Oleksandr Bezdieniezhnykh
f369153149
Batch 5 (cycle 2 hotfix sprint, batch 1 of 2). 6 story points under epic AZ-530. Addresses 2 Critical + 2 High deploy-blocking findings from security_report_cycle2.md (F-INFRA-1..F-INFRA-4). AZ-552 — drop_jwt_secret_deploy_preflight (1 pt, F-INFRA-1 Critical) scripts/start-services.sh swaps obsolete JwtConfig__Secret preflight for the cycle-2 trio (KeysFolder + ActiveKid + DataProtection.KeysFolder). .env.example, env/api/env.ps1, _docs/04_deploy/* updated to match. Repo scan in scripts/ and .env.example returns 0 offenders. AZ-553 — bind_mount_es256_keys (2 pts, F-INFRA-2 Critical) start-services.sh bind-mounts DEPLOY_HOST_JWT_KEYS_DIR read-only at /etc/azaion/jwt-keys; preflight fails fast on a missing or empty host directory with operator-actionable error messages. AZ-554 — persist_dataprotection_keys (2 pts, F-INFRA-3 High) Program.cs DataProtection wiring now fails fast in Production when KeysFolder is unset OR not probe-writable. start-services.sh bind-mounts DEPLOY_HOST_DP_KEYS_DIR read-write at /var/lib/azaion/dp-keys. Development behaviour unchanged (ephemeral default). AZ-555 — secrets_readme_es256_rewrite (1 pt, F-INFRA-4 High) secrets/README.md schema fully rewritten; new "Host-side directories" subsection with bind-mount table + ownership/permission guidance. Cycle-1 JwtConfig__Secret removed from live schema (one prose deprecation paragraph retained). Adjacent hygiene module-layout.md "Owns" extended to include scripts/, secrets/, env/, .env.example (gap from Step 9 new-task layout-delta). Tests e2e/Azaion.E2E/Tests/Cycle2HotfixDeployTests.cs — 19 facts (8 exec, 11 Skip with rationale per AZ-537/AZ-538 precedent). Skipped tests cover preflight/restart/Production-only paths verified at deploy gate. Build: 0W 0E across Azaion.AdminApi + Azaion.E2E. Test run deferred to autodev Step 11 (Run Tests). Tracker transition deferred to next batch (MCP availability unverified in this session — Leftovers pattern). Co-authored-by: Cursor <cursoragent@cursor.com>
Azaion Admin API — black-box E2E tests
Run (Docker)
From the repository root:
docker compose -f docker-compose.test.yml up --build --abort-on-container-exit --exit-code-from e2e-consumer
Reports are written to e2e/test-results/ on the host (results.trx, results.xunit.xml).
Database bootstrap
The stock Postgres entrypoint runs every file in /docker-entrypoint-initdb.d/ against POSTGRES_DB only. The scripts under env/db/ expect different databases (postgres vs azaion), so e2e/db-init/00_run_all.sh runs 01_permissions.sql on postgres, then 02_structure.sql, 03_add_timestamp_columns.sql, and 99_test_seed.sql on azaion. The compose file uses POSTGRES_USER=postgres so 01_permissions.sql can create roles and the azaion database as written.
99_test_seed.sql sets azaion_admin / azaion_reader passwords to test_password (matching the API connection strings) and updates seed user password hashes for Admin1234 and Upload1234.
Local dotnet test (without Docker)
appsettings.test.json targets http://system-under-test:8080. Running tests on the host will fail fixture setup unless you override ApiBaseUrl (for example via environment variables) and run the API plus Postgres yourself.