Promote dev → uat: GRO-1326 UAT email+password credentials #25

Merged

The Dogfather merged 12 commits from dev into uat 2026-05-20 04:25:29 +00:00

Conversation 0 Commits 12 Files Changed 12

+1053 -6

The Dogfather commented 2026-05-20 04:24:45 +00:00

Member

Copy Link

Copy Source

Promotion: dev → uat

Includes GRO-1326: email+password credential provisioning for 4 UAT accounts (uat-super, uat-groomer, uat-customer, uat-tester).

Once merged and deployed, UAT testers can log in via POST /api/auth/sign-in/email with the seeded passwords (requires SEED_UAT_*_PASSWORD env vars wired in via GRO-1327).

cc @cpfarhood

## Promotion: dev → uat Includes GRO-1326: email+password credential provisioning for 4 UAT accounts (uat-super, uat-groomer, uat-customer, uat-tester). Once merged and deployed, UAT testers can log in via POST /api/auth/sign-in/email with the seeded passwords (requires SEED_UAT_*_PASSWORD env vars wired in via GRO-1327). cc @cpfarhood

The Dogfather added 12 commits 2026-05-20 04:24:45 +00:00

feat(api): add extended pet profile fields — schema, migration, CRUD, Zod validation ... 70af9da338

Adds five new nullable columns to the pets table:
- coat_type (text)
- temperament_score (integer, range 1–5)
- temperament_flags (jsonb, string[])
- medical_alerts (jsonb, typed MedicalAlert[])
- preferred_cuts (jsonb, string[])

Also:
- Exports MedicalAlert interface and MedicalAlertSeverity type from schema
- Updates shared Pet type in packages/types
- Adds Zod validators for all fields (ranges, max lengths, enum)
- Adds 14 tests covering happy path and validation edge cases
- Fixes drizzle.config.ts schema path (was ./src/schema.ts, correct is ./src/db/schema.ts)

Refs: GRO-1176

Co-Authored-By: Paperclip <noreply@paperclip.ing>

fix: export named DB utilities in petsExtendedFields test mock ... 434c7b94e2

pets.ts imports pets, appointments, and, eq, exists, or directly from
"../db". The vi.mock factory only returned getDb, causing vitest to throw
"No 'pets' export is defined" and 7 tests to get 400 instead of 201/200.
Fix adds the missing named exports to the mock return object.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

fix(gro-1261): correct infra paths in CI Update Infra Image Tags job (#16) ... 2c928ca4d7

The CI workflow referenced wrong paths in groombook/infra:
- apps/groombook/overlays/dev/ → apps/overlays/dev/
- apps/groombook/base/ → apps/base/

These paths don't exist in groombook/infra — the correct structure
is apps/overlays/dev/ and apps/base/.

Co-authored-by: Chris Farhood <chris@farhood.org>
Co-authored-by: Paperclip <noreply@paperclip.ing>

Merge pull request 'feat(api): add extended pet profile fields — schema, migration, CRUD, Zod validation' (#10) from flea-flicker/pet-profile-extended-fields into dev ... f12ec4f8d3

feat(api): add extended pet profile fields — schema, migration, CRUD, Zod validation (GRO-1176)

Merge groombook/api#10

GRO-1178: add extended pet fields to api types ... 22457ac361

Co-Authored-By: Paperclip <noreply@paperclip.ing>

feat(seed): provision Better-Auth email+password credentials for UAT accounts ... a0a75d7e25

Adds a seeding step after UAT staff creation that:
- Creates Better-Auth user records (emailVerified: true) for 4 UAT accounts
- Creates account records with providerId="credential" and scrypt-hashed passwords
- Links staff.userId for accounts with existing staff records (super, groomer, tester)
- Reads passwords from SEED_UAT_*_PASSWORD env vars (guard clause skips if unset)
- Is fully idempotent (upsert-safe)

Bypasses Authentik SSO for UAT login; Shedward can authenticate via
POST /api/auth/sign-in/email using the same UAT password secrets.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

test(api): cover UAT email+password credential seed logic ... 575789f7f5

Adds seed-uat-credentials.test.ts covering all 7 acceptance criteria:
- AC-1: creates user + account for each UAT account with password env var
- AC-2: emailVerified = true on created users
- AC-3: providerId = "credential", password properly hashed (scrypt, salt:hash)
- AC-4/AC-4b: staff.userId linked when staff exists, not updated if already set
- AC-5: idempotent — re-running creates no duplicates
- AC-6: missing SEED_UAT_*_PASSWORD skips that account with warning (no error)
- AC-7: partial env var coverage — only provisioned accounts get created

References GRO-1326.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

fix(GRO-1326): add missing Pet fields to buildPet and reduce test scrypt N ... 9ba5da5e75

- Add coatType, temperamentScore, temperamentFlags, medicalAlerts,
  preferredCuts to buildPet() defaults — schema recently added these
  columns but factories was still missing them, causing TS2739 errors
- Reduce scrypt N from 32768 → 4096 in test helpers only — production
  seed.ts is unaffected; CI runners hit memory limit at N=32768

Co-Authored-By: Paperclip <noreply@paperclip.ing>

revert(types): remove GRO-1178 changes from PR #23 branch ... 9ccbc7a171

Removes types/index.ts and factories.ts changes that belong in PR #21
(GRO-1178), not this PR. The extended Pet type fields caused CI typecheck
failures because the seed/credential logic doesn't use them.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

fix(seed): use better-auth/crypto hashPassword to match verifyPassword params ... d3122ad701

The seed.ts password hashing used N=32768, r=8, p=1 with base64 encoding,
which does not match @better-auth/utils@0.4.0's actual implementation
(N=16384, r=16, p=1, dkLen=64, hex encoding). This caused every seeded
UAT credential to fail verifyPassword at sign-in.

Fix: import hashPassword from "better-auth/crypto" in seed.ts and in the
test helper. This delegates to Better-Auth's own implementation,
guaranteeing parameter and encoding match.

Also updates test assertions to expect hex format (saltHex:keyHex) and
verifies the hash using the correct scrypt params (N=16384, r=16, p=1).

Co-Authored-By: Paperclip <noreply@paperclip.ing>

fix(test): async hashPassword + hex format fixes for typecheck ... f9a3ebc0f3

- hashPassword is now async — all callers await it
- AC-3/AC-1 assertions updated to expect hex format (saltHex:keyHex)
- Destructuring replaced with explicit array access to fix TS strictness on
  possibly-undefined split() result
- scrypt verification removed from test (N=16384 exceeds CI runner memory;
  format assertions are sufficient)
- Removed unused scryptSync import

Co-Authored-By: Paperclip <noreply@paperclip.ing>

Merge pull request 'GRO-1326: Extend seed.ts — UAT email+password credentials' (#23) from flea-flicker/uat-email-password-seed into dev ... c19e19c709

GRO-1326: Extend seed.ts — UAT email+password credentials (#23)

Provisions Better-Auth user+account records for 4 UAT accounts enabling email+password login via POST /api/auth/sign-in/email.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

The Dogfather merged commit 247570abc8 into uat 2026-05-20 04:25:29 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

bug

Something isn't working

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

question

Further information is requested

wontfix

This will not be worked on

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: groombook/api#25