ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
codex/322-post-319-validation-note
TenantAtlas/specs/293-post-cutover-suite-stabilization/failure-classification.md
ahmido 83ab4690d5 fix: stabilize post-cutover suite baseline (#348) 
## Summary
- stabilize the active spec 293 post-cutover suite baseline around the current admin-panel and workspace-first runtime
- align operations, provider, required-permissions, and action-surface expectations to canonical workspace-aware routes
- add the monitoring operations workspace-membership guard and update the spec 293 classification artifacts
- include the browser smoke screenshots captured during verification

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/PanelNavigationSegregationTest.php tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/OpsUx/CanonicalViewRunLinksTest.php tests/Feature/OpsUx/OperateHubShellTest.php tests/Feature/OpsUx/FailureSanitizationTest.php tests/Feature/OpsUx/NonLeakageWorkspaceOperationsTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php tests/Feature/ProviderConnections/NavigationPlacementTest.php tests/Feature/ProviderConnections/ProviderConnectionListAuthorizationTest.php tests/Feature/Verification/VerificationAuthorizationTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/Spec288NoLegacyRouteAndHelperGuardTest.php tests/Feature/Guards/Spec288ProviderCoreAndRoleAuthorityGuardTest.php tests/Feature/Guards/AdminWorkspaceRoutesGuardTest.php tests/Feature/Guards/ProviderBoundaryPlatformCoreGuardTest.php tests/Feature/ProviderConnections/LegacyRedirectTest.php tests/Feature/ManagedEnvironment/LegacyTenantCoreGuardTest.php tests/Feature/Spec080WorkspaceManagedTenantAdminMigrationTest.php tests/Feature/Rbac/ProviderConnectionWorkspaceFirstPolicyTest.php tests/Feature/Filament/ManagedEnvironmentAccessScopeManagementTest.php tests/Feature/Guards/BrowserLaneIsolationTest.php tests/Feature/Guards/CiLaneFailureClassificationContractTest.php tests/Feature/Guards/CiHeavyBrowserWorkflowContractTest.php tests/Unit/Auth/NoRoleStringChecksTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec281ProviderConnectionScopeSmokeTest.php tests/Browser/Spec285WorkspaceRbacEnvironmentAccessSmokeTest.php`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- remaining provider/verification failures are classified in `specs/293-post-cutover-suite-stabilization/failure-classification.md` as unrelated existing debt and are not folded into this slice

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #348
2026-05-11 06:41:47 +00:00

7.4 KiB
Raw Permalink Blame History

Failure Classification: Post-Cutover Suite Stabilization & Baseline Reconciliation

Purpose

Use this artifact during later implementation of 293 to record the initial suite baseline, classify every relevant failure, and keep remaining unrelated debt explicit.

Pinned Failure-Classification Categories

Category Meaning
cutover-baseline-debt stale test or baseline expectation caused directly by the 287 and 288 cutover truth
cutover-runtime-regression current workspace-first primary path is actually broken
unrelated-existing-debt existing failure outside the cutover stabilization scope
flaky-or-environment nondeterministic or environment-specific failure
resolved-or-not-needed initially suspected cutover debt that no longer needs work after classification or adjacent repair

Pinned Stabilization Seams

Seam Meaning
tenant_panel_baseline stale TenantPanel or panel: 'tenant' assumptions
legacy_admin_t_routes stale /admin/t/... management-route assumptions
workspace_aware_operations_routes operations links or helpers missing workspace context
legacy_required_permissions_provider_connections tenant-scoped required-permissions or provider-connection legacy expectations
action_surface_rebaseline stale action-surface expectations caused by the cutover

Initial Baseline Seeds

Group Seam Category Reason Fix In 293? Follow-up Status
PanelNavigationSegregationTest tenant_panel_baseline, legacy_admin_t_routes cutover-baseline-debt confirmed: the file still expects /admin to return 200 directly and still treats /admin/t/... as a live panel entry point yes update the baseline to current admin-panel navigation truth and explicit retired-route assertions confirmed from targeted panel proof set
ActionSurfaceContractTest workspace_aware_operations_routes, legacy_required_permissions_provider_connections, action_surface_rebaseline cutover-baseline-debt still likely mixes old action expectations and old route generation assumptions yes rebaseline only cutover-stale expectations pending initial baseline run
CanonicalViewRunLinksTest, OperateHubShellTest, FailureSanitizationTest, NonLeakageWorkspaceOperationsTest workspace_aware_operations_routes cutover-baseline-debt confirmed: the targeted OpsUx proof set still builds admin.operations.* URLs without workspace, and OperateHubShellTest still expects a retired tenant-panel dashboard URL yes rebaseline these tests to the canonical workspace-aware routes and current tenant dashboard URL confirmed from targeted OpsUx proof set
BackupItemsRelationManagerUiEnforcementTest action_surface_rebaseline cutover-baseline-debt treat as cutover debt initially, but reclassify if the mismatch proves unrelated during targeted reruns yes reclassify if mismatch is unrelated or proves to be a true runtime regression instead pending initial baseline run
TenantSyncBulkJobTest N/A unrelated-existing-debt current summary-count mismatch is not obviously part of the cutover baseline no unless reclassification proves otherwise document and leave out of scope pending initial baseline run
LegacyTenantCoreGuardTest tenant_panel_baseline, legacy_admin_t_routes resolved-or-not-needed the targeted panel proof set left the guard file green while PanelNavigationSegregationTest failed, so the retirement guard already reflects current truth no keep as regression proof while stabilizing the stale navigation test confirmed from targeted panel proof set
NavigationPlacementTest, view-route assertions in VerificationAuthorizationTest workspace_aware_operations_routes cutover-baseline-debt confirmed: one provider navigation test still used the retired /admin/operations entry point and verification view assertions still built admin.operations.view without workspace or persisted run workspace context yes rebaseline to the canonical /admin/workspaces/{workspace}/operations routes and seeded run workspace ids confirmed green in focused reruns after rebaseline
ActionSurfaceContractTest, RequiredPermissionsLegacyRouteTest legacy_required_permissions_provider_connections, action_surface_rebaseline, workspace_aware_operations_routes cutover-baseline-debt confirmed: the guard still expected tenant-plane required-permissions URLs, tenant-panel-era operation links, and several stale surface labels/action inventories yes rebaseline to canonical workspace/environment required-permissions routes, workspace-aware operation links, and current action labels/inventory confirmed green in focused reruns after rebaseline
ProviderConnectionListAuthorizationTest action_surface_rebaseline resolved-or-not-needed the mismatch proved to be an empty-list header-surface expectation rather than a cutover runtime bug; the current surface hides the header create CTA on an empty list for non-members no keep the rebaselined assertion as the current header-surface regression proof confirmed green in focused rerun
BackupItemsRelationManagerUiEnforcementTest action_surface_rebaseline unrelated-existing-debt targeted rerun showed the mid-session membership-revocation mismatch is not a cutover route/panel issue and no longer matches either the old hidden-state assumption or a simple disabled-state rebaseline no leave for a dedicated RBAC/action-state follow-up outside spec 293 confirmed from targeted rerun
ProviderConnectionNeutralitySpec238Test N/A unrelated-existing-debt current provider connection detail copy no longer contains Provider identity details; this is a neutral-surface wording drift unrelated to workspace-first cutover seams no leave for a provider-surface wording follow-up confirmed from post-rebaseline provider/verification rerun
ProviderDispatchGateStartSurfaceTest, ProviderOperationConcurrencyTest, VerificationAuthorizationTest start assertion, VerificationStartAfterCompletionTest, VerificationStartDedupeTest N/A unrelated-existing-debt after the route baseline repairs, these failures remain as provider-operation gate / dedupe behavior mismatches (blocked starts, extra runs, missing queued jobs) rather than panel or workspace-route drift; repo note provider-verification-start-fixture-contract.md documents the new startable fixture contract behind this seam no leave for a dedicated provider-operation / verification follow-up outside spec 293 confirmed from post-rebaseline provider/verification rerun
ProviderConnectionHealthCheckWritesReportTest N/A unrelated-existing-debt verification report summary counts now exceed the prior <= 7 cap (8 observed), which is report-schema/content drift unrelated to the cutover baseline no leave for a dedicated verification-report follow-up confirmed from post-rebaseline provider/verification rerun

Completion Rule

Before 293 can be considered ready for implementation close-out, every remaining relevant group must appear in the table above or an appended row below with one pinned category and one explicit follow-up. After the final rerun, no cutover-related failure may remain unclassified: each group must be resolved, explicitly left out of scope as unrelated-existing-debt or flaky-or-environment, or recorded as resolved-or-not-needed.