mysystem-cli 1.0.0

package/dist/index.js

@@ -0,0 +1,64 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const init_1 = require("./commands/init");
+const audit_1 = require("./commands/audit");
+const destroy_1 = require("./commands/destroy");
+const logs_1 = require("./commands/logs");
+const args = process.argv.slice(2);
+const command = args[0];
+function printHelp() {
+    console.log(`
+\x1b[1mMySystem CLI - Production Deployment for Vibecoders\x1b[0m
+
+Usage:
+  npx mysystem-cli <command> [options]
+
+Commands:
+  \x1b[36minit\x1b[0m      Initialize AWS Terraform configs, Dockerfiles, and GitHub workflows.
+  \x1b[36maudit\x1b[0m     Audit local files for production-readiness, security, and compliance.
+  \x1b[36mlogs\x1b[0m      Stream container logs from AWS CloudWatch directly to your terminal.
+  \x1b[36mdestroy\x1b[0m   Teardown all AWS infrastructure resources for this application.
+  \x1b[36mhelp\x1b[0m      Print this help menu.
+
+Examples:
+  $ npx mysystem-cli init
+  $ npx mysystem-cli audit
+  $ npx mysystem-cli logs
+  $ npx mysystem-cli destroy
+  `);
+}
+async function main() {
+    switch (command) {
+        case 'init':
+            await (0, init_1.runInit)(process.cwd());
+            break;
+        case 'audit':
+            (0, audit_1.runAudit)(process.cwd());
+            break;
+        case 'logs':
+            await (0, logs_1.runLogs)(process.cwd());
+            break;
+        case 'destroy':
+            await (0, destroy_1.runDestroy)(process.cwd());
+            break;
+        case 'help':
+        case '--help':
+        case '-h':
+            printHelp();
+            break;
+        default:
+            if (!command) {
+                printHelp();
+            }
+            else {
+                console.error(`\x1b[31mUnknown command: ${command}\x1b[0m`);
+                printHelp();
+                process.exit(1);
+            }
+    }
+}
+main().catch(err => {
+    console.error('\x1b[31mFatal error occurred:\x1b[0m', err);
+    process.exit(1);
+});

package/dist/utils/detector.d.ts

@@ -0,0 +1,8 @@
+export interface ProjectInfo {
+    type: 'nextjs' | 'react-vite' | 'node' | 'fastapi' | 'unknown';
+    port: number;
+    hasDatabase: boolean;
+    hasRedis: boolean;
+    name: string;
+}
+export declare function detectProject(projectRoot: string): ProjectInfo;

package/dist/utils/detector.js

@@ -0,0 +1,111 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.detectProject = detectProject;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+function detectProject(projectRoot) {
+    const info = {
+        type: 'unknown',
+        port: 3000,
+        hasDatabase: false,
+        hasRedis: false,
+        name: path.basename(projectRoot) || 'mysystem-app',
+    };
+    // 1. Read package.json if it exists
+    const packageJsonPath = path.join(projectRoot, 'package.json');
+    if (fs.existsSync(packageJsonPath)) {
+        try {
+            const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
+            if (packageJson.name) {
+                info.name = packageJson.name;
+            }
+            const deps = {
+                ...packageJson.dependencies,
+                ...packageJson.devDependencies,
+            };
+            // Detect database dependencies (pg, prisma, typeorm, sequelize, knex, sqlite3, mysql2)
+            const dbDeps = ['pg', 'postgres', 'prisma', 'typeorm', 'sequelize', 'knex', 'sqlite3', 'mysql2'];
+            if (Object.keys(deps).some(dep => dbDeps.includes(dep))) {
+                info.hasDatabase = true;
+            }
+            // Detect Redis dependencies
+            const redisDeps = ['redis', 'ioredis', 'bull', 'bullmq', 'handy-redis', 'keyv'];
+            if (Object.keys(deps).some(dep => redisDeps.includes(dep))) {
+                info.hasRedis = true;
+            }
+            // Framework detection
+            if (deps['next']) {
+                info.type = 'nextjs';
+                info.port = 3000;
+            }
+            else if (deps['vite'] || deps['react']) {
+                // A Vite React app (or standard React)
+                info.type = 'react-vite';
+                info.port = 80; // React SPAs get served on port 80 via Nginx in production
+            }
+            else if (deps['express'] || deps['koa'] || deps['fastify'] || deps['nest']) {
+                info.type = 'node';
+                info.port = 3000;
+            }
+            else {
+                info.type = 'node';
+                info.port = 3000;
+            }
+        }
+        catch (e) {
+            // Ignore JSON parse errors and continue
+        }
+    }
+    // 2. Read requirements.txt or main.py if Python
+    const reqTxtPath = path.join(projectRoot, 'requirements.txt');
+    const mainPyPath = path.join(projectRoot, 'main.py');
+    if (fs.existsSync(reqTxtPath) || fs.existsSync(mainPyPath)) {
+        info.type = 'fastapi';
+        info.port = 8000;
+        if (fs.existsSync(reqTxtPath)) {
+            const reqs = fs.readFileSync(reqTxtPath, 'utf8');
+            const dbTerms = ['postgresql', 'psycopg2', 'sqlalchemy', 'tortoise-orm', 'peewee', 'asyncpg'];
+            if (dbTerms.some(term => reqs.toLowerCase().includes(term))) {
+                info.hasDatabase = true;
+            }
+            const redisTerms = ['redis', 'django-redis', 'celery'];
+            if (redisTerms.some(term => reqs.toLowerCase().includes(term))) {
+                info.hasRedis = true;
+            }
+        }
+    }
+    return info;
+}

package/dist/utils/installer.d.ts

@@ -0,0 +1 @@
+export declare function ensureAwsCli(): Promise<boolean>;

package/dist/utils/installer.js

@@ -0,0 +1,122 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ensureAwsCli = ensureAwsCli;
+const child_process_1 = require("child_process");
+const readline = __importStar(require("readline/promises"));
+async function ensureAwsCli() {
+    // 1. Check if AWS CLI is already installed
+    try {
+        (0, child_process_1.execSync)('aws --version', { stdio: 'ignore' });
+        return true;
+    }
+    catch (e) {
+        // AWS CLI not installed
+    }
+    console.log('\n\x1b[33m⚠️  AWS CLI is not installed on your system.\x1b[0m');
+    console.log('The AWS CLI is required to stream container logs and manage local credentials.');
+    const rl = readline.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+    const answer = await rl.question('\nWould you like MySystem to install the AWS CLI automatically? (y/n) [y]: ');
+    rl.close();
+    if (answer.trim().toLowerCase() === 'n') {
+        return false;
+    }
+    const platform = process.platform;
+    console.log(`\n⚙️  Installing AWS CLI for \x1b[36m${platform}\x1b[0m...`);
+    try {
+        if (platform === 'win32') {
+            // Windows: Use winget (native Windows Package Manager)
+            console.log('Running winget installer...');
+            const res = (0, child_process_1.spawnSync)('winget', ['install', '--id', 'Amazon.AWSCLI', '--silent', '--accept-source-agreements', '--accept-package-agreements'], {
+                stdio: 'inherit',
+                shell: true,
+            });
+            if (res.status === 0) {
+                console.log('\x1b[32m✅ AWS CLI installed successfully! You may need to restart your terminal for changes to take effect.\x1b[0m');
+                return true;
+            }
+        }
+        else if (platform === 'darwin') {
+            // macOS: Try homebrew first
+            let hasBrew = false;
+            try {
+                (0, child_process_1.execSync)('brew --version', { stdio: 'ignore' });
+                hasBrew = true;
+            }
+            catch (e) { }
+            if (hasBrew) {
+                console.log('Running: brew install awscli...');
+                const res = (0, child_process_1.spawnSync)('brew', ['install', 'awscli'], { stdio: 'inherit' });
+                if (res.status === 0) {
+                    console.log('\x1b[32m✅ AWS CLI installed successfully via Homebrew!\x1b[0m');
+                    return true;
+                }
+            }
+            else {
+                // Fallback: Download pkg installer
+                console.log('Downloading AWS CLI macOS package...');
+                (0, child_process_1.execSync)('curl "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "/tmp/AWSCLIV2.pkg"', { stdio: 'inherit' });
+                console.log('Installing package (requires sudo privileges)...');
+                const res = (0, child_process_1.spawnSync)('sudo', ['installer', '-pkg', '/tmp/AWSCLIV2.pkg', '-target', '/'], { stdio: 'inherit' });
+                if (res.status === 0) {
+                    console.log('\x1b[32m✅ AWS CLI installed successfully!\x1b[0m');
+                    return true;
+                }
+            }
+        }
+        else if (platform === 'linux') {
+            // Linux install
+            console.log('Downloading AWS CLI Linux package...');
+            (0, child_process_1.execSync)('curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "/tmp/awscliv2.zip"', { stdio: 'inherit' });
+            (0, child_process_1.execSync)('unzip -q /tmp/awscliv2.zip -d /tmp', { stdio: 'inherit' });
+            console.log('Installing package (requires sudo privileges)...');
+            const res = (0, child_process_1.spawnSync)('sudo', ['/tmp/aws/install', '--update'], { stdio: 'inherit' });
+            if (res.status === 0) {
+                console.log('\x1b[32m✅ AWS CLI installed successfully!\x1b[0m');
+                return true;
+            }
+        }
+    }
+    catch (err) {
+        console.error(`\x1b[31mInstallation failed: ${err.message}\x1b[0m`);
+    }
+    console.log('\n\x1b[31m❌ Automatic installation failed.\x1b[0m');
+    console.log('Please install the AWS CLI manually:');
+    console.log('👉 \x1b[36mhttps://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html\x1b[0m\n');
+    return false;
+}

package/package.json

@@ -0,0 +1,34 @@
+{
+  "name": "mysystem-cli",
+  "version": "1.0.0",
+  "description": "Zero-config deployment standard and CLI for AI-generated applications on AWS Fargate",
+  "main": "dist/index.js",
+  "bin": {
+    "mysystem": "dist/index.js",
+    "mysystem-cli": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "aws",
+    "fargate",
+    "ecs",
+    "deploy",
+    "terraform",
+    "docker",
+    "cursor",
+    "ai",
+    "agents"
+  ],
+  "author": "",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "typescript": "^5.0.0"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  }
+}

package/src/commands/audit.ts

@@ -0,0 +1,176 @@
+import * as fs from 'fs';
+import * as path from 'path';
+
+interface AuditItem {
+  name: string;
+  passed: boolean;
+  type: 'error' | 'warning';
+  message: string;
+}
+
+export function runAudit(projectRoot: string) {
+  console.log('\n🔍 Auditing project for production readiness...\n');
+
+  const items: AuditItem[] = [];
+
+  // 1. Check Dockerfile
+  const dockerfilePath = path.join(projectRoot, 'Dockerfile');
+  if (!fs.existsSync(dockerfilePath)) {
+    items.push({
+      name: 'Dockerfile Exists',
+      passed: false,
+      type: 'error',
+      message: 'No Dockerfile found. Run `npx mysystem init` to generate one.',
+    });
+  } else {
+    items.push({
+      name: 'Dockerfile Exists',
+      passed: true,
+      type: 'error',
+      message: 'Dockerfile found.',
+    });
+
+    const dockerfileContent = fs.readFileSync(dockerfilePath, 'utf8');
+
+    // Check for non-root USER
+    const hasUser = dockerfileContent.includes('USER ');
+    items.push({
+      name: 'Secure Container User (Non-Root)',
+      passed: hasUser,
+      type: 'error',
+      message: hasUser
+        ? 'Dockerfile specifies a non-root USER.'
+        : 'Dockerfile executes as root. Add a USER instruction for security container hardening.',
+    });
+
+    // Check for healthcheck
+    const hasHealthcheck = dockerfileContent.includes('HEALTHCHECK ');
+    items.push({
+      name: 'Container Health Check',
+      passed: hasHealthcheck,
+      type: 'warning',
+      message: hasHealthcheck
+        ? 'Dockerfile specifies a HEALTHCHECK instruction.'
+        : 'No HEALTHCHECK found in Dockerfile. ECS needs health checks to detect failing tasks.',
+    });
+  }
+
+  // 2. Check CI/CD Workflows
+  const workflowPath = path.join(projectRoot, '.github', 'workflows', 'mysystem-deploy.yml');
+  const hasWorkflow = fs.existsSync(workflowPath);
+  items.push({
+    name: 'GitHub Actions CI/CD Pipeline',
+    passed: hasWorkflow,
+    type: 'error',
+    message: hasWorkflow
+      ? 'GitHub Actions deploy workflow configured.'
+      : 'Deployment workflow missing. Make sure `.github/workflows/mysystem-deploy.yml` exists.',
+  });
+
+  // 3. Check Terraform Infrastructure as Code
+  const terraformPath = path.join(projectRoot, 'terraform');
+  const hasTerraform = fs.existsSync(terraformPath) && fs.readdirSync(terraformPath).some(file => file.endsWith('.tf'));
+  items.push({
+    name: 'Infrastructure as Code (Terraform)',
+    passed: hasTerraform,
+    type: 'error',
+    message: hasTerraform
+      ? 'Terraform modules found in `/terraform` directory.'
+      : 'Terraform configuration files not found in `/terraform`. Run `npx mysystem init`.',
+  });
+
+  // 4. Check AGENTS.md rulebook
+  const agentsPath = path.join(projectRoot, 'AGENTS.md');
+  const hasAgents = fs.existsSync(agentsPath);
+  items.push({
+    name: 'AI Agent Guidelines (AGENTS.md)',
+    passed: hasAgents,
+    type: 'warning',
+    message: hasAgents
+      ? 'AGENTS.md rules file configured in root.'
+      : 'No AGENTS.md rules found. AI agents won\'t have constraints for production-readiness.',
+  });
+
+  // 5. Secret Scanning (Simple checks for common API Keys/Credentials)
+  let foundSecrets = false;
+  const filesToScan = scanDirForCodeFiles(projectRoot);
+  for (const file of filesToScan) {
+    // Skip node_modules, git, terraform, dist, etc.
+    const content = fs.readFileSync(file, 'utf8');
+    const hasSmdPattern = /aws_access_key_id\s*=\s*['"][A-Z0-9]{20}['"]/gi.test(content) || 
+                           /aws_secret_access_key\s*=\s*['"][A-Za-z0-9/+=]{40}['"]/gi.test(content) ||
+                           /db_password\s*=\s*['"][^'"]{6,}['"]/gi.test(content);
+    if (hasSmdPattern) {
+      foundSecrets = true;
+      console.log(`\x1b[31m⚠️ Potential secret/credential leak in file: ${path.relative(projectRoot, file)}\x1b[0m`);
+    }
+  }
+
+  items.push({
+    name: 'No Hardcoded Secrets',
+    passed: !foundSecrets,
+    type: 'error',
+    message: !foundSecrets
+      ? 'No plain-text credentials found in repository files.'
+      : 'Potential plain-text credentials detected in codebase. Clean secrets and use environment variables.',
+  });
+
+  // Output Audit Dashboard
+  console.log('----------------------------------------------------');
+  console.log('\x1b[1mAUDIT REPORT RESULTS\x1b[0m');
+  console.log('----------------------------------------------------');
+
+  let passedCount = 0;
+  let errorCount = 0;
+  let warningCount = 0;
+
+  for (const item of items) {
+    if (item.passed) {
+      console.log(` ✅ \x1b[32m[PASS]\x1b[0m \x1b[1m${item.name}\x1b[0m`);
+      console.log(`    ${item.message}`);
+      passedCount++;
+    } else {
+      const color = item.type === 'error' ? '\x1b[31m[FAIL]\x1b[0m' : '\x1b[33m[WARN]\x1b[0m';
+      console.log(` ❌ ${color} \x1b[1m${item.name}\x1b[0m`);
+      console.log(`    ${item.message}`);
+      if (item.type === 'error') errorCount++;
+      else warningCount++;
+    }
+    console.log('');
+  }
+
+  const score = Math.round((passedCount / items.length) * 100);
+
+  console.log('----------------------------------------------------');
+  console.log(`Readiness Score: \x1b[1m${score === 100 ? '\x1b[32m' : score >= 70 ? '\x1b[33m' : '\x1b[31m'}${score}%\x1b[0m`);
+  console.log(`Summary: ${passedCount} passed | ${errorCount} errors | ${warningCount} warnings`);
+  console.log('----------------------------------------------------');
+
+  if (errorCount > 0) {
+    console.log('\x1b[31m❌ Fix all errors before deploying to production.\x1b[0m\n');
+  } else if (warningCount > 0) {
+    console.log('\x1b[33m⚠️ Resolving warnings is recommended for full production readiness.\x1b[0m\n');
+  } else {
+    console.log('\x1b[32m🚀 Your application is 100% production ready! Ready to deploy to AWS.\x1b[0m\n');
+  }
+}
+
+function scanDirForCodeFiles(dir: string, fileList: string[] = []): string[] {
+  const files = fs.readdirSync(dir);
+  for (const file of files) {
+    const filePath = path.join(dir, file);
+    if (fs.statSync(filePath).isDirectory()) {
+      // Exclude build, node, git, terraform folders
+      if (['node_modules', '.git', 'terraform', 'dist', 'build', '.next', 'out'].includes(file)) {
+        continue;
+      }
+      scanDirForCodeFiles(filePath, fileList);
+    } else {
+      // Only scan code files
+      if (/\.(js|ts|tsx|jsx|json|py|env|tfvars)$/.test(file) && file !== 'package-lock.json') {
+        fileList.push(filePath);
+      }
+    }
+  }
+  return fileList;
+}

package/src/commands/destroy.ts

@@ -0,0 +1,65 @@
+import * as fs from 'fs';
+import * as path from 'path';
+import * as readline from 'readline/promises';
+import { spawn } from 'child_process';
+
+export async function runDestroy(projectRoot: string) {
+  const configPath = path.join(projectRoot, 'mysystem.json');
+  if (!fs.existsSync(configPath)) {
+    console.error('\x1b[31mError: MySystem is not initialized in this directory.\x1b[0m');
+    console.error('Run `npx mysystem init` first.');
+    process.exit(1);
+  }
+
+  const config = JSON.parse(fs.readFileSync(configPath, 'utf8'));
+
+  console.log(`\n\x1b[31m⚠️  WARNING: You are about to DESTROY all AWS infrastructure for "${config.name}".\x1b[0m`);
+  console.log('This will delete the database (RDS), cache (Redis), server (Fargate), and load balancers.');
+  console.log('\x1b[1mALL DATA WILL BE PERMANENTLY LOST.\x1b[0m\n');
+
+  const rl = readline.createInterface({
+    input: process.stdin,
+    output: process.stdout,
+  });
+
+  const confirm = await rl.question('Are you absolutely sure? Type the application name to confirm: ');
+  rl.close();
+
+  if (confirm.trim() !== config.name) {
+    console.log('\n❌ Confirmation failed. Destruction cancelled.');
+    return;
+  }
+
+  console.log('\n🔥 Initiating infrastructure destruction. Please wait...');
+
+  const tfDir = path.join(projectRoot, 'terraform');
+  if (!fs.existsSync(tfDir)) {
+    console.error('\x1b[31mError: terraform directory not found.\x1b[0m');
+    process.exit(1);
+  }
+
+  // Execute terraform destroy
+  // Set stdio: 'inherit' to stream Terraform output directly to user's terminal
+  const tf = spawn('terraform', ['destroy', '-auto-approve'], {
+    cwd: tfDir,
+    stdio: 'inherit',
+    shell: true,
+  });
+
+  tf.on('close', (code) => {
+    if (code === 0) {
+      console.log('\n\x1b[32m✅ Successfully destroyed all AWS resources for this application.\x1b[0m');
+      console.log('Your AWS billing for this project has been stopped.');
+
+      // Remove local generated files if they want, or keep configuration
+      try {
+        if (fs.existsSync(path.join(projectRoot, 'mysystem.json'))) {
+          fs.unlinkSync(path.join(projectRoot, 'mysystem.json'));
+        }
+        console.log('Deleted local mysystem.json configuration.');
+      } catch (e) {}
+    } else {
+      console.error(`\n\x1b[31m❌ Terraform destroy failed with exit code ${code}.\x1b[0m`);
+    }
+  });
+}