azaion/satellite-provider
1
0
Fork 0
mirror of https://github.com/azaion/satellite-provider.git synced 2026-06-21 20:41:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
96cd3c44950846712010067332583a7b25776fa1
satellite-provider/_docs/02_tasks/_dependencies_table.md
T
Oleksandr Bezdieniezhnykh 96cd3c4495
ci/woodpecker/push/01-test Pipeline failed
Details
ci/woodpecker/push/02-build-push unknown status
Details
[AZ-487] JWT validation baseline (HS256, all endpoints) 
Adds Microsoft.AspNetCore.Authentication.JwtBearer 8.0.21 and the
SatelliteProvider.Api.Authentication.AddSatelliteJwt extension that
validates HS256 tokens against a shared JWT_SECRET (>=32 bytes, fail
fast at startup). Every minimal-API endpoint now carries
.RequireAuthorization(); the middleware chain is UseExceptionHandler ->
UseHttpsRedirection -> UseCors -> UseAuthentication -> UseAuthorization
-> endpoints. Swagger UI gets a Bearer security definition so the
Authorize button works.

Test infrastructure: JwtTokenFactory (unit) and JwtTestHelpers
(integration) mint deterministic tokens against the same secret; the
integration test runner attaches a default Bearer token to its shared
HttpClient so existing tests continue to exercise protected endpoints.
JwtIntegrationTests adds AC-1..AC-4 and AC-7 (Swagger advertises
Bearer) end-to-end; AuthenticationServiceCollectionExtensionsTests
covers AC-5 (missing/empty/short secret fail-fast) plus env-var
precedence; JwtTokenFactoryTests covers AC-6 (claims pass through
the JwtSecurityTokenHandler.ValidateToken path JwtBearer uses).

docker-compose and scripts/run-tests.sh now propagate JWT_SECRET to
the api and integration-tests containers, with a >=32-byte guard.
.env.example documents the required keys; .env stays gitignored.

Code review verdict: PASS_WITH_WARNINGS (2 Low findings surfaced
in _docs/03_implementation/reviews/batch_01_cycle2_review.md).

Cross-component coordination: gps-denied-onboard and the mission
planner UI must attach Bearer tokens before this lands in dev.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-11 23:06:23 +03:00

118 lines
6.6 KiB
Markdown
Raw Blame History

# Task Dependencies
## Dependency Graph
### Step 6 — Implement Tests (AZ-285..AZ-290)
| Task | Depends On | Points | Status |
|------|-----------|--------|--------|
| AZ-285 Test Infrastructure | — | 3 | Done |
| AZ-286 TileService Tests | AZ-285 | 3 | Done |
| AZ-287 RegionService Tests | AZ-285 | 3 | Done |
| AZ-288 RouteService Tests | AZ-285 | 3 | Done |
| AZ-289 Integration Route Maps | AZ-285 | 2 | Done |
| AZ-290 Non-Functional Tests | AZ-285 | 3 | Done |
### Step 8 — Refactor 02-coupling-refactoring (AZ-309 epic)
| Task | Depends On | Points | Status |
|------|-----------|--------|--------|
| AZ-310 ServeTile via ITileService | — | 3 | Done (In Testing) |
| AZ-311 GetTileByLatLon via ITileService | AZ-310 | 2 | Done (In Testing) |
| AZ-312 Split Services into 3 csprojs | AZ-311 | 5 | Done (In Testing) |
| AZ-313 Update consumers (Api/Tests) | AZ-312 | 3 | Done (In Testing) |
| AZ-314 DI registration split | AZ-313 | 2 | Done (In Testing) |
| AZ-315 Documentation sync | AZ-314 | 2 | In Progress |
### Step 8 — Refactor 03-code-quality-refactoring (AZ-350 epic)
Roadmap: `_docs/04_refactoring/03-code-quality-refactoring/analysis/refactoring_roadmap.md` (4 execution phases).
| Task | C-ID | Title | Phase | Depends On | Points | Status |
|------|------|-------|-------|-----------|--------|--------|
| AZ-351 | C01 | Fix null logger to DatabaseMigrator | 1 | — | 2 | Done (In Testing) |
| AZ-352 | C02 | Replace empty catch in ExtractTileCoordinatesFromFilename | 1 | — | 2 | Done (In Testing) |
| AZ-363 | C10 | Delete write-only counters in RegionRequestQueue | 1 | — | 1 | Done (In Testing) |
| AZ-356 | C05 | Stub endpoints return 501 | 1 | — | 2 | Done (In Testing) |
| AZ-354 | C04 | Strict CORS by default | 1 | — | 2 | Done (In Testing) |
| AZ-353 | C03 | Sanitize 5xx responses via IExceptionHandler | 1 | — | 3 | Done (In Testing) |
| AZ-359 | C07 | Consolidate RegionService catch ladder | 2 | — | 3 | Done (In Testing) |
| AZ-357 | C06 | Drop tile Version concept; new migration | 2 | — | 5 | Done (In Testing) |
| AZ-362 | C09 | Idempotent POST contract | 2 | AZ-353 | 3 | Done (In Testing) |
| AZ-366 | C13 | Consolidate Haversine + filename parser | 3 | — | 2 | Done (In Testing) |
| AZ-377 | C24 | Consolidate Earth constants + 111000 | 3 | AZ-371 | 2 | Done (In Testing) |
| AZ-368 | C15 | Shared TileCsvWriter | 3 | — | 2 | Done (In Testing) |
| AZ-367 | C14 | Shared TileGridStitcher | 3 | AZ-364 | 3 | Done (In Testing) |
| AZ-369 | C16 | Move inline DTOs out of Program.cs | 3 | — | 2 | Done (In Testing) |
| AZ-365 | C12 | Decompose RouteService.CreateRouteAsync | 3 | — | 5 | Done (In Testing) |
| AZ-364 | C11 | Decompose RouteProcessingService god-class | 3 | AZ-366, AZ-367 (folds in AZ-360) | 5 | Done (In Testing) |
| AZ-360 | C08 | Replace IServiceProvider in RouteProcessingService | 3 | AZ-364 (folded) | 2 | Done (In Testing) |
| AZ-371 | C18 | Magic numbers → ProcessingConfig/MapConfig | 4 | — | 3 | Done (In Testing) |
| AZ-370 | C17 | Status / point-type enums + AC RT2 update | 4 | — | 3 | Done (In Testing) |
| AZ-373 | C20 | Clarify / drop MapsVersion | 4 | AZ-357 | 2 | Done (In Testing) |
| AZ-374 | C21 | Typed HttpClient for Google Maps | 4 | — | 2 | Done (In Testing) |
| AZ-375 | C22 | O(N) existing-tile lookup (HashSet) | 4 | AZ-371 | 2 | Done (In Testing) |
| AZ-376 | C23 | Delete unused FindExistingTileAsync | 4 | — | 1 | Done (In Testing) |
| AZ-378 | C25 | Repo `_logger` fields: delete or use | 4 | — | 1 | Done (In Testing) |
| AZ-379 | C26 | Extract repo SELECT column-list constants | 4 | — | 2 | Done (In Testing) |
| AZ-380 | C27 | Delete CalculatePolygonDiagonalDistance | 4 | — | 1 | Done (In Testing) |
| AZ-372 | C19 | dotnet format + NetAnalyzers + Coverlet | 4 | — | 3 | Done (In Testing) |
### Step 9 cycle 1 — New Task: Multi-source tile storage + UAV upload (AZ-483 epic)
| Task | Title | Depends On | Points | Status |
|------|-------|-----------|--------|--------|
| AZ-484 | Multi-source tile storage schema (source + captured_at) | — | 5 | Done (deployed cycle 1) |
### Step 9 cycle 2 — New Task: JWT validation baseline + UAV upload completion
| Task | Title | Depends On | Points | Status |
|------|-------|-----------|--------|--------|
| AZ-487 | JWT validation baseline (HS256, JWT_SECRET, all endpoints) | — (consumes suite-level contract `suite/_docs/10_auth.md`) | 2 | Done (In Testing) |
| AZ-488 | UAV tile upload endpoint with batch + 5-rule quality gate | AZ-487 (hard prereq), AZ-484 contract `tile-storage.md` v1.0.0 | 8 (over-cap, user-accepted) | To Do |
## Execution Order
### Step 6
1. AZ-285 (test infrastructure — all others depend on this)
2. AZ-286, AZ-287, AZ-288 (unit tests — can run in parallel)
3. AZ-289 (integration tests — depends on infra only)
4. AZ-290 (non-functional tests — depends on infra only)
### Step 8 (02-coupling-refactoring)
1. AZ-310 → AZ-311 (Phase A: route tile endpoints through ITileService)
2. AZ-312 → AZ-313 → AZ-314 (Phase B: physical split + consumer + DI rewire)
3. AZ-315 (Phase C: docs sync, must be last)
### Step 8 (03-code-quality-refactoring)
Phase 1 (Critical fixes): AZ-351 → AZ-352 → AZ-363 → AZ-356 → AZ-354 → AZ-353
Phase 2 (Correctness): AZ-359 → AZ-357 → AZ-362 (AZ-362 needs AZ-353)
Phase 3 (Structural cleanup): AZ-366 → AZ-377 → AZ-368 → AZ-367 → AZ-369 → AZ-365 → AZ-364 (folds AZ-360) — AZ-377 needs AZ-371
Phase 4 (Typing/config/tooling/polish): AZ-371 → AZ-370 → AZ-373 → AZ-374 → AZ-375 → AZ-376 → AZ-378 → AZ-379 → AZ-380 → AZ-372
### Step 9 cycle 1 (Multi-source tile storage epic AZ-483)
1. AZ-484 — Multi-source tile storage schema (foundational)
### Step 9 cycle 2
1. AZ-487 — JWT validation baseline (must merge first; AZ-488 hard-depends on it)
2. AZ-488 — UAV tile upload endpoint + 5-rule quality gate (consumer of both AZ-484 contract and AZ-487 auth)
## Total Effort
Step 6: 6 tasks, 17 story points
Step 8 (02-coupling-refactoring): 6 tasks, 17 story points
Step 8 (03-code-quality-refactoring): 27 tasks, ~66 story points
Step 9 cycle 1: 1 task created (AZ-484, 5 pts)
Step 9 cycle 2: 2 tasks created (AZ-487 = 2 pts, AZ-488 = 8 pts over-cap user-accepted) — total 10 pts
## Coverage Verification
| Test Spec Category | Covered By |
|-------------------|------------|
| blackbox-tests.md (BT-01..BT-12, BT-N01..BT-N05) | AZ-286, AZ-287, AZ-288, AZ-289 |
| performance-tests.md (PT-01..PT-06) | AZ-290 |
| resilience-tests.md (RS-01..RS-06) | AZ-290 |
| security-tests.md (SEC-01..SEC-04) | AZ-290 |
| resource-limit-tests.md (RL-01..RL-04) | AZ-290 |
| traceability-matrix.md (100% AC coverage) | All tasks combined |
Reference in New Issue View Git Blame Copy Permalink