kubeagent 0.1.6 → 0.1.8

package/dist/auth.d.ts

@@ -10,6 +10,7 @@ export declare function loadAuth(): AuthState | null;
 export declare function saveAuth(auth: AuthState): void;
 export declare function clearAuth(): void;
 export declare function loginBrowser(serverUrl: string, appUrl: string): Promise<AuthState>;
+export declare function loginDevice(serverUrl: string, appUrl: string): Promise<AuthState>;
 export declare function createApiKey(auth: AuthState, name: string): Promise<{
     key: string;
     prefix: string;

package/dist/auth.js

@@ -126,6 +126,61 @@ export async function loginBrowser(serverUrl, appUrl) {
     saveAuth(auth);
     return auth;
 }
+// Device code flow — for headless/remote machines (RFC 8628 style):
+// 1. POST /auth/device → get device_code + user_code
+// 2. Print user_code and verification URL
+// 3. Poll POST /auth/device/token until approved, expired, or timed out
+export async function loginDevice(serverUrl, appUrl) {
+    // Step 1: request a device code
+    let initRes;
+    try {
+        initRes = await fetch(`${serverUrl}/auth/device`, {
+            method: "POST",
+            headers: { "Content-Type": "application/json", Origin: appUrl },
+        });
+    }
+    catch (err) {
+        throw new Error(`Could not reach server at ${serverUrl} — is it running?\n  (${err.message})`);
+    }
+    if (!initRes.ok) {
+        throw new Error(`Failed to start device login (${initRes.status})`);
+    }
+    const { device_code, user_code, verification_uri, interval } = await initRes.json();
+    // Step 2: show the code
+    console.log(`\n  Visit:  ${verification_uri}`);
+    console.log(`  Code:   ${user_code}\n`);
+    console.log("Waiting for authorization...");
+    // Step 3: poll
+    const pollInterval = (interval ?? 5) * 1000;
+    const deadline = Date.now() + 15 * 60 * 1000;
+    while (Date.now() < deadline) {
+        await new Promise((r) => setTimeout(r, pollInterval));
+        let pollRes;
+        try {
+            pollRes = await fetch(`${serverUrl}/auth/device/token`, {
+                method: "POST",
+                headers: { "Content-Type": "application/json" },
+                body: JSON.stringify({ device_code }),
+            });
+        }
+        catch {
+            continue; // network blip — keep polling
+        }
+        if (pollRes.status === 202)
+            continue; // still pending
+        if (!pollRes.ok) {
+            const body = await pollRes.json().catch(() => ({}));
+            if (body.error === "expired_token")
+                throw new Error("Device code expired. Run `kubeagent login` again.");
+            throw new Error(body.error ?? `Unexpected response (${pollRes.status})`);
+        }
+        const { token, email, name } = await pollRes.json();
+        const auth = { serverUrl, appUrl, token, email, name };
+        saveAuth(auth);
+        return auth;
+    }
+    throw new Error("Login timed out (15 minutes).");
+}
 export async function createApiKey(auth, name) {
     const url = `${auth.serverUrl}/keys`;
     let res;

package/dist/cli.js

@@ -18,7 +18,7 @@ import { sendResolve } from "./notify/index.js";
 import { diagnose } from "./diagnoser/index.js";
 import { buildSystemPrompt } from "./kb/loader.js";
 import { join } from "node:path";
-import { loadAuth, loginBrowser, createApiKey, showAccount, clearAuth } from "./auth.js";
+import { loadAuth, loginBrowser, loginDevice, createApiKey, showAccount, clearAuth } from "./auth.js";
 import { fetchSlackWebhook } from "./proxy-client.js";
 import { createInterface } from "node:readline";
 import { scanProjectDirectory, matchProjectsToWorkloads, bestMatches } from "./onboard/project-matcher.js";
@@ -383,12 +383,15 @@ const DEFAULT_SERVER = "https://api.kubeagent.net";
 const DEFAULT_APP_URL = "https://app.kubeagent.net";
 program
     .command("login")
-    .description("Log in to KubeAgent (opens browser)")
+    .description("Log in to KubeAgent (opens browser, or use --device for headless machines)")
     .option("-s, --server <url>", "API server URL", DEFAULT_SERVER)
     .option("--app-url <url>", "Dashboard URL (for browser login)", DEFAULT_APP_URL)
+    .option("--device", "Use device code flow (for remote/headless machines — no browser required)")
     .action(async (opts) => {
     try {
-        const auth = await loginBrowser(opts.server, opts.appUrl);
+        const auth = opts.device
+            ? await loginDevice(opts.server, opts.appUrl)
+            : await loginBrowser(opts.server, opts.appUrl);
         console.log(chalk.green(`Logged in as ${auth.email ?? auth.name ?? "unknown"}`));
         const { prefix } = await createApiKey(auth, "cli-default");
         console.log(chalk.dim(`API key created: ${prefix}...`));

package/dist/notify/setup.js

@@ -130,8 +130,9 @@ export async function setupWebhook() {
 }
 export async function setupPagerDuty() {
     console.log(chalk.bold("\n  PagerDuty Setup"));
-    console.log(chalk.dim("  Get your routing key: PagerDuty → Services → Integrations → Events API v2\n"));
-    const routing_key = await ask("Routing key");
+    console.log(chalk.dim("  Search for \"Events API v2\" (KubeAgent is a custom integration):"));
+    console.log(chalk.dim("  Services → Service Directory → [Service] → Integrations → Add another integration → Events API v2\n"));
+    const routing_key = await ask("Integration Key");
     if (!routing_key)
         return null;
     const label = await ask("Label (optional)", "e.g. prod-cluster");

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "kubeagent",
-  "version": "0.1.6",
+  "version": "0.1.8",
   "description": "AI-powered Kubernetes management CLI",
   "license": "SEE LICENSE IN LICENSE",
   "type": "module",