Atlassian MCP came back online; per tracker.mdc Leftovers Mechanism
the deferred Jira writes for the testability refactor have been
replayed:
- Epic AZ-560 created — 01-testability-refactoring (annotations)
- Task AZ-561 created — JWKS HTTPS env gate (was C01, 1 pt)
- Task AZ-562 created — RabbitMQ host DNS resolution (C02, 2 pt)
Both tasks linked to epic AZ-560 with status To Do and full
descriptions matching the in-tree task specs. The implementation
code (commit 90d48cf) and verification (commit d7d1c0e) predate
these tickets — the tickets are after-the-fact tracker hygiene.
File housekeeping:
- Renamed _docs/02_tasks/done/01_*.md -> AZ-561_*.md and updated
the Task / Tracker / Epic headers inside.
- Renamed _docs/02_tasks/done/02_*.md -> AZ-562_*.md and updated
the Task / Tracker / Epic headers inside.
- _docs/02_tasks/_dependencies_table.md rewritten to reference
the assigned Jira IDs and the completed-batch status.
- _docs/_autodev_state.md: tracker mode flipped from `local` to
`jira` now that all pending writes succeeded.
- Deleted _docs/_process_leftovers/2026-05-14_testability-tracker.md
(replay complete; nothing left to defer).
Co-authored-by: Cursor <cursoragent@cursor.com>
Phase 6 smoke (Docker, _docs/04_refactoring/01-testability-refactoring/
smoke-compose.yml):
- Annotations app boots clean under ASPNETCORE_ENVIRONMENT=E2ETest.
- /health 200 OK; /annotations with bearer returns 401 with the
JWT library's own malformed-token rejection.
- 0 IDX20108 occurrences in logs (C01 verified).
- 0 IPAddress.Parse FormatException occurrences; FailsafeProducer
reaches the broker via Docker DNS (C02 verified).
- Full smoke report in verification.md.
Phase 7 docs:
- architecture.md: retire Open Risks §6 (testability blocker
resolved). Update the constraints block to describe the
ASPNETCORE_ENVIRONMENT-gated RequireHttps behavior.
- components/06_platform/description.md: one-liner on JwtExtensions
JWKS gating.
- components/02_annotations-realtime-sync/description.md: one-liner
on FailsafeProducer host resolution accepting literal IP or DNS.
- tests/test-data.md: refresh the JWKS URL configuration section to
point at the resolved implementation instead of the open risk.
Task housekeeping:
- _docs/02_tasks/todo/01_*.md -> done/
- _docs/02_tasks/todo/02_*.md -> done/
- _docs/_autodev_state.md: advance to Step 5 (Refactor Backlog Triage).
Tracker IDs remain placeholders pending Atlassian MCP availability —
real IDs to be assigned per
_docs/_process_leftovers/2026-05-14_testability-tracker.md.
Co-authored-by: Cursor <cursoragent@cursor.com>
C01 (JWKS HTTPS env gate, src/Auth/JwtExtensions.cs)
Gate HttpDocumentRetriever.RequireHttps on
ASPNETCORE_ENVIRONMENT != "E2ETest" (case-insensitive). HTTPS is
still enforced for Development, Staging, Production, and any
unset value. Test harness can now serve JWKS over plain HTTP via
the mock issuer documented in _docs/02_document/tests/environment.md.
C02 (RabbitMQ host DNS resolution, src/Services/FailsafeProducer.cs)
Resolve RABBITMQ_HOST via DNS when the value is not a literal IP.
Adds ResolveHostAddress(host, ct) helper that uses
IPAddress.TryParse first, then Dns.GetHostAddressesAsync. Fixes
a latent production bug (operators using a DNS hostname like
"rabbitmq" or "broker.internal" got a FormatException at startup)
and unblocks the e2e Docker test harness where the broker is
reachable only via service-name DNS.
Review report: _docs/03_implementation/reviews/batch_01_review.md
Verdict PASS_WITH_WARNINGS (1 Low/Maintainability finding,
documented as deferred to Step 8 hardening).
Tracker IDs are placeholders — Jira MCP unavailable. Real IDs to be
assigned per _docs/_process_leftovers/2026-05-14_testability-tracker.md.
Co-authored-by: Cursor <cursoragent@cursor.com>
autodev existing-code Step 4 (Code Testability Revision) — invoked
refactor skill in guided mode. Phase 0 (baseline) + Phase 1 (discovery
+ validation) + Phase 2 (analysis + task decomposition) artifacts.
list-of-changes.md identifies two surgical fixes required before the
67-scenario blackbox suite (already specified in _docs/02_document/
tests/) can run against the SUT:
C01 — env-gate JWKS RequireHttps on ASPNETCORE_ENVIRONMENT=E2ETest
(architecture.md Open Risks Section 6 prescribes this; the
mock issuer in e2e/docker-compose.test.yml serves plain HTTP)
C02 — DNS-resolve RABBITMQ_HOST in FailsafeProducer.ProcessQueue
(IPAddress.Parse currently throws on every drain cycle when
host is a service name; latent production-relevant bug, not
just a test-env issue)
Two task specs in _docs/02_tasks/todo/ (3 story points total).
Independent — no inter-task dependency.
Tracker: local — Atlassian MCP reported errored at task-creation
time. Deferred Jira writes (epic + 2 tickets) recorded in
_docs/_process_leftovers/2026-05-14_testability-tracker.md for
replay when MCP is restored.
Items explicitly deferred to Step 8 Refactor are enumerated in
list-of-changes.md "Deferred to Step 8 Refactor" — including the
FailsafeProducer static helper (F3), the JWKS GetAwaiter().GetResult()
hot path, RB-05/06/08 backlog items, and the MediaService ffprobe
empty-catch.
State: Step 4 in_progress, sub_step 3 (phase-2-task-decomposition).
Co-authored-by: Cursor <cursoragent@cursor.com>
This commit captures everything produced during autodev existing-code
Steps 1 (Document), 2 (Architecture Baseline Scan), and 3 (Test Spec),
together with the targeted auth + CORS re-sync triggered on 2026-05-14
when codebase drift was detected at Step 4 entry. None of this work was
previously committed.
Step 1 (Document) — 50+ _docs/02_document/ files: problem, solution,
architecture, system flows, glossary, module-layout, per-component
specs (01..06), modules, deployment, diagrams, data model, FINAL
report, verification log, discovery.
Step 2 (Architecture Baseline) — architecture_compliance_baseline.md.
Verdict PASS_WITH_WARNINGS (0 Critical, 0 High, 1 Medium, 2 Low). No
High/Critical findings; auto-chained to Step 3 per existing-code flow.
Step 3 (Test Spec) — _docs/02_document/tests/* (67 scenarios across
blackbox, security, resilience, resource-limit, performance), plus
e2e/docker-compose.test.yml, e2e/seed/run.sh, scripts/run-tests.sh,
scripts/run-performance-tests.sh. Coverage 88% over the active scope
(40 of 45 items covered, 6 RB-deferred, 5 documented-as-uncovered).
Targeted auth + CORS re-sync — replaces the deleted in-house token
issuer with a JWKS-verifier model. AuthController and TokenService
removed; JwtExtensions switched from HS256 symmetric to ES256 over
admin's JWKS. ConfigurationResolver and CorsConfigurationValidator
added under src/Infrastructure/. ADR-002 and ADR-006 retired; SEC-01,
SEC-02, SEC-03 marked Closed. One new testability risk recorded in
architecture.md Open Risks Section 6 (JWKS HTTPS gating).
Source changes:
- src/Auth/JwtExtensions.cs (modified) — ES256, JWKS, alg pinning
- src/Program.cs (modified) — DI wiring for ConfigurationResolver
and CorsConfigurationValidator
- src/Controllers/AuthController.cs (deleted) — no in-service issuance
- src/Services/TokenService.cs (deleted) — same
- src/Infrastructure/ConfigurationResolver.cs (new)
- src/Infrastructure/CorsConfigurationValidator.cs (new)
- .env.example (new) — required env var documentation
- .gitignore (updated)
Cross-repo coordination: _docs/cross-repo/flights_h1_h2_h3_change_spec
captures the change-spec for downstream services that consumed the now
deleted /auth endpoints.
Co-authored-by: Cursor <cursoragent@cursor.com>
Oleksandr Bezdieniezhnykh