The [2.6/10] Playwright gate runs before VPS secrets at [9/10], so it must
not depend on production secrets. Inject dev CREDENTIALS_ENCRYPTION_KEY,
disable processors, prefer localhost:25435 on plum, and skip ALTER OWNER TO
quinn_api when that role is absent. Provision quinn_api in plum-e2e-db.sh.
Rework the admin smoke gate to stand on its own instead of a shared, pre-seeded
DB that was unreachable from plum and collision-prone across runs:
- global-setup provisions a uniquely-named ephemeral DB (quinn_admin_e2e_<epoch>_<hex>)
on a real Postgres (black.lan:25435 default), boots @features/api (the bundle
deploy.sh ships) under bun in internal mode so it migrates from scratch, and
drops the DB on teardown; a bounded startup sweep reaps orphans from crashed
runs. QUINN_ADMIN_E2E_DB_URL overrides to a pre-existing DB.
- proxy-server mirrors prod nginx: /api/v2/<x> → /<x>; smoke specs hit the API's
real surfaces (/health json, /www + /engine tour-stops, 401 without token).
- add infrastructure/scripts/plum-e2e-db.sh to provision an isolated PG16 on
plum:25435 for local runs; add postgres devDep to the e2e package.
