Fix review comments: structured logging, type safety, schema, and typos

[Copilot]

Addresses review feedback from PR #20 covering logging consistency, schema correctness, type duplication, indentation, and documentation typos.

Logging

• rbacMiddleware.ts: Replace console.warn/console.error with LoggerService (structured component/operation/metadata fields)
• securityMiddleware.ts: Add LoggerService import; use logger.warn() on max-depth exceeded and return null instead of silently passing through unsanitized input
• MigrationRunner.ts: Replace informational console.warn with console.log

Schema / Database

• 006_add_batch_executions.sql: Add 'plan' to the type CHECK constraint — was missing despite ExecutionRepository.ts accepting it
• DatabaseService.ts: Remove PRAGMA page_size = 4096 — silently ignored on existing databases

Type Safety & Code Quality

• AnsibleService.ts: Import NodeGroup from ../types and use NodeGroup[] as return type for getGroups() instead of an inline anonymous object type
• PuppetDBService.ts: Remove redundant intermediate const client = this.client (already null-checked above); fix 6-space indentation in getGroups() and createEnvironmentGroups()/createOSFamilyGroups() to match 2-space class convention
• BoltPlugin.ts: Remove leftover @todo JSDoc stub above getGroups() implementation

Documentation / Config

• .env.example: Allowd → Allowed
• Dockerfile: Awesaome → Awesome
• README.md: RBC → RBAC

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

[Copilot]

Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details.

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• forgeapi.puppet.com
  • Triggering command: /opt/hostedtoolcache/node/24.13.1/x64/bin/node /opt/hostedtoolcache/node/24.13.1/x64/bin/node --conditions node --conditions development --experimental-import-meta-resolve --require /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/suppress-warnings.cjs /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/dist/workers/forks.js lude ode-gyp-bin/nodenpm run build --workspace=backend /usr/lib/systemd-I --de�� Release/obj.target/cpufeatures.node -shared -pthread -rdynamic -m64 -Wl,-soname=cpufeatures.no/opt/hostedtoolcache/node/24.13.1/x64/bin/node --log-level (dns block)
  • Triggering command: /opt/hostedtoolcache/node/24.13.1/x64/bin/node /opt/hostedtoolcache/node/24.13.1/x64/bin/node --conditions node --conditions development --experimental-import-meta-resolve --require /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/suppress-warnings.cjs /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/dist/workers/forks.js lude (dns block)
• httpstat.us
  • Triggering command: /opt/hostedtoolcache/node/24.13.1/x64/bin/node /opt/hostedtoolcache/node/24.13.1/x64/bin/node --conditions node --conditions development --experimental-import-meta-resolve --require /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/suppress-warnings.cjs /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/dist/workers/forks.js l/config --property=Memor../../nan l/openssl/includ-I -c e -collect-logs bin/as (dns block)
  • Triggering command: /opt/hostedtoolcache/node/24.13.1/x64/bin/node /opt/hostedtoolcache/node/24.13.1/x64/bin/node --conditions node --conditions development --experimental-import-meta-resolve --require /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/suppress-warnings.cjs /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/dist/workers/forks.js l/config (dns block)
• puppetdb.example.com
  • Triggering command: /opt/hostedtoolcache/node/24.13.1/x64/bin/node /opt/hostedtoolcache/node/24.13.1/x64/bin/node --conditions node --conditions development --experimental-import-meta-resolve --require /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/suppress-warnings.cjs /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/dist/workers/forks.js l/config (dns block)
  • Triggering command: /opt/hostedtoolcache/node/24.13.1/x64/bin/node /opt/hostedtoolcache/node/24.13.1/x64/bin/node --conditions node --conditions development --experimental-import-meta-resolve --require /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/suppress-warnings.cjs /home/REDACTED/work/pabawi/pabawi/node_modules/vitest/dist/workers/forks.js lude (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

[Copilot]

Pull request overview

This PR addresses feedback from PR #20 by standardizing backend logging, tightening type usage in integration services, correcting a DB migration constraint, and fixing small documentation/config typos across the repo.

Changes:

• Replace ad-hoc RBAC/security logging with LoggerService-based structured logs and adjust sanitization behavior for deep nesting.
• Fix DB migration/schema alignment (executions.type CHECK constraint) and remove a non-effective SQLite PRAGMA.
• Reduce type duplication / formatting issues in integration services and correct minor typos in docs/config.

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
backend/src/middleware/securityMiddleware.ts	Adds LoggerService and logs when max sanitization depth is exceeded.
backend/src/middleware/rbacMiddleware.ts	Replaces console.warn/error with structured LoggerService logs.
backend/src/integrations/puppetdb/PuppetDBService.ts	Cleans up indentation and removes redundant client variable usage in getGroups().
backend/src/integrations/bolt/BoltPlugin.ts	Removes leftover @todo JSDoc stub above getGroups().
backend/src/integrations/ansible/AnsibleService.ts	Uses shared NodeGroup type instead of an inline anonymous return type.
backend/src/database/migrations/006_add_batch_executions.sql	Adds 'plan' to the executions.type CHECK constraint.
backend/src/database/MigrationRunner.ts	Changes migration progress output from console.warn to console.log.
backend/src/database/DatabaseService.ts	Removes PRAGMA page_size which is ignored for existing DBs.
backend/.env.example	Fixes “Allowd” → “Allowed”.
README.md	Fixes “RBC” → “RBAC”.
Dockerfile	Fixes “Awesaome” → “Awesome”.

Comments suppressed due to low confidence (1)

backend/src/integrations/bolt/BoltPlugin.ts:380

• The JSDoc block and getGroups() method are mis-indented compared to the rest of the class (extra leading spaces before * and before async). Please reformat this section to match the surrounding 2-space indentation so the comment renders correctly and the file stays consistent with project formatting conventions.

  /**
     * Get groups from Bolt inventory
     *
     * Parses inventory.yaml to extract group definitions including:
     * - Group names and targets
     * - Nested groups (stored in metadata.hierarchy)
     * - Variables and config (stored in metadata)
     *
     * @returns Array of node groups
     */
    async getGroups(): Promise<NodeGroup[]> {
      const complete = this.performanceMonitor.startTimer('bolt:getGroups');

[Copilot]

console.log is disallowed by the repo’s ESLint no-console rule (only warn/error are allowed), so these lines will introduce lint warnings in CI. Please route this through LoggerService.info() (preferred for consistency) or add an eslint disable if direct console output is truly required.