Fimeg/Redflag
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
484a7f77ceb77964b6d1f2e267b181753758cc1d
Redflag/docs/3_BACKLOG/BLOCKERS-SUMMARY.md

107 lines
3.6 KiB
Markdown
Raw Blame History

# Critical Blockers Summary - v0.2.x Release
**Last Updated:** 2025-12-13
**Status:** Multiple P0 issues blocking fresh installations
## 🚨 ACTIVE P0 BLOCKERS
### 1. P0-005: Setup Flow Broken (NEW - CRITICAL)
- **Issue**: Fresh installations show setup UI but all API calls fail with 502 Bad Gateway
- **Impact**: Cannot configure server, generate keys, or create admin user
- **User Experience**: Complete blocker for new adopters
- **Root Causes Identified**:
1. Auto-created admin user prevents setup detection
2. Setup API endpoints returning 502 errors
3. Backend may not be running or accepting connections
**Next Step**: Debug why API calls get 502 errors
### 2. P0-004: Database Constraint Violation
- **Issue**: Timeout service can't write audit logs
- **Impact**: Breaks audit compliance for timeout events
- **Fix**: Add 'timed_out' to valid result values constraint
- **Effort**: 30 minutes
**Next Step**: Quick database schema fix
### 3. P0-001: Rate Limit First Request Bug
- **Issue**: Every agent registration gets 429 on first request
- **Impact**: Blocks new agent installations
- **Fix**: Namespace rate limiter keys by endpoint type
- **Effort**: 1 hour
**Next Step**: Quick rate limiter fix
### 4. P0-002: Session Loop Bug (UI)
- **Issue**: UI flashes rapidly after server restart
- **Impact**: Makes UI unusable, requires manual logout/login
- **Status**: Needs investigation
**Next Step**: Investigate React useEffect dependencies
## ⚠️ DOWNGRADED FROM P0
### P0-003: Agent No Retry Logic → P1 (OUTDATED)
- **Finding**: Retry logic EXISTS (documentation was wrong)
- **What Works**: Agent retries every polling interval
- **Enhancements Needed**: Exponential backoff, circuit breaker for main connection
- **Priority**: P1 enhancement, not P0 blocker
**Action**: Documentation updated, downgrade to P1
## 🔒 SECURITY GAPS
### Build Orchestrator Not Connected (CRITICAL)
- **Issue**: Signing service not integrated with build pipeline
- **Impact**: Update signing we implemented cannot work (no signed packages)
- **Security.md Status**: "Code is complete but Build Orchestrator is not yet connected"
- **Effort**: 1-2 days integration work
**This blocks v0.2.x security features from functioning!**
## 📊 PRIORITY ORDER FOR FIXES
### Immediate (Next Session)
1. **Debug P0-005**: Why setup API returns 502 errors
- Check if backend is running on :8080
- Check setup handler for panics/errors
- Verify proxy configuration
2. **Fix P0-005 Flow**: Stop auto-creating admin user
- Remove EnsureAdminUser from main()
- Detect zero users, redirect to setup
- Create admin via setup UI
### This Week
3. **Fix P0-004**: Database constraint (30 min)
4. **Fix P0-001**: Rate limiting bug (1 hour)
5. **Connect Build Orchestrator**: Enable update signing (1-2 days)
### Next Week
6. **Fix P0-002**: Session loop bug
7. **Update P0-003 docs**: Already done, consider enhancements
## 🎯 USER IMPACT SUMMARY
**Current State**: Fresh installations are completely broken
**User Flow**:
1. Build RedFlag ✅
2. Start with docker compose ✅
3. Navigate to UI ✅
4. See setup page ✅
5. **Try to configure: 502 errors**
6. **Can't generate keys**
7. **Don't know admin credentials**
8. **Stuck**
**Next Session Priority**: Fix P0-005 (setup 502 errors and flow)
## 📝 NOTES
- P0-003 analysis saved to docs/3_BACKLOG/P0-003_Agent-Retry-Status-Analysis.md
- P0-005 issue documented in docs/3_BACKLOG/P0-005_Setup-Flow-Broken.md
- Blockers summary saved to docs/3_BACKLOG/BLOCKERS-SUMMARY.md
**Critical Path**: Fix setup flow → Fix database/rate limit → Connect build orchestrator → v0.2.x release ready
Reference in New Issue View Git Blame Copy Permalink