ${pc.cyan('npm run cdk:deploy')}`);
+                console.log('');
+            }
         }
     }
     catch (error) {
         spinner.fail(`Failed to configure ${env} environment`);
-        handleError(error, env);
+        handleError(error);
     }
 }

package/dist/commands/setup-aws-envs.d.ts

@@ -9,6 +9,6 @@
  *
  * Creates AWS Organizations and environment accounts (dev, stage, prod)
  *
- * @param _args Command arguments (unused)
+ * @param args Command arguments
  */
-export declare function runSetupAwsEnvs(_args: string[]): Promise<void>;
+export declare function runSetupAwsEnvs(args: string[]): Promise<void>;