---
estimated_steps: 12
estimated_files: 4
skills_used: []
---

# T01: Add preflight gate for live API/auth readiness

Build a repeatable preflight script and doc so environment blockers are caught before browser UAT.
- Why: avoid the ERR_CONNECTION_REFUSED/CORS/auth mismatch that currently blocks the UI.
- Steps:
  1) Create `scripts/s06-preflight.sh` (bash, executable) that assumes backend already started; probes `/api/auth/config` and `/api/admin/system` on `http://localhost:5202/api`, printing database/auth/gmailConfigured/ai status and failing fast on unreachable endpoints.
  2) Ensure script respects `API_BASE` env override and uses `curl -f` with readable errors; no secrets logged.
  3) Add a short runbook snippet to `README.md` showing backend start command from `JobTrackerApi/` and how to run the preflight (including auth token note if required).
  4) Sanity-check CORS expectations vs `job-tracker-ui/src/api.ts` and document the required origin pairing (UI :3000, API :5202).
- Failure Modes (Q5): API down → exit 1 with hint to start API; Auth required without token → script notes auth required and how to obtain; malformed JSON → show raw body and fail.
- Load Profile (Q6): trivial single-user curl calls; no scaling concern.
- Negative Tests (Q7): run script with API stopped (expect non-zero); run with wrong `API_BASE` (expect clear error message).
- Must-haves: preflight script exists/executable; README runbook mentions backend start + preflight; script outputs gmailConfigured/auth/db/ai fields.
- Verification: `bash scripts/s06-preflight.sh`

## Inputs

- ``JobTrackerApi/Program.cs``
- ``JobTrackerApi/appsettings.Development.json``
- ``job-tracker-ui/src/api.ts``
- ``README.md``

## Expected Output

- ``scripts/s06-preflight.sh``
- ``README.md``

## Verification

bash scripts/s06-preflight.sh

## Observability Impact

Adds preflight status surface exposing DB/auth/gmail/ai readiness via curl; provides explicit failure messages for unreachable API/CORS/auth.