284313f908
Some checks are pending
Bidi Control Character Guard / bidi-control-guard (push) Waiting to run
Circular Dependency Check / Check for new circular dependencies (push) Waiting to run
Citus Migration Smoke / Combined migrations on single-node Citus (push) Waiting to run
E2E Fresh Install Tests / fresh-install-e2e (push) Waiting to run
ext-v2 guardrails / Run ext-v2 guard and ESLint (push) Waiting to run
Integration Tests / Check for relevant changes (push) Waiting to run
Integration Tests / ${{ (github.event_name == 'schedule' || github.event.inputs.suite == 'full') && 'Full integration suite' || 'Tier-1 integration subset' }} (push) Blocked by required conditions
Mobile checks / Mobile lint + typecheck (push) Waiting to run
Mobile checks / Mobile unit tests (push) Waiting to run
Mobile checks / Mobile dependency audit (report) (push) Waiting to run
Mobile checks / Mobile reproducibility checks (push) Waiting to run
Secrets guard (env backups) / Ensure no tracked env backup files (push) Waiting to run
Temporal Readiness / fast-readiness (push) Waiting to run
Temporal Readiness / docker-parity (push) Waiting to run
TypeScript Type Check / Nx affected typecheck (push) Waiting to run
Unit Tests / Skipped-test budget (push) Waiting to run
Unit Tests / Nx affected unit tests (push) Waiting to run
Unit Tests / Server unit coverage (informational) (push) Waiting to run
Validate Tenant Management Schema / Check for relevant changes (push) Waiting to run
Validate Tenant Management Schema / Validate Tenant Management Schema (push) Blocked by required conditions
EE Workflows Build Guard / ee-workflows-build-guard (push) Waiting to run
Excluded: .git, node_modules, secrets/, compose.env, assemblyscript tgz Source: /opt/alga-psa on psa.joliet.tech
245 lines
8.1 KiB
JSON
245 lines
8.1 KiB
JSON
[
|
|
{
|
|
"id": "T001",
|
|
"description": "[AUTO] Migration up: claim_codes.entitlement_id is nullable and claim_codes.tenant_id (uuid, FK\u2192tenant_registry, indexed) exists; down reverts cleanly. Run against a throwaway postgres (gated on DB_HOST; DELETE not TRUNCATE for the least-priv role).",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F002",
|
|
"F003"
|
|
]
|
|
},
|
|
{
|
|
"id": "T002",
|
|
"description": "[AUTO] db round-trip: insertClaimCode with tenant_id and null entitlement_id persists; getClaimCode returns tenant_id + nullable entitlement_id.",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F004",
|
|
"F005"
|
|
]
|
|
},
|
|
{
|
|
"id": "T003",
|
|
"description": "[SMOKE] /register essentials: a code with null entitlement_id returns 200 with tenant_id + edition + company/contact and NO token/credential, and creates NO appliance row (nothing to refresh); registry flips to installed. Validated in the build-step-4 live loop.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F010",
|
|
"F012",
|
|
"F013",
|
|
"F015"
|
|
]
|
|
},
|
|
{
|
|
"id": "T004",
|
|
"description": "[SMOKE] /register paid: a code with an entitlement returns a license whose decoded aud == the registry-minted tenant_id (not a body-supplied value), plus appliance_credential + check_in_url. Validated live with a real signed key.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F010",
|
|
"F014",
|
|
"F015"
|
|
]
|
|
},
|
|
{
|
|
"id": "T005",
|
|
"description": "[AUTO] /register sets the registry row to status='installed' + installed_at on success.",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F016",
|
|
"F007"
|
|
]
|
|
},
|
|
{
|
|
"id": "T006",
|
|
"description": "[AUTO] reissue: revokeClaimCodesForTenant invalidates prior unconsumed codes and a fresh code is minted for the SAME tenant_id; the old code then fails /register as consumed/invalid.",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F006",
|
|
"F030",
|
|
"F031",
|
|
"F032",
|
|
"F033"
|
|
]
|
|
},
|
|
{
|
|
"id": "T007",
|
|
"description": "[SMOKE] createTenant honors INITIAL_TENANT_ID: with tenantId set, the tenants row uses that exact UUID; with it unset, a DB-generated UUID is used (no regression). (needs the full alga-psa tenants schema; validated in the live install loop rather than a unit DB.)",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F050",
|
|
"F051",
|
|
"F054"
|
|
]
|
|
},
|
|
{
|
|
"id": "T008",
|
|
"description": "[SMOKE] Idempotent install: rerunning create-tenant with the same INITIAL_TENANT_ID does not create a duplicate tenant or admin user. (needs the full alga-psa tenants schema; validated in the live install loop rather than a unit DB.)",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F055"
|
|
]
|
|
},
|
|
{
|
|
"id": "T010",
|
|
"description": "[SMOKE] /register-tenant (essentials) on the live service returns tenant_id + install_code + download_url and creates a tenant_registry row at status='registered'.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F020",
|
|
"F021",
|
|
"F023",
|
|
"F024"
|
|
]
|
|
},
|
|
{
|
|
"id": "T011",
|
|
"description": "[SMOKE] The presigned download_url fetches the current generic ISO; an expired URL is rejected by the object store.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F024",
|
|
"F040",
|
|
"F041",
|
|
"F042"
|
|
]
|
|
},
|
|
{
|
|
"id": "T012",
|
|
"description": "[SMOKE] Full essentials loop on the appliance VM: register \u2192 download \u2192 setup UI (enter install code + admin password) \u2192 appliance boots under the minted tenant_id at edition=essentials, license_state seeded (no token), registry flips to installed. Admin can log in with the set password.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F052",
|
|
"F053",
|
|
"F060",
|
|
"F061",
|
|
"F062",
|
|
"F063",
|
|
"F064",
|
|
"F066"
|
|
]
|
|
},
|
|
{
|
|
"id": "T013",
|
|
"description": "[SMOKE] Full paid loop: register + Stripe checkout \u2192 install \u2192 appliance shows licensed at the purchased tier, license bound (aud=tenant_id), license_state holds token/credential/check_in_url.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F022",
|
|
"F065",
|
|
"F074"
|
|
]
|
|
},
|
|
{
|
|
"id": "T014",
|
|
"description": "[SMOKE] Reinstall recovery: wipe the appliance \u2192 portal re-issue install code \u2192 reinstall \u2192 the appliance comes back under the SAME tenant_id.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F063",
|
|
"F075",
|
|
"F031"
|
|
]
|
|
},
|
|
{
|
|
"id": "T015",
|
|
"description": "[SMOKE] A consumed (already-used) code entered at setup shows a clear error pointing to portal re-issue.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F067"
|
|
]
|
|
},
|
|
{
|
|
"id": "T016",
|
|
"description": "[SMOKE] With alga-license unreachable, setup blocks redeem with a clear 'license service unreachable' message rather than silently generating a local tenant.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F068"
|
|
]
|
|
},
|
|
{
|
|
"id": "T017",
|
|
"description": "[SMOKE] nm-store registration form submits \u2192 confirmation page shows the install code + download link, and the confirmation email arrives with both.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F070",
|
|
"F071",
|
|
"F072",
|
|
"F073"
|
|
]
|
|
},
|
|
{
|
|
"id": "T018",
|
|
"description": "[SMOKE] nm-store portal 're-issue install code' action (authed) returns a fresh code + link for an existing tenant resolved by email.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F075"
|
|
]
|
|
},
|
|
{
|
|
"id": "T019",
|
|
"description": "[SMOKE] Legacy/non-registry path: an appliance installed with INITIAL_TENANT_ID unset still creates its own tenant and (if applicable) registers/licenses via the body tenant_id fallback, unchanged.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F011",
|
|
"F054"
|
|
]
|
|
},
|
|
{
|
|
"id": "T020",
|
|
"description": "[SMOKE] Paid /check-in after install rolls the token forward and preserves aud=tenant_id across the re-sign.",
|
|
"implemented": false,
|
|
"featureIds": [
|
|
"F014",
|
|
"F065"
|
|
]
|
|
},
|
|
{
|
|
"id": "T021",
|
|
"description": "[AUTO] presignGetObject builds a path-style SigV4 GET URL with all required X-Amz-* params, a 64-hex signature, deterministic for fixed inputs, and changes with the secret.",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F040",
|
|
"F042"
|
|
]
|
|
},
|
|
{
|
|
"id": "T022",
|
|
"description": "[AUTO] getActiveEntitlementByTenant returns a paid tenant's active entitlement (reissue re-attach) and undefined for revoked/essentials.",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F033"
|
|
]
|
|
},
|
|
{
|
|
"id": "T023",
|
|
"description": "[AUTO] install-code.mjs: redeemInstallCode maps paid/essentials /register responses, surfaces friendly errors for consumed/unreachable/no-URL, deriveApplianceId is stable, licenseSeedFromRedeem maps editions to seed literals (7 unit tests).",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F061",
|
|
"F062",
|
|
"F065"
|
|
]
|
|
},
|
|
{
|
|
"id": "T024",
|
|
"description": "[AUTO] setup-engine workflow: a redeemed install code threads INITIAL_TENANT_ID into the appliance-initial-tenant Secret; a redeem failure returns a preflightFailure that blocks the install (step=redeem-install-code).",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F063",
|
|
"F067",
|
|
"F068"
|
|
]
|
|
},
|
|
{
|
|
"id": "T025",
|
|
"description": "[AUTO] nm-store alga-license client: registerTenant POSTs to /register-tenant with Bearer auth + maps fields; surfaces service error detail on non-ok; reissueInstallCode maps + requires tenantId|contactEmail. Validated via tsx harness (repo vitest env has a strip-literal dep gap).",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F077"
|
|
]
|
|
},
|
|
{
|
|
"id": "T026",
|
|
"description": "[AUTO] applianceRegistration (vitest, deps injectable): registerApplianceAndEmail registers then emails + merges emailSent; reissueApplianceAndEmail; sendInstallCodeEmail skips w/o RESEND_API_KEY and POSTs to Resend w/ Bearer when set. Typecheck-clean; runs in CI (this env's vitest has a strip-literal gap + server-only blocks tsx).",
|
|
"implemented": true,
|
|
"featureIds": [
|
|
"F073",
|
|
"F077"
|
|
]
|
|
}
|
|
]
|