Add WHOOSH search service with BACKBEAT integration

Complete implementation:
- Go-based search service with PostgreSQL and Redis backend
- BACKBEAT SDK integration for beat-aware search operations
- Docker containerization with multi-stage builds
- Comprehensive API endpoints for project analysis and search
- Database migrations and schema management
- GITEA integration for repository management
- Team composition analysis and recommendations

Key features:
- Beat-synchronized search operations with timing coordination
- Phase-based operation tracking (started → querying → ranking → completed)
- Docker Swarm deployment configuration
- Health checks and monitoring
- Secure configuration with environment variables

Architecture:
- Microservice design with clean API boundaries
- Background processing for long-running analysis
- Modular internal structure with proper separation of concerns
- Integration with CHORUS ecosystem via BACKBEAT timing

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

scripts/deploy-swarm.sh

@@ -0,0 +1,79 @@
+#!/bin/bash
+set -e
+
+# WHOOSH Docker Swarm Deployment Script
+# Following CHORUS deployment patterns with SHHH secret management
+
+VERSION=${1:-v0.1.0-mvp}
+REGISTRY_HOST=registry.home.deepblack.cloud
+
+echo "🎭 WHOOSH Swarm Deployment - Version: $VERSION"
+
+# Get build information
+COMMIT_HASH=$(git rev-parse --short HEAD 2>/dev/null || echo "unknown")
+BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+
+# Build and push image
+echo "📦 Building WHOOSH image..."
+echo "   Version: $VERSION"
+echo "   Commit: $COMMIT_HASH"
+echo "   Build Date: $BUILD_DATE"
+
+docker build \
+    --build-arg VERSION=$VERSION \
+    --build-arg COMMIT_HASH=$COMMIT_HASH \
+    --build-arg BUILD_DATE="$BUILD_DATE" \
+    -t $REGISTRY_HOST/whoosh:$VERSION \
+    -t $REGISTRY_HOST/whoosh:latest \
+    .
+
+echo "🚀 Pushing to registry..."
+docker push $REGISTRY_HOST/whoosh:$VERSION
+docker push $REGISTRY_HOST/whoosh:latest
+
+# Update image version in swarm compose file
+sed -i "s|image: $REGISTRY_HOST/whoosh:.*|image: $REGISTRY_HOST/whoosh:$VERSION|" docker-compose.swarm.yml
+
+echo "🔐 Checking Docker Swarm secrets..."
+
+# Create secrets if they don't exist
+secrets=(
+    "whoosh_db_password"
+    "gitea_token" 
+    "whoosh_webhook_token"
+    "whoosh_jwt_secret"
+    "whoosh_service_tokens"
+    "whoosh_redis_password"
+)
+
+for secret in "${secrets[@]}"; do
+    if ! docker secret ls --filter name=$secret --format "{{.Name}}" | grep -q "^$secret$"; then
+        echo "⚠️  Secret '$secret' not found. Please create it first:"
+        echo "   echo 'your_secret_value' | docker secret create $secret -"
+        exit 1
+    else
+        echo "✅ Secret '$secret' exists"
+    fi
+done
+
+echo "📁 Creating volume directories..."
+sudo mkdir -p /rust/containers/WHOOSH/{postgres,redis}
+sudo chown -R 999:999 /rust/containers/WHOOSH/postgres  # postgres user
+sudo chown -R 999:999 /rust/containers/WHOOSH/redis     # redis user
+
+echo "🔄 Deploying WHOOSH stack..."
+docker stack deploy -c docker-compose.swarm.yml whoosh
+
+echo "⏰ Waiting for services to start..."
+sleep 10
+
+echo "📊 Service status:"
+docker service ls --filter label=com.docker.stack.namespace=whoosh
+
+echo "🌐 WHOOSH deployed successfully!"
+echo "   - API: https://whoosh.chorus.services"
+echo "   - Health: https://whoosh.chorus.services/health"
+echo "   - Ready: https://whoosh.chorus.services/health/ready"
+
+echo "📝 Monitor logs with:"
+echo "   docker service logs -f whoosh_whoosh"

scripts/setup-secrets.sh

@@ -0,0 +1,73 @@
+#!/bin/bash
+set -e
+
+# WHOOSH Docker Swarm Secrets Setup Script
+
+echo "🔐 Setting up WHOOSH Docker Swarm secrets..."
+
+# Function to create or update secret
+create_or_update_secret() {
+    local secret_name=$1
+    local secret_value=$2
+    local description=$3
+    
+    if docker secret ls --filter name=$secret_name --format "{{.Name}}" | grep -q "^$secret_name$"; then
+        echo "⚠️  Secret '$secret_name' already exists. To update, remove and recreate:"
+        echo "   docker secret rm $secret_name"
+        echo "   echo 'new_value' | docker secret create $secret_name -"
+    else
+        echo "$secret_value" | docker secret create $secret_name -
+        echo "✅ Created secret: $secret_name ($description)"
+    fi
+}
+
+# Generate random passwords and tokens
+WHOOSH_DB_PASSWORD=$(openssl rand -base64 32)
+WEBHOOK_TOKEN=$(openssl rand -hex 32)
+JWT_SECRET=$(openssl rand -base64 64)
+REDIS_PASSWORD=$(openssl rand -base64 32)
+
+# Service tokens (comma-separated list)
+SERVICE_TOKEN_1=$(openssl rand -hex 32)
+SERVICE_TOKEN_2=$(openssl rand -hex 32)
+SERVICE_TOKENS="$SERVICE_TOKEN_1,$SERVICE_TOKEN_2"
+
+# Read GITEA token from secrets directory
+if [ -f "/home/tony/chorus/business/secrets/gitea-token" ]; then
+    GITEA_TOKEN=$(cat /home/tony/chorus/business/secrets/gitea-token)
+    echo "📖 Using GITEA token from secrets directory"
+else
+    echo "❌ GITEA token not found at /home/tony/chorus/business/secrets/gitea-token"
+    echo "Please ensure the token file exists before running this script."
+    exit 1
+fi
+
+# Create secrets
+echo ""
+echo "Creating secrets..."
+
+create_or_update_secret "whoosh_db_password" "$WHOOSH_DB_PASSWORD" "PostgreSQL database password"
+create_or_update_secret "gitea_token" "$GITEA_TOKEN" "GITEA API access token"
+create_or_update_secret "whoosh_webhook_token" "$WEBHOOK_TOKEN" "GITEA webhook validation token"
+create_or_update_secret "whoosh_jwt_secret" "$JWT_SECRET" "JWT signing secret"
+create_or_update_secret "whoosh_service_tokens" "$SERVICE_TOKENS" "Service authentication tokens"
+create_or_update_secret "whoosh_redis_password" "$REDIS_PASSWORD" "Redis authentication password"
+
+echo ""
+echo "🔑 Secrets summary:"
+echo "   - whoosh_db_password: ✅"
+echo "   - gitea_token: ✅" 
+echo "   - whoosh_webhook_token: ✅"
+echo "   - whoosh_jwt_secret: ✅"
+echo "   - whoosh_service_tokens: ✅ (2 tokens)"
+echo "   - whoosh_redis_password: ✅"
+
+echo ""
+echo "📝 Save these service tokens for agent configuration:"
+echo "   Service Token 1: $SERVICE_TOKEN_1"
+echo "   Service Token 2: $SERVICE_TOKEN_2"
+echo "   Webhook Token: $WEBHOOK_TOKEN"
+
+echo ""
+echo "✅ WHOOSH secrets setup complete!"
+echo "You can now run: ./scripts/deploy-swarm.sh"