From ecdad596bfcc304306aef0b3bb658bb7f6d53e0d Mon Sep 17 00:00:00 2001
From: Bakery Admin <admin@bakewise.ai>
Date: Thu, 22 Jan 2026 21:41:07 +0100
Subject: [PATCH] Fix resources isues 29

---
 .../templates/task-detect-changes.yaml        | 20 +++++++++++++---
 .../tekton-helm/templates/task-git-clone.yaml |  4 ++--
 services/tenant/app/api/plans.py              |  2 +-
 services/tenant/app/api/usage_forecast.py     |  2 +-
 shared/monitoring/otel_config.py              | 23 +++++++++++++++++++
 5 files changed, 44 insertions(+), 7 deletions(-)

diff --git a/infrastructure/cicd/tekton-helm/templates/task-detect-changes.yaml b/infrastructure/cicd/tekton-helm/templates/task-detect-changes.yaml
index 7f3d4de5..4705876b 100644
--- a/infrastructure/cicd/tekton-helm/templates/task-detect-changes.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/task-detect-changes.yaml
@@ -40,13 +40,27 @@ spec:
 
         cd $(workspaces.source.path)
 
+        echo "Git log (last 3 commits):"
+        git log --oneline -3 || echo "Cannot get git log"
+
+        # Check if we have enough history for comparison
+        COMMIT_COUNT=$(git rev-list --count HEAD 2>/dev/null || echo "0")
+        echo "Commit count in history: $COMMIT_COUNT"
+
+        if [ "$COMMIT_COUNT" -lt 2 ]; then
+          echo "Not enough git history for change detection (need at least 2 commits)"
+          echo "Building all services as fallback"
+          echo "all" > $(results.changed-services.path)
+          exit 0
+        fi
+
         # Get the list of changed files
         CHANGED_FILES=$(git diff --name-only HEAD~1 HEAD 2>/dev/null || echo "")
 
         if [ -z "$CHANGED_FILES" ]; then
-          # No changes detected, assume all services need building
-          echo "No git changes detected, building all services"
-          echo "all" > $(results.changed-services.path)
+          # Empty commit or something unusual - skip build
+          echo "No file changes detected in last commit"
+          echo "infrastructure" > $(results.changed-services.path)
           exit 0
         fi
 
diff --git a/infrastructure/cicd/tekton-helm/templates/task-git-clone.yaml b/infrastructure/cicd/tekton-helm/templates/task-git-clone.yaml
index 6f4fddd3..ebc3ac8a 100644
--- a/infrastructure/cicd/tekton-helm/templates/task-git-clone.yaml
+++ b/infrastructure/cicd/tekton-helm/templates/task-git-clone.yaml
@@ -23,8 +23,8 @@ spec:
       default: "main"
     - name: depth
       type: string
-      description: Git clone depth (0 for full history)
-      default: "1"
+      description: Git clone depth (0 for full history, minimum 2 for change detection)
+      default: "2"
   results:
     - name: commit-sha
       description: The commit SHA that was checked out
diff --git a/services/tenant/app/api/plans.py b/services/tenant/app/api/plans.py
index eabb5ebf..5ccbc890 100644
--- a/services/tenant/app/api/plans.py
+++ b/services/tenant/app/api/plans.py
@@ -21,7 +21,7 @@ logger = structlog.get_logger()
 router = APIRouter(prefix="/plans", tags=["subscription-plans"])
 
 
-@router.get("", response_model=Dict[str, Any])
+@router.get("/", response_model=Dict[str, Any])
 async def get_available_plans():
     """
     Get all available subscription plans with complete metadata
diff --git a/services/tenant/app/api/usage_forecast.py b/services/tenant/app/api/usage_forecast.py
index 35116eea..a7db86f9 100644
--- a/services/tenant/app/api/usage_forecast.py
+++ b/services/tenant/app/api/usage_forecast.py
@@ -157,7 +157,7 @@ def determine_status(usage_percentage: float, days_until_breach: Optional[int])
         return 'safe'
 
 
-@router.get("", response_model=UsageForecastResponse)
+@router.get("/", response_model=UsageForecastResponse)
 async def get_usage_forecast(
     tenant_id: str = Query(..., description="Tenant ID"),
     current_user: dict = Depends(get_current_user_dep)
diff --git a/shared/monitoring/otel_config.py b/shared/monitoring/otel_config.py
index 469eec9f..9d66b017 100644
--- a/shared/monitoring/otel_config.py
+++ b/shared/monitoring/otel_config.py
@@ -110,6 +110,29 @@ class OTelConfig:
 
         return endpoints
 
+    @staticmethod
+    def _contains_secret_reference(endpoint: str) -> bool:
+        """
+        Check if endpoint contains secret references or placeholders.
+
+        Args:
+            endpoint: Endpoint string to check
+
+        Returns:
+            True if endpoint contains secret references, False otherwise
+        """
+        # Check for common secret reference patterns
+        secret_patterns = [
+            '${', '{{', '}}', 'SECRET', 'PASSWORD', 'TOKEN', 'API_KEY'
+        ]
+        
+        endpoint_upper = endpoint.upper()
+        for pattern in secret_patterns:
+            if pattern in endpoint or pattern in endpoint_upper:
+                return True
+        
+        return False
+
     @staticmethod
     def _clean_grpc_endpoint(endpoint: str) -> str:
         """