{ "id": "factory-integration-master-v1", "summary": "Unify storage, provisioning, vault/QR, multi-platform builds, and sandboxed playground flows into Factory admin services.", "status": "draft", "owner": "platform", "modules": [ "Storage (Drive/S3/local) with gateway proxy", "QR one-time tokens and vault keypairs", "Anonymous provisioning / activation", "Notes → planch export", "Multi-target build orchestrator (mobile/desktop/CLI/container/browser)", "Playground/sandbox with remote login, env, secrets, scripts, directives" ], "routes": { "factory": [ "/storage", "/admin/builds", "/admin (QR/vault/provisioning/notes)", "/activate/[token]", "/vault/activate/[token]" ], "gateway": [ "/api/v1/storage/token", "/api/v1/storage/upload", "/api/v1/storage/download", "/api/v1/admin/qr-tokens", "/api/v1/admin/vault/keypairs", "/api/v1/admin/provisioning", "/api/v1/admin/planch-notes", "/api/v1/builds" ] }, "auth": { "header": "X-API-Key", "issue": "/api/v1/token", "roles": ["admin"] }, "env": [ "STORAGE_SIGNING_KEY=", "STORAGE_BACKEND=drive|s3|local", "STORAGE_TOKEN_TTL=3600", "DRIVE_SERVICE_ACCOUNT_JSON or GOOGLE_APPLICATION_CREDENTIALS", "DRIVE_FOLDER_ID (optional), DRIVE_IMPERSONATE (optional)", "S3_ENDPOINT/S3_ACCESS_KEY/S3_SECRET_KEY/S3_REGION/S3_FORCE_PATH_STYLE", "BUILD_EXECUTOR_ENDPOINT (future external runner)" ], "workflows": [ "Admin mints storage tokens in Factory /storage, uploads via gateway proxy; download uses token-signed endpoint.", "Admin manages QR/vault/provisioning/notes in Factory /admin; users activate via /activate/[token] and /vault/activate/[token].", "Admin queues multi-target builds in /admin/builds; gateway stores job rows and awaits external runner callbacks.", "Sandbox/playground uses same auth and env/secrets model; directives drive future automation." ], "deliverables": [ "Factory UI pages wired to gateway APIs", "Gateway endpoints for storage, QR/vault, provisioning, notes, builds", "Documentation block in release notes referencing this directive and required env vars" ] }