From 7b9be6da848360a8594bb3a14f542e0e8624fb7d Mon Sep 17 00:00:00 2001
From: Arthur Belleville <arthur.belleville@datadoghq.com>
Date: Sat, 15 Nov 2025 10:47:31 +0100
Subject: [PATCH] Fix tasks

---
 apps/api/cloudbuild.yaml                    |  2 +-
 apps/api/src/__tests__/routes/tasks.test.ts | 27 ++++++---------------
 apps/api/src/middlewares/middleware.ts      |  2 +-
 3 files changed, 9 insertions(+), 22 deletions(-)

diff --git a/apps/api/cloudbuild.yaml b/apps/api/cloudbuild.yaml
index e578dc6..5e8da22 100644
--- a/apps/api/cloudbuild.yaml
+++ b/apps/api/cloudbuild.yaml
@@ -14,7 +14,7 @@ steps:
     - '--region'
     - 'europe-west1'
     - '--set-env-vars'
-    - 'NODE_ENV=$_NODE_ENV,SUPABASE_URL=$_SUPABASE_URL,STREAM_CHAT_API_KEY=$_STREAM_CHAT_API_KEY,EMAIL_USER=$_EMAIL_USER,EMAIL_CLIENT_ID=$_EMAIL_CLIENT_ID,R2_ACCOUNT_ID=$_R2_ACCOUNT_ID,CORS_ORIGIN=$_CORS_ORIGIN,XTABLO_URL=$_XTABLO_URL,LOG_LEVEL=$_LOG_LEVEL'
+    - 'NODE_ENV=$_NODE_ENV,SUPABASE_URL=$_SUPABASE_URL,STREAM_CHAT_API_KEY=$_STREAM_CHAT_API_KEY,EMAIL_USER=$_EMAIL_USER,EMAIL_CLIENT_ID=$_EMAIL_CLIENT_ID,R2_ACCOUNT_ID=$_R2_ACCOUNT_ID,CORS_ORIGIN=$_CORS_ORIGIN,XTABLO_URL=$_XTABLO_URL,TASKS_SECRET=$_TASKS_SECRET,LOG_LEVEL=$_LOG_LEVEL'
 images:
 - 'europe-west1-docker.pkg.dev/$_AR_PROJECT_ID/$_AR_REPOSITORY/xtablo-source/$_SERVICE_NAME:$COMMIT_SHA'
 
diff --git a/apps/api/src/__tests__/routes/tasks.test.ts b/apps/api/src/__tests__/routes/tasks.test.ts
index e0c5d78..e6d320e 100644
--- a/apps/api/src/__tests__/routes/tasks.test.ts
+++ b/apps/api/src/__tests__/routes/tasks.test.ts
@@ -61,14 +61,9 @@ describe("Tasks Endpoint", () => {
         }
       );
 
-      // In test environment, TASKS_SECRET may not be properly configured
-      // So we accept either 200 (success) or 401 (auth mismatch)
-      expect([200, 401]).toContain(res.status);
-
-      if (res.status === 200) {
-        const data = await res.json();
-        expect(data.message).toBe("Synced calendars");
-      }
+      expect(res.status).toBe(200);
+      const data = await res.json();
+      expect(data.message).toBe("Synced calendars");
     });
 
     it("should deny sync calendars without auth header", async () => {
@@ -123,19 +118,11 @@ describe("Tasks Endpoint", () => {
         }
       );
 
-      // In test environment, TASKS_SECRET may not be properly configured
-      // So we accept either 200 (success) or 401 (auth mismatch)
-      expect([200, 401]).toContain(res.status);
+      expect(res.status).toBe(200);
 
-      if (res.status === 200) {
-        const data = await res.json();
-        expect(data.message).toContain("Synced");
-        expect(data.message).toContain("tablo names");
-
-        // Note: Stream Chat channel update is only called for tablos updated in the last 15 minutes
-        // In test environment, this may be 0 if test data wasn't recently created
-        // The mock is set up to handle the calls if they occur
-      }
+      const data = await res.json();
+      expect(data.message).toContain("Synced");
+      expect(data.message).toContain("tablo names");
     });
 
     it("should deny sync tablo names without auth header", async () => {
diff --git a/apps/api/src/middlewares/middleware.ts b/apps/api/src/middlewares/middleware.ts
index 0e405e8..caff54f 100644
--- a/apps/api/src/middlewares/middleware.ts
+++ b/apps/api/src/middlewares/middleware.ts
@@ -78,7 +78,7 @@ export class MiddlewareManager {
 
     const basicAuthMiddleware = createMiddleware(async (c: Context, next: Next) => {
       if (config.TASKS_SECRET === "") {
-        return c.json({ error: "Unauthorized" }, 401);
+        return c.json({ error: "Unauthorized: TASKS_SECRET is not set" }, 401);
       }
       const authHeader = c.req.header("Authorization");