|
|
8ae7a7234e
|
feat/040-inventory-core (#43)
Summary
Implements Inventory Core (Spec 040): a tenant-scoped, mutable “last observed” inventory catalog + sync run logging, with deterministic selection hashing and safe derived “missing” semantics.
This establishes the foundation for Inventory UI (041), Dependencies Graph (042), Compare/Promotion (043), and Drift (044).
What’s included
• DB schema
• inventory_items (unique: tenant_id + policy_type + external_id; indexes; last_seen_at, last_seen_run_id)
• inventory_sync_runs (tenant_id, selection_hash/payload, status, started/finished, counts, error_codes, correlation_id)
• Selection hashing
• Deterministic selection_hash via canonical JSON (sorted keys + sorted arrays) + sha256
• Sync semantics
• Idempotent upsert (no duplicates)
• Updates last_seen_* when observed
• Enforces tenant scoping for all reads/writes
• Guardrail: inventory sync does not create snapshots/backups
• Missing semantics (derived)
• “missing” computed relative to latest completed run for same (tenant_id, selection_hash)
• Low confidence when latest run is partial/failed or had_errors=true
• Selection isolation (runs for other selections don’t affect missing)
• deleted is reserved (not produced here)
• Safety
• meta_jsonb whitelist enforced (unknown keys dropped; never fail sync)
• Safe error persistence (no bearer tokens / secrets)
• Locking to prevent overlapping runs for same tenant+selection
• Concurrency limiter (global + per-tenant) and throttling resilience (429/503 backoff + jitter)
Tests
Added Pest coverage for:
• selection_hash determinism (array order invariant)
• upsert idempotency + last_seen updates
• missing derived semantics + selection isolation
• low confidence missing on partial/had_errors
• meta whitelist drop (no exception)
• lock prevents overlapping runs
• no snapshots/backups side effects
• safe error persistence (no bearer tokens)
Non-goals
• Inventory UI pages/resources (Spec 041)
• Dependency graph hydration (Spec 042)
• Cross-tenant compare/promotion flows (Spec 043)
• Drift analysis dashboards (Spec 044)
Review focus
• Data model correctness + indexes/constraints
• Selection hash canonicalization (determinism)
• Missing semantics (latest completed run + confidence rule)
• Guardrails (no snapshot/backups side effects)
• Safety: error_code taxonomy + safe persistence/logging
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #43
|
2026-01-07 14:54:24 +00:00 |
|
|
|
dedca3c612
|
spec: add inventory specs 039-044 (#42)
What’s included
• specs/039-inventory-program/ — program/epic overview (vision + phased plan)
• specs/041-inventory-ui/ — UI skeleton (Inventory list, Coverage, Sync Runs)
• specs/042-inventory-dependencies-graph/ — dependency graph skeleton (assignments/filters/scope tags → later)
• specs/043-cross-tenant-compare-and-promotion/ — compare/promotion skeleton (read-only first; writes gated later)
• specs/044-drift-mvp/ — drift detection skeleton (read-only by default)
Why
We need a clear, spec-first structure for:
• separating Inventory (“last observed”) from Snapshots/Backups (immutable)
• scaling to MSP / multi-tenant workflows (portfolio, compare, monitoring)
• making future modules (security suite, drift, promotion) consistent with the Constitution (fail-safe, auditability, contract-driven Graph)
Scope / Non-goals (this PR)
• No implementation tasks executed
• No DB migrations, services, jobs, or UI changes
• No changes to Graph contracts or supported policy types
Review focus
• Naming/numbering and folder structure (spec.md, plan.md, tasks.md for each spec)
• Scope boundaries and non-goals across 041–044
• Alignment with Constitution principles (tenant isolation, read-only default for analysis, explicit gating for high-risk writes)
Follow-up (next PRs)
• Spec 040: Inventory Core (data model + selection hash + missing semantics + NFRs + tests)
• Implementation PRs will be split per spec (040 → 041 → 042/043/044)
⸻
Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #42
|
2026-01-07 14:01:07 +00:00 |
|
