makiolaj/GearBox
1
0
Fork 0
Code Issues 8 Pull Requests Actions Packages Projects Releases 10 Wiki Activity
Files
625862f5aeb3e21b882e796a878eab43bdbaf9f4
GearBox/.planning/phases/15-external-authentication/15-VALIDATION.md
Jean-Luc Makiola 625862f5ae feat(15-01): add Logto service to Docker Compose and create init script 
- Add Logto OIDC provider to docker-compose.yml and docker-compose.dev.yml
- Create docker/init-logto-db.sql to initialize separate Logto database on Postgres
- Add OIDC env vars (issuer, client ID/secret, auth secret) to app service
- Document all required env vars in .env.example
2026-04-04 20:37:57 +02:00

3.0 KiB
Raw Blame History

phase, slug, status, nyquist_compliant, wave_0_complete, created
phase slug status nyquist_compliant wave_0_complete created
15 external-authentication draft false false 2026-04-04

Phase 15 — Validation Strategy

Per-phase validation contract for feedback sampling during execution.

Test Infrastructure

Property Value
Framework Bun test runner + Playwright
Config file bunfig.toml (Bun), playwright.config.ts (E2E)
Quick run command bun test tests/middleware/auth.test.ts
Full suite command bun test && bun run test:e2e
Estimated runtime ~30 seconds

Sampling Rate

  • After every task commit: Run bun test tests/middleware/auth.test.ts
  • After every plan wave: Run bun test
  • Before /gsd:verify-work: Full suite must be green
  • Max feedback latency: 30 seconds

Per-Task Verification Map

Task ID Plan Wave Requirement Test Type Automated Command File Exists Status
15-01-01 01 1 AUTH-04 integration docker compose -f docker-compose.dev.yml up -d && curl http://localhost:3001/oidc/.well-known/openid-configuration W0 pending
15-02-01 02 1 AUTH-03 unit bun test tests/middleware/auth.test.ts (needs update) pending
15-02-02 02 1 AUTH-01 manual N/A (requires running Logto) N/A pending
15-02-03 02 1 AUTH-02 manual N/A (requires running Logto) N/A pending
15-03-01 03 2 AUTH-05 e2e bun run test:e2e (needs update) pending

Status: pending · green · red · ⚠️ flaky

Wave 0 Requirements

  • Update tests/middleware/auth.test.ts — remove user/session tests, add OIDC session mock
  • Update tests/services/auth.service.test.ts — remove user/session tests, keep API key tests
  • Update tests/routes/auth.test.ts — update for new auth route structure
  • Update e2e/seed.ts — remove users table insert, add API key seed
  • Update e2e/auth.spec.ts — replace login form tests with redirect-based flow or API key auth

Manual-Only Verifications

Behavior Requirement Why Manual Test Instructions
User registers via Logto AUTH-01 Requires running Logto instance with UI interaction Start docker-compose.dev.yml, navigate to /login, complete Logto registration, verify dashboard loads
User logs in via Logto AUTH-02 Requires running Logto instance with UI interaction Start docker-compose.dev.yml, navigate to /login, complete Logto login, verify existing data visible

Validation Sign-Off

  • All tasks have <automated> verify or Wave 0 dependencies
  • Sampling continuity: no 3 consecutive tasks without automated verify
  • Wave 0 covers all MISSING references
  • No watch-mode flags
  • Feedback latency < 30s
  • nyquist_compliant: true set in frontmatter

Approval: pending

Reference in New Issue View Git Blame Copy Permalink