Two endpoints implementing the OIDC Authorization Code with PKCE flow:
- GET /api/v1/auth/oidc/{provider}/start — generates state + PKCE
verifier, redirects to provider's authorization_endpoint
- GET /api/v1/auth/oidc/{provider}/callback — validates state,
exchanges code, validates id_token, signs up on first-use, issues JWT
Wires into pkg/server/server.go alongside the magic-link handler ;
gated on len(GetOIDCProviders()) > 0 so it stays inactive until at
least one provider is configured.
pkg/auth/oidc.go : adds 2 small getters (ClientID, IssuerURL) needed
by the handler for redirect URL construction.
Authoring : Mostly Mistral Vibe (batch7, $4.60 / 45 steps — Q-045 hit
the price cap before merge). Trainer takeover ~5 min :
- removed the broken test file (Mistral's fakeOIDCUserSvc /
fakeOIDCUserRepo didn't implement the full interfaces ; tests
for the handler will land in a follow-up PR using the existing
fakeUserSvc / fakeUserRepo from magic_link_handler_test.go)
- verified build + vet + go test ./pkg/user/api/... green
Phase B.5 (BDD scenarios with mock provider) and the missing
oidc_handler_test.go remain TODO. Brief ready :
~/Work/Vibe/workspaces/PHASE-B-5-READY-TO-LAUNCH.md
Per-package isolated Postgres schema with migrations. Local benchmark: 12.87s sequential → 4.51s parallel = 2.85x. ADR-0025 status to Implemented. CI uses BDD_SCHEMA_ISOLATION=true.
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
NewPostgresRepositoryFromDSN factory + BuildSchemaIsolatedDSN helper + integration test proving per-schema isolation works at repo level. Foundation for T12. Wiring into testserver is stage 2/2.
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
Extends cache service to /api/v1/greet (per-name 60s) and adds POST /api/admin/cache/flush. ~95% Mistral autonomous via ICM workspace, trainer finalized commit/PR (test scaffold did not compile).
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
Phase 1 part 2 of ADR-0022 (companion to PR #22 rate-limit). In-memory cache service via go-cache, used by /api/version (60s TTL).
6/6 unit tests pass. ~95% Mistral autonomous via ICM workspace, cost €2.50 stages 01-02 (50% reduction vs T5 thanks to pre-extracted snippets in shared/).
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
Adds Kubernetes-style /api/healthz endpoint with status/version/uptime_seconds/timestamp.
Non-breaking — /api/health preserved. Includes unit test (passes locally) and BDD scenario (validated by CI).
Généré ~95% en autonomie par Mistral Vibe via workspace ICM ~/Work/Vibe/workspaces/healthz-feature/.
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
## Summary
Closes#15
When `logging.json: true` (or `DLC_LOGGING_JSON=true`), the logger was unconditionally initialised to console/text format at the top of `LoadConfig()`, so early log lines — most visibly **"Config file loaded"** — were always written as human-readable text regardless of configuration.
## Root cause
Classic chicken-and-egg: the format flag lives inside the config that is being loaded. The format-switch block only ran *after* `v.Unmarshal()`, too late for the config-file log.
## Changes
### `pkg/config/config.go`
- Add `peekJSONLogging()`: resolves the JSON flag **before** any log is emitted by (1) checking `DLC_LOGGING_JSON` directly via `os.Getenv`, then (2) doing a minimal throwaway Viper pre-read of the config file for the `logging.json` key. This mirrors Viper's own priority order without parsing the full config twice.
- Apply the resolved format immediately and emit **"Logging configured"** as the very first log line.
- Remove the now-redundant format-switch block that ran after `Unmarshal()`.
### `scripts/start-server.sh`, `test-graceful-shutdown.sh`, `test-opentelemetry.sh`
- Replace hardcoded `PROJECT_DIR` path with a dynamic `SCRIPTS_DIR=$(dirname $(realpath ${BASH_SOURCE[0]}))` derivation so scripts work from any worktree or clone location.
## Test plan
- [x] `go test ./pkg/...` — all pass
- [x] `scripts/test-graceful-shutdown.sh` — all JSON valid, all startup logs present
- [x] Manual smoke test: first line is `{"level":"info",...,"message":"Logging configured"}`, every line is valid JSON
Reviewed-on: #16
Co-authored-by: Gabriel Radureau <arcodange@gmail.com>
Co-committed-by: Gabriel Radureau <arcodange@gmail.com>
- Add swag fmt to git pre-commit hook and CI/CD pipeline
- Create comprehensive CONTRIBUTING.md guide with AI section
- Update ADR-0013 with swag fmt documentation
- Fix swagger generation to include all endpoints
- Improve local testing scripts and workflows
- Update Dockerfile for better swagger handling
- Fix CI/CD workflow file references
- Add Version field to telemetry.Setup struct
- Include service.version attribute in OpenTelemetry resource
- Pass version.Short() from server to telemetry initialization
- Follows OpenTelemetry semantic conventions for better observability
- Enables version tracking in production traces
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
- Add ADR-0012 documenting the decision to format only staged Go files
- Update ADR README.md with new entry
- Document rationale, alternatives, and verification results
- Include future considerations for monitoring and CI/CD integration
Generated by Mistral Vibe.
Co-Authored-By: Mistral Vibe <vibe@mistral.ai>
- Added /api/v2/greet POST endpoint with JSON request/response
- Implemented ServiceV2 with Hello my friend <name>! greeting format
- Added api.v2_enabled feature flag (default: false)
- Extended BDD tests to cover v2 scenarios
- Maintained full backward compatibility with v1 API
- Added DLC_API_V2_ENABLED environment variable support
- Created ADR 0010-api-v2-feature-flag.md
- Updated configuration system to support API versioning
Finalize BDD testing framework with:
- Unified step definitions using StepContext struct
- Proper server verification in theServerIsRunning step
- Robust JSON response handling with escaping and newline trimming
- Updated documentation reflecting current implementation
- Test validation script to ensure test quality
- All tests passing with proper black box testing
Key files updated:
- pkg/bdd/steps/steps.go: Unified step definitions
- pkg/bdd/testserver/client.go: Robust response validation
- pkg/bdd/README.md: Godog pattern guide
- doc/BDD_GUIDE.md: Updated usage guide
- adr/0008-bdd-testing.md: Updated ADR with current approach
- scripts/run-bdd-tests.sh: Test validation script
The BDD framework is now production-ready with comprehensive
documentation and proper testing practices.
Implement comprehensive BDD testing framework using Godog:
- Added feature files for greet and health endpoints
- Created test server that runs on port 9191
- Implemented step definitions using Godog's exact patterns
- Fixed undefined step warnings by following Godog conventions
- All tests passing with proper response validation
- Maintained black box testing principles
Key files:
- pkg/bdd/steps/steps.go - Step definitions using StepContext struct
- pkg/bdd/testserver/ - Test server implementation
- features/*.feature - BDD feature files
- pkg/bdd/README.md - Documentation for proper step patterns
The implementation follows Godog's exact pattern suggestions to avoid
undefined step warnings and provides comprehensive API testing.
