Compare commits
2 Commits
feat/78-re
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
| 3023bb6fbe | |||
| 9997da8beb |
113
CHANGELOG.md
113
CHANGELOG.md
@@ -2,19 +2,130 @@
|
|||||||
|
|
||||||
All notable changes to this project. Generated from Conventional Commits by git-cliff.
|
All notable changes to this project. Generated from Conventional Commits by git-cliff.
|
||||||
|
|
||||||
## Unreleased
|
## v2026.07.0 — 2026-07-14
|
||||||
|
|
||||||
|
### Architecture
|
||||||
|
- ADR-0005 adopt Stryker.NET for mutation testing (refs #47)
|
||||||
|
- ADR-0006 — provision the ACL integration test against the compose stack (refs #46)
|
||||||
|
- ADR-0007 + runbooks for the OZ→NRC notification wiring (refs #56)
|
||||||
|
- ADR-0009 external-task job-worker pattern (refs #6, #60)
|
||||||
|
- ADR-0010 BFF OIDC validation + downstream boundaries (refs #8, #63)
|
||||||
|
|
||||||
|
### Bug Fixes
|
||||||
|
- Pin OpenZaak/NRC image tags; add smoke log capture on failure (refs #30)
|
||||||
|
- Harden oz-db healthcheck and raise compose-up timeout (refs #30)
|
||||||
|
- Bake config into images so compose-smoke passes on CI (refs #30)
|
||||||
|
- Nrc-init runs migrations only, not setup_configuration (refs #30)
|
||||||
|
- Smoke waits on durable services, not the whole project (refs #30)
|
||||||
|
- Portable health poll instead of compose --wait (refs #30)
|
||||||
|
- Pin upload-artifact to @v3 — @v4 refuses to run on Gitea (refs #47)
|
||||||
|
- Buffer the zaak POST body so OpenZaak accepts it (refs #46)
|
||||||
|
- Keep dotnet format green under the shared .editorconfig (refs #65)
|
||||||
|
- Re-export the full Utrecht package from libs/ui (refs #67)
|
||||||
|
- Run checkAuth() at startup to end the login redirect loop (refs #67)
|
||||||
|
- Health-check nginx over IPv4 (127.0.0.1) (refs #68)
|
||||||
|
- Treat the http portal origin as secure so DigiD PKCE login works (refs #68)
|
||||||
|
- Attach the DigiD token to relative BFF calls (refs #68)
|
||||||
|
|
||||||
|
### Build
|
||||||
|
- Pin Stryker.NET as a local dotnet tool (refs #47)
|
||||||
|
|
||||||
### CI
|
### CI
|
||||||
- Gitea Actions pipeline + runner runbook (refs #30) (#37)
|
- Gitea Actions pipeline + runner runbook (refs #30) (#37)
|
||||||
|
- ACL Dockerfile + full compose stack for smoke test (refs #30)
|
||||||
|
- Switch runner label to ubuntu-latest (refs #30)
|
||||||
|
- Run the mutation ratchet as a parallel CI job (refs #47)
|
||||||
|
- Publish the Stryker HTML report as a CI artifact (refs #47)
|
||||||
|
- Run the ACL integration test as a Gitea Actions job (refs #46)
|
||||||
|
- Keep the integration lane local-only; document the runner gap (refs #46)
|
||||||
|
- Run the ACL integration test in CI inside the compose network (closes #55) (refs #46)
|
||||||
|
- Run the Event Subscriber + projection-api in compose and verify end-to-end (refs #7)
|
||||||
|
- Containerize, wire into compose, and verify end-to-end (refs #6)
|
||||||
|
- Make Stryker report upload best-effort (refs #62)
|
||||||
|
- Retrigger after runner cleanup (refs #6)
|
||||||
|
- Retrigger CI (refs #6)
|
||||||
|
- Retrigger CI after gitea restart (refs #6)
|
||||||
|
- Compose wiring, verify-bff live check, mutation baseline (refs #8)
|
||||||
|
- Nx frontend lane (lint/test/build) (refs #65)
|
||||||
|
- Serve the self-service app in compose (refs #68)
|
||||||
|
- Run Vitest ahead of the production build to stop worker-start timeout (refs #68)
|
||||||
|
- Cache the NuGet package store across the .NET jobs (refs #73)
|
||||||
|
- Run Playwright from the prebuilt image instead of downloading browsers (refs #73)
|
||||||
|
|
||||||
### Chores
|
### Chores
|
||||||
- Add idempotent Gitea backlog seeder
|
- Add idempotent Gitea backlog seeder
|
||||||
- Remove bootstrap scripts from main (#35)
|
- Remove bootstrap scripts from main (#35)
|
||||||
|
- Contributor workflow — templates, git-cliff, gitea-workflow doc (closes #31) (#38)
|
||||||
|
|
||||||
### Documentation
|
### Documentation
|
||||||
- Split S-00 into sub-slices (refs #1) (#33)
|
- Split S-00 into sub-slices (refs #1) (#33)
|
||||||
|
- MkDocs scaffold + ADR-0001 + README quickstart (closes #32) (#39)
|
||||||
|
- Tighten gitea-actions-gotchas, add local compose (refs #30)
|
||||||
|
- ADR-0008 read projection store + demo note for the event path (refs #7)
|
||||||
|
- Demo note for submitting a registration (S-05) (refs #6)
|
||||||
|
- Demo note for the BFF front door (S-07) (refs #8)
|
||||||
|
- Split S-08 into S-08a-d (refs #65)
|
||||||
|
- Frontend-decisions + demo note for S-08a (refs #65)
|
||||||
|
- Record the orval generator choice (refs #66)
|
||||||
|
- Record NL DS + DigiD decisions and demo note (refs #67)
|
||||||
|
- Serving/e2e decisions + walking-skeleton demo note (refs #68)
|
||||||
|
|
||||||
### Features
|
### Features
|
||||||
- Placeholder BFF + /health endpoint (closes #28) (#34)
|
- Placeholder BFF + /health endpoint (closes #28) (#34)
|
||||||
- Containerize BFF + compose-up smoke (closes #29) (#36)
|
- Containerize BFF + compose-up smoke (closes #29) (#36)
|
||||||
|
- OpenZaak + Postgres + Redis up in compose (refs #10) (#40)
|
||||||
|
- Seed BIG catalogus + JWT client for OpenZaak (refs #2) (#41)
|
||||||
|
- Open Notificaties up + shared network (closes #2) (#42)
|
||||||
|
- Keycloak with four mock realms (closes #3) (#43)
|
||||||
|
- Flowable + registratie.bpmn external task (closes #4) (#44)
|
||||||
|
- ACL skeleton — OpenZaak default-fill (refs #5) (#45)
|
||||||
|
- Add bind-mount local compose for no-make/Windows dev (refs #30)
|
||||||
|
- Publish the BIG zaaktype on demand via OZ_PUBLISH (refs #46)
|
||||||
|
- Wire OpenZaak → Open Notificaties notifications (refs #56)
|
||||||
|
- Project zaak-created notifications into the read projection (refs #7)
|
||||||
|
- Persist the read projection and expose webhook + read APIs (refs #7)
|
||||||
|
- Enforce the callback bearer before reading the body (refs #7)
|
||||||
|
- Implement the Registration aggregate invariants (refs #6)
|
||||||
|
- Implement SubmitRegistration and OpenZaakWorker (refs #6)
|
||||||
|
- Implement the Flowable Workflow Client and ACL client (refs #6)
|
||||||
|
- Expose POST /registrations and the read endpoint (refs #6)
|
||||||
|
- Implement self-service submit and openbaar lookup (refs #8)
|
||||||
|
- Committed OpenAPI contract + drift guard (refs #8)
|
||||||
|
- Self-service portal placeholder page (refs #65)
|
||||||
|
- Expose the generated BFF client + repeatable generate target (refs #66)
|
||||||
|
- Implement the DigiD registration submit page (refs #67)
|
||||||
|
- Runtime config + nginx serve/proxy image (refs #68)
|
||||||
|
- Surface submit failures with a retryable alert (refs #68)
|
||||||
|
- One citizen reference across self-service and the openbaar register (#79)
|
||||||
|
|
||||||
|
### Other
|
||||||
|
- Openbaar Register portal — public lookup (#76)
|
||||||
|
- Approval flow — temp admin endpoint + status transition to projection (#77)
|
||||||
|
|
||||||
|
### Refactor
|
||||||
|
- Bake config via dockerfile_inline, drop Dockerfile files (refs #30)
|
||||||
|
- Use upstream images verbatim, seed config via docker cp (refs #30)
|
||||||
|
- One verify-stack stage for all live-stack checks (closes #58) (refs #46 #56)
|
||||||
|
|
||||||
|
### Tests
|
||||||
|
- BDD acceptance scenario for opening a zaak (closes #5) (#49)
|
||||||
|
- Kill surviving mutants — assert CRS headers, guards, error paths, JWT claims (refs #47)
|
||||||
|
- Add Stryker config + mutation make target recording the 95% baseline (refs #47)
|
||||||
|
- Integration test opens a real zaak against OpenZaak (refs #46)
|
||||||
|
- Verify-notifications smoke + CI job for the OZ→NRC path (refs #56)
|
||||||
|
- Project zaak-created notifications into the read projection (refs #7)
|
||||||
|
- Ratchet projector mutation baseline to 100% (refs #7)
|
||||||
|
- Registration aggregate invariants (refs #6)
|
||||||
|
- SubmitRegistration + OpenZaakWorker use cases (refs #6)
|
||||||
|
- Workflow Client, ACL client, store and job processor (refs #6)
|
||||||
|
- Acceptance scenario for submitting a registration (refs #6)
|
||||||
|
- Mutation baseline 90 (achieved 97.7%) + CI/Makefile wiring (refs #6)
|
||||||
|
- Endpoints, JWT auth and public-safe projection (refs #8)
|
||||||
|
- Acceptance scenario for BFF access (valid/invalid tokens) (refs #8)
|
||||||
|
- Self-service portal placeholder renders (refs #65)
|
||||||
|
- Generated BFF client is exposed and calls the endpoints (refs #66)
|
||||||
|
- DigiD-guarded registration submit page (refs #67)
|
||||||
|
- Walking-skeleton Playwright happy path + verify-e2e lane (refs #68)
|
||||||
|
- Submit surfaces BFF failures instead of swallowing them (refs #68)
|
||||||
|
- Guard that the DigiD token attaches to relative BFF calls (refs #68)
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user