chore: clean up and correct SQLDelight guide code snippets, fix swift mislabeling, and remove redundant constructor property

chore: fix broken links in documentation, improve code snippets, and remove unnecessary imports in guides
chore: archive outdated architecture and roadmap documents, normalize documentation structure and metadata
2026-03-15 20:07:46 +01:00 · 2026-03-15 20:05:23 +01:00 · 2026-03-15 20:00:51 +01:00 · 2026-03-15 19:42:33 +01:00 · 2026-03-15 19:16:48 +01:00 · 2026-03-15 19:16:17 +01:00
64 changed files with 472 additions and 418 deletions
--- a/.gitea/workflows/docker-publish.yaml
+++ b/.gitea/workflows/docker-publish.yaml
@ -140,5 +140,5 @@ jobs:
            VERSION=${{ github.sha }}
            GRADLE_VERSION=${{ env.GRADLE_VERSION }}
            JAVA_VERSION=${{ env.JAVA_VERSION }}
-            KEYCLOAK_IMAGE_TAG=26.4
+            KEYCLOAK_IMAGE_TAG=${{ env.KEYCLOAK_IMAGE_TAG }}
            JVM_OPTS_APPEND=${{ env.JVM_OPTS_ARM64 }}
--- a/backend/services/entries/entries-service/build.gradle.kts
+++ b/backend/services/entries/entries-service/build.gradle.kts
@ -15,6 +15,7 @@ dependencies {
  implementation(projects.platform.platformDependencies)
  implementation(projects.backend.services.entries.entriesApi)
  implementation(projects.backend.infrastructure.monitoring.monitoringClient)
  implementation(projects.backend.infrastructure.security)
  // Standard dependencies for a secure microservice (centralized bundle)
  implementation(libs.bundles.spring.boot.secure.service)
--- a/backend/services/entries/entries-service/src/main/kotlin/at/mocode/entries/service/config/SecurityConfiguration.kt
+++ b/backend/services/entries/entries-service/src/main/kotlin/at/mocode/entries/service/config/SecurityConfiguration.kt
@ -1,36 +0,0 @@
 package at.mocode.entries.service.config
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.config.http.SessionCreationPolicy
 import org.springframework.security.web.SecurityFilterChain
 /**
 * Security configuration for the Entries Service.
 * Enables method-level security for fine-grained authorization control.
 */
@Configuration
@EnableWebSecurity
@EnableMethodSecurity(prePostEnabled = true)
 class SecurityConfiguration {
  @Bean
  fun securityFilterChain(http: HttpSecurity): SecurityFilterChain {
    return http
      .csrf { it.disable() }
      .sessionManagement { it.sessionCreationPolicy(SessionCreationPolicy.STATELESS) }
      .authorizeHttpRequests { auth ->
        auth
          // Allow health check endpoints
          .requestMatchers("/actuator/**", "/health/**").permitAll()
          // Allow ping endpoints for monitoring (these are typically public)
          .requestMatchers("/entries/**").permitAll()
          // All other endpoints require authentication (handled by method-level security)
          .anyRequest().authenticated()
      }
      .build()
  }
 }
--- a/backend/services/entries/entries-service/src/main/resources/application.yaml
+++ b/backend/services/entries/entries-service/src/main/resources/application.yaml
@ -1,6 +1,12 @@
 spring:
  application:
    name: entries-service
  security:
    oauth2:
      resourceserver:
        jwt:
          issuer-uri: ${SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_ISSUER_URI:http://localhost:8180/realms/meldestelle}
          jwk-set-uri: ${SPRING_SECURITY_OAUTH2_RESOURCESERVER_JWT_JWK_SET_URI:http://localhost:8180/realms/meldestelle/protocol/openid-connect/certs}
  cloud:
    consul:
      host: ${CONSUL_HOST:localhost}
--- a/backend/services/ping/ping-service/src/main/kotlin/at/mocode/ping/infrastructure/PingProperties.kt
+++ b/backend/services/ping/ping-service/src/main/kotlin/at/mocode/ping/infrastructure/PingProperties.kt
@ -0,0 +1,11 @@
 package at.mocode.ping.infrastructure
 import org.springframework.boot.context.properties.ConfigurationProperties
 import org.springframework.stereotype.Component
@Component
@ConfigurationProperties(prefix = "app")
 data class PingProperties(
    var serviceName: String = "ping-service",
    var serviceNameFallback: String = "ping-service-fallback"
 )
--- a/backend/services/ping/ping-service/src/main/kotlin/at/mocode/ping/infrastructure/web/PingController.kt
+++ b/backend/services/ping/ping-service/src/main/kotlin/at/mocode/ping/infrastructure/web/PingController.kt
@ -2,6 +2,7 @@ package at.mocode.ping.infrastructure.web
 import at.mocode.ping.api.*
 import at.mocode.ping.application.PingUseCase
 import at.mocode.ping.infrastructure.PingProperties
 import io.github.resilience4j.circuitbreaker.annotation.CircuitBreaker
 import org.slf4j.LoggerFactory
 import org.springframework.security.access.prepost.PreAuthorize
@ -18,10 +19,10 @@ import kotlin.uuid.ExperimentalUuidApi
 * Nutzt den Application Port (PingUseCase).
 */
@RestController
 // @CrossOrigin Annotation entfernt. CORS wird zentral im API-Gateway gehandhabt.
@OptIn(ExperimentalUuidApi::class)
 class PingController(
-    private val pingUseCase: PingUseCase
+    private val pingUseCase: PingUseCase,
    private val properties: PingProperties
 ) : PingApi {
    private val logger = LoggerFactory.getLogger(PingController::class.java)
@ -54,7 +55,7 @@ class PingController(
        return EnhancedPingResponse(
            status = "pong",
            timestamp = domainPing.timestamp.atOffset(ZoneOffset.UTC).format(formatter),
-            service = "ping-service",
+            service = properties.serviceName,
            circuitBreakerState = "CLOSED",
            responseTime = elapsedMs
        )
@ -93,7 +94,7 @@ class PingController(
    private fun createResponse(domainPing: at.mocode.ping.domain.Ping, status: String) = PingResponse(
        status = status,
        timestamp = domainPing.timestamp.atOffset(ZoneOffset.UTC).format(formatter),
-        service = "ping-service"
+        service = properties.serviceName
    )
    // Fallback
@ -103,7 +104,7 @@ class PingController(
        return EnhancedPingResponse(
            status = "fallback",
            timestamp = java.time.OffsetDateTime.now().format(formatter),
-            service = "ping-service-fallback",
+            service = properties.serviceNameFallback,
            circuitBreakerState = "OPEN",
            responseTime = 0
        )
@ -114,13 +115,8 @@ class PingController(
        return HealthResponse(
            status = "up",
            timestamp = java.time.OffsetDateTime.now().format(formatter),
-            service = "ping-service",
+            service = properties.serviceName,
            healthy = true
        )
    }
    @GetMapping("/ping/history")
    fun getHistory() = pingUseCase.getPingHistory().map {
        mapOf("id" to it.id.toString(), "message" to it.message, "time" to it.timestamp.toString())
    }
 }
--- a/backend/services/ping/ping-service/src/main/resources/application.yaml
+++ b/backend/services/ping/ping-service/src/main/resources/application.yaml
@ -80,3 +80,10 @@ resilience4j:
    instances:
      pingCircuitBreaker:
        base-config: default
 # ==========================================================================
 # Custom Application Properties
 # ==========================================================================
 app:
  service-name: ${spring.application.name}
  service-name-fallback: "${spring.application.name}-fallback"
--- a/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/application/PingServiceTest.kt
+++ b/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/application/PingServiceTest.kt
@ -0,0 +1,141 @@
 package at.mocode.ping.application
 import at.mocode.ping.domain.Ping
 import at.mocode.ping.domain.PingRepository
 import io.mockk.every
 import io.mockk.mockk
 import io.mockk.verify
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.BeforeEach
 import org.junit.jupiter.api.Test
 import java.time.Instant
 import kotlin.uuid.ExperimentalUuidApi
 import kotlin.uuid.Uuid
 /**
 * Unit-Tests für den PingService (Application Layer).
 * Testet alle Use-Case-Methoden isoliert mit MockK.
 */
@OptIn(ExperimentalUuidApi::class)
 class PingServiceTest {
    private val repository: PingRepository = mockk()
    private lateinit var service: PingService
    @BeforeEach
    fun setUp() {
        service = PingService(repository)
    }
    @Test
    fun `executePing should persist and return ping with given message`() {
        // Given
        every { repository.save(any()) } answers { firstArg() }
        // When
        val result = service.executePing("Hello")
        // Then
        assertThat(result.message).isEqualTo("Hello")
        verify { repository.save(any()) }
    }
    @Test
    fun `executePing should generate a new UUID for each ping`() {
        // Given
        every { repository.save(any()) } answers { firstArg() }
        // When
        val result1 = service.executePing("Ping 1")
        val result2 = service.executePing("Ping 2")
        // Then
        assertThat(result1.id).isNotEqualTo(result2.id)
    }
    @Test
    fun `getPingHistory should delegate to repository and return all pings`() {
        // Given
        val pings = listOf(
            Ping(message = "Ping A"),
            Ping(message = "Ping B")
        )
        every { repository.findAll() } returns pings
        // When
        val result = service.getPingHistory()
        // Then
        assertThat(result).hasSize(2)
        assertThat(result.map { it.message }).containsExactly("Ping A", "Ping B")
        verify { repository.findAll() }
    }
    @Test
    fun `getPingHistory should return empty list when no pings exist`() {
        // Given
        every { repository.findAll() } returns emptyList()
        // When
        val result = service.getPingHistory()
        // Then
        assertThat(result).isEmpty()
    }
    @Test
    fun `getPing should return ping by id`() {
        // Given
        val id = Uuid.generateV7()
        val ping = Ping(id = id, message = "Find me")
        every { repository.findById(id) } returns ping
        // When
        val result = service.getPing(id)
        // Then
        assertThat(result).isEqualTo(ping)
        verify { repository.findById(id) }
    }
    @Test
    fun `getPing should return null when ping not found`() {
        // Given
        val id = Uuid.generateV7()
        every { repository.findById(id) } returns null
        // When
        val result = service.getPing(id)
        // Then
        assertThat(result).isNull()
    }
    @Test
    fun `getPingsSince should return pings after given timestamp`() {
        // Given
        val timestamp = Instant.parse("2024-01-01T00:00:00Z").toEpochMilli()
        val ping = Ping(message = "Recent Ping", timestamp = Instant.parse("2024-06-01T00:00:00Z"))
        every { repository.findByTimestampAfter(any()) } returns listOf(ping)
        // When
        val result = service.getPingsSince(timestamp)
        // Then
        assertThat(result).hasSize(1)
        assertThat(result[0].message).isEqualTo("Recent Ping")
        verify { repository.findByTimestampAfter(Instant.ofEpochMilli(timestamp)) }
    }
    @Test
    fun `getPingsSince should return empty list when no pings after timestamp`() {
        // Given
        every { repository.findByTimestampAfter(any()) } returns emptyList()
        // When
        val result = service.getPingsSince(System.currentTimeMillis())
        // Then
        assertThat(result).isEmpty()
    }
 }
--- a/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/infrastructure/web/PingControllerTest.kt
+++ b/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/infrastructure/web/PingControllerTest.kt
@ -1,11 +1,12 @@
-package at.mocode.ping.service
+package at.mocode.ping.infrastructure.web
 import at.mocode.ping.application.PingUseCase
 import at.mocode.ping.domain.Ping
 import at.mocode.ping.infrastructure.PingProperties
 import at.mocode.ping.infrastructure.persistence.PingRepositoryAdapter
 import at.mocode.ping.infrastructure.web.PingController
 import at.mocode.ping.test.TestPingServiceApplication
 import com.fasterxml.jackson.databind.ObjectMapper
 import io.mockk.clearMocks
 import io.mockk.every
 import io.mockk.mockk
 import io.mockk.verify
@ -32,8 +33,8 @@ import java.time.Instant
 import kotlin.uuid.ExperimentalUuidApi
 /**
- * Unit tests for PingController
+ * Unit-Test für den PingController (Web Layer).
- * Tests REST endpoints with mocked dependencies
+ * Nutzt @WebMvcTest für einen isolierten MVC-Slice ohne echte Services oder DB.
 */
@WebMvcTest(
    controllers = [PingController::class],
@ -42,7 +43,7 @@ import kotlin.uuid.ExperimentalUuidApi
@ContextConfiguration(classes = [TestPingServiceApplication::class])
@ActiveProfiles("test")
@Import(PingControllerTest.PingControllerTestConfig::class)
-@AutoConfigureMockMvc(addFilters = false) // Disable security filters for unit tests
+@AutoConfigureMockMvc(addFilters = false)
@OptIn(ExperimentalUuidApi::class)
 class PingControllerTest {
@ -53,6 +54,9 @@ class PingControllerTest {
    @Qualifier("pingUseCaseMock")
    private lateinit var pingUseCase: PingUseCase
    @Autowired
    private lateinit var properties: PingProperties
    @Autowired
    private lateinit var objectMapper: ObjectMapper
@ -65,12 +69,17 @@ class PingControllerTest {
        @Bean
        @Primary
        fun pingRepositoryAdapter(): PingRepositoryAdapter = mockk(relaxed = true)
        @Bean
        @Primary
        fun pingProperties(): PingProperties = mockk(relaxed = true)
    }
    @BeforeEach
    fun setUp() {
-        // Reset mocks before each test
+        clearMocks(pingUseCase, properties)
-        io.mockk.clearMocks(pingUseCase)
+        every { properties.serviceName } returns "ping-service"
        every { properties.serviceNameFallback } returns "ping-service-fallback"
    }
    @Test
@ -81,7 +90,7 @@ class PingControllerTest {
            timestamp = Instant.parse("2023-10-01T10:00:00Z")
        )
-        // When & Then
+        // When
        val mvcResult: MvcResult = mockMvc.perform(get("/ping/simple"))
            .andExpect(request().asyncStarted())
            .andReturn()
@ -90,12 +99,10 @@ class PingControllerTest {
            .andExpect(status().isOk)
            .andReturn()
-        val body = result.response.contentAsString
+        // Then
-        val json = objectMapper.readTree(body)
+        val json = objectMapper.readTree(result.response.contentAsString)
        assertThat(json.has("status")).isTrue
        assertThat(json["status"].asText()).isEqualTo("pong")
-        assertThat(json["service"].asText()).isEqualTo("ping-service")
+        assertThat(json["service"].asText()).isEqualTo(properties.serviceName)
        verify { pingUseCase.executePing("Simple Ping") }
    }
@ -107,7 +114,7 @@ class PingControllerTest {
            timestamp = Instant.parse("2023-10-01T10:00:00Z")
        )
-        // When & Then
+        // When
        val mvcResult: MvcResult = mockMvc.perform(get("/ping/enhanced"))
            .andExpect(request().asyncStarted())
            .andReturn()
@ -116,18 +123,16 @@ class PingControllerTest {
            .andExpect(status().isOk)
            .andReturn()
-        val body = result.response.contentAsString
+        // Then
-        val json = objectMapper.readTree(body)
+        val json = objectMapper.readTree(result.response.contentAsString)
        assertThat(json.has("status")).isTrue
        assertThat(json["status"].asText()).isEqualTo("pong")
-        assertThat(json["service"].asText()).isEqualTo("ping-service")
+        assertThat(json["service"].asText()).isEqualTo(properties.serviceName)
        verify { pingUseCase.executePing("Enhanced Ping") }
    }
    @Test
-    fun `should return health check response`() {
+    fun `should return health check response with status up`() {
-        // When & Then
+        // When
        val mvcResult: MvcResult = mockMvc.perform(get("/ping/health"))
            .andExpect(request().asyncStarted())
            .andReturn()
@ -136,17 +141,16 @@ class PingControllerTest {
            .andExpect(status().isOk)
            .andReturn()
-        val body = result.response.contentAsString
+        // Then
-        val json = objectMapper.readTree(body)
+        val json = objectMapper.readTree(result.response.contentAsString)
        assertThat(json.has("status")).isTrue
        assertThat(json["status"].asText()).isEqualTo("up")
-        assertThat(json["service"].asText()).isEqualTo("ping-service")
+        assertThat(json["service"].asText()).isEqualTo(properties.serviceName)
    }
    @Test
-    fun `should return sync pings`() {
+    fun `should return sync pings as list`() {
        // Given
-        val timestamp = 1696154400000L // 2023-10-01T10:00:00Z
+        val timestamp = 1696154400000L
        every { pingUseCase.getPingsSince(timestamp) } returns listOf(
            Ping(
                message = "Sync Ping",
@ -154,8 +158,7 @@ class PingControllerTest {
            )
        )
-        // When & Then
+        // When
        // Changed parameter name to 'since' to match the controller update
        val mvcResult: MvcResult = mockMvc.perform(get("/ping/sync").param("since", timestamp.toString()))
            .andExpect(request().asyncStarted())
            .andReturn()
@ -164,13 +167,33 @@ class PingControllerTest {
            .andExpect(status().isOk)
            .andReturn()
-        val body = result.response.contentAsString
+        // Then
-        val json = objectMapper.readTree(body)
+        val json = objectMapper.readTree(result.response.contentAsString)
        assertThat(json.isArray).isTrue
        assertThat(json.size()).isEqualTo(1)
        assertThat(json[0]["message"].asText()).isEqualTo("Sync Ping")
        assertThat(json[0]["lastModified"].asLong()).isEqualTo(timestamp + 1000)
        verify { pingUseCase.getPingsSince(timestamp) }
    }
    @Test
    fun `should return empty list when no pings since timestamp`() {
        // Given
        val timestamp = System.currentTimeMillis()
        every { pingUseCase.getPingsSince(timestamp) } returns emptyList()
        // When
        val mvcResult: MvcResult = mockMvc.perform(get("/ping/sync").param("since", timestamp.toString()))
            .andExpect(request().asyncStarted())
            .andReturn()
        val result = mockMvc.perform(asyncDispatch(mvcResult))
            .andExpect(status().isOk)
            .andReturn()
        // Then
        val json = objectMapper.readTree(result.response.contentAsString)
        assertThat(json.isArray).isTrue
        assertThat(json.size()).isEqualTo(0)
    }
 }
--- a/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/service/PingControllerIntegrationTest.kt
+++ b/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/service/PingControllerIntegrationTest.kt
@ -1,74 +0,0 @@
 package at.mocode.ping.service
 import at.mocode.ping.application.PingUseCase
 import at.mocode.ping.domain.Ping
 import at.mocode.ping.infrastructure.persistence.PingRepositoryAdapter
 import at.mocode.ping.infrastructure.web.PingController
 import at.mocode.ping.test.TestPingServiceApplication
 import io.mockk.every
 import io.mockk.mockk
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.Test
 import org.springframework.beans.factory.annotation.Autowired
 import org.springframework.beans.factory.annotation.Qualifier
 import org.springframework.boot.test.autoconfigure.web.servlet.WebMvcTest
 import org.springframework.boot.test.context.TestConfiguration
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Import
 import org.springframework.context.annotation.Primary
 import org.springframework.test.context.ActiveProfiles
 import org.springframework.test.context.ContextConfiguration
 import org.springframework.test.web.servlet.MockMvc
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get
 import org.springframework.test.web.servlet.result.MockMvcResultMatchers.status
 import java.time.Instant
 import kotlin.uuid.ExperimentalUuidApi
 /**
 * Lightweight Spring MVC integration test (no full application context / datasource).
 */
@WebMvcTest(
  controllers = [PingController::class],
  properties = ["spring.aop.proxy-target-class=true"]
 )
@ContextConfiguration(classes = [TestPingServiceApplication::class])
@ActiveProfiles("test")
@Import(PingControllerIntegrationTest.PingControllerIntegrationTestConfig::class)
@OptIn(ExperimentalUuidApi::class)
 class PingControllerIntegrationTest {
    @Autowired
    private lateinit var mockMvc: MockMvc
    @Autowired
    @Qualifier("pingUseCaseIntegrationMock")
    private lateinit var pingUseCase: PingUseCase
    @TestConfiguration
    class PingControllerIntegrationTestConfig {
        @Bean("pingUseCaseIntegrationMock")
        @Primary
        fun pingUseCase(): PingUseCase = mockk(relaxed = true)
        @Bean
        @Primary
        fun pingRepositoryAdapter(): PingRepositoryAdapter = mockk(relaxed = true)
    }
    @Test
    fun `should start MVC slice and serve endpoints`() {
        // Just verify the MVC wiring starts and endpoints respond 200
        mockMvc.perform(get("/ping/health")).andExpect(status().isOk)
        // For endpoints that require the use-case, the relaxed mock is sufficient,
        // but we still provide deterministic ping data.
        every { pingUseCase.executePing(any()) } returns Ping(
            message = "Simple Ping",
            timestamp = Instant.parse("2023-10-01T10:00:00Z")
        )
        // Note: we don't assert the full JSON here (covered by PingControllerTest)
        val result = mockMvc.perform(get("/ping/simple")).andReturn()
        assertThat(result.response.status).isEqualTo(200)
    }
 }
--- a/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/service/PingServiceCircuitBreakerTest.kt
+++ b/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/service/PingServiceCircuitBreakerTest.kt
@ -1,56 +0,0 @@
 package at.mocode.ping.service
 import at.mocode.ping.application.PingService
 import at.mocode.ping.domain.Ping
 import at.mocode.ping.domain.PingRepository
 import io.mockk.every
 import io.mockk.mockk
 import io.mockk.verify
 import org.assertj.core.api.Assertions.assertThat
 import org.junit.jupiter.api.Test
 import kotlin.uuid.ExperimentalUuidApi
 import kotlin.uuid.Uuid
 /**
 * Unit tests for the actual application service (`PingService`).
 *
 * The previous `PingServiceCircuitBreakerTest` referenced an outdated component.
 */
@OptIn(ExperimentalUuidApi::class)
 class PingServiceCircuitBreakerTest {
  private val repository: PingRepository = mockk()
  private val service = PingService(repository)
  @Test
  fun `executePing should persist and return ping`() {
    every { repository.save(any()) } answers { firstArg() }
    val result = service.executePing("Hello")
    assertThat(result.message).isEqualTo("Hello")
    verify { repository.save(any()) }
  }
  @Test
  fun `getPingHistory should delegate to repository`() {
    every { repository.findAll() } returns emptyList()
    val result = service.getPingHistory()
    assertThat(result).isEmpty()
    verify { repository.findAll() }
  }
  @Test
  fun `getPing should delegate to repository`() {
    val id = Uuid.generateV7()
    val ping = Ping(id = id, message = "Hi")
    every { repository.findById(id) } returns ping
    val result = service.getPing(id)
    assertThat(result).isEqualTo(ping)
    verify { repository.findById(id) }
  }
 }
--- a/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/test/TestPingServiceApplication.kt
+++ b/backend/services/ping/ping-service/src/test/kotlin/at/mocode/ping/test/TestPingServiceApplication.kt
@ -1,5 +1,6 @@
 package at.mocode.ping.test
 import at.mocode.ping.infrastructure.PingProperties
 import at.mocode.ping.infrastructure.web.PingController
 import org.springframework.boot.autoconfigure.SpringBootApplication
 import org.springframework.context.annotation.ComponentScan
@ -21,6 +22,6 @@ import org.springframework.context.annotation.Import
@ComponentScan(
    basePackages = ["at.mocode.infrastructure.security"]
 )
-@Import(PingController::class)
+@Import(PingController::class, PingProperties::class)
@EnableAspectJAutoProxy(proxyTargetClass = true) // Erzwingt CGLIB Proxies für Controller
 class TestPingServiceApplication
--- a/dc-backend.yaml
+++ b/dc-backend.yaml
@ -19,7 +19,7 @@ services:
    labels:
      - "org.opencontainers.image.created=${DOCKER_BUILD_DATE}"
    container_name: "${PROJECT_NAME:-meldestelle}-gateway"
-    restart: no
+    restart: unless-stopped
    ports:
      - "${GATEWAY_PORT:-8081:8081}"
      - "${GATEWAY_DEBUG_PORT:-5005:5005}"
@ -94,7 +94,7 @@ services:
    labels:
      - "org.opencontainers.image.created=${DOCKER_BUILD_DATE}"
    container_name: "${PROJECT_NAME:-meldestelle}-ping-service"
-    restart: no
+    restart: unless-stopped
    ports:
      - "${PING_PORT:-8082:8082}"
      - "${PING_DEBUG_PORT:-5006:5006}"
--- a/docs/01_Architecture/02_Frontend_Architecture.md
+++ b/docs/01_Architecture/02_Frontend_Architecture.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: Lead Architect
 last_update: 2026-03-15
 ---
 # Frontend-Architektur & Modularisierungsstrategie
--- a/docs/01_Architecture/_archive/2026-03-15_ARCHITECTURE.md
+++ b/docs/01_Architecture/_archive/2026-03-15_ARCHITECTURE.md
@ -1,7 +1,8 @@
 ---
 type: Reference
-status: ACTIVE
+status: ARCHIVED
 owner: Lead Architect
 last_update: 2026-03-15
 ---
 # Repository-Architektur (MP-22)
--- a/docs/01_Architecture/_archive/2026-03-15_MASTER_ROADMAP_2026_Q1.md
+++ b/docs/01_Architecture/_archive/2026-03-15_MASTER_ROADMAP_2026_Q1.md
@ -1,8 +1,8 @@
 ---
 type: Roadmap
-status: ACTIVE
+status: ARCHIVED
 owner: Lead Architect
-last_update: 2026-03-09 (Ping Service Tracer Bullet abgeschlossen)
+last_update: 2026-03-15
 ---
 # MASTER ROADMAP Q1 2026: "Operation Tracer Bullet"
--- a/docs/02_Guides/CodingGuidelines/kdoc-style.md
+++ b/docs/02_Guides/CodingGuidelines/kdoc-style.md
@ -3,6 +3,7 @@ type: Guide
 status: ACTIVE
 owner: Lead Architect
 tags: [coding-style, kdoc, documentation]
 last_update: 2026-03-15
 ---
 # KDoc-Styleguide (Kurzfassung)
--- a/docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md
+++ b/docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md
@ -2,6 +2,7 @@
 type: Guide
 status: ACTIVE
 owner: Frontend Expert
 last_update: 2026-03-15
 ---
 # SQLDelight-Integration in Compose Multiplatform
@ -137,10 +138,6 @@ FROM User;
 In `shared/src/commonMain/kotlin/database/DatabaseDriverFactory.kt`:
 ```kotlin
 package com.example.database
 import app.cash.sqldelight.db.SqlDriver
 expect class DatabaseDriverFactory {
  fun createDriver(): SqlDriver
 }
@ -153,12 +150,6 @@ expect class DatabaseDriverFactory {
 `shared/src/androidMain/kotlin/database/DatabaseDriverFactory.android.kt`:
 ```kotlin
 package com.example.database
 import android.content.Context
 import app.cash.sqldelight.db.SqlDriver
 import app.cash.sqldelight.driver.android.AndroidSqliteDriver
 actual class DatabaseDriverFactory(private val context: Context) {
  actual fun createDriver(): SqlDriver {
    return AndroidSqliteDriver(
@ -175,11 +166,6 @@ actual class DatabaseDriverFactory(private val context: Context) {
 `shared/src/iosMain/kotlin/database/DatabaseDriverFactory.ios.kt`:
 ```kotlin
 package com.example.database
 import app.cash.sqldelight.db.SqlDriver
 import app.cash.sqldelight.driver.native.NativeSqliteDriver
 actual class DatabaseDriverFactory {
  actual fun createDriver(): SqlDriver {
    return NativeSqliteDriver(
@ -196,11 +182,6 @@ actual class DatabaseDriverFactory {
 `shared/src/desktopMain/kotlin/database/DatabaseDriverFactory.desktop.kt`:
 ```kotlin
 package com.example.database
 import app.cash.sqldelight.db.SqlDriver
 import app.cash.sqldelight.driver.jdbc.sqlite.JdbcSqliteDriver
 actual class DatabaseDriverFactory {
  actual fun createDriver(): SqlDriver {
    val driver = JdbcSqliteDriver(JdbcSqliteDriver.IN_MEMORY)
@ -216,15 +197,7 @@ actual class DatabaseDriverFactory {
 In `shared/src/commonMain/kotlin/repository/UserRepository.kt`:
 ```kotlin
-package com.example.repository
+class UserRepository(database: AppDatabase) {
 import com.example.database.AppDatabase
 import com.example.database.User
 import kotlinx.coroutines.Dispatchers
 import kotlinx.coroutines.IO
 import kotlinx.coroutines.withContext
 class UserRepository(private val database: AppDatabase) {
  private val queries = database.userQueries
@ -260,13 +233,6 @@ class UserRepository(private val database: AppDatabase) {
 In `shared/src/commonMain/kotlin/di/DatabaseModule.kt`:
 ```kotlin
 package com.example.di
 import com.example.database.AppDatabase
 import com.example.database.DatabaseDriverFactory
 import com.example.repository.UserRepository
 import org.koin.dsl.module
 val databaseModule = module {
  single { DatabaseDriverFactory() }
  single { AppDatabase(get<DatabaseDriverFactory>().createDriver()) }
@ -282,12 +248,6 @@ val databaseModule = module {
 `shared/src/androidMain/kotlin/di/PlatformModule.android.kt`:
 ```kotlin
 package com.example.di
 import com.example.database.DatabaseDriverFactory
 import org.koin.android.ext.koin.androidContext
 import org.koin.dsl.module
 actual val platformModule = module {
  single { DatabaseDriverFactory(androidContext()) }
 }
@ -299,11 +259,6 @@ actual val platformModule = module {
 `shared/src/iosMain/kotlin/di/PlatformModule.ios.kt`:
 ```kotlin
 package com.example.di
 import com.example.database.DatabaseDriverFactory
 import org.koin.dsl.module
 actual val platformModule = module {
  single { DatabaseDriverFactory() }
 }
@ -315,11 +270,6 @@ actual val platformModule = module {
 `shared/src/desktopMain/kotlin/di/PlatformModule.desktop.kt`:
 ```kotlin
 package com.example.di
 import com.example.database.DatabaseDriverFactory
 import org.koin.dsl.module
 actual val platformModule = module {
  single { DatabaseDriverFactory() }
 }
@ -331,10 +281,6 @@ actual val platformModule = module {
 `shared/src/commonMain/kotlin/di/PlatformModule.kt`:
 ```kotlin
 package com.example.di
 import org.koin.core.module.Module
 expect val platformModule: Module
 ```
@ -344,11 +290,6 @@ expect val platformModule: Module
 In `shared/src/commonMain/kotlin/di/KoinInit.kt`:
 ```kotlin
 package com.example.di
 import org.koin.core.context.startKoin
 import org.koin.dsl.KoinAppDeclaration
 fun initKoin(appDeclaration: KoinAppDeclaration = {}) = startKoin {
  appDeclaration()
  modules(
@ -386,10 +327,7 @@ class MainActivity : ComponentActivity() {
 In `iosApp/iosApp/iOSApp.swift`:
-```kotlin
+```swift
 import SwiftUI
 import shared
@main
 struct iOSApp : App {
@ -430,17 +368,6 @@ fun main() {
 In `shared/src/commonMain/kotlin/viewmodel/UserViewModel.kt`:
 ```kotlin
 package com.example.viewmodel
 import androidx.compose.runtime.mutableStateOf
 import androidx.compose.runtime.getValue
 import androidx.compose.runtime.setValue
 import androidx.lifecycle.ViewModel
 import androidx.lifecycle.viewModelScope
 import com.example.database.User
 import com.example.repository.UserRepository
 import kotlinx.coroutines.launch
 class UserViewModel(private val userRepository: UserRepository) : ViewModel() {
  var users by mutableStateOf<List<User>>(emptyList())
--- a/docs/02_Guides/SQLDelight_Web_Asynchron.md
+++ b/docs/02_Guides/SQLDelight_Web_Asynchron.md
@ -2,6 +2,7 @@
 type: Guide
 status: ACTIVE
 owner: Frontend Expert
 last_update: 2026-03-15
 ---
 # Architekturstrategien für Asynchrone Persistenz in Kotlin Multiplatform: Eine umfassende Analyse zur Integration von SQLDelight in Web-Umgebungen
@ -38,8 +39,6 @@ Anstatt die Datenbank direkt beim App-Start zu initialisieren (was im Web blocki
 **Datei:** `shared/src/commonMain/kotlin/.../DatabaseDriverFactory.kt`
 ```kotlin
 import app.cash.sqldelight.db.SqlDriver
 interface DatabaseDriverFactory {
    suspend fun createDriver(): SqlDriver
 }
@ -53,9 +52,6 @@ Diese Komponente löst das Problem des Nutzers, indem sie die Initialisierung bi
 **Datei:** `shared/src/commonMain/kotlin/.../DatabaseWrapper.kt`
 ```kotlin
 import kotlinx.coroutines.sync.Mutex
 import kotlinx.coroutines.sync.withLock
 class DatabaseWrapper(private val driverFactory: DatabaseDriverFactory) {
    private var _database: AppDatabase? = null
    private val mutex = Mutex()
@ -86,9 +82,6 @@ Hier liegt der Kern der Lösung: Wir warten explizit auf die Schema-Erstellung (
 **Datei:** `shared/src/jsMain/kotlin/.../WebDatabaseDriverFactory.kt`
 ```kotlin
 import app.cash.sqldelight.driver.worker.WebWorkerDriver
 import org.w3c.dom.Worker
 class WebDatabaseDriverFactory : DatabaseDriverFactory {
    override suspend fun createDriver(): SqlDriver {
        val worker = Worker(
--- a/docs/03_Domain/00_Glossary.md
+++ b/docs/03_Domain/00_Glossary.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: Lead Architect
 last_update: 2026-03-15
 ---
 # Glossar der Domäne "Meldestelle"
--- a/docs/05_Backend/Guides/Database_Best_Practices.md
+++ b/docs/05_Backend/Guides/Database_Best_Practices.md
@ -3,6 +3,7 @@ type: Guide
 status: DRAFT
 owner: Backend Developer
 date: 2026-02-02
 last_update: 2026-03-15
 ---
 # Database Best Practices & Exposed 1.0.0
@ -26,7 +27,7 @@ Nutze immer `transactionResult` (oder die Aliase `readTransaction` / `writeTrans
 fun findUser(id: UUID): Result<User> = readTransaction {
    // 'this' ist hier eine JdbcTransaction
    UserTable.select { UserTable.id eq id }
-        .map { ... }
+        .map { /* row -> User(...) */ }
        .singleOrNull()
 }
 ```
@ -39,7 +40,7 @@ Vermeide rohes SQL, wo immer möglich. Wenn es sein muss (z.B. für Performance-
 *   **`exec`:** Nutze immer `explicitStatementType`.
    ```kotlin
-    this.exec("SELECT 1", explicitStatementType = StatementType.SELECT) { rs -> ... }
+    this.exec("SELECT 1", explicitStatementType = StatementType.SELECT) { rs -> /* handle ResultSet */ }
    ```
 *   **`executeUpdate`:** Nutze die Helper-Methode `DatabaseUtils.executeUpdate`, da sie sich um das korrekte Schließen von Statements kümmert (Exposed `PreparedStatementApi` ist nicht `AutoCloseable`).
--- a/docs/05_Backend/Guides/Testing_with_Postman.md
+++ b/docs/05_Backend/Guides/Testing_with_Postman.md
@ -3,6 +3,7 @@ type: Guide
 status: ACTIVE
 owner: Backend Developer
 tags: [testing, postman, backend, api]
 last_update: 2026-03-15
 ---
 # 🧪 Testanleitung: Ping-Service & Gateway mit Postman
--- a/docs/05_Backend/README.md
+++ b/docs/05_Backend/README.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: Backend Developer
 last_update: 2026-03-15
 ---
 # Backend Dokumentation
@ -14,5 +15,5 @@ Dieses Verzeichnis enthält die spezifische Dokumentation für alle Backend-Komp
 ## Wichtige Einstiegspunkte
-*   **[Ping-Service](./Services/ping-service.md):** Dient als technischer Blueprint und einfachstes Beispiel für einen Service.
+*   **[Ping-Service](./Services/PingService_Reference.md):** Dient als technischer Blueprint und einfachstes Beispiel für einen Service.
 *   **[API-Gateway](../07_Infrastructure/api-gateway.md):** Beschreibung des zentralen Einstiegspunkts für alle externen Anfragen.
--- a/docs/05_Backend/Services/PingService_Reference.md
+++ b/docs/05_Backend/Services/PingService_Reference.md
@ -3,6 +3,7 @@ type: Reference
 status: ACTIVE
 owner: Backend Developer
 tags: [backend, service, reference, ping]
 last_update: 2026-03-15
 ---
 # 🎯 Ping Service Reference
--- a/docs/05_Backend/_archive/2026-03-15_TASK_2026_Q1_Infrastructure_Hardening.md
+++ b/docs/05_Backend/_archive/2026-03-15_TASK_2026_Q1_Infrastructure_Hardening.md
@ -1,6 +1,6 @@
 ---
 type: Task
-status: DONE
+status: ARCHIVED
 owner: Senior Backend Developer
 created: 2026-01-15
 completed: 2026-01-16
@ -10,7 +10,7 @@ context: Operation Tracer Bullet (Phase 1)
 # Arbeitsanweisung: Infrastructure Hardening & Security Implementation
-**Ziel:** Finalisierung der Backend-Infrastruktur-Module und Härtung des `ping-service` gemäß [ADR 001](../01_Architecture/adr/001-backend-infrastructure-decisions.md).
+**Ziel:** Finalisierung der Backend-Infrastruktur-Module und Härtung des `ping-service` gemäß [ADR 001](../../01_Architecture/adr/001-backend-infrastructure-decisions.md).
 ---
@ -76,5 +76,5 @@ Mache den Service "Production Ready."
 ---
 **Referenzen:**
-*   [ADR 001: Backend Infrastructure Decisions](../01_Architecture/adr/001-backend-infrastructure-decisions.md)
+*   [ADR 001: Backend Infrastructure Decisions](../../01_Architecture/adr/001-backend-infrastructure-decisions.md)
-*   [Master Roadmap Q1 2026](../01_Architecture/MASTER_ROADMAP_2026_Q1.md)
+*   [Master Roadmap Q1 2026](../../01_Architecture/_archive/2026-03-15_MASTER_ROADMAP_2026_Q1.md)
--- a/docs/06_Frontend/offline-first-architecture.md
+++ b/docs/06_Frontend/offline-first-architecture.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: Frontend Expert
 last_update: 2026-03-15
 ---
 # Offline-First-Architektur
--- a/docs/06_Frontend/web-setup.md
+++ b/docs/06_Frontend/web-setup.md
@ -2,6 +2,7 @@
 type: Guide
 status: ACTIVE
 owner: Frontend Expert
 last_update: 2026-03-15
 ---
 # Web-Setup (Webpack & Worker)
--- a/docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md
+++ b/docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 #  Heimnetzwerk
--- a/docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md
+++ b/docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 # Konfigurations-Matrix
--- a/docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md
+++ b/docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 ## 🛡️ Pangolin vs. Cloudflare Tunnel
--- a/docs/07_Infrastructure/Reference/ports-and-urls.md
+++ b/docs/07_Infrastructure/Reference/ports-and-urls.md
@ -5,6 +5,7 @@ status: ACTIVE
 review_cycle: 180d
 last_reviewed: 2025-10-31
 summary: "Übersicht der wichtigsten lokalen URLs und Ports. Quelle: docker-compose.yaml + config/env"
 last_update: 2026-03-15
 ---
 # Referenz: Wichtige URLs und Ports (lokal)
--- a/docs/07_Infrastructure/Reference/zipkin.md
+++ b/docs/07_Infrastructure/Reference/zipkin.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 # Zipkin Tracing
--- a/docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md
+++ b/docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 # Roadmap: Zora Infrastructure & Deployment (Februar 2026)
--- a/docs/07_Infrastructure/Zora_System_Architektur.md
+++ b/docs/07_Infrastructure/Zora_System_Architektur.md
@ -2,6 +2,7 @@
 type: Reference
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 ## 🏗️ System-Architektur "Zora" (ARM64)
--- a/docs/07_Infrastructure/guides/jwt-in-docker.md
+++ b/docs/07_Infrastructure/guides/jwt-in-docker.md
@ -3,6 +3,7 @@ type: Guide
 status: ACTIVE
 owner: DevOps Engineer
 tags: [jwt, oidc, keycloak, docker, networking, security]
 last_update: 2026-03-15
 ---
 # Leitfaden: JWT-Validierung in der Docker-Umgebung
--- a/docs/07_Infrastructure/runbooks/local-development.md
+++ b/docs/07_Infrastructure/runbooks/local-development.md
@ -2,6 +2,7 @@
 type: Guide
 status: ACTIVE
 owner: DevOps Engineer
 last_update: 2026-03-15
 ---
 # Runbook: Lokale Entwicklungsumgebung
--- a/docs/99_Journal/2026-01-30_Refactoring_Exposed_Ktor.md
+++ b/docs/99_Journal/2026-01-30_Refactoring_Exposed_Ktor.md
@ -1,10 +1,11 @@
 ---
 type: Journal
-status: COMPLETED
+status: ACTIVE
 owner: Lead Architect
 date: 2026-01-30
 participants:
  - Lead Architect
 last_update: 2026-01-30
 ---
 # Session Log: 30. Jänner 2026 - Refactoring Exposed & Ktor
--- a/docs/99_Journal/2026-01-31_Session_Log_E2E_Smoke_Migration.md
+++ b/docs/99_Journal/2026-01-31_Session_Log_E2E_Smoke_Migration.md
@ -1,11 +1,12 @@
 ---
 type: Journal
-status: COMPLETED
+status: ACTIVE
 owner: Curator
 date: 2026-01-31
 participants:
  - Lead Architect
  - DevOps Engineer
 last_update: 2026-01-31
 ---
 # Session Log: 31. Jänner 2026 – E2E Smoke (Exposed 1.0.0, Ktor 3.4.0)
--- a/docs/99_Journal/2026-02-03_Session_Log_Docker_Build_Issues.md
+++ b/docs/99_Journal/2026-02-03_Session_Log_Docker_Build_Issues.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-02-03
 ---
 # Session Log: Diagnose Docker Build Issues (IsolatedKotlinClasspathClassCastException)
 **Datum:** 03.02.2026
--- a/docs/99_Journal/2026-02-03_Session_Log_Gradle_Optimization.md
+++ b/docs/99_Journal/2026-02-03_Session_Log_Gradle_Optimization.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-02-03
 ---
 # 🧹 Session Log: Gradle Build-Optimierung & Refactoring
 **Datum:** 03.02.2026
--- a/docs/99_Journal/2026-02-04_Infrastructure_Setup_Plan.md
+++ b/docs/99_Journal/2026-02-04_Infrastructure_Setup_Plan.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-02-04
 ---
 # 🏗️ Journal: Infrastructure Setup & CI/CD Planning
 **Datum:** 04.02.2026
--- a/docs/99_Journal/2026-02-04_Ping_Service_Verification.md
+++ b/docs/99_Journal/2026-02-04_Ping_Service_Verification.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-02-04
 ---
 # 🏗️ Journal: Ping Service Verification
 **Datum:** 04.02.2026
--- a/docs/99_Journal/2026-02-06_Infrastructure_Planning.md
+++ b/docs/99_Journal/2026-02-06_Infrastructure_Planning.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-02-06
 ---
 # Session Log: Infrastructure Planning & Reporting Requirements
 **Datum:** 06.02.2026
--- a/docs/99_Journal/2026-02-13.md
+++ b/docs/99_Journal/2026-02-13.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-02-13
 ---
 # Journal - 2026-02-13
 ## 📝 Zusammenfassung
--- a/docs/99_Journal/2026-03-06_Session_Log_DevOps_und_AI_Stack.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_DevOps_und_AI_Stack.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-06
 ---
 # Journal - 2026-03-06 (Session 2)
 ## 📝 Zusammenfassung
--- a/docs/99_Journal/2026-03-06_Session_Log_Immich_Pangolin_Config.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Immich_Pangolin_Config.md
@ -4,6 +4,7 @@ status: ACTIVE
 owner: Curator
 date: 2026-03-06
 session: Immich & Pangolin — Konfiguration dokumentiert
 last_update: 2026-03-06
 ---
 # Session Log — 2026-03-06: Immich & Pangolin Konfiguration
--- a/docs/99_Journal/2026-03-06_Session_Log_Keycloak_Fix.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Keycloak_Fix.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-06
 ---
 # Journal - 2026-03-06
 ## 📝 Zusammenfassung
--- a/docs/99_Journal/2026-03-06_Session_Log_Pipeline_502_Fix.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Pipeline_502_Fix.md
@ -1,8 +1,9 @@
 ---
-type: JOURNAL
+type: Journal
-status: DONE
+status: ACTIVE
 owner: DevOps
 date: 2026-03-06
 last_update: 2026-03-06
 ---
 # Session Log — Pipeline 502 Bad Gateway Fix
--- a/docs/99_Journal/2026-03-06_Session_Log_Pipeline_Fix_v2.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Pipeline_Fix_v2.md
@ -1,8 +1,9 @@
 ---
-type: journal
+type: Journal
 status: ACTIVE
 owner: Lead Architect
 date: 2026-03-06
 last_update: 2026-03-06
 ---
 # Session Log — Pipeline Fix v2: connection refused Port 443
--- a/docs/99_Journal/2026-03-06_Session_Log_Pipeline_Fix_v3.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Pipeline_Fix_v3.md
@ -1,8 +1,9 @@
 ---
-type: journal
+type: Journal
 status: ACTIVE
 owner: Lead Architect
 date: 2026-03-06
 last_update: 2026-03-06
 ---
 # Session Log — Pipeline Fix v3: socat nicht verfügbar → iptables DNAT
--- a/docs/99_Journal/2026-03-06_Session_Log_Pipeline_Gruen.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Pipeline_Gruen.md
@ -1,8 +1,9 @@
 ---
-type: journal
+type: Journal
 status: ACTIVE
 owner: Lead Architect
 date: 2026-03-06
 last_update: 2026-03-06
 ---
 # Session Log — Pipeline vollständig grün ✅
--- a/docs/99_Journal/2026-03-06_Session_Log_Proxmox_Korrektur.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Proxmox_Korrektur.md
@ -2,6 +2,7 @@
 type: Journal
 status: ACTIVE
 owner: Lead Architect
 last_update: 2026-03-06
 ---
 # Journal - 2026-03-06 (Session 3 — Proxmox-Korrektur)
--- a/docs/99_Journal/2026-03-06_Session_Log_Uebersetzung_Deutsch.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Uebersetzung_Deutsch.md
@ -1,8 +1,9 @@
 ---
 type: Journal
-status: FINAL
+status: ACTIVE
 owner: Lead Architect
 date: 2026-03-06
 last_update: 2026-03-06
 ---
 # Session Log – Übersetzung aller Dokumente auf Deutsch
--- a/docs/99_Journal/2026-03-06_Session_Log_Zora_Konfiguration.md
+++ b/docs/99_Journal/2026-03-06_Session_Log_Zora_Konfiguration.md
@ -1,8 +1,9 @@
 ---
-type: Session Log
+type: Journal
 date: 2026-03-06
 agent: DevOps Engineer + Curator
-status: DONE
+status: ACTIVE
 last_update: 2026-03-06
 ---
 # Session Log: Zora — Vollständige Konfigurationsanalyse
--- a/docs/99_Journal/2026-03-07_Session_Log_TechStack_Zusammenfassung.md
+++ b/docs/99_Journal/2026-03-07_Session_Log_TechStack_Zusammenfassung.md
@ -1,8 +1,9 @@
 ---
 type: Journal
-status: DONE
+status: ACTIVE
 owner: Lead Architect
 date: 2026-03-07
 last_update: 2026-03-07
 ---
 # Session Log — Tech-Stack Zusammenfassung
--- a/docs/99_Journal/2026-03-07_Session_Log_Zora_Hardware_Zusammenfassung.md
+++ b/docs/99_Journal/2026-03-07_Session_Log_Zora_Hardware_Zusammenfassung.md
@ -3,6 +3,7 @@ type: Journal
 status: ACTIVE
 owner: Lead Architect
 date: 2026-03-07
 last_update: 2026-03-07
 ---
 # Session Log — 07. März 2026: Zora Hardware-Zusammenfassung
--- a/docs/99_Journal/2026-03-09_Session_Log_Keycloak_Haertung.md
+++ b/docs/99_Journal/2026-03-09_Session_Log_Keycloak_Haertung.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-09
 ---
 # Journal - 2026-03-09
 ## 📝 Zusammenfassung
--- a/docs/99_Journal/2026-03-10_Session_Log_Keycloak_Hostname_Fix.md
+++ b/docs/99_Journal/2026-03-10_Session_Log_Keycloak_Hostname_Fix.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-10
 ---
 # Session Log — 2026-03-10: Keycloak Hostname Fix, Git Push Analyse & DOCKER_REGISTRY Fix
 **Datum:** Di. 10. März 2026  
--- a/docs/99_Journal/2026-03-11_Session_Log_Pangolin_Update.md
+++ b/docs/99_Journal/2026-03-11_Session_Log_Pangolin_Update.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-11
 ---
 # Session Log: Pangolin Update & Meldestelle Configuration
 **Datum:** 11. März 2026
--- a/docs/99_Journal/2026-03-15_Session_Log_Dokumentation_Cleanup.md
+++ b/docs/99_Journal/2026-03-15_Session_Log_Dokumentation_Cleanup.md
@ -0,0 +1,102 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-15
 ---
 # 🧹 Session Log: Dokumentation Cleanup & Normalisierung
 **Datum:** 15. März 2026
 **Agent:** 🧹 Curator
 **Kontext:** Vollständige Bereinigung, Korrektur und Optimierung der `docs/`-Struktur.
 ---
 ## 📝 Zusammenfassung
 Umfassende Aufräum-Session der gesamten Dokumentation. Veraltete Dokumente wurden archiviert, fehlende Standard-Header ergänzt, inkonsistente Frontmatter-Werte normalisiert und temporäre Dateien entfernt.
 ---
 ## 🗂️ Archivierungen
 | Originaldatei | Archivpfad | Grund |
 |---|---|---|
 | `docs/01_Architecture/ARCHITECTURE.md` | `docs/01_Architecture/_archive/2026-03-15_ARCHITECTURE.md` | Selbst als veraltet markiert (Jan 2026), kein aktiver Inhalt mehr |
 | `docs/01_Architecture/MASTER_ROADMAP_2026_Q1.md` | `docs/01_Architecture/_archive/2026-03-15_MASTER_ROADMAP_2026_Q1.md` | Alle Phasen der "Operation Tracer Bullet" abgeschlossen |
 | `docs/05_Backend/TASK_2026_Q1_Infrastructure_Hardening.md` | `docs/05_Backend/_archive/2026-03-15_TASK_2026_Q1_Infrastructure_Hardening.md` | Status war DONE, erledigte Task-Dokumente gehören ins Archiv |
 ---
 ## 🛠️ Korrekturen
 ### `last_update`-Feld ergänzt (19 Dokumente)
 Folgende aktive Dokumente hatten kein `last_update`-Feld im Frontmatter:
 - `docs/05_Backend/Services/PingService_Reference.md`
 - `docs/05_Backend/README.md`
 - `docs/05_Backend/Guides/Database_Best_Practices.md`
 - `docs/05_Backend/Guides/Testing_with_Postman.md`
 - `docs/06_Frontend/offline-first-architecture.md`
 - `docs/06_Frontend/web-setup.md`
 - `docs/07_Infrastructure/Heim-Netzwerk-Plan_02-2026.md`
 - `docs/07_Infrastructure/Konfig-Matrix_Dev-ProZora.md`
 - `docs/07_Infrastructure/Pangolin-vs-Cloudflare-Tunnel.md`
 - `docs/07_Infrastructure/Reference/ports-and-urls.md`
 - `docs/07_Infrastructure/Reference/zipkin.md`
 - `docs/07_Infrastructure/Zora_Infrastructure_Deployment_02-2026.md`
 - `docs/07_Infrastructure/Zora_System_Architektur.md`
 - `docs/07_Infrastructure/guides/jwt-in-docker.md`
 - `docs/07_Infrastructure/runbooks/local-development.md`
 - `docs/03_Domain/00_Glossary.md`
 - `docs/02_Guides/SQLDelight_Integration_Compose_Multiplatform.md`
 - `docs/02_Guides/SQLDelight_Web_Asynchron.md`
 - `docs/02_Guides/CodingGuidelines/kdoc-style.md`
 ### Journal-Header normalisiert (25 Einträge)
 - **Header hinzugefügt** (fehlten komplett): 11 Einträge (u.a. `2026-02-03_*`, `2026-02-04_*`, `2026-03-09_*`, `2026-03-10_*`, `2026-03-11_*`)
 - **Inkonsistente Werte korrigiert** (14 Einträge):
  - `type`: `journal` → `Journal`, `JOURNAL` → `Journal`, `Session Log` → `Journal`
  - `status`: `COMPLETED` → `ACTIVE`, `DONE` → `ACTIVE`, `FINAL` → `ACTIVE`, `In Progress` → `ACTIVE`
  - `last_update` aus Dateiname ergänzt wo fehlend
 ### Temporäre Dateien gelöscht
 - `docs/Bin/Temp.md` — leere Temp-Datei ohne Inhalt
 ---
 ## ✅ Quality Gate Status
 | Prüfpunkt | Status |
 |---|---|
 | Alle aktiven Docs haben Standard-Header | ✅ |
 | `last_update` in allen aktiven Docs | ✅ |
 | `type`-Werte konsistent (Journal/Reference/Guide/ADR/Report/Roadmap) | ✅ |
 | `status`-Werte konsistent (DRAFT/ACTIVE/DEPRECATED/ARCHIVED) | ✅ |
 | Veraltete Dokumente archiviert | ✅ |
 | Temporäre Dateien entfernt | ✅ |
 ---
 ## 🛠️ Nachbesserungen (Session 2, 20:02 Uhr)
 Auf Basis von IDE-Warnings/Errors wurden folgende Korrekturen durchgeführt:
 | Datei | Problem | Fix |
 |---|---|---|
 | `05_Backend/_archive/2026-03-15_TASK_...Hardening.md` | Broken Links (falsche relative Pfade nach Archivierung) | Pfade auf `../../01_Architecture/...` korrigiert; Roadmap-Link auf archivierte Version |
 | `05_Backend/README.md` | `ping-service.md` existiert nicht | Link auf `PingService_Reference.md` korrigiert |
 | `05_Backend/Guides/Database_Best_Practices.md` | `...` in Kotlin-Code-Blöcken → "Expecting an element" | Durch Kommentare ersetzt |
 | `02_Guides/SQLDelight_Integration_Compose_Multiplatform.md` | `package`/`import`-Direktiven in Code-Fragmenten → IDE-Fehler | Alle `package`- und `import`-Zeilen aus Kotlin-Blöcken entfernt |
 | `02_Guides/SQLDelight_Web_Asynchron.md` | `package`/`import`-Direktiven in Code-Fragmenten → IDE-Fehler | Alle `package`- und `import`-Zeilen aus Kotlin-Blöcken entfernt |
 | `02_Guides/SQLDelight_Integration_Compose_Multiplatform.md` | `private val database` → Warning "Constructor parameter never used as property" | `val` entfernt: `UserRepository(database: AppDatabase)` |
 | `02_Guides/SQLDelight_Integration_Compose_Multiplatform.md` | Swift-Code als ` ```kotlin ` markiert → "Expecting an element" / "Unexpected tokens" | Code-Fence auf ` ```swift ` korrigiert |
 ---
 ## 🔗 Offene Punkte / Empfehlungen
 - **Domain-Analyse-Docs** (`docs/03_Domain/03_Analysis/`) haben noch kein `last_update` — diese sind DRAFT und sollten beim nächsten Domain-Workshop aktualisiert werden.
 - **`docs/06_Frontend/Logs/`** — zwei Docker-Build-Troubleshooting-Logs ohne `last_update`; da reine Logs, niedrige Priorität.
 - **ADR-Pflicht prüfen:** Die Entscheidung für den AI-Stack (Ollama + Open WebUI, Session 2026-03-06) ist bisher nur im Journal dokumentiert — ein ADR in `docs/01_Architecture/adr/` wäre angebracht.
--- a/docs/99_Journal/README.md
+++ b/docs/99_Journal/README.md
@ -1,3 +1,9 @@
 ---
 type: Journal
 status: ACTIVE
 owner: Curator
 last_update: 2026-03-15
 ---
 # Journal
 Kurze Session-Protokolle, damit Entscheidungen/Erkenntnisse nicht „im Chat“ verloren gehen.
--- a/docs/Bin/Temp.md
+++ b/docs/Bin/Temp.md
@ -1,87 +0,0 @@
 # **„Hello-World“-Testprojekt**
 Bevor das **"Meldestelle"-Projekt** auf **Zora** losgelassen wird, erstellen wir ein **"Hallo Welt"-Projekt**. Das spart Zeit beim Debugging, wenn der Test-Build fehlschlägt, wissen wir sofort, es liegt an der Infrastruktur (Runner/Registry) und nicht an komplexen Gradle-Abhängigkeiten.
 ## Plan für "Sandbox-Projekt“, um die CI/CD-Leitung auf **Zora** zu testen.
 ---
 ### 1. Runner-Stabilisierung: Der „Herz-Check“
 Bevor das Testprojekt gepusht wird, müssen wir sicherstellen, dass der Runner nicht nur „jetzt“ online war, sondern als stabiler Dienst im Hintergrund läuft.
 **Checke das im Container `infra-runner`:**
 ```bash
 incus exec infra-runner -- systemctl status act_runner
 ```
 * **Wenn „active (running)“:** Alles bestens.
 * **Falls nicht:** Starte ihn mit `systemctl enable --now act_runner`.
 * **Gitea-Check:** Im Browser sollte der Status jetzt von **Inaktiv** (Grau/Gelb) auf **Aktiv** (Grün) springen, sobald der Dienst läuft.
 ---
 ### 2. Das Test-Projekt: „Zora-Proof-of-Concept“
 Erstelle in deiner IDEA (oder direkt in Gitea) ein neues, leeres Repository namens `zora-test`.
 #### A. Die minimale Dockerfile
 Wir nehmen ein extrem kleines Image, um die ARM64-Fähigkeit zu testen:
 ```dockerfile
 FROM alpine:latest
 RUN echo "Zora hat dieses Image gebaut!" > /hello.txt
 CMD ["cat", "/hello.txt"]
 ```
 #### B. Der Workflow (`.gitea/workflows/test.yaml`)
 Hier nutzen wir deine neuen Secrets `REGISTRY_TOKEN` und `REGISTRY_USER`.
 ```yaml
 name: Zora Test Build
 on: [push]
 jobs:
  build-and-push:
    runs-on: ubuntu-latest # Dein Runner erkennt das Label
    steps:
      - name: Checkout
        uses: actions/checkout@v4
      - name: Login to Registry
        uses: docker/login-action@v3
        with:
          registry: git.mo-code.at
          username: ${{ secrets.REGISTRY_USER }}
          password: ${{ secrets.REGISTRY_TOKEN }}
      - name: Build and Push
        uses: docker/build-push-action@v5
        with:
          context: .
          push: true
          tags: git.mo-code.at/${{ secrets.REGISTRY_USER }}/zora-test:latest
 ```
 ---
 ### 3. Warum dieser Test so wertvoll ist
 1. **Registry-Rechte:** Wir prüfen, ob dein neuer Token wirklich Pakete schreiben darf.
 2. **LXC-Docker-Check:** Wir sehen, ob Docker im Container `infra-runner` mit dem `fuse-overlayfs` Treiber wirklich Images bauen kann.
 3. **ARM64-Verifizierung:** Wir bestätigen, dass der Runner das Image nativ für dein Biest baut.
 ---
 ### Was wir kontrollieren müssen (Erfolgskriterien):
 * [ ] Erscheint in Gitea unter dem Reiter **„Actions“** ein neuer Eintrag nach dem Push?
 * [ ] Läuft der Build ohne Fehler durch?
 * [ ] Taucht unter deinem Profil in Gitea ein neues **„Paket“** namens `zora-test` auf?
 **Soll ich dir, sobald du das Testprojekt in Gitea angelegt hast, helfen das Log-Streaming des Runners zu analysieren, falls er beim `docker login` hängen bleibt?** (Das ist oft die Stelle, an der falsche Secret-Namen auffallen).
--- a/platform/architecture-tests/src/test/kotlin/at/mocode/archtests/BackendArchitectureTest.kt
+++ b/platform/architecture-tests/src/test/kotlin/at/mocode/archtests/BackendArchitectureTest.kt
@ -3,6 +3,7 @@ package at.mocode.archtests
 import com.tngtech.archunit.core.domain.JavaClasses
 import com.tngtech.archunit.junit.AnalyzeClasses
 import com.tngtech.archunit.junit.ArchTest
 import com.tngtech.archunit.lang.syntax.ArchRuleDefinition.noClasses
 // Scan ALL project classes from the root package
@AnalyzeClasses(packages = ["at.mocode"])
@ -10,18 +11,12 @@ class BackendArchitectureTest {
    @ArchTest
    fun `service modules should not depend on each other`(importedClasses: JavaClasses) {
-        // We currently have very few services, and they might share common code or be in transition.
+        // Active services: add new service packages here as they are introduced.
-        // For now, we disable this strict check or make it more lenient until the backend structure is fully settled.
+        // entries-service is currently on hold (feature branch) and excluded from this list.
        // The failure indicates that 'ping' and 'entries' might be accessing each other or common code that is misclassified.
        // TODO: Re-enable and refine this test once backend modularization is complete.
        /*
        val servicePackages = listOf(
-            "at.mocode.ping..",
+            "at.mocode.ping.."
-            "at.mocode.entries.."
+            // "at.mocode.entries..",  // re-add when entries-service is promoted from feature branch
            // Add other service packages here as they are created
        )
        for (servicePackage in servicePackages) {
            val otherServicePackages = servicePackages.filter { it != servicePackage }.toTypedArray()
            if (otherServicePackages.isEmpty()) continue
@ -31,6 +26,5 @@ class BackendArchitectureTest {
                .should().accessClassesThat().resideInAnyPackage(*otherServicePackages)
                .check(importedClasses)
        }
        */
    }
 }
--- a/settings.gradle.kts
+++ b/settings.gradle.kts
@ -69,7 +69,9 @@ include(":backend:infrastructure:security")
 // === BACKEND - SERVICES ===
 // --- ENTRIES (Nennungen) ---
 include(":backend:services:entries:entries-api")
-include(":backend:services:entries:entries-service")
+// entries-service: ON HOLD – pausiert bis Domain-Workshop (siehe MASTER_ROADMAP Phase 3)
 // Code liegt im Branch: feature/entries-service
 // include(":backend:services:entries:entries-service")
 // --- PING (Ping Service) ---
 include(":backend:services:ping:ping-service")
Author	SHA1	Message	Date
stefan	b05b2f8612	chore: clean up and correct SQLDelight guide code snippets, fix `swift` mislabeling, and remove redundant constructor property Some checks failed Build and Publish Docker Images / build-and-push (., backend/infrastructure/gateway/Dockerfile, api-gateway, api-gateway) (push) Successful in 7m48s Details Build and Publish Docker Images / build-and-push (., backend/services/ping/Dockerfile, ping-service, ping-service) (push) Successful in 7m17s Details Build and Publish Docker Images / build-and-push (., config/docker/caddy/web-app/Dockerfile, web-app, web-app) (push) Successful in 3m58s Details Build and Publish Docker Images / build-and-push (., config/docker/keycloak/Dockerfile, keycloak, keycloak) (push) Failing after 37s Details	2026-03-15 20:07:46 +01:00
stefan	5f6114450d	chore: fix broken links in documentation, improve code snippets, and remove unnecessary imports in guides	2026-03-15 20:05:23 +01:00
stefan	daeae0f868	chore: archive outdated architecture and roadmap documents, normalize documentation structure and metadata	2026-03-15 20:00:51 +01:00
stefan	7922475ecc	chore: remove unused `.env` loading step from Docker publish workflow	2026-03-15 19:42:33 +01:00
stefan	e088f2033b	chore: entries-service aus Build ausgetragen (ON HOLD, feature/entries-service) Co-authored-by: Junie <junie@jetbrains.com>	2026-03-15 19:16:48 +01:00
stefan	1b1ca82163	fix: security, keycloak SSOT, restart policy, arch-test reaktiviert Co-authored-by: Junie <junie@jetbrains.com>	2026-03-15 19:16:17 +01:00
stefan	f05aabb0d4	Refactor Ping service tests and introduce PingProperties configuration for cleaner service name handling	2026-03-15 18:52:10 +01:00