gitarsenal-cli 1.0.9 → 1.1.1

package/README.md

@@ -1,105 +1,74 @@
 # GitArsenal CLI
 
-A command-line tool for easily creating Modal sandboxes with GitHub repositories.
+A tool for creating and managing GPU-accelerated development environments using Modal.
 
 ## Features
 
-- Interactive prompts to configure your sandbox
-- Support for custom GPU types (A10G, A100, H100, T4, V100)
-- Persistent volume support for faster installations
-- Custom setup commands
-- Automatic repository cloning
+- Create Modal containers with GPU support
+- Clone repositories and run setup commands
+- Persistent storage with Modal volumes
+- SSH access to containers
+- API key management for various services
 
-## Installation
+## API Key Management
 
-### Prerequisites
+The CLI now supports secure storage of API keys for various services. Keys are stored in `~/.gitarsenal/keys/` with proper permissions (only readable by the current user).
 
-- Node.js 14 or higher
-- Python 3.8 or higher
-- Modal CLI (`pip install modal`)
-- Git
+### Supported Services
 
-### Global Installation
+- `openai` - OpenAI API keys for debugging and assistance
+- `wandb` - Weights & Biases API keys for experiment tracking
+- `huggingface` - Hugging Face tokens for model access
 
-```bash
-npm install -g gitarsenal-cli
-```
+### Managing API Keys
 
-### Local Installation
+#### Adding a new API key
 
 ```bash
-npm install gitarsenal-cli
-```
+# Add a key interactively (will prompt for the key)
+python test_modalSandboxScript.py keys add --service openai
 
-## Usage
-
-### Command Line Interface
+# Add a key directly (not recommended for security)
+python test_modalSandboxScript.py keys add --service wandb --key YOUR_API_KEY
+```
 
-Simply run the command:
+#### Listing saved API keys
 
 ```bash
-gitarsenal
+python test_modalSandboxScript.py keys list
 ```
 
-The CLI will guide you through the process with interactive prompts:
-
-1. Enter the GitHub repository URL
-2. Select a GPU type
-3. Choose whether to use a persistent volume
-4. Optionally provide custom setup commands
-5. Confirm your settings
+#### Viewing a specific API key (masked)
 
-### Command Line Options
-
-```
-Usage: gitarsenal [options]
-
-Options:
-  -V, --version        output the version number
-  -r, --repo <url>     GitHub repository URL
-  -g, --gpu <type>     GPU type (A10G, A100, H100, T4, V100) (default: "A10G")
-  -v, --volume <name>  Name of persistent volume
-  -y, --yes            Skip confirmation prompts
-  -h, --help           display help for command
+```bash
+python test_modalSandboxScript.py keys view --service huggingface
 ```
 
-### Example
+#### Deleting an API key
 
 ```bash
-gitarsenal --repo https://github.com/username/repo-name --gpu A10G --volume my-volume
+python test_modalSandboxScript.py keys delete --service openai
 ```
 
-## Programmatic Usage
+## Creating a Modal Container
 
-You can also use GitArsenal programmatically in your Node.js applications:
-
-```javascript
-const { runModalSandbox } = require('gitarsenal-cli');
+```bash
+# Basic container creation
+python test_modalSandboxScript.py container --gpu A10G --repo-url https://github.com/username/repo.git
 
-async function main() {
-  await runModalSandbox({
-    repoUrl: 'https://github.com/username/repo-name',
-    gpuType: 'A10G',
-    volumeName: 'my-volume',
-    setupCommands: [
-      'pip install -r requirements.txt',
-      'python setup.py install'
-    ]
-  });
-}
+# With setup commands
+python test_modalSandboxScript.py container --gpu A100 --repo-url https://github.com/username/repo.git --setup-commands "pip install -r requirements.txt" "python setup.py install"
 
-main().catch(console.error);
+# With volume for persistent storage
+python test_modalSandboxScript.py container --gpu A10G --repo-url https://github.com/username/repo.git --volume-name my-persistent-volume
 ```
 
-## How It Works
-
-GitArsenal CLI is a Node.js wrapper around a Python script that creates Modal sandboxes. The CLI:
+## Automatic API Key Usage
 
-1. Checks for required dependencies (Python, Modal, Git)
-2. Prompts for configuration options
-3. Executes the Python script with the provided options
-4. Handles errors and provides feedback
+When using commands that require API keys (like `wandb login` or `huggingface-cli login`), the system will:
 
-## License
+1. Check if a saved API key exists for the service
+2. If found, use the saved key automatically
+3. If not found, prompt for the key and offer to save it for future use
 
-MIT 
+This makes it easy to work with multiple projects that require the same API keys without having to re-enter them each time. 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gitarsenal-cli",
-  "version": "1.0.9",
+  "version": "1.1.1",
   "description": "CLI tool for creating Modal sandboxes with GitHub repositories",
   "main": "index.js",
   "bin": {

package/python/README.md

@@ -0,0 +1,97 @@
+# GitArsenal CLI
+
+GitArsenal CLI is a powerful tool for setting up and running GPU-accelerated environments in the cloud using Modal.
+
+## Installation
+
+```bash
+# Clone the repository
+git clone https://github.com/yourusername/gitarsenal-cli.git
+cd gitarsenal-cli/python
+
+# Install dependencies
+pip install -r requirements.txt
+```
+
+## Credentials Setup
+
+GitArsenal CLI requires several API keys and tokens to function properly:
+
+- **OpenAI API Key**: Used for debugging failed commands
+- **Modal Token**: Used to create cloud environments
+- **Hugging Face Token**: Used for accessing Hugging Face models
+- **Weights & Biases API Key**: Used for experiment tracking
+
+You can set up your credentials using the credentials manager:
+
+```bash
+python manage_credentials.py setup
+```
+
+This will guide you through setting up all required credentials, which will be stored securely in your home directory.
+
+### Managing Individual Credentials
+
+You can also manage individual credentials:
+
+```bash
+# Set a specific credential
+python manage_credentials.py set openai_api_key
+
+# View a credential (masked for security)
+python manage_credentials.py get modal_token
+
+# Clear a specific credential
+python manage_credentials.py clear huggingface_token
+
+# Clear all credentials
+python manage_credentials.py clear
+
+# List all saved credentials (without showing values)
+python manage_credentials.py list
+```
+
+## Usage
+
+### Creating a Modal Sandbox
+
+```bash
+python test_modalSandboxScript.py --gpu A10G --repo-url "https://github.com/username/repo.git"
+```
+
+### Options
+
+- `--gpu`: GPU type (A10G, A100, H100, T4, V100)
+- `--repo-url`: Repository URL to clone
+- `--repo-name`: Repository name override
+- `--setup-commands`: Setup commands to run
+- `--volume-name`: Name of the Modal volume for persistent storage
+
+## Security
+
+Your credentials are stored securely in `~/.gitarsenal/credentials.json` with restrictive file permissions. The file is only readable by your user account.
+
+## Troubleshooting
+
+If you encounter authentication issues:
+
+1. Check that your credentials are set up correctly:
+   ```bash
+   python manage_credentials.py list
+   ```
+
+2. If needed, clear and reset your credentials:
+   ```bash
+   python manage_credentials.py clear
+   python manage_credentials.py setup
+   ```
+
+3. Ensure Modal CLI is installed and authenticated:
+   ```bash
+   pip install modal
+   modal token new
+   ```
+
+## License
+
+[MIT License](LICENSE) 

package/python/credentials_manager.py

@@ -0,0 +1,164 @@
+import os
+import json
+import getpass
+from pathlib import Path
+
+class CredentialsManager:
+    """
+    Manages API keys and tokens for GitArsenal CLI.
+    Provides secure storage and retrieval of credentials.
+    """
+    
+    def __init__(self, config_dir=None):
+        """Initialize the credentials manager with optional custom config directory"""
+        if config_dir:
+            self.config_dir = Path(config_dir)
+        else:
+            self.config_dir = Path.home() / ".gitarsenal"
+            
+        self.credentials_file = self.config_dir / "credentials.json"
+        self.ensure_config_dir()
+    
+    def ensure_config_dir(self):
+        """Ensure the configuration directory exists"""
+        if not self.config_dir.exists():
+            self.config_dir.mkdir(parents=True)
+            # Set restrictive permissions on Unix-like systems
+            if os.name == 'posix':
+                self.config_dir.chmod(0o700)  # Only owner can read/write/execute
+    
+    def load_credentials(self):
+        """Load credentials from the credentials file"""
+        if not self.credentials_file.exists():
+            return {}
+            
+        try:
+            with open(self.credentials_file, 'r') as f:
+                return json.load(f)
+        except (json.JSONDecodeError, IOError):
+            print("⚠️ Error reading credentials file. Using empty credentials.")
+            return {}
+    
+    def save_credentials(self, credentials):
+        """Save credentials to the credentials file"""
+        try:
+            with open(self.credentials_file, 'w') as f:
+                json.dump(credentials, f)
+                
+            # Set restrictive permissions on Unix-like systems
+            if os.name == 'posix':
+                self.credentials_file.chmod(0o600)  # Only owner can read/write
+                
+            return True
+        except IOError as e:
+            print(f"❌ Error saving credentials: {e}")
+            return False
+    
+    def get_credential(self, key, prompt=None, is_password=False, validate_func=None):
+        """
+        Get a credential by key. If not found, prompt the user.
+        
+        Args:
+            key: The credential key
+            prompt: Custom prompt message
+            is_password: Whether to mask input
+            validate_func: Optional function to validate the credential
+            
+        Returns:
+            The credential value
+        """
+        credentials = self.load_credentials()
+        
+        # Check if credential exists and is valid
+        if key in credentials:
+            value = credentials[key]
+            if not validate_func or validate_func(value):
+                return value
+        
+        # Credential not found or invalid, prompt user
+        if not prompt:
+            prompt = f"Please enter your {key}:"
+            
+        print("\n" + "="*60)
+        print(f"🔑 {key.upper()} REQUIRED")
+        print("="*60)
+        print(prompt)
+        print("-" * 60)
+        
+        try:
+            if is_password:
+                value = getpass.getpass("Input (hidden): ").strip()
+            else:
+                value = input("Input: ").strip()
+                
+            if not value:
+                print("❌ No input provided.")
+                return None
+                
+            # Validate if function provided
+            if validate_func and not validate_func(value):
+                print("❌ Invalid input.")
+                return None
+                
+            # Save the credential
+            credentials[key] = value
+            self.save_credentials(credentials)
+            
+            print("✅ Input received and saved successfully!")
+            return value
+            
+        except KeyboardInterrupt:
+            print("\n❌ Input cancelled by user.")
+            return None
+        except Exception as e:
+            print(f"❌ Error getting input: {e}")
+            return None
+    
+    def get_openai_api_key(self):
+        """Get OpenAI API key with validation"""
+        def validate_openai_key(key):
+            # Basic validation - OpenAI keys usually start with "sk-" and are 51 chars
+            return key.startswith("sk-") and len(key) > 40
+            
+        prompt = "To debug failed commands, an OpenAI API key is needed.\nYou can get your API key from: https://platform.openai.com/api-keys"
+        return self.get_credential("openai_api_key", prompt, is_password=True, validate_func=validate_openai_key)
+    
+    def get_modal_token(self):
+        """Get Modal token with basic validation"""
+        def validate_modal_token(token):
+            # Modal tokens are typically non-empty strings
+            return bool(token) and len(token) > 10
+            
+        prompt = "A Modal token is required to create cloud environments.\nYou can get your token by running 'modal token new' in your terminal."
+        return self.get_credential("modal_token", prompt, is_password=True, validate_func=validate_modal_token)
+    
+    def get_huggingface_token(self):
+        """Get Hugging Face token with basic validation"""
+        def validate_hf_token(token):
+            # HF tokens are typically non-empty strings
+            return bool(token) and len(token) > 8
+            
+        prompt = "A Hugging Face token is required.\nYou can get your token from: https://huggingface.co/settings/tokens"
+        return self.get_credential("huggingface_token", prompt, is_password=True, validate_func=validate_hf_token)
+    
+    def get_wandb_api_key(self):
+        """Get Weights & Biases API key with validation"""
+        def validate_wandb_key(key):
+            # W&B API keys are typically 40 characters
+            return len(key) == 40
+            
+        prompt = "A Weights & Biases API key is required.\nYou can get your API key from: https://wandb.ai/authorize"
+        return self.get_credential("wandb_api_key", prompt, is_password=True, validate_func=validate_wandb_key)
+    
+    def clear_credential(self, key):
+        """Remove a specific credential"""
+        credentials = self.load_credentials()
+        if key in credentials:
+            del credentials[key]
+            self.save_credentials(credentials)
+            return True
+        return False
+    
+    def clear_all_credentials(self):
+        """Clear all saved credentials"""
+        return self.save_credentials({}) 

package/python/gitarsenal.py

@@ -0,0 +1,146 @@
+#!/usr/bin/env python3
+"""
+GitArsenal CLI - Main entry point
+
+This script provides a user-friendly interface to the GitArsenal CLI tools.
+"""
+
+import argparse
+import sys
+import os
+import subprocess
+
+def main():
+    parser = argparse.ArgumentParser(description="GitArsenal CLI - GPU-accelerated cloud environments")
+    subparsers = parser.add_subparsers(dest="command", help="Command to run")
+    
+    # Credentials command
+    cred_parser = subparsers.add_parser("credentials", help="Manage credentials")
+    cred_subparsers = cred_parser.add_subparsers(dest="cred_command", help="Credentials command")
+    
+    # Credentials setup command
+    cred_setup_parser = cred_subparsers.add_parser("setup", help="Set up all credentials")
+    
+    # Credentials set command
+    cred_set_parser = cred_subparsers.add_parser("set", help="Set a specific credential")
+    cred_set_parser.add_argument("key", choices=["openai_api_key", "modal_token", "huggingface_token", "wandb_api_key"], 
+                               help="The credential to set")
+    
+    # Credentials get command
+    cred_get_parser = cred_subparsers.add_parser("get", help="Get a specific credential")
+    cred_get_parser.add_argument("key", choices=["openai_api_key", "modal_token", "huggingface_token", "wandb_api_key"], 
+                               help="The credential to get")
+    
+    # Credentials clear command
+    cred_clear_parser = cred_subparsers.add_parser("clear", help="Clear credentials")
+    cred_clear_parser.add_argument("key", nargs="?", choices=["openai_api_key", "modal_token", "huggingface_token", "wandb_api_key", "all"], 
+                                 default="all", help="The credential to clear (default: all)")
+    
+    # Credentials list command
+    cred_list_parser = cred_subparsers.add_parser("list", help="List all saved credentials")
+    
+    # Sandbox command
+    sandbox_parser = subparsers.add_parser("sandbox", help="Create a Modal sandbox")
+    sandbox_parser.add_argument("--gpu", type=str, default="A10G", choices=["A10G", "A100", "H100", "T4", "V100"],
+                              help="GPU type (default: A10G)")
+    sandbox_parser.add_argument("--repo-url", type=str, help="Repository URL to clone")
+    sandbox_parser.add_argument("--repo-name", type=str, help="Repository name override")
+    sandbox_parser.add_argument("--setup-commands", type=str, nargs="+", help="Setup commands to run")
+    sandbox_parser.add_argument("--volume-name", type=str, help="Name of the Modal volume for persistent storage")
+    
+    # SSH container command
+    ssh_parser = subparsers.add_parser("ssh", help="Create a Modal SSH container")
+    ssh_parser.add_argument("--gpu", type=str, default="A10G", choices=["A10G", "A100", "H100", "T4", "V100"],
+                          help="GPU type (default: A10G)")
+    ssh_parser.add_argument("--repo-url", type=str, help="Repository URL to clone")
+    ssh_parser.add_argument("--repo-name", type=str, help="Repository name override")
+    ssh_parser.add_argument("--setup-commands", type=str, nargs="+", help="Setup commands to run")
+    ssh_parser.add_argument("--volume-name", type=str, help="Name of the Modal volume for persistent storage")
+    ssh_parser.add_argument("--timeout", type=int, default=60, help="Container timeout in minutes (default: 60)")
+    
+    args = parser.parse_args()
+    
+    # If no command is provided, show help
+    if not args.command:
+        parser.print_help()
+        return 1
+    
+    # Handle credentials commands
+    if args.command == "credentials":
+        cred_args = []
+        
+        if not args.cred_command:
+            cred_parser.print_help()
+            return 1
+            
+        cred_args.append(args.cred_command)
+        
+        if args.cred_command == "set" or args.cred_command == "get":
+            cred_args.append(args.key)
+        elif args.cred_command == "clear" and args.key != "all":
+            cred_args.append(args.key)
+            
+        return run_script("manage_credentials.py", cred_args)
+    
+    # Handle sandbox command
+    elif args.command == "sandbox":
+        sandbox_args = []
+        
+        if args.gpu:
+            sandbox_args.extend(["--gpu", args.gpu])
+        if args.repo_url:
+            sandbox_args.extend(["--repo-url", args.repo_url])
+        if args.repo_name:
+            sandbox_args.extend(["--repo-name", args.repo_name])
+        if args.setup_commands:
+            sandbox_args.extend(["--setup-commands"] + args.setup_commands)
+        if args.volume_name:
+            sandbox_args.extend(["--volume-name", args.volume_name])
+            
+        return run_script("test_modalSandboxScript.py", sandbox_args)
+    
+    # Handle SSH container command
+    elif args.command == "ssh":
+        ssh_args = []
+        
+        if args.gpu:
+            ssh_args.extend(["--gpu", args.gpu])
+        if args.repo_url:
+            ssh_args.extend(["--repo-url", args.repo_url])
+        if args.repo_name:
+            ssh_args.extend(["--repo-name", args.repo_name])
+        if args.setup_commands:
+            ssh_args.extend(["--setup-commands"] + args.setup_commands)
+        if args.volume_name:
+            ssh_args.extend(["--volume-name", args.volume_name])
+        if args.timeout:
+            ssh_args.extend(["--timeout", str(args.timeout)])
+            
+        # Use test_modalSandboxScript.py with SSH mode
+        ssh_args.extend(["--ssh"])
+        return run_script("test_modalSandboxScript.py", ssh_args)
+    
+    return 0
+
+def run_script(script_name, args):
+    """Run a Python script with the given arguments"""
+    # Get the directory of the current script
+    script_dir = os.path.dirname(os.path.abspath(__file__))
+    script_path = os.path.join(script_dir, script_name)
+    
+    # Build the command
+    cmd = [sys.executable, script_path] + args
+    
+    try:
+        # Run the command
+        result = subprocess.run(cmd)
+        return result.returncode
+    except KeyboardInterrupt:
+        print("\n⚠️ Command interrupted by user")
+        return 130
+    except Exception as e:
+        print(f"❌ Error running {script_name}: {e}")
+        return 1
+
+if __name__ == "__main__":
+    sys.exit(main()) 

package/python/manage_credentials.py

@@ -0,0 +1,119 @@
+#!/usr/bin/env python3
+"""
+GitArsenal Credentials Manager CLI
+
+This script allows users to manage their API keys and tokens for GitArsenal CLI.
+"""
+
+import argparse
+import sys
+from credentials_manager import CredentialsManager
+
+def main():
+    parser = argparse.ArgumentParser(description="Manage credentials for GitArsenal CLI")
+    subparsers = parser.add_subparsers(dest="command", help="Command to run")
+    
+    # Setup command
+    setup_parser = subparsers.add_parser("setup", help="Set up all credentials")
+    
+    # Set command
+    set_parser = subparsers.add_parser("set", help="Set a specific credential")
+    set_parser.add_argument("key", choices=["openai_api_key", "modal_token", "huggingface_token", "wandb_api_key"], 
+                          help="The credential to set")
+    
+    # Get command
+    get_parser = subparsers.add_parser("get", help="Get a specific credential")
+    get_parser.add_argument("key", choices=["openai_api_key", "modal_token", "huggingface_token", "wandb_api_key"], 
+                          help="The credential to get")
+    
+    # Clear command
+    clear_parser = subparsers.add_parser("clear", help="Clear credentials")
+    clear_parser.add_argument("key", nargs="?", choices=["openai_api_key", "modal_token", "huggingface_token", "wandb_api_key", "all"], 
+                            default="all", help="The credential to clear (default: all)")
+    
+    # List command
+    list_parser = subparsers.add_parser("list", help="List all saved credentials (shows only existence, not values)")
+    
+    args = parser.parse_args()
+    
+    # Create credentials manager
+    credentials_manager = CredentialsManager()
+    
+    if args.command == "setup":
+        print("📋 Setting up all credentials for GitArsenal CLI")
+        print("You'll be prompted for each credential. Press Ctrl+C to skip any credential.")
+        
+        try:
+            # OpenAI API key
+            print("\n🔑 Setting up OpenAI API key")
+            credentials_manager.get_openai_api_key()
+            
+            # Modal token
+            print("\n🔑 Setting up Modal token")
+            credentials_manager.get_modal_token()
+            
+            # Hugging Face token
+            print("\n🔑 Setting up Hugging Face token")
+            credentials_manager.get_huggingface_token()
+            
+            # Weights & Biases API key
+            print("\n🔑 Setting up Weights & Biases API key")
+            credentials_manager.get_wandb_api_key()
+            
+            print("\n✅ Credentials setup complete!")
+            
+        except KeyboardInterrupt:
+            print("\n\n⚠️ Setup interrupted. Some credentials may not have been set.")
+            return 1
+    
+    elif args.command == "set":
+        print(f"🔑 Setting {args.key}")
+        if args.key == "openai_api_key":
+            credentials_manager.get_openai_api_key()
+        elif args.key == "modal_token":
+            credentials_manager.get_modal_token()
+        elif args.key == "huggingface_token":
+            credentials_manager.get_huggingface_token()
+        elif args.key == "wandb_api_key":
+            credentials_manager.get_wandb_api_key()
+    
+    elif args.command == "get":
+        credentials = credentials_manager.load_credentials()
+        if args.key in credentials:
+            # Show only first and last few characters for security
+            value = credentials[args.key]
+            masked_value = value[:4] + "*" * (len(value) - 8) + value[-4:] if len(value) > 8 else "****"
+            print(f"{args.key}: {masked_value}")
+        else:
+            print(f"❌ {args.key} not found in saved credentials")
+            return 1
+    
+    elif args.command == "clear":
+        if args.key == "all":
+            credentials_manager.clear_all_credentials()
+            print("✅ All credentials cleared")
+        else:
+            if credentials_manager.clear_credential(args.key):
+                print(f"✅ {args.key} cleared")
+            else:
+                print(f"❌ {args.key} not found in saved credentials")
+                return 1
+    
+    elif args.command == "list":
+        credentials = credentials_manager.load_credentials()
+        if not credentials:
+            print("No credentials saved")
+            return 0
+            
+        print("📋 Saved credentials:")
+        for key in credentials:
+            print(f"- {key}: {'*' * 8}")
+    
+    else:
+        parser.print_help()
+        return 1
+    
+    return 0
+
+if __name__ == "__main__":
+    sys.exit(main()) 

package/python/test_modalSandboxScript.py

@@ -56,13 +56,25 @@ def handle_wandb_login(sandbox, current_dir):
     print("Setting up Weights & Biases credentials")
     print("You can get your API key from: https://wandb.ai/authorize")
     
-    # Get API key from user
-    api_key = handle_interactive_input(
-        "🔑 WEIGHTS & BIASES API KEY REQUIRED\n" +
-        "Please paste your W&B API key below:\n" +
-        "(Your API key should be 40 characters long)",
-        is_password=True
-    )
+    # Try to use credentials manager first
+    api_key = None
+    try:
+        from credentials_manager import CredentialsManager
+        credentials_manager = CredentialsManager()
+        api_key = credentials_manager.get_wandb_api_key()
+    except ImportError:
+        # Fall back to direct input if credentials_manager is not available
+        pass
+    
+    # If credentials manager didn't provide a key, use direct input
+    if not api_key:
+        # Get API key from user
+        api_key = handle_interactive_input(
+            "🔑 WEIGHTS & BIASES API KEY REQUIRED\n" +
+            "Please paste your W&B API key below:\n" +
+            "(Your API key should be 40 characters long)",
+            is_password=True
+        )
     
     if not api_key:
         print("❌ No API key provided. Cannot continue with W&B login.")
@@ -226,26 +238,36 @@ def call_openai_for_debug(command, error_output, api_key=None, current_dir=None,
         api_key = os.environ.get("OPENAI_API_KEY")
         
     if not api_key:
-        print("\n" + "="*60)
-        print("🔑 OPENAI API KEY REQUIRED FOR DEBUGGING")
-        print("="*60)
-        print("To debug failed commands, an OpenAI API key is needed.")
-        print("📝 Please paste your OpenAI API key below:")
-        print("   (Your input will be hidden for security)")
-        print("-" * 60)
-        
+        # Use the CredentialsManager to get the API key
         try:
-            api_key = getpass.getpass("OpenAI API Key: ").strip()
+            from credentials_manager import CredentialsManager
+            credentials_manager = CredentialsManager()
+            api_key = credentials_manager.get_openai_api_key()
             if not api_key:
                 print("❌ No API key provided. Skipping debugging.")
                 return None
-            print("✅ API key received successfully!")
-        except KeyboardInterrupt:
-            print("\n❌ API key input cancelled by user.")
-            return None
-        except Exception as e:
-            print(f"❌ Error getting API key: {e}")
-            return None
+        except ImportError:
+            # Fall back to direct input if credentials_manager module is not available
+            print("\n" + "="*60)
+            print("🔑 OPENAI API KEY REQUIRED FOR DEBUGGING")
+            print("="*60)
+            print("To debug failed commands, an OpenAI API key is needed.")
+            print("📝 Please paste your OpenAI API key below:")
+            print("   (Your input will be hidden for security)")
+            print("-" * 60)
+            
+            try:
+                api_key = getpass.getpass("OpenAI API Key: ").strip()
+                if not api_key:
+                    print("❌ No API key provided. Skipping debugging.")
+                    return None
+                print("✅ API key received successfully!")
+            except KeyboardInterrupt:
+                print("\n❌ API key input cancelled by user.")
+                return None
+            except Exception as e:
+                print(f"❌ Error getting API key: {e}")
+                return None
     
     # Get current directory context
     directory_context = ""
@@ -410,6 +432,18 @@ Do not provide any explanations, just the exact command to run.
 
 def prompt_for_hf_token():
     """Prompt user for Hugging Face token when needed"""
+    # Try to use credentials manager first
+    try:
+        from credentials_manager import CredentialsManager
+        credentials_manager = CredentialsManager()
+        token = credentials_manager.get_huggingface_token()
+        if token:
+            return token
+    except ImportError:
+        # Fall back to direct input if credentials_manager is not available
+        pass
+    
+    # Traditional direct input method as fallback
     print("\n" + "="*60)
     print("🔑 HUGGING FACE TOKEN REQUIRED")
     print("="*60)
@@ -434,6 +468,50 @@ def prompt_for_hf_token():
         return None
 
 def create_modal_sandbox(gpu_type, repo_url=None, repo_name=None, setup_commands=None, volume_name=None):
+    # Import the credentials manager if available
+    try:
+        from credentials_manager import CredentialsManager
+        credentials_manager = CredentialsManager()
+    except ImportError:
+        credentials_manager = None
+        print("⚠️ Credentials manager not found, will use environment variables or prompt for credentials")
+    
+    # Check if Modal is authenticated
+    try:
+        # Try to list apps to check if authentication is working
+        import subprocess
+        result = subprocess.run(["modal", "app", "list"], capture_output=True, text=True)
+        if result.returncode != 0 and "not authenticated" in result.stderr:
+            print("🔑 Modal authentication required")
+            
+            # Try to use credentials manager first
+            if credentials_manager:
+                modal_token = credentials_manager.get_modal_token()
+                if modal_token:
+                    # Set the token in the environment
+                    os.environ["MODAL_TOKEN_ID"] = modal_token
+                    print("✅ Modal token set from credentials manager")
+                    
+                    # Try to authenticate with the token
+                    try:
+                        token_result = subprocess.run(["modal", "token", "set", modal_token], 
+                                                    capture_output=True, text=True)
+                        if token_result.returncode == 0:
+                            print("✅ Successfully authenticated with Modal")
+                        else:
+                            print(f"⚠️ Failed to authenticate with Modal: {token_result.stderr}")
+                            print("Please run 'modal token new' manually and try again")
+                            return None
+                    except Exception as e:
+                        print(f"⚠️ Error setting Modal token: {e}")
+                        return None
+            else:
+                print("⚠️ Modal is not authenticated. Please run 'modal token new' first")
+                return None
+    except Exception as e:
+        print(f"⚠️ Error checking Modal authentication: {e}")
+        print("Continuing anyway, but Modal operations may fail")
+    
     # Execution history for tracking all commands and their results in this session
     execution_history = []
     
@@ -1853,7 +1931,7 @@ ssh_app = modal.App("ssh-container-app")
             "python3", "python3-pip", "build-essential", "tmux", "screen", "nano",
             "gpg", "ca-certificates", "software-properties-common"
         )
-        .pip_install("uv")
+        .pip_install("uv", "modal")  # Fast Python package installer and Modal
         .run_commands(
             # Create SSH directory
             "mkdir -p /var/run/sshd",
@@ -1872,6 +1950,9 @@ ssh_app = modal.App("ssh-container-app")
             # Generate SSH host keys
             "ssh-keygen -A",
             
+            # Install Modal CLI
+            "pip install modal",
+            
             # Set up a nice bash prompt
             "echo 'export PS1=\"\\[\\e[1;32m\\]modal:\\[\\e[1;34m\\]\\w\\[\\e[0m\\]$ \"' >> /root/.bashrc",
         ),
@@ -1998,7 +2079,7 @@ def create_modal_ssh_container(gpu_type, repo_url=None, repo_name=None, setup_co
             print(f"⚠️ Could not create default volume: {e}")
             print("⚠️ Continuing without persistent volume")
             volume = None
-    
+
     # Create SSH-enabled image
     ssh_image = (
         modal.Image.debian_slim()
@@ -2007,7 +2088,7 @@ def create_modal_ssh_container(gpu_type, repo_url=None, repo_name=None, setup_co
             "python3", "python3-pip", "build-essential", "tmux", "screen", "nano",
             "gpg", "ca-certificates", "software-properties-common"
         )
-        .pip_install("uv")  # Fast Python package installer
+        .pip_install("uv", "modal")  # Fast Python package installer and Modal
         .run_commands(
             # Create SSH directory
             "mkdir -p /var/run/sshd",
@@ -2026,11 +2107,14 @@ def create_modal_ssh_container(gpu_type, repo_url=None, repo_name=None, setup_co
             # Generate SSH host keys
             "ssh-keygen -A",
             
+            # Install Modal CLI
+            "pip install modal",
+            
             # Set up a nice bash prompt
             "echo 'export PS1=\"\\[\\e[1;32m\\]modal:\\[\\e[1;34m\\]\\w\\[\\e[0m\\]$ \"' >> /root/.bashrc",
         )
     )
-    
+
     # Create the Modal app
     app = modal.App(app_name)
     
@@ -2564,7 +2648,7 @@ def create_ssh_container_function(gpu_type="a10g", timeout_minutes=60, volume=No
             "python3", "python3-pip", "build-essential", "tmux", "screen", "nano",
             "gpg", "ca-certificates", "software-properties-common"
         )
-        .pip_install("uv")
+        .pip_install("uv", "modal")  # Fast Python package installer and Modal
         .run_commands(
             # Create SSH directory
             "mkdir -p /var/run/sshd",