chore: promote dev→uat (GRO-1764 coat_type fix)

chore: trigger CI for GRO-1757 + GRO-1764
Co-Authored-By: Paperclip <noreply@paperclip.ing>
2026-05-26 00:35:25 +00:00 · 2026-05-26 00:08:02 +00:00 · 2026-05-25 23:54:49 +00:00 · 2026-05-25 23:54:36 +00:00 · 2026-05-25 23:52:53 +00:00 · 2026-05-25 23:48:09 +00:00
13 changed files with 226 additions and 11 deletions
@@ -0,0 +1 @@
+GRO-1757+GRO-1764 CI trigger 2026-05-26
@@ -78,6 +78,8 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: network=host

      - name: Log in to Gitea Container Registry
        uses: docker/login-action@v3
@@ -89,10 +91,12 @@ jobs:
      - name: Build and push API image
        uses: docker/build-push-action@v6
        with:
+          provenance: false
          context: .
          file: Dockerfile
          target: runner
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/api:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/api:latest' || '' }}
@@ -102,10 +106,12 @@ jobs:
      - name: Build and push Migrate image
        uses: docker/build-push-action@v6
        with:
+          provenance: false
          context: .
          file: Dockerfile
          target: migrate
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/migrate:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/migrate:latest' || '' }}
@@ -115,10 +121,12 @@ jobs:
      - name: Build and push Seed image
        uses: docker/build-push-action@v6
        with:
+          provenance: false
          context: .
          file: Dockerfile
          target: seed
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/seed:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/seed:latest' || '' }}
@@ -128,10 +136,12 @@ jobs:
      - name: Build and push Reset image
        uses: docker/build-push-action@v6
        with:
+          provenance: false
          context: .
          file: Dockerfile
          target: reset
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/reset:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/reset:latest' || '' }}
@@ -48,6 +48,26 @@ GroomBook API is a Hono-based REST service (TypeScript/Node.js) powering the pet
 | TC-API-1.15 | Name fallback — no name, no email | Auto-provision where Better-Auth user has name = null, email = null | Staff name = "Unknown" |
 | TC-API-1.16 | OIDC login — Terraform-provisioned user | Initiate OIDC login as any UAT persona (uat-super, uat-groomer, uat-customer, uat-tester), complete authentik callback | 200 OK, session created — no account_not_linked error |

+#### SSO Login Journey (Authentik OIDC end-to-end)
+
+| # | Scenario | Steps | Pass Criteria | Fail Criteria |
+|---|----------|-------|---------------|---------------|
+| TC-API-1.17 | SSO redirect to Authentik | Navigate to app → sign-in page shown → click "Sign in with SSO" | Redirected to Authentik at auth.farh.net | 403 error, redirect loop, no SSO button |
+| TC-API-1.18 | Authenticate with valid OIDC credentials | At Authentik login page, enter valid credentials and authenticate | Redirected back to app with valid session | Redirect loop, 403, missing session cookie |
+| TC-API-1.19 | SSO user auto-provisioned as groomer | Complete SSO login as a user with no pre-existing staff record | 200 response; groomer staff record auto-created; session active | 403 Forbidden, staff record not created |
+| TC-API-1.20 | Existing staff record resolves correctly | Complete SSO login as uat-groomer (pre-existing staff) | 200 OK, correct staff identity resolved, no duplicate record created | 403, duplicate record, wrong staff data |
+| TC-API-1.21 | SSO session grants dashboard access | After TC-API-1.18 SSO login, GET /api/staff/me | 200 OK, valid staff record returned, correct role displayed | 401/403, missing session, wrong identity |
+
+#### OOBE Flow Post-Login
+
+| # | Scenario | Steps | Pass Criteria | Fail Criteria |
+|---|----------|-------|---------------|---------------|
+| TC-API-1.22 | Fresh DB reports needsSetup | On a fresh DB (no super user), GET /api/setup/status | needsSetup: true returned | needsSetup: false when it should be true |
+| TC-API-1.23 | Configure OIDC via auth-provider endpoint | POST /api/setup/auth-provider with valid OIDC config | 200 OK, auth provider configured, no 403 | 403, setup blocked, invalid config rejected |
+| TC-API-1.24 | Complete setup creates super user | POST /api/setup with business name (after TC-API-1.23) | First user becomes super user, setup completes | Setup errors, 403 on admin endpoints |
+| TC-API-1.25 | Super user accesses admin features | After TC-API-1.24, GET /api/staff/me and verify isSuperUser: true | isSuperUser: true, admin endpoints accessible | 403 on admin, isSuperUser: false |
+| TC-API-1.26 | Auto-provision skipped during OOBE | During fresh setup (needsSetup: true), complete OIDC login — verify no duplicate staff record created before setup completes | No duplicate staff, OOBE completes successfully | Duplicate staff record, 403 before setup, auto-provision interferes with OOBE |
+
 ### 4.2 Client Management

 | # | Scenario | Steps | Expected |
@@ -36,6 +36,19 @@ const DEMO_PET = {
  weightKg: "30.00",
 };

+const UAT_CLIENT = {
+  name: "UAT Customer",
+  email: "uat-customer@groombook.dev",
+  phone: "555-0100",
+  address: "1 UAT Lane, Test City, CA 90210",
+  status: "active" as const,
+};
+
+const UAT_PETS = [
+  { name: "Bella", species: "Dog", breed: "Poodle", coatType: "curly" as const, weightKg: "20.00" },
+  { name: "Max", species: "Dog", breed: "Labrador Retriever", coatType: "smooth" as const, weightKg: "30.00" },
+];
+
 const DEMO_SERVICES = [
  { id: "b0000001-0000-0000-0000-000000000001", name: "Bath & Brush", description: "Full bath, blow-dry, brush out, and ear cleaning", basePriceCents: 4500, durationMinutes: 45 },
  { id: "b0000001-0000-0000-0000-000000000002", name: "Full Groom — Small", description: "Complete grooming for dogs under 25 lbs", basePriceCents: 6500, durationMinutes: 60 },
@@ -43,7 +56,7 @@ const DEMO_SERVICES = [
  { id: "b0000001-0000-0000-0000-000000000004", name: "Nail Trim", description: "Nail clipping and filing", basePriceCents: 1500, durationMinutes: 15 },
 ];

-adminSeedRouter.post("/seed", async (c) => {
+adminSeedRouter.post("/", async (c) => {
  // Refuse to run when AUTH_DISABLED — dev environments use direct-DB seeding
  if (process.env.AUTH_DISABLED === "true") {
    return c.json(
@@ -128,6 +141,51 @@ adminSeedRouter.post("/seed", async (c) => {
    results.push(`Created pet '${DEMO_PET.name}' for Demo Client (id: ${created!.id})`);
  }

+  // ── Client: UAT Customer ──────────────────────────────────────────────────
+  const [existingUatClient] = await db
+    .select()
+    .from(clients)
+    .where(eq(clients.email, UAT_CLIENT.email));
+
+  let uatClientId: string;
+  if (existingUatClient) {
+    uatClientId = existingUatClient.id;
+    results.push(`Client '${UAT_CLIENT.name}' already exists (id: ${uatClientId})`);
+  } else {
+    const [created] = await db.insert(clients).values(UAT_CLIENT).returning();
+    uatClientId = created!.id;
+    results.push(`Created client '${UAT_CLIENT.name}' (id: ${uatClientId})`);
+  }
+
+  // ── Pets: UAT Customer's Pets ─────────────────────────────────────────────
+  const existingUatPets = await db
+    .select()
+    .from(pets)
+    .where(eq(pets.clientId, uatClientId));
+
+  for (const uatPet of UAT_PETS) {
+    const existingPet = existingUatPets.find(
+      (p) => p.name === uatPet.name && p.species === uatPet.species
+    );
+    if (existingPet) {
+      results.push(`Pet '${uatPet.name}' already exists for UAT Customer (id: ${existingPet.id})`);
+    } else {
+      const [created] = await db
+        .insert(pets)
+        .values({
+          clientId: uatClientId,
+          name: uatPet.name,
+          species: uatPet.species,
+          breed: uatPet.breed,
+          coatType: uatPet.coatType,
+          weightKg: uatPet.weightKg,
+          dateOfBirth: new Date("2019-01-01T00:00:00Z"),
+        })
+        .returning();
+      results.push(`Created pet '${uatPet.name}' for UAT Customer (id: ${created!.id})`);
+    }
+  }
+
  return c.json({
    message: "Seed complete",
    details: results,
@@ -136,4 +194,4 @@ adminSeedRouter.post("/seed", async (c) => {
      staffOidcSub: KNOWN_STAFF.oidcSub,
    },
  });
-});
+});
@@ -105,6 +105,10 @@ export function buildPet(overrides: Partial<PetRow> & { clientId: string }): Pet
    photoKey: null,
    photoUploadedAt: null,
    image: null,
+    temperamentScore: null,
+    temperamentFlags: [],
+    medicalAlerts: [],
+    preferredCuts: [],
    createdAt: new Date("2025-01-01T00:00:00Z"),
    updatedAt: new Date("2025-01-01T00:00:00Z"),
  };
@@ -12,7 +12,7 @@ export function getDb() {
  if (_db) return _db;
  const url = process.env.DATABASE_URL;
  if (!url) throw new Error("DATABASE_URL is not set");
-  const client = postgres(url, { max: 10 });
+  const client = postgres(url, { max: 10, connect_timeout: 5 });
  _db = drizzle(client, { schema });
  return _db;
 }
@@ -11,6 +11,7 @@ import {
  unique,
  uuid,
 } from "drizzle-orm/pg-core";
+import type { MedicalAlert } from "@groombook/types";

 // ─── Enums ────────────────────────────────────────────────────────────────────

@@ -164,6 +165,10 @@ export const pets = pgTable(
    specialCareNotes: text("special_care_notes"),
    coatType: coatTypeEnum("coat_type"),
    petSizeCategory: petSizeCategoryEnum("pet_size_category"),
+    temperamentScore: integer("temperament_score"),
+    temperamentFlags: jsonb("temperament_flags").$type<string[]>().default([]),
+    medicalAlerts: jsonb("medical_alerts").$type<MedicalAlert[]>().default([]),
+    preferredCuts: jsonb("preferred_cuts").$type<string[]>().default([]),
    customFields: jsonb("custom_fields").$type<Record<string, string>>().notNull().default({}),
    photoKey: text("photo_key"),
    photoUploadedAt: timestamp("photo_uploaded_at"),
@@ -970,66 +970,79 @@ packages:
    resolution: {integrity: sha512-DV6fJoxEYWJOvaZIsok7KrYl0tPvga5OZ2yvKHNNYyk/2roMLqQAbGhr78EQ5YhHpnhLKJD3S1WFusAkmUuV5g==}
    cpu: [arm]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-arm-musleabihf@4.60.3':
    resolution: {integrity: sha512-mQKoJAzvuOs6F+TZybQO4GOTSMUu7v0WdxEk24krQ/uUxXoPTtHjuaUuPmFhtBcM4K0ons8nrE3JyhTuCFtT/w==}
    cpu: [arm]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-arm64-gnu@4.60.3':
    resolution: {integrity: sha512-Whjj2qoiJ6+OOJMGptTYazaJvjOJm+iKHpXQM1P3LzGjt7Ff++Tp7nH4N8J/BUA7R9IHfDyx4DJIflifwnbmIA==}
    cpu: [arm64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-arm64-musl@4.60.3':
    resolution: {integrity: sha512-4YTNHKqGng5+yiZt3mg77nmyuCfmNfX4fPmyUapBcIk+BdwSwmCWGXOUxhXbBEkFHtoN5boLj/5NON+u5QC9tg==}
    cpu: [arm64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-loong64-gnu@4.60.3':
    resolution: {integrity: sha512-SU3kNlhkpI4UqlUc2VXPGK9o886ZsSeGfMAX2ba2b8DKmMXq4AL7KUrkSWVbb7koVqx41Yczx6dx5PNargIrEA==}
    cpu: [loong64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-loong64-musl@4.60.3':
    resolution: {integrity: sha512-6lDLl5h4TXpB1mTf2rQWnAk/LcXrx9vBfu/DT5TIPhvMhRWaZ5MxkIc8u4lJAmBo6klTe1ywXIUHFjylW505sg==}
    cpu: [loong64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-ppc64-gnu@4.60.3':
    resolution: {integrity: sha512-BMo8bOw8evlup/8G+cj5xWtPyp93xPdyoSN16Zy90Q2QZ0ZYRhCt6ZJSwbrRzG9HApFabjwj2p25TUPDWrhzqQ==}
    cpu: [ppc64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-ppc64-musl@4.60.3':
    resolution: {integrity: sha512-E0L8X1dZN1/Rph+5VPF6Xj2G7JJvMACVXtamTJIDrVI44Y3K+G8gQaMEAavbqCGTa16InptiVrX6eM6pmJ+7qA==}
    cpu: [ppc64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-riscv64-gnu@4.60.3':
    resolution: {integrity: sha512-oZJ/WHaVfHUiRAtmTAeo3DcevNsVvH8mbvodjZy7D5QKvCefO371SiKRpxoDcCxB3PTRTLayWBkvmDQKTcX/sw==}
    cpu: [riscv64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-riscv64-musl@4.60.3':
    resolution: {integrity: sha512-Dhbyh7j9FybM3YaTgaHmVALwA8AkUwTPccyCQ79TG9AJUsMQqgN1DDEZNr4+QUfwiWvLDumW5vdwzoeUF+TNxQ==}
    cpu: [riscv64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-linux-s390x-gnu@4.60.3':
    resolution: {integrity: sha512-cJd1X5XhHHlltkaypz1UcWLA8AcoIi1aWhsvaWDskD1oz2eKCypnqvTQ8ykMNI0RSmm7NkTdSqSSD7zM0xa6Ig==}
    cpu: [s390x]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-x64-gnu@4.60.3':
    resolution: {integrity: sha512-DAZDBHQfG2oQuhY7mc6I3/qB4LU2fQCjRvxbDwd/Jdvb9fypP4IJ4qmtu6lNjes6B531AI8cg1aKC2di97bUxA==}
    cpu: [x64]
    os: [linux]
+    libc: [glibc]

  '@rollup/rollup-linux-x64-musl@4.60.3':
    resolution: {integrity: sha512-cRxsE8c13mZOh3vP+wLDxpQBRrOHDIGOWyDL93Sy0Ga8y515fBcC2pjUfFwUe5T7tqvTvWbCpg1URM/AXdWIXA==}
    cpu: [x64]
    os: [linux]
+    libc: [musl]

  '@rollup/rollup-openbsd-x64@4.60.3':
    resolution: {integrity: sha512-QaWcIgRxqEdQdhJqW4DJctsH6HCmo5vHxY0krHSX4jMtOqfzC+dqDGuHM87bu4H8JBeibWx7jFz+h6/4C8wA5Q==}
@@ -285,14 +285,16 @@ startReminderScheduler();

 function shutdown() {
  console.log("Shutting down gracefully...");
+  // SIGTERM/SIGINT → server.close() → callback → process.exit(0)
+  // If graceful close takes >8s, force-exit to avoid being killed undrained
+  setTimeout(() => {
+    console.error("Graceful close timeout — forcing exit");
+    process.exit(1);
+  }, 8_000);
  server.close(() => {
    console.log("HTTP server closed");
    process.exit(0);
  });
-  setTimeout(() => {
-    console.error("Forced shutdown after timeout");
-    process.exit(1);
-  }, 10_000);
 }

 process.on("SIGTERM", shutdown);
@@ -186,7 +186,9 @@ export async function initAuth(): Promise<void> {
    const discoveryUrlStr = `${providerConfig.issuerUrl}/.well-known/openid-configuration`;
    let oidcConfig: Record<string, string> = {};
    try {
-      const discoveryRes = await fetch(discoveryUrlStr);
+      const discoveryRes = await fetch(discoveryUrlStr, {
+        signal: AbortSignal.timeout(5000),
+      });
      if (discoveryRes.ok) {
        const discovery = await discoveryRes.json() as {
          authorization_endpoint?: string;
@@ -23,7 +23,7 @@ if (process.env.AUTH_DISABLED === "true") {
 }

 export const authMiddleware: MiddlewareHandler = async (c, next) => {
-  if (c.req.path.startsWith("/api/auth/")) {
+  if (c.req.path.startsWith("/api/auth/") || c.req.path === "/api/health") {
    await next();
    return;
  }
@@ -1,5 +1,5 @@
 import type { MiddlewareHandler } from "hono";
-import { and, eq, getDb, sql, staff } from "@groombook/db";
+import { and, eq, getDb, sql, staff, account } from "@groombook/db";

 export type StaffRole = "groomer" | "receptionist" | "manager";
 export type StaffRow = typeof staff.$inferSelect;
@@ -110,6 +110,48 @@ export const resolveStaffMiddleware: MiddlewareHandler<AppEnv> = async (
      return;
    }
  }
+
+  // Auto-provision for OIDC users: check if jwt.sub has an OAuth/OIDC account
+  // (e.g. authentik). If so, create a groomer staff record on the fly.
+  if (jwt.email) {
+    const [oidcAccount] = await db
+      .select({ id: account.id })
+      .from(account)
+      .where(
+        and(
+          eq(account.userId, jwt.sub),
+          sql`${account.providerId} IN ('authentik', 'google', 'github')`
+        )
+      )
+      .limit(1);
+
+    if (oidcAccount) {
+      // Derive name: prefer jwt.name, fall back to email prefix, then "Unknown"
+      const name =
+        jwt.name?.trim() ||
+        (jwt.email ? jwt.email.split("@")[0] : "Unknown");
+
+      const [newStaff] = await db
+        .insert(staff)
+        .values({
+          userId: jwt.sub,
+          email: jwt.email ?? "",
+          name,
+          role: "groomer",
+          isSuperUser: false,
+          active: true,
+        })
+        .returning();
+
+      console.log(
+        `[rbac] auto-provisioned staff record for OIDC user: ${jwt.sub} -> staff:${newStaff.id} (${name})`
+      );
+      c.set("staff", newStaff);
+      await next();
+      return;
+    }
+  }
+
  return c.json(
    { error: "Forbidden: no staff record found for authenticated user" },
    403
@@ -36,6 +36,19 @@ const DEMO_PET = {
  weightKg: "30.00",
 };

+const UAT_CLIENT = {
+  name: "UAT Customer",
+  email: "uat-customer@groombook.dev",
+  phone: "555-0100",
+  address: "1 UAT Lane, Test City, CA 90210",
+  status: "active" as const,
+};
+
+const UAT_PETS = [
+  { name: "Bella", species: "Dog", breed: "Poodle", coatType: "curly", weightKg: "20.00" },
+  { name: "Max", species: "Dog", breed: "Labrador Retriever", coatType: "smooth", weightKg: "30.00" },
+];
+
 const DEMO_SERVICES = [
  { id: "b0000001-0000-0000-0000-000000000001", name: "Bath & Brush", description: "Full bath, blow-dry, brush out, and ear cleaning", basePriceCents: 4500, durationMinutes: 45 },
  { id: "b0000001-0000-0000-0000-000000000002", name: "Full Groom — Small", description: "Complete grooming for dogs under 25 lbs", basePriceCents: 6500, durationMinutes: 60 },
@@ -43,7 +56,7 @@ const DEMO_SERVICES = [
  { id: "b0000001-0000-0000-0000-000000000004", name: "Nail Trim", description: "Nail clipping and filing", basePriceCents: 1500, durationMinutes: 15 },
 ];

-adminSeedRouter.post("/seed", async (c) => {
+adminSeedRouter.post("/", async (c) => {
  // Refuse to run when AUTH_DISABLED — dev environments use direct-DB seeding
  if (process.env.AUTH_DISABLED === "true") {
    return c.json(
@@ -128,6 +141,51 @@ adminSeedRouter.post("/seed", async (c) => {
    results.push(`Created pet '${DEMO_PET.name}' for Demo Client (id: ${created!.id})`);
  }

+  // ── Client: UAT Customer ──────────────────────────────────────────────────
+  const [existingUatClient] = await db
+    .select()
+    .from(clients)
+    .where(eq(clients.email, UAT_CLIENT.email));
+
+  let uatClientId: string;
+  if (existingUatClient) {
+    uatClientId = existingUatClient.id;
+    results.push(`Client '${UAT_CLIENT.name}' already exists (id: ${uatClientId})`);
+  } else {
+    const [created] = await db.insert(clients).values(UAT_CLIENT).returning();
+    uatClientId = created!.id;
+    results.push(`Created client '${UAT_CLIENT.name}' (id: ${uatClientId})`);
+  }
+
+  // ── Pets: UAT Customer's Pets ─────────────────────────────────────────────
+  const existingUatPets = await db
+    .select()
+    .from(pets)
+    .where(eq(pets.clientId, uatClientId));
+
+  for (const uatPet of UAT_PETS) {
+    const existing = existingUatPets.find(
+      (p) => p.name === uatPet.name && p.species === uatPet.species
+    );
+    if (existing) {
+      results.push(`Pet '${uatPet.name}' already exists for UAT Customer (id: ${existing.id})`);
+    } else {
+      const [created] = await db
+        .insert(pets)
+        .values({
+          clientId: uatClientId,
+          name: uatPet.name,
+          species: uatPet.species,
+          breed: uatPet.breed,
+          coatType: uatPet.coatType as any,
+          weightKg: uatPet.weightKg,
+          dateOfBirth: new Date("2019-01-01T00:00:00Z"),
+        })
+        .returning();
+      results.push(`Created pet '${uatPet.name}' for UAT Customer (id: ${created!.id})`);
+    }
+  }
+
  return c.json({
    message: "Seed complete",
    details: results,
Author	SHA1	Message	Date
Flea Flicker	299e539591	chore: promote dev→uat (GRO-1764 coat_type fix)	2026-05-26 00:35:25 +00:00
Lint Roller	a610ef9d39	chore: trigger CI for GRO-1757 + GRO-1764 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-26 00:08:02 +00:00
Flea Flicker	2a0b3cf3d3	Merge remote-tracking branch 'origin/dev' into dev-to-uat	2026-05-25 23:54:49 +00:00
Flea Flicker	cf3d30f19e	Merge pull request 'fix(GRO-1764): change Max coat_type short→smooth in UAT seed' (#85 ) from fix/gro-1764-coat-type-enum into dev	2026-05-25 23:54:36 +00:00
Flea Flicker	0625961adf	fix(GRO-1764): change Max coat_type "short" to "smooth" in UAT seed The DB coat_type enum only accepts: smooth, double, wire, curly, long, hairless. "short" is not a valid value — corrected to "smooth". Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-25 23:52:53 +00:00
Lint Roller	78762b5278	Merge pull request 'promote: dev → uat (GRO-1757 SSO auto-provision fix)' (#84 ) from dev into uat promote: dev → uat (GRO-1757 SSO auto-provision fix)	2026-05-25 23:48:09 +00:00
Scrubs McBarkley	b61d899f81	fix(GRO-1757): auto-provision staff for OIDC users + UAT playbook updates (#83 )	2026-05-25 23:39:57 +00:00
Flea Flicker	38047d5ea3	chore: trigger CI on dev for GRO-1754	2026-05-25 23:27:16 +00:00
Flea Flicker	fbcaedf155	chore: trigger CI for GRO-1754 UAT bump check	2026-05-25 23:20:51 +00:00
Flea Flicker	7cfb24d542	Merge pull request 'chore: trigger CI for GRO-1754' (#80 ) from fix/gro-1754-trigger-ci-v2 into dev	2026-05-25 23:16:05 +00:00
Flea Flicker	b0d9e5816f	chore: trigger CI v2 for GRO-1754	2026-05-25 23:14:01 +00:00
Flea Flicker	7a0662541d	chore: trigger CI for GRO-1754	2026-05-25 19:20:51 +00:00
Flea Flicker	5e78df85f1	chore: trigger CI for GRO-1754 UAT bump	2026-05-25 19:16:53 +00:00
The Dogfather	aa9670d4dc	Merge pull request 'promote(dev→uat): add missing extended pet profile fields (GRO-1752)' (#79 ) from dev into uat promote(dev→uat): add missing extended pet profile fields (GRO-1752)	2026-05-25 19:08:13 +00:00
The Dogfather	0a2259b67f	Merge pull request 'fix(db): add missing extended pet profile fields to buildPet factory' (#78 ) from fix/gro-1752-factories-v2 into dev	2026-05-25 18:57:45 +00:00
Flea Flicker	cc09a8e1e8	trigger CI again	2026-05-25 18:55:38 +00:00
Flea Flicker	74da042d13	fix(db): add missing extended pet profile fields to buildPet factory Lint Roller (QA) flagged that buildPet in factories.ts was missing the 4 fields added to the pets table schema, causing TS2739 in the Docker build job (run 1701, job 3717). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-25 18:53:56 +00:00
Flea Flicker	ad1b210de1	fix(schema): add missing extended pet profile fields to packages/db (#73 )	2026-05-25 18:20:57 +00:00
Flea Flicker	e5f16a5fe5	Merge pull request 'chore: promote dev → uat (GRO-1749 seed data sync)' (#72 ) from promo/gro-1749-uat into uat	2026-05-25 18:02:30 +00:00
Flea Flicker	a03771f7e7	fix(gro-1749): sync UAT seed data to root src and fix route path (#71 ) Co-authored-by: Flea Flicker <flea@groombook.dev> Co-committed-by: Flea Flicker <flea@groombook.dev>	2026-05-25 17:45:56 +00:00
The Dogfather	baeff6c4f5	Merge pull request 'chore: promote dev → uat (GRO-1743 seed data)' (#70 ) from dev into uat Merge PR #70: chore: promote dev → uat (GRO-1743 seed data)	2026-05-25 15:37:38 +00:00
The Dogfather	040ff4a253	Merge pull request 'feat(gro-1743): add UAT customer and pets to admin seed endpoint' (#69 ) from fix/gro-1743-uat-seed-data into dev CI / Lint & Typecheck (push) Successful in 11s Details CI / Test (push) Successful in 12s Details CI / Build & Push Docker Images (push) Successful in 18s Details Merge PR #69: feat(gro-1743): add UAT customer and pets to admin seed endpoint	2026-05-25 15:37:10 +00:00
Flea Flicker	a1466b44c9	feat(gro-1743): add UAT customer and pets to admin seed endpoint CI / Lint & Typecheck (pull_request) Successful in 12s Details CI / Test (pull_request) Successful in 12s Details CI / Build & Push Docker Images (pull_request) Successful in 1m12s Details Add UAT Customer (uat-customer@groombook.dev) with two pets (Bella and Max) to the idempotent admin seed endpoint for portal UAT testing. - Client: UAT Customer, email: uat-customer@groombook.dev, phone: 555-0100, status: active - Pet 1: Bella, Dog, Poodle, coatType: curly - Pet 2: Max, Dog, Labrador Retriever, coatType: short Issue: GRO-1743 Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-25 15:29:36 +00:00
The Dogfather	8d9a9d8dba	Merge pull request 'chore: promote dev → uat (GRO-1678 TCP resilience + backlog fixes)' (#67 ) from dev into uat chore: promote dev → uat (GRO-1678 TCP resilience + backlog fixes)	2026-05-24 23:49:11 +00:00
Scrubs McBarkley	b486c44a82	fix(api): add timeouts for OIDC discovery fetch and DB connection (#66 ) CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 9s Details CI / Build & Push Docker Images (push) Successful in 45s Details	2026-05-24 20:11:44 +00:00
The Dogfather	b5a08a2c7e	Merge pull request 'fix(GRO-1441): remove duplicate coatType/petSizeCategory from buildPet' (#35 ) from fix/gro-1441-remove-duplicate-coat-props into dev CI / Lint & Typecheck (push) Successful in 47s Details CI / Test (push) Successful in 48s Details CI / Build & Push Docker Images (push) Failing after 2m41s Details fix(GRO-1441): remove duplicate coatType/petSizeCategory from buildPet (#35)	2026-05-23 18:31:01 +00:00
The Dogfather	06d72b5baf	Merge pull request 'fix(GRO-1544): restore /health alongside /api/health endpoint' (#60 ) from fix/gro-1544-api-health-endpoint into dev CI / Lint & Typecheck (push) Successful in 45s Details CI / Test (push) Successful in 46s Details CI / Build & Push Docker Images (push) Successful in 2m45s Details fix(GRO-1544): restore /health alongside /api/health endpoint (#60)	2026-05-23 18:30:57 +00:00
The Dogfather	2380698128	Merge pull request 'Promote dev → uat: provenance: false CI fix' (#65 ) from dev into uat Promote dev → uat: provenance: false CI fix (#65) Includes fix(GRO-1576): add provenance: false to all build-push-action steps. Approved-by: The Dogfather (CTO)	2026-05-23 01:40:59 +00:00
The Dogfather	33aa63b10f	Merge pull request 'fix(GRO-1576): add provenance: false to all build-push-action steps' (#64 ) from fix/gro-1576-ci-provenance-false into dev CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 11s Details CI / Build & Push Docker Images (push) Successful in 20s Details fix(GRO-1576): add provenance: false to all build-push-action steps (#64) Disables OCI attestation manifest generation that was hitting a Gitea registry bug when image layers are pre-existing. Reviewed-by: Lint Roller (QA) Approved-by: The Dogfather (CTO)	2026-05-23 01:40:07 +00:00
Flea Flicker	e26d960046	fix(GRO-1576): add provenance: false to all build-push-action steps CI / Lint & Typecheck (pull_request) Successful in 11s Details CI / Test (pull_request) Successful in 11s Details CI / Build & Push Docker Images (pull_request) Failing after 2m28s Details Docker Buildx v6 defaults to OCI attestation manifests (--attest type=provenance,mode=max). These hit a Gitea registry bug when image layers are pre-existing (blob mount), causing "unknown" errors on manifest list push. API image succeeds because it pushes new layers; migrate/seed/ reset fail because their layers already exist. Disabling provenance attestation on all four build-push-action steps resolves the push failures. Addresses GRO-1575. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 01:30:16 +00:00
The Dogfather	4e8c66f3ca	fix: add network=host to buildx driver-opts for DinD DNS resolution CI / Test (push) Successful in 43s Details CI / Lint & Typecheck (push) Successful in 44s Details CI / Build & Push Docker Images (push) Failing after 39s Details Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 00:52:59 +00:00
The Dogfather	00c6a36021	Merge pull request 'Promote dev to UAT: GRO-1566 auth bypass fix' (#62 ) from dev into uat	2026-05-22 22:39:58 +00:00
The Dogfather	ea28095434	Merge pull request 'fix(GRO-1566): bypass auth for /api/health endpoint on UAT' (#61 ) from fix/gro-1566-api-health-auth-bypass into dev CI / Test (push) Failing after 1m33s Details CI / Lint & Typecheck (push) Failing after 1m39s Details CI / Build & Push Docker Images (push) Has been skipped Details	2026-05-22 22:39:41 +00:00
Flea Flicker	3b9c72c2c4	fix(GRO-1566): bypass auth for /api/health endpoint on UAT CI / Lint & Typecheck (pull_request) Failing after 1m27s Details CI / Test (pull_request) Failing after 1m38s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details The /api/health endpoint returns 401 on UAT because authMiddleware was not skipping it — the health check was registered on the Hono app instance (not the api sub-router), placing it below authMiddleware on the base app. The fix adds /api/health to the auth skip list alongside /api/auth/. The /health endpoint (registered at app level, above all middleware) correctly returns 200. The /api/health endpoint must also be public since the task requires confirming it returns 200. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 22:36:15 +00:00
The Dogfather	f4561b539f	Merge pull request 'chore: promote dev → uat (GRO-1544 health endpoint fix)' (#59 ) from dev into uat chore: promote dev → uat (GRO-1544 health endpoint fix) Merge dev → uat. CI auto-deploys to UAT environment.	2026-05-22 21:50:13 +00:00
The Dogfather	d847343090	Merge pull request 'promote: dev → uat (migration 0031 fix, GRO-1533)' (#58 ) from dev into uat promote: dev → uat — migration 0031 fix (GRO-1533) (#58)	2026-05-22 15:22:24 +00:00
The Dogfather	190c39f905	Merge pull request 'chore: promote dev → uat (GRO-1533 migration fix)' (#56 ) from dev into uat chore: promote dev → uat (GRO-1533 migration fix) Promotes 0032_staff_read_at.sql migration file to uat branch. Unblocks UAT migration pipeline.	2026-05-22 14:39:42 +00:00
The Dogfather	122d32d635	Merge pull request 'chore: promote dev → uat (GRO-1533 migration fix)' (#54 ) from dev into uat Promote dev → uat: GRO-1533 migration fix (PR #53)	2026-05-22 14:09:56 +00:00
The Dogfather	d458f93600	Merge pull request 'promote: dev → uat (revert Dockerfile + GRO-1533 CI fix)' (#51 ) from dev into uat CI / Lint & Typecheck (pull_request) Successful in 9s Details CI / Test (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Successful in 46s Details promote: dev → uat (revert Dockerfile + GRO-1533 CI fix) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:32:48 +00:00
The Dogfather	634e9d03e1	Merge pull request 'promote: dev → uat (GRO-1533 Dockerfile fix)' (#49 ) from dev into uat CI / Lint & Typecheck (pull_request) Successful in 9s Details CI / Test (pull_request) Successful in 11s Details CI / Build & Push Docker Images (pull_request) Failing after 19s Details promote: dev → uat (GRO-1533 Dockerfile fix) Promotes PR #47 fix to uat. Reverts Dockerfile to build from apps/api/src/. Fixes HTTP 500 on authenticated admin routes. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:24:33 +00:00
The Dogfather	974dade8f7	Merge pull request 'promote: dev → uat (pnpm-lock.yaml fix + CI/enum fixes + seed Docker fix)' (#48 ) from dev into uat CI / Lint & Typecheck (pull_request) Successful in 12s Details CI / Test (pull_request) Successful in 11s Details CI / Build & Push Docker Images (pull_request) Successful in 53s Details promote: dev → uat (pnpm-lock.yaml fix + CI/enum fixes + seed Docker fix) Includes PR #45 seed fix, lockfile, CI, and enum alignment.	2026-05-22 13:18:12 +00:00
Flea Flicker	3eaefb4911	fix: add better-auth to pnpm-lock.yaml packages/db specifiers CI / Lint & Typecheck (pull_request) Failing after 13s Details CI / Test (pull_request) Failing after 23s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:11:39 +00:00
The Dogfather	ff6f8471d5	Merge pull request 'promote: dev → uat (GRO-1509 OIDC account_not_linked fix)' (#43 ) from dev into uat CI / Lint & Typecheck (pull_request) Failing after 5s Details CI / Test (pull_request) Failing after 6s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details promote: dev → uat (GRO-1509 OIDC account_not_linked fix) Merged-by: The Dogfather (CTO) Gitea-approved-by: Lint Roller (GRO-1512)	2026-05-21 22:53:49 +00:00
The Dogfather	6045024150	Merge pull request 'Promote dev → uat: GRO-1178 enhanced pet profile editor' (#39 ) from dev into uat Promote dev → uat: GRO-1178 enhanced pet profile editor	2026-05-21 19:19:10 +00:00
The Dogfather	df5e413930	Merge pull request 'chore: promote dev → uat (GRO-1463 UAT playbook expansion)' (#38 ) from dev into uat chore: promote dev → uat (GRO-1463 UAT playbook expansion)	2026-05-21 16:49:18 +00:00
The Dogfather	7cb5fda3e3	Merge pull request 'promote: dev → uat (GRO-1272 auto-provision staff on OIDC login)' (#36 ) from dev into uat promote: dev → uat (GRO-1272 auto-provision staff on OIDC login) (#36) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 14:17:40 +00:00
Flea Flicker	9f2809e89b	fix(GRO-1441): remove duplicate coatType/petSizeCategory from buildPet CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Test (pull_request) Successful in 20s Details CI / Build & Push Docker Image (pull_request) Successful in 25s Details Lines 108-109 were duplicates of lines 102-103 from the PR #12 merge. Removing the duplicate pair resolves the TS1117 error on dev. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 10:31:43 +00:00
The Dogfather	76540cea0d	Merge pull request 'chore(promote): dev → uat (Buffer Rules CRUD — GRO-1171)' (#34 ) from dev into uat chore(promote): dev → uat (Buffer Rules CRUD — GRO-1171) Promote PR #12 merge to UAT for regression testing.	2026-05-21 10:18:10 +00:00
Lint Roller	d83210e7e2	Merge pull request 'chore(promote): dev → uat (petsExtendedFields test fix GRO-1390)' (#33 ) from dev into uat	2026-05-21 07:03:24 +00:00
The Dogfather	5c9cac7a28	Merge pull request 'promote: dev → uat (GRO-1395 drizzle-orm root dep fix)' (#31 ) from dev into uat promote: dev → uat (GRO-1395 drizzle-orm root dep fix) (#31)	2026-05-21 04:11:29 +00:00
The Dogfather	fad99dc032	Merge pull request 'promote: dev → uat (Renovate config, GRO-1081)' (#26 ) from dev into uat promote: dev → uat (Renovate config, GRO-1081) (#26)	2026-05-20 12:37:23 +00:00
The Dogfather	247570abc8	Merge pull request 'Promote dev → uat: GRO-1326 UAT email+password credentials' (#25 ) from dev into uat Promote dev → uat: GRO-1326 UAT email+password credentials (#25) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-20 04:25:29 +00:00
the-dogfather-cto[bot]	4f5ec60961	chore: promote dev to uat — Dockerfile pnpm-workspace fix (GRO-1231) chore: promote dev to uat (GRO-1231 pnpm-workspace fix)	2026-05-14 17:15:52 +00:00
the-dogfather-cto[bot]	39ffdccac7	promote: dev → uat (rate limit override) (#13 ) promote: dev → uat (rate limit override)	2026-05-14 10:55:45 +00:00
the-dogfather-cto[bot]	1ff0d4230c	promote: dev → uat (UAT Tester seed fix + TypeScript CI compliance) promote: dev → uat (UAT Tester seed fix + TypeScript CI compliance)	2026-05-14 08:07:54 +00:00
the-dogfather-cto[bot]	be5e9d8fc7	chore: promote dev to uat (PR #5 mock path fix) chore: promote dev to uat (PR #5 mock path fix)	2026-05-12 21:34:03 +00:00