---
description: "Task list for Governance Artifact Retargeting to ManagedEnvironment"
---

# Tasks: Governance Artifact Retargeting to ManagedEnvironment

**Input**: Design documents from `specs/282-governance-artifact-retargeting/`  
**Prerequisites**: `specs/282-governance-artifact-retargeting/spec.md`, `specs/282-governance-artifact-retargeting/plan.md`, `specs/282-governance-artifact-retargeting/checklists/requirements.md`, `specs/282-governance-artifact-retargeting/research.md`, `specs/282-governance-artifact-retargeting/data-model.md`, `specs/282-governance-artifact-retargeting/quickstart.md`, `specs/282-governance-artifact-retargeting/contracts/governance-artifact-retargeting.logical.openapi.yaml`

**Tests**: REQUIRED (Pest). Keep proof bounded to `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php`, `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php`, `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php`, `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php`, and `apps/platform/tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php`.  
**Operations**: No new `OperationRun` family. Reuse `apps/platform/app/Support/OperationRunLinks.php` and `apps/platform/app/Support/Navigation/RelatedNavigationResolver.php` for all artifact-origin operation drillthroughs.  
**RBAC**: Workspace membership remains the first `404` boundary, managed-environment entitlement remains the second `404` boundary, and in-scope capability denials stay `403`.  
**Shared Pattern Reuse**: Reuse `ResolvesPanelTenantContext`, `InteractsWithTenantOwnedRecords`, `OperateHubShell`, `CanonicalNavigationContext`, `RelatedNavigationResolver`, `OperationRunLinks`, and current artifact presenters. Do not add local route helper frameworks or compatibility shims.  
**Filament / Panel Guardrails**: Filament remains v5 on Livewire v4. Provider registration remains in `apps/platform/bootstrap/providers.php`. Touched searchable resources must keep truthful destinations or remain disabled. Existing destructive or high-impact actions keep `->requiresConfirmation()` plus current server authorization. Asset strategy stays unchanged.  
**Compatibility Posture**: Reject schema changes, lifecycle rewrites, stored-report productization drift, provider/taxonomy/RBAC/copy spillover, tenant-panel fallbacks, and route aliases. Keep Specs `267`, `277`, and `283` through `287` deferred.  
**External Prerequisite**: Spec `280` workspace-first environment route shell must already be merged or otherwise present on the implementation branch before any runtime or test task starts.  
**Organization**: Tasks are grouped by user story so admin-panel registration, read-only artifact context, operation drillthroughs, and no-legacy guardrails remain independently testable.  
**Review Outcome**: `blocked-by-prerequisite`  
**Workflow Outcome**: `keep`  
**Test-governance Outcome**: `keep`

## Test Governance Checklist

- [x] Lane assignment stays `fast-feedback`, `confidence`, and one narrow `browser` lane.
- [x] New or changed tests stay in the smallest honest families under `apps/platform/tests/Feature/Filament/GovernanceArtifacts/` plus one browser smoke file only.
- [x] Workspace and managed-environment fixtures remain explicit; no tenant-panel compatibility fixtures or hidden context defaults become shared setup.
- [x] Planned validation commands match `spec.md`, `plan.md`, and `quickstart.md` exactly.
- [x] `standard-native-filament` and `global-context-shell` expectations stay explicit for touched surfaces.
- [x] Any attempt to absorb Specs `267`, `277`, or `283` through `287` resolves as `split` or `reject-or-split`, not hidden scope.

## Phase 0: External Gate

**Purpose**: Confirm the runtime prerequisite from Spec `280` is available before implementation begins.

- [x] T000 Confirm Spec `280` is already merged or otherwise present on the implementation branch before any runtime or test task begins.

---

## Phase 1: Setup (Shared Context)

**Purpose**: Confirm the bounded artifact-surface inventory, proof files, and adjacent-spec boundaries before runtime edits begin.

- [x] T001 Review `specs/282-governance-artifact-retargeting/spec.md`, `plan.md`, `checklists/requirements.md`, `research.md`, `data-model.md`, `quickstart.md`, and `contracts/governance-artifact-retargeting.logical.openapi.yaml` together so implementation stays on Spec 282 only.
- [x] T002 [P] Confirm the current governance-register inventory and admin-hide guards in `apps/platform/app/Filament/Resources/InventoryItemResource.php`, `PolicyResource.php`, `PolicyVersionResource.php`, `FindingResource.php`, and `FindingExceptionResource.php`.
- [x] T003 [P] Confirm the current recovery and backup inventory and tenant-panel URLs in `apps/platform/app/Filament/Resources/BackupScheduleResource.php`, `BackupSetResource.php`, and `RestoreRunResource.php`.
- [x] T004 [P] Confirm the current read-only artifact fallbacks and mixed environment-context handling in `apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php`, `TenantReviewResource.php`, `ReviewPackResource.php`, and `StoredReportResource.php`.
- [x] T005 [P] Confirm the shared context and deep-link seams in `apps/platform/app/Filament/Concerns/ResolvesPanelTenantContext.php`, `apps/platform/app/Filament/Concerns/InteractsWithTenantOwnedRecords.php`, `apps/platform/app/Support/OperateHub/OperateHubShell.php`, `apps/platform/app/Support/Navigation/CanonicalNavigationContext.php`, `apps/platform/app/Support/Navigation/RelatedNavigationResolver.php`, and `apps/platform/app/Support/OperationRunLinks.php`.
- [x] T006 [P] Confirm deferred boundaries in `specs/267-artifact-lifecycle-retention/spec.md`, `specs/277-stored-reports-surface/spec.md`, `specs/280-workspace-tenancy-environment-routing/spec.md`, `specs/281-provider-connection-scope/spec.md`, and `specs/282-governance-artifact-retargeting/checklists/requirements.md`.

---

## Phase 2: Foundational (Blocking Prerequisites)

**Purpose**: Establish the proving suite and the shared admin-panel environment-context contract that all touched artifact families depend on.

**Critical**: No user-story work should begin until this phase is complete.

- [x] T007 [P] Add failing coverage in `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php` for admin-panel registration and workspace-first route ownership of the touched artifact resource families.
- [x] T008 [P] Add failing coverage in `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php` for workspace membership, managed-environment entitlement, mismatched workspace and environment `404`, and admin-panel environment resolution without tenant-panel ownership. Mismatched workspace/environment `404` proof landed in `GovernanceArtifactAdminPanelRegistrationTest.php` because the live HTTP route-ownership assertions and deny-as-404 contract share the same canonical URL surface.
- [x] T009 [P] Add failing coverage in `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php` for artifact-origin related links and operation drillthroughs using workspace-first environment and operations routes.
- [x] T010 [P] Add failing guard coverage in `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php` for touched artifact families that still hide from admin, emit `tenant:` or `panel: 'tenant'` URLs, or depend on `/admin/t` route language.
- [x] T011 [P] Add the narrow browser smoke in `apps/platform/tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php` for one workspace-first environment artifact flow covering one governance register and one read-only artifact surface.
- [x] T012 Update `apps/platform/app/Filament/Concerns/ResolvesPanelTenantContext.php`, `apps/platform/app/Filament/Concerns/InteractsWithTenantOwnedRecords.php`, and any cooperating admin-shell helpers so the workspace-first environment route contract is the authoritative context source for the touched artifact families.

**Checkpoint**: The proving files exist, the admin-panel environment-context helper contract is ready, and user-story work can proceed on top of one shared context model.

---

## Phase 3: User Story 1 - Open governance resources for one environment inside the admin panel (Priority: P1)

**Goal**: The core governance resource families open inside the workspace-first admin runtime with no tenant-panel registration drift.

**Independent Test**: Open representative governance registers such as findings, policies, or inventory for one managed environment and confirm they resolve under workspace-first environment routes.

### Tests for User Story 1

- [x] T013 [P] [US1] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php` to prove touched governance-register resources stop hiding from the admin panel and open only workspace-first environment routes.
- [x] T014 [P] [US1] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php` to prove collection and detail access deny mismatched workspace or environment scope as `404` for the touched governance-register families. The live `404` route proof landed in `GovernanceArtifactAdminPanelRegistrationTest.php` because it exercises the canonical HTTP resource URLs directly.

### Implementation for User Story 1

- [x] T015 [US1] Retarget admin registration and route ownership in `apps/platform/app/Filament/Resources/InventoryItemResource.php`, `PolicyResource.php`, `PolicyVersionResource.php`, `FindingResource.php`, and `FindingExceptionResource.php` so they resolve inside the workspace-first admin runtime.
- [x] T016 [US1] Align collection and detail route declarations, breadcrumb order, and context-shell labels across the touched governance-register resources so their list and detail surfaces speak one workspace-first environment contract. Shared `WorkspaceScopedTenantRoutes` plus the surviving default Filament page routes now give the touched governance-register resources one workspace-first collection/detail contract with no resource-local breadcrumb or route divergence left in the 282 slice.
- [x] T017 [US1] Update record URLs, related links, and route parameters in the touched governance-register families so no source surface emits `tenant:` or `panel: 'tenant'` destinations. The touched governance-register resources now resolve source URLs through `static::getUrl(...)`, `RelatedNavigationResolver`, and the 282 legacy-tenant guard with no remaining tenant-panel route language in those resource files.

**Checkpoint**: Governance registers and their detail surfaces live on the workspace-first admin runtime with truthful scope and no tenant-panel route language.

---

## Phase 4: User Story 2 - Read retained evidence and reporting artifacts with the same environment context (Priority: P1)

**Goal**: Evidence, reviews, review packs, and stored reports stay environment-aware on the admin panel without relying on tenant-panel-only fallbacks.

**Independent Test**: Open evidence, a review-related artifact, and a stored report from one environment and confirm each surface resolves the correct environment in the workspace-first admin shell.

### Tests for User Story 2

- [x] T018 [P] [US2] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php` to cover `EvidenceSnapshotResource`, `TenantReviewResource`, `ReviewPackResource`, and `StoredReportResource` under the admin-panel environment contract.
- [x] T019 [P] [US2] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php` to prove the touched read-only artifact surfaces no longer require tenant-panel-only context.

### Implementation for User Story 2

- [x] T020 [US2] Retarget `apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php`, `TenantReviewResource.php`, `ReviewPackResource.php`, and `StoredReportResource.php` so environment resolution on the admin panel does not depend on tenant-panel-only fallbacks.
- [x] T021 [US2] Preserve existing read-only, download, and presenter semantics on those artifact surfaces while moving their route ownership and related links to the workspace-first admin runtime.

**Checkpoint**: Read-only artifact viewers and reporting surfaces remain calm and truthful on the admin panel with correct environment context.

---

## Phase 5: User Story 3 - Follow artifact drillthroughs into operations without stale tenant-panel links (Priority: P2)

**Goal**: Artifact-origin drillthroughs and operational resource actions keep truthful workspace-first navigation into operations and adjacent artifact surfaces.

**Independent Test**: Open one touched artifact or restore surface, follow its related operation or related-resource link, and confirm the destination stays inside the workspace-first contract.

### Tests for User Story 3

- [x] T022 [P] [US3] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php` to prove touched artifact families use workspace-first environment and operations URLs for related-resource and `View operation` drillthroughs.

### Implementation for User Story 3

- [x] T023 [US3] Retarget related navigation and operation drillthrough calls in `apps/platform/app/Support/Navigation/RelatedNavigationResolver.php`, `apps/platform/app/Support/OperationRunLinks.php`, and touched artifact resources so they use the workspace-first route contract only.
- [x] T024 [US3] Retarget action URLs and related links in `apps/platform/app/Filament/Resources/BackupScheduleResource.php`, `BackupSetResource.php`, and `RestoreRunResource.php` so recovery-safe surfaces preserve their existing action hierarchy while dropping tenant-panel route assumptions. `BackupScheduleResource` now routes operation follow-up through `OperationRunLinks`, while `BackupSetResource` and `RestoreRunResource` route related drilldowns through `RelatedNavigationResolver` and `OperationRunLinks` only, preserving the existing grouped action hierarchy without tenant-panel assumptions.

**Checkpoint**: Artifact-origin navigation and operation links stay truthful, environment-safe, and tenant-panel-free.

---

## Phase 6: User Story 4 - Keep authorization, search, and no-legacy expectations truthful (Priority: P3)

**Goal**: Direct URLs, search exposure, and guardrails remain truthful after the artifact-surface retarget.

**Independent Test**: Open touched direct URLs and any touched searchable or shared-navigation destinations, then confirm truthful workspace-first routing and no surviving tenant-panel dependency.

### Tests for User Story 4

- [x] T025 [P] [US4] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php` and `GovernanceArtifactEnvironmentContextTest.php` to cover any touched searchable destinations or explicitly prove they remain disabled.
- [x] T026 [P] [US4] Extend `apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php` to prove touched artifact families no longer hide from admin registration or emit tenant-panel routes.

### Implementation for User Story 4

- [x] T027 [US4] Keep touched searchable artifact surfaces truthful by preserving valid view or edit destinations or disabling search in the same slice.
- [x] T028 [US4] Remove remaining touched tenant-panel fallbacks, admin-hide guards, and stale route language from the artifact families and shared helper seams without widening into global cutover work reserved for Spec `287`.

**Checkpoint**: Direct URLs, shared-navigation entries, and touched searchable surfaces remain truthful with no surviving tenant-panel dependency in the 282 slice.

---

## Phase 7: Polish & Cross-Cutting Validation

**Purpose**: Run the exact bounded proof set, perform the final Filament review, and close the slice without reopening adjacent specs.

- [x] T029 [P] Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php)`.
- [x] T030 [P] Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail artisan test --compact tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php)`.
- [x] T031 [P] Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail bin pint --dirty --format agent)`.
- [x] T032 [P] Review touched resource files and helper seams to confirm Filament v5 and Livewire v4 compliance, provider registration staying in `apps/platform/bootstrap/providers.php`, truthful global-search posture, preserved destructive-action confirmation plus authorization, and unchanged asset strategy.
- [x] T033 [P] Record the implementation close-out in `specs/282-governance-artifact-retargeting/checklists/requirements.md` or the active PR notes confirming the slice stayed on surface ownership and did not absorb Specs `267`, `277`, or `283` through `287`.

---

## Dependencies & Execution Order

### Phase Dependencies

- **Phase 0 (External Gate)**: no dependencies; complete before implementation starts.
- **Phase 1 (Setup)**: depends on Phase 0.
- **Phase 2 (Foundational)**: depends on Phase 1 and blocks all story work.
- **Phase 3 (US1)**: depends on Phase 2 and establishes the route and registration contract for the core governance registers.
- **Phase 4 (US2)**: depends on Phase 2 and should follow once the shared environment-context helper contract is stable.
- **Phase 5 (US3)**: depends on US1 and US2 so the shared destinations are already truthful before drillthrough links converge.
- **Phase 6 (US4)**: depends on US1 through US3 so guardrails prove the final route contract rather than an intermediate state.
- **Phase 7 (Polish)**: depends on all desired user stories being complete.

### User Story Dependencies

- **US1 (P1)**: independently testable after Phase 2 and is the first required increment.
- **US2 (P1)**: independently testable after Phase 2 and should ship with or immediately after US1 because read-only artifacts share the same environment-context seam.
- **US3 (P2)**: independently testable after US1 and US2 because it relies on their route contract.
- **US4 (P3)**: independently testable after US1 through US3 and closes truthfulness and no-legacy expectations.

### Within Each User Story

- Write or extend the listed Pest coverage first and make it fail for the intended gap.
- Apply the smallest shared-seam changes needed to satisfy the story without reopening deferred specs.
- Re-run the narrowest relevant validation command for that story before moving to the next story.

## Parallel Execution Examples

- **Setup**: T002 through T006 can run in parallel once T000 and T001 set the bounded scope.
- **Foundational**: T007 through T011 can run in parallel before T012 converges the shared context helper contract.
- **US1**: T013 and T014 can run in parallel; T015 through T017 should merge serially around the touched register resources.
- **US2**: T018 and T019 can run in parallel; T020 and T021 should merge serially around the read-only artifact surfaces.
- **US3**: T022 can run in parallel with T023, then T024 follows once the shared drillthrough contract is stable.
- **US4**: T025 and T026 can run in parallel; T027 and T028 follow once the final route contract is stable.
- **Polish**: T029 through T032 can run in parallel after implementation is complete; T033 closes out last.

## Implementation Strategy

### Suggested MVP Scope

- MVP = **US1 + US2**. Land the core admin-panel artifact surface ownership first so the surviving workspace-first runtime can actually host the existing environment-owned governance artifacts.

### Incremental Delivery

1. Complete Phase 0, Phase 1, and Phase 2.
2. Deliver US1 so the core governance registers stop depending on the tenant panel.
3. Deliver US2 so read-only artifacts stop depending on tenant-panel-only context.
4. Deliver US3 so artifact drillthroughs and operations links become fully truthful.
5. Deliver US4 to close search and no-legacy truthfulness.
6. Finish with the exact validation commands and the final Filament review in Phase 7.

### Team Strategy

1. Parallelize the failing test work first.
2. Serialize merges around shared helpers and the most cross-cutting resource families.
3. Reject any branch that introduces schema, lifecycle, reporting, provider, RBAC, or copy scope while touching the artifact surfaces.

## Deferred Follow-Ups / Non-Goals

- Spec `267` artifact lifecycle and retention contract work
- Spec `277` stored-reports productization beyond route ownership
- Specs `283` through `287`