CLI: Update SDK to 5e56fc5d99a6 and add missing coverage

Expose the new SDK methods and params added since v0.44.0 so the CLI stays aligned with the generated client surface across deploys, invocations, managed auth, browsers, apps, and credential providers.

Tested: go test ./..., go build ./..., kernel deploy get eqo2jzrlf8msevs8n6mbn4bf, kernel deploy history ts-basic --app-version latest, kernel app list --query ts-basic, kernel invoke ts-basic get-page-title --since 10m, kernel invoke get apwmow9vgbs220iwnwhc8lc8, kernel invoke history --app ts-basic --action get-page-title --deployment-id eqo2jzrlf8msevs8n6mbn4bf --status succeeded --since 24h, kernel invoke update bmncbxisjg1nv95hr3fa05dw --status failed --output '{"error":"manual test"}', kernel invoke delete-browsers bmncbxisjg1nv95hr3fa05dw, kernel browsers create --invocation-id qkpb5v6chmvm6bbr7j2fkxxg -t 30, kernel browsers get 2l9r4s41c04qy6ge2v5w38s0 --include-deleted, kernel auth connections update 5d71e33b-a099-4a85-a850-a9d1a5d6456b --health-check-interval 30 --save-credentials, kernel credential-providers update cp_hcpp4bm210p1yxxbw61eg7b4 --name cli-coverage-provider-updated
Made-with: Cursor

Author: kernel-internal[bot]

cmd/app.go

@@ -53,6 +53,7 @@ func init() {
 
 	// Add optional filters for list
 	appListCmd.Flags().String("name", "", "Filter by application name")
+	appListCmd.Flags().String("query", "", "Search apps by name")
 	appListCmd.Flags().String("version", "", "Filter by version label")
 	appListCmd.Flags().Int("limit", 20, "Max apps to return (default 20)")
 	appListCmd.Flags().Int("per-page", 20, "Items per page (alias of --limit)")
@@ -67,6 +68,7 @@ func init() {
 func runAppList(cmd *cobra.Command, args []string) error {
 	client := getKernelClient(cmd)
 	appName, _ := cmd.Flags().GetString("name")
+	query, _ := cmd.Flags().GetString("query")
 	version, _ := cmd.Flags().GetString("version")
 	lim, _ := cmd.Flags().GetInt("limit")
 	perPage, _ := cmd.Flags().GetInt("per-page")
@@ -101,6 +103,9 @@ func runAppList(cmd *cobra.Command, args []string) error {
 	if appName != "" {
 		params.AppName = kernel.Opt(appName)
 	}
+	if query != "" {
+		params.Query = kernel.Opt(query)
+	}
 	if version != "" {
 		params.Version = kernel.Opt(version)
 	}
@@ -170,17 +175,20 @@ func runAppList(cmd *cobra.Command, args []string) error {
 	PrintTableNoPad(tableData, true)
 
 	// Footer with pagination details and next command suggestion
-	fmt.Printf("\nPage: %d  Per-page: %d  Items this page: %d  Has more: %s\n", page, perPage, itemsThisPage, lo.Ternary(hasMore, "yes", "no"))
+	pterm.Printf("\nPage: %d  Per-page: %d  Items this page: %d  Has more: %s\n", page, perPage, itemsThisPage, lo.Ternary(hasMore, "yes", "no"))
 	if hasMore {
 		nextPage := page + 1
 		nextCmd := fmt.Sprintf("kernel app list --page %d --per-page %d", nextPage, perPage)
 		if appName != "" {
-			nextCmd += fmt.Sprintf(" --name %s", appName)
+			nextCmd += fmt.Sprintf(" --name %s", quoteIfNeeded(appName))
+		}
+		if query != "" {
+			nextCmd += fmt.Sprintf(" --query %s", quoteIfNeeded(query))
 		}
 		if version != "" {
-			nextCmd += fmt.Sprintf(" --version %s", version)
+			nextCmd += fmt.Sprintf(" --version %s", quoteIfNeeded(version))
 		}
-		fmt.Printf("Next: %s\n", nextCmd)
+		pterm.Printf("Next: %s\n", nextCmd)
 	}
 	// Concise notes when user-specified per-page/limit/page are outside API-allowed range
 	if cmd.Flags().Changed("per-page") {

cmd/auth_connections.go

@@ -19,6 +19,7 @@ import (
 type AuthConnectionService interface {
 	New(ctx context.Context, body kernel.AuthConnectionNewParams, opts ...option.RequestOption) (res *kernel.ManagedAuth, err error)
 	Get(ctx context.Context, id string, opts ...option.RequestOption) (res *kernel.ManagedAuth, err error)
+	Update(ctx context.Context, id string, body kernel.AuthConnectionUpdateParams, opts ...option.RequestOption) (res *kernel.ManagedAuth, err error)
 	List(ctx context.Context, query kernel.AuthConnectionListParams, opts ...option.RequestOption) (res *pagination.OffsetPagination[kernel.ManagedAuth], err error)
 	Delete(ctx context.Context, id string, opts ...option.RequestOption) (err error)
 	Login(ctx context.Context, id string, body kernel.AuthConnectionLoginParams, opts ...option.RequestOption) (res *kernel.LoginResponse, err error)
@@ -53,6 +54,29 @@ type AuthConnectionGetInput struct {
 	Output string
 }
 
+type AuthConnectionUpdateInput struct {
+	ID                     string
+	LoginURL               string
+	LoginURLSet            bool
+	AllowedDomains         []string
+	AllowedDomainsSet      bool
+	CredentialName         string
+	CredentialNameSet      bool
+	CredentialProvider     string
+	CredentialProviderSet  bool
+	CredentialPath         string
+	CredentialPathSet      bool
+	CredentialAuto         BoolFlag
+	ProxyID                string
+	ProxyIDSet             bool
+	ProxyName              string
+	ProxyNameSet           bool
+	SaveCredentials        BoolFlag
+	HealthCheckInterval    int
+	HealthCheckIntervalSet bool
+	Output                 string
+}
+
 type AuthConnectionListInput struct {
 	Domain      string
 	ProfileName string
@@ -77,7 +101,9 @@ type AuthConnectionSubmitInput struct {
 	ID                string
 	FieldValues       map[string]string
 	MfaOptionID       string
+	SignInOptionID    string
 	SSOButtonSelector string
+	SSOProvider       string
 	Output            string
 }
 
@@ -159,7 +185,11 @@ func (c AuthConnectionCmd) Create(ctx context.Context, in AuthConnectionCreateIn
 	}
 
 	pterm.Success.Printf("Created managed auth: %s\n", auth.ID)
+	printManagedAuthSummary(auth)
+	return nil
+}
 
+func printManagedAuthSummary(auth *kernel.ManagedAuth) {
 	tableData := pterm.TableData{
 		{"Property", "Value"},
 		{"ID", auth.ID},
@@ -177,8 +207,91 @@ func (c AuthConnectionCmd) Create(ctx context.Context, in AuthConnectionCreateIn
 	if auth.Credential.Provider != "" {
 		tableData = append(tableData, []string{"Credential Provider", auth.Credential.Provider})
 	}
-
+	if auth.ProxyID != "" {
+		tableData = append(tableData, []string{"Proxy ID", auth.ProxyID})
+	}
 	PrintTableNoPad(tableData, true)
+}
+
+func (c AuthConnectionCmd) Update(ctx context.Context, in AuthConnectionUpdateInput) error {
+	if in.Output != "" && in.Output != "json" {
+		return fmt.Errorf("unsupported --output value: use 'json'")
+	}
+
+	params := kernel.AuthConnectionUpdateParams{
+		ManagedAuthUpdateRequest: kernel.ManagedAuthUpdateRequestParam{},
+	}
+	hasChanges := false
+
+	if in.HealthCheckIntervalSet {
+		params.ManagedAuthUpdateRequest.HealthCheckInterval = kernel.Opt(int64(in.HealthCheckInterval))
+		hasChanges = true
+	}
+	if in.LoginURLSet {
+		params.ManagedAuthUpdateRequest.LoginURL = kernel.Opt(in.LoginURL)
+		hasChanges = true
+	}
+	if in.SaveCredentials.Set {
+		params.ManagedAuthUpdateRequest.SaveCredentials = kernel.Opt(in.SaveCredentials.Value)
+		hasChanges = true
+	}
+	if in.AllowedDomainsSet {
+		params.ManagedAuthUpdateRequest.AllowedDomains = in.AllowedDomains
+		hasChanges = true
+	}
+
+	credentialChanged := in.CredentialNameSet || in.CredentialProviderSet || in.CredentialPathSet || in.CredentialAuto.Set
+	if credentialChanged {
+		if strings.TrimSpace(in.CredentialName) != "" && strings.TrimSpace(in.CredentialProvider) != "" {
+			return fmt.Errorf("credential reference must use either --credential-name or --credential-provider")
+		}
+		params.ManagedAuthUpdateRequest.Credential = kernel.ManagedAuthUpdateRequestCredentialParam{}
+		if in.CredentialNameSet {
+			params.ManagedAuthUpdateRequest.Credential.Name = kernel.Opt(in.CredentialName)
+		}
+		if in.CredentialProviderSet {
+			params.ManagedAuthUpdateRequest.Credential.Provider = kernel.Opt(in.CredentialProvider)
+		}
+		if in.CredentialPathSet {
+			params.ManagedAuthUpdateRequest.Credential.Path = kernel.Opt(in.CredentialPath)
+		}
+		if in.CredentialAuto.Set {
+			params.ManagedAuthUpdateRequest.Credential.Auto = kernel.Opt(in.CredentialAuto.Value)
+		}
+		hasChanges = true
+	}
+
+	proxyChanged := in.ProxyIDSet || in.ProxyNameSet
+	if proxyChanged {
+		params.ManagedAuthUpdateRequest.Proxy = kernel.ManagedAuthUpdateRequestProxyParam{}
+		if in.ProxyIDSet {
+			params.ManagedAuthUpdateRequest.Proxy.ID = kernel.Opt(in.ProxyID)
+		}
+		if in.ProxyNameSet {
+			params.ManagedAuthUpdateRequest.Proxy.Name = kernel.Opt(in.ProxyName)
+		}
+		hasChanges = true
+	}
+
+	if !hasChanges {
+		return fmt.Errorf("must provide at least one field to update")
+	}
+
+	if in.Output != "json" {
+		pterm.Info.Printf("Updating managed auth %s...\n", in.ID)
+	}
+
+	auth, err := c.svc.Update(ctx, in.ID, params)
+	if err != nil {
+		return util.CleanedUpSdkError{Err: err}
+	}
+
+	if in.Output == "json" {
+		return util.PrintPrettyJSON(auth)
+	}
+
+	pterm.Success.Printf("Updated managed auth: %s\n", auth.ID)
+	printManagedAuthSummary(auth)
 	return nil
 }
 
@@ -444,10 +557,21 @@ func (c AuthConnectionCmd) Submit(ctx context.Context, in AuthConnectionSubmitIn
 	// Validate that we have some input to submit
 	hasFields := len(in.FieldValues) > 0
 	hasMfaOption := in.MfaOptionID != ""
+	hasSignInOption := in.SignInOptionID != ""
 	hasSSOButton := in.SSOButtonSelector != ""
+	hasSSOProvider := in.SSOProvider != ""
+	submitModes := 0
+	for _, active := range []bool{hasFields, hasMfaOption, hasSignInOption, hasSSOButton, hasSSOProvider} {
+		if active {
+			submitModes++
+		}
+	}
 
-	if !hasFields && !hasMfaOption && !hasSSOButton {
-		return fmt.Errorf("must provide at least one of: --field, --mfa-option-id, or --sso-button-selector")
+	if submitModes == 0 {
+		return fmt.Errorf("must provide exactly one of: --field, --mfa-option-id, --sign-in-option-id, --sso-button-selector, or --sso-provider")
+	}
+	if submitModes > 1 {
+		return fmt.Errorf("provide exactly one of: --field, --mfa-option-id, --sign-in-option-id, --sso-button-selector, or --sso-provider")
 	}
 
 	// Resolve MFA option: the user may pass the label (e.g. "Get a text"), the
@@ -489,9 +613,15 @@ func (c AuthConnectionCmd) Submit(ctx context.Context, in AuthConnectionSubmitIn
 	if hasMfaOption {
 		params.SubmitFieldsRequest.MfaOptionID = kernel.Opt(in.MfaOptionID)
 	}
+	if hasSignInOption {
+		params.SubmitFieldsRequest.SignInOptionID = kernel.Opt(in.SignInOptionID)
+	}
 	if hasSSOButton {
 		params.SubmitFieldsRequest.SSOButtonSelector = kernel.Opt(in.SSOButtonSelector)
 	}
+	if hasSSOProvider {
+		params.SubmitFieldsRequest.SSOProvider = kernel.Opt(in.SSOProvider)
+	}
 
 	if in.Output != "json" {
 		pterm.Info.Println("Submitting to managed auth...")
@@ -594,6 +724,14 @@ var authConnectionsCreateCmd = &cobra.Command{
 	RunE:  runAuthConnectionsCreate,
 }
 
+var authConnectionsUpdateCmd = &cobra.Command{
+	Use:   "update <id>",
+	Short: "Update a managed auth connection",
+	Long:  "Update managed authentication settings like login URL, health checks, credential source, and proxy.",
+	Args:  cobra.ExactArgs(1),
+	RunE:  runAuthConnectionsUpdate,
+}
+
 var authConnectionsGetCmd = &cobra.Command{
 	Use:   "get <id>",
 	Short: "Get a managed auth by ID",
@@ -666,10 +804,27 @@ func init() {
 	authConnectionsCreateCmd.Flags().Int("health-check-interval", 0, "Interval in seconds between health checks (300-86400)")
 	_ = authConnectionsCreateCmd.MarkFlagRequired("domain")
 	_ = authConnectionsCreateCmd.MarkFlagRequired("profile-name")
+	authConnectionsCreateCmd.MarkFlagsMutuallyExclusive("credential-name", "credential-provider")
 
 	// Get flags
 	authConnectionsGetCmd.Flags().StringP("output", "o", "", "Output format: json for raw API response")
 
+	// Update flags
+	authConnectionsUpdateCmd.Flags().StringP("output", "o", "", "Output format: json for raw API response")
+	authConnectionsUpdateCmd.Flags().String("login-url", "", "Login page URL (set to empty string to clear)")
+	authConnectionsUpdateCmd.Flags().StringSlice("allowed-domain", []string{}, "Additional allowed domains (replaces existing list)")
+	authConnectionsUpdateCmd.Flags().String("credential-name", "", "Kernel credential name to use")
+	authConnectionsUpdateCmd.Flags().String("credential-provider", "", "External credential provider name")
+	authConnectionsUpdateCmd.Flags().String("credential-path", "", "Provider-specific path (e.g., VaultName/ItemName)")
+	authConnectionsUpdateCmd.Flags().Bool("credential-auto", false, "Lookup by domain from the specified provider")
+	authConnectionsUpdateCmd.Flags().String("proxy-id", "", "Proxy ID to use")
+	authConnectionsUpdateCmd.Flags().String("proxy-name", "", "Proxy name to use")
+	authConnectionsUpdateCmd.Flags().Bool("save-credentials", false, "Enable saving credentials after successful login")
+	authConnectionsUpdateCmd.Flags().Bool("no-save-credentials", false, "Disable saving credentials after successful login")
+	authConnectionsUpdateCmd.Flags().Int("health-check-interval", 0, "Interval in seconds between health checks")
+	authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("credential-name", "credential-provider")
+	authConnectionsUpdateCmd.MarkFlagsMutuallyExclusive("save-credentials", "no-save-credentials")
+
 	// List flags
 	authConnectionsListCmd.Flags().StringP("output", "o", "", "Output format: json for raw API response")
 	authConnectionsListCmd.Flags().String("domain", "", "Filter by domain")
@@ -689,13 +844,16 @@ func init() {
 	authConnectionsSubmitCmd.Flags().StringP("output", "o", "", "Output format: json for raw API response")
 	authConnectionsSubmitCmd.Flags().StringArray("field", []string{}, "Field name=value pair (repeatable)")
 	authConnectionsSubmitCmd.Flags().String("mfa-option-id", "", "MFA option ID if user selected an MFA method")
+	authConnectionsSubmitCmd.Flags().String("sign-in-option-id", "", "Sign-in option ID if the flow returned non-MFA choices")
 	authConnectionsSubmitCmd.Flags().String("sso-button-selector", "", "XPath selector if user chose an SSO button")
+	authConnectionsSubmitCmd.Flags().String("sso-provider", "", "SSO provider if user chose an SSO button by provider (e.g. google, github)")
 
 	// Follow flags
 	authConnectionsFollowCmd.Flags().StringP("output", "o", "", "Output format: json for raw API response")
 
 	// Wire up commands
 	authConnectionsCmd.AddCommand(authConnectionsCreateCmd)
+	authConnectionsCmd.AddCommand(authConnectionsUpdateCmd)
 	authConnectionsCmd.AddCommand(authConnectionsGetCmd)
 	authConnectionsCmd.AddCommand(authConnectionsListCmd)
 	authConnectionsCmd.AddCommand(authConnectionsDeleteCmd)
@@ -753,6 +911,55 @@ func runAuthConnectionsGet(cmd *cobra.Command, args []string) error {
 	})
 }
 
+func runAuthConnectionsUpdate(cmd *cobra.Command, args []string) error {
+	client := getKernelClient(cmd)
+	output, _ := cmd.Flags().GetString("output")
+	loginURL, _ := cmd.Flags().GetString("login-url")
+	allowedDomains, _ := cmd.Flags().GetStringSlice("allowed-domain")
+	credentialName, _ := cmd.Flags().GetString("credential-name")
+	credentialProvider, _ := cmd.Flags().GetString("credential-provider")
+	credentialPath, _ := cmd.Flags().GetString("credential-path")
+	credentialAuto, _ := cmd.Flags().GetBool("credential-auto")
+	proxyID, _ := cmd.Flags().GetString("proxy-id")
+	proxyName, _ := cmd.Flags().GetString("proxy-name")
+	saveCredentials, _ := cmd.Flags().GetBool("save-credentials")
+	noSaveCredentials, _ := cmd.Flags().GetBool("no-save-credentials")
+	healthCheckInterval, _ := cmd.Flags().GetInt("health-check-interval")
+
+	saveCredentialsFlag := BoolFlag{}
+	if cmd.Flags().Changed("save-credentials") {
+		saveCredentialsFlag = BoolFlag{Set: true, Value: saveCredentials}
+	}
+	if cmd.Flags().Changed("no-save-credentials") {
+		saveCredentialsFlag = BoolFlag{Set: true, Value: !noSaveCredentials}
+	}
+
+	svc := client.Auth.Connections
+	c := AuthConnectionCmd{svc: &svc}
+	return c.Update(cmd.Context(), AuthConnectionUpdateInput{
+		ID:                     args[0],
+		LoginURL:               loginURL,
+		LoginURLSet:            cmd.Flags().Changed("login-url"),
+		AllowedDomains:         allowedDomains,
+		AllowedDomainsSet:      cmd.Flags().Changed("allowed-domain"),
+		CredentialName:         credentialName,
+		CredentialNameSet:      cmd.Flags().Changed("credential-name"),
+		CredentialProvider:     credentialProvider,
+		CredentialProviderSet:  cmd.Flags().Changed("credential-provider"),
+		CredentialPath:         credentialPath,
+		CredentialPathSet:      cmd.Flags().Changed("credential-path"),
+		CredentialAuto:         BoolFlag{Set: cmd.Flags().Changed("credential-auto"), Value: credentialAuto},
+		ProxyID:                proxyID,
+		ProxyIDSet:             cmd.Flags().Changed("proxy-id"),
+		ProxyName:              proxyName,
+		ProxyNameSet:           cmd.Flags().Changed("proxy-name"),
+		SaveCredentials:        saveCredentialsFlag,
+		HealthCheckInterval:    healthCheckInterval,
+		HealthCheckIntervalSet: cmd.Flags().Changed("health-check-interval"),
+		Output:                 output,
+	})
+}
+
 func runAuthConnectionsList(cmd *cobra.Command, args []string) error {
 	client := getKernelClient(cmd)
 	output, _ := cmd.Flags().GetString("output")
@@ -805,7 +1012,9 @@ func runAuthConnectionsSubmit(cmd *cobra.Command, args []string) error {
 	output, _ := cmd.Flags().GetString("output")
 	fieldPairs, _ := cmd.Flags().GetStringArray("field")
 	mfaOptionID, _ := cmd.Flags().GetString("mfa-option-id")
+	signInOptionID, _ := cmd.Flags().GetString("sign-in-option-id")
 	ssoButtonSelector, _ := cmd.Flags().GetString("sso-button-selector")
+	ssoProvider, _ := cmd.Flags().GetString("sso-provider")
 
 	// Parse field pairs into map
 	fieldValues := make(map[string]string)
@@ -823,7 +1032,9 @@ func runAuthConnectionsSubmit(cmd *cobra.Command, args []string) error {
 		ID:                args[0],
 		FieldValues:       fieldValues,
 		MfaOptionID:       mfaOptionID,
+		SignInOptionID:    signInOptionID,
 		SSOButtonSelector: ssoButtonSelector,
+		SSOProvider:       ssoProvider,
 		Output:            output,
 	})
 }