fix(GRO-1533): revert Dockerfile to build from apps/api/src/

The Dockerfile build change (pnpm build → pnpm --filter @groombook/api) was made against dev HEAD, but the root src/ directory was never fully audited for parity with apps/api/src/. Admin routes returning 500 for authenticated users post-OIDC login is consistent with the image running code with incomplete middleware chain or mismatched schema types when the root build path was used. Revert to the apps/api/ build path which is known to work correctly. UAT is running images from dev branch commit 9462915 which includes this change alongside schema cleanup commits. Root cause: Dockerfile was changed to build from root src/ instead of apps/api/src/ without confirming the two source trees are functionally identical. The proper fix path (schema audit + reconciliation) is tracked in GRO-1536. Co-Authored-By: Paperclip <noreply@paperclip.ing>
Merge pull request 'fix(seed): use --filter @groombook/db for seed/migrate/reset scripts' (#45 ) from flea-flicker/gro-1531-seed-db-filter into dev
2026-05-22 13:23:33 +00:00 · 2026-05-22 13:17:09 +00:00 · 2026-05-22 13:08:49 +00:00 · 2026-05-22 03:17:13 +00:00 · 2026-05-22 03:11:03 +00:00 · 2026-05-22 03:09:00 +00:00
14 changed files with 95 additions and 89 deletions
@@ -25,17 +25,17 @@ jobs:

      - uses: actions/setup-node@v4
        with:
-          node-version: 20
+          node-version: 22
          cache: pnpm

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Typecheck
-        run: pnpm typecheck
+        run: pnpm --filter @groombook/api typecheck

      - name: Lint
-        run: pnpm lint
+        run: pnpm --filter @groombook/api lint

  test:
    name: Test
@@ -49,17 +49,17 @@ jobs:

      - uses: actions/setup-node@v4
        with:
-          node-version: 20
+          node-version: 22
          cache: pnpm

      - name: Install dependencies
        run: pnpm install --frozen-lockfile

      - name: Run tests
-        run: pnpm test
+        run: pnpm --filter @groombook/api test

  docker:
-    name: Build & Push Docker Image
+    name: Build & Push Docker Images
    runs-on: ubuntu-latest
    needs: [lint-typecheck, test]
    steps:
@@ -91,9 +91,49 @@ jobs:
        with:
          context: .
          file: Dockerfile
+          target: runner
          push: true
          tags: |
            git.farh.net/groombook/api:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/api:latest' || '' }}
          cache-from: type=registry,ref=git.farh.net/groombook/cache:api
-          cache-to: type=registry,ref=git.farh.net/groombook/cache:api,mode=max
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:api,mode=max
+
+      - name: Build and push Migrate image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: Dockerfile
+          target: migrate
+          push: true
+          tags: |
+            git.farh.net/groombook/migrate:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/migrate:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:migrate
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:migrate,mode=max
+
+      - name: Build and push Seed image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: Dockerfile
+          target: seed
+          push: true
+          tags: |
+            git.farh.net/groombook/seed:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/seed:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:seed
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:seed,mode=max
+
+      - name: Build and push Reset image
+        uses: docker/build-push-action@v6
+        with:
+          context: .
+          file: Dockerfile
+          target: reset
+          push: true
+          tags: |
+            git.farh.net/groombook/reset:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/reset:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:reset
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:reset,mode=max
@@ -25,7 +25,7 @@ jobs:

      - uses: actions/setup-node@v4
        with:
-          node-version: 20
+          node-version: 22
          cache: pnpm

      - name: Install dependencies
@@ -49,7 +49,7 @@ jobs:

      - uses: actions/setup-node@v4
        with:
-          node-version: 20
+          node-version: 22
          cache: pnpm

      - name: Install dependencies
@@ -71,7 +71,7 @@ jobs:

      - uses: actions/setup-node@v4
        with:
-          node-version: 20
+          node-version: 22
          cache: pnpm

      - name: Install dependencies
@@ -1,53 +1,41 @@
-FROM node:20-alpine AS base
+FROM node:22-alpine AS base
 RUN corepack enable && corepack prepare pnpm@9.15.4 --activate
 WORKDIR /app

 # Install deps
 FROM base AS deps
 COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
-COPY packages/db/package.json packages/db/
-COPY packages/types/package.json packages/types/
+COPY apps/api/package.json apps/api/
 RUN pnpm install --frozen-lockfile

 # Build
 FROM deps AS builder
 RUN mkdir -p /home/node/.cache/node/corepack
-COPY packages/ packages/
-COPY src/ src/
-COPY tsconfig.json ./
-RUN pnpm --filter @groombook/types build && \
-    pnpm --filter @groombook/db build && \
-    pnpm --filter @groombook/api build
+COPY apps/api/ apps/api/
+RUN pnpm --filter @groombook/api build

 # Runtime
-FROM node:20-alpine AS runner
+FROM node:22-alpine AS runner
 RUN corepack enable && corepack prepare pnpm@9.15.4 --activate
 WORKDIR /app
 ENV NODE_ENV=production

-COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
-COPY --from=builder /app/package.json ./
-COPY --from=builder /app/dist dist/
-COPY --from=builder /app/packages/db/package.json packages/db/
-COPY --from=builder /app/packages/db/dist packages/db/dist
-COPY --from=builder /app/packages/types/package.json packages/types/
-COPY --from=builder /app/packages/types/dist packages/types/dist
+COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
+COPY --from=builder /app/apps/api/package.json apps/api/
+COPY --from=builder /app/apps/api/dist apps/api/dist
 RUN pnpm install --frozen-lockfile --prod

 EXPOSE 3000
 RUN apk add --no-cache curl
 HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
  CMD curl -f http://localhost:3000/health || exit 1
-CMD ["node", "dist/index.js"]
+CMD ["node", "apps/api/dist/index.js"]

-# Migrate stage — runs drizzle-kit migrate against the database
 FROM builder AS migrate
-CMD ["pnpm", "db:migrate"]
+CMD ["pnpm", "--filter", "@groombook/api", "db:migrate"]

-# Seed stage — populates the database with test data
 FROM builder AS seed
-CMD ["pnpm", "db:seed"]
+CMD ["pnpm", "--filter", "@groombook/api", "db:seed"]

-# Reset stage — drops all tables, re-runs migrations, and re-seeds
 FROM builder AS reset
-CMD ["pnpm", "db:reset"]
+CMD ["pnpm", "--filter", "@groombook/api", "db:reset"]
@@ -38,6 +38,7 @@ GroomBook API is a Hono-based REST service (TypeScript/Node.js) powering the pet
 | TC-API-1.13 | Name fallback — user.name present | Auto-provision where Better-Auth user has name set | Staff name = user.name value from user table |
 | TC-API-1.14 | Name fallback — no name, email present | Auto-provision where Better-Auth user has name = null, email = "test@example.com" | Staff name = "test" (email prefix before @) |
 | TC-API-1.15 | Name fallback — no name, no email | Auto-provision where Better-Auth user has name = null, email = null | Staff name = "Unknown" |
+| TC-API-1.16 | OIDC login — Terraform-provisioned user | Initiate OIDC login as any UAT persona (uat-super, uat-groomer, uat-customer, uat-tester), complete authentik callback | 200 OK, session created — no account_not_linked error |

 ### 4.2 Client Management

@@ -135,7 +135,7 @@ function makeDeleteChainable(): unknown {
      }
      if (prop === "returning") {
        return () => {
-          const row = petRows[0];
+          const row = petRows[0]!;
          deletedId = row.id as string;
          return [row];
        };
@@ -165,10 +165,10 @@ vi.mock("../db", async (importOriginal) => {
    }),
    pets,
    appointments,
-and: db.and,
-    eq: db.eq,
-    exists: db.exists,
-    or: db.or,
+    and: vi.fn(),
+    eq: vi.fn(),
+    exists: vi.fn(),
+    or: vi.fn(),
  };
 });

@@ -67,6 +67,11 @@ vi.mock("../db", () => {
    { get: (t, p) => (p === "_name" ? "impersonationSessions" : { table: "impersonationSessions", column: p }) }
  );

+  const impersonationAuditLogs = new Proxy(
+    { _name: "impersonationAuditLogs" },
+    { get: (t, p) => (p === "_name" ? "impersonationAuditLogs" : { table: "impersonationAuditLogs", column: p }) }
+  );
+
  const appointments = new Proxy(
    { _name: "appointments" },
    { get: (t, p) => (p === "_name" ? "appointments" : { table: "appointments", column: p }) }
@@ -99,8 +104,12 @@ vi.mock("../db", () => {
          }),
        }),
      }),
+      insert: () => ({
+        values: () => ({ returning: () => [{}] }),
+      }),
    }),
    impersonationSessions,
+    impersonationAuditLogs,
    appointments,
    eq: vi.fn(),
    and: vi.fn(),
@@ -3,6 +3,7 @@
  "version": "0.0.1",
  "private": true,
  "type": "module",
+  "packageManager": "pnpm@9.15.4",
  "scripts": {
    "dev": "tsx watch src/index.ts",
    "build": "tsc --project .",
@@ -105,8 +105,6 @@ export function buildPet(overrides: Partial<PetRow> & { clientId: string }): Pet
    photoKey: null,
    photoUploadedAt: null,
    image: null,
-    coatType: null,
-    petSizeCategory: null,
    createdAt: new Date("2025-01-01T00:00:00Z"),
    updatedAt: new Date("2025-01-01T00:00:00Z"),
  };
@@ -121,7 +119,7 @@ export function buildService(overrides: Partial<ServiceRow> = {}): ServiceRow {
    description: "A grooming service",
    basePriceCents: 6500,
    durationMinutes: 60,
-    defaultBufferMinutes: null,
+    defaultBufferMinutes: 0,
    active: true,
    createdAt: new Date("2025-01-01T00:00:00Z"),
    updatedAt: new Date("2025-01-01T00:00:00Z"),
@@ -48,22 +48,6 @@ export const clientStatusEnum = pgEnum("client_status", [
  "disabled",
 ]);

-export const petSizeCategoryEnum = pgEnum("pet_size_category", [
-  "small",
-  "medium",
-  "large",
-  "xlarge",
-]);
-
-export const coatTypeEnum = pgEnum("coat_type", [
-  "smooth",
-  "double",
-  "wire",
-  "curly",
-  "long",
-  "hairless",
-]);
-
 // ─── Better-Auth Tables ──────────────────────────────────────────────────────

 export const user = pgTable("user", {
@@ -196,35 +180,12 @@ export const services = pgTable("services", {
  description: text("description"),
  basePriceCents: integer("base_price_cents").notNull(),
  durationMinutes: integer("duration_minutes").notNull(),
-  defaultBufferMinutes: integer("default_buffer_minutes"),
  active: boolean("active").notNull().default(true),
  defaultBufferMinutes: integer("default_buffer_minutes").notNull().default(0),
  createdAt: timestamp("created_at").notNull().defaultNow(),
  updatedAt: timestamp("updated_at").notNull().defaultNow(),
 });

-export const bufferRules = pgTable(
-  "buffer_rules",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    serviceId: uuid("service_id")
-      .notNull()
-      .references(() => services.id, { onDelete: "cascade" }),
-    sizeCategory: petSizeCategoryEnum("size_category"),
-    coatType: coatTypeEnum("coat_type"),
-    bufferMinutes: integer("buffer_minutes").notNull(),
-    createdAt: timestamp("created_at").notNull().defaultNow(),
-    updatedAt: timestamp("updated_at").notNull().defaultNow(),
-  },
-  (t) => [
-    unique("uq_buffer_rules_service_size_coat").on(
-      t.serviceId,
-      t.sizeCategory,
-      t.coatType
-    ),
-  ]
-);
-
 export const staff = pgTable("staff", {
  id: uuid("id").primaryKey().defaultRandom(),
  name: text("name").notNull(),
@@ -28,7 +28,7 @@ importers:
        version: 0.7.6(hono@4.12.18)(zod@4.4.3)
      better-auth:
        specifier: ^1.5.6
-        version: 1.6.10(drizzle-orm@0.38.4(kysely@0.28.17)(postgres@3.4.9))(vitest@3.2.4(@types/node@22.19.18)(tsx@4.21.0))
+        version: 1.6.10(drizzle-kit@0.30.6)(drizzle-orm@0.38.4(kysely@0.28.17)(postgres@3.4.9))(vitest@3.2.4(@types/node@22.19.18)(tsx@4.21.0))
      drizzle-orm:
        specifier: ^0.38.4
        version: 0.38.4(kysely@0.28.17)(postgres@3.4.9)
@@ -84,6 +84,9 @@ importers:

  packages/db:
    dependencies:
+      better-auth:
+        specifier: ^1.5.6
+        version: 1.6.10(drizzle-kit@0.30.6)(drizzle-orm@0.38.4(kysely@0.28.17)(postgres@3.4.9))(vitest@3.2.4(@types/node@22.19.18)(tsx@4.21.0))
      drizzle-orm:
        specifier: ^0.38.4
        version: 0.38.4(kysely@0.28.17)(postgres@3.4.9)
@@ -3927,7 +3930,7 @@ snapshots:

  balanced-match@4.0.4: {}

-  better-auth@1.6.10(drizzle-orm@0.38.4(kysely@0.28.17)(postgres@3.4.9))(vitest@3.2.4(@types/node@22.19.18)(tsx@4.21.0)):
+  better-auth@1.6.10(drizzle-kit@0.30.6)(drizzle-orm@0.38.4(kysely@0.28.17)(postgres@3.4.9))(vitest@3.2.4(@types/node@22.19.18)(tsx@4.21.0)):
    dependencies:
      '@better-auth/core': 1.6.10(@better-auth/utils@0.4.0)(@better-fetch/fetch@1.1.21)(better-call@1.3.5(zod@4.4.3))(jose@6.2.3)(kysely@0.28.17)(nanostores@1.3.0)
      '@better-auth/drizzle-adapter': 1.6.10(@better-auth/core@1.6.10(@better-auth/utils@0.4.0)(@better-fetch/fetch@1.1.21)(better-call@1.3.5(zod@4.4.3))(jose@6.2.3)(kysely@0.28.17)(nanostores@1.3.0))(@better-auth/utils@0.4.0)(drizzle-orm@0.38.4(kysely@0.28.17)(postgres@3.4.9))
@@ -3947,6 +3950,7 @@ snapshots:
      nanostores: 1.3.0
      zod: 4.4.3
    optionalDependencies:
+      drizzle-kit: 0.30.6
      drizzle-orm: 0.38.4(kysely@0.28.17)(postgres@3.4.9)
      vitest: 3.2.4(@types/node@22.19.18)(tsx@4.21.0)
    transitivePeerDependencies:
@@ -251,6 +251,10 @@ export async function initAuth(): Promise<void> {
        },
      },
      account: {
+        accountLinking: {
+          enabled: true,
+          trustedProviders: ["authentik"],
+        },
        storeStateStrategy: "cookie" as const,
      },
      emailAndPassword: {
@@ -193,8 +193,8 @@ bookRouter.post(
        name: body.petName,
        species: body.petSpecies,
        breed: body.petBreed ?? null,
-        coatType: (body.petCoatType ?? null) as "smooth" | "double" | "wire" | "curly" | "long" | "hairless" | null,
-        petSizeCategory: (body.petSizeCategory ?? null) as "small" | "medium" | "large" | "xlarge" | null,
+        coatType: (body.petCoatType ?? null) as "short" | "medium" | "long" | "double" | "wire" | "silky" | "curly" | "hairless" | null,
+        petSizeCategory: (body.petSizeCategory ?? null) as "small" | "medium" | "large" | "extra_large" | null,
      })
      .returning();
    const pet = petInserted[0];
@@ -19,8 +19,8 @@ bufferRulesRouter.use("*", requireRole("manager"));

 const createBufferRuleSchema = z.object({
  serviceId: z.string().uuid(),
-  sizeCategory: z.enum(["small", "medium", "large", "xlarge"]).optional(),
-  coatType: z.enum(["smooth", "double", "wire", "curly", "long", "hairless"]).optional(),
+  sizeCategory: z.enum(["small", "medium", "large", "extra_large"]).optional(),
+  coatType: z.enum(["short", "medium", "long", "double", "wire", "silky", "curly", "hairless"]).optional(),
  bufferMinutes: z.number().int().positive(),
 });

@@ -24,8 +24,8 @@ const createPetSchema = z.object({
  shampooPreference: z.string().max(500).optional(),
  specialCareNotes: z.string().max(2000).optional(),
  customFields: z.record(z.string(), z.string()).optional(),
-  sizeCategory: z.enum(["small", "medium", "large", "xlarge"]).optional(),
-  coatType: z.enum(["smooth", "double", "wire", "curly", "long", "hairless"]).optional(),
+  petSizeCategory: z.enum(["small", "medium", "large", "extra_large"]).optional(),
+  coatType: z.enum(["short", "medium", "long", "double", "wire", "silky", "curly", "hairless"]).optional(),
 });

 const updatePetSchema = createPetSchema.partial().omit({ clientId: true });
Author	SHA1	Message	Date
Flea Flicker	dab9bfab71	fix(GRO-1533): revert Dockerfile to build from apps/api/src/ CI / Test (pull_request) Successful in 10s Details CI / Lint & Typecheck (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Failing after 18s Details The Dockerfile build change (pnpm build → pnpm --filter @groombook/api) was made against dev HEAD, but the root src/ directory was never fully audited for parity with apps/api/src/. Admin routes returning 500 for authenticated users post-OIDC login is consistent with the image running code with incomplete middleware chain or mismatched schema types when the root build path was used. Revert to the apps/api/ build path which is known to work correctly. UAT is running images from dev branch commit `9462915` which includes this change alongside schema cleanup commits. Root cause: Dockerfile was changed to build from root src/ instead of apps/api/src/ without confirming the two source trees are functionally identical. The proper fix path (schema audit + reconciliation) is tracked in GRO-1536. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:23:33 +00:00
The Dogfather	70bc946a0d	Merge pull request 'fix(seed): use --filter @groombook/db for seed/migrate/reset scripts' (#45 ) from flea-flicker/gro-1531-seed-db-filter into dev CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 10s Details CI / Build & Push Docker Images (push) Successful in 21s Details fix(seed): use --filter @groombook/db for seed/migrate/reset scripts Merge PR #45 to dev. QA approved (review #3506), CTO reviewed.	2026-05-22 13:17:09 +00:00
Flea Flicker	40422a14f0	fix(seed): use --filter @groombook/db to invoke seed/migrate/reset scripts CI / Lint & Typecheck (pull_request) Successful in 11s Details CI / Test (pull_request) Successful in 11s Details CI / Build & Push Docker Images (pull_request) Successful in 51s Details The seed/migrate/reset Dockerfile targets specified `pnpm db:migrate` etc., but those scripts are defined in packages/db/package.json, not at the workspace root. pnpm workspace filtering is required to route the command to the correct package. - migrate: pnpm --filter @groombook/db migrate - seed: pnpm --filter @groombook/db seed - reset: pnpm --filter @groombook/db reset Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:08:49 +00:00
Chris Farhood	9462915a66	fix: align root src/ enum values with packages/db schema CI / Lint & Typecheck (push) Successful in 9s Details CI / Test (push) Successful in 10s Details CI / Build & Push Docker Images (push) Failing after 36s Details Root src/routes/ used stale enum values (xlarge→extra_large, smooth→silky, missing short/medium/silky from coatType) and sizeCategory→petSizeCategory field name mismatch with the pets table column. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-05-22 03:17:13 +00:00
Chris Farhood	46f134a294	fix: use root pnpm build instead of --filter for api in Dockerfile CI / Test (push) Successful in 11s Details CI / Lint & Typecheck (push) Successful in 12s Details CI / Build & Push Docker Images (push) Failing after 2m11s Details pnpm --filter @groombook/api doesn't match the workspace root package because pnpm-workspace.yaml only includes packages/*. The root package.json already has a build script that compiles src/ → dist/, which is what the Dockerfile copies. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-05-22 03:11:03 +00:00
Chris Farhood	4086b6f5c0	fix: remove duplicate bufferRules table and duplicate properties blocking Docker build CI / Test (push) Successful in 10s Details CI / Lint & Typecheck (push) Successful in 10s Details CI / Build & Push Docker Images (push) Failing after 24s Details CI Run 942 Docker build fails on TS2451 (duplicate bufferRules at lines 190 & 653 of schema.ts), TS1117 (duplicate defaultBufferMinutes in services table, duplicate coatType/petSizeCategory in factories.ts), and TS2322 (null vs number for defaultBufferMinutes in factories.ts). Keep the newer, more complete bufferRules declaration (with comments and index) and the .notNull().default(0) variant of defaultBufferMinutes. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>	2026-05-22 03:09:00 +00:00
Chris Farhood	d7d98791c7	fix(ci): use monorepo-filtered commands in Gitea CI (GRO-1522) CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 9s Details CI / Build & Push Docker Images (push) Failing after 2m1s Details The root pnpm scripts typecheck/lint/test the stale src/ directory. Use pnpm --filter @groombook/api to target the correct apps/api/ path, matching the GitHub Actions CI configuration. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 03:04:12 +00:00
Chris Farhood	3bec5d095a	fix(db): remove duplicate petSizeCategoryEnum/coatTypeEnum declarations (GRO-1522) CI / Lint & Typecheck (push) Failing after 13s Details CI / Test (push) Failing after 20s Details CI / Build & Push Docker Images (push) Has been skipped Details The schema file had two sets of these enum declarations with different values. The first (stale) set broke all tests importing @groombook/db via the vitest alias, causing CI to fail and blocking the docker build job. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 03:02:20 +00:00
The Dogfather	3fddf80fac	Merge pull request 'fix(ci): build all service images + upgrade Node 22 + pin packageManager (GRO-1522)' (#44 ) from fix/gro-1522-ci-images-node22 into dev CI / Lint & Typecheck (push) Failing after 12s Details CI / Test (push) Failing after 21s Details CI / Build & Push Docker Images (push) Has been skipped Details fix(ci): build all service images + upgrade Node 22 + pin packageManager (GRO-1522) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 02:58:30 +00:00
Chris Farhood	1ea319e122	merge: resolve conflicts with dev (keep Node 22 + add Gitea CI images) CI / Lint & Typecheck (pull_request) Failing after 14s Details CI / Test (pull_request) Failing after 20s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details - Dockerfile: keep node:22-alpine for both base and runner stages - package.json: keep dev's full content + add packageManager field - .gitea/workflows/ci.yml: keep fixed version with all 4 image targets - petsExtendedFields.test.ts: keep dev UUIDs + PR's vi.fn() mocks Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 02:58:11 +00:00
The Dogfather	da913d600f	fix(ci): add Gitea CI workflow with all 4 image targets + Node 22 (GRO-1522) CI / Lint & Typecheck (pull_request) Failing after 9s Details CI / Test (pull_request) Failing after 10s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 02:56:20 +00:00
Flea Flicker	ce9fcfb362	fix: resolve pre-existing test and TypeScript errors for CI compliance CI / Lint & Typecheck (pull_request) Failing after 6s Details CI / Test (pull_request) Successful in 21s Details CI / Build (pull_request) Has been skipped Details CI / Build & Push Docker Images (pull_request) Has been skipped Details CI / Update Infra Image Tags (pull_request) Has been skipped Details - Fix CLIENT_ID/PET_ID in petsExtendedFields.test.ts to valid UUIDs so createPetSchema validation (z.string().uuid()) passes in tests - Replace top-level imports of and/eq/exists/or with vi.fn() stubs in petsExtendedFields.test.ts mock to avoid vi.mock hoisting ReferenceError - Add impersonationAuditLogs proxy + insert() chain to portal.test.ts mock to fix audit-log write failures - Add 5 missing extended fields to buildPet factory defaults - Add non-null assertion on petRows[0] in makeDeleteChainable Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>	2026-05-22 02:36:18 +00:00
Flea Flicker	59893908e2	fix: resolve pre-existing TypeScript errors for CI compliance CI / Lint & Typecheck (pull_request) Failing after 17s Details CI / Test (pull_request) Failing after 24s Details CI / Build (pull_request) Has been skipped Details CI / Build & Push Docker Images (pull_request) Has been skipped Details CI / Update Infra Image Tags (pull_request) Has been skipped Details - petsExtendedFields.test.ts: import and/eq/exists/or from db/index.js (avoids mock scope collision with TypeScript closures) - petsExtendedFields.test.ts: add non-null assertion on petRows[0] in makeDeleteChainable (petRows always has at least one element) - factories.ts buildPet: add missing extended pet fields to defaults (coatType, temperamentScore, temperamentFlags, medicalAlerts, preferredCuts) so the inferred PetRow type is satisfied Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 02:23:05 +00:00
Flea Flicker	2b78fcf731	fix(ci): build all service images + upgrade Node 22 + pin packageManager (GRO-1522) CI / Lint & Typecheck (pull_request) Failing after 18s Details CI / Test (pull_request) Failing after 26s Details CI / Build (pull_request) Has been skipped Details CI / Build & Push Docker Images (pull_request) Has been skipped Details CI / Update Infra Image Tags (pull_request) Has been skipped Details - Upgrade CI jobs (lint-typecheck, test, build) to Node 22 - Dockerfile uses node:22-alpine for base and runner stages - Root package.json gets packageManager field for corepack pin - Docker build already targets all 4 stages (api/migrate/seed/reset) Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 02:16:49 +00:00
Flea Flicker	c9e176f08c	Merge branch 'dev' of https://git.farh.net/groombook/api into dev CI / Lint & Typecheck (push) Failing after 14s Details CI / Test (push) Failing after 20s Details CI / Build & Push Docker Image (push) Has been skipped Details	2026-05-21 22:54:47 +00:00
Flea Flicker	0cab1522cf	fix(deps): update pnpm-lock.yaml for better-auth ^1.5.6 ERR_PNPM_OUTDATED_LOCKFILE — specifiers in lockfile did not match packages/db/package.json after better-auth upgrade. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-21 22:54:01 +00:00
The Dogfather	2a27e8bee2	Merge pull request 'fix(auth): add accountLinking trustedProviders for authentik (GRO-1509)' (#42 ) from flea-flicker/gro-1509-better-auth-account-not-linked into dev CI / Lint & Typecheck (push) Failing after 5s Details CI / Test (push) Failing after 6s Details CI / Build & Push Docker Image (push) Has been skipped Details fix(auth): add accountLinking trustedProviders for authentik (GRO-1509) Merged-by: The Dogfather (CTO) QA-approved-by: Lint Roller (GRO-1510)	2026-05-21 22:47:25 +00:00
Flea Flicker	d6f7ade7bd	docs(UAT): add TC-API-1.16 for OIDC login Terraform-provisioned users CI / Lint & Typecheck (pull_request) Failing after 6s Details CI / Test (pull_request) Failing after 6s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details Updated UAT_PLAYBOOK.md §4.1 — new TC-API-1.16 covering OIDC login for Terraform-provisioned users (GRO-1509 fix, GRO-1511). Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 22:44:04 +00:00
Flea Flicker	00dadac0a1	fix(auth): add accountLinking trustedProviders for authentik (GRO-1509) CI / Test (pull_request) Failing after 44s Details CI / Lint & Typecheck (pull_request) Failing after 52s Details CI / Build & Push Docker Image (pull_request) Has been skipped Details Betters Auth v1.5.6 link-account.mjs:22 rejects OAuth callbacks when the genericOAuth provider is not in trustedProviders AND email_verified is falsy. Adding authentik to trustedProviders bypasses this guard so OIDC login works for TF-created users whose emails were never verified through an authentik flow. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 22:24:48 +00:00
The Dogfather	9692476202	fix(GRO-1470): add portal PATCH /pets/:id + expand GET /pets response CI / Lint & Typecheck (push) Failing after 7s Details CI / Test (push) Failing after 7s Details CI / Build & Push Docker Image (push) Has been skipped Details	2026-05-21 20:16:53 +00:00