# Tasks: OperationRun Actionability System v1 **Input**: `specs/367-operationrun-actionability-system/spec.md`, `specs/367-operationrun-actionability-system/plan.md` **Prerequisites**: Specs 358-365 are context only; do not rewrite completed close-out history. **Tests**: Required. Use Pest 4 Unit, Feature, Guard/Architecture, and one bounded Browser smoke only if rendered UI changes. **No implementation in prep**: This task list is for the later implementation loop. ## Test Governance Checklist - [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior. - [x] New or changed tests stay in the smallest honest family, and any browser addition is explicit. - [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default; any widening is isolated or documented. - [x] Planned validation commands cover the change without pulling in unrelated lane cost. - [x] The declared surface test profiles are `monitoring-state-page`, `dashboard-signal`, and `shared-detail-family`. - [x] Any material budget, baseline, trend, or escalation note is recorded in the active spec close-out. ## Phase 1: Setup and Repo Truth Inventory **Purpose**: Confirm exact operation-type inventory, current consumers, and current-state proof seams before implementation. - [x] T001 Confirm current branch is `367-operationrun-actionability-system` and working tree intent with `git status --short --branch`. - [x] T002 Read `specs/367-operationrun-actionability-system/spec.md`, `plan.md`, `tasks.md`, and `checklists/requirements.md`. - [x] T003 Read Specs 358-365 as context only; do not modify those packages. - [x] T004 Inspect `apps/platform/app/Models/OperationRun.php` for `terminalFollowUp()`, `dashboardNeedsFollowUp()`, `problemClass()`, `requiresOperatorReview()`, and `requiresDashboardFollowUp()`. - [x] T005 Inspect `apps/platform/app/Support/OperationCatalog.php`, `apps/platform/app/Support/OperationRunType.php`, and `apps/platform/app/Support/OperationTypeAlias.php` for canonical and legacy operation-type values. - [x] T006 Inspect `apps/platform/app/Services/Providers/ProviderOperationRegistry.php` and provider start-gate code for provider operation types. - [x] T007 Inspect `apps/platform/app/Support/Operations/Reconciliation/OperationRunReconciliationRegistry.php` and all reconciliation adapters for supported operation families. - [x] T008 Search `apps/platform/app`, `apps/platform/database`, and `apps/platform/tests` for operation type strings; record every `OperationCatalog::canonicalInventory()` entry, discovered alias, policy group, and missing policy candidate in `specs/367-operationrun-actionability-system/repo-truth-map.md`. - [x] T009 Search for current consumers of `terminalFollowUp`, `dashboardNeedsFollowUp`, `problemClass`, `requiresOperatorReview`, and `requiresDashboardFollowUp`; record all consumers in `repo-truth-map.md`, including Operations workbench stats, Governance Inbox, environment dashboard summary, workspace overview, `OperationUxPresenter`, and shell active-run paths. - [x] T010 Inspect `apps/platform/app/Models/ProviderConnection.php` and related provider health services to identify safe current-state proof fields for `consent_status=granted` and `verification_status=healthy`. - [x] T011 Confirm no migration, env var, package, queue, scheduler, storage, Filament asset, panel-provider, or global-search change is required; update spec/plan before coding if false. ## Phase 2: Failing Tests First **Purpose**: Prove the behavior before changing runtime code. - [x] T012 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367OperationRunActionabilityResultTest.php` for status/actionable boolean/result metadata semantics. - [x] T013 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367ProviderConnectionActionabilityPolicyTest.php` for later same-scope success, healthy current state, unresolved blocker, and cross-scope non-resolution. - [x] T014 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367RepeatableOperationActionabilityPolicyTest.php` for inventory, policy, directory groups, role definitions, compliance, and permission posture alias families. - [x] T015 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367BaselineArtifactActionabilityPolicyTest.php` for baseline capture/compare and evidence/review/review-pack artifact proof. - [x] T016 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367HighRiskActionabilityPolicyTest.php` for restore, promotion, purge, and destructive-like default manual-review behavior. - [x] T017 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367ActionabilityRegistryCoverageTest.php` proving all known canonical `OperationCatalog` types and discovered aliases are explicitly covered or explicitly classified. - [x] T018 [P] Add or extend guard coverage under `apps/platform/tests/Feature/Guards/` proving dashboard/current-follow-up UI consumers do not directly use raw `terminalFollowUp()`, `dashboardNeedsFollowUp()`, or `problemClass()` as current actionability truth after migration. - [x] T019 Add `apps/platform/tests/Feature/Monitoring/Spec367DashboardOperationActionabilityTest.php` proving the Provider Connection CTA loop is gone in `NeedsAttention`. - [x] T020 Add `apps/platform/tests/Feature/Filament/Spec367BaselineCompareNowActionabilityTest.php` proving `BaselineCompareNow` uses actionability counts for Operations calmness. - [x] T021 Add `apps/platform/tests/Feature/Monitoring/Spec367OperationsActionabilityFilterTest.php` proving current-follow-up filters include actionable/manual-review rows and exclude superseded/resolved rows while history remains visible. - [x] T022 Add `apps/platform/tests/Feature/Operations/Spec367OperationRunActionEligibilityAlignmentTest.php` proving `OperationRunActionEligibility` does not produce primary CTAs that contradict non-actionable actionability results. - [x] T023 Add cross-workspace and cross-environment denial tests proving later success/current state in another scope cannot resolve a run. - [x] T024 Add a fail-hard Graph client binding to at least one render/evaluation feature test to prove actionability is DB-only. - [x] T025 If rendered UI changes materially, add `apps/platform/tests/Browser/Spec367OperationRunActionabilitySmokeTest.php` for the Provider Connection loop and Operations history visibility. ## Phase 3: Core Actionability Contract **Purpose**: Add the derived actionability layer without persistence. - [x] T026 Create an actionability status enum/value object, likely `apps/platform/app/Support/Operations/Actionability/OperationRunActionabilityStatus.php`. - [x] T027 Create an actionability result value object, likely `apps/platform/app/Support/Operations/Actionability/OperationRunActionabilityResult.php`. - [x] T028 Create an actionability policy interface or equivalent callable contract under `apps/platform/app/Support/Operations/Actionability/`. - [x] T029 Create `OperationRunActionabilityResolver` with `evaluate(OperationRun $run)`, `evaluateMany(Collection $runs)`, and actionable/current-follow-up helpers. - [x] T030 Create an actionability registry that maps canonical operation families to policies and exposes covered canonical types. - [x] T031 Reuse `OperationCatalog::canonicalCode()` and `OperationCatalog::rawValuesForCanonical()` for aliases instead of creating another operation-type source. - [x] T032 Add batch preloading/grouped lookup support so dashboard, Operations list, governance inbox, environment dashboard, and workspace overview consumers do not run per-row domain queries. - [x] T033 Keep evaluation read-only; do not mutate `operation_runs.context`, status, outcome, related records, or audit logs. ## Phase 4: Policy Implementations **Purpose**: Implement the minimum explicit policies needed by v1. - [x] T034 Implement provider connection check actionability for `provider.connection.check`. - [x] T035 In provider policy, mark old blockers `superseded_by_later_success` when later same-workspace/same-environment/same-provider-connection success exists. - [x] T036 In provider policy, mark old blockers `resolved_by_current_state` only when current ProviderConnection proof is same-scope and reliably healthy. - [x] T037 Implement repeatable sync actionability for inventory, policy, directory groups, role definitions, compliance, and permission posture alias families. - [x] T038 Implement baseline capture/compare actionability using later same-scope success or current baseline artifact proof only when repo truth supports it. - [x] T039 Implement evidence/review/review-pack artifact actionability using existing EvidenceSnapshot, EnvironmentReview, ReviewPack, and reconciliation proof where available. - [x] T040 Implement backup operation actionability for `backup_set.update`, `backup.schedule.execute`, `backup.schedule.retention`, and `backup.schedule.purge`. - [x] T041 Implement restore/promotion/destructive-like actionability as default `requires_manual_review` for terminal problem outcomes. - [x] T042 Classify alert/notification/delivery/informational operation types and every remaining canonical `OperationCatalog` type discovered in Phase 1 explicitly as actionable, manual-review, superseded-capable, resolved-by-current-state-capable, or informational; do not leave silent defaults. - [x] T043 For incomplete correlation proof, return actionable or manual-review rather than superseded/resolved. ## Phase 5: Consumer Migration **Purpose**: Move current-follow-up UI from historical terminal truth to actionability. - [x] T044 Update `OperationRun::dashboardNeedsFollowUp()` or add a replacement scope/helper so current dashboard follow-up uses actionability-backed query/evaluation semantics. - [x] T045 Update `OperationRun::problemClass()` and related constants only if needed; preserve history and compatibility until consumers are migrated. - [x] T046 Update `apps/platform/app/Filament/Widgets/Dashboard/NeedsAttention.php` to count current actionable/manual-review terminal runs through the resolver. - [x] T047 Update `apps/platform/app/Filament/Widgets/Dashboard/BaselineCompareNow.php` to use actionability-backed Operations follow-up counts and links. - [x] T048 Update `apps/platform/app/Support/OperationRunLinks.php` so current-follow-up links use actionability/problem filters that cannot target resolved/superseded historical rows as current work. - [x] T049 Update `apps/platform/app/Filament/Pages/Monitoring/Operations.php` filters/prefilters/workbench state and `apps/platform/app/Filament/Widgets/Operations/OperationsWorkbenchStats.php` to support current actionability while keeping historical rows reachable. - [x] T050 Update `apps/platform/app/Filament/Resources/OperationRunResource.php`, `apps/platform/app/Filament/Pages/Operations/TenantlessOperationRunViewer.php`, and `apps/platform/app/Support/OpsUx/OperationUxPresenter.php` so list/detail/decision copy shows actionability truth separately from historical status where current follow-up is displayed. - [x] T051 Update `apps/platform/app/Support/GovernanceInbox/GovernanceInboxSectionBuilder.php`, `apps/platform/app/Support/EnvironmentDashboard/EnvironmentDashboardSummaryBuilder.php`, and `apps/platform/app/Support/Workspaces/WorkspaceOverviewBuilder.php` so aggregate operation follow-up uses current actionability counts and links, or explicitly documents any remaining historical-only usage. - [x] T052 Update `apps/platform/app/Support/Operations/OperationRunActionEligibility.php` to consume actionability and avoid primary actions for superseded/resolved rows unless the action is pure history/detail navigation. - [x] T053 Update `apps/platform/app/Livewire/BulkOperationProgress.php` and `App\Support\OpsUx\ActiveRuns` so shell active-run progress remains active-run only; remove current terminal follow-up from active progress or convert it to a distinct actionability-backed non-active signal with test coverage. - [x] T054 Update EN/DE localization keys only for new visible actionability labels/reasons; avoid raw reason-code leakage. ## Phase 6: UI Coverage and Documentation-In-Feature **Purpose**: Keep UI-COV and close-out evidence inside the active spec package. - [x] T055 Decide whether implementation materially changes Operations/dashboard/governance-inbox/environment-dashboard/workspace-overview coverage artifacts. - [x] T056 If coverage artifacts change, update the relevant `docs/ui-ux-enterprise-audit/` route inventory/design matrix/page report entries. - [x] T057 If coverage artifacts do not change, record the checked no-update rationale in `specs/367-operationrun-actionability-system/implementation-close-out.md` or the active PR close-out. - [x] T058 If browser smoke is run, store screenshots or notes under `specs/367-operationrun-actionability-system/artifacts/`. - [x] T059 Record implementation close-out including Filament v5/Livewire v4 compliance, provider location, global search status, destructive action status, asset strategy, test commands, and deployment impact. ## Phase 7: Validation **Purpose**: Prove the feature and guardrails without broad suite drift. - [x] T060 Run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Unit/Support/Operations tests/Feature/Operations tests/Feature/Monitoring tests/Feature/Filament`. - [x] T061 Run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Feature/Guards`. - [x] T062 If browser coverage was added, run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec367OperationRunActionabilitySmokeTest.php`. - [x] T063 Run `cd apps/platform && ./vendor/bin/sail pint --dirty --test`. - [x] T064 Run `git diff --check`. - [x] T065 Review `rg -n "terminalFollowUp|dashboardNeedsFollowUp|problemClass|requiresDashboardFollowUp|requiresOperatorReview" apps/platform/app` and confirm any remaining usages are historical-only, model/internal compatibility, or explicitly documented in `repo-truth-map.md` / implementation close-out. - [x] T066 Review `rg -n "GraphClientInterface|graph\\("` in new/changed actionability files and confirm there are no render-time Graph calls. - [x] T067 Confirm no migrations, packages, env vars, queues, scheduler changes, storage changes, panel provider changes, global search changes, or Filament asset registrations were introduced. ## Explicit Non-Goals - [x] T068 Do not add manual acknowledge/resolve UI. - [x] T069 Do not create a persisted actionability table or column. - [x] T070 Do not rewrite historical OperationRun rows. - [x] T071 Do not introduce new destructive actions, retries, restore re-execution, or force-complete actions. - [x] T072 Do not enable global search for `OperationRunResource`.