F-002 fix: Remove secrets and externalize config
This commit is contained in:
@@ -1,15 +1,49 @@
|
||||
# Product Spec
|
||||
|
||||
## Problema
|
||||
Describe el problema de negocio.
|
||||
## Problem
|
||||
Legacy PHP app lives in temporary path `project/new`.
|
||||
SQL dump lives mixed with app code.
|
||||
There is no ARNES design record for this code.
|
||||
This makes next change work risky and hard to trace.
|
||||
|
||||
## Objetivo
|
||||
Define el resultado esperado del producto.
|
||||
## Objective
|
||||
Put legacy app in stable ARNES project layout.
|
||||
Keep same code and same behavior for now.
|
||||
Make next work easy to trace, review, and test.
|
||||
|
||||
## Usuarios
|
||||
- Usuario principal:
|
||||
- Usuario secundario:
|
||||
## Users
|
||||
- Primary user: maintainer of legacy PHP app
|
||||
- Secondary user: architect, implementer, reviewer, qa
|
||||
|
||||
## Alcance v1
|
||||
## Scope v1
|
||||
- In scope:
|
||||
- document current legacy app structure
|
||||
- define target repo layout
|
||||
- move app code to `project/web/index/new`
|
||||
- move SQL dump to `project/sql/db-25052026.sql`
|
||||
- Out of scope:
|
||||
- auth rewrite
|
||||
- OpenAI secret cleanup
|
||||
- production deploy
|
||||
- feature refactor
|
||||
|
||||
## F-002 — Remove secrets and externalize config
|
||||
|
||||
### Problem
|
||||
Legacy PHP files still contain API keys, DB credentials, and production URLs.
|
||||
This blocks security approval and makes local setup unsafe.
|
||||
|
||||
### Objective
|
||||
Load config from one local source outside versioned code.
|
||||
Keep page behavior the same while removing hard-coded secrets from tracked PHP files.
|
||||
|
||||
### Scope
|
||||
- In scope:
|
||||
- one config loader for legacy module
|
||||
- one local config file shape for DB, OpenAI, URLs, and endpoints
|
||||
- replace hard-coded values in tracked PHP files
|
||||
- setup notes for local config
|
||||
- Out of scope:
|
||||
- auth redesign
|
||||
- worker refactor beyond config use
|
||||
- deploy automation
|
||||
|
||||
Reference in New Issue
Block a user