{"skill":{"slug":"insforge-skills","displayName":"InsForge Cli Skills","summary":"Create and manage InsForge projects using the CLI. Handles authentication, project setup, database management, edge functions, storage, deployments, and secr...","description":"---\nname: insforge-cli\ndescription: Create and manage InsForge projects using the CLI. Handles authentication, project setup, database management, edge functions, storage, deployments, and secrets. For writing application code with the InsForge SDK, use the insforge (SDK) skill instead.\nlicense: Apache-2.0\nmetadata:\n  author: insforge\n  version: \"1.0.0\"\n  organization: InsForge\n  date: February 2026\n---\n\n# InsForge CLI\n\nCommand-line tool for managing InsForge Backend-as-a-Service projects.\n\n## Critical: Session Start Checks\n\n```bash\ninsforge whoami    # verify authentication\ninsforge current   # verify linked project\n```\n\nIf not authenticated: `insforge login`\nIf no project linked: `insforge create` (new) or `insforge link` (existing)\n\n## Global Options\n\n| Flag | Description |\n|------|-------------|\n| `--json` | Structured JSON output (for scripts and agents) |\n| `-y, --yes` | Skip confirmation prompts |\n\n## Exit Codes\n\n| Code | Meaning |\n|------|---------|\n| 0 | Success |\n| 2 | Not authenticated |\n| 3 | Project not linked |\n| 4 | Resource not found |\n| 5 | Permission denied |\n\n## Environment Variables\n\n| Variable | Description |\n|----------|-------------|\n| `INSFORGE_ACCESS_TOKEN` | Override stored access token |\n| `INSFORGE_PROJECT_ID` | Override linked project ID |\n| `INSFORGE_EMAIL` | Email for non-interactive login |\n| `INSFORGE_PASSWORD` | Password for non-interactive login |\n\n---\n\n## Commands\n\n### Authentication\n- `insforge login` — OAuth (browser) or `--email` for password login. See [references/login.md](references/login.md)\n- `insforge logout` — clear stored credentials\n- `insforge whoami` — show current user\n\n### Project Management\n- `insforge create` — create new project. See [references/create.md](references/create.md)\n- `insforge link` — link directory to existing project\n- `insforge current` — show current user + linked project\n- `insforge list` — list all orgs and projects\n\n### Database — `insforge db`\n- `insforge db query <sql>` — execute raw SQL. See [references/db-query.md](references/db-query.md)\n- `insforge db tables / indexes / policies / triggers / functions` — inspect schema\n- `insforge db rpc <fn> [--data <json>]` — call database function (GET if no data, POST if data)\n- `insforge db export` — export schema/data. See [references/db-export.md](references/db-export.md)\n- `insforge db import <file>` — import from SQL file. See [references/db-import.md](references/db-import.md)\n\n### Edge Functions — `insforge functions`\n- `insforge functions list` — list deployed functions\n- `insforge functions code <slug>` — view function source\n- `insforge functions deploy <slug>` — deploy or update. See [references/functions-deploy.md](references/functions-deploy.md)\n- `insforge functions invoke <slug> [--data <json>] [--method GET|POST]` — invoke function\n\n### Storage — `insforge storage`\n- `insforge storage buckets` — list buckets\n- `insforge storage create-bucket <name> [--private]` — create bucket (default: public)\n- `insforge storage delete-bucket <name>` — delete bucket and **all its objects** (destructive)\n- `insforge storage list-objects <bucket> [--prefix] [--search] [--limit] [--sort]` — list objects\n- `insforge storage upload <file> --bucket <name> [--key <objectKey>]` — upload file\n- `insforge storage download <objectKey> --bucket <name> [--output <path>]` — download file\n\n### Deployments — `insforge deployments`\n- `insforge deployments deploy [dir]` — deploy frontend app. See [references/deployments-deploy.md](references/deployments-deploy.md)\n- `insforge deployments list` — list deployments\n- `insforge deployments status <id> [--sync]` — get deployment status (--sync fetches from Vercel)\n- `insforge deployments cancel <id>` — cancel running deployment\n\n### Secrets — `insforge secrets`\n- `insforge secrets list [--all]` — list secrets (values hidden; `--all` includes deleted)\n- `insforge secrets get <key>` — get decrypted value\n- `insforge secrets add <key> <value> [--reserved] [--expires <ISO date>]` — create secret\n- `insforge secrets update <key> [--value] [--active] [--reserved] [--expires]` — update secret\n- `insforge secrets delete <key>` — **soft delete** (marks inactive; restore with `--active true`)\n\n### Schedules — `insforge schedules`\n- `insforge schedules list` — list all scheduled tasks (shows ID, name, cron, URL, method, active, next run)\n- `insforge schedules get <id>` — get schedule details\n- `insforge schedules create --name --cron --url --method [--headers <json>] [--body <json>]` — create a cron job (5-field cron format only)\n- `insforge schedules update <id> [--name] [--cron] [--url] [--method] [--headers] [--body] [--active]` — update schedule\n- `insforge schedules delete <id>` — delete schedule (with confirmation)\n- `insforge schedules logs <id> [--limit] [--offset]` — view execution logs\n\n### Logs — `insforge logs`\n- `insforge logs <source> [--limit <n>]` — fetch backend container logs (default: 20 entries)\n\n| Source | Description |\n|--------|-------------|\n| `insforge.logs` | Main backend logs |\n| `postgREST.logs` | PostgREST API layer logs |\n| `postgres.logs` | PostgreSQL database logs |\n| `function.logs` | Edge function execution logs |\n\n> Source names are case-insensitive: `postgrest.logs` works the same as `postgREST.logs`.\n\n### Documentation — `insforge docs`\n- `insforge docs` — list all topics\n- `insforge docs instructions` — setup guide\n- `insforge docs <feature> <language>` — feature docs (`db / storage / functions / auth / ai / realtime` × `typescript / swift / kotlin / rest-api`)\n\n> For writing application code with the InsForge SDK, use the insforge (SDK) skill instead, and use the `insforge docs <feature> <language>` to get specific SDK documentation.\n\n---\n\n## Non-Obvious Behaviors\n\n**Functions invoke URL**: invoked at `{oss_host}/functions/{slug}` — NOT `/api/functions/{slug}`. Exits with code 1 on HTTP 400+.\n\n**Secrets delete is soft**: marks the secret inactive, not destroyed. Restore with `insforge secrets update KEY --active true`. Use `--all` with `secrets list` to see inactive ones.\n\n**Storage delete-bucket is hard**: deletes the bucket and every object inside it permanently.\n\n**db rpc uses GET or POST**: no `--data` → GET; with `--data` → POST.\n\n**Schedules use 5-field cron only**: `minute hour day month day-of-week`. 6-field (with seconds) is NOT supported. Headers can reference secrets with `${{secrets.KEY_NAME}}`.\n\n---\n\n## Common Workflows\n\n### Set up database schema\n\n```bash\ninsforge db query \"CREATE TABLE posts (\n  id UUID DEFAULT gen_random_uuid() PRIMARY KEY,\n  title TEXT NOT NULL,\n  content TEXT,\n  author_id UUID REFERENCES auth.users(id),\n  created_at TIMESTAMPTZ DEFAULT now()\n)\"\ninsforge db query \"ALTER TABLE posts ENABLE ROW LEVEL SECURITY\"\ninsforge db query \"CREATE POLICY \\\"public_read\\\" ON posts FOR SELECT USING (true)\"\ninsforge db query \"CREATE POLICY \\\"owner_write\\\" ON posts FOR INSERT WITH CHECK (auth.uid() = author_id)\"\n```\n\n> FK to users: always `auth.users(id)`. RLS current user: `auth.uid()`.\n\n### Deploy an edge function\n\n```bash\n# Default source path: insforge/functions/{slug}/index.ts\ninsforge functions deploy my-handler\ninsforge functions invoke my-handler --data '{\"action\": \"test\"}'\n```\n\n### Deploy frontend\n\n**Always verify the local build succeeds before deploying.** Local builds are faster to debug and don't waste server resources.\n\n```bash\n# 1. Build locally first\nnpm run build\n\n# 2. Deploy\ninsforge deployments deploy ./dist --env '{\"VITE_API_URL\": \"https://my-app.us-east.insforge.app\"}'\n```\n\n**Environment variable prefix by framework:**\n\n| Framework | Prefix | Example |\n|-----------|--------|---------|\n| Vite | `VITE_` | `VITE_INSFORGE_URL` |\n| Next.js | `NEXT_PUBLIC_` | `NEXT_PUBLIC_INSFORGE_URL` |\n| Create React App | `REACT_APP_` | `REACT_APP_INSFORGE_URL` |\n| Astro | `PUBLIC_` | `PUBLIC_INSFORGE_URL` |\n| SvelteKit | `PUBLIC_` | `PUBLIC_INSFORGE_URL` |\n\n**Pre-deploy checklist:**\n- [ ] `npm run build` succeeds locally\n- [ ] All required env vars configured with correct framework prefix\n- [ ] Edge function directories excluded from frontend build (if applicable)\n- [ ] Never include `node_modules`, `.git`, `.env`, `.insforge`, or build output in the zip\n- [ ] Build output directory matches framework's expected output (`dist/`, `build/`, `.next/`, etc.)\n\n### Backup and restore database\n\n```bash\ninsforge db export --output backup.sql\ninsforge db import backup.sql\n```\n\n### Schedule a cron job\n\n```bash\n# Create a schedule that calls a function every 5 minutes\ninsforge schedules create \\\n  --name \"Cleanup Expired\" \\\n  --cron \"*/5 * * * *\" \\\n  --url \"https://my-app.us-east.insforge.app/functions/cleanup\" \\\n  --method POST \\\n  --headers '{\"Authorization\": \"Bearer ${{secrets.API_TOKEN}}\"}'\n\n# Check execution history\ninsforge schedules logs <id>\n```\n\n#### Cron Expression Format\n\nInsForge uses **5-field cron expressions** (pg_cron format). 6-field expressions with seconds are NOT supported.\n\n```\n┌─────────────── minute (0-59)\n│ ┌───────────── hour (0-23)\n│ │ ┌─────────── day of month (1-31)\n│ │ │ ┌───────── month (1-12)\n│ │ │ │ ┌─────── day of week (0-6, Sunday=0)\n│ │ │ │ │\n* * * * *\n```\n\n| Expression | Description |\n|------------|-------------|\n| `* * * * *` | Every minute |\n| `*/5 * * * *` | Every 5 minutes |\n| `0 * * * *` | Every hour (at minute 0) |\n| `0 9 * * *` | Daily at 9:00 AM |\n| `0 9 * * 1` | Every Monday at 9:00 AM |\n| `0 0 1 * *` | First day of every month at midnight |\n| `30 14 * * 1-5` | Weekdays at 2:30 PM |\n\n#### Secret References in Headers\n\nHeaders can reference secrets stored in InsForge using the syntax `${{secrets.KEY_NAME}}`.\n\n```json\n{\n  \"headers\": {\n    \"Authorization\": \"Bearer ${{secrets.API_TOKEN}}\",\n    \"X-API-Key\": \"${{secrets.EXTERNAL_API_KEY}}\"\n  }\n}\n```\n\nSecrets are resolved at schedule creation/update time. If a referenced secret doesn't exist, the operation fails with a 404 error.\n\n#### Best Practices\n\n1. **Use 5-field cron expressions only**\n   - pg_cron does not support seconds (6-field format)\n   - Example: `*/5 * * * *` for every 5 minutes\n\n2. **Store sensitive values as secrets**\n   - Use `${{secrets.KEY_NAME}}` in headers for API keys and tokens\n   - Create secrets first via the secrets API before referencing them\n\n3. **Target InsForge functions for serverless tasks**\n   - Use the function URL format: `https://your-project.region.insforge.app/functions/{slug}`\n   - Ensure the target function exists and has `status: \"active\"`\n\n4. **Monitor execution logs**\n   - Check logs regularly to ensure schedules are running successfully\n   - Look for non-200 status codes and failed executions\n\n#### Common Mistakes\n\n| Mistake | Solution |\n|---------|----------|\n| Using 6-field cron (with seconds) | Use 5-field format only: `minute hour day month day-of-week` |\n| Referencing non-existent secret | Create the secret first via secrets API |\n| Targeting non-existent function | Verify function exists and is `active` before scheduling |\n| Schedule not running | Check `isActive` is `true` and cron expression is valid |\n\n#### Recommended Workflow\n\n```\n1. Create secrets if needed     -> `insforge secrets add KEY VALUE`\n2. Create/verify target function -> `insforge functions list`\n3. Create schedule              -> `insforge schedules create`\n4. Verify schedule is active    -> `insforge schedules get <id>`\n5. Monitor execution logs       -> `insforge schedules logs <id>`\n```\n\n### Debug with logs\n\n```bash\ninsforge logs function.logs          # function execution issues\ninsforge logs postgres.logs          # database query problems\ninsforge logs insforge.logs          # API / auth errors\ninsforge logs postgrest.logs --limit 50\n```\n\n#### Best Practices\n\n1. **Start with function.logs for function issues**\n   - Check execution errors, timeouts, and runtime exceptions\n\n2. **Use postgres.logs for query problems**\n   - Debug slow queries, constraint violations, connection issues\n\n3. **Check insforge.logs for API errors**\n   - Authentication failures, request validation, general backend errors\n\n#### Common Debugging Scenarios\n\n| Problem | Check |\n|---------|-------|\n| Function not working | `function.logs` |\n| Database query failing | `postgres.logs`, `postgREST.logs` |\n| Auth issues | `insforge.logs` |\n| API returning 500 errors | `insforge.logs`, `postgREST.logs` |\n\n### Non-interactive CI/CD\n\n```bash\nINSFORGE_EMAIL=$EMAIL INSFORGE_PASSWORD=$PASSWORD insforge login --email -y\ninsforge link --project-id $PROJECT_ID --org-id $ORG_ID -y\ninsforge db query \"SELECT count(*) FROM users\" --json\n```\n\n---\n\n## Project Configuration\n\nAfter `create` or `link`, `.insforge/project.json` is created:\n\n```json\n{\n  \"project_id\": \"...\",\n  \"appkey\": \"...\",\n  \"region\": \"us-east\",\n  \"api_key\": \"ik_...\",\n  \"oss_host\": \"https://{appkey}.{region}.insforge.app\"\n}\n```\n\n`oss_host` is the base URL for all SDK and API operations. `api_key` is the admin key for backend API calls.\n\n> **Never commit this file to version control or share it publicly**.\n> Do not edit this file manually. Use `insforge link` to switch projects.\n","topics":["Database","Sdk"],"tags":{"latest":"1.0.0"},"stats":{"comments":0,"downloads":796,"installsAllTime":30,"installsCurrent":0,"stars":1,"versions":1},"createdAt":1772499362085,"updatedAt":1779077593468},"latestVersion":{"version":"1.0.0","createdAt":1772499362085,"changelog":"Initial release of insforge-cli, a command-line tool for managing InsForge Backend-as-a-Service projects.\n\n- Provides authentication, project setup/link, and user/project status commands.\n- Manages databases (queries, RPC, schema inspection, import/export), edge functions (deploy, invoke), and storage (buckets, file upload/download).\n- Handles deployments, secrets management (soft delete, expired, reserved), and scheduled tasks (cron jobs).\n- Includes built-in logs fetching for backend/services and project documentation lookup.\n- Supports per-command structure, environment variable overrides, and workflow best practices in documentation.","license":null},"metadata":null,"owner":{"handle":"tonychang04","userId":"s1790d8atpn3yarnp4rjgdbv4d8854gx","displayName":"Tony Chang","image":"https://avatars.githubusercontent.com/u/26497075?v=4"},"moderation":{"isSuspicious":false,"isMalwareBlocked":false,"verdict":"clean","reasonCodes":["review.llm_review"],"summary":"Review: review.llm_review","engineVersion":"v2.4.24","updatedAt":1780089741795}}