azaion/annotations
1
0
Fork 0
mirror of https://github.com/azaion/annotations.git synced 2026-06-21 21:11:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
90d48cf3c014236a71f4edc29649f013fad0275b
annotations/_docs/02_document/glossary.md
T
Oleksandr Bezdieniezhnykh 03f879206e docs+src: complete Steps 1-3 outcomes + auth re-sync baseline 
This commit captures everything produced during autodev existing-code
Steps 1 (Document), 2 (Architecture Baseline Scan), and 3 (Test Spec),
together with the targeted auth + CORS re-sync triggered on 2026-05-14
when codebase drift was detected at Step 4 entry. None of this work was
previously committed.

Step 1 (Document) — 50+ _docs/02_document/ files: problem, solution,
architecture, system flows, glossary, module-layout, per-component
specs (01..06), modules, deployment, diagrams, data model, FINAL
report, verification log, discovery.

Step 2 (Architecture Baseline) — architecture_compliance_baseline.md.
Verdict PASS_WITH_WARNINGS (0 Critical, 0 High, 1 Medium, 2 Low). No
High/Critical findings; auto-chained to Step 3 per existing-code flow.

Step 3 (Test Spec) — _docs/02_document/tests/* (67 scenarios across
blackbox, security, resilience, resource-limit, performance), plus
e2e/docker-compose.test.yml, e2e/seed/run.sh, scripts/run-tests.sh,
scripts/run-performance-tests.sh. Coverage 88% over the active scope
(40 of 45 items covered, 6 RB-deferred, 5 documented-as-uncovered).

Targeted auth + CORS re-sync — replaces the deleted in-house token
issuer with a JWKS-verifier model. AuthController and TokenService
removed; JwtExtensions switched from HS256 symmetric to ES256 over
admin's JWKS. ConfigurationResolver and CorsConfigurationValidator
added under src/Infrastructure/. ADR-002 and ADR-006 retired; SEC-01,
SEC-02, SEC-03 marked Closed. One new testability risk recorded in
architecture.md Open Risks Section 6 (JWKS HTTPS gating).

Source changes:
- src/Auth/JwtExtensions.cs (modified) — ES256, JWKS, alg pinning
- src/Program.cs (modified) — DI wiring for ConfigurationResolver
  and CorsConfigurationValidator
- src/Controllers/AuthController.cs (deleted) — no in-service issuance
- src/Services/TokenService.cs (deleted) — same
- src/Infrastructure/ConfigurationResolver.cs (new)
- src/Infrastructure/CorsConfigurationValidator.cs (new)
- .env.example (new) — required env var documentation
- .gitignore (updated)

Cross-repo coordination: _docs/cross-repo/flights_h1_h2_h3_change_spec
captures the change-spec for downstream services that consumed the now
deleted /auth endpoints.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-14 20:19:05 +03:00

7.3 KiB
Raw Blame History

Glossary

Status: confirmed-by-user 2026-05-14.

System-wide terminology for Azaion.Annotations. Generic CS / industry terms (HTTP, JWT mechanics, REST, etc.) are excluded — only project-specific or domain-specific terms are listed. Each entry cites the doc or source file that establishes it.

Annotation — Hash-keyed record carrying detections, status, source, user, and time, attached to a media row. Central object of the service. source: data_model.md, modules/annotations-service.md.

Annotation event — SSE payload (AnnotationEventDto) describing a lifecycle change broadcast to UI subscribers. source: modules/sse-realtime.md, DTOs/AnnotationEventDto.cs.

AnnotationSource — Wire enum: AI = 0, Manual = 1. source: Enums/AnnotationSource.cs.

AnnotationStatus — Wire enum: None = 0, Created = 10, Edited = 20, Validated = 30, Deleted = 40. Soft-delete uses value 40 (per ADR-009). source: Enums/AnnotationStatus.cs.

Annotator UI — Operator-facing client of 01 Annotations REST + SSE. Active editing surface. source: components/01_annotations-rest/description.md.

Bulk status — Multi-id status update via POST /dataset/bulk-status carrying BulkStatusRequest { AnnotationIds, Status }. source: Controllers/DatasetController.cs:34.

Business transaction — The lifecycle-level transactional boundary planned per ADR-008: DB rows + outbox commit atomically; FS writes and SSE publish run post-commit using the outbox row as the durable promise. source: architecture.md ADR-008.

Camera settings — Per-camera calibration (altitude, focal_length, sensor_width) used by detection geometry. source: data_model.md, Database/Entities/CameraSettings.cs.

Combat readiness — Wire enum on a detection (CombatReadiness). source: Enums/CombatReadiness.cs, modules/wire-enums.md.

Dataset Explorer — Read-heavy UI exposed under /dataset (policy DATASET). source: components/04_dataset/description.md, suite 09_dataset_explorer.md.

Detection — Bounding box (center_x/y, width, height) + class number + label + affiliation + combat readiness, child of an annotation. source: data_model.md, Database/Entities/Detection.cs.

Detection class — Row in detection_classes (id, name, short_name, color, max_size_m, photo_mode). 19 rows seeded by the migrator; becoming admin-managed per RB-06. source: data_model.md, Database/DatabaseMigrator.cs.

Directory settings — DB-driven filesystem roots (videos_dir, images_dir, labels_dir, thumbnails_dir, results_dir, gps_sat_dir, gps_route_dir). Consumed via PathResolver. RB-01 will add deleted_dir for soft-delete relocation. source: data_model.md, Database/DatabaseMigrator.cs, modules/common-infrastructure.md.

Failsafe outboxannotations_queue_records table; the durable bridge between local writes and the RabbitMQ stream. Drained by FailsafeProducer. source: architecture.md ADR-003, modules/rabbitmq-stream-sync.md.

FlightDeprecated synonym for Mission. The codebase currently uses FlightId (DTOs and service queries) but will rename to MissionId per RB-07 to align with the suite spec. source: 00_discovery.md drift list, ADR-012.

JWT policies — Authorization claims ANN, DATASET, ADM checked by [Authorize(Policy = ...)] on controllers. source: modules/auth-identity.md, Auth/JwtExtensions.cs.

Media — Uploaded image / video reference, waypoint-scoped, written via MediaController. source: data_model.md, components/03_media/description.md.

MessagePack — Wire encoding for outbox messages on the RabbitMQ stream (AnnotationQueueMessage, AnnotationBulkQueueMessage). Gzip-compressed at the producer. source: modules/rabbitmq-stream-sync.md, Services/FailsafeProducer.cs.

MissionCanonical domain term per the suite spec — the logical grouping that the codebase currently calls "Flight" and that physically backs onto media.waypoint_id. The code → suite alignment is RB-07 / ADR-012; the suite remains canonical. source: suite/_docs/01_annotations.md, 00_discovery.md.

PathResolver — DI singleton that lazy-loads filesystem roots from directory_settings and exposes per-annotation paths (image / label / thumbnail / result). Calls Reset() after directory updates. source: modules/common-infrastructure.md, Services/PathResolver.cs.

QueueOperation — Outbox enum: Created = 0, Validated = 1, Deleted = 2. RB-01 may add Updated for UpdateAnnotation semantics. source: Enums/QueueOperation.cs.

RabbitMQ Stream azaion-annotations — Durable export channel consumed by the admin sync worker and the AI training pipeline. Default port 5552. source: architecture.md ADR-003, Program.cs:43.

Refresh token — Long-lived credential issued and rotated by the admin service. Annotations is a verifier only — it neither mints nor refreshes tokens. Long-running callers (e.g. the detections service) refresh against admin's POST /token/refresh and pass the resulting ES256 access token to annotations. source: modules/auth-identity.md.

Silent detectionDeprecated. Boolean flag on system_settings that gated outbox enqueue during development debugging. Scheduled for removal per ADR-010 / RB-02 — the suite e2e harness covers this need now. source: architecture.md ADR-010.

Soft-deleteDeleteAnnotation semantics agreed on 2026-05-14: status flips to AnnotationStatus.Deleted = 40, the annotation row stays, and image / label / thumbnail files relocate to deleted_dir. RB-01 implements this; today's code is hard-delete. source: architecture.md ADR-009 / RB-01.

SSE (Server-Sent Events)text/event-stream channel on GET /annotations/events carrying AnnotationEventDto payloads. In-process, per-instance; no cross-pod fan-out. source: modules/sse-realtime.md, Controllers/AnnotationsController.cs.

System settings — Singleton-ish service-config row (thumbnail_*, generate_annotated_image, etc.). source: data_model.md.

Thumbnail — Per-annotation small image at thumbnails_dir/{id}.jpg. Not produced by CreateAnnotation — read-only via PhysicalFile; populated out-of-band today. source: system-flows.md Flow F1, F2.

Transactional outbox — Pattern adopted in ADR-008: a queue table populated inside a DB transaction, drained asynchronously by a background worker (FailsafeProducer), used to bridge local commits to a remote stream durably. source: architecture.md ADR-003, ADR-008.

User settings — Per-user UI prefs (selected flight / mission, panel widths). Unique on user_id. source: data_model.md, Database/Entities/UserSettings.cs.

Waypoint — UUID associated with media uploads, used for mission-scoped grouping. Physical foreign key under the logical "Mission" concept. source: Database/Entities/Media.cs.

World B — Internal label for the agreed lifecycle-observability stance: every annotation mutation publishes SSE and enqueues the outbox, not just Create. source: architecture.md ADR-009.

YOLO label — Plain-text format used in {id}.txt files: one detection per line, fields class cx cy w h (normalized box). source: Services/AnnotationService.cs:243249, modules/annotations-service.md.

Reference in New Issue View Git Blame Copy Permalink