feat(cli,sdk,manifests): credential name resolution + platform ingress NetworkPolicy

.gitignore

@@ -138,6 +138,7 @@ scripts/feedback-loop/.last-run
 **/minio-credentials-secret.yaml
 **/postgresql-credentials-secret.yaml
 **/unleash-credentials-secret.yaml
+.secrets/
 
 # One-off analysis and experiments
 repomix-analysis/

components/ambient-cli/cmd/acpctl/apply/cmd.go

@@ -243,7 +243,7 @@ func applyProject(ctx context.Context, client *sdkclient.Client, doc resource) (
 }
 
 func applyCredential(ctx context.Context, client *sdkclient.Client, doc resource) (applyResult, error) {
-	existing, err := client.Credentials().Get(ctx, doc.Name)
+	existing, err := client.Credentials().FindByName(ctx, doc.Name)
 	if err != nil {
 		token := os.ExpandEnv(doc.Token)
 		builder := sdktypes.NewCredentialBuilder().
@@ -271,7 +271,7 @@ func applyCredential(ctx context.Context, client *sdkclient.Client, doc resource
 		if buildErr != nil {
 			return applyResult{}, buildErr
 		}
-		if _, createErr := client.Credentials().Create(ctx, cred); createErr != nil {
+		if _, createErr := client.Credentials().CreateCompat(ctx, cred); createErr != nil {
 			return applyResult{}, createErr
 		}
 		return applyResult{Kind: "Credential", Name: doc.Name, Status: "created"}, nil

components/ambient-cli/cmd/acpctl/credential/cmd.go

@@ -9,6 +9,7 @@ import (
 	"github.com/ambient-code/platform/components/ambient-cli/pkg/config"
 	"github.com/ambient-code/platform/components/ambient-cli/pkg/connection"
 	"github.com/ambient-code/platform/components/ambient-cli/pkg/output"
+	sdkclient "github.com/ambient-code/platform/components/ambient-sdk/go-sdk/client"
 	sdktypes "github.com/ambient-code/platform/components/ambient-sdk/go-sdk/types"
 	"github.com/spf13/cobra"
 )
@@ -103,7 +104,11 @@ var getCmd = &cobra.Command{
 		ctx, cancel := context.WithTimeout(context.Background(), cfg.GetRequestTimeout())
 		defer cancel()
 
-		credential, err := client.Credentials().Get(ctx, args[0])
+		credID, err := resolveCredentialID(ctx, client, args[0])
+		if err != nil {
+			return err
+		}
+		credential, err := client.Credentials().Get(ctx, credID)
 		if err != nil {
 			return fmt.Errorf("get credential %q: %w", args[0], err)
 		}
@@ -187,7 +192,7 @@ var createCmd = &cobra.Command{
 			return fmt.Errorf("build credential: %w", err)
 		}
 
-		created, err := client.Credentials().Create(ctx, cred)
+		created, err := client.Credentials().CreateCompat(ctx, cred)
 		if err != nil {
 			return fmt.Errorf("create credential: %w", err)
 		}
@@ -259,7 +264,11 @@ var updateCmd = &cobra.Command{
 			patch = patch.Annotations(updateArgs.annotations)
 		}
 
-		updated, err := client.Credentials().Update(ctx, args[0], patch.Build())
+		credID, err := resolveCredentialID(ctx, client, args[0])
+		if err != nil {
+			return err
+		}
+		updated, err := client.Credentials().Update(ctx, credID, patch.Build())
 		if err != nil {
 			return fmt.Errorf("update credential: %w", err)
 		}
@@ -296,7 +305,11 @@ var deleteCmd = &cobra.Command{
 		ctx, cancel := context.WithTimeout(context.Background(), cfg.GetRequestTimeout())
 		defer cancel()
 
-		if err := client.Credentials().Delete(ctx, args[0]); err != nil {
+		credID, err := resolveCredentialID(ctx, client, args[0])
+		if err != nil {
+			return err
+		}
+		if err := client.Credentials().Delete(ctx, credID); err != nil {
 			return fmt.Errorf("delete credential: %w", err)
 		}
 
@@ -329,7 +342,11 @@ var tokenCmd = &cobra.Command{
 		ctx, cancel := context.WithTimeout(context.Background(), cfg.GetRequestTimeout())
 		defer cancel()
 
-		resp, err := client.Credentials().GetToken(ctx, args[0])
+		credID, err := resolveCredentialID(ctx, client, args[0])
+		if err != nil {
+			return err
+		}
+		resp, err := client.Credentials().GetToken(ctx, credID)
 		if err != nil {
 			return fmt.Errorf("get token for credential %q: %w", args[0], err)
 		}
@@ -451,6 +468,18 @@ func init() {
 	bindCmd.Flags().StringVar(&bindArgs.project, "project", "", "Project to bind the credential to (required)")
 }
 
+func resolveCredentialID(ctx context.Context, client *sdkclient.Client, nameOrID string) (string, error) {
+	cred, err := client.Credentials().Get(ctx, nameOrID)
+	if err == nil {
+		return cred.ID, nil
+	}
+	cred, err = client.Credentials().FindByName(ctx, nameOrID)
+	if err != nil {
+		return "", fmt.Errorf("credential %q not found by ID or name", nameOrID)
+	}
+	return cred.ID, nil
+}
+
 func printCredentialTable(printer *output.Printer, credentials []sdktypes.Credential) error {
 	columns := []output.Column{
 		{Name: "ID", Width: 27},

components/ambient-cli/cmd/acpctl/delete/cmd.go

@@ -132,7 +132,11 @@ func run(cmd *cobra.Command, cmdArgs []string) error {
 		return nil
 
 	case "credential", "credentials", "cred", "creds":
-		if err := client.Credentials().Delete(ctx, name); err != nil {
+		deleteID := name
+		if cred, findErr := client.Credentials().FindByName(ctx, name); findErr == nil {
+			deleteID = cred.ID
+		}
+		if err := client.Credentials().Delete(ctx, deleteID); err != nil {
 			return fmt.Errorf("delete credential %q: %w", name, err)
 		}
 		fmt.Fprintf(cmd.OutOrStdout(), "credential/%s deleted\n", name)

components/ambient-cli/cmd/acpctl/describe/cmd.go

@@ -102,7 +102,10 @@ func run(cmd *cobra.Command, cmdArgs []string) error {
 	case "credential", "credentials", "cred", "creds":
 		cred, err := client.Credentials().Get(ctx, name)
 		if err != nil {
-			return fmt.Errorf("describe credential %q: %w", name, err)
+			cred, err = client.Credentials().FindByName(ctx, name)
+			if err != nil {
+				return fmt.Errorf("describe credential %q: %w", name, err)
+			}
 		}
 		return printer.PrintJSON(cred)
 

components/ambient-cli/cmd/acpctl/get/cmd.go

@@ -472,7 +472,10 @@ func getCredentials(ctx context.Context, client *sdkclient.Client, printer *outp
 	if name != "" {
 		cred, err := client.Credentials().Get(ctx, name)
 		if err != nil {
-			return fmt.Errorf("get credential %q: %w", name, err)
+			cred, err = client.Credentials().FindByName(ctx, name)
+			if err != nil {
+				return fmt.Errorf("get credential %q: %w", name, err)
+			}
 		}
 		if printer.Format() == output.FormatJSON {
 			return printer.PrintJSON(cred)