cesnimda/jobtrackingapp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Added docs/s07-uat.md to close S07 with imported acceptance-run e…

Browse Source 
- "docs/s07-uat.md"
- ".gsd/milestones/M001/slices/S07/tasks/T01-SUMMARY.md"

GSD-Task: S07/T01
This commit is contained in:
cesnimda
2026-03-27 09:36:39 +01:00
parent 48b24b4516
commit 8f0f9bae22
19 changed files with 859 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gsd/DECISIONS.md
+1
View File
@@ -20,3 +20,4 @@
| D012 | M001/S05 | workspace-observability | Where linked Gmail thread continuity status should be exposed in the final trust loop | Show linked-thread refresh state directly in the correspondence workspace, including linked thread count and last refresh outcome, instead of hiding continuity feedback inside the Gmail import modal only. | The end-to-end trust loop depends on users being able to verify that already-linked Gmail threads stay current without re-importing. Surfacing continuity state in the main workspace keeps the job timeline trustworthy, supports final UAT, and avoids making thread refresh feel like a hidden one-off import behavior. | Yes | agent |
| D013 | M001/S06/T02 | seeding | How acceptance-ready job data is created for S06 live reruns | Seed the acceptance fixture through the live companies/jobapplications/correspondence API plus the dedicated tailored-cv, application-drafts, and followup endpoints, using deterministic company/title/thread/message identifiers for idempotent reruns. | The slice goal is a repeatable live environment check, so seeding through the same HTTP contract the UI uses proves the real backend surface, keeps package/readiness behavior aligned with production code paths, and avoids brittle direct DB mutations or duplicate correspondence on reruns. | Yes | agent |
| D014 | M001/S06/T03 | acceptance-run | How the S06 live acceptance runner should authenticate seeding and protected UI verification without requiring manual token export every rerun. | Allow the S06 acceptance runner to mint a localhost-only admin JWT from the checked-in dev JWT settings plus the local SQLite admin record when AUTH_TOKEN is missing. | The current DB snapshot contains an admin user but the placeholder development password is not reliable, and the tasks verification command must stay repeatable. A localhost-only signed JWT fallback keeps the run fully local, avoids secret prompts, does not print token material, and still exercises the real protected API/UI paths. | Yes | agent |
| D015 | M001/S06 | environment | S06 preflight auth handling | Treat /api/auth/config reachability plus an auth-limited /api/admin/system probe as a guided partial-pass, and never echo bearer tokens in preflight output. | S06 needs a repeatable go/no-go gate before browser UAT. The live stack can be healthy even when admin-only diagnostics require an extra token, so the preflight should fail hard only for unreachable/malformed API responses while still surfacing clear AUTH_TOKEN guidance and protecting secrets on shared terminals. | Yes | agent |