fix: resolve tech debt from v1.0 milestone audit

- Frontend admin email now reads from VITE_ADMIN_EMAIL env var instead of hardcoded literal
- Consolidate retention cleanup: remove runRetentionCleanup, add document_processing_events to existing cleanupOldData
- Replace personal email in defineString('EMAIL_WEEKLY_RECIPIENT') default with empty string

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

backend/src/index.ts

@@ -224,7 +224,7 @@ const emailUser = defineString('EMAIL_USER', { default: 'press7174@gmail.com' })
 const emailHost = defineString('EMAIL_HOST', { default: 'smtp.gmail.com' });
 const emailPort = defineString('EMAIL_PORT', { default: '587' });
 const emailSecure = defineString('EMAIL_SECURE', { default: 'false' });
-const emailWeeklyRecipient = defineString('EMAIL_WEEKLY_RECIPIENT', { default: 'jpressnell@bluepointcapital.com' });
+const emailWeeklyRecipient = defineString('EMAIL_WEEKLY_RECIPIENT', { default: '' });
 
 // Configure Firebase Functions v2 for larger uploads
 // Note: defineString() values are automatically available in process.env
@@ -364,35 +364,9 @@ export const runHealthProbes = onSchedule({
   });
 });
 
-// Retention cleanup — weekly, separate from document processing (PITFALL-7, INFR-03)
-export const runRetentionCleanup = onSchedule({
-  schedule: 'every monday 02:00',
-  timeoutSeconds: 120,
-  memory: '256MiB',
-  secrets: [databaseUrl, supabaseServiceKey, supabaseAnonKey],
-}, async (_event) => {
-  const { HealthCheckModel } = await import('./models/HealthCheckModel');
-  const { AlertEventModel } = await import('./models/AlertEventModel');
-  const { deleteProcessingEventsOlderThan } = await import('./services/analyticsService');
-
-  const RETENTION_DAYS = 30;
-
-  const [hcCount, alertCount, eventCount] = await Promise.all([
-    HealthCheckModel.deleteOlderThan(RETENTION_DAYS),
-    AlertEventModel.deleteOlderThan(RETENTION_DAYS),
-    deleteProcessingEventsOlderThan(RETENTION_DAYS),
-  ]);
-
-  logger.info('runRetentionCleanup: complete', {
-    retentionDays: RETENTION_DAYS,
-    deletedHealthChecks: hcCount,
-    deletedAlerts: alertCount,
-    deletedProcessingEvents: eventCount,
-  });
-});
-
 // Scheduled function to clean up old database records
 // Runs daily at 3 AM UTC to enforce retention policies
+// Also handles monitoring table retention (INFR-03) — consolidated from former runRetentionCleanup
 export const cleanupOldData = onSchedule({
   schedule: 'every day 03:00',
   timeZone: 'UTC',
@@ -462,7 +436,12 @@ export const cleanupOldData = onSchedule({
       `DELETE FROM alert_events WHERE status = 'resolved' AND created_at < NOW() - INTERVAL '30 days'`
     );
 
-    // 8. Agent executions: older than 90 days
+    // 8. Document processing events: older than 30 days (INFR-03)
+    results.document_processing_events = await safeCleanup('document_processing_events',
+      `DELETE FROM document_processing_events WHERE created_at < NOW() - INTERVAL '30 days'`
+    );
+
+    // 9. Agent executions: older than 90 days
     results.agent_executions = await safeCleanup('agent_executions',
       `DELETE FROM agent_executions WHERE created_at < NOW() - INTERVAL '90 days'`
     );

frontend/.env.production

@@ -4,4 +4,5 @@ VITE_FIREBASE_AUTH_DOMAIN=cim-summarizer.firebaseapp.com
 VITE_FIREBASE_PROJECT_ID=cim-summarizer
 VITE_FIREBASE_STORAGE_BUCKET=cim-summarizer.firebasestorage.app
 VITE_FIREBASE_MESSAGING_SENDER_ID=245796323861
-VITE_FIREBASE_APP_ID=1:245796323861:web:39c1c86e0e4b405510041c
+VITE_FIREBASE_APP_ID=1:245796323861:web:39c1c86e0e4b405510041c
+VITE_ADMIN_EMAIL=jpressnell@bluepointcapital.com

frontend/src/services/adminService.ts

@@ -78,7 +78,7 @@ export interface SystemMetrics {
 }
 
 class AdminService {
-  private readonly ADMIN_EMAIL = 'jpressnell@bluepointcapital.com';
+  private readonly ADMIN_EMAIL = import.meta.env.VITE_ADMIN_EMAIL || '';
 
   /**
    * Check if current user is admin