nexusapp-cli 2.1.1 → 3.0.0

package/dist/index.js

@@ -10,6 +10,10 @@ const domain_js_1 = require("./commands/domain.js");
 const token_js_1 = require("./commands/token.js");
 const member_js_1 = require("./commands/member.js");
 const database_js_1 = require("./commands/database.js");
+const volume_js_1 = require("./commands/volume.js");
+const bucket_js_1 = require("./commands/bucket.js");
+const managedDb_js_1 = require("./commands/managedDb.js");
+const exec_js_1 = require("./commands/exec.js");
 const program = new commander_1.Command();
 program
     .name('nexus')
@@ -23,6 +27,10 @@ program
 (0, token_js_1.registerToken)(program);
 (0, member_js_1.registerMember)(program);
 (0, database_js_1.registerDatabase)(program);
+(0, volume_js_1.registerVolume)(program);
+(0, bucket_js_1.registerBucket)(program);
+(0, managedDb_js_1.registerManagedDb)(program);
+(0, exec_js_1.registerExec)(program);
 program.parseAsync(process.argv).catch((err) => {
     console.error(err.message || String(err));
     process.exit(1);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexusapp-cli",
-  "version": "2.1.1",
+  "version": "3.0.0",
   "description": "NEXUS AI command-line interface",
   "main": "dist/index.js",
   "bin": {
@@ -11,7 +11,12 @@
     "dev": "ts-node src/index.ts",
     "prepublishOnly": "npm run build"
   },
-  "keywords": ["nexusai", "cli", "deployments", "cloud"],
+  "keywords": [
+    "nexusai",
+    "cli",
+    "deployments",
+    "cloud"
+  ],
   "license": "MIT",
   "dependencies": {
     "axios": "^1.6.0",
@@ -19,6 +24,7 @@
     "cli-table3": "^0.6.3",
     "commander": "^12.0.0",
     "inquirer": "^9.2.0",
+    "nexusapp-cli": "^2.1.1",
     "ora": "^8.0.0"
   },
   "devDependencies": {

package/src/commands/bucket.ts

@@ -0,0 +1,261 @@
+import { Command } from 'commander';
+import inquirer from 'inquirer';
+import * as fs from 'fs';
+import * as path from 'path';
+import { client, apiError, unwrap } from '../client.js';
+import { printTable, printJson, success, errorMsg, timeAgo } from '../output.js';
+
+function formatBytes(bytes: number | bigint): string {
+  const n = typeof bytes === 'bigint' ? Number(bytes) : bytes;
+  if (n < 1024) return `${n} B`;
+  if (n < 1024 * 1024) return `${(n / 1024).toFixed(1)} KB`;
+  if (n < 1024 * 1024 * 1024) return `${(n / (1024 * 1024)).toFixed(1)} MB`;
+  return `${(n / (1024 * 1024 * 1024)).toFixed(2)} GB`;
+}
+
+export function registerBucket(program: Command): void {
+  const bk = program
+    .command('bucket')
+    .description('Object storage buckets (S3-compatible MinIO buckets)');
+
+  bk
+    .command('list')
+    .description('List buckets')
+    .option('--json', 'Output raw JSON')
+    .action(async (opts) => {
+      try {
+        const res = await client.get('/api/buckets');
+        const buckets: any[] = unwrap(res.data) || [];
+        if (opts.json) { printJson(buckets); return; }
+        if (!buckets.length) { console.log('No buckets found.'); return; }
+
+        printTable(
+          ['ID', 'NAME', 'SIZE', 'OBJECTS', 'ATTACHED TO', 'CREATED'],
+          buckets.map((b: any) => [
+            b.id,
+            b.displayName ? `${b.name} (${b.displayName})` : b.name,
+            formatBytes(b.sizeBytes),
+            String(b.objectCount),
+            b.attachments?.length ? b.attachments.map((a: any) => a.deploymentName).join(', ') : '—',
+            b.createdAt ? timeAgo(b.createdAt) : '—',
+          ])
+        );
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('create <name>')
+    .description('Create a new bucket (org-scoped)')
+    .option('--display-name <name>', 'Friendly display name')
+    .option('--region <region>', 'Region', 'us-east-1')
+    .option('--json', 'Output raw JSON')
+    .action(async (name, opts) => {
+      try {
+        const res = await client.post('/api/buckets', {
+          name,
+          displayName: opts.displayName,
+          region: opts.region,
+        });
+        const b = unwrap(res.data);
+        if (opts.json) { printJson(b); return; }
+        success(`Bucket created: ${b.id}  (${b.name})`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('delete <id>')
+    .description('Delete a bucket (must be detached first; deletes all objects)')
+    .option('--yes', 'Skip confirmation prompt')
+    .action(async (id, opts) => {
+      if (!opts.yes) {
+        const { confirm } = await inquirer.prompt([
+          { type: 'confirm', name: 'confirm', message: `Delete bucket "${id}" and ALL its objects?`, default: false },
+        ]);
+        if (!confirm) { console.log('Cancelled.'); return; }
+      }
+      try {
+        await client.delete(`/api/buckets/${id}`);
+        success(`Bucket ${id} deleted.`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('attach <id> <deployment-id>')
+    .description('Attach a bucket to a deployment (injects S3_* env vars on next deploy)')
+    .action(async (id, deploymentId) => {
+      try {
+        await client.post(`/api/buckets/${id}/attach`, { deploymentId });
+        success(`Attached bucket ${id} to deployment ${deploymentId}.`);
+        console.log("  Run 'nexus deploy redeploy <id>' for env vars to take effect.");
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('detach <id> <deployment-id>')
+    .description('Detach a bucket from a deployment')
+    .action(async (id, deploymentId) => {
+      try {
+        await client.post(`/api/buckets/${id}/detach`, { deploymentId });
+        success(`Bucket ${id} detached from ${deploymentId}.`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('credentials <id>')
+    .description('Reveal the S3-compatible credentials for an external client (audit-logged)')
+    .option('--json', 'Output raw JSON')
+    .action(async (id, opts) => {
+      try {
+        const res = await client.get(`/api/buckets/${id}/credentials`);
+        const c = unwrap(res.data);
+        if (opts.json) { printJson(c); return; }
+        console.log(`Endpoint:    ${c.endpoint}`);
+        console.log(`Region:      ${c.region}`);
+        console.log(`Bucket:      ${c.bucket}`);
+        console.log(`Access key:  ${c.accessKey}`);
+        console.log(`Secret key:  ${c.secretKey}`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('rotate-credentials <id>')
+    .description('Rotate the per-bucket S3 access key (use to migrate legacy buckets to scoped IAM)')
+    .option('--yes', 'Skip confirmation prompt')
+    .action(async (id, opts) => {
+      if (!opts.yes) {
+        const { confirm } = await inquirer.prompt([
+          {
+            type: 'confirm',
+            name: 'confirm',
+            message: 'Rotate credentials? Attached deployments must be redeployed to pick up new S3_* env vars.',
+            default: false,
+          },
+        ]);
+        if (!confirm) { console.log('Cancelled.'); return; }
+      }
+      try {
+        await client.post(`/api/buckets/${id}/rotate-credentials`);
+        success(`Credentials rotated. Redeploy any attached deployments.`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('refresh-usage <id>')
+    .description('Refresh size and object count for a bucket')
+    .option('--json', 'Output raw JSON')
+    .action(async (id, opts) => {
+      try {
+        const res = await client.post(`/api/buckets/${id}/refresh-usage`);
+        const b = unwrap(res.data);
+        if (opts.json) { printJson(b); return; }
+        success(`${b.name}: ${formatBytes(b.sizeBytes)} across ${b.objectCount} object(s)`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  // ---- file ops ------------------------------------------------------------
+
+  bk
+    .command('files <id>')
+    .description('List files in a bucket')
+    .option('--prefix <prefix>', 'Filter by key prefix')
+    .option('--limit <n>', 'Max keys to return (default 1000)', '1000')
+    .option('--json', 'Output raw JSON')
+    .action(async (id, opts) => {
+      try {
+        const params: Record<string, string> = { limit: opts.limit };
+        if (opts.prefix) params.prefix = opts.prefix;
+        const res = await client.get(`/api/buckets/${id}/files`, { params });
+        const data = unwrap(res.data);
+        if (opts.json) { printJson(data); return; }
+        if (!data.objects?.length) { console.log('Empty.'); return; }
+        printTable(
+          ['KEY', 'SIZE', 'MODIFIED'],
+          data.objects.map((o: any) => [
+            o.key,
+            formatBytes(o.sizeBytes),
+            o.lastModified ? timeAgo(o.lastModified) : '—',
+          ])
+        );
+        if (data.truncated) console.log(`(truncated — pass --limit to see more)`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('upload <id> <local-file>')
+    .description('Upload a local file into the bucket')
+    .option('--key <key>', 'Object key (default: filename of local file)')
+    .action(async (id, localFile, opts) => {
+      try {
+        if (!fs.existsSync(localFile)) {
+          errorMsg(`File not found: ${localFile}`);
+          process.exit(1);
+        }
+        const key = opts.key || path.basename(localFile);
+        const stat = fs.statSync(localFile);
+        const stream = fs.createReadStream(localFile);
+        await client.put(
+          `/api/buckets/${id}/files/${encodeURIComponent(key)}`,
+          stream,
+          { headers: { 'Content-Type': 'application/octet-stream', 'Content-Length': String(stat.size) } }
+        );
+        success(`Uploaded ${formatBytes(stat.size)} → ${key}`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('download <id> <key>')
+    .description('Download a file from the bucket')
+    .option('--out <path>', 'Local output path (default: key basename)')
+    .option('--share', 'Print a short-lived signed URL instead of downloading')
+    .option('--ttl <seconds>', 'Lifetime for --share URL in seconds (30-3600, default 300)', '300')
+    .option('--json', 'Output raw JSON (only with --share)')
+    .action(async (id, key, opts) => {
+      try {
+        if (opts.share) {
+          const res = await client.post(
+            `/api/buckets/${id}/files/${encodeURIComponent(key)}/download-url`,
+            { ttlSeconds: parseInt(opts.ttl, 10) || 300 }
+          );
+          const data = unwrap(res.data);
+          if (opts.json) { printJson(data); return; }
+          console.log(`URL:        ${data.url}`);
+          console.log(`Key:        ${data.key}`);
+          console.log(`Expires at: ${data.expiresAt}`);
+          return;
+        }
+
+        const res = await client.get(
+          `/api/buckets/${id}/files/${encodeURIComponent(key)}/download`,
+          { responseType: 'stream' }
+        );
+        const outPath = path.resolve(opts.out || path.basename(key));
+        const dir = path.dirname(outPath);
+        if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+        await new Promise<void>((resolve, reject) => {
+          const writer = fs.createWriteStream(outPath);
+          res.data.pipe(writer);
+          writer.on('finish', () => resolve());
+          writer.on('error', reject);
+          res.data.on('error', reject);
+        });
+        success(`Downloaded → ${outPath}`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+
+  bk
+    .command('rm <id> <key>')
+    .description('Delete a file from the bucket')
+    .option('--yes', 'Skip confirmation prompt')
+    .action(async (id, key, opts) => {
+      if (!opts.yes) {
+        const { confirm } = await inquirer.prompt([
+          { type: 'confirm', name: 'confirm', message: `Delete "${key}"?`, default: false },
+        ]);
+        if (!confirm) { console.log('Cancelled.'); return; }
+      }
+      try {
+        await client.delete(`/api/buckets/${id}/files/${encodeURIComponent(key)}`);
+        success(`Deleted ${key}`);
+      } catch (err) { errorMsg(apiError(err)); process.exit(1); }
+    });
+}

package/src/commands/database.ts

@@ -216,6 +216,41 @@ export function registerDatabase(program: Command): void {
       }
     });
 
+  // restore-to (cross-service restore)
+  db
+    .command('restore-to <target-service-id> <backup-id>')
+    .description('Restore a backup into a DIFFERENT deployment service in the same org (engines must match)')
+    .option('--yes', 'Skip confirmation prompt')
+    .option('--json', 'Output raw JSON')
+    .action(async (targetServiceId, backupId, opts) => {
+      if (!opts.yes) {
+        const { confirm } = await inquirer.prompt([
+          {
+            type: 'confirm',
+            name: 'confirm',
+            message: `Restore backup ${backupId} into service ${targetServiceId}? Existing data on the target will be overwritten.`,
+            default: false,
+          },
+        ]);
+        if (!confirm) { console.log('Cancelled.'); return; }
+      }
+
+      const spin = spinner('Restoring database into target service...');
+      try {
+        const res = await client.post(
+          `/api/deployment-services/${targetServiceId}/restore-from/${backupId}`
+        );
+        const result = unwrap(res.data);
+        spin.stop();
+        if (opts.json) { printJson(result); return; }
+        success('Database restored successfully into target service.');
+      } catch (err) {
+        spin.stop();
+        errorMsg(apiError(err));
+        process.exit(1);
+      }
+    });
+
   // backup-delete
   db
     .command('backup-delete <service-id> <backup-id>')

package/src/commands/deploy.ts

@@ -30,6 +30,24 @@ function isInternalDeploymentImage(image?: string): boolean {
   return /^deploy-[0-9a-f-]+(?::|$)/i.test(image.trim());
 }
 
+function parseDurationToDate(value: string): Date {
+  const match = value.match(/^(\d+(?:\.\d+)?)(m|h|d)$/);
+  if (!match) {
+    throw new Error(`Invalid duration "${value}". Use format like: 30m, 4h, 2d`);
+  }
+  const amount = Number(match[1]);
+  const unit = match[2];
+  const msMap: Record<string, number> = { m: 60_000, h: 3_600_000, d: 86_400_000 };
+  return new Date(Date.now() + amount * msMap[unit]);
+}
+
+function formatAutoDestroy(value?: string | null): string {
+  if (!value) return 'disabled';
+  const date = new Date(value);
+  if (Number.isNaN(date.getTime())) return String(value);
+  return `${date.toISOString()} (${timeAgo(value)})`;
+}
+
 async function pollUntilDone(deploymentId: string, spin: ReturnType<typeof spinner>): Promise<void> {
   const terminal = new Set(['RUNNING', 'FAILED', 'TERMINATED', 'STOPPED']);
   while (true) {
@@ -146,6 +164,7 @@ export function registerDeploy(program: Command): void {
           ['Port', String(d.port || '—')],
           ['URL', d.url || d.serviceUrl || '—'],
           ['Replicas', String(d.replicas ?? '—')],
+          ['Auto Destroy', formatAutoDestroy(d.autoDestroyAt)],
           ['Project', d.projectId || '—'],
           ['Created', d.createdAt ? timeAgo(d.createdAt) : '—'],
           ['Updated', d.updatedAt ? timeAgo(d.updatedAt) : '—'],
@@ -211,6 +230,7 @@ export function registerDeploy(program: Command): void {
     .option('--name <name>', 'Deployment name')
     .option('--branch <branch>', 'Git branch')
     .option('--provider <provider>', 'Provider (docker|gcp_cloud_run|aws_ecs_fargate|azure_container_apps)')
+    .option('--region <region>', 'Cloud region to deploy into (e.g. us-central1, canadacentral)')
     .option('--env <pairs...>', 'Environment variables as KEY=VALUE')
     .option('--env-file <file>', 'Load environment variables from a .env file')
     .option('--framework <framework>', 'Framework hint (e.g. node, python, go)')
@@ -222,7 +242,13 @@ export function registerDeploy(program: Command): void {
     .option('--repo-secret <name>', 'Secret name containing private repo token')
     .option('--environment <env>', 'Deployment environment (DEVELOPMENT|STAGING|PRODUCTION)', 'DEVELOPMENT')
     .option('--auto-destroy <hours>', 'Auto-destroy after N hours', parseInt)
-    .option('--services <types>', 'Comma-separated database services to provision (e.g. postgresql,redis)')
+    .option('--services <types>', 'Comma-separated services (e.g. postgres,redis). On cloud providers a database (postgres|mysql) is provisioned as a managed DB; on docker it runs as a sidecar container')
+    .option('--create-db <engine>', 'Alias for --services with a single database (postgres|mysql); provisions a managed cloud DB and injects its connection env')
+    .option('--managed-db <id>', 'Attach an existing managed database by ID and inject its connection env')
+    .option('--db-version <version>', 'Engine version for --create-db (default: postgres 17 / mysql 8.0)')
+    .option('--db-region <region>', 'Cloud region for --create-db (defaults to the deploy region)')
+    .option('--worker-command <cmd>', 'Run a background worker sidecar with this command')
+    .option('--worker-name <name>', 'Worker service name', 'worker')
     .option('--no-health-check', 'Disable health checks for this deployment')
     .option('--wait', 'Wait until deployment is RUNNING or FAILED')
     .option('--json', 'Output raw JSON')
@@ -239,6 +265,7 @@ export function registerDeploy(program: Command): void {
       if (opts.name) payload.name = opts.name;
       if (opts.branch) payload.repoBranch = opts.branch;
       if (opts.provider) payload.provider = opts.provider;
+      if (opts.region) payload.region = opts.region;
       if (opts.environment) payload.environment = opts.environment;
       if (opts.framework) payload.framework = opts.framework;
       if (opts.buildCommand) payload.buildCommand = opts.buildCommand;
@@ -249,9 +276,23 @@ export function registerDeploy(program: Command): void {
       if (opts.repoSecret) payload.repoSecretName = opts.repoSecret;
       if (opts.autoDestroy) payload.autoDestroyHours = opts.autoDestroy;
       if (opts.healthCheck === false) payload.healthCheckEnabled = false;
+      if (opts.createDb) payload.createDb = opts.createDb;
+      if (opts.managedDb) payload.managedDbId = opts.managedDb;
+      if (opts.dbVersion) payload.dbEngineVersion = opts.dbVersion;
+      if (opts.dbRegion) payload.dbRegion = opts.dbRegion;
       if (opts.services) {
         payload.services = opts.services.split(',').map((s: string) => ({ type: s.trim() }));
       }
+      if (opts.workerCommand) {
+        payload.services = [
+          ...(payload.services || []),
+          {
+            type: 'worker',
+            displayName: opts.workerName || 'worker',
+            command: opts.workerCommand,
+          },
+        ];
+      }
       if (Object.keys(envVars).length) payload.envVars = envVars;
 
       try {
@@ -299,17 +340,60 @@ export function registerDeploy(program: Command): void {
         if (!confirm) { console.log('Cancelled.'); return; }
       }
 
-      const baseEnvVars: Record<string, string> = { ...(deployment.envVars || {}) };
-      if (opts.envFile) Object.assign(baseEnvVars, parseEnvFile(opts.envFile));
+      // Env the USER explicitly provides on this redeploy (--env-file / --env).
+      // Kept separate from the deployment's existing env: the API masks secret
+      // values in responses, so re-sending deployment.envVars would overwrite real
+      // values with "***". The in-place redeploy preserves existing env
+      // server-side, so we only send explicit overrides.
+      const explicitOverrides: Record<string, string> = {};
+      if (opts.envFile) Object.assign(explicitOverrides, parseEnvFile(opts.envFile));
       if (opts.env) {
         for (const pair of (opts.env as string[])) {
           const idx = pair.indexOf('=');
-          if (idx > 0) baseEnvVars[pair.slice(0, idx)] = pair.slice(idx + 1);
+          if (idx > 0) explicitOverrides[pair.slice(0, idx)] = pair.slice(idx + 1);
         }
       }
+      // For the legacy "reconstruct as a new deployment" fallback only, start from
+      // the deployment's env. The API masks secret values ("***" or user:***@ in
+      // connection strings); re-sending those would bake literal "***" into the
+      // clone, so drop masked entries (the server regenerates service credentials
+      // and DATABASE_URL for attached services anyway).
+      const baseEnvVars: Record<string, string> = {};
+      for (const [k, v] of Object.entries((deployment.envVars || {}) as Record<string, string>)) {
+        if (v === '***' || /:\/\/[^:/@\s]+:\*\*\*@/.test(String(v))) continue;
+        baseEnvVars[k] = v;
+      }
+      Object.assign(baseEnvVars, explicitOverrides);
       const provider = opts.provider || undefined;
 
       try {
+        // Default: rebuild the SAME deployment in place. This preserves
+        // everything keyed by deployment id — attached managed databases,
+        // volumes, secrets — so "deploy -> attach db -> redeploy" injects the DB
+        // on the rebuild. Renaming or switching provider can't be done in place,
+        // so only the no-override path uses it; anything the server rejects
+        // (zip/folder source, no prior job) falls through to the legacy flow.
+        if (!opts.name && !provider) {
+          try {
+            const body: Record<string, any> = {};
+            // Only send explicit overrides — the server preserves existing env.
+            if (Object.keys(explicitOverrides).length) body.envVars = explicitOverrides;
+            const res = await client.post(`/api/deployments/${deployment.id}/redeploy`, body);
+            const d = unwrap(res.data);
+            if (opts.json) { printJson(d); return; }
+            if (opts.wait) {
+              await pollUntilDone(d.id, spinner(`Rebuilding ${d.name || nameOrId}...`));
+            } else {
+              success(`Redeploy queued (in place): ${d.name || d.id}`);
+              console.log(`  Run 'nexus deploy status ${d.id} --watch' to track progress`);
+            }
+            return;
+          } catch (err: any) {
+            const status = err?.response?.status;
+            if (status !== 400 && status !== 404) throw err;
+          }
+        }
+
         let project: any = null;
         if (deployment.projectId) {
           const projectRes = await client.get(`/api/projects/${deployment.projectId}`);
@@ -751,6 +835,7 @@ export function registerDeploy(program: Command): void {
           ['Provider', d.provider || '—'],
           ['URL', d.url || d.serviceUrl || '—'],
           ['Replicas', String(d.replicas ?? '—')],
+          ['Auto Destroy', formatAutoDestroy(d.autoDestroyAt)],
           ['Updated', d.updatedAt ? timeAgo(d.updatedAt) : '—'],
         ]);
       };
@@ -767,4 +852,53 @@ export function registerDeploy(program: Command): void {
         process.exit(1);
       }
     });
+
+  deploy
+    .command('auto-destroy <name-or-id>')
+    .description('Set, extend, reduce, or disable deployment auto-destroy without restarting the deployment')
+    .option('--in <duration>', 'Destroy after a relative duration, e.g. 30m, 4h, 2d')
+    .option('--at <iso-date>', 'Destroy at an absolute ISO timestamp')
+    .option('--off', 'Disable auto-destroy')
+    .option('--json', 'Output raw JSON')
+    .action(async (nameOrId, opts) => {
+      const selected = [opts.in, opts.at, opts.off].filter(Boolean);
+      if (selected.length !== 1) {
+        errorMsg('Choose exactly one of --in, --at, or --off');
+        process.exit(1);
+      }
+
+      try {
+        const deployment = await resolveDeployment(nameOrId);
+        const payload: Record<string, any> = {};
+
+        if (opts.off) {
+          payload.autoDestroyAt = null;
+        } else if (opts.in) {
+          payload.autoDestroyAt = parseDurationToDate(opts.in).toISOString();
+        } else if (opts.at) {
+          const date = new Date(opts.at);
+          if (Number.isNaN(date.getTime())) {
+            throw new Error(`Invalid ISO date: ${opts.at}`);
+          }
+          payload.autoDestroyAt = date.toISOString();
+        }
+
+        const res = await client.patch(`/api/deployments/${deployment.id}/auto-destroy`, payload);
+        const updated = unwrap(res.data);
+
+        if (opts.json) {
+          printJson(updated);
+          return;
+        }
+
+        success(
+          updated.autoDestroyAt
+            ? `Auto-destroy set for ${updated.displayName || updated.name}: ${formatAutoDestroy(updated.autoDestroyAt)}`
+            : `Auto-destroy disabled for ${updated.displayName || updated.name}`
+        );
+      } catch (err) {
+        errorMsg(apiError(err));
+        process.exit(1);
+      }
+    });
 }