Rebaseline: Remove DAB, update docs/scripts for Hot Chocolate GraphQL

Author: srnichols

docs/DEPLOYMENT_GUIDE.md

@@ -137,11 +137,12 @@ Prerequisites:
 
 Steps:
 
-1) Start local data stack (Cosmos Emulator, DAB, Portal) [optional]
 
-- PowerShell (Windows):
-  - pwsh -File ./scripts/run-local.ps1
-- Default ports: Cosmos Emulator 8085, DAB 8082, Portal 8081
+1) Start local data stack (Cosmos Emulator, Portal, GraphQL API) [optional]
+
+  - PowerShell (Windows):
+    - pwsh -File ./scripts/run-local.ps1
+  - Default ports: Cosmos Emulator 8085, Portal 8081, GraphQL API 8082
 
 2) Ensure local.settings.json
 

docs/DEVELOPER_QUICKSTART.md

@@ -116,7 +116,8 @@ See also: Known Issues → Functions host exits on startup or endpoints not reac
 
 ## 🎯 Minimal Happy Path (Live Data)
 
-This section shows the recommended end-to-end steps to deploy a minimal cloud lab, seed representative data using the seeder, and verify the Management Portal shows live data through the DAB GraphQL endpoint. We place this after local setup and verification because it assumes your development environment and credentials are configured.
+
+This section shows the recommended end-to-end steps to deploy a minimal cloud lab, seed representative data using the seeder, and verify the Management Portal shows live data through the integrated Hot Chocolate GraphQL API. We place this after local setup and verification because it assumes your development environment and credentials are configured.
 
 Prerequisites (cloud): Azure CLI, PowerShell 7+, Bicep CLI, and an Azure subscription with Contributor access for the target resource group.
 
@@ -135,18 +136,18 @@ az group create -n rg-stamps-smoke -l eastus
 az deployment group create -g rg-stamps-smoke -f traffic-routing.bicep --parameters @AzureArchitecture/examples/main.sample.smoke.json
 ```
 
-1. Wait for deployment to finish; note the Management Portal URL and the DAB Container App outputs from the deployment.
+1. Wait for deployment to finish; note the Management Portal URL and the GraphQL API endpoint outputs from the deployment.
 
 1. Seed baseline data: run the seeder in `AzureArchitecture/Seeder`. The seeder uses `DefaultAzureCredential` so your signing principal must have the Cosmos DB Data Contributor role on the target account. See `AzureArchitecture/README.md` or `docs/LIVE_DATA_PATH.md` for seeder options.
 
-1. Verify DAB GraphQL is healthy: POST a simple GraphQL query to the DAB endpoint; see `docs/LIVE_DATA_PATH.md` for the exact query and examples.
+1. Verify the Hot Chocolate GraphQL API is healthy: POST a simple GraphQL query to the endpoint (e.g., <http://localhost:8082/graphql> or the deployed URL). You can use Banana Cake Pop, Insomnia, Postman, or curl. See `docs/LIVE_DATA_PATH.md` for the exact query and examples.
 
 1. Open the Management Portal URL and sign in; confirm Tenants and Cells are visible and resolve through the portal UI.
 
 1. If you see no data, check the following:
 
-- Container App logs for the DAB (`ca-stamps-dab`) and Portal (`ca-stamps-portal`).
-- Confirm DAB GraphQL responds directly with a simple query.
+- Container App logs for the Portal (`ca-stamps-portal`).
+- Confirm the GraphQL API responds directly with a simple query.
 - Ensure the seeder principal has the correct RBAC role on Cosmos (Cosmos DB Data Contributor).
 
 1. For auth or CI/OIDC troubleshooting, see `docs/AUTH_CI_STRATEGY.md`.

management-portal/README.md

@@ -1,12 +1,13 @@
 # Management Portal
 
-Run locally with one command or via the AppHost. Defaults to in-memory data; set DAB_GRAPHQL_URL to point to your Data API Builder GraphQL endpoint to use real data.
+
+Run locally with one command or via the AppHost. By default, the portal uses in-memory data. For live data, it connects to the built-in Hot Chocolate GraphQL endpoint, which provides full CRUD for Cosmos DB entities.
 
 ## Auth and roles (production)
 
-- **Hosting**: Azure Container Apps (ACA) for the portal and DAB API; Azure Functions for command handlers
-- **Authentication**: Azure Entra ID with OpenID Connect for administrative access
-- **Authorization**: DAB auth provider uses AppService-compatible headers from Container Apps authentication
+**Hosting**: Azure Container Apps (ACA) for the portal and Hot Chocolate GraphQL API; Azure Functions for command handlers
+**Authentication**: Azure Entra ID with OpenID Connect for administrative access
+**Authorization**: Uses AppService-compatible headers from Container Apps authentication
 - **Portal Roles**:
   - `authenticated` (read access to tenant data)
   - `platform.admin` (full CRUD access)
@@ -49,22 +50,33 @@ Troubleshooting
 
 ## Config
 
-- DAB_GRAPHQL_URL: e.g. <http://localhost:8082/graphql>
+
+## GraphQL Endpoint
+
+- Hot Chocolate GraphQL endpoint: <http://localhost:8082/graphql>
 
 ## Switch Data Source
 
-- Leave DAB_GRAPHQL_URL empty to use in-memory data
-- Set DAB_GRAPHQL_URL to use GraphQL
+
+By default, the portal uses in-memory data. When running in production or with Cosmos DB, the portal uses the built-in Hot Chocolate GraphQL API for all data operations.
 
 ## CRUD
 
-- Tenants, Cells, and Operations pages support create/update/delete when GraphQL is enabled (DAB provides mutations).
-- For in-memory mode, operations affect only the running process.
+
+Tenants, Cells, and Operations pages support create/update/delete via the Hot Chocolate GraphQL API. In in-memory mode, operations affect only the running process.
 
 ## Smoke test (GraphQL)
 
-After starting the local stack, run a minimal CRUD test against DAB:
 
-- pwsh -File .\scripts\graphql-smoke-test.ps1 -AsAdmin
+After starting the local stack, you can run a minimal CRUD test against the Hot Chocolate GraphQL endpoint using your favorite GraphQL client (e.g., Banana Cake Pop, Insomnia, Postman, or curl). Example mutation:
+
+```
+mutation {
+  createTenant(input: { id: "t1", displayName: "Test Tenant", domain: "test.com", tier: "Standard", status: "Active", cellId: "cell1", contactName: "Jane Doe", contactEmail: "jane@example.com" }) {
+    id
+    displayName
+  }
+}
+```
 
-The script lists tenants, creates a temporary tenant, and deletes it (using partitionKeyValue = tenantId). Use -AsAdmin to simulate the `platform.admin` role via X-MS-CLIENT-PRINCIPAL.
+You can also use the built-in Banana Cake Pop GraphQL IDE at <http://localhost:8082/graphql> for interactive queries and mutations.

management-portal/dab/Dockerfile

@@ -1,12 +1,15 @@
-# Plan to Resolve DAB GraphQL Query Failures
+
+# Plan to Resolve GraphQL Query Failures
 
 ## Overview
-This plan addresses the issue of GraphQL queries failing to retrieve data from Cosmos DB via Data API Builder (DAB) in the management-portal project. It breaks down the diagnosis and resolution into actionable steps.
+
+This plan addresses the issue of GraphQL queries failing to retrieve data from Cosmos DB via the Hot Chocolate GraphQL API in the management-portal project. It breaks down the diagnosis and resolution into actionable steps.
 
 ## Todo List
-- [ ] Verify DAB container health and logs for crash loops or startup errors using Azure CLI commands.
-- [ ] Compare GraphQL schema (schema.graphql) with Cosmos DB container structures for mismatches.
-- [ ] Test sample GraphQL queries directly against DAB endpoint to reproduce retrieval failures.
+
+- [ ] Verify GraphQL API health and logs for crash loops or startup errors using Azure CLI commands.
+- [ ] Compare GraphQL schema (as exposed by Hot Chocolate) with Cosmos DB container structures for mismatches.
+- [ ] Test sample GraphQL queries directly against the GraphQL endpoint to reproduce retrieval failures.
 - [ ] Analyze error handling in GraphQLDataService.cs and add logging for detailed failure insights.
 - [ ] Review Bicep deployment (management-portal.bicep) for configuration issues like ports or secrets.
 - [ ] Implement fixes, such as updating schema or deployment settings, and redeploy.