Skip to content

feat(project): experimental project setup command (RFC / discussion)#109

Open
Xe wants to merge 1 commit into
mainfrom
Xe/project-setup
Open

feat(project): experimental project setup command (RFC / discussion)#109
Xe wants to merge 1 commit into
mainfrom
Xe/project-setup

Conversation

@Xe

@Xe Xe commented Jun 15, 2026
edited by cursor Bot
Loading

Copy link
Copy Markdown

What this is

An experiment in a prompt-guided, zero-config setup flow for getting a project wired to Tigris in one command. It's opened as a draft PR to foster discussion — not a finished, ship-ready feature. The goal is to get eyes on the UX and the agent-resource bits and decide what (if anything) we want to keep.

tigris project setup

Runs the whole onboarding flow end-to-end:

  1. Auth — if not logged in, pops the browser via the OAuth device flow. Respects existing auth (env vars / credentials / configured).
  2. Bucket — creates a randomly named color-adjective-animal bucket (via unique-names-generator), or --bucket <name>.
  3. Access key — mints <bucket>-key and assigns it the Editor role scoped to that bucket.
  4. .env — writes TIGRIS_STORAGE_{ACCESS_KEY_ID,SECRET_ACCESS_KEY,ENDPOINT,BUCKET} (mode 0600) for @tigrisdata/storage. Detects an existing .env early and aborts ("already set up") unless --force.
  5. npm packages (best-effort, non-fatal) — runs npm install @tigrisdata/storage @tigrisdata/agent-kit in the project. --skip-install opts out.
  6. Agent skills (best-effort, non-fatal) — fetches the tigrisdata/skills tarball and installs the Tigris storage skills into .agents/skills/, with relative per-skill symlinks in .claude/skills/ (won't clobber existing real dirs). --skip-agent-setup opts out.

If bucket/key creation fails partway, the bucket is rolled back so a retry isn't blocked. The npm and skills steps are best-effort: a missing npm/tar, no network, or a failed install is reported but never aborts setup.

Because installed skills don't take effect in the agent session that launched setup, the command advises starting a fresh agent session to adapt the app to Tigris. (Earlier revisions optionally installed the Claude Code plugin under CLAUDECODE; that path was dropped — installing a plugin mutates global config and can't take effect in the same session, so setup always installs skills instead.)

tigris project setup
tigris project setup --bucket my-app --access public
tigris project setup --skip-install --skip-agent-setup

Open questions for discussion

  • Is bundling agent-resource install (skills) and npm install into project setup the right call, or should those be their own commands?
  • Scope of skills installed (currently a Tigris-storage allowlist) and the .agents/skills + .claude/skills symlink layout.
  • Default run mode is auto-run, best-effort — should it confirm first instead?
  • Should the network/exec side effects (tarball fetch, npm install) be opt-in rather than opt-out?

Testing

  • npm run build (tsc + tsup), npm test (727 passing / 187 skipped), npm run lint, npm run format:check — all clean.
  • README regenerated from the spec via npm run updatedocs.
  • Manually smoke-tested the skills tarball path end-to-end (tarball → .agents/skills + resolving .claude/skills symlinks).

Assisted-by: Claude Opus 4.8 via Claude Code

Note

Medium Risk
Creates real buckets and access keys in the user's org and writes secrets to disk; npm/tarball fetch and symlink writes are opt-out side effects on the local project.

Overview
Adds a new tigris project command group with project setup, a one-shot onboarding flow that provisions cloud resources, writes local config, and optionally prepares the repo for app and agent use.

tigris project setup runs auth (OAuth if needed), creates a bucket (random color-adjective-animal name or --bucket), mints an Editor-scoped access key, and writes a mode-0600 .env with TIGRIS_STORAGE_* vars. It stops early if .env already exists unless --force. Failed key/IAM steps trigger bucket rollback so retries are not blocked.

By default it also runs best-effort npm install for @tigrisdata/storage and @tigrisdata/agent-kit (--skip-install), and downloads Tigris storage skills from GitHub into .agents/skills with symlinks under .claude/skills (--skip-agent-setup). Those side effects never fail the core setup.

Docs/specs/README are updated; unique-names-generator is added for default bucket names. Vitest coverage covers setup orchestration, npm install, and skill install behavior.

Reviewed by Cursor Bugbot for commit 9cb70c7. Bugbot is set up for automated code reviews on this repo. Configure here.

@Xe Xe force-pushed the Xe/project-setup branch from 5879a30 to e784cba Compare June 16, 2026 16:08
@Xe Xe closed this Jun 16, 2026
@Xe Xe force-pushed the Xe/project-setup branch from e784cba to 512a93a Compare June 16, 2026 18:13
@Xe
feat(project): add experimental project setup command
9cb70c7 
Add a zero-config `tigris project setup` (t3) that wires a project to
Tigris in one command, as an RFC/experiment in prompt-guided setup:

1. Auth — pops the browser via the OAuth device flow when not logged
   in; respects existing credentials otherwise.
2. Bucket — creates a randomly named color-adjective-animal bucket
   (unique-names-generator), overridable with --bucket.
3. Access key — mints <bucket>-key and assigns it the Editor role
   scoped to that bucket.
4. .env — writes TIGRIS_STORAGE_{ACCESS_KEY_ID,SECRET_ACCESS_KEY,
   ENDPOINT,BUCKET} (mode 0600) for @tigrisdata/storage. Detects an
   existing .env early and aborts unless --force.
5. npm packages — installs @tigrisdata/storage and @tigrisdata/agent-kit
   into the project (--skip-install to opt out).
6. Agent skills — fetches the tigrisdata/skills tarball and installs the
   Tigris storage skills into .agents/skills, with relative per-skill
   symlinks in .claude/skills (--skip-agent-setup to opt out).

If bucket/key creation fails partway, the bucket is rolled back so a
retry isn't blocked. The npm and skills steps are best-effort: failures
are reported but never abort setup. Since installed skills don't load in
the running agent session, setup advises starting a fresh one.

Assisted-by: Claude Opus 4.8 via Claude Code
Signed-off-by: Xe Iaso <xe@tigrisdata.com>
@Xe Xe reopened this Jun 16, 2026
@Xe Xe marked this pull request as ready for review June 16, 2026 19:06
cursor[bot]
cursor Bot reviewed Jun 16, 2026
View reviewed changes

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes using default effort and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit 9cb70c7. Configure here.

Comment thread src/lib/project/setup.ts
writeFileSync(envPath, envContents, { mode: 0o600 });
} catch (err) {
await rollbackBucket();
return failWithError(context, err);

@cursor cursor Bot Jun 16, 2026

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rollback omits created access key

Medium Severity

After a successful createAccessKey, failure paths only call rollbackBucket and never delete the new key. The leftover ${bucketName}-key can block a retry with the same --bucket name, and leaves an orphaned credential if .env write fails after the secret was only in memory.

Additional Locations (1)
Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit 9cb70c7. Configure here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Xe