Sync .kiro/ from master — v2.2.0 release batch

New specs: archer-template-library, ccp-metrics-view-restructure, compliance-list-stale-after-sidebar-edit, compliance-metric-estimated-resolution-date, compliance-remediation-display-fix, flexible-jira-ticket-creation, forecast-burndown-chart, granite-loader-export, ivanti-queue-clear-completed-fix, multi-item-jira-ticket, queue-collapsible-sections, vendor-issue-type-dropdown New steering: archer-template-gen.md Updated: migration-registration-check hook, remediation-plan-history spec, gitlab-workflow, tech, versioning steering files
2026-06-04 11:27:31 -06:00
parent 8ebd7e4d5e
commit a61d254ff9
54 changed files with 6992 additions and 59 deletions
--- a/.kiro/steering/tech.md
+++ b/.kiro/steering/tech.md
@@ -80,9 +80,62 @@ Python dependencies: `pandas>=2.0.0`, `openpyxl>=3.0.0` (install via apt or venv
 - Both `.env` files are gitignored; see `.env.example` files for templates.
 - React env vars are baked in at **build time** — you must rebuild (`npm run build`) after changing them.

+## Code Style & Lint Rules
+
+### Unused Variables
+
+The frontend ESLint config enforces `no-unused-vars` as a warning. The CI pipeline fails if warnings exceed 25. To avoid lint failures:
+
+- **Prefix intentionally-unused variables with `_`** — this suppresses the warning. The `varsIgnorePattern: "^_"` and `argsIgnorePattern: "^_"` rules are configured in `frontend/package.json`.
+- Common patterns:
+  - `const [_unused, setFoo] = useState(...)` — destructured value you don't need
+  - `const _legacyRef = useRef(...)` — kept for future use
+  - `function handler(_event) { ... }` — required parameter signature but unused
+- **Do not leave variables unprefixed if unused.** Either use them, remove them, or prefix with `_`.
+- This applies to all frontend code written by the agent.
+
+### Backend
+
+No ESLint is configured for backend — the pipeline uses `node -c` syntax checking only. Keep code clean but there is no automated unused-var enforcement on the backend side.
+
 ## Ports

 | Environment | URL | Notes |
 |---|---|---|
-| Production / Dev server | http://IP:3001 | Express serves API + static frontend build |
+| Production | http://71.85.90.6:3001 | Express serves API + static frontend build |
+| Staging | http://71.85.90.9:3100 | Auto-deploy on master push |
 | Local dev (frontend only) | http://localhost:3000 | React dev server with hot-reload, proxies API to :3001 |
+
+## CI/CD Pipeline
+
+### Infrastructure
+
+| Role | Host | Notes |
+|---|---|---|
+| GitLab instance | steam-gitlab.charterlab.com | Self-hosted GitLab |
+| CI Runner (LXC 108) | 71.85.90.8 | Docker executor, Runner #6, project-locked |
+| Staging target | 71.85.90.9 | Auto-deploy on master, port 3100 |
+| Production target | 71.85.90.6 | Manual deploy trigger, port 3001 |
+
+### Executor: Docker
+
+The pipeline uses **Docker executor** on Runner #6. Jobs run in isolated containers:
+
+- **Install / Lint / Test / Build stages**: `node:18` image
+- **Deploy stages**: `alpine:latest` image (installs `openssh-client` and `rsync` at runtime)
+
+Deploy jobs SSH from inside the Alpine container to the target hosts using a base64-encoded `$SSH_PRIVATE_KEY` stored as a GitLab CI/CD variable.
+
+### CI/CD Variables (project-level)
+
+These are set in GitLab → Settings → CI/CD → Variables:
+
+| Variable | Purpose |
+|---|---|
+| `DATABASE_URL` | PostgreSQL connection string for backend integration tests |
+| `SSH_PRIVATE_KEY` | Base64-encoded private key for deploy SSH access |
+| `GITLAB_PAT` | Project access token for issue comments and release creation |
+
+### Pipeline file
+
+The pipeline is defined in `.gitlab-ci.yml` at the project root. Stages: install → lint → test → build → deploy → verify.