# Implementation Plan: `apps/website` Public Website Launch Readiness **Branch**: `feat/403-public-website-launch-readiness` | **Date**: 2026-05-21 | **Spec**: `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/spec.md` **Input**: Feature specification from `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/spec.md` ## Summary Make the existing Spec 402 ScrewFast-derived Tenantial public website launch-ready without rebuilding the foundation or touching `apps/platform`. The implementation will stay inside `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` and focus on German-default plus English-prefixed public copy, CTA targets, route exposure, metadata, sitemap/robots behavior, conservative trust/pricing wording, static preview framing, and browser/static validation. ## Technical Context **Language/Version**: TypeScript 6.0.3, Astro 6.3.3, Node.js >=20.0.0, pnpm 10.33.0 **Primary Dependencies**: Astro, `@astrojs/starlight`, `@astrojs/sitemap`, `@astrojs/mdx`, Tailwind CSS v4, `@tailwindcss/vite`, Preline 4, Lenis, GSAP, Sharp, Playwright **Storage**: N/A - static website content and generated build output only; no database or product persistence **Testing**: Astro check/build plus Playwright smoke tests under `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/tests/smoke` **Validation Lanes**: website build, public smoke, manual browser review, whitespace check, `apps/platform` scope check **Target Platform**: Static Astro public website deployed from `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website`, with public site URL `https://tenantial.com` **Project Type**: Web - standalone Astro public website inside monorepo **Performance Goals**: No body-level horizontal overflow on validated desktop/mobile routes; static pages remain usable when JavaScript fails where reasonably possible **Constraints**: Runtime/source changes are scoped to `apps/website`; Spec Kit artifacts may live under `specs/403-public-website-launch-readiness`; preserve Spec 402 ScrewFast-derived substrate; no backend contact/demo workflow; no authentication, billing, Microsoft Graph, Laravel, Filament, Livewire, database, queue, job, provider, policy, RBAC, or `apps/platform` changes **Scale/Scope**: Public launch-readiness pass for canonical German default routes, English `/en/...` route mirrors, redirect aliases, docs routes, static metadata assets, navigation, footer CTAs, pricing/trust/legal/contact content, and Playwright smoke coverage ## UI / Surface Guardrail Plan - **Guardrail scope**: no admin/operator-facing product surface change; public website launch-readiness workflow only - **Native vs custom classification summary**: ScrewFast-derived Astro website; no Filament/Blade/admin surface - **Shared-family relevance**: none for Laravel/Filament shared interaction families - **State layers in scope**: localized static page content, public route metadata, navigation/footer link data, Starlight docs configuration, Playwright smoke expectations - **Audience modes in scope**: public visitor, buyer/reviewer, site owner/reviewer; no authenticated operator/MSP/support-platform modes - **Decision/diagnostic/raw hierarchy plan**: public copy must be decision-first for visitors; diagnostics are limited to launch-readiness notes and tests, not visible runtime UI - **Raw/support gating plan**: N/A - no raw/support product evidence surface - **One-primary-action / duplicate-truth control**: each public page should keep a clear demo/contact path and avoid competing fake login, billing, checkout, or account CTAs - **Handling modes by drift class or surface**: public route/copy/CTA drift is review-mandatory inside this feature; platform/admin drift is a hard stop - **Repository-signal treatment**: `apps/platform` changes are a hard stop; generated website build artifacts are reviewed only if they become tracked changes - **Special surface test profiles**: N/A - not a Filament surface - **Required tests or manual smoke**: public smoke plus manual browser review across light/dark/mobile/desktop and keyboard reachability - **Exception path and spread control**: none - **Active feature PR close-out entry**: Smoke Coverage ## Shared Pattern & System Fit - **Cross-cutting feature marker**: no - **Systems touched**: `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` public website only - **Shared abstractions reused**: existing Spec 402 ScrewFast-derived Astro structure, page components, Starlight docs, sitemap integration, and Playwright smoke helper patterns - **New abstraction introduced? why?**: none - **Why the existing abstraction was sufficient or insufficient**: The website already has route, layout, navigation, metadata, docs, and smoke-test structure. Launch readiness can be implemented by tightening those local artifacts rather than adding runtime abstractions. - **Bounded deviation / spread control**: none ## OperationRun UX Impact - **Touches OperationRun start/completion/link UX?**: no - **Central contract reused**: N/A - **Delegated UX behaviors**: N/A - **Surface-owned behavior kept local**: N/A - **Queued DB-notification policy**: N/A - **Terminal notification path**: N/A - **Exception path**: none ## Provider Boundary & Portability Fit - **Shared provider/platform boundary touched?**: no - **Provider-owned seams**: N/A - **Platform-core seams**: N/A - **Neutral platform terms / contracts preserved**: Public product language may refer to Microsoft tenant configuration as positioning only; no product runtime seam changes. - **Retained provider-specific semantics and why**: Microsoft tenant wording remains because Tenantial's public positioning is currently Microsoft tenant governance. - **Bounded extraction or follow-up path**: none ## Constitution Check *GATE: Must pass before Phase 0 research. Re-check after Phase 1 design.* - Inventory-first: PASS - no inventory, snapshot, or backup runtime behavior is changed. - Read/write separation: PASS - no product write/change behavior is introduced. - Graph contract path: PASS - no Microsoft Graph calls or contract registry changes. - Deterministic capabilities: PASS - no capability resolver or capability derivation changes. - RBAC-UX: PASS - no `/admin`, `/system`, tenant context, workspace context, capability, policy, or authorization behavior changes. - Workspace isolation: PASS - no workspace data or routes. - RBAC-UX destructive-like actions: PASS - no destructive actions. - RBAC-UX global search: PASS - no Filament resources or global search changes. - Tenant isolation: PASS - no tenant data, tenant routes, or cross-tenant views. - Run observability: PASS - no long-running, remote, queued, scheduled, or security-relevant DB action. - OperationRun start UX: PASS - no OperationRun behavior. - Ops-UX 3-surface feedback: PASS - no OperationRun notifications. - Ops-UX lifecycle: PASS - no OperationRun status/outcome transitions. - Ops-UX summary counts: PASS - no summary counts. - Ops-UX guards: PASS - no Ops-UX guard changes. - Ops-UX system runs: PASS - no system runs. - Automation: PASS - no queued/scheduled operations. - Data minimization: PASS - public copy and static preview content only; no secrets or tokens. - Test governance (TEST-GOV-001): PASS - Browser/static website classification, explicit website smoke lane, no hidden Laravel/Filament/provider/database setup. - Proportionality (PROP-001): PASS - local website hardening, no new product runtime structure. - No premature abstraction (ABSTR-001): PASS - no new factories, registries, resolvers, strategies, interfaces, or frameworks. - Persisted truth (PERSIST-001): PASS - no persisted product truth. - Behavioral state (STATE-001): PASS - no status/state/reason family. - UI semantics (UI-SEM-001): PASS - static presentation remains local and does not become product taxonomy. - Shared pattern first (XCUT-001): PASS - no shared operator interaction family touched. - Provider boundary (PROV-001): PASS - public Microsoft wording only; no shared provider/platform seam changes. - V1 explicitness / few layers (V1-EXP-001, LAYER-001): PASS - direct website-local edits only. - Spec discipline / bloat check (SPEC-DISC-001, BLOAT-001): PASS - no new enum, DTO, presenter, persisted entity, interface, registry, resolver, taxonomy, or cross-domain framework. - Badge semantics (BADGE-001): PASS - no product badge semantics; preview labels must not become shared status truth. - Filament-native UI (UI-FIL-001): PASS - no Filament UI. - UI/UX surface taxonomy: PASS - no operator-facing surface. - Decision-first operating model: PASS - public website copy is visitor-decision oriented; no operator surface. - Audience-aware disclosure: PASS - no raw/support product detail surface. - UI/UX inspect model: PASS - no list/detail operator surface. - UI/UX action hierarchy: PASS - no Filament actions. - UI/UX scope, truth, and naming: PASS - no admin scope labels; public copy must avoid implementation-first wording. - UI/UX placeholder ban: PASS - no Filament action groups. - UI naming: PASS - no operator-facing action labels, run titles, notifications, or audit prose. - Operator surfaces: PASS - no `/admin` surface. - Filament UI Action Surface Contract: PASS - no Filament Resource/RelationManager/Page. - Filament UI UX-001: PASS - no Filament screen. - Action-surface discipline: PASS - no operator action surface. - UI review workflow: PASS - plan carries N/A decisions forward and keeps `apps/platform` as hard stop. **Initial Gate Result**: PASS - no constitution violations or unresolved clarifications. ## Test Governance Check - **Test purpose / classification by changed surface**: Browser/static website - **Affected validation lanes**: website build, public smoke, manual browser review, whitespace/scope checks - **Why this lane mix is the narrowest sufficient proof**: The feature changes public static pages, route/metadata exposure, CTAs, and browser rendering. Laravel/Pest/Filament lanes would not prove the changed behavior. - **Narrowest proving command(s)**: `cd /Users/ahmeddarrazi/Documents/projects/wt-website && corepack pnpm build:website`; `cd /Users/ahmeddarrazi/Documents/projects/wt-website && WEBSITE_PORT=4321 corepack pnpm --filter @tenantatlas/website test:smoke`; `cd /Users/ahmeddarrazi/Documents/projects/wt-website && git diff --check`; `cd /Users/ahmeddarrazi/Documents/projects/wt-website && git status --short -- apps/platform` - **Fixture / helper / factory / seed / context cost risks**: none - no database, provider, workspace, membership, session, queue, Sail, Laravel, Filament, or Livewire setup - **Expensive defaults or shared helper growth introduced?**: no - **Heavy-family additions, promotions, or visibility changes**: Browser review remains explicit in website smoke/manual review; no heavy-governance lane - **Surface-class relief / special coverage rule**: N/A - public website - **Closing validation and reviewer handoff**: Reviewers should rely on website build, Playwright smoke, manual light/dark/mobile/desktop checks, no horizontal overflow, no dead CTAs/placeholders, sitemap/robots inspection, and `apps/platform` untouched status. - **Budget / baseline / trend follow-up**: none expected - **Review-stop questions**: lane fit, browser breadth, hidden platform cost, CTA honesty, unsupported claim posture, route exposure - **Escalation path**: document-in-feature - **Active feature PR close-out entry**: Smoke Coverage - **Why no dedicated follow-up spec is needed**: The browser/static review cost is local to this launch-readiness pass unless repeated website release gates become a recurring process problem. ## Project Structure ### Documentation (this feature) ```text /Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/ ├── plan.md ├── research.md ├── data-model.md ├── quickstart.md ├── contracts/ │ └── public-site-contract.md └── tasks.md ``` ### Source Code (repository root) ```text /Users/ahmeddarrazi/Documents/projects/wt-website/apps/website/ ├── astro.config.mjs ├── package.json ├── playwright.config.ts ├── process-html.mjs ├── public/ ├── src/ │ ├── components/ │ ├── content/ │ ├── data_files/ │ ├── images/ │ ├── layouts/ │ ├── pages/ │ └── utils/ └── tests/ └── smoke/ ``` **Structure Decision**: Use the existing `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/website` Astro app from Spec 402. Do not create new base source folders and do not touch `/Users/ahmeddarrazi/Documents/projects/wt-website/apps/platform`. ## Complexity Tracking | Violation | Why Needed | Simpler Alternative Rejected Because | |-----------|------------|-------------------------------------| | None | N/A | N/A | ## Proportionality Review - **Current operator problem**: Public launch review lacks a single bounded plan for route exposure, copy clarity, CTA honesty, metadata, claim safety, and browser checks after the foundation rebuild. - **Existing structure is insufficient because**: Spec 402 established the Astro/ScrewFast substrate but did not complete a release-readiness pass. - **Narrowest correct implementation**: Website-local copy, route, metadata, CTA, smoke, and launch-note work inside `apps/website`. - **Ownership cost created**: Maintenance of website-local public copy, smoke expectations, and launch-readiness note. - **Alternative intentionally rejected**: Rebuilding the foundation, adding backend contact/account workflows, or introducing product runtime abstractions. - **Release truth**: Current-release public website readiness. ## Phase 0 Research Research output is captured in `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/research.md`. **Resolved clarifications**: - The feature uses the existing Astro 6 website and does not need a new framework decision. - Public routes and redirect behavior are defined by `apps/website/src/pages`, `apps/website/astro.config.mjs`, and current Playwright smoke helpers. - Starlight child docs routes are publicly emitted and must be included in launch review, not only the docs root. - Current launch risks to resolve include route-specific social metadata, social image metadata consistency, `/imprint` placeholder details, static contact form wording, footer subscription wording, source `href="#"` placeholders, and the German-default/English-prefixed language route model. - German is the default locale at unprefixed public routes; English is available under `/en/...`. - There are no API endpoints or data entities to contract; route, CTA, metadata, and launch-check contracts are sufficient. - Validation stays in website build and Playwright smoke lanes. ## Phase 1 Design Design output is captured in: - `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/data-model.md` - `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/contracts/public-site-contract.md` - `/Users/ahmeddarrazi/Documents/projects/wt-website/specs/403-public-website-launch-readiness/quickstart.md` No REST, GraphQL, database, Laravel, Filament, Livewire, Microsoft Graph, queue, job, policy, RBAC, or product runtime contracts are introduced. ## Post-Design Constitution Check **Post-Design Gate Result**: PASS - The Phase 1 design remains website-local. - All clarification markers are resolved. - No product persistence, abstractions, state families, provider/platform seams, OperationRun behavior, RBAC behavior, Filament behavior, or Graph calls are introduced. - Browser/static validation remains explicit and bounded to `apps/website`. - `apps/platform` remains out of scope and must be verified by `git status --short -- apps/platform`.