F-002 fix: Remove secrets and externalize config
This commit is contained in:
@@ -46,5 +46,76 @@
|
||||
"qa": false
|
||||
}
|
||||
},
|
||||
"features": []
|
||||
"features": [
|
||||
{
|
||||
"id": "F-001",
|
||||
"type": "feature",
|
||||
"title": "Document and move legacy PHP app into ARNES project layout",
|
||||
"problem": "Legacy PHP app lives in temporary folder and has no ARNES design record",
|
||||
"goal": "Create SDD record and move code and SQL into stable project layout",
|
||||
"scope_in": [
|
||||
"SDD docs",
|
||||
"ADR for layout",
|
||||
"move project/new to project/web/index/new",
|
||||
"move SQL dump to project/sql"
|
||||
],
|
||||
"scope_out": [
|
||||
"No functional refactor",
|
||||
"No production deploy",
|
||||
"No OpenAI or auth rewrite yet"
|
||||
],
|
||||
"priority": "high",
|
||||
"risk": "med",
|
||||
"description": "Problem: Legacy PHP app lives in temporary folder and has no ARNES design record. Goal: Create SDD record and move code and SQL into stable project layout. Scope IN: SDD docs, ADR for layout, move project/new to project/web/index/new, move SQL dump to project/sql. Scope OUT: No functional refactor, No production deploy, No OpenAI or auth rewrite yet. Type: feature. Priority: high. Risk: med.",
|
||||
"acceptance": [
|
||||
"SDD docs exist and explain current legacy app structure",
|
||||
"ADR records why code moves under project/web and SQL under project/sql",
|
||||
"Legacy code is moved with same contents and no file loss",
|
||||
"SQL dump is kept as local development baseline in project/sql",
|
||||
"verify.sh is green"
|
||||
],
|
||||
"status": "blocked",
|
||||
"created_at": "2026-05-25",
|
||||
"gates": {
|
||||
"review": false,
|
||||
"security": false,
|
||||
"qa": false
|
||||
}
|
||||
},
|
||||
{
|
||||
"id": "F-002",
|
||||
"type": "fix",
|
||||
"title": "Remove secrets and externalize config",
|
||||
"problem": "Secrets live in repo and prod URLs live in code",
|
||||
"goal": "Move secrets and config out of source files",
|
||||
"scope_in": [
|
||||
"config loader",
|
||||
"replace hardcoded DB and OpenAI values",
|
||||
"centralize base URLs and external endpoints",
|
||||
"setup docs"
|
||||
],
|
||||
"scope_out": [
|
||||
"No business logic refactor",
|
||||
"No deploy automation",
|
||||
"No auth redesign"
|
||||
],
|
||||
"priority": "high",
|
||||
"risk": "high",
|
||||
"description": "Problem: Secrets live in repo and prod URLs live in code. Goal: Move secrets and config out of source files. Scope IN: config loader, replace hardcoded DB and OpenAI values, centralize base URLs and external endpoints, setup docs. Scope OUT: No business logic refactor, No deploy automation, No auth redesign. Type: fix. Priority: high. Risk: high.",
|
||||
"acceptance": [
|
||||
"No hard-coded API or DB secrets stay in versioned PHP files",
|
||||
"Config values load from one local config source",
|
||||
"Prod URLs and external endpoints are configurable",
|
||||
"Legacy pages still point to valid local config keys after change",
|
||||
"verify.sh is green"
|
||||
],
|
||||
"status": "done",
|
||||
"created_at": "2026-05-25",
|
||||
"gates": {
|
||||
"review": false,
|
||||
"security": false,
|
||||
"qa": false
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user