Merge 1f5d6f127f into e200c73b47

2026-03-22 15:12:08 +01:00 · 2025-10-15 13:21:16 +00:00
22 changed files with 424 additions and 534 deletions
--- a/.github/workflows/deploy-pr.yaml
+++ b/.github/workflows/deploy-pr.yaml
@@ -20,26 +20,13 @@ jobs:
      pr_number: ${{ github.event.pull_request.number }}
    secrets: inherit
  get_urls:
    if: github.event.action != 'closed'
    name: Generate Preview URLs
    uses: ./.github/workflows/url_generator.yml
    with:
      runner: vhs
      mode: pr
      pr_number: ${{ github.event.pull_request.number }}
      base_domain: ${{ vars.DEV_BASE_DOMAIN }}
    secrets: inherit
  frontend:
    if: github.event.action != 'closed'
    name: Frontend - Build and Deploy to Cloudflare Pages (PR)
    needs: [get_urls]
    uses: ./.github/workflows/frontend-pages.yml
    with:
      mode: pr
      pr_number: ${{ github.event.pull_request.number }}
      backend_url_scheme: ${{ needs.get_urls.outputs.backend_url_scheme }}
    secrets: inherit
  deploy:
@@ -49,7 +36,7 @@ jobs:
    concurrency:
      group: pr-${{ github.event.pull_request.number }}
      cancel-in-progress: false
-    needs: [build, frontend, get_urls]
+    needs: [build, frontend]
    steps:
      - name: Checkout
        uses: actions/checkout@v4
@@ -75,24 +62,25 @@ jobs:
          DEV_BASE_DOMAIN: ${{ secrets.BASE_DOMAIN }}
          RABBITMQ_PASSWORD: ${{ secrets.PROD_RABBITMQ_PASSWORD }}
          DB_PASSWORD: ${{ secrets.PROD_DB_PASSWORD }}
          IMAGE_REPO: ${{ needs.build.outputs.image_repo }}
          DIGEST: ${{ needs.build.outputs.digest }}
          DOMAIN: "${{ needs.get_urls.outputs.backend_url }}"
          DOMAIN_SCHEME: "${{ needs.get_urls.outputs.backend_url_scheme }}"
          FRONTEND_DOMAIN: "${{ needs.get_urls.outputs.frontend_url }}"
          FRONTEND_DOMAIN_SCHEME: "${{ needs.get_urls.outputs.frontend_url_scheme }}"
        run: |
          PR=${{ github.event.pull_request.number }}
          if [ -z "$PR" ]; then echo "PR number missing"; exit 1; fi
          if [ -z "$DEV_BASE_DOMAIN" ]; then echo "Secret DEV_BASE_DOMAIN is required (e.g., dev.example.com)"; exit 1; fi
          if [ -z "$RABBITMQ_PASSWORD" ]; then echo "Secret DEV_RABBITMQ_PASSWORD is required"; exit 1; fi
          if [ -z "$DB_PASSWORD" ]; then echo "Secret DEV_DB_PASSWORD is required"; exit 1; fi
          RELEASE=myapp-pr-$PR
          NAMESPACE=pr-$PR
          DOMAIN=pr-$PR.$DEV_BASE_DOMAIN
          if [ -z "$IMAGE_REPO" ]; then IMAGE_REPO="lukastrkan/cc-app-demo"; fi
          helm upgrade --install "$RELEASE" ./7project/charts/myapp-chart \
            -n "$NAMESPACE" --create-namespace \
            -f 7project/charts/myapp-chart/values-dev.yaml \
            --set prNumber="$PR" \
            --set deployment="pr-$PR" \
            --set domain="$DOMAIN" \
-            --set domain_scheme="$DOMAIN_SCHEME" \
+            --set image.repository="$IMAGE_REPO" \
            --set frontend_domain="$FRONTEND_DOMAIN" \
            --set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
            --set image.digest="$DIGEST" \
            --set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
            --set-string database.password="$DB_PASSWORD"
@@ -100,16 +88,19 @@ jobs:
      - name: Post preview URLs as PR comment
        uses: actions/github-script@v7
        env:
-          BACKEND_URL: ${{ needs.get_urls.outputs.backend_url_scheme }}
+          DEV_BASE_DOMAIN: ${{ secrets.BASE_DOMAIN }}
-          FRONTEND_URL: ${{ needs.get_urls.outputs.frontend_url_scheme }}
+          FRONTEND_URL: ${{ needs.frontend.outputs.deployed_url }}
        with:
          script: |
            const pr = context.payload.pull_request;
            if (!pr) { core.setFailed('No pull_request context'); return; }
            const prNumber = pr.number;
-            const backendUrl = process.env.BACKEND_URL || '(not available)';
+            const domainBase = process.env.DEV_BASE_DOMAIN;
            if (!domainBase) { core.setFailed('DEV_BASE_DOMAIN is required'); return; }
            const backendDomain = `pr-${prNumber}.${domainBase}`;
            const backendUrl = `https://${backendDomain}`;
            const frontendUrl = process.env.FRONTEND_URL || '(not available)';
-            const marker = '<!-- preview-comment-marker -->';
+            const marker = '<!-- preview-link -->';
            const body = `${marker}\nPreview environment is running\n- Frontend: ${frontendUrl}\n- Backend: ${backendUrl}\n`;
            const { owner, repo } = context.repo;
            const { data: comments } = await github.rest.issues.listComments({ owner, repo, issue_number: prNumber, per_page: 100 });
@@ -148,4 +139,4 @@ jobs:
          NAMESPACE=pr-$PR
          helm uninstall "$RELEASE" -n "$NAMESPACE" || true
          # Optionally delete the namespace if empty
-          kubectl delete namespace "$NAMESPACE" --ignore-not-found=true || true
+          kubectl delete namespace "$NAMESPACE" --ignore-not-found=true || true
--- a/.github/workflows/deploy-prod.yaml
+++ b/.github/workflows/deploy-prod.yaml
@@ -30,28 +30,17 @@ jobs:
      context: 7project/backend
    secrets: inherit
  get_urls:
    name: Generate Production URLs
    uses: ./.github/workflows/url_generator.yml
    with:
      mode: prod
      runner: vhs
      base_domain: ${{ vars.PROD_DOMAIN }}
    secrets: inherit
  frontend:
    name: Frontend - Build and Deploy to Cloudflare Pages (prod)
    needs: [get_urls]
    uses: ./.github/workflows/frontend-pages.yml
    with:
      mode: prod
      backend_url_scheme: ${{ needs.get_urls.outputs.backend_url_scheme }}
    secrets: inherit
  deploy:
    name: Helm upgrade/install (prod)
    runs-on: vhs
-    needs: [build, frontend, get_urls]
+    needs: [build, frontend]
    steps:
      - name: Checkout
        uses: actions/checkout@v4
@@ -74,32 +63,25 @@ jobs:
      - name: Helm upgrade/install prod
        env:
-          DOMAIN: ${{ needs.get_urls.outputs.backend_url }}
+          DOMAIN: ${{ secrets.PROD_DOMAIN }}
          DOMAIN_SCHEME: ${{ needs.get_urls.outputs.backend_url_scheme }}
          FRONTEND_DOMAIN: ${{ needs.get_urls.outputs.frontend_url }}
          FRONTEND_DOMAIN_SCHEME: ${{ needs.get_urls.outputs.frontend_url_scheme }}
          RABBITMQ_PASSWORD: ${{ secrets.PROD_RABBITMQ_PASSWORD }}
          DB_PASSWORD: ${{ secrets.PROD_DB_PASSWORD }}
          IMAGE_REPO: ${{ needs.build.outputs.image_repo }}
          DIGEST: ${{ needs.build.outputs.digest }}
          BANKID_CLIENT_ID: ${{ secrets.BANKID_CLIENT_ID }}
          BANKID_CLIENT_SECRET: ${{ secrets.BANKID_CLIENT_SECRET }}
          MOJEID_CLIENT_ID: ${{ secrets.MOJEID_CLIENT_ID }}
          MOJEID_CLIENT_SECRET: ${{ secrets.MOJEID_CLIENT_SECRET }}
          SENTRY_DSN: ${{ secrets.SENTRY_DSN }}
        run: |
          if [ -z "$DOMAIN" ]; then
            echo "Secret PROD_DOMAIN is required (e.g., app.example.com)"; exit 1; fi
          if [ -z "$RABBITMQ_PASSWORD" ]; then
            echo "Secret PROD_RABBITMQ_PASSWORD is required"; exit 1; fi
          if [ -z "$DB_PASSWORD" ]; then
            echo "Secret PROD_DB_PASSWORD is required"; exit 1; fi
          if [ -z "$IMAGE_REPO" ]; then IMAGE_REPO="lukastrkan/cc-app-demo"; fi
          helm upgrade --install myapp ./7project/charts/myapp-chart \
            -n prod --create-namespace \
            -f 7project/charts/myapp-chart/values-prod.yaml \
            --set deployment="prod" \
            --set domain="$DOMAIN" \
-            --set domain_scheme="$DOMAIN_SCHEME" \
+            --set image.repository="$IMAGE_REPO" \
            --set frontend_domain="$FRONTEND_DOMAIN" \
            --set frontend_domain_scheme="$FRONTEND_DOMAIN_SCHEME" \
            --set image.digest="$DIGEST" \
            --set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
-            --set-string database.password="$DB_PASSWORD" \
+            --set-string database.password="$DB_PASSWORD" 
            --set-string oauth.bankid.clientId="$BANKID_CLIENT_ID" \
            --set-string oauth.bankid.clientSecret="$BANKID_CLIENT_SECRET" \
            --set-string oauth.mojeid.clientId="$MOJEID_CLIENT_ID" \
            --set-string oauth.mojeid.clientSecret="$MOJEID_CLIENT_SECRET" \
            --set-string sentry_dsn="$SENTRY_DSN" \
--- a/.github/workflows/frontend-pages.yml
+++ b/.github/workflows/frontend-pages.yml
@@ -15,10 +15,6 @@ on:
        description: 'Cloudflare Pages project name (overrides default)'
        required: false
        type: string
      backend_url_scheme:
        description: 'The full scheme URL for the backend (e.g., https://api.example.com)'
        required: true
        type: string
    secrets:
      CLOUDFLARE_API_TOKEN:
        required: true
@@ -29,6 +25,14 @@ on:
        description: 'URL of deployed frontend'
        value: ${{ jobs.deploy.outputs.deployed_url }}
 # Required repository secrets:
 #   CLOUDFLARE_API_TOKEN     - API token with Pages:Edit (or Account:Workers Scripts:Edit) permissions
 #   CLOUDFLARE_ACCOUNT_ID    - Your Cloudflare account ID
 # Optional repository variables:
 #   CF_PAGES_PROJECT_NAME      - Default Cloudflare Pages project name
 #   PROD_DOMAIN                - App domain for prod releases (e.g., api.example.com or https://api.example.com)
 #   BACKEND_URL_PR_TEMPLATE    - Template for PR backend URL. Use {PR} placeholder for PR number (e.g., https://api-pr-{PR}.example.com)
 jobs:
  build:
    name: Build frontend
@@ -50,9 +54,50 @@ jobs:
      - name: Install dependencies
        run: npm ci
-      - name: Set backend URL from workflow input
+      - name: Compute backend URL for Vite
        id: be
        env:
          EVENT_NAME: ${{ github.event_name }}
          PR_NUMBER: ${{ github.event.pull_request.number || inputs.pr_number }}
          PR_TEMPLATE: ${{ vars.BACKEND_URL_PR_TEMPLATE }}
          DEV_BASE_DOMAIN: ${{ secrets.BASE_DOMAIN }}
          PROD_DOMAIN_VAR: ${{ vars.PROD_DOMAIN }}
          PROD_DOMAIN_SECRET: ${{ secrets.PROD_DOMAIN }}
          BACKEND_URL_OVERRIDE: ${{ vars.BACKEND_URL || secrets.BACKEND_URL }}
          MODE: ${{ inputs.mode }}
        run: |
-          echo "VITE_BACKEND_URL=${{ inputs.backend_url_scheme }}" >> $GITHUB_ENV
+          set -euo pipefail
          URL=""
          # 1) Explicit override wins (from repo var or secret)
          if [ -n "${BACKEND_URL_OVERRIDE:-}" ]; then
            if echo "$BACKEND_URL_OVERRIDE" | grep -Eiq '^https?://'; then
              URL="$BACKEND_URL_OVERRIDE"
            else
              URL="https://${BACKEND_URL_OVERRIDE}"
            fi
          else
            # 2) PR-specific URL when building for PR
            if [ "${MODE:-}" = "pr" ] || [ "${EVENT_NAME}" = "pull_request" ]; then
              if [ -n "${PR_TEMPLATE:-}" ] && [ -n "${PR_NUMBER:-}" ] ; then
                URL="${PR_TEMPLATE//\{PR\}/${PR_NUMBER}}"
              elif [ -n "${DEV_BASE_DOMAIN:-}" ] && [ -n "${PR_NUMBER:-}" ]; then
                URL="https://pr-${PR_NUMBER}.${DEV_BASE_DOMAIN}"
              fi
            fi
            # 3) Fallback to PROD_DOMAIN (prefer repo var, then secret)
            if [ -z "$URL" ]; then
              PROD_DOMAIN="${PROD_DOMAIN_VAR:-${PROD_DOMAIN_SECRET:-}}"
              if [ -n "$PROD_DOMAIN" ]; then
                if echo "$PROD_DOMAIN" | grep -Eiq '^https?://'; then
                  URL="$PROD_DOMAIN"
                else
                  URL="https://${PROD_DOMAIN}"
                fi
              fi
            fi
          fi
          echo "Using backend URL: ${URL:-<empty>}"
          echo "VITE_BACKEND_URL=${URL}" >> $GITHUB_ENV
      - name: Build
        run: npm run build
@@ -132,4 +177,4 @@ jobs:
          else
            URL="https://${PBRANCH}.${PNAME}.pages.dev"
          fi
-          echo "deployed_url=$URL" >> $GITHUB_OUTPUT
+          echo "deployed_url=$URL" >> $GITHUB_OUTPUT
--- a/.github/workflows/url_generator.yml
+++ b/.github/workflows/url_generator.yml
@@ -1,74 +0,0 @@
 name: Generate Preview or Production URLs
 on:
  workflow_call:
    inputs:
      mode:
        description: "Build mode: 'prod' or 'pr'"
        required: true
        type: string
      pr_number:
        description: 'PR number (required when mode=pr)'
        required: false
        type: string
      runner:
        description: 'The runner to use for this job'
        required: false
        type: string
        default: 'ubuntu-latest'
      base_domain:
        description: 'The base domain for production URLs (e.g., example.com)'
        required: true
        type: string
    outputs:
      backend_url:
        description: "The backend URL without scheme (e.g., api.example.com)"
        value: ${{ jobs.generate-urls.outputs.backend_url }}
      frontend_url:
        description: "The frontend URL without scheme (e.g., app.example.com)"
        value: ${{ jobs.generate-urls.outputs.frontend_url }}
      backend_url_scheme:
        description: "The backend URL with scheme (e.g., https://api.example.com)"
        value: ${{ jobs.generate-urls.outputs.backend_url_scheme }}
      frontend_url_scheme:
        description: "The frontend URL with scheme (e.g., https://app.example.com)"
        value: ${{ jobs.generate-urls.outputs.frontend_url_scheme }}
 jobs:
  generate-urls:
    permissions:
      contents: none
    runs-on: ${{ inputs.runner }}
    outputs:
      backend_url: ${{ steps.set_urls.outputs.backend_url }}
      frontend_url: ${{ steps.set_urls.outputs.frontend_url }}
      backend_url_scheme: ${{ steps.set_urls.outputs.backend_url_scheme }}
      frontend_url_scheme: ${{ steps.set_urls.outputs.frontend_url_scheme }}
    steps:
      - name: Generate URLs
        id: set_urls
        env:
          BASE_DOMAIN: ${{ inputs.base_domain }}
        run: |
          set -euo pipefail
          if [ "${{ inputs.mode }}" = "prod" ]; then
            BACKEND_URL="api.${BASE_DOMAIN}"
            FRONTEND_URL="finance.${BASE_DOMAIN}"
          else
            # This is your current logic
            FRONTEND_URL="pr-${{ inputs.pr_number }}.group-8-frontend.pages.dev"
            BACKEND_URL="api-pr-${{ inputs.pr_number }}.${BASE_DOMAIN}"
          fi
          FRONTEND_URL_SCHEME="https://$FRONTEND_URL"
          BACKEND_URL_SCHEME="https://$BACKEND_URL"
          # This part correctly writes to GITHUB_OUTPUT for the step
          echo "backend_url_scheme=$BACKEND_URL_SCHEME" >> $GITHUB_OUTPUT
          echo "frontend_url_scheme=$FRONTEND_URL_SCHEME" >> $GITHUB_OUTPUT
          echo "backend_url=$BACKEND_URL" >> $GITHUB_OUTPUT
          echo "frontend_url=$FRONTEND_URL" >> $GITHUB_OUTPUT
--- a/7project/backend/app/app.py
+++ b/7project/backend/app/app.py
@@ -1,10 +1,5 @@
 import logging
 import os
 from datetime import datetime
 from fastapi import Depends, FastAPI
 from fastapi.middleware.cors import CORSMiddleware
 from starlette.requests import Request
 from app.models.user import User
@@ -14,16 +9,6 @@ from app.api.categories import router as categories_router
 from app.api.transactions import router as transactions_router
 from app.services.user_service import auth_backend, current_active_verified_user, fastapi_users, get_oauth_provider
 from fastapi import FastAPI
 import sentry_sdk
 sentry_sdk.init(
    dsn=os.getenv("SENTRY_DSN"),
    send_default_pii=True,
 )
 app = FastAPI()
 fastApi = FastAPI()
 # CORS for frontend dev server
@@ -32,7 +17,6 @@ fastApi.add_middleware(
    allow_origins=[
        "http://localhost:5173",
        "http://127.0.0.1:5173",
        os.getenv("FRONTEND_DOMAIN_SCHEME", "")
    ],
    allow_credentials=True,
    allow_methods=["*"],
@@ -43,27 +27,6 @@ fastApi.include_router(auth_router)
 fastApi.include_router(categories_router)
 fastApi.include_router(transactions_router)
 logging.basicConfig(filename='app.log', level=logging.INFO, format='%(asctime)s %(message)s')
@fastApi.middleware("http")
 async def log_traffic(request: Request, call_next):
    start_time = datetime.now()
    response = await call_next(request)
    process_time = (datetime.now() - start_time).total_seconds()
    client_host = request.client.host
    log_params = {
        "request_method": request.method,
        "request_url": str(request.url),
        "request_size": request.headers.get("content-length"),
        "request_headers": dict(request.headers),
        "response_status": response.status_code,
        "response_size": response.headers.get("content-length"),
        "response_headers": dict(response.headers),
        "process_time": process_time,
        "client_host": client_host
    }
    logging.info(str(log_params))
    return response
 fastApi.include_router(
    fastapi_users.get_oauth_router(
        get_oauth_provider("MojeID"),
@@ -96,7 +59,3 @@ async def root():
@fastApi.get("/authenticated-route")
 async def authenticated_route(user: User = Depends(current_active_verified_user)):
    return {"message": f"Hello {user.email}!"}
@fastApi.get("/sentry-debug")
 async def trigger_error():
    division_by_zero = 1 / 0
--- a/7project/backend/requirements.txt
+++ b/7project/backend/requirements.txt
@@ -50,7 +50,6 @@ python-dateutil==2.9.0.post0
 python-dotenv==1.1.1
 python-multipart==0.0.20
 PyYAML==6.0.2
 sentry-sdk==2.42.0
 six==1.17.0
 sniffio==1.3.1
 SQLAlchemy==2.0.43
@@ -59,7 +58,6 @@ tomli==2.2.1
 typing-inspection==0.4.1
 typing_extensions==4.15.0
 tzdata==2025.2
 urllib3==2.5.0
 uvicorn==0.37.0
 uvloop==0.21.0
 vine==5.1.0
--- a/7project/charts/myapp-chart/templates/NOTES.txt
+++ b/7project/charts/myapp-chart/templates/NOTES.txt
@@ -0,0 +1,54 @@
 Thank you for installing myapp-chart.
 This chart packages all Kubernetes manifests from the original deployment directory and parameterizes environment, database name (with optional PR suffix), image, and domain for external access.
 Namespaces per developer (important):
 - Install each developer's environment into their own namespace using Helm's -n/--namespace flag.
 - No hardcoded namespace is used in templates; resources are created in .Release.Namespace.
 - Example namespaces: dev-alice, dev-bob, pr-123, etc.
 Key values:
 - deployment -> used as Database CR name and DB username (MARIADB_DB and MARIADB_USER)
 - image.repository/tag or image.digest -> container image
 - domain -> public FQDN used by TunnelBinding (required to expose app)
 - app/worker names, replicas, ports
 Examples:
 - Dev install (Alice):
  helm upgrade --install myapp ./7project/charts/myapp-chart \
    -n dev-alice --create-namespace \
    -f values-dev.yaml \
    --set domain=alice.demo.example.com \
    --set-string rabbitmq.password="$RABBITMQ_PASSWORD" \
    --set-string database.password="$DB_PASSWORD"
 - Dev install (Bob):
  helm upgrade --install myapp ./7project/charts/myapp-chart \
    -n dev-bob --create-namespace \
    -f values-dev.yaml \
    --set domain=bob.demo.example.com
 - Prod install (different cleanupPolicy):
  helm upgrade --install myapp ./7project/charts/myapp-chart \
    -n prod --create-namespace \
    -f values-prod.yaml \
    --set domain=app.example.com
 - PR (preview) install with DB name containing PR number (also its own namespace):
  PR=123
  helm upgrade --install myapp-pr-$PR ./7project/charts/myapp-chart \
    -n pr-$PR --create-namespace \
    -f values-dev.yaml \
    --set prNumber=$PR \
    --set deployment=preview-$PR \
    --set domain=pr-$PR.example.com
 - Use a custom deployment identifier to suffix DB name, DB username and Secret name:
  helm upgrade --install myapp ./7project/charts/myapp-chart \
    -n dev-alice --create-namespace \
    -f values-dev.yaml \
    --set deployment=alice \
    --set domain=alice.demo.example.com
 Render locally (dry run):
  helm template ./7project/charts/myapp-chart -f values-dev.yaml --set prNumber=456 --set deployment=test --set domain=demo.example.com --namespace dev-test | sed -n '/kind: Database/,$p' | head -n 30
--- a/7project/charts/myapp-chart/templates/app-deployment.yaml
+++ b/7project/charts/myapp-chart/templates/app-deployment.yaml
@@ -20,7 +20,7 @@ spec:
          securityContext:
            allowPrivilegeEscalation: false
            capabilities:
-              drop: [ "ALL" ]
+              drop: ["ALL"]
          ports:
            - containerPort: {{ .Values.app.port }}
          env:
@@ -29,27 +29,21 @@ spec:
            - name: MARIADB_PORT
              value: '3306'
            - name: MARIADB_DB
-              valueFrom:
+              value: {{ required "Set .Values.deployment" .Values.deployment | quote }}
                secretKeyRef:
                  name: prod
                  key: MARIADB_DB
            - name: MARIADB_USER
-              valueFrom:
+              value: {{ required "Set .Values.deployment" .Values.deployment | quote }}
                secretKeyRef:
                  name: prod
                  key: MARIADB_USER
            - name: MARIADB_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: prod
+                  name: {{ required "Set .Values.database.secretName" .Values.database.secretName }}
-                  key: MARIADB_PASSWORD
+                  key: password
            - name: RABBITMQ_USERNAME
              value: {{ .Values.rabbitmq.username | quote }}
            - name: RABBITMQ_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: prod
+                  name: {{ printf "%s-user-credentials" (.Values.rabbitmq.username | default "app-user") }}
-                  key: RABBITMQ_PASSWORD
+                  key: password
            - name: RABBITMQ_HOST
              value: {{ printf "%s.%s.svc.cluster.local" "rabbitmq-cluster" .Release.Namespace | quote }}
            - name: RABBITMQ_PORT
@@ -58,39 +52,6 @@ spec:
              value: {{ .Values.rabbitmq.vhost | default "/" | quote }}
            - name: MAIL_QUEUE
              value: {{ .Values.worker.mailQueueName | default "mail_queue" | quote }}
            - name: MOJEID_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: MOJEID_CLIENT_ID
            - name: MOJEID_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: MOJEID_CLIENT_SECRET
            - name: BANKID_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: BANKID_CLIENT_ID
            - name: BANKID_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: BANKID_CLIENT_SECRET
            - name: DOMAIN
              value: {{ required "Set .Values.domain" .Values.domain | quote }}
            - name: DOMAIN_SCHEME
              value: {{ required "Set .Values.domain_scheme" .Values.domain_scheme | quote }}
            - name: FRONTEND_DOMAIN
              value: {{ required "Set .Values.frontend_domain" .Values.frontend_domain | quote }}
            - name: FRONTEND_DOMAIN_SCHEME
              value: {{ required "Set .Values.frontend_domain_scheme" .Values.frontend_domain_scheme | quote }}
            - name: SENTRY_DSN
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: SENTRY_DSN
          livenessProbe:
            httpGet:
              path: /
--- a/7project/charts/myapp-chart/templates/prod.yaml
+++ b/7project/charts/myapp-chart/templates/prod.yaml
@@ -1,18 +0,0 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: prod
 type: Opaque
 stringData:
  MOJEID_CLIENT_ID: {{ .Values.oauth.mojeid.clientId | quote }}
  MOJEID_CLIENT_SECRET: {{ .Values.oauth.mojeid.clientSecret | quote }}
  BANKID_CLIENT_ID: {{ .Values.oauth.bankid.clientId | quote }}
  BANKID_CLIENT_SECRET: {{ .Values.oauth.bankid.clientSecret | quote }}
  # Database credentials
  MARIADB_DB: {{ required "Set .Values.deployment" .Values.deployment | quote }}
  MARIADB_USER: {{ required "Set .Values.deployment" .Values.deployment | quote }}
  MARIADB_PASSWORD: {{ .Values.database.password | default "" | quote }}
  # RabbitMQ credentials
  RABBITMQ_PASSWORD: {{ .Values.rabbitmq.password | default "" | quote }}
  RABBITMQ_USERNAME: {{ .Values.rabbitmq.username | quote }}
  SENTRY_DSN: {{ .Values.sentry_dsn | quote }}
--- a/7project/charts/myapp-chart/templates/worker-deployment.yaml
+++ b/7project/charts/myapp-chart/templates/worker-deployment.yaml
@@ -31,32 +31,13 @@ spec:
            - --loglevel
            - INFO
          env:
            - name: MARIADB_HOST
              value: "mariadb-repl-maxscale-internal.mariadb-operator.svc.cluster.local"
            - name: MARIADB_PORT
              value: '3306'
            - name: MARIADB_DB
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: MARIADB_DB
            - name: MARIADB_USER
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: MARIADB_USER
            - name: MARIADB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: MARIADB_PASSWORD
            - name: RABBITMQ_USERNAME
              value: {{ .Values.rabbitmq.username | quote }}
            - name: RABBITMQ_PASSWORD
              valueFrom:
                secretKeyRef:
-                  name: prod
+                  name: {{ printf "%s-user-credentials" (.Values.rabbitmq.username | default "app-user") }}
-                  key: RABBITMQ_PASSWORD
+                  key: password
            - name: RABBITMQ_HOST
              value: {{ printf "%s.%s.svc.cluster.local" "rabbitmq-cluster" .Release.Namespace | quote }}
            - name: RABBITMQ_PORT
@@ -65,8 +46,3 @@ spec:
              value: {{ .Values.rabbitmq.vhost | default "/" | quote }}
            - name: MAIL_QUEUE
              value: {{ .Values.worker.mailQueueName | default "mail_queue" | quote }}
            - name: SENTRY_DSN
              valueFrom:
                secretKeyRef:
                  name: prod
                  key: SENTRY_DSN
--- a/7project/charts/myapp-chart/values.yaml
+++ b/7project/charts/myapp-chart/values.yaml
@@ -11,12 +11,6 @@ deployment: ""
 # Public domain to expose the app under (used by TunnelBinding fqdn)
 # Set at install time: --set domain=example.com
 domain: ""
 domain_scheme: ""
 frontend_domain: ""
 frontend_domain_scheme: ""
 sentry_dsn: ""
 image:
  repository: lukastrkan/cc-app-demo
@@ -39,14 +33,6 @@ worker:
 service:
  port: 80
 oauth:
  bankid:
    clientId: ""
    clientSecret: ""
  mojeid:
    clientId: ""
    clientSecret: ""
 rabbitmq:
  create: true
  replicas: 1
--- a/7project/deployment/app-demo-database-grant.yaml
+++ b/7project/deployment/app-demo-database-grant.yaml
@@ -0,0 +1,20 @@
 apiVersion: k8s.mariadb.com/v1alpha1
 kind: Grant
 metadata:
  name: grant
 spec:
  mariaDbRef:
    name: mariadb-repl
    namespace: mariadb-operator
  privileges:
    - "ALL PRIVILEGES"
  database: "app-demo-database"
  table: "*"
  username: "app-demo-user"
  grantOption: true
  host: "%"
  # Delete the resource in the database whenever the CR gets deleted.
  # Alternatively, you can specify Skip in order to omit deletion.
  cleanupPolicy: Skip
  requeueInterval: 10h
  retryInterval: 30s
--- a/7project/deployment/app-demo-database-secret.yaml
+++ b/7project/deployment/app-demo-database-secret.yaml
@@ -0,0 +1,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
  name: app-demo-database-secret
 type: kubernetes.io/basic-auth
 stringData:
  password: "strongpassword"
--- a/7project/deployment/app-demo-database-user.yaml
+++ b/7project/deployment/app-demo-database-user.yaml
@@ -0,0 +1,20 @@
 apiVersion: k8s.mariadb.com/v1alpha1
 kind: User
 metadata:
  name: app-demo-user
 spec:
  # If you want the user to be created with a different name than the resource name
  # name: user-custom
  mariaDbRef:
    name: mariadb-repl
    namespace: mariadb-operator
  passwordSecretKeyRef:
    name: app-demo-database-secret
    key: password
  maxUserConnections: 20
  host: "%"
  # Delete the resource in the database whenever the CR gets deleted.
  # Alternatively, you can specify Skip in order to omit deletion.
  cleanupPolicy: Skip
  requeueInterval: 10h
  retryInterval: 30s
--- a/7project/deployment/app-demo-database.yaml
+++ b/7project/deployment/app-demo-database.yaml
@@ -0,0 +1,15 @@
 apiVersion: k8s.mariadb.com/v1alpha1
 kind: Database
 metadata:
  name: app-demo-database
 spec:
  mariaDbRef:
    name: mariadb-repl
    namespace: mariadb-operator
  characterSet: utf8
  collate: utf8_general_ci
  # Delete the resource in the database whenever the CR gets deleted.
  # Alternatively, you can specify Skip in order to omit deletion.
  cleanupPolicy: Skip
  requeueInterval: 10h
  retryInterval: 30s
--- a/7project/deployment/app-demo-deployment.yaml
+++ b/7project/deployment/app-demo-deployment.yaml
@@ -0,0 +1,48 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: app-demo
 spec:
  replicas: 3
  revisionHistoryLimit: 3
  selector:
    matchLabels:
      app: app-demo
  template:
    metadata:
      labels:
        app: app-demo
    spec:
      containers:
        - image: lukastrkan/cc-app-demo@sha256:75634b4d97282b6b8424fe17767c81adf44af5f7359c1d25883073b5629b3e05
          name: app-demo
          ports:
            - containerPort: 8000
          env:
            - name: MARIADB_HOST
              value: mariadb-repl.mariadb-operator.svc.cluster.local
            - name: MARIADB_PORT
              value: '3306'
            - name: MARIADB_DB
              value: app-demo-database
            - name: MARIADB_USER
              value: app-demo-user
            - name: MARIADB_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: app-demo-database-secret
                  key: password
          livenessProbe:
            httpGet:
              path: /
              port: 8000
            initialDelaySeconds: 10
            periodSeconds: 10
            failureThreshold: 3
          readinessProbe:
            httpGet:
              path: /
              port: 8000
            initialDelaySeconds: 10
            periodSeconds: 10
            failureThreshold: 3
--- a/7project/deployment/app-demo-svc.yaml
+++ b/7project/deployment/app-demo-svc.yaml
@@ -0,0 +1,10 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: app-demo
 spec:
  ports:
  - port: 80
    targetPort: 8000
  selector:
    app: app-demo
--- a/7project/deployment/app-demo-worker-deployment.yaml
+++ b/7project/deployment/app-demo-worker-deployment.yaml
@@ -0,0 +1,41 @@
 apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: app-demo-worker
 spec:
  replicas: 3
  revisionHistoryLimit: 3
  selector:
    matchLabels:
      app: app-demo-worker
  template:
    metadata:
      labels:
        app: app-demo-worker
    spec:
      containers:
        - image: lukastrkan/cc-app-demo@sha256:75634b4d97282b6b8424fe17767c81adf44af5f7359c1d25883073b5629b3e05
          name: app-demo-worker
          command:
            - celery
            - -A
            - app.celery_app
            - worker
            - -Q
            - $(MAIL_QUEUE)
            - --loglevel
            - INFO
          env:
            - name: RABBITMQ_USERNAME
              value: demo-app
            - name: RABBITMQ_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: demo-app-user-credentials
                  key: password
            - name: RABBITMQ_HOST
              value: rabbitmq.rabbitmq.svc.cluster.local
            - name: RABBITMQ_PORT
              value: '5672'
            - name: RABBITMQ_VHOST
              value: "/"
--- a/7project/deployment/tunnel.yaml
+++ b/7project/deployment/tunnel.yaml
@@ -0,0 +1,14 @@
 apiVersion: networking.cfargotunnel.com/v1alpha1
 kind: TunnelBinding
 metadata:
  name: guestbook-tunnel-binding
  namespace: group-project
 subjects:
  - name: app-server
    spec:
      target: http://app-demo.group-project.svc.cluster.local
      fqdn: demo.ltrk.cz
      noTlsVerify: true
 tunnelRef:
  kind: ClusterTunnel
  name: cluster-tunnel
--- a/7project/meetings/2025-10-16-meeting.md
+++ b/7project/meetings/2025-10-16-meeting.md
@@ -1,53 +0,0 @@
 # Weekly Meeting Notes
 - Group 8 - Personal finance tracker
 - Mentor: Jaychander
 Keep all meeting notes in the `meetings.md` file in your project folder.
 Just copy the template below for each weekly meeting and fill in the details.
 ## Administrative Info
 - Date: 2025-10-08
 - Attendees: Dejan Ribarovski, Lukas Trkan
 - Notetaker: Dejan Ribarovski
 ## Progress Update (Before Meeting)
 Summary of what has been accomplished since the last meeting in the following categories.
 ## Action Items from Last Week (During Meeting)
 - [x] start coding the app logic
 - [x] start writing the report so it matches the actual progress
 - [x] redo the system diagram so it includes a response flow
 ### Coding
 Implemented initial functioning version of the app, added OAuth with BankId and MojeID,
 added database snapshots.
 ### Documentation
 report.md is up to date
 ## Questions and Topics for Discussion (Before Meeting)
 Prepare 3-5 questions and topics you want to discuss with your mentor.
 1. What other functionality should be added to the app
 2. Priority for the next week (Testing maybe?)
 3. Question 3
 ## Discussion Notes (During Meeting)
 ## Action Items for Next Week (During Meeting)
 Last 3 minutes of the meeting, summarize action items.
 - [ ] OAuth
 - [ ] CI/CD fix
 - [ ] Database local (multiple bank accounts)
 - [ ] Add tests and set up github pipeline
 - [ ] Frontend imporvment - user experience
 - [ ] make the report more clear
 ---
--- a/7project/meetings/2025-10-9-meeting.md
+++ b/7project/meetings/2025-10-9-meeting.md
--- a/7project/report.md
+++ b/7project/report.md
@@ -1,4 +1,4 @@
-# Personal finance tracker
+# Project Report
 > **Instructions**:
 > This template provides the structure for your project report.
@@ -7,211 +7,126 @@
 ## Project Overview
-**Project Name**: Personal Finance Tracker
+**Project Name**: [Your project name]
 **Group Members**:
- 289229, Lukáš Trkan, lukastrkan
+- Student number, Name, GitHub username
- 289258, Dejan Ribarovski, derib2613, ribardej
+- Student number, Name, GitHub username
 - Student number, Name, GitHub username
 **Brief Description**:
-Our application is a finance tracker, so a person can easily track his cash flow
+[2-3 sentences describing what your application does and its main purpose]
 through multiple bank accounts. Person can label transactions with custom categories
 and later filter by them.
 ## Architecture Overview
 Our system is a full‑stack web application composed of a React frontend, a FastAPI backend, a PostgreSQL database, and asynchronous background workers powered by Celery with RabbitMQ. Redis is available for caching/kv and may be used by Celery as a result backend. The backend exposes REST endpoints for authentication (email/password and OAuth), users, categories, and transactions. A thin controller layer (FastAPI routers) lives under app/api. Infrastructure for Kubernetes is provided via OpenTofu (Terraform‑compatible) modules and the application is packaged via a Helm chart.
 ### High-Level Architecture
 [Describe the overall system architecture. Consider including a diagram using mermaid or linking to an image]
 ```mermaid
-flowchart LR
+graph TD
-    proc_queue[Message Queue] --> proc_queue_worker[Worker Service]
+    A[Component A] --> B[Component B]
-    proc_queue_worker --> ext_mail[(Email Service)]
+    B --> C[Component C]
    proc_cron[Task planner] --> proc_queue
    proc_queue_worker --> ext_bank[(Bank API)]
    proc_queue_worker --> db
    client[Client/Frontend] <--> svc[Backend API]
    svc --> proc_queue
    svc <--> db[(Database)]
    svc <--> cache[(Cache)]
 ```
 ### Components
- Frontend (frontend/): React + TypeScript app built with Vite. Talks to the backend via REST, handles login/registration, shows latest transactions, filtering, and allows adding transactions.
+- **Component 1**: [Description of what this component does]
- Backend API (backend/app): FastAPI app with routers under app/api for auth, categories, and transactions. Uses FastAPI Users for auth (JWT + OAuth), SQLAlchemy ORM, and Pydantic v2 schemas.
+- **Component 2**: [Description of what this component does]
- Worker service (backend/app/workers): Celery worker handling asynchronous tasks (e.g., sending verification emails, future background processing).
+- **Component 3**: [Description of what this component does]
 - Database (PostgreSQL): Persists users, categories, transactions; schema managed by Alembic migrations.
 - Message Queue (RabbitMQ): Transports background jobs from the API to the worker.
 - Cache/Result Store (Redis): Available for caching or Celery result backend.
 - Infrastructure as Code (tofu/): OpenTofu modules provisioning cluster services (RabbitMQ, Redis, Argo CD, cert-manager, Cloudflare tunnel, etc.).
 - Deployment Chart (charts/myapp-chart/): Helm chart to deploy the application to Kubernetes.
 ### Technologies Used
- Backend: Python, FastAPI, FastAPI Users, SQLAlchemy, Pydantic, Alembic, Celery
+- **Backend**: [e.g., Go, Node.js, Python]
- Frontend: React, TypeScript, Vite
+- **Database**: [e.g., PostgreSQL, MongoDB, Redis]
- Database: PostgreSQL
+- **Cloud Services**: [e.g., AWS EC2, Google Cloud Run, Azure Functions]
- Messaging: RabbitMQ 
+- **Container Orchestration**: [e.g., Docker, Kubernetes]
- Cache: Redis
+- **Other**: [List other significant technologies]
 - Containerization/Orchestration: Docker, Docker Compose (dev), Kubernetes, Helm
 - IaC/Platform: OpenTofu (Terraform), Argo CD, cert-manager, MetalLB, Cloudflare Tunnel, Prometheus
 ## Prerequisites
 ### System Requirements
- Operating System: Linux, macOS, or Windows
+- Operating System: [e.g., Linux, macOS, Windows]
- Minimum RAM: 4 GB (8 GB recommended for running backend, frontend, and database together)
+- Minimum RAM: [e.g., 8GB]
- Storage: 2 GB free (Docker images may require additional space)
+- Storage: [e.g., 10GB free space]
 ### Required Software
- Docker Desktop or Docker Engine 24+
+- [Software 1] (version X.X or higher)
- Docker Compose v2+
+- [Software 2] (version X.X or higher)
- Node.js 20+ and npm 10+ (for local frontend dev/build)
+- [etc.]
 - Python 3.12+ (for local backend dev outside Docker)
 - PostgreSQL 15+ (optional if running DB outside Docker)
 - Helm 3.12+ and kubectl 1.29+ (for Kubernetes deployment)
 - OpenTofu 1.7+ (for infrastructure provisioning)
-### Environment Variables (common)
+### Dependencies
- Backend: SECRET, FRONTEND_URL, BACKEND_URL, DATABASE_URL, RABBITMQ_URL, REDIS_URL 
+```bash
- OAuth vars (Backend): MOJEID_CLIENT_ID/SECRET, BANKID_CLIENT_ID/SECRET (optional)
+# List key dependencies that need to be installed
- Frontend: VITE_BACKEND_URL
+# For example:
-
+# Docker Engine 20.10+
-### Dependencies (key libraries)
+# Node.js 18+
-I am not sure what is meant by "key libraries"
+# Go 1.25+
-
+```
 Backend: FastAPI, fastapi-users, SQLAlchemy, pydantic v2, Alembic, Celery  
 Frontend: React, TypeScript, Vite  
 Services: PostgreSQL, RabbitMQ, Redis
 ## Build Instructions
-You can run the project with Docker Compose (recommended for local development) or run services manually.
+### 1. Clone the Repository
 ### 1) Clone the Repository
 ```bash
-git clone https://github.com/dat515-2025/Group-8.git
+git clone [your-repository-url]
-cd 7project
+cd [repository-name]
 ```
-### 2) Install dependencies
+### 2. Install Dependencies
-Backend
+
 ```bash
-# In 7project/backend
+# Provide step-by-step commands
-python3.12 -m venv .venv
+# For example:
-source .venv/bin/activate  # Windows: .venv\Scripts\activate
+# npm install
-pip install -r requirements.txt
+# go mod download
 ```
-Frontend
+
 ### 3. Build the Application
 ```bash
-# In 7project/frontend
+# Provide exact build commands
-npm install
+# For example:
 # make build
 # docker build -t myapp .
 ```
-### 3) Manual Local Run
+### 4. Configuration
 Backend
 ```bash
-# From the 7project/ directory
+# Any configuration steps needed
-docker compose up --build
+# Environment variables to set
-# This starts: PostgreSQL, RabbitMQ/Redis (if defined)
+# Configuration files to create
 # Set environment variables (or create .env file)
 export SECRET=CHANGE_ME_SECRET
 export BACKEND_URL=http://127.0.0.1:8000
 export FRONTEND_URL=http://localhost:5173
 export DATABASE_URL=postgresql+asyncpg://user:password@127.0.0.1:5432/app
 export RABBITMQ_URL=amqp://guest:guest@127.0.0.1:5672/
 export REDIS_URL=redis://127.0.0.1:6379/0
 # Apply DB migrations (Alembic)
 # From 7project/backend
 alembic upgrade head
 # Run API
 uvicorn app.app:fastApi --reload --host 0.0.0.0 --port 8000
 # Run Celery worker (optional, for emails/background tasks)
 celery -A app.celery_app.celery_app worker -l info
 ```
 Frontend
 ```bash
 # Configure backend URL for dev
 echo 'VITE_BACKEND_URL=http://127.0.0.1:8000' > .env
 npm run dev
 # Open http://localhost:5173
 ```
 - Backend default: http://127.0.0.1:8000 (OpenAPI at /docs)
 - Frontend default: http://localhost:5173
 If needed, adjust compose services/ports in compose.yml.
 ## Deployment Instructions
-### Local (Docker Compose)
+### Local Deployment
 Described in the previous section (Manual Local Run)
 ### Kubernetes (via OpenTofu + Helm)
 1) Provision platform services (RabbitMQ/Redis/ingress/tunnel/etc.) with OpenTofu
 ```bash
-cd tofu
+# Step-by-step commands for local deployment
-# copy and edit variables
+# For example:
-cp terraform.tfvars.example terraform.tfvars
+# docker-compose up -d
-# authenticate to your cluster/cloud as needed, then:
+# kubectl apply -f manifests/
 tofu init
 tofu plan
 tofu apply
 ```
-2) Deploy the app using Helm
+### Cloud Deployment
 ```bash
 # Set the namespace
 kubectl create namespace myapp || true
 # Install/upgrade the chart with required values
 helm upgrade --install myapp charts/myapp-chart \
  -n myapp \
  -f charts/myapp-chart/values.yaml \
  --set image.backend.repository=myorg/myapp-backend \
  --set image.backend.tag=latest \
  --set env.BACKEND_URL="https://myapp.example.com" \
  --set env.FRONTEND_URL="https://myapp.example.com" \
  --set env.SECRET="CHANGE_ME_SECRET"
 ```
 Adjust values to your registry and domain. The chart’s NOTES.txt includes additional examples.
 3) Expose and access
 - If using Cloudflare Tunnel or an ingress, configure DNS accordingly (see tofu/modules/cloudflare and deployment/tunnel.yaml).
 - For quick testing without ingress:
 ```bash
-kubectl -n myapp port-forward deploy/myapp-backend 8000:8000
+# Commands for cloud deployment
-kubectl -n myapp port-forward deploy/myapp-frontend 5173:80
+# Include any cloud-specific setup
 ```
 ### Verification
 ```bash
-# Check pods
+# Commands to verify deployment worked
-kubectl -n myapp get pods
+# How to check if services are running
-
+# Example health check endpoints
 # Backend health
 curl -i http://127.0.0.1:8000/
 # OpenAPI
 open http://127.0.0.1:8000/docs
 # Frontend (if port-forwarded)
 open http://localhost:5173
 ```
 ## Testing Instructions
@@ -241,38 +156,19 @@ open http://localhost:5173
 ## Usage Examples
-All endpoints are documented at OpenAPI: http://127.0.0.1:8000/docs
+### Basic Usage
 ### Auth: Register and Login (JWT)
 ```bash
-# Register
+# Examples of how to use the application
-curl -X POST http://127.0.0.1:8000/auth/register \
+# Common commands or API calls
-  -H 'Content-Type: application/json' \
+# Sample data or test scenarios
  -d '{
    "email": "user@example.com",
    "password": "StrongPassw0rd",
    "first_name": "Jane",
    "last_name": "Doe"
  }'
 # Login (JWT)
 TOKEN=$(curl -s -X POST http://127.0.0.1:8000/auth/jwt/login \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d 'username=user@example.com&password=StrongPassw0rd' | jq -r .access_token)
 echo $TOKEN
 # Call a protected route
 curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8000/authenticated-route
 ```
-### Frontend
+### Advanced Features
- Start with: npm run dev in 7project/frontend
+```bash
- Ensure VITE_BACKEND_URL is set to the backend URL (e.g., http://127.0.0.1:8000)
+# Examples showcasing advanced functionality
- Open http://localhost:5173
+```
 - Login, view latest transactions, filter, and add new transactions from the UI.
 ---
@@ -319,18 +215,18 @@ curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8000/authenticated-route
 > This information is used for individual grading.
 > Link to the specific commit on GitHub for each contribution.
-| Task/Component                                                        | Assigned To | Status        | Time Spent     | Difficulty | Notes       |
+| Task/Component                                                      | Assigned To | Status        | Time Spent | Difficulty | Notes       |
-|-----------------------------------------------------------------------|-------------| ------------- |----------------|------------| ----------- |
+| ------------------------------------------------------------------- | ----------- | ------------- | ---------- | ---------- | ----------- |
-| [Project Setup & Repository](https://github.com/dat515-2025/Group-8#) | Lukas       | ✅ Complete    | [X hours]      | Medium     | [Any notes] |
+| Project Setup & Repository                                          | [Name]      | ✅ Complete    | [X hours]  | Medium     | [Any notes] |
-| [Design Document](https://github.com/dat515-2025/Group-8/blob/main/6design/design.md)          | Both        | ✅ Complete    | 2 Hours        | Easy       | [Any notes] |
+| [Design Document](https://github.com/dat515-2025/group-name)         | [Name]      | ✅ Complete    | [X hours]  | Easy       | [Any notes] |
-| [Backend API Development](https://github.com/dat515-2025/Group-8/tree/main/7project/backend/app/api)  | Dejan       | ✅ Complete    | 10 hours       | Medium     | [Any notes] |
+| [Backend API Development](https://github.com/dat515-2025/group-name) | [Name]      | ✅ Complete    | [X hours]  | Hard       | [Any notes] |
-| [Database Setup & Models](https://github.com/dat515-2025/Group-8/tree/main/7project/backend/app/models)  | Lukas       | ✅ Complete    | [X hours]      | Medium     | [Any notes] |
+| [Database Setup & Models](https://github.com/dat515-2025/group-name) | [Name]      | ✅ Complete    | [X hours]  | Medium     | [Any notes] |
-| [Frontend Development](https://github.com/dat515-2025/Group-8/tree/main/7project/frontend)     | Dejan       | 🔄 In Progress | 7 hours so far | Medium     | [Any notes] |
+| [Frontend Development](https://github.com/dat515-2025/group-name)    | [Name]      | 🔄 In Progress | [X hours]  | Medium     | [Any notes] |
-| [Docker Configuration](https://github.com/dat515-2025/Group-8/blob/main/7project/compose.yml)     | Lukas       | ✅ Complete    | [X hours]      | Easy       | [Any notes] |
+| [Docker Configuration](https://github.com/dat515-2025/group-name)    | [Name]      | ✅ Complete    | [X hours]  | Easy       | [Any notes] |
-| [Cloud Deployment](https://github.com/dat515-2025/Group-8/blob/main/7project/deployment/app-demo-deployment.yaml)         | Lukas       | ✅ Complete    | [X hours]      | Hard       | [Any notes] |
+| [Cloud Deployment](https://github.com/dat515-2025/group-name)        | [Name]      | ✅ Complete    | [X hours]  | Hard       | [Any notes] |
-| [Testing Implementation](https://github.com/dat515-2025/group-name)   | Dejan       | ❌ Not Started     | [X hours]      | Medium     | [Any notes] |
+| [Testing Implementation](https://github.com/dat515-2025/group-name)  | [Name]      | ⏳ Pending     | [X hours]  | Medium     | [Any notes] |
-| [Documentation](https://github.com/dat515-2025/group-name)            | Both        | ❌ Not Started   | [X hours]      | Easy       | [Any notes] |
+| [Documentation](https://github.com/dat515-2025/group-name)           | [Name]      | ✅ Complete    | [X hours]  | Easy       | [Any notes] |
-| [Presentation Video](https://github.com/dat515-2025/group-name)       | Both        | ❌ Not Started     | [X hours]      | Medium     | [Any notes] |
+| [Presentation Video](https://github.com/dat515-2025/group-name)      | [Name]      | ✅ Complete    | [X hours]  | Medium     | [Any notes] |
 **Legend**: ✅ Complete | 🔄 In Progress | ⏳ Pending | ❌ Not Started
@@ -348,16 +244,25 @@ curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8000/authenticated-route
 | [Date]    | Documentation       | [X.X]      | Updated README and design doc       |
 | **Total** |                     | **[XX.X]** |                                     |
-### Dejan
+### [Team Member 2 Name]
-| Date        | Activity             | Hours  | Description                    |
+| Date      | Activity             | Hours      | Description                               |
-|-------------|----------------------|--------|--------------------------------|
+| --------- | -------------------- | ---------- | ----------------------------------------- |
-| 25.9.       | Design               | 1.5    | 6design                        |
+| [Date]    | Frontend Development | [X.X]      | Created user interface mockups            |
-| 9-11.10.    | Backend APIs         | 10     | Implemented Backend APIs       |
+| [Date]    | Integration          | [X.X]      | Connected frontend to backend API         |
-| 13-15.10.   | Frontend Development | 6.5    | Created user interface mockups |
+| [Date]    | Deployment           | [X.X]      | Docker configuration and cloud deployment |
-| Continually | Documantation        | 3      | Documenting the dev process    |
+| [Date]    | Testing              | [X.X]      | End-to-end testing                        |
-| **Total**   |                      | **21** |                                |
+| **Total** |                      | **[XX.X]** |                                           |
 ### [Team Member 3 Name] (if applicable)
 | Date      | Activity                 | Hours      | Description                      |
 | --------- | ------------------------ | ---------- | -------------------------------- |
 | [Date]    | Database Design          | [X.X]      | Schema design and implementation |
 | [Date]    | Cloud Configuration      | [X.X]      | AWS/GCP setup and configuration  |
 | [Date]    | Performance Optimization | [X.X]      | Caching and query optimization   |
 | [Date]    | Monitoring               | [X.X]      | Logging and monitoring setup     |
 | **Total** |                          | **[XX.X]** |                                  |
 ### Group Total: [XXX.X] hours
@@ -387,8 +292,11 @@ curl -H "Authorization: Bearer $TOKEN" http://127.0.0.1:8000/authenticated-route
 [Personal reflection on growth, challenges, and learning]
 #### [Team Member 3 Name] (if applicable)
 [Personal reflection on growth, challenges, and learning]
 ---
 **Report Completion Date**: [Date]
-**Last Updated**: 15.10.2025
+**Last Updated**: [Date]