Skip to content

feat(cli): add execution engine with context, auth, and execute commands #657

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
pyramation merged 8 commits into from
Jan 27, 2026
Merged

feat(cli): add execution engine with context, auth, and execute commands #657

pyramation merged 8 commits into from
Jan 27, 2026

Conversation

@pyramation
Copy link
Contributor

@pyramation pyramation commented Jan 24, 2026
edited by devin-ai-integration bot
Loading

feat(cli): add execution engine with context, auth, and execute commands

Summary

This PR adds a minimal execution engine to the cnc CLI that enables agents and users to make GraphQL requests against Constructive APIs. The implementation is intentionally simple to allow incremental feature additions later.

Config Management (src/config/):

  • Uses appstash for standardized config storage at ~/.cnc/
  • Context configs store name and endpoint URL directly (similar to kubectl contexts)
  • Credentials stored separately with 0o600 file permissions

New Commands:

  • cnc context create|list|use|current|delete - Manage context configurations
  • cnc auth set-token|status|logout - Manage API tokens per context (with password masking)
  • cnc execute - Execute raw GraphQL queries/mutations

SDK Client (src/sdk/):

  • Simple GraphQL client using native fetch - no external dependencies
  • Supports raw query strings with variables
  • Returns structured QueryResult<T> with ok/data/errors

Updates since last revision

  • Renamed "project" to "context" throughout the CLI to align with kubectl's context model:
    • cnc projectcnc context
    • --project flag → --context flag
    • ProjectConfigContextConfig, ProjectCredentialsContextCredentials
    • Config storage moved from ~/.cnc/config/projects/ to ~/.cnc/config/contexts/
    • Subcommand changes: initcreate, infocurrent
  • This avoids confusion with Constructive database "projects" and follows established CLI patterns (kubectl, docker context)
  • Fixed stale usage text in display.ts - removed old --model/--action examples that no longer exist, updated to show simplified --query syntax

Review & Testing Checklist for Human

  • Test the context flow end-to-end: 
    cnc context create my-api --endpoint https://api.example.com/graphql
cnc auth set-token  # Should mask input with asterisks
cnc execute --query 'query { __typename }'
  • Verify credential storage security - Check that ~/.cnc/config/credentials.json is created with mode 0o600 (owner read/write only).
  • Test context switching - Create multiple contexts and verify cnc context use and cnc context current work correctly.
  • Verify cnc --help output - Confirm the usage text shows the correct simplified examples (no --model/--action flags).

Recommended Test Plan:

  1. Install the CLI locally and run cnc context create with a real endpoint URL
  2. Set a real API token with cnc auth set-token and verify input is masked
  3. Try cnc execute --query '...' against a real GraphQL API
  4. Check ~/.cnc/config/ to verify file structure (contexts/ directory, not projects/)
  5. Run cnc --help and verify examples are correct

Notes

  • No automated tests are included for the new functionality - manual testing is required
  • OAuth login flow is not implemented - only manual token setting via cnc auth set-token
  • This is intentionally minimal - features like model-to-API routing and query builders can be added incrementally
  • Password masking depends on inquirerer password type from dev-utils PR modules #58

Link to Devin run: https://app.devin.ai/sessions/041b1d6074a549febda2c95195f1e758
Continued in: https://app.devin.ai/sessions/3db8ac553a7641ee811f8da59592f68a
Requested by: Dan Lynch (@pyramation)

@pyramation
feat(cli): add execution engine with project, auth, and execute commands
d353661 
- Add appstash dependency for config storage (~/.cnc/)
- Add project management commands (init, list, use, info, delete)
- Add auth commands (set-token, status, logout)
- Add execute command for JSON protocol operations
- Add lightweight GraphQL client with auto-routing to correct API
- Support multi-API architecture (public, admin, auth, private, app)
- Model-to-API routing maps models to appropriate endpoints
- Secure credential storage with 0o600 permissions
@devin-ai-integration
Copy link
Contributor

devin-ai-integration bot commented Jan 24, 2026

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@pyramation
feat(cli): use password type for token input in auth command
28ec0fd 
- Change token input from type 'text' to type 'password'
- Input is now masked with asterisks while typing
- Requires inquirerer password type feature (dev-utils PR #58)
@pyramation
chore(cli): update inquirerer to v4.5.0 for password input type
d740c91
@pyramation
chore: update pnpm-lock.yaml for inquirerer ^4.5.0
894b192
@pyramation
refactor(cli): use graphql-codegen client and gql-ast for SDK operations
7eca2c4 
- Replace custom GraphQL client with graphql-codegen execute function
- Rewrite operations.ts to use gql-ast for AST-based document building
- Remove manual string concatenation in favor of proper AST builders
- Add gql-ast and @0no-co/graphql.web as dependencies
- Add graphql as devDependency for type definitions
@pyramation
refactor(cli): simplify SDK to minimal viable feature
cc58f9a 
- Remove operations.ts (gql-ast query builders)
- Simplify client.ts to use plain fetch instead of graphql-codegen
- Simplify executor.ts to just execute raw GraphQL strings
- Remove hardcoded endpoint generation (generateEndpoints)
- Remove MODEL_API_MAP auto-routing
- Simplify ProjectConfig to store endpoint URL directly
- Remove gql-ast and @0no-co/graphql.web dependencies
- Keep: project management, auth/token management, simple execute with raw query string
@pyramation
refactor(cli): rename project to context for kubectl alignment
3f16689 
- Rename ProjectConfig -> ContextConfig, ProjectCredentials -> ContextCredentials
- Rename all config-manager functions (createProject -> createContext, etc.)
- Rename project.ts command to context.ts with updated subcommands:
  - init -> create
  - info -> current
- Update auth command to use --context flag instead of --project
- Update execute command to use --context flag
- Update executor to use context terminology
- Store configs in ~/.cnc/config/contexts/ instead of projects/

This aligns the CLI with kubectl's context model where a context
bundles endpoint + credentials together.
@devin-ai-integration devin-ai-integration bot changed the title feat(cli): add execution engine with project, auth, and execute commands feat(cli): add execution engine with context, auth, and execute commands Jan 27, 2026
@pyramation pyramation merged commit a1207cb into main Jan 27, 2026
52 checks passed
@pyramation pyramation deleted the devin/1769265674-cnc-execution-engine branch January 27, 2026 03:11
@pyramation pyramation mentioned this pull request Jan 27, 2026
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pyramation