apiVersion: jenkins.io/v1 kind: PipelineActivity metadata: annotations: lighthouse.jenkins-x.io/cloneURI: https://github.com/greencapitaltrade/happy.git lighthouse.jenkins-x.io/job: release creationTimestamp: "2026-04-14T07:30:02Z" generation: 7 labels: branch: main build: "32" context: release created-by-lighthouse: "true" event-GUID: bcc59238-37d3-11f1-9840-e54bb2f784c0 lighthouse.jenkins-x.io/baseSHA: ae83888d2bbfbee806ece866d375a0c6f1bc99ba lighthouse.jenkins-x.io/branch: main lighthouse.jenkins-x.io/buildNum: "1776151802740" lighthouse.jenkins-x.io/context: release lighthouse.jenkins-x.io/id: ncapitaltrade-happy-main-release-svntl lighthouse.jenkins-x.io/job: release lighthouse.jenkins-x.io/lastCommitSHA: ae83888d2bbfbee806ece866d375a0c6f1bc99ba lighthouse.jenkins-x.io/refs.org: greencapitaltrade lighthouse.jenkins-x.io/refs.repo: happy lighthouse.jenkins-x.io/type: postsubmit owner: greencapitaltrade podName: ncapitaltrade-happy-main-release-z4cnt-from-build-pack-pod provider: github repository: happy tekton.dev/pipeline: ncapitaltrade-happy-main-release-z4cnt managedFields: - apiVersion: jenkins.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:labels: f:branch: {} f:context: {} f:owner: {} f:provider: {} f:repository: {} f:spec: f:lastCommitMessage: {} f:lastCommitSHA: {} f:releaseNotesURL: {} f:version: {} manager: jx-changelog-0.10.18 operation: Update time: "2026-04-14T07:31:08Z" - apiVersion: jenkins.io/v1 fieldsType: FieldsV1 fieldsV1: f:spec: f:completedTimestamp: {} manager: jx-promote-0.6.31 operation: Update time: "2026-04-14T07:32:30Z" - apiVersion: jenkins.io/v1 fieldsType: FieldsV1 fieldsV1: f:metadata: f:annotations: .: {} f:lighthouse.jenkins-x.io/cloneURI: {} f:lighthouse.jenkins-x.io/job: {} f:labels: .: {} f:build: {} f:created-by-lighthouse: {} f:event-GUID: {} f:lighthouse.jenkins-x.io/baseSHA: {} f:lighthouse.jenkins-x.io/branch: {} f:lighthouse.jenkins-x.io/buildNum: {} f:lighthouse.jenkins-x.io/context: {} f:lighthouse.jenkins-x.io/id: {} f:lighthouse.jenkins-x.io/job: {} f:lighthouse.jenkins-x.io/lastCommitSHA: {} f:lighthouse.jenkins-x.io/refs.org: {} f:lighthouse.jenkins-x.io/refs.repo: {} f:lighthouse.jenkins-x.io/type: {} f:podName: {} f:tekton.dev/pipeline: {} f:spec: .: {} f:baseSHA: {} f:batchPipelineActivity: {} f:build: {} f:context: {} f:gitBranch: {} f:gitOwner: {} f:gitRepository: {} f:gitUrl: {} f:message: {} f:pipeline: {} f:startedTimestamp: {} f:status: {} f:steps: {} manager: jx-build-controller operation: Update time: "2026-04-14T07:32:36Z" name: greencapitaltrade-happy-main-32 namespace: jx resourceVersion: "1093102298" uid: 9496788a-01f9-4fd7-b61f-0711ea6a55c0 spec: baseSHA: ae83888d2bbfbee806ece866d375a0c6f1bc99ba batchPipelineActivity: {} build: "32" completedTimestamp: "2026-04-14T07:31:31Z" context: release gitBranch: main gitOwner: greencapitaltrade gitRepository: happy gitUrl: https://github.com/greencapitaltrade/happy.git lastCommitMessage: | feat: add encrypted credential vault and PaymentGatewayConfig model Introduces at-rest encryption for payment gateway credentials. This is the first slice of the multi-gateway orchestration work. Ships only the vault module, table, and model. Does not touch the Cashfree connector, callback route, order hooks, or runtime behaviour in any way. pgs/vault.js uses AES-256-GCM with HAPPY_PG_ENCRYPTION_KEY (32 bytes, base64 in env). Fresh 96-bit nonce per encrypt, auth tag returned separately. Key is loaded lazily and memoised so the process fails cleanly at first use, not at import. The payment_gateway_configs migration creates the table with the (pg, source, external_id) shape, encrypted_blob + nonce + auth_tag columns, a key_version column for future rotation, and partial unique indexes that exclude soft-deleted rows. PaymentGatewayConfig is a Sequelize model with a VIRTUAL credentials field. The setter encrypts through pgs/vault and populates the three persisted columns; the getter decrypts them back on demand. Plaintext credentials never touch persistent storage. Tests cover the vault (7 unit tests) and the model (7 e2e tests) including roundtrip, fresh nonce on update, tamper rejection, missing or invalid key, direct SQL ciphertext inspection to confirm plaintext absence, and partial unique index enforcement. Follow-up PRs will land webhook signature verification, the afterCreate to afterCommit fix, the pgs/cashfree refactor to consume configs, the config loader with caching, and the bootstrap migration for the existing cashfree/default row. Refs: #219 Co-Authored-By: Claude Opus 4.6 (1M context) lastCommitSHA: ba4594cb012c55bb7500dc7ca82af6965a9bbd1c message: 'Tasks Completed: 1 (Failed: 0, Cancelled 0), Skipped: 0' pipeline: greencapitaltrade/happy/main releaseNotesURL: https://github.com/greencapitaltrade/happy/releases/tag/v1.9.0 startedTimestamp: "2026-04-14T07:30:02Z" status: Running steps: - kind: Stage stage: completedTimestamp: "2026-04-14T07:31:31Z" name: Release startedTimestamp: "2026-04-14T07:30:31Z" status: Succeeded - kind: Stage stage: completedTimestamp: "2026-04-14T07:32:33Z" name: from build pack startedTimestamp: "2026-04-14T07:30:07Z" status: Succeeded steps: - completedTimestamp: "2026-04-14T07:30:10Z" name: Git Clone startedTimestamp: "2026-04-14T07:30:07Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:13Z" name: Next Version startedTimestamp: "2026-04-14T07:30:12Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:16Z" name: Jx Variables startedTimestamp: "2026-04-14T07:30:13Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:25Z" name: Build Npm Install startedTimestamp: "2026-04-14T07:30:16Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:28Z" name: Build Assets startedTimestamp: "2026-04-14T07:30:24Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:31Z" name: Check Registry startedTimestamp: "2026-04-14T07:30:28Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:55Z" name: Build Container Build startedTimestamp: "2026-04-14T07:30:31Z" status: Succeeded - completedTimestamp: "2026-04-14T07:31:09Z" name: Promote Changelog startedTimestamp: "2026-04-14T07:30:55Z" status: Succeeded - completedTimestamp: "2026-04-14T07:31:11Z" name: Promote Helm Release startedTimestamp: "2026-04-14T07:31:09Z" status: Succeeded - completedTimestamp: "2026-04-14T07:32:33Z" name: Promote Jx Promote startedTimestamp: "2026-04-14T07:31:12Z" status: Succeeded - kind: Stage stage: name: from build pack startedTimestamp: "2026-04-14T07:30:07Z" status: Running steps: - completedTimestamp: "2026-04-14T07:30:10Z" name: Git Clone startedTimestamp: "2026-04-14T07:30:07Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:13Z" name: Next Version startedTimestamp: "2026-04-14T07:30:12Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:16Z" name: Jx Variables startedTimestamp: "2026-04-14T07:30:13Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:25Z" name: Build Npm Install startedTimestamp: "2026-04-14T07:30:16Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:28Z" name: Build Assets startedTimestamp: "2026-04-14T07:30:24Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:31Z" name: Check Registry startedTimestamp: "2026-04-14T07:30:28Z" status: Succeeded - completedTimestamp: "2026-04-14T07:30:55Z" name: Build Container Build startedTimestamp: "2026-04-14T07:30:31Z" status: Succeeded - completedTimestamp: "2026-04-14T07:31:09Z" name: Promote Changelog startedTimestamp: "2026-04-14T07:30:55Z" status: Succeeded - completedTimestamp: "2026-04-14T07:31:11Z" name: Promote Helm Release startedTimestamp: "2026-04-14T07:31:09Z" status: Succeeded - name: Promote Jx Promote startedTimestamp: "2026-04-14T07:30:44Z" status: Running - kind: Promote promote: environment: production pullRequest: pullRequestURL: https://github.com/greencapitaltrade/mcu/pull/3470 startedTimestamp: "2026-04-14T07:32:30Z" status: Succeeded startedTimestamp: "2026-04-14T07:32:30Z" status: Succeeded version: 1.9.0 status: {}