ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity

docs: platform productization readiness and roadmap reconciliation (spec 345) #417

Merged
ahmido merged 1 commits from 345-platform-productization-readiness-roadmap-reconciliation-gate into platform-dev 2026-06-02 10:47:30 +00:00
Conversation 0 Commits 1 Files Changed 10 +1256
10 changed files with 1256 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/app-boundary-map.md Normal file
View File

@ -0,0 +1,61 @@
# App Boundary Map — Spec 345
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Date**: 2026-06-02
## Belongs in `/platform`
- Internal MSP/operator control-plane work:
- Governance Inbox and Decision Register follow-through
- Findings, accepted-risk, and review/workflow closure
- Provider connections, onboarding readiness, required permissions, and safe integration recovery
- Evidence overview, review packs, stored reports, audit log, and retained-artifact truth
- Monitoring, operations, alerts, and cross-domain indicator semantics
- Customer-safe output preparation inside operator-managed flows
- Practical rule:
- customer-safe summaries may be rendered inside `/platform` while the operator plane is still the product of record
- this does **not** make `/platform` the customer portal
## Belongs in `/customerportal`
- External customer-consumption surfaces that should consume already-stable platform outputs instead of re-implementing them:
- customer-facing review history
- customer-facing evidence/review-pack download center
- external accepted-risk / acknowledgement consumption if ever moved outside the operator plane
- branded customer document library and follow-up intake
- any future `Virtual Consultant / External Portal Guidance` runtime
- Boundary rule:
- do not implement these inside Filament `/platform`
- prepare the output contracts first in `/platform`, then expose them in `/customerportal`
## Belongs in `/website`
- Public marketing and acquisition work:
- pricing
- product pages
- public docs or public knowledge pages
- lead capture / waitlist / demo request
- public trust-pack style content
- Boundary rule:
- no marketing/public lead-gen surface should be hidden inside the operator platform backlog
## Belongs in `/system`
- Platform-operator and break-glass work:
- support-access governance and support access history
- workspace directory / closure / commercial truth mutation surfaces
- global ops and break-glass tooling
- other platform-owner-only administration that should not live in tenant/workspace operator flow
## Deferred (explicit)
- `/customerportal` as a product line is explicitly deferred until the operator platform outputs are calmer and more stable.
- Customer billing/self-serve portals are deferred; current commercial truth belongs in operator/system workflows.
- External portal guidance, customer self-serve evidence history, and customer-facing workflow intake stay deferred even when customer-safe summaries already exist in `/platform`.
- AI-visible customer-facing portal behavior stays deferred until a first governed runtime AI consumer exists inside the platform.
## Current Boundary Judgment
- The next spec should stay in `/platform`.
- The next spec should **not** start `/customerportal`.
- Existing customer-safe review work inside `/platform` should be treated as operator-managed output preparation, not as a hidden portal bootstrap.

63
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/candidate-reconciliation.md Normal file
View File

@ -0,0 +1,63 @@
# Candidate Reconciliation — Spec 345
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Date**: 2026-06-02
## Buckets
- A — Now platform-critical
- B — Platform productization
- C — Feature expansion
- D — Customer Portal (`/customerportal`)
- E — Website / marketing (`/website`)
- F — Covered / obsolete / duplicate
- G — Research / roadmap only
## Candidate Table
| Candidate | Source file | Current status | Bucket (AG) | Reason | Keep / Merge / Defer / Drop / Move | Target app | Suggested spec # / roadmap group |
|---|---|---|---|---|---|---|---|
| `decision-based-governance-inbox-v1` | `docs/product/spec-candidates.md` | open gap; first-wave runtime exists in `specs/327-*` | A | Biggest remaining operator workflow gap after shell and customer-review closure. Decision register proof/history already exists; the missing piece is queue-clearing operator flow. | Keep as the primary active lane. Narrow it to workflow closure over existing governance truth. | `/platform` | New follow-up over `specs/327-*`, `specs/265-*`, `specs/306-*`, `specs/307-*`, `specs/308-*` |
| `Governance Inbox decision experience` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | open design-follow-up lane | A | Matches the same remaining gap as `decision-based-governance-inbox-v1`. | Merge into the same next spec; do not create a parallel design-only runtime lane. | `/platform` | Same as above |
| `Governance Artifact Lifecycle & Retention v1` | `docs/product/spec-candidates.md`; `docs/product/roadmap.md` | prepared package exists; runtime gap still open | B | Important retained-output trust and auditability follow-through, but not the immediate operator queue blocker. | Keep and implement from the existing prepared package when governance workflow closure lands or when retained-artifact clarity becomes release pressure. | `/platform` | `specs/267-artifact-lifecycle-retention/` |
| `Provider onboarding/readiness UX cleanup` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | open design-follow-up lane over repo-real provider surfaces | B | Trust-critical setup surface still needs calmer summary, next action, and safer dangerous-action framing. | Keep as later productization follow-through after governance inbox. | `/platform` | New follow-up over `specs/339-*` and `specs/281-*` |
| `environment-resource-context-follow-through` | `docs/product/spec-candidates.md` | conditional open gap | B | Shell and canonical routes are stable, but this still exists as a targeted anti-hidden-context cleanup lane if fresh drift appears inside selected resources. | Keep only as a narrow residual hardening candidate; do not reopen broad shell work. | `/platform` | Existing follow-through candidate, only if fresh evidence appears |
| `Cross-Domain Progress / Indicator Semantics candidate group` | `docs/product/spec-candidates.md`; `specs/278-cross-domain-indicator-audit/spec.md` | docs-only audit completed; runtime follow-through still open | B | Product has the audit and follow-up map, but not yet a bounded runtime adoption pass. | Keep as later productization guardrail, not as the next spec. | `/platform` | Follow-up over `specs/278-cross-domain-indicator-audit/` |
| `Operations Hub productization` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | broad lane mostly covered; residual semantics/polish remain | F | The main operations-hub productization already moved through `specs/328-*`; the live residual issue is shared indicator/semantics drift, not a missing hub. | Merge any remaining need into the indicator-semantics follow-up instead of reopening a broad hub lane. | `/platform` | Covered by `specs/328-*` plus later indicator follow-through |
| `Restore safety UX productization` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | later safety/workflow polish lane | C | Restore is already a strong core capability; this target-image lane is valuable but not the immediate productization gate. | Defer behind governance workflow and provider/artifact trust work. | `/platform` | Backup/restore follow-up lane |
| `Drift/Baseline decision experience` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | later decision/polish lane over strong core runtime | C | Drift/baseline core is already sellable; this lane is a later UX deepening of assignment/evidence hierarchy, not a blocking missing foundation. | Defer. | `/platform` | Drift/findings follow-up lane |
| `Workspace and Environment dashboard productization` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | residual design-follow-up lane | B | Runtime shell/dashboard truth is already strong; remaining need is bounded polish, not a foundational rebuild. | Defer until real operator pain appears. | `/platform` | Dashboard polish backlog |
| `Evidence and review pack consumption productization` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | partially covered by later specs; residual retained-artifact gap remains | B | Core evidence/review-pack flow is strong; the remaining gap is retained-artifact/state clarity, not the original broad lane. | Merge residual need into artifact lifecycle or stored-report follow-through. | `/platform` | `specs/267-artifact-lifecycle-retention/` or retained-artifact follow-up |
| `Stored Reports Surface v1` | `docs/product/spec-candidates.md` | later runtime package exists with completed task checklist markers | F | Candidate wording is stale relative to `specs/277-stored-reports-surface/` and the current `StoredReportResource`. | Drop from active candidate queue; keep only as historical context. | `/platform` | Covered by `specs/277-stored-reports-surface/` |
| `customer-review-workspace-v1-completion` | `docs/product/spec-candidates.md` | stale open candidate; later runtime follow-through exists | F | Covered by `specs/312-*`, `specs/342-*`, `specs/343-*`, and `specs/344-*`. The lane is no longer the next open gap. | Drop from active queue; keep historical note only. | `/platform` | Covered by Specs `312`, `342`, `343`, `344` |
| `Customer Review Workspace productization` | `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md` | design lane closed by later runtime work | F | Same gap as above; target-image lane is now mostly historical context. | Drop as an active implementation lane. | `/platform` | Covered by Specs `312`, `342`, `343`, `344` |
| `provider-connection-scope-hardening` | `docs/product/spec-candidates.md` | stale open candidate; later runtime follow-through exists | F | Covered by `specs/339-provider-connection-scope-hardening/` and later provider-scope package `specs/281-provider-connection-scope/`. | Drop from active queue; retain historical reference only. | `/platform` | Covered by Specs `339` and `281` |
| `canonical-link-query-cleanup` | `docs/product/spec-candidates.md` | stale open candidate; implemented follow-through exists | F | Covered by `specs/341-canonical-link-query-cleanup/`. | Drop from active queue. | `/platform` | Covered by Spec `341` |
| `product-truth-docs-drift-cleanup` | `docs/product/spec-candidates.md` | stale open candidate; docs/product-truth follow-through exists | F | Covered by `specs/310-product-truth-docs-drift-reconciliation/`. | Drop from active queue. | `/platform` | Covered by Spec `310` |
| `legacy-compatibility-dead-code-retirement` | `docs/product/spec-candidates.md` | mostly historical after tenant-panel cleanup | F | Main tenant-panel / `/admin/t` dead-code retirement already moved through `specs/304-*`; any further cleanup should require fresh proof. | Drop as a standing candidate; reopen only on concrete regression. | `/platform` | Covered by `specs/304-tenant-panel-dead-code-retirement/` |
| `Admin Workspace Navigation & Tenant-owned Surface Repair candidate group` | `docs/product/spec-candidates.md` | historical sequencing group; most items promoted and implemented | F | Inventory cutover, route audit, groups cutover, and tenant-panel retirement already moved through Specs `301`-`304`. Only `navigation-contract-split` remains conditional. | Keep only as historical grouping plus one conditional residual. | `/platform` | Covered by Specs `301`-`304`; conditional residual only |
| `Decision Register Evidence / OperationRun Link Polish` | `docs/product/spec-candidates.md` | historical item, implemented | F | Explicitly marked historical and covered by `specs/307-*`. | Drop from active candidate logic. | `/platform` | Covered by Spec `307` |
| `Decision Register Customer-Safe Summary / Review-Pack Inclusion` | `docs/product/spec-candidates.md` | historical item, implemented | F | Explicitly historical and covered by `specs/308-*`. | Drop from active candidate logic. | `/platform` | Covered by Spec `308` |
| `Commercial Entitlements & Billing-State Lifecycle v1` / `Billing & Subscription Truth Layer v1` | `docs/product/spec-candidates.md` | stale open candidate; later package exists with completed task markers | F | The remaining commercial truth lane has already been turned into `specs/274-billing-subscription-truth/` over the earlier 247/251 foundation. | Drop from candidate queue; treat future portal/self-serve work separately. | `/platform` | Covered by `specs/274-billing-subscription-truth/` |
| `Customer-Facing Localization v1` / `Customer-Facing Localization Adoption v1` | `docs/product/spec-candidates.md` | stale open candidate; later packages exist with completed task markers | F | Covered by `specs/275-customer-facing-localization-adoption/` and neutralization follow-through in `specs/286-ui-copy-ia-localization-neutralization/`. | Drop from active queue; future external-surface wording belongs elsewhere. | `/platform` | Covered by Specs `275` and `286` |
| `External Support Desk / PSA Handoff v1` | `docs/product/spec-candidates.md` | v1 candidate already promoted; broader sync still separate | F | Bounded v1 is already covered by `specs/256-external-support-desk-handoff/`. Remaining ITSM sync ambitions are a separate expansion lane. | Drop the v1 candidate; keep later sync only as future feature-expansion work. | `/platform` | Covered by Spec `256` |
| `Cross-Tenant Compare & Promotion with Lineage v1` | `docs/product/spec-candidates.md` | split across existing compare and promotion packages | F | Compare preview/preflight and promotion execution already live in `specs/043-*` and `specs/264-*`. | Drop as a standing candidate; use the existing spec packages instead. | `/platform` | Covered by Specs `043` and `264` |
| `Governance Service Packaging v1` | `docs/product/spec-candidates.md` | v1 candidate already promoted and implemented in bounded form | F | Covered by `specs/260-governance-service-packaging/`. | Drop the v1 candidate; keep only later recurring-delivery expansion if needed. | `/platform` | Covered by Spec `260` |
| `Enterprise Access Boundary & Support Access Governance v1` | `docs/product/spec-candidates.md` | stale open candidate; later package exists with completed task markers | F | Support-access governance moved into `specs/276-support-access-governance/`. | Drop from active queue. | `/system` | Covered by Spec `276` |
| `Private AI Execution Governance Foundation v1` | `docs/product/spec-candidates.md` | foundation already spec-backed and repo-real | F | Covered by `specs/248-private-ai-policy-foundation/`; the real open question is a first governed runtime consumer. | Drop the foundation candidate; keep runtime-consumer follow-up separately. | `/platform` | Covered by Spec `248` |
| `Workspace, Tenant & Managed Object Lifecycle Governance v1` | `docs/product/spec-candidates.md` | historical/manual-promotion item already promoted to taxonomy-first package | F | Explicitly superseded by `specs/262-lifecycle-governance-taxonomy/`. | Drop from active candidate logic. | `/platform` | Covered by Spec `262` |
| `Workspace-first / ManagedEnvironment Core Cutover candidate pack` | `docs/product/spec-candidates.md` | candidate pack has already been split into concrete spec series | F | As a single candidate pack it is obsolete; the real work now lives in prepared/implemented packages `279`-`287`. | Replace pack-level queue entry with the concrete spec-series truth. | `/platform` | Covered/split into Specs `279`-`287` |
| `OperationRun Activity Feedback & UI Governance candidate group` | `docs/product/spec-candidates.md` | umbrella lane partly split into concrete specs and audit packages | F | Core follow-through already split into `specs/268-*`, `specs/270-*`, `specs/271-*`, `specs/272-*`, and the docs-only audit `specs/278-*`. | Do not keep the umbrella candidate active; use the split follow-up lanes only. | `/platform` | Covered/split |
| `environment-helper-naming-follow-through` / `tenant-helper-naming-cleanup` | `docs/product/spec-candidates.md` | low-value cleanup candidate | G | Cleanup is real but not a productization gate. It should only move if it unblocks fresh implementation or prevents proven drift. | Defer. | `/platform` | Cleanup backlog only |
| `First Governed AI Runtime Consumer v1` | `docs/product/spec-candidates.md` | valid but later strategic follow-up | G | The foundation exists, but this is not required before the current platform productization gaps close. | Defer behind platform-critical operator workflow work. | `/platform` | Later AI roadmap |
| `291 Virtual Consultant / External Portal Guidance v1` | `docs/product/spec-candidates.md`; `docs/product/roadmap.md` | roadmap-only external-surface idea | D | This is explicitly an external/portal concept, not the next Filament platform slice. | Move to a future `/customerportal` roadmap line. | `/customerportal` | Deferred customer-portal line |
| customer-facing review history / evidence download center / accepted-risk self-serve | boundary inferred from repeated portal non-goals across `specs/259-*`, `specs/260-*`, `specs/326-*`, `specs/342-*`, `specs/343-*`, `specs/344-*` | not an active platform candidate; repeatedly deferred | D | Repo history consistently says these should not be smuggled into `/platform` while the operator plane is still being productized. | Defer explicitly to `/customerportal`. | `/customerportal` | Future portal roadmap, not current platform queue |
| website pricing / public docs / lead capture | roadmap-adjacent, not active product candidate queue | not a platform candidate | E | Public marketing, pricing, and lead-gen belong to the separate website app, not the Filament control plane. | Move to `/website` planning only. | `/website` | Website roadmap only |
## Coverage Notes
- The table above classifies:
- current manual-promotion candidates from `docs/product/spec-candidates.md`,
- grouped UI-audit implementation lanes from `docs/ui-ux-enterprise-audit/grouped-follow-up-candidates.md` and `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md`,
- explicit external-surface ideas that must not drift into `/platform`.
- Historical `Promoted to Spec` entries in `docs/product/spec-candidates.md` were not re-listed one by one because the source file already classifies them as historical promotions rather than open candidates. Where an item still appeared open elsewhere, this report reclassified it explicitly.

37
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/checklists/requirements.md Normal file
View File

@ -0,0 +1,37 @@
# Specification Quality Checklist: Spec 345 - Platform Productization Readiness & Roadmap Reconciliation Gate
**Purpose**: Validate Spec 345 completion as a docs-only readiness gate (no runtime changes).
**Created**: 2026-06-02
**Feature**: `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/spec.md`
## Candidate Selection Gate
- [x] CHK001 The selected work item is explicitly Spec 345 (provided directly by the user as a readiness audit gate).
- [x] CHK002 No existing `specs/345-*` package or `345-*` branch existed before this work.
- [x] CHK003 Related specs (338344) were checked for completed-spec signals and treated as context only.
## Read-only Guard
- [x] CHK010 No runtime app files were changed under `apps/platform/` or `apps/website/`.
- [x] CHK011 No routes, migrations, models, services, jobs, Filament resources/pages, views, or tests were added/changed.
## Artifact Completeness (Spec 345 Outputs)
- [x] CHK020 `spec.md` exists and reflects the user-provided Spec 345 draft, tightened to repo conventions.
- [x] CHK021 `plan.md` exists and describes the repo-truth audit approach without implying runtime work.
- [x] CHK022 `tasks.md` exists and is ordered + verifiable for a docs-only gate.
- [x] CHK023 `repo-truth-map.md` exists and records repo sources and git state.
- [x] CHK024 `platform-readiness-report.md` exists and includes the readiness table + blockers.
- [x] CHK025 `candidate-reconciliation.md` exists and classifies every discovered active/manual/UI-audit candidate lane with no unresolved `unknown` status.
- [x] CHK026 `roadmap-reconciliation.md` exists and maps themes to repo truth (implemented/productized/partial/candidate-only/roadmap-only/deferred).
- [x] CHK027 `app-boundary-map.md` exists and separates `/platform`, `/customerportal`, `/website`, `/system`.
- [x] CHK028 `next-spec-recommendation.md` exists and names one primary next spec plus an ordered follow-up list.
## Validation
- [x] CHK030 `git diff --check` passes.
- [x] CHK031 Work tree contains only docs/spec artifacts (no unintended changes).
## Result
- [x] CHK040 Result: Spec 345 gate artifacts complete and internally consistent.

46
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/next-spec-recommendation.md Normal file
View File

@ -0,0 +1,46 @@
# Next Spec Recommendation — Spec 345
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Date**: 2026-06-02
## Recommended next spec
- **Recommended next spec**: `Governance Inbox Final Operator Workflow` — a narrow follow-up over `specs/327-governance-inbox-decision-first-workbench-productization/`, `specs/265-decision-register-approval/`, `specs/306-decision-register-reconciliation/`, `specs/307-decision-register-evidence-operationrun-link-polish/`, and `specs/308-decision-register-summary-review-pack/`
- **Reason**: Repo truth shows that shell/scope, customer review, and evidence/review-pack foundations are already much stronger than the backlog wording suggests. The largest remaining operator-facing gap is the central decision queue itself: `/admin/governance/inbox` still needs one dominant queue-clearing posture, calmer evidence ordering, explicit next action, and stronger downstream customer-safe wording before the platform feels fully repeatable and sellable.
- **Why not the alternatives**:
- **Not Customer Review Workspace again**: that lane is already materially closed by `specs/312-*`, `specs/342-*`, `specs/343-*`, and `specs/344-*`.
- **Not Evidence & Review Pack Output Contract first**: core evidence/review-pack flow is already strong through `specs/329-*` and `specs/337-*`; the remaining evidence gap is mostly retained-artifact lifecycle clarity, not core output availability.
- **Not Provider Readiness first**: provider surfaces still need calmer trust framing, but they are already scope-safe and usable after `specs/339-*` and `specs/281-*`; the governance queue is the more central daily-use blocker.
- **Not Localization & Customer-Safe Copy first**: major localization/neutralization follow-through already exists in `specs/275-*` and `specs/286-*`; remaining work is QA/polish.
- **Not a new smoke-matrix-first spec**: targeted Browser/Feature confidence is already strong through `specs/340-*` and recent strategic Browser suites; workflow clarity is the bigger current productization issue.
- **Not Customer Portal**: repo history repeatedly rejects sneaking external-consumption work into Filament `/platform`, and the boundary still holds.
- **Preconditions**:
- keep workspace/environment shell contracts from `specs/338-*` to `specs/341-*` untouched
- treat Decision Register as the historical/proof ledger, not as the primary queue
- reuse existing finding, evidence, review, accepted-risk, and `OperationRun` links rather than creating new truth
- forbid new task-engine, Kanban, PSA, or customer-portal scope
- **Risks**:
- scope creep into a generic workboard or approval engine
- duplicating decision truth already present in Decision Register or finding/exception surfaces
- adding workflow mutation scope that should remain in existing owner surfaces
- **Acceptance target**:
- `/admin/governance/inbox` reads as the central operator queue
- one dominant next action is visible per decision item or section
- evidence basis, owner, age/SLA, and environment scope are explicit without overloading diagnostics
- links into findings, reviews, proof, runs, and historical decisions reuse current truth instead of inventing new persistence
- no portal, no new decision table, no new approval engine, and no shell rewrite are introduced
- **Follow-up sequence (next 37 specs)**:
1. `Governance Inbox Final Operator Workflow` (new follow-up over current governance runtime)
2. `specs/267-artifact-lifecycle-retention/` if retained-output trust remains the next strongest blocker after governance closure
3. `Provider Readiness / Onboarding Productization` as a narrow follow-up over `specs/339-*` and `specs/281-*`
4. runtime follow-through for `specs/278-cross-domain-indicator-audit/` if indicator drift keeps reappearing on dashboards/ops/evidence surfaces
5. retained-artifact browse/report polish only if `StoredReportResource` still feels insufficient after artifact-lifecycle work
6. later strategic work such as a first governed AI runtime consumer only after the operator platform is calmer
## Deferred Lines (explicit)
- **Customer portal line**:
- defer external customer review history, evidence download center, branded document consumption, and any external portal guidance into a future `/customerportal` roadmap
- do not pull these into Filament `/platform` as “just one more read-only page”
- **Feature-expansion line**:
- broader PSA/ITSM sync, first governed AI runtime consumer, cross-tenant portfolio expansion, and customer self-serve commercial flows stay behind the operator-platform productization sequence above

245
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/plan.md Normal file
View File

@ -0,0 +1,245 @@
# Implementation Plan: Spec 345 - Platform Productization Readiness & Roadmap Reconciliation Gate
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate` | **Date**: 2026-06-02 | **Spec**: `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/spec.md`
**Input**: Feature specification from `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/spec.md`
## Summary
Spec 345 is a docs-only readiness gate. The implementation is a single repo-truth reconciliation pass across product docs, active spec packages, UI audits, current Filament surfaces, and existing tests/browser artifacts. No runtime code is changed. The deliverable is a completed decision package: readiness report, candidate reconciliation, roadmap reconciliation, app-boundary map, and next-spec recommendation.
## Technical Context
**Language/Version**: Markdown documentation, shell inspection, Laravel 12.52 / Filament 5.2.1 / Livewire 4.1.4 as audited runtime context
**Primary Dependencies**: existing spec packages, `docs/product/*`, `docs/ui-ux-enterprise-audit/*`, Laravel Boost read-only inspection tools
**Storage**: N/A - no runtime storage change
**Testing**: none for runtime behavior; docs integrity checks only
**Validation Lanes**: N/A / docs-only
**Target Platform**: repository docs under `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/`
**Project Type**: single Laravel/Filament product audit package
**Performance Goals**: complete one bounded reconciliation pass without spawning new implementation scope
**Constraints**: no runtime changes, no route/model/service/test edits, no candidate deletion without reason, no customer portal implementation
**Scale/Scope**: current product docs, recent spec packages, key UI audit reports, and read-only inspection of current `apps/platform` surfaces
## UI / Surface Guardrail Plan
- **Guardrail scope**: no operator-facing surface change
- **Affected routes/pages/actions/states/navigation/panel/provider surfaces**: N/A - inspection only
- **No-impact class, if applicable**: docs-only
- **Native vs custom classification summary**: N/A
- **Shared-family relevance**: review-only across existing shared families
- **State layers in scope**: none changed; shell/page/detail/URL-query are audited only
- **Audience modes in scope**: operator-MSP, support-platform, customer-safe output as audit targets only
- **Decision/diagnostic/raw hierarchy plan**: evaluate current hierarchy, but do not change it
- **Raw/support gating plan**: audit current behavior only
- **One-primary-action / duplicate-truth control**: assess current surfaces and reflect remaining gaps in reports
- **Handling modes by drift class or surface**: report-only
- **Repository-signal treatment**: review-mandatory for stale roadmap/candidate claims, report-only for runtime findings outside scope
- **Special surface test profiles**: N/A
- **Required tests or manual smoke**: none required for this spec; existing browser/test evidence may be cited
- **Exception path and spread control**: none
- **Active feature PR close-out entry**: N/A
- **UI/Productization coverage decision**: No UI surface impact
- **Coverage artifacts to update**: none by default
- **No-impact rationale**: this package audits current surfaces without changing rendered UI
- **Navigation / Filament provider-panel handling**: read-only audit only
- **Screenshot or page-report need**: no new screenshots required unless a future follow-up spec reruns browser audit work
## Shared Pattern & System Fit
- **Cross-cutting feature marker**: yes
- **Systems touched**: `docs/product/spec-candidates.md`, `docs/product/roadmap.md`, `docs/product/implementation-ledger.md`, `docs/ui-ux-enterprise-audit/*`, recent spec repo-truth maps, recent implementation reports
- **Shared abstractions reused**: repo-truth maps, readiness language, UI audit page reports, implementation-ledger maturity terms
- **New abstraction introduced? why?**: none
- **Why the existing abstraction was sufficient or insufficient**: sufficient as evidence sources, insufficient as a single current reconciliation answer after recent platform work
- **Bounded deviation / spread control**: none; no new runtime or process framework is introduced
## OperationRun UX Impact
- **Touches OperationRun start/completion/link UX?**: no
- **Central contract reused**: N/A
- **Delegated UX behaviors**: N/A
- **Surface-owned behavior kept local**: audit only
- **Queued DB-notification policy**: N/A
- **Terminal notification path**: N/A
- **Exception path**: none
## Provider Boundary & Portability Fit
- **Shared provider/platform boundary touched?**: no runtime change
- **Provider-owned seams**: audited only (`ProviderConnectionResource`, onboarding/readiness surfaces)
- **Platform-core seams**: audited only (`WorkspaceContext`, workspace/environment shell, governance/evidence/review surfaces)
- **Neutral platform terms / contracts preserved**: workspace, managed environment, provider connection, evidence, review pack, governance decision, customer-safe output
- **Retained provider-specific semantics and why**: existing Microsoft-shaped runtime seams remain unchanged; the audit only flags where future work still risks spreading them further
- **Bounded extraction or follow-up path**: future follow-up spec if readiness review shows provider-boundary work is still blocking productization
## Constitution Check
Spec 345 is a docs-only gate and does not create runtime behaviors. Constitution-sensitive implications are therefore audit-only:
- Inventory-first, read/write separation, RBAC, OperationRun, audit, and provider-boundary rules are checked as current repo truth, not changed.
- No new persistence, abstraction, status family, or UI framework is introduced, so proportionality and anti-bloat rules pass by staying read-only.
- No destructive actions, Graph calls, Filament panel changes, or global search changes are introduced.
## Implementation Scope Gate
The implementation is limited to:
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/spec.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/plan.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/tasks.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/repo-truth-map.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/platform-readiness-report.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/candidate-reconciliation.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/roadmap-reconciliation.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/app-boundary-map.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/next-spec-recommendation.md`
- `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/checklists/requirements.md`
No other files are in scope unless the user explicitly asks for bounded candidate-doc updates later.
## Repo Sources To Reconcile
### Product docs
- `docs/product/spec-candidates.md`
- `docs/product/roadmap.md`
- `docs/product/implementation-ledger.md`
- `docs/product/discoveries.md`
### UI audit inputs
- `docs/ui-ux-enterprise-audit/route-inventory.md`
- `docs/ui-ux-enterprise-audit/design-coverage-matrix.md`
- `docs/ui-ux-enterprise-audit/strategic-surfaces.md`
- `docs/ui-ux-enterprise-audit/grouped-follow-up-candidates.md`
- `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md`
- key page reports for workspace overview, environment dashboard, operations, governance inbox, decision register, customer review workspace, audit log, provider connections, reviews, and finding exceptions queue
### Recent spec truth
- `specs/326-customer-review-workspace-v1-productization/`
- `specs/327-governance-inbox-decision-first-workbench-productization/`
- `specs/328-operations-hub-decision-first-workbench-productization/`
- `specs/329-evidence-audit-log-disclosure-productization/`
- `specs/337-evidence-review-pack-product-process-flow-alignment/`
- `specs/338-workspace-environment-resource-scope-contract/`
- `specs/339-provider-connection-scope-hardening/`
- `specs/340-post-scope-contract-browser-verification-gate/`
- `specs/341-canonical-link-query-cleanup/`
- `specs/342-customer-review-workspace-final-consumption-productization/`
- `specs/343-customer-review-attestation-accepted-risk-lifecycle/`
- `specs/344-customer-review-workspace-density-audience-polish/`
### Runtime inspection surfaces (read-only)
- `apps/platform/app/Filament/Pages/`
- `apps/platform/app/Filament/Resources/`
- `apps/platform/resources/views/filament/pages/`
- `apps/platform/tests/Feature/`
- `apps/platform/tests/Browser/`
## Technical Approach
### Phase 1 - Baseline and source discovery
Record current branch/worktree state, list candidate and roadmap sources, and explicitly separate active queue sources from historical or audit-only sources.
### Phase 2 - Candidate reconciliation
Classify each discovered candidate lane into A-G, collapsing duplicate historical entries where the repo already shows a later spec or a superseding runtime slice. Do not silently delete history; instead, mark covered items as covered and active items as still open.
### Phase 3 - Roadmap reconciliation
Map roadmap themes to current repo truth. Distinguish themes that are already repo-real from those that are still productization gaps, spec-only, or roadmap-only.
### Phase 4 - Platform readiness audit
Use current code paths, recent spec close-outs, UI audit reports, and existing test/browser artifacts to score each major platform area. Report blockers and confidence level without pretending that unrun tests were re-validated in this spec.
### Phase 5 - Boundary map and next-spec sequence
Separate platform work from customer portal, website, and system work. Use the readiness and candidate maps to pick one primary next spec and an ordered follow-up sequence.
## Domain / Model Implications
No domain model or schema changes. The plan only references existing domain truth such as:
- `Workspace`
- `ManagedEnvironment`
- `EnvironmentReview`
- `EnvironmentReviewAcknowledgement`
- `EvidenceSnapshot`
- `ReviewPack`
- `StoredReport`
- `Finding`
- `FindingException`
- `OperationRun`
- `ProviderConnection`
These models are evidence for readiness, not modification targets.
## UI / Filament Implications
No Filament runtime code changes are planned. The plan audits current surfaces only. Filament v5 on Livewire v4 remains the runtime posture; provider registration remains in `apps/platform/bootstrap/providers.php`.
## Livewire Implications
No Livewire runtime changes. Existing Livewire/Filament page behavior is assessed through repo truth only.
## RBAC / Policy Implications
No authorization behavior changes. The reports must preserve and describe:
- workspace membership as the first isolation boundary,
- managed-environment or record-level entitlement as the second boundary where applicable,
- `404` for out-of-scope/non-member access,
- `403` for in-scope actors missing capability,
- customer-safe output vs operator/support diagnostics separation.
## Audit / Evidence / Operation Implications
No new audit events, evidence flows, or OperationRun behaviors are introduced. The plan only evaluates whether existing proof, evidence, review, and audit surfaces are productized enough.
## Data / Migration Implications
None. No migrations, data backfills, schema changes, or compatibility work are allowed in Spec 345.
## Test Strategy
Because Spec 345 is docs-only:
- Do not run the full application test suite by default.
- Reuse existing test and browser evidence from recent spec packages as repo truth.
- Validate only documentation integrity and worktree safety:
- `git status --short --branch`
- `git diff --stat`
- `git diff --check`
If the user later requests additional confidence, targeted runtime test commands can be proposed as a separate follow-up step, not assumed inside this spec.
## Rollout Considerations
- **Runtime rollout**: none
- **Deployment impact**: none
- **Migration impact**: none
- **Queue / scheduler impact**: none
- **Storage / asset impact**: none
- **Filament assets**: unchanged; existing `filament:assets` deployment posture remains untouched
## Risk Controls
- Keep edits inside the Spec 345 package only.
- Treat completed or implementation-closed specs as read-only historical evidence.
- Do not reopen or normalize earlier spec history.
- Mark uncertain themes as `candidate only`, `roadmap only`, or `deferred` instead of guessing implementation maturity.
- Do not use the audit to justify unrequested runtime fixes.
## Implementation Phases
1. Baseline repo state and source discovery
2. Candidate inventory and A-G classification
3. Roadmap theme reconciliation
4. Platform readiness scoring and blocker inventory
5. App-boundary mapping
6. Next-spec recommendation
7. Docs-only validation and checklist close-out

39
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/platform-readiness-report.md Normal file
View File

@ -0,0 +1,39 @@
# Platform Readiness Report — Spec 345
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Date**: 2026-06-02
## Readiness Table
| Area | Current state | Readiness state (16) | Evidence (repo paths) | Blockers | Recommended action | Next spec? |
|---|---|---:|---|---|---|---|
| Workspace/Environment Shell | Workspace hubs vs environment-bound pages are stable, route-owned, and recently browser-verified. | 1 | `specs/338-workspace-environment-resource-scope-contract/spec.md`; `specs/340-post-scope-contract-browser-verification-gate/audit-report.md`; `specs/341-canonical-link-query-cleanup/spec.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-001-workspace-overview.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-002-environment-dashboard.md` | No structural blocker found; only minor helper-copy follow-up (`B-340-001`) remains. | Keep the shell frozen; do not reopen scope/navigation unless fresh regression evidence appears. | No |
| Customer Review Workspace | Customer-safe review consumption, acknowledgement, accepted-risk visibility, and density hierarchy are repo-real and heavily covered. | 1 | `specs/312-customer-review-workspace-v1-completion/spec.md`; `specs/342-customer-review-workspace-final-consumption-productization/spec.md`; `specs/343-customer-review-attestation-accepted-risk-lifecycle/spec.md`; `specs/344-customer-review-workspace-density-audience-polish/spec.md`; `apps/platform/tests/Browser/Spec342CustomerReviewWorkspaceConsumptionSmokeTest.php`; `apps/platform/tests/Browser/Spec343CustomerReviewAttestationAcceptedRiskSmokeTest.php`; `apps/platform/tests/Browser/Spec344CustomerReviewWorkspaceDensitySmokeTest.php`; `docs/ui-ux-enterprise-audit/page-reports/ui-006-customer-review-workspace.md` | Residual wording/localization QA may still surface in operator use, but the lane is no longer a platform-critical missing feature. | Treat this lane as closed for now; only reopen for narrow polish proven by operator feedback. | No |
| Evidence / Review Packs | Evidence overview, review-pack generation, download, and customer-safe linkage are strong, but retained-artifact lifecycle and stored-report clarity remain less mature. | 2 | `specs/329-evidence-audit-log-disclosure-productization/spec.md`; `specs/337-evidence-review-pack-product-process-flow-alignment/spec.md`; `apps/platform/app/Filament/Pages/Monitoring/EvidenceOverview.php`; `apps/platform/app/Filament/Resources/ReviewPackResource.php`; `apps/platform/app/Filament/Resources/StoredReportResource.php`; `apps/platform/tests/Feature/Monitoring/Spec329EvidenceAuditDisclosureProductizationTest.php`; `docs/product/implementation-ledger.md` | Artifact lifecycle/state truth and retained-report product clarity still lag behind review-pack flow maturity. | Keep current review/evidence flow stable and handle retained-artifact follow-through as a separate lane. | Later: `specs/267-artifact-lifecycle-retention/` if chosen |
| Governance Inbox / Decision Register | Decision register is strong and proof-linked; governance inbox still reads more like a dense admin queue than a calm operator workbench. | 2 | `specs/327-governance-inbox-decision-first-workbench-productization/spec.md`; `specs/265-decision-register-approval/spec.md`; `specs/306-decision-register-reconciliation/decision-register-reconciliation.md`; `specs/307-decision-register-evidence-operationrun-link-polish/spec.md`; `specs/308-decision-register-summary-review-pack/spec.md`; `apps/platform/app/Filament/Pages/Governance/GovernanceInbox.php`; `apps/platform/app/Filament/Pages/Governance/DecisionRegister.php`; `apps/platform/tests/Browser/Spec327GovernanceInboxProductizationSmokeTest.php`; `docs/ui-ux-enterprise-audit/page-reports/ui-004-governance-inbox.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-005-decision-register.md` | Dominant next action, clearer queue-clearing posture, calmer evidence ordering, and downstream customer-safe wording are still open. | Make this the next platform-critical productization spec. | Yes |
| Findings / Accepted Risks | Findings queues, accepted-risk lifecycle, and review integration are repo-real and operator-usable. | 2 | `specs/343-customer-review-attestation-accepted-risk-lifecycle/spec.md`; `apps/platform/app/Filament/Resources/FindingExceptionResource.php`; `apps/platform/tests/Feature/Findings/FindingExceptionWorkflowTest.php`; `apps/platform/tests/Feature/Findings/*`; `docs/product/implementation-ledger.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-012-finding-exceptions-queue.md` | Broader retained-artifact presentation, expiry/re-review storytelling, and management summary framing still depend on later governance/artifact work. | Keep this inside governance/artifact follow-through; do not split into a new standalone program now. | Merge into governance/artifact follow-through |
| Provider Readiness / Onboarding | Provider connection scope, onboarding, and permission posture are functional and trustable, but the main surface still feels admin-heavy. | 2 | `specs/339-provider-connection-scope-hardening/spec.md`; `specs/281-provider-connection-scope/spec.md`; `apps/platform/app/Filament/Resources/ProviderConnectionResource.php`; `apps/platform/tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php`; `apps/platform/tests/Browser/Spec340PostScopeContractVerificationSmokeTest.php`; `docs/ui-ux-enterprise-audit/page-reports/ui-009-provider-connections.md` | Health/permission summary, dangerous-action guidance, and calmer trust copy remain open. | Schedule as a should-do-next platform productization slice after governance workflow closure. | Later |
| Monitoring / Ops / Alerts / Audit | Operations, alerts, evidence, and audit surfaces are broad and strong; remaining gaps are semantic consistency and a few polish follow-ups, not missing foundations. | 2 | `specs/328-operations-hub-decision-first-workbench-productization/spec.md`; `specs/329-evidence-audit-log-disclosure-productization/spec.md`; `apps/platform/tests/Browser/Spec328OperationsHubProductizationSmokeTest.php`; `apps/platform/tests/Browser/Spec329EvidenceAuditDisclosureSmokeTest.php`; `apps/platform/app/Filament/Pages/Monitoring/AuditLog.php`; `docs/ui-ux-enterprise-audit/page-reports/ui-003-operations.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-008-audit-log.md`; `specs/278-cross-domain-indicator-audit/spec.md` | Cross-domain indicator semantics and some export/raw drilldown follow-ups remain open. | Defer broad change; only take bounded semantics follow-up when it becomes release pressure. | No |
| Localization / Copy | Foundation and major neutralization/customer-facing passes exist, but wording consistency is still a guardrail rather than a fully closed theme. | 2 | `specs/275-customer-facing-localization-adoption/spec.md`; `specs/286-ui-copy-ia-localization-neutralization/spec.md`; `docs/product/implementation-ledger.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-006-customer-review-workspace.md`; `docs/ui-ux-enterprise-audit/page-reports/ui-009-provider-connections.md` | Remaining gaps are QA/polish and future external-surface wording, not a missing v1 foundation. | Keep as bounded follow-through; do not make it the next main spec. | No |
| Test / Browser Confidence | Strategic surfaces have strong targeted Feature/Browser evidence, but broad merge-readiness is not freshly proven in this docs-only gate. | 2 | `specs/340-post-scope-contract-browser-verification-gate/audit-report.md`; `apps/platform/tests/Browser/Spec327GovernanceInboxProductizationSmokeTest.php`; `apps/platform/tests/Browser/Spec342CustomerReviewWorkspaceConsumptionSmokeTest.php`; `apps/platform/tests/Browser/Spec343CustomerReviewAttestationAcceptedRiskSmokeTest.php`; `apps/platform/tests/Browser/Spec344CustomerReviewWorkspaceDensitySmokeTest.php`; `apps/platform/tests/Feature/Monitoring/Spec329EvidenceAuditDisclosureProductizationTest.php` | No fresh full-suite run; unrelated hidden debt cannot be disproven from repo inspection alone. | Use targeted smoke/tests in the next implementation spec; do not block on a broad full-suite rerun unless regressions appear. | No |
## Sellable-Platform Blockers (P0P3)
- **P0**
- Governance Inbox still lacks the calm, dominant queue-clearing operator workflow expected from the central decision surface (`docs/ui-ux-enterprise-audit/page-reports/ui-004-governance-inbox.md`; `apps/platform/app/Filament/Pages/Governance/GovernanceInbox.php`).
- **P1**
- Provider connection/readiness surface remains trust-critical but still admin-heavy in its first-read summary (`docs/ui-ux-enterprise-audit/page-reports/ui-009-provider-connections.md`; `apps/platform/app/Filament/Resources/ProviderConnectionResource.php`).
- Retained-artifact lifecycle/state truth is still weaker than review-pack generation/download truth (`specs/267-artifact-lifecycle-retention/spec.md`; `apps/platform/app/Filament/Resources/StoredReportResource.php`; `apps/platform/app/Filament/Pages/Monitoring/EvidenceOverview.php`).
- Broad sellability claims should stay qualified because Spec 345 did not rerun the full suite (`specs/340-post-scope-contract-browser-verification-gate/audit-report.md` is targeted proof only).
- **P2**
- Cross-domain indicator semantics still need a runtime follow-through after the docs-only audit in `specs/278-cross-domain-indicator-audit/`.
- Residual retained-report / artifact consumption polish may still be needed even with the stored-report runtime present.
- **P3**
- Helper naming and dead-code cleanup should happen only when fresh repo evidence proves value; they are not a release gate.
## Executive Answer (repo-truth grounded)
- **MSP/operator daily usable?**: Yes. The control plane is strong enough for daily operator use across shell, reviews, evidence, findings, provider readiness, and operations.
- **Demoable?**: Yes. The strongest demo path is now review-driven governance, evidence/review-pack outputs, and provider readiness—not a speculative customer portal.
- **Sellable (MVP)?**: Almost, but not yet cleanly repeatable as a calm MSP/operator platform.
- **Why/why not**: The platform is beyond foundation-only and is already stronger than the backlog wording implies, but one central workflow gap remains: governance decision closure on `/admin/governance/inbox`. Provider readiness trust framing and retained-artifact lifecycle clarity are the next most visible follow-through gaps. Customer portal work should remain deferred until those operator-first seams are calmer.

195
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/repo-truth-map.md Normal file
View File

@ -0,0 +1,195 @@
# Repo Truth Map — Spec 345
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Date**: 2026-06-02
## Git State
- `git status --short --branch`:
- `## 345-platform-productization-readiness-roadmap-reconciliation-gate`
- `?? specs/345-platform-productization-readiness-roadmap-reconciliation-gate/`
- `git diff --stat`: N/A (work-in-progress is currently untracked-only)
- Final docs-only validation:
- `git diff --check` -> passed
- current worktree remains confined to `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/`
## Inputs Used
- Spec 345 user-provided draft: included in `spec.md` (source: chat input, 2026-06-02)
- Product queue and roadmap truth:
- `docs/product/spec-candidates.md`
- `docs/product/roadmap.md`
- `docs/product/implementation-ledger.md`
- `docs/product/discoveries.md`
- UI audit and target-direction truth:
- `docs/ui-ux-enterprise-audit/grouped-follow-up-candidates.md`
- `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md`
- page reports under `docs/ui-ux-enterprise-audit/page-reports/`
- Recent runtime close-out truth:
- `specs/338-workspace-environment-resource-scope-contract/`
- `specs/339-provider-connection-scope-hardening/`
- `specs/340-post-scope-contract-browser-verification-gate/`
- `specs/341-canonical-link-query-cleanup/`
- `specs/342-customer-review-workspace-final-consumption-productization/`
- `specs/343-customer-review-attestation-accepted-risk-lifecycle/`
- `specs/344-customer-review-workspace-density-audience-polish/`
- Additional backlog-reconciliation context:
- `specs/267-artifact-lifecycle-retention/`
- `specs/274-billing-subscription-truth/`
- `specs/275-customer-facing-localization-adoption/`
- `specs/276-support-access-governance/`
- `specs/277-stored-reports-surface/`
- `specs/278-cross-domain-indicator-audit/`
- `specs/279-workspace-managed-environment-core/`
- `specs/280-workspace-tenancy-environment-routing/`
- `specs/281-provider-connection-scope/`
- `specs/282-governance-artifact-retargeting/`
- `specs/283-provider-capability-registry/`
- `specs/284-provider-neutral-artifact-source-taxonomy/`
- `specs/285-workspace-rbac-environment-access/`
- `specs/286-ui-copy-ia-localization-neutralization/`
- `specs/292-workspace-tenant-closure/`
- `specs/301-admin-inventory-navigation-cutover/`
- `specs/302-tenant-owned-surface-route-audit/`
- `specs/303-admin-directory-groups-cutover/`
- `specs/304-tenant-panel-dead-code-retirement/`
- `specs/312-customer-review-workspace-v1-completion/`
- `specs/327-governance-inbox-decision-first-workbench-productization/`
- `specs/328-operations-hub-decision-first-workbench-productization/`
- `specs/329-evidence-audit-log-disclosure-productization/`
- `specs/337-evidence-review-pack-product-process-flow-alignment/`
## Relevant Spec Signals
### Productized or validated in the inspected area
- `specs/340-post-scope-contract-browser-verification-gate/audit-report.md`
- targeted Browser verification passed
- `GO. No confirmed P1/P2 drift remains`
- only backlog item recorded: `B-340-001` on Evidence Overview helper copy
- `specs/342-customer-review-workspace-final-consumption-productization/`
- focused Feature + Browser validation package exists
- `specs/343-customer-review-attestation-accepted-risk-lifecycle/`
- accepted-risk / acknowledgement lifecycle is already implemented as a focused surface follow-up
- `specs/344-customer-review-workspace-density-audience-polish/`
- customer review hierarchy/density follow-up exists with dedicated Feature + Browser coverage
### Queue-drift evidence
- `docs/product/spec-candidates.md` still lists several candidates as open even though the repo now contains later implementation packages with completed task checklists, including:
- `customer-review-workspace-v1-completion` -> later runtime follow-through exists in `specs/312-*`, `specs/342-*`, `specs/343-*`, and `specs/344-*`
- `provider-connection-scope-hardening` -> later runtime follow-through exists in `specs/339-*` and `specs/281-*`
- `canonical-link-query-cleanup` -> later runtime follow-through exists in `specs/341-*`
- `product-truth-docs-drift-cleanup` -> later runtime follow-through exists in `specs/310-*`
- `Customer-Facing Localization Adoption v1` -> later runtime follow-through exists in `specs/275-*`
- `Billing & Subscription Truth Layer v1` -> later runtime follow-through exists in `specs/274-*`
- `Stored Reports Surface v1` -> later runtime follow-through exists in `specs/277-*`
- `Workspace & Tenant Closure Lifecycle v1` -> later runtime follow-through exists in `specs/292-*`
- `Enterprise Access Boundary & Support Access Governance v1` -> later runtime follow-through exists in `specs/276-*`
## Sources Discovered
### Spec candidates
- Primary queue:
- `docs/product/spec-candidates.md`
- Additional candidate ledgers / historical inputs:
- `docs/product/discoveries.md` (staging; promote or discard)
- `docs/audits/2026-03-15-audit-spec-candidates.md` (historical input; not the active queue)
- `docs/audits/semantic-clarity-spec-candidates.md` (historical input; not the active queue)
- `docs/ui-ux-enterprise-audit/grouped-follow-up-candidates.md` (design follow-up lanes)
- `docs/ui-ux-enterprise-audit/follow-up-specs/325-strategic-target-image-implementation-candidates.md`
- `specs/0800-future-features/brainstorming.md` (brainstorming; not the active queue)
- `docs/HANDOVER.md` (historical snapshot; not the active queue)
- `spechistory/spec.md` (historical v1 framing; not the active queue)
### Roadmap
- Primary roadmap:
- `docs/product/roadmap.md`
- Supporting strategy framing (not implementation truth):
- `docs/strategy/product-vision.md`
- `docs/strategy/domain-coverage.md`
### UI audit / UX coverage
- Registry + coverage:
- `docs/ui-ux-enterprise-audit/route-inventory.md`
- `docs/ui-ux-enterprise-audit/design-coverage-matrix.md`
- `docs/ui-ux-enterprise-audit/strategic-surfaces.md`
- `docs/ui-ux-enterprise-audit/unresolved-pages.md`
- Key page reports (platform readiness areas):
- `docs/ui-ux-enterprise-audit/page-reports/ui-001-workspace-overview.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-002-environment-dashboard.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-003-operations.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-004-governance-inbox.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-005-decision-register.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-006-customer-review-workspace.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-008-audit-log.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-009-provider-connections.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-011-reviews.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-012-finding-exceptions-queue.md`
- `docs/ui-ux-enterprise-audit/page-reports/ui-013-environment-backup-sets.md`
### Runtime surfaces inspected (read-only)
- `apps/platform/app/Filament/Pages/` (focus: Monitoring, Governance, Reviews, Workspace/Environment shell)
- `apps/platform/app/Filament/Resources/` (focus: Review Packs, Evidence Snapshots, Findings, Provider Connections)
- `apps/platform/resources/views/filament/pages/` (focus: Customer Review Workspace)
- `apps/platform/tests/Feature/` and `apps/platform/tests/Browser/` (existence as evidence; not executed in this docs-only spec)
### Concrete runtime surfaces confirmed present
- `apps/platform/app/Filament/Pages/Governance/GovernanceInbox.php`
- `apps/platform/app/Filament/Pages/Governance/DecisionRegister.php`
- `apps/platform/app/Filament/Pages/Monitoring/EvidenceOverview.php`
- `apps/platform/app/Filament/Pages/Monitoring/AuditLog.php`
- `apps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.php`
- `apps/platform/app/Filament/Resources/ProviderConnectionResource.php`
- `apps/platform/app/Filament/Resources/ReviewPackResource.php`
- `apps/platform/app/Filament/Resources/StoredReportResource.php`
### Tests / browser evidence inspected (read-only)
- Repo evidence only (existence; not executed as part of Spec 345 unless explicitly requested):
- `apps/platform/tests/Feature/Filament/Spec342CustomerReviewWorkspaceConsumptionTest.php`
- `apps/platform/tests/Browser/Spec342CustomerReviewWorkspaceConsumptionSmokeTest.php`
- `apps/platform/tests/Feature/Filament/Spec343CustomerReviewAttestationAcceptedRiskTest.php`
- `apps/platform/tests/Browser/Spec343CustomerReviewAttestationAcceptedRiskSmokeTest.php`
- `apps/platform/tests/Feature/Filament/Spec344CustomerReviewWorkspaceDensityTest.php`
- `apps/platform/tests/Browser/Spec344CustomerReviewWorkspaceDensitySmokeTest.php`
- `apps/platform/tests/Feature/Filament/Spec337EvidenceReviewPackProductFlowTest.php`
- `apps/platform/tests/Browser/Spec329EvidenceAuditDisclosureSmokeTest.php`
- `apps/platform/tests/Browser/Spec328OperationsHubProductizationSmokeTest.php`
- `apps/platform/tests/Browser/Spec327GovernanceInboxProductizationSmokeTest.php`
- `apps/platform/tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php`
- `apps/platform/tests/Feature/Monitoring/Spec329EvidenceAuditDisclosureProductizationTest.php`
- `apps/platform/tests/Feature/Reviews/CustomerReviewWorkspaceHubContractTest.php`
- `apps/platform/tests/Feature/Monitoring/EvidenceOverviewWorkspaceHubContractTest.php`
## Roadmap / Queue Truth Summary
- `docs/product/implementation-ledger.md` already positions the platform as stronger than an early-foundation read, but still short of full repeatable sellability on governance workflow closure, artifact lifecycle clarity, and a few commercial/retained-output follow-through lanes.
- `docs/product/spec-candidates.md` is no longer reliable as a literal open queue without repo verification. It contains both valid open gaps and stale candidates already replaced by later spec packages.
- `docs/ui-ux-enterprise-audit/*` still points to real remaining productization pressure on:
- governance inbox operator workflow
- provider readiness trust framing
- residual cross-domain indicator semantics
- retained-artifact / proof consumption polish
## Known Quality Limits / Validation Posture
- No runtime code was changed during Spec 345.
- No new tests were run during Spec 345.
- Inspected sources do show strong targeted validation history, especially:
- `specs/340-post-scope-contract-browser-verification-gate/audit-report.md`
- `apps/platform/tests/Browser/Spec327GovernanceInboxProductizationSmokeTest.php`
- `apps/platform/tests/Browser/Spec342CustomerReviewWorkspaceConsumptionSmokeTest.php`
- `apps/platform/tests/Browser/Spec343CustomerReviewAttestationAcceptedRiskSmokeTest.php`
- `apps/platform/tests/Browser/Spec344CustomerReviewWorkspaceDensitySmokeTest.php`
- Broad merge-readiness across the whole product is not proven by Spec 345 because the full suite was intentionally not rerun.
- No inspected source showed an unresolved PHP crash or suite-wide blocker, but absence of a fresh full-suite run must still be stated explicitly.
## Notes / Known Limitations
- This spec is docs-only and intentionally does not run the full test suite unless explicitly requested later.

33
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/roadmap-reconciliation.md Normal file
View File

@ -0,0 +1,33 @@
# Roadmap Reconciliation — Spec 345
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Date**: 2026-06-02
## Roadmap Theme Table
| Roadmap theme | Repo-real? | Productized? | Related specs | Related candidates | Gap | Recommended priority |
|---|---|---|---|---|---|---|
| Workspace/Environment shell and scope contract | yes | yes | `specs/338-*`; `specs/339-*`; `specs/340-*`; `specs/341-*` | stale queue items: `provider-connection-scope-hardening`, `canonical-link-query-cleanup`, `product-truth-docs-drift-cleanup` | Only minor wording follow-through remains; no structural shell blocker found. | Hold / protect |
| Customer Review Workspace / customer-safe consumption | yes | yes | `specs/312-*`; `specs/342-*`; `specs/343-*`; `specs/344-*` | stale candidate `customer-review-workspace-v1-completion`; UI lane `Customer Review Workspace productization` | Broad lane is effectively closed; only narrow polish should remain. | Hold / do not reopen as a broad next spec |
| Evidence / Review Packs / Audit disclosure | yes | partial | `specs/329-*`; `specs/337-*`; current runtime `EvidenceOverview`, `ReviewPackResource`, `StoredReportResource` | retained-artifact follow-through; stored-report/product-consumption follow-up | Core flow is strong, but retained-artifact state/lifecycle truth is still weaker than generation/download flow. | Next-later |
| Governance Inbox / Decision Register | yes | partial | `specs/327-*`; `specs/265-*`; `specs/306-*`; `specs/307-*`; `specs/308-*` | `decision-based-governance-inbox-v1`; UI lane `Governance Inbox decision experience` | Remaining operator workflow closure is the clearest central gap. | Now |
| Findings / Accepted Risks | yes | partial | `specs/343-*`; finding/finding-exception runtime and tests | no separate must-do candidate; tied to governance/artifact lanes | Lifecycle and customer-safe integration are solid; retained reporting/expiry clarity still depends on later work. | Next-later |
| Provider readiness / onboarding / permission posture | yes | partial | `specs/339-*`; `specs/281-*`; provider/onboarding runtime tests | UI lane `Provider onboarding/readiness UX cleanup` | Trust framing and dangerous-action guidance still need calmer productization. | Should-do-next |
| Localization / copy / neutral platform wording | yes | partial | `specs/275-*`; `specs/286-*` | stale candidates `Customer-Facing Localization v1` and `Customer-Facing Localization Adoption v1` | Foundation and major follow-through exist; remaining work is QA/polish or future external-surface wording. | Later guardrail |
| Commercial truth / billing-state maturity | yes | partial | `specs/247-*`; `specs/251-*`; `specs/274-*` | stale candidates `Commercial Entitlements & Billing-State Lifecycle v1`, `Billing & Subscription Truth Layer v1` | Internal truth layer exists; customer self-serve commercial portal remains separate and deferred. | Later / not next platform spec |
| Stored reports surface | yes | partial-to-yes | `specs/277-*`; `StoredReportResource` runtime | stale candidate `Stored Reports Surface v1` | Runtime exists, but retained-artifact lifecycle context still benefits from the broader artifact-lifecycle lane. | Later / merge with retained-artifact work if needed |
| Governance artifact lifecycle / retention | prepared package yes; runtime gap still open | no | `specs/267-artifact-lifecycle-retention/`; `specs/262-*` | `Governance Artifact Lifecycle & Retention v1` | Ready candidate with real value, but secondary to governance-inbox workflow closure. | Next-later |
| Workspace-first / ManagedEnvironment cutover pack | yes, as a concrete spec series | mixed | `specs/279-*` to `specs/287-*` | pack-level candidate is stale | Not a single open candidate anymore; use the existing spec-series truth instead of the old pack label. | Defer unless architecture work is deliberately resumed |
| Admin workspace navigation / tenant-owned surface repair | yes | mostly yes | `specs/301-*`; `specs/302-*`; `specs/303-*`; `specs/304-*` | conditional `navigation-contract-split` only | Historical migration group is mostly closed. | Only on fresh regression |
| Operations maturity / cross-domain indicators | yes | partial | `specs/328-*`; `specs/278-*`; `specs/268-*`; `specs/270-*`; `specs/271-*`; `specs/272-*` | `Cross-Domain Progress / Indicator Semantics` follow-through | Missing piece is not operations existence; it is semantics consistency and selective adoption. | Later |
| Cross-tenant compare / promotion | yes | partial | `specs/043-*`; `specs/264-*` | stale candidate `Cross-Tenant Compare & Promotion with Lineage v1` | Portfolio action exists as a spec lane already; not the most urgent platform productization blocker. | Later |
| Support access governance | yes | yes or functionally closed for current slice | `specs/276-support-access-governance/` | stale candidate `Enterprise Access Boundary & Support Access Governance v1` | Active candidate wording lags behind existing package reality. | Drop from active queue |
| Governed AI foundation / first runtime consumer | foundation yes; first consumer no | no | `specs/248-*` | `First Governed AI Runtime Consumer v1` | Foundation exists; visible runtime consumer is later strategic work, not a current platform sellability blocker. | Later |
| Customer portal / external consumption plane | no separate app/runtime in current product line | external/deferred | repeated non-goals across `specs/259-*`, `specs/260-*`, `specs/326-*`, `specs/342-*`, `specs/343-*`, `specs/344-*` | `291 Virtual Consultant / External Portal Guidance v1`; inferred customer portal slices | Current repo truth says `/platform` should prepare customer-safe outputs first, not become the portal itself. | Defer to `/customerportal` roadmap |
| Website / public marketing | separate app exists; not part of the platform lane | external | `apps/website`; website specs such as `specs/183-*`, `specs/213-*`, `specs/215-*` | public pricing/docs/lead-gen work | This belongs to `/website`, not the platform readiness queue. | Separate website roadmap |
## Reconciliation Notes
- The largest roadmap drift is not missing runtime; it is stale backlog wording that still treats several already-delivered or already-packaged lanes as open first-order candidates.
- The strongest repo-truth shift since older roadmap wording is the closure of the customer-review lane as a broad platform blocker. Recent Specs `342`-`344` materially changed that answer.
- The strongest remaining roadmap-to-repo gap is governance workflow closure, not a customer portal, not a shell rewrite, and not another broad review-workspace rewrite.

473
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/spec.md Normal file
View File

@ -0,0 +1,473 @@
# Feature Specification: Spec 345 - Platform Productization Readiness & Roadmap Reconciliation Gate
**Feature Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate`
**Created**: 2026-06-02
**Status**: Draft
**Type**: Readiness audit / roadmap reconciliation / productization gate / backlog governance
**Runtime posture**: Read-only first. No feature implementation. Documentation, classification, and follow-up scoping only.
**Input**: User-provided Spec 345 draft plus repo truth from `docs/product/*`, `specs/*`, `docs/ui-ux-enterprise-audit/*`, and current `apps/platform` surfaces.
## Spec Candidate Check *(mandatory — SPEC-GATE-001)*
- **Problem**: TenantPilot has accumulated many real platform slices, follow-up candidates, and roadmap themes, but the repo lacks one current-answer package for productization readiness, backlog hygiene, and app-boundary discipline after recent Specs 338, 342, 343, and 344.
- **Today's failure**: The product can keep shipping feature-by-feature while candidate status, roadmap wording, and real runtime maturity drift apart. That creates a concrete risk of starting `/customerportal` too early, duplicating already-finished work, or prioritizing the wrong next spec.
- **User-visible improvement**: Product direction becomes explicit and reviewable: the repo gets one source package that says what is already productized, what is merely repo-real, what is still missing before a sellable MSP/operator platform, what belongs in `/platform`, and what must stay deferred to `/customerportal` or `/website`.
- **Smallest enterprise-capable version**: One bounded, docs-only reconciliation pass that inspects current repo truth, classifies candidates, maps roadmap themes to implementation state, scores platform readiness, and recommends the next 3-7 specs without adding any runtime feature.
- **Explicit non-goals**: No routes, migrations, models, services, jobs, Filament resources/pages, views, tests, assets, or customer portal work. No navigation rebuild. No backlog deletion without explanation. No "analysis paralysis" multi-pass program.
- **Permanent complexity imported**: One spec package with readiness and reconciliation reports only. No new persisted truth, enum family, abstraction layer, or runtime taxonomy.
- **Why now**: Recent specs materially improved the platform, especially Customer Review Workspace, but `docs/product/spec-candidates.md`, `docs/product/roadmap.md`, and older product-truth artifacts predate that latest repo state. The next spec choice should be made from current truth, not stale backlog wording.
- **Why not local**: Fixing one candidate note or one roadmap paragraph would not answer the core question: whether the platform is productized enough to keep pushing `/platform` work or should pivot to a different app boundary.
- **Approval class**: Core Enterprise.
- **Red flags triggered**: Broad audit scope, cross-document reconciliation, and potential taxonomy drift. Defense: this spec is bounded to one read-only pass, reuses existing repo vocabulary, and forbids runtime expansion.
- **Score**: Nutzen: 2 | Dringlichkeit: 2 | Scope: 2 | Komplexität: 1 | Produktnähe: 2 | Wiederverwendung: 2 | **Gesamt: 11/12**
- **Decision**: approve.
## Candidate Source And Completed-Spec Guardrail
- **Candidate source**: Directly user-provided as Spec 345; supported by `docs/product/spec-candidates.md`, `docs/product/roadmap.md`, `docs/product/implementation-ledger.md`, and UI audit follow-up ledgers.
- **Completed-spec check**: No `specs/345-*` package or `345-*` branch existed before this work. Completed or implementation-closed specs are context only and must not be rewritten or normalized back into prep state.
- **Related completed context**:
- `specs/338-workspace-environment-resource-scope-contract/`
- `specs/339-provider-connection-scope-hardening/`
- `specs/340-post-scope-contract-browser-verification-gate/`
- `specs/341-canonical-link-query-cleanup/`
- `specs/342-customer-review-workspace-final-consumption-productization/`
- `specs/343-customer-review-attestation-accepted-risk-lifecycle/`
- `specs/344-customer-review-workspace-density-audience-polish/`
- **Close alternatives deferred**:
- starting a new feature spec without reconciling backlog truth,
- starting `/customerportal` work inside Filament `/platform`,
- broad roadmap rewrite without file-level repo evidence,
- runtime cleanup disguised as a planning spec.
## Spec Scope Fields *(mandatory)*
- **Scope**: canonical-view
- **Primary Routes**:
- Audited surfaces only; no route changes:
- `/admin`
- `/admin/workspaces/{workspace}/overview`
- `/admin/workspaces/{workspace}/environments/{environment}`
- `/admin/reviews/workspace`
- `/admin/governance/inbox`
- `/admin/governance/decisions`
- `/admin/workspaces/{workspace}/operations`
- `/admin/evidence/overview`
- `/admin/audit-log`
- `/admin/provider-connections`
- **Data Ownership**: No data model or ownership change. This spec only audits current workspace-owned, environment-owned, review-owned, and system-owned surfaces.
- **RBAC**: No authorization behavior changes. The reports must verify existing membership/capability boundaries and keep `/platform`, `/customerportal`, `/website`, and `/system` responsibilities explicit.
For canonical-view handling:
- **Default filter behavior when tenant-context is active**: Preserve current repo truth only. Workspace hubs remain workspace-owned and may narrow through explicit page-local filters such as `environment_id`; environment-bound pages stay route-owned.
- **Explicit entitlement checks preventing cross-tenant leakage**: Audit and document existing deny-as-not-found and capability posture only. No new checks are introduced by Spec 345.
## UI Surface Impact *(mandatory — UI-COV-001)*
- [x] No UI surface impact
- [ ] Existing page changed
- [ ] New page/route added
- [ ] Navigation changed
- [ ] Filament panel/provider surface changed
- [ ] New modal/drawer/wizard/action added
- [ ] New table/form/state added
- [ ] Customer-facing surface changed
- [ ] Dangerous action changed
- [ ] Status/evidence/review presentation changed
- [ ] Workspace/environment context presentation changed
## UI/Productization Coverage *(mandatory when UI Surface Impact is not "No UI surface impact"; otherwise write `N/A - no reachable UI surface impact` plus rationale)*
- **Route/page/surface**: N/A - no reachable UI surface impact
- **Current or new page archetype**: N/A
- **Design depth**: N/A
- **Repo-truth level**: repo-verified docs-only work
- **Existing pattern reused**: existing productization audit and spec-artifact patterns
- **New pattern required**: none
- **Screenshot required**: no; screenshots remain optional unless a future browser audit reruns evidence capture
- **Page audit required**: no new page audit; existing page reports are read-only inputs
- **Customer-safe review required**: yes, as an audit lens only
- **Dangerous-action review required**: yes, as an audit lens only; no runtime action changes
- **Coverage files updated or explicitly not needed**:
- [ ] `docs/ui-ux-enterprise-audit/route-inventory.md`
- [ ] `docs/ui-ux-enterprise-audit/design-coverage-matrix.md`
- [ ] `docs/ui-ux-enterprise-audit/page-reports/...`
- [ ] `docs/ui-ux-enterprise-audit/strategic-surfaces.md`
- [ ] `docs/ui-ux-enterprise-audit/grouped-follow-up-candidates.md`
- [ ] `docs/ui-ux-enterprise-audit/unresolved-pages.md`
- [x] `N/A - no reachable UI surface impact`
- **No-impact rationale when applicable**: Spec 345 inspects current UI surfaces and productization evidence but does not change runtime UI, navigation, copy, actions, or state.
## Cross-Cutting / Shared Pattern Reuse *(mandatory when the feature touches notifications, status messaging, action links, header actions, dashboard signals/cards, alerts, navigation entry points, evidence/report viewers, or any other existing shared operator interaction family; otherwise write `N/A - no shared interaction family touched`)*
- **Cross-cutting feature?**: yes
- **Interaction class(es)**: navigation entry points, evidence/report viewers, governance decision surfaces, dashboard/workbench maturity, productization/audit follow-up lanes
- **Systems touched**: `docs/product/spec-candidates.md`, `docs/product/roadmap.md`, `docs/product/implementation-ledger.md`, `docs/ui-ux-enterprise-audit/*`, recent spec packages, and current Filament pages/resources as read-only evidence
- **Existing pattern(s) to extend**: repo-truth maps, spec close-out artifacts, UI audit page reports, implementation ledger maturity language
- **Shared contract / presenter / builder / renderer to reuse**: none in runtime; this is documentation-level reuse only
- **Why the existing shared path is sufficient or insufficient**: existing artifacts already contain the needed evidence, but no single package currently reconciles them after recent platform productization work
- **Allowed deviation and why**: none
- **Consistency impact**: keep vocabulary stable across repo truth: workspace/environment, customer-safe output, evidence, review pack, accepted risk, governance inbox, decision register, provider readiness, monitoring, `/platform`, `/customerportal`, `/website`, `/system`
- **Review focus**: prevent duplicate or stale candidate wording from being treated as active truth once repo evidence shows the work is already implemented or belongs to a different boundary
## OperationRun UX Impact *(mandatory when the feature creates, queues, deduplicates, resumes, blocks, completes, or deep-links to an `OperationRun`; otherwise write `N/A - no OperationRun start or link semantics touched`)*
- **Touches OperationRun start/completion/link UX?**: no
- **Shared OperationRun UX contract/layer reused**: N/A
- **Delegated start/completion UX behaviors**: N/A
- **Local surface-owned behavior that remains**: audit-only classification of existing OperationRun-linked surfaces
- **Queued DB-notification policy**: N/A
- **Terminal notification path**: N/A
- **Exception required?**: none
## Provider Boundary / Platform Core Check *(mandatory when the feature changes shared provider/platform seams, identity scope, governed-subject taxonomy, compare strategy selection, provider connection descriptors, or operator vocabulary that may leak provider-specific semantics into platform-core truth; otherwise write `N/A - no shared provider/platform boundary touched`)*
- **Shared provider/platform boundary touched?**: no runtime boundary change
- **Boundary classification**: N/A - audit only
- **Seams affected**: provider readiness, provider connections, and workspace/environment boundary docs are inspected as existing truth only
- **Neutral platform terms preserved or introduced**: `/platform`, `/customerportal`, `/website`, `/system`, workspace, managed environment, provider connection, evidence, review pack, governance decision
- **Provider-specific semantics retained and why**: existing Microsoft-shaped runtime seams remain as-is; this spec only documents where follow-up work still deepens or avoids that coupling
- **Why this does not deepen provider coupling accidentally**: no code, model, or taxonomy changes are introduced
- **Follow-up path**: document-in-feature only
## UI / Surface Guardrail Impact *(mandatory when operator-facing surfaces are changed; otherwise write `N/A`)*
N/A - no operator-facing surface change.
## Proportionality Review *(mandatory when structural complexity is introduced)*
- **New source of truth?**: no
- **New persisted entity/table/artifact?**: no runtime artifact; docs-only report files inside the spec package only
- **New abstraction?**: no
- **New enum/state/reason family?**: no
- **New cross-domain UI framework/taxonomy?**: no; reuse existing bucket language from the user-provided spec
- **Current operator problem**: unclear productization status and stale backlog wording make it hard to choose the next safe platform spec
- **Existing structure is insufficient because**: the evidence exists, but it is spread across spec packages, candidate ledgers, roadmap themes, and UI audit files without one current reconciliation
- **Narrowest correct implementation**: one documentation-only reconciliation pass with explicit reports and a next-spec recommendation
- **Ownership cost**: limited to keeping the Spec 345 package current if future roadmap/productization reviews reuse it
- **Alternative intentionally rejected**: a broad roadmap rewrite or runtime cleanup pass, because either would expand beyond the immediate decision need
- **Release truth**: current-release truth
### Compatibility posture
This feature assumes a pre-production environment.
Backward compatibility, legacy aliases, migration shims, historical fixtures, and compatibility-specific tests are out of scope unless explicitly required by a later implementation spec.
## Testing / Lane / Runtime Impact *(mandatory for runtime behavior changes)*
- **Test purpose / classification**: N/A
- **Validation lane(s)**: N/A
- **Why this classification and these lanes are sufficient**: Spec 345 is docs-only. Validation is limited to repo inspection and documentation integrity checks.
- **New or expanded test families**: none
- **Fixture / helper cost impact**: none
- **Heavy-family visibility / justification**: none
- **Special surface test profile**: N/A
- **Standard-native relief or required special coverage**: none
- **Reviewer handoff**: verify report consistency and that no runtime files changed
- **Budget / baseline / trend impact**: none
- **Escalation needed**: none
- **Active feature PR close-out entry**: N/A
- **Planned validation commands**:
- `git status --short --branch`
- `git diff --stat`
- `git diff --check`
## Summary
TenantPilot should answer one product question before starting the next major feature slice:
`Is the current /platform control plane productized enough for MSP/operator use, and which backlog items are still real after recent specs?`
Spec 345 is the readiness gate for that answer. It:
1. builds a repo-truth readiness view for the current platform,
2. reconciles spec candidates and roadmap themes against actual repo state,
3. separates `/platform`, `/customerportal`, `/website`, and `/system` boundaries, and
4. recommends the next implementation specs without starting a new runtime feature.
## Problem Statement
TenantPilot now has strong repo-real foundations and several productized strategic surfaces, but product direction is vulnerable to drift because:
- newer specs have closed or narrowed older backlog items,
- roadmap wording still reflects pre-342/343/344 product gaps,
- customer-safe consumption work could be misread as a cue to start a full customer portal,
- some candidate groups are already covered, while others are still only prepared or still truly open,
- the platform may be demoable before it is fully sellable, and those are not the same decision.
Without a reconciliation gate, `/platform`, `/customerportal`, `/website`, and `/system` responsibilities can blur and the next spec can be chosen from stale assumptions.
## Product Intent
Immediate priority:
`Make the platform control plane sellable and MSP/operator usable before opening a separate customer portal product surface.`
The platform should first provide stable, trusted outputs:
- review packages
- evidence summaries
- findings and accepted-risk states
- governance decisions
- operations/proof links
- customer-safe handoff data
- clear workspace/environment scope
- operator-ready workflows
Only after those outputs are stable should `/customerportal` consume them.
## Goals
### G1 - Establish a platform productization readiness view
Assess whether the current `/platform` app is productized enough for MSP/operator usage, covering at minimum:
- Workspace/Environment shell
- Customer Review Workspace
- Evidence Overview / Review Packs
- Governance Inbox / Decision Register
- Findings / Accepted Risks
- Provider Readiness / Onboarding
- Monitoring / Operations / Alerts / Audit
- Localization / copy quality
- Test and browser confidence
### G2 - Reconcile spec candidates
Classify every discovered candidate into:
- A - Now platform-critical
- B - Platform productization
- C - Feature expansion
- D - Customer Portal / `/customerportal`
- E - Website / `/website`
- F - Covered / obsolete / duplicate
- G - Research / roadmap only
### G3 - Reconcile roadmap vs repo truth
Map roadmap themes to actual repo state:
- repo-real and productized
- repo-real but not productized
- partially implemented
- candidate only
- roadmap only
- deferred / external app
### G4 - Separate app boundaries
Clarify what future work belongs to:
- `/platform`
- `/customerportal`
- `/website`
- `/system`
### G5 - Recommend the next implementation specs
Recommend the next 3-7 specs and clearly separate:
- must-do-before-sellable
- should-do-next
- defer
- do-not-build-now
- move-to-customerportal
- move-to-website
### G6 - Avoid creating new product scope
This spec is a gate, not a new feature slice. It must not create runtime behavior.
## Non-Goals
This spec must not:
- build Customer Portal
- add new customer-facing routes
- implement a new Filament page or dashboard
- add new database tables
- refactor workspace/environment routing
- change app runtime behavior
- rebuild navigation
- fix all UI findings
- implement PSA/ITSM handoff
- implement Provider Readiness runtime changes
- implement Localization overhaul
- implement AI runtime consumers
- delete candidate history without explanation
## Inputs
The audit must inspect and reconcile:
- current specs under `specs/`
- at minimum recent Specs 338, 343, and 344 plus adjacent productization specs
- `docs/product/spec-candidates.md`
- `docs/product/roadmap.md`
- `docs/product/implementation-ledger.md`
- `docs/product/discoveries.md`
- `docs/ui-ux-enterprise-audit/*`
- read-only runtime surfaces under `apps/platform/app/Filament/`, `apps/platform/resources/views/filament/`, and `apps/platform/tests/`
## Output Artifacts
Required outputs in `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/`:
- `spec.md`
- `plan.md`
- `tasks.md`
- `repo-truth-map.md`
- `platform-readiness-report.md`
- `candidate-reconciliation.md`
- `roadmap-reconciliation.md`
- `app-boundary-map.md`
- `next-spec-recommendation.md`
- `checklists/requirements.md`
Optional:
- `artifacts/screenshots/` only if a future browser audit captures new screenshots
## Classification Model
### Candidate buckets
- **A - Now platform-critical**: required before the platform can be considered sellable/MSP-ready
- **B - Platform productization**: improves existing platform surfaces without creating major new features
- **C - Feature expansion**: useful capability, but not required for immediate platform sellability
- **D - Customer Portal**: belongs to future `/customerportal`, not Filament `/platform`
- **E - Website**: belongs to `/website`
- **F - Covered / obsolete / duplicate**: already implemented, replaced, or superseded
- **G - Research / roadmap only**: not ready for implementation
### Readiness states
- **1 - Productized**
- **2 - Functional but not productized**
- **3 - Partially implemented**
- **4 - Candidate only**
- **5 - Roadmap only**
- **6 - Deferred / external app**
## Platform Areas To Assess
Assess and report on:
- Workspace / Environment shell
- Customer Review Workspace
- Evidence / Review Pack outputs
- Governance Inbox / Decision Register
- Findings / Accepted Risks
- Provider Connections / Readiness / Onboarding
- Monitoring / Operations / Alerts / Audit
- Localization / Copy / Customer-safe language
- Test and browser confidence
## App Boundary Rules
### `/platform`
Internal MSP/operator/admin control plane. Allowed: Filament, operations, evidence generation, review workspace, governance inbox, accepted risks, findings workflow, provider readiness, audit log, internal acknowledgement, and customer-safe output preparation.
### `/customerportal`
External customer consumption plane. Allowed later: customer-facing review summaries, evidence downloads, accepted-risk summaries, findings/follow-ups, review history, customer-safe documents, branding, and customer language.
### `/website`
Marketing and public product website. Allowed later: landing pages, pricing, docs, lead generation.
### `/system`
Platform operator / break-glass / system administration. Keep separate from `/platform` tenant/workspace behavior.
## Required Reports
Spec 345 must produce:
- `repo-truth-map.md`
- `platform-readiness-report.md`
- `candidate-reconciliation.md`
- `roadmap-reconciliation.md`
- `app-boundary-map.md`
- `next-spec-recommendation.md`
- `checklists/requirements.md`
Each report must stay repo-grounded and distinguish current runtime truth from candidate-only or roadmap-only ideas.
## Acceptance Criteria
### AC1 - Read-only posture preserved
No runtime app files are changed.
### AC2 - Every candidate classified
All discovered candidates are classified into A-G with no `unknown` remainder.
### AC3 - Roadmap reconciled to repo truth
Roadmap themes are mapped to implemented/productized/partial/candidate-only/roadmap-only/deferred states.
### AC4 - App boundaries are explicit
Reports clearly separate `/platform`, `/customerportal`, `/website`, and `/system`.
### AC5 - Platform readiness is assessed
The package answers:
- Is the platform ready for MSP/operator daily use?
- Is it demoable?
- Is it sellable?
- What blocks it?
### AC6 - Next spec recommendation is concrete
One primary next spec and a follow-up sequence are named with rationale.
### AC7 - No feature expansion sneaks in
No routes, migrations, controllers, Filament pages, customer portal pages, services, models, or runtime UI changes are introduced.
### AC8 - Known quality risks are documented
Broad merge-readiness or full-suite readiness must not be claimed without evidence.
### AC9 - Requirements checklist passes
`checklists/requirements.md` confirms the package is complete and internally consistent.
## Risks
- **Analysis paralysis**: mitigate by limiting the work to one reconciliation pass and one next-spec recommendation.
- **Candidate volume**: mitigate by merging duplicate themes and classifying at candidate-lane level where the repo already groups them that way.
- **Customer Portal drift**: mitigate by explicit boundary mapping and by not selecting `/customerportal` as the default next spec.
- **Runtime changes sneaking in**: mitigate with read-only guard and `git diff --check`.
- **Roadmap rewrite without repo truth**: mitigate by citing real specs, code paths, tests, and audit artifacts.
## Validation Commands
Required:
- `git status --short --branch`
- `git diff --stat`
- `git diff --check`
No runtime test suite is required for this docs-only spec unless explicitly requested later.
## Definition Of Done
Spec 345 is complete when:
- the full spec package exists,
- candidate, roadmap, and readiness reports are filled from repo truth,
- app boundaries are explicit,
- the next-spec recommendation is concrete,
- platform blockers are prioritized,
- no runtime files changed,
- `git diff --check` passes,
- and the final response states the recommended next implementation spec and why.

64
specs/345-platform-productization-readiness-roadmap-reconciliation-gate/tasks.md Normal file
View File

@ -0,0 +1,64 @@
# Tasks: Spec 345 - Platform Productization Readiness & Roadmap Reconciliation Gate
**Branch**: `345-platform-productization-readiness-roadmap-reconciliation-gate` | **Date**: 2026-06-02
**Spec**: `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/spec.md`
**Plan**: `specs/345-platform-productization-readiness-roadmap-reconciliation-gate/plan.md`
## Test Governance (TEST-GOV-001)
- **Test purpose / classification**: N/A (docs-only readiness gate)
- **Validation lanes**: N/A
- **Why sufficient**: This spec produces documentation only and must not touch runtime code or tests.
## Phase 0 — Repo Baseline (read-only)
- [x] T010 Run `git status --short --branch` and record in `repo-truth-map.md`.
- [x] T011 Run `git diff --stat` and record in `repo-truth-map.md`.
- [x] T012 Identify candidate/roadmap sources to inspect (repo-truth; no assumptions).
## Phase 1 — Source Discovery (repo-truth)
- [x] T020 Locate spec candidates sources (at minimum `docs/product/spec-candidates.md`).
- [x] T021 Locate roadmap sources (at minimum `docs/product/roadmap.md`).
- [x] T022 Locate recent relevant specs (338344) and any adjacent specs that overlap platform readiness areas.
- [x] T023 Locate UI audit registries and page reports under `docs/ui-ux-enterprise-audit/`.
## Phase 2 — Candidate Reconciliation
- [x] T030 Inventory all candidates (no candidate left unclassified).
- [x] T031 Classify each candidate into buckets AG with rationale and target app (`/platform`, `/customerportal`, `/website`, `/system`).
- [x] T032 Mark duplicates/covered items with “covered/obsolete/duplicate” reason (do not delete; document).
- [x] T033 Produce `candidate-reconciliation.md`.
## Phase 3 — Roadmap Reconciliation (repo truth vs plan)
- [x] T040 Map roadmap themes to repo truth (implemented/productized/partial/candidate-only/roadmap-only/deferred).
- [x] T041 Produce `roadmap-reconciliation.md`.
## Phase 4 — Platform Readiness Audit (read-only)
- [x] T050 Inspect runtime surfaces (read-only): Filament pages/resources, support code, tests, UI audits.
- [x] T051 Score each platform area (16) and record evidence + blockers.
- [x] T052 Produce `platform-readiness-report.md`.
## Phase 5 — App Boundary Map + Blockers
- [x] T060 Produce `app-boundary-map.md` separating `/platform`, `/customerportal`, `/website`, `/system`, and explicit defers.
- [x] T061 Identify sellable-platform blockers P0P3 and list them in `platform-readiness-report.md`.
## Phase 6 — Next Spec Recommendation
- [x] T070 Recommend next 37 specs with one primary “next spec” and explicit defer lines.
- [x] T071 Produce `next-spec-recommendation.md`.
## Phase 7 — Validation (docs-only)
- [x] T080 Run `git diff --check`.
- [x] T081 Confirm no runtime files changed (no changes outside `specs/345-*` and optionally bounded `docs/product/*`).
- [x] T082 Update `checklists/requirements.md` to reflect completion and any remaining open questions.
## Explicit Non-Goals
- [x] NT001 Do not change runtime application code under `apps/`.
- [x] NT002 Do not add routes, migrations, models, services, Filament pages/resources, views, or tests.
- [x] NT003 Do not implement or start `/customerportal` work; only classify and explicitly defer.