F-002 fix: Remove secrets and externalize config
This commit is contained in:
33
spec/sdd/decisions/001-store-legacy-app-under-project-web.md
Normal file
33
spec/sdd/decisions/001-store-legacy-app-under-project-web.md
Normal file
@@ -0,0 +1,33 @@
|
||||
# ADR-001: Store legacy app under project web path
|
||||
|
||||
## Status
|
||||
Accepted
|
||||
|
||||
## Context
|
||||
Legacy PHP code was copied into `project/new`.
|
||||
That path does not explain app role.
|
||||
SQL dump also sits beside code in `project/` root.
|
||||
We need stable layout before deeper refactor.
|
||||
|
||||
## Decision
|
||||
Store legacy web code under `project/web/index/new`.
|
||||
Store SQL dump under `project/sql/db-25052026.sql`.
|
||||
Keep internal legacy file tree unchanged inside module.
|
||||
Do not refactor code in same step.
|
||||
|
||||
## Consequences
|
||||
- Good:
|
||||
- repo layout shows what is web code and what is data
|
||||
- ARNES design docs can point to stable paths
|
||||
- future config and secret cleanup gets easier
|
||||
- Bad:
|
||||
- move may require path-aware follow-up in later features
|
||||
- repo still contains legacy secrets until later cleanup
|
||||
|
||||
## Alternatives considered
|
||||
1. Keep code in `project/new` - rejected because path is temporary and vague.
|
||||
2. Move code to `project/app` - rejected because this is web module, not service code.
|
||||
3. Refactor layout and code now - rejected because scope would grow too much.
|
||||
|
||||
## Date
|
||||
2026-05-25
|
||||
@@ -0,0 +1,33 @@
|
||||
# ADR-002: Use local config loader for legacy module
|
||||
|
||||
## Status
|
||||
Accepted
|
||||
|
||||
## Context
|
||||
Security gate for F-001 failed.
|
||||
Legacy PHP files still hold DB credentials, OpenAI keys, and production-coupled URLs.
|
||||
The module needs one small config mechanism without large refactor.
|
||||
|
||||
## Decision
|
||||
Add `bootstrap.php` to the legacy module root.
|
||||
Load config from `config/local.php` with fallback to `config/local.example.php`.
|
||||
Expose shared helper functions for config lookup and DB connection.
|
||||
Update web pages and worker to read DB, OpenAI, route, and URL values through this helper.
|
||||
Ignore `config/local.php` in git.
|
||||
|
||||
## Consequences
|
||||
- Good:
|
||||
- secrets leave tracked PHP source files
|
||||
- one config shape is reused by web pages and worker
|
||||
- local setup becomes explicit
|
||||
- Bad:
|
||||
- module still depends on local file management
|
||||
- fallback example config can still fail at runtime until maintainer fills real values
|
||||
|
||||
## Alternatives considered
|
||||
1. Use environment variables only - rejected because this legacy module already expects file-based setup.
|
||||
2. Keep secrets in PHP constants - rejected because tracked source would still hold sensitive values.
|
||||
3. Full framework migration - rejected because scope is too large for this fix.
|
||||
|
||||
## Date
|
||||
2026-05-25
|
||||
Reference in New Issue
Block a user