ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Spec 119: Drift cutover to Baseline Compare (golden master) #144

Merged
ahmido merged 2 commits from feat/119-baseline-drift-engine into dev 2026-03-06 14:30:51 +00:00
Conversation 0 Commits 2 Files Changed 123 +4141 -3053
ahmido commented 2026-03-06 14:23:20 +00:00
Owner
Copy Link

Implements Spec 119 (Drift Golden Master Cutover):

  • Baseline Compare is the only drift writer (source = baseline.compare).
  • Drift findings now store diff-compatible evidence_jsonb (summary.kind, baseline/current policy_version_id refs, fidelity + provenance).
  • Findings UI renders one-sided diffs for missing_policy/unexpected_policy when a single ref exists; otherwise shows explicit “diff unavailable”.
  • Removes legacy drift generator runtime (jobs/services/UI) and related tests.
  • Adds one-time migration to delete legacy drift findings (finding_type=drift where source is null or != baseline.compare).
  • Scopes baseline capture & landing duplicate warnings to latest completed inventory sync.
  • Canonicalizes compliance scheduledActionsForRule drift signal and keeps legacy snapshots comparable.

Tests:

  • vendor/bin/sail artisan test --compact (full suite per tasks)
  • Focused pack: BaselinePolicyVersionResolverTest, BaselineCompareDriftEvidenceContractTest, DriftFindingDiffUnavailableTest, LegacyDriftFindingsCleanupMigrationTest, ComplianceNoncomplianceActionsDriftTest

Notes:

  • Livewire v4+ / Filament v5 compatible (no legacy APIs).
  • No new external dependencies.
Implements Spec 119 (Drift Golden Master Cutover): - Baseline Compare is the only drift writer (`source = baseline.compare`). - Drift findings now store diff-compatible `evidence_jsonb` (summary.kind, baseline/current policy_version_id refs, fidelity + provenance). - Findings UI renders one-sided diffs for `missing_policy`/`unexpected_policy` when a single ref exists; otherwise shows explicit “diff unavailable”. - Removes legacy drift generator runtime (jobs/services/UI) and related tests. - Adds one-time migration to delete legacy drift findings (`finding_type=drift` where source is null or != baseline.compare). - Scopes baseline capture & landing duplicate warnings to latest completed inventory sync. - Canonicalizes compliance `scheduledActionsForRule` drift signal and keeps legacy snapshots comparable. Tests: - `vendor/bin/sail artisan test --compact` (full suite per tasks) - Focused pack: BaselinePolicyVersionResolverTest, BaselineCompareDriftEvidenceContractTest, DriftFindingDiffUnavailableTest, LegacyDriftFindingsCleanupMigrationTest, ComplianceNoncomplianceActionsDriftTest Notes: - Livewire v4+ / Filament v5 compatible (no legacy APIs). - No new external dependencies.
ahmido added 2 commits 2026-03-06 14:23:21 +00:00 
- Enrich drift findings evidence_jsonb for diff UX (summary.kind, refs, fidelity, provenance)

- Add baseline policy version resolver and contract asserts

- Remove legacy drift generator + DriftLanding surfaces

- Add one-time cleanup migration for legacy drift findings

- Scope baseline capture/landing warnings to latest inventory sync

- Canonicalize compliance scheduledActionsForRule drift signal
ahmido merged commit da1adbdeb5 into dev 2026-03-06 14:30:51 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No Label
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: ahmido/TenantAtlas#144
No description provided.
Delete Branch "feat/119-baseline-drift-engine"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?