Managing Heroku

Phase 2: Analysis

#!/bin/bash
TOKEN="${HEROKU_API_KEY}"
BASE="https://api.heroku.com"
AUTH=(-H "Authorization: Bearer ${TOKEN}" -H "Accept: application/vnd.heroku+json; version=3")

echo "=== Recent Releases ==="
for APP in $(curl -s "${BASE}/apps" "${AUTH[@]}" | jq -r '.[].name'); do
  curl -s "${BASE}/apps/${APP}/releases?range=version;order=desc" "${AUTH[@]}" \
    | jq -r ".[:3][] | \"${APP}\tv\(.version)\t\(.status)\t\(.description[0:50])\t\(.created_at)\"" 2>/dev/null
done | column -t | head -20

echo ""
echo "=== Dyno Health ==="
for APP in $(curl -s "${BASE}/apps" "${AUTH[@]}" | jq -r '.[].name'); do
  curl -s "${BASE}/apps/${APP}/dynos" "${AUTH[@]}" \
    | jq -r ".[] | \"${APP}\t\(.name)\t\(.state)\t\(.type)\t\(.size)\t\(.updated_at)\"" 2>/dev/null
done | column -t | head -20

echo ""
echo "=== Config Vars (count only) ==="
for APP in $(curl -s "${BASE}/apps" "${AUTH[@]}" | jq -r '.[].name'); do
  COUNT=$(curl -s "${BASE}/apps/${APP}/config-vars" "${AUTH[@]}" | jq 'keys | length' 2>/dev/null)
  echo "${APP}: ${COUNT:-0} config vars"
done

echo ""
echo "=== Log Drains ==="
for APP in $(curl -s "${BASE}/apps" "${AUTH[@]}" | jq -r '.[].name'); do
  curl -s "${BASE}/apps/${APP}/log-drains" "${AUTH[@]}" \
    | jq -r ".[] | \"${APP}\t\(.url[0:50])\t\(.addon.name // \"custom\")\"" 2>/dev/null
done | column -t

echo ""
echo "=== SSL Certificates ==="
for APP in $(curl -s "${BASE}/apps" "${AUTH[@]}" | jq -r '.[].name'); do
  curl -s "${BASE}/apps/${APP}/sni-endpoints" "${AUTH[@]}" \
    | jq -r ".[] | \"${APP}\t\(.name)\t\(.ssl_cert.cert_domains | join(\",\"))\t\(.ssl_cert.expires_at)\"" 2>/dev/null
done | column -t

echo ""
echo "=== Stack & Buildpack Info ==="
for APP in $(curl -s "${BASE}/apps" "${AUTH[@]}" | jq -r '.[].name'); do
  BUILDPACKS=$(curl -s "${BASE}/apps/${APP}/buildpack-installations" "${AUTH[@]}" | jq -r '.[].buildpack.name // .[].buildpack.url' 2>/dev/null | tr '\n' ',')
  STACK=$(curl -s "${BASE}/apps/${APP}" "${AUTH[@]}" | jq -r '.stack.name' 2>/dev/null)
  echo "${APP}: stack=${STACK} buildpacks=${BUILDPACKS}"
done

Output Format

HEROKU ANALYSIS
================
App              Region  Stack     Dynos        Add-ons  Domains  Last Release
──────────────────────────────────────────────────────────────────────────────
my-app           us      heroku-24 web:2xStd1x  3        2        2h ago v145
worker-app       eu      heroku-22 worker:1xPrf 1        0        1d ago v89
api-gateway      us      heroku-24 web:3xStd2x  5        3        30m ago v210

Dynos: 6 running | Add-ons: 9 total | Config Vars: 45 across 3 apps
Drains: 2 configured | SSL: 3 certs (1 expiring in 30d)

Safety Rules

• Read-only: Only use GET endpoints against the Heroku API
• Never scale dynos, restart, or modify config vars without confirmation
• Config vars: Never output config variable values, only counts
• Rate limits: Heroku API allows 4500 requests per hour per token

Anti-Hallucination Rules

1. NEVER assume resource names — always discover via CLI/API in Phase 1 before referencing in Phase 2.
2. NEVER fabricate metric names or dimensions — verify against the service documentation or --help output.
3. NEVER mix CLI commands between service versions — confirm which version/API you are targeting.
4. ALWAYS use the discovery → verify → analyze chain — every resource referenced must have been discovered first.
5. ALWAYS handle empty results gracefully — an empty response is valid data, not an error to retry.

Counter-Rationalizations