ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
fix/pest-makeassignment-collision
TenantAtlas/specs/101-golden-master-baseline-governance-v1/quickstart.md
ahmido a30be84084 Baseline governance UX polish + view Infolist (#123) 
Summary:
- Baseline Compare landing: enterprise UI (stats grid, critical drift banner, better actions), navigation grouping under Governance, and Action Surface Contract declaration.
- Baseline Profile view page: switches from disabled form fields to proper Infolist entries for a clean read-only view.
- Fixes tenant name column usages (`display_name` → `name`) in baseline assignment flows.
- Dashboard: improved baseline governance widget with severity breakdown + last compared.

Notes:
- Filament v5 / Livewire v4 compatible.
- Destructive actions remain confirmed (`->requiresConfirmation()`).

Tests:
- `vendor/bin/sail artisan test --compact tests/Feature/Baselines`
- `vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #123
2026-02-19 23:56:09 +00:00

2.3 KiB
Raw Permalink Blame History

Phase 1 — Quickstart (Developer)

This quickstart is for exercising Baseline Governance v1 locally.

Prereqs

  • Docker running
  • Laravel Sail available

Setup

  1. Start containers: vendor/bin/sail up -d
  2. Install deps (if needed): vendor/bin/sail composer install
  3. Migrate: vendor/bin/sail artisan migrate
  4. Build frontend assets (if UI changes arent visible): vendor/bin/sail npm run dev

Happy path walkthrough

1) Create a baseline profile

  • Navigate to Admin → Governance → Baselines
  • Create a profile with:
    • name
    • status = draft
    • scope filter (policy types/domains)

2) Capture from a source tenant

  • From the Baseline Profile view page, trigger “Capture from tenant”
  • Select a source tenant
  • Confirm the action
  • You should see a queued notification with “View run” that links to Monitoring → Operations

Expected:

  • An OperationRun of type baseline_capture is created (or reused if one is already queued/running)
  • On success, an immutable baseline_snapshot is created and the profiles active_snapshot_id is updated (when profile is active)

3) Assign baseline to a tenant

  • Navigate to the tenant context (Admin → choose tenant)
  • Assign the baseline profile to the tenant (v1: exactly one baseline per tenant)
  • Optionally define an override filter that narrows scope

4) Compare now (Soll vs Ist)

  • Navigate to the “Soll vs Ist” landing page for the tenant
  • Click “Compare now”

Expected:

  • An OperationRun of type baseline_compare is created/reused
  • Findings are created/updated with stable fingerprints
  • The compare run summary is persisted (totals + severity breakdown)

Precondition failure checks

These should return HTTP 422 with reason_code, and must not create an OperationRun:

  • compare with no assignment: baseline.compare.no_assignment
  • compare when profile not active: baseline.compare.profile_not_active
  • compare when no active snapshot: baseline.compare.no_active_snapshot
  • capture with missing source tenant: baseline.capture.missing_source_tenant

Test focus (when implementation lands)

  • BaselineProfile CRUD + RBAC (404 vs 403)
  • Capture idempotency (dedupe snapshot identity)
  • Compare idempotency (dedupe finding fingerprint)
  • Action surfaces comply with the Filament Action Surface Contract