hsiegeln
574c719148
docs: server role mapping design spec
...
CI / build (push) Successful in 1m6s
CI / docker (push) Successful in 10s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 10:05:12 +02:00
hsiegeln
0082576063
docs: update architecture docs for single-domain /platform routing
...
CI / build (push) Successful in 38s
CI / docker (push) Successful in 10s
Reflects current state: path-based routing, SaaS at /platform,
Logto catch-all, TLS init container, server integration env vars,
custom JwtDecoder for ES384, skip consent for SSO.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-06 09:43:14 +02:00
hsiegeln
9a8881c4cc
docs: single-domain routing design spec
...
Path-based routing on one hostname. SPA assets move to /_app/,
Logto gets /assets/ + /oidc/ + /interaction/. Server-ui at /server/.
Includes requirements for server team (split JWK/issuer, BASE_PATH).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-05 20:46:00 +02:00
hsiegeln
1397267be5
docs: add auth overhaul implementation plan
...
16 tasks across 3 phases: server OIDC support, SaaS auth rewrite,
infrastructure updates. TDD, complete code, greenfield migrations.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-05 12:26:47 +02:00
hsiegeln
c61c59a441
docs: update auth spec for greenfield approach
...
Remove migration/backward-compat hedging. Delete legacy user/role/permission
tables entirely, remove bootstrap_token column in favor of api_keys table.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-05 12:19:09 +02:00
hsiegeln
fc4c1f94cd
docs: add auth overhaul design spec
...
Comprehensive design for replacing the incoherent three-system auth
with Logto-centric architecture: OAuth2 Resource Server for humans,
API keys for agents, zero trust (no header identity), server-per-tenant.
Covers cameleer-saas (large), cameleer3-server (small), agent (none).
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-05 12:13:19 +02:00
hsiegeln
fb4e1f57e5
docs: add Phase 9 Frontend React Shell implementation plan
...
CI / build (push) Successful in 40s
CI / docker (push) Successful in 5s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 23:10:25 +02:00
hsiegeln
600985c913
docs: add Phase 9 Frontend React Shell spec
...
CI / build (push) Successful in 28s
CI / docker (push) Successful in 4s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 21:36:45 +02:00
hsiegeln
f8d80eaf79
docs: add Phase 4 Observability Pipeline implementation plan
...
CI / build (push) Successful in 28s
CI / docker (push) Successful in 4s
8 tasks: migration, labels support, routing API, agent/observability
status endpoints, Traefik routing labels, connectivity check,
Docker Compose + env, HOWTO update.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 20:52:17 +02:00
hsiegeln
41629f3290
docs: add Phase 4 Observability Pipeline + Inbound Routing spec
...
CI / build (push) Successful in 27s
CI / docker (push) Successful in 4s
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 20:47:51 +02:00
hsiegeln
fa7853b02d
docs: add Phase 3 Runtime Orchestration implementation plan
...
16-task plan covering environments, apps, deployments, Docker
runtime orchestrator, ClickHouse log ingestion, and CI updates.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 17:24:20 +02:00
hsiegeln
0326dc6cce
docs: add Phase 3 Runtime Orchestration spec
...
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 17:13:08 +02:00
hsiegeln
24309eab94
docs: add dual deployment architecture spec and Phase 2 plan
...
Architecture spec covers Docker+K8s dual deployment with build-vs-buy
decisions (Logto, Traefik, Stripe, deferred Lago/Vault). Phase 2 plan
has 12 implementation tasks for tenants, identity, and licensing.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-04-04 14:45:33 +02:00
hsiegeln
5e06d31cfb
Add phase roadmap and Phase 1 implementation plan
...
Phase roadmap: 9 phases from foundation to frontend, each producing
working, testable software independently.
Phase 1 plan: Foundation + Auth — 10 tasks, ~60 steps covering:
- Maven project setup (Spring Boot 3.4.3, Java 21)
- PostgreSQL + Docker Compose + TestContainers
- Flyway migrations (users, roles, permissions, audit_log)
- Immutable audit logging framework
- User registration with bcrypt
- Ed25519 JWT signing (no third-party JWT library)
- Login with audit trail
- Spring Security JWT filter + RBAC
- Dockerfile + Gitea Actions CI
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-29 23:58:25 +02:00
hsiegeln
2ed6430aea
Add SaaS platform PRD
...
Comprehensive product requirements document covering:
- Four-tier structure (Low/Mid shared, High/Business dedicated)
- Modular monolith architecture (Spring Boot + React)
- Camel application runtime with agent auto-injection
- Flux CD GitOps provisioning, build-once-deploy-often pipeline
- Dual-mode license (SaaS API + air-gapped file)
- SOC 2 day-1 compliance, zero-trust tenant isolation
- Stripe billing (usage-based + committed resources)
- Platform self-monitoring (Prometheus/Grafana/Loki)
- Exchange Replay MOAT feature
Gitea epics: cameleer/cameleer-saas #1-#13
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-29 23:45:15 +02:00
hsiegeln
bd472be312
Add moat-strengthening features design spec
...
Comprehensive design document for three defensibility features:
- Live Route Debugger (replay-based, zero production impact)
- Payload Flow Lineage (targeted per-processor capture + diff)
- Cross-Service Trace Correlation + Topology Map (network effect)
Gitea issues: cameleer/cameleer3 #57-#72 (MOAT label)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com >
2026-03-29 16:14:04 +02:00
