Skip to content

refactor: integration credential model + post-refactor cleanup#439

Merged
zbigniewsobiecki merged 1 commit intodevfrom
refactor/integration-model
Feb 20, 2026
Merged

refactor: integration credential model + post-refactor cleanup#439
zbigniewsobiecki merged 1 commit intodevfrom
refactor/integration-model

Conversation

@zbigniewsobiecki
Copy link
Copy Markdown
Member

@zbigniewsobiecki zbigniewsobiecki commented Feb 20, 2026

Summary

  • Replace project_credential_overrides with a normalized integration credential model: project_integrations now carry category (pm/scm), provider (trello/jira/github), and credentials are linked per-integration via integration_credentials join table with provider-defined roles
  • New integrationRoles.ts defining PROVIDER_CREDENTIAL_ROLES with role-to-env-var-key mappings per provider (trello: api_key/token, jira: email/api_token, github: implementer_token/reviewer_token)
  • Post-refactor cleanup: fix broken tools/resolve-config.ts, fix runs list CLI crash, remove dead GITHUB_TOKEN fallback, remove dead mocks, fix stale comments

Schema changes

  • Migration 0013_integration_model_refactor.sql: adds category/provider/triggers columns to project_integrations, creates integration_credentials table, migrates data from old type column, drops project_credential_overrides

Affected subsystems

  • Credential resolution pipeline (credentialsRepository, configRepository, provider)
  • All trigger handlers (trello, github, jira)
  • Router modules (notifications, reactions, pre-actions, worker-manager)
  • GitHub dual-persona (personas.ts)
  • tRPC projects router (new integration credential endpoints)
  • CLI commands (integration-set, overrides → integration credentials)
  • Dashboard frontend (integration-form rewrite, credential-overrides removed)
  • Developer tools (resolve-config, manage-secrets, setup-webhooks, debug-run)

Test plan

  • npm run typecheck — clean
  • npm run lint — clean (same 2 pre-existing complexity warnings)
  • npm test — all 2372 tests pass (151 files)
  • New regression test: GITHUB_TOKEN_IMPLEMENTER-only resolution (webhooks.test.ts)
  • E2E tested CLI against dev server: auth, projects CRUD, credentials CRUD, agents CRUD, defaults, org, runs, webhooks list — all passing
  • CI passes

🤖 Generated with Claude Code

@zbigniewsobiecki @claude
refactor: replace project_credential_overrides with integration crede…
613fd2d 
…ntial model

Replace the flat project_credential_overrides table with a normalized
integration credential model: project_integrations now carry category
(pm/scm), provider (trello/jira/github), config JSONB, and triggers
JSONB. Credentials are linked per-integration via the
integration_credentials join table with provider-defined roles
(e.g. trello has api_key/token, github has implementer_token/reviewer_token).

Key changes:
- New integration_credentials schema + migration (0013)
- New integrationRoles.ts defining PROVIDER_CREDENTIAL_ROLES with
  role→envVarKey mappings per provider
- credentialsRepository: replace resolveAllCredentials/listProjectOverrides
  with resolveAllIntegrationCredentials/resolveAllOrgCredentials
- settingsRepository: add integration credential CRUD (set/remove/list)
- configRepository: update findProjectByIdFromDb for category/provider
- provider.ts: rewrite loadProjectConfigById for new model
- All trigger handlers, router modules, personas, and worker-manager
  updated to use new credential resolution
- tRPC projects router: add integration credential endpoints
- CLI: update integration-set/overrides commands for category/provider,
  repurpose override-set/override-rm for integration credentials
- Dashboard: rewrite integration-form.tsx for new model, remove
  credential-overrides.tsx
- tools/resolve-config.ts: rewrite for new credential model, fix
  broken imports, remove non-existent schema fields
- tools/manage-secrets.ts, setup-webhooks.ts, debug-run.ts updated

Post-refactor cleanup:
- Fix runs list CLI crash (was passing {data,total} to outputTable)
- Remove dead GITHUB_TOKEN fallback in webhooks router
- Remove dead mocks in access-control.test.ts
- Fix stale comment in envScrub.ts
- Add regression test for GITHUB_TOKEN_IMPLEMENTER-only resolution
- Update CLAUDE.md documentation

All 2372 tests pass, typecheck clean, lint clean (same 2 pre-existing
complexity warnings).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@zbigniewsobiecki zbigniewsobiecki merged commit 934a715 into dev Feb 20, 2026
5 checks passed
@zbigniewsobiecki zbigniewsobiecki deleted the refactor/integration-model branch February 20, 2026 19:48
@zbigniewsobiecki zbigniewsobiecki mentioned this pull request Feb 20, 2026
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@zbigniewsobiecki