## Summary - restore broad full-suite green-signal coverage across platform governance, operations, onboarding, dashboard/productization, and customer review flows - align related platform tests and supporting behavior with the current expected state for this restoration pass - update the spec-candidates queue as part of the same suite-restoration sweep ## Validation - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Dashboard/TenantDashboardProductizationSmokeTest.php tests/Browser/Reviews/CustomerReviewWorkspaceSmokeTest.php tests/Browser/Spec194GovernanceFrictionSmokeTest.php tests/Browser/Spec265DecisionRegisterSmokeTest.php` Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #351
288 lines
17 KiB
Markdown
288 lines
17 KiB
Markdown
# Implementation Plan: Full Suite Green Signal Restoration
|
|
|
|
**Branch**: `296-full-suite-green-signal-restoration` | **Date**: 2026-05-11 | **Spec**: [spec.md](/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/296-full-suite-green-signal-restoration/spec.md)
|
|
**Input**: Feature specification from `/Users/ahmeddarrazi/Documents/projects/wt-plattform/specs/296-full-suite-green-signal-restoration/spec.md`
|
|
|
|
## Summary
|
|
|
|
Spec 296 restores the platform test suite as a trustworthy CI signal. The implementation starts with a raw full-suite baseline, falls back to existing lane splits when raw output is too broad, protects the Spec 288/293/294 guard lanes first, repairs root-cause clusters in priority order, documents every fix and lane decision, and ends with the raw full suite green unless only controlled, justified browser/heavy/external-runtime cases remain outside the default suite.
|
|
|
|
This plan is preparation only. It does not implement application code.
|
|
|
|
## Technical Context
|
|
|
|
**Language/Version**: PHP 8.4.15
|
|
**Primary Dependencies**: Laravel 12.52.0, Filament 5.2.1, Livewire 4.1.4, Pest 4.3.1, Laravel Sail 1.52.0
|
|
**Storage**: PostgreSQL through Laravel/Sail for tests; no new storage planned
|
|
**Testing**: Pest via `./vendor/bin/sail artisan test --compact`; browser lane via existing `./scripts/platform-test-lane browser`
|
|
**Validation Lanes**: raw full suite, fast-feedback, confidence, heavy-governance, browser, Spec 288 guard lane, Spec 293 cutover lane, Spec 294 ProviderConnections/Verification lane
|
|
**Target Platform**: Laravel Sail local test runtime; Gitea-compatible CI signal
|
|
**Project Type**: Laravel web application under `apps/platform` plus repository-level lane scripts
|
|
**Performance Goals**: Restore trust in existing suite/lane output without adding hidden heavy defaults; document any material lane runtime or budget drift
|
|
**Constraints**: No TenantPanelProvider reactivation, no `/admin/t/...` compatibility routes, no broad runtime refactor, no security/RBAC weakening, no mass skips, no incidental screenshot baseline commits
|
|
**Scale/Scope**: Existing test suite and lane manifests only; no new product surface
|
|
|
|
## UI / Surface Guardrail Plan
|
|
|
|
- **Guardrail scope**: workflow/test-suite guardrail change; no planned operator-facing surface change.
|
|
- **Native vs custom classification summary**: N/A for planned work. Any proven UI runtime fix must preserve existing Filament-native/shared patterns.
|
|
- **Shared-family relevance**: test lanes, browser evidence, action-surface tests, operation links, Filament resource URL generation.
|
|
- **State layers in scope**: test context, session workspace context, Filament panel context, route parameters, screenshot artifacts.
|
|
- **Audience modes in scope**: N/A for planned changes; existing surfaces must preserve operator/customer/support disclosure boundaries.
|
|
- **Decision/diagnostic/raw hierarchy plan**: Use existing surfaces; no new hierarchy.
|
|
- **Raw/support gating plan**: Preserve existing capability/policy gating.
|
|
- **One-primary-action / duplicate-truth control**: Preserve existing action-surface contracts; do not add UI actions to make tests pass.
|
|
- **Handling modes by drift class or surface**: stale-test-expectation and route/panel context drift are repairable in tests; true-runtime-bug is repairable only in the owning local seam; browser/environment/wrong-lane requires documented lane decision.
|
|
- **Repository-signal treatment**: review-mandatory for guard lanes, browser screenshots, skips, obsolete tests, wrong-lane moves, and any RBAC/security drift.
|
|
- **Special surface test profiles**: `standard-native-filament`, `surface-guard`, `monitoring-state-page`, `browser`.
|
|
- **Required tests or manual smoke**: focused Pest reruns for touched files, affected lane reruns, final full suite, browser lane when browser files are touched.
|
|
- **Exception path and spread control**: Any lane move or skip must be listed in `lane-decisions.md`; any screenshot baseline update must be listed in `browser-evidence.md`.
|
|
- **Active feature PR close-out entry**: Guardrail / Smoke Coverage.
|
|
|
|
## Shared Pattern & System Fit
|
|
|
|
- **Cross-cutting feature marker**: yes.
|
|
- **Systems touched**: `apps/platform/tests/Pest.php`, `apps/platform/tests/Support/TestLaneManifest.php`, `scripts/platform-test-lane`, `scripts/platform-test-report`, `scripts/platform-test-artifacts`, `App\Support\OperationRunLinks`, `App\Support\Workspaces\WorkspaceContext`, existing Filament resources/pages/policies/tests.
|
|
- **Shared abstractions reused**: `OperationRunLinks`, `WorkspaceContext::SESSION_KEY`, `setAdminPanelContext()`, Filament `panel: 'admin'` URL generation, TestLaneManifest lane definitions, existing Pest groups.
|
|
- **New abstraction introduced? why?**: none.
|
|
- **Why the existing abstraction was sufficient or insufficient**: Existing helpers encode current product truth. Spec 296 should fix tests that bypass them or narrow owner bugs where the helper/runtime is proven wrong.
|
|
- **Bounded deviation / spread control**: none by default; document any wrong-lane or environment-only decision in spec-local artifacts.
|
|
|
|
## OperationRun UX Impact
|
|
|
|
- **Touches OperationRun start/completion/link UX?**: yes as an assertion surface, not as a new UX behavior.
|
|
- **Central contract reused**: `App\Support\OperationRunLinks`, `OperationRun` policies, Monitoring/Operations pages.
|
|
- **Delegated UX behaviors**: operation index/view URL generation and `Open operation` labels remain in shared helpers.
|
|
- **Surface-owned behavior kept local**: test data setup and focused assertions.
|
|
- **Queued DB-notification policy**: N/A.
|
|
- **Terminal notification path**: N/A.
|
|
- **Exception path**: none.
|
|
|
|
## Provider Boundary & Portability Fit
|
|
|
|
- **Shared provider/platform boundary touched?**: yes as a guardrail and possible test/runtime repair seam.
|
|
- **Provider-owned seams**: ProviderConnections resource behavior, provider operation start gate, verification/health check fixtures, provider credential/capability fixtures.
|
|
- **Platform-core seams**: workspace route parameters, OperationRun links, lane classification, RBAC semantics, managed-environment access, provider-neutral labels at shared boundaries.
|
|
- **Neutral platform terms / contracts preserved**: provider, connection, workspace, managed environment, operation, capability, verification.
|
|
- **Retained provider-specific semantics and why**: Microsoft-specific fixture content may remain inside Microsoft-provider tests only.
|
|
- **Bounded extraction or follow-up path**: document-in-feature for contained provider test rebaselines; follow-up-spec for structural provider-boundary drift.
|
|
|
|
## Constitution Check
|
|
|
|
*GATE: Must pass before Phase 0 baseline. Re-check after final validation.*
|
|
|
|
- Inventory-first: no new inventory or snapshot truth.
|
|
- Read/write separation: no new product writes. Existing destructive/mutating actions touched by tests must keep preview/confirmation/audit/authorization contracts.
|
|
- Graph contract path: no new Graph calls. Provider/verification fixes must not bypass existing contracts.
|
|
- Deterministic capabilities: capability-first tests and registries must remain authoritative; no role-string checks.
|
|
- RBAC-UX: `/admin` and `/system` planes remain separate; non-member workspace/tenant access remains 404; established member missing capability remains 403; UI visibility remains non-security.
|
|
- Workspace isolation: workspace context is explicit in route generation, session setup, operation links, and resource tests.
|
|
- Tenant isolation: managed-environment access remains entitlement-scoped.
|
|
- Run observability: `OperationRun` remains execution truth; operation links use canonical workspace-aware URLs.
|
|
- Test governance: every changed test or lane decision must record purpose, lane, fixture cost, heavy/browser visibility, validation command, and escalation decision.
|
|
- Proportionality: spec-local evidence artifacts are narrow and temporary; no runtime structure is introduced.
|
|
- No premature abstraction: no new factories, registries, presenters, lane framework, or provider abstraction.
|
|
- Persisted truth: no new application persistence.
|
|
- Behavioral state: no new runtime state/status/reason family.
|
|
- Shared pattern first: reuse `OperationRunLinks`, `WorkspaceContext`, TestLaneManifest, and existing Filament test helpers.
|
|
- Provider boundary: do not spread Microsoft-specific language or semantics into platform core.
|
|
- Filament-native UI: any touched Filament page/resource must remain v5-compatible with Livewire v4; no ad-hoc UI redesign.
|
|
- Filament UI Action Surface Contract: destructive actions require `->requiresConfirmation()` and server-side authorization; action-surface tests must not be rebaselined blindly.
|
|
- Deployment/ops: no runtime asset registration is planned. If any Filament asset registration is unexpectedly changed, deploy notes must include `cd apps/platform && php artisan filament:assets`.
|
|
|
|
## Test Governance Check
|
|
|
|
- **Test purpose / classification by changed surface**: Feature for route/RBAC/panel tests; Heavy-Governance for surface/discovery/action breadth; Browser for real browser/screenshot behavior; Unit only for narrow helper guards.
|
|
- **Affected validation lanes**: raw full suite, fast-feedback, confidence, heavy-governance, browser, Spec 288, Spec 293, Spec 294.
|
|
- **Why this lane mix is the narrowest sufficient proof**: The full suite is the target signal; guard lanes prove critical invariants; focused files prove local fixes before broad reruns.
|
|
- **Narrowest proving command(s)**: focused `./vendor/bin/sail artisan test --compact <file>` first, then affected lane, then final full suite and required guard lanes.
|
|
- **Fixture / helper / factory / seed / context cost risks**: workspace/session/provider fixtures may grow if copied carelessly; all expensive setup must stay explicit and local.
|
|
- **Expensive defaults or shared helper growth introduced?**: no planned shared default changes.
|
|
- **Heavy-family additions, promotions, or visibility changes**: none by default. Any move/skip is documented in `lane-decisions.md`.
|
|
- **Surface-class relief / special coverage rule**: standard-native relief for unchanged Filament surfaces; dedicated browser lane for screenshots/layout.
|
|
- **Closing validation and reviewer handoff**: run final commands in `spec.md` and confirm all artifacts agree with command output.
|
|
- **Budget / baseline / trend follow-up**: document any material lane runtime drift; do not relax budgets without evidence.
|
|
- **Review-stop questions**: Did a fix restore legacy routes? Did it weaken RBAC? Did it hide a browser/runtime bug behind a skip? Did it commit screenshots without rationale? Did it add heavy defaults?
|
|
- **Escalation path**: document-in-feature for contained lane/screenshot decisions; follow-up-spec for structural remaining red class; reject-or-split for hidden product scope.
|
|
- **Active feature PR close-out entry**: Guardrail / Smoke Coverage.
|
|
- **Why no dedicated follow-up spec is needed**: The goal is specifically to close the follow-up created by Spec 295. Remaining structural non-green classes must not be hidden; they become explicit follow-up specs only if controlled default CI is used.
|
|
|
|
## Project Structure
|
|
|
|
### Documentation (this feature)
|
|
|
|
```text
|
|
specs/296-full-suite-green-signal-restoration/
|
|
├── spec.md
|
|
├── plan.md
|
|
├── research.md
|
|
├── data-model.md
|
|
├── quickstart.md
|
|
├── tasks.md
|
|
├── failure-inventory.md
|
|
├── fix-log.md
|
|
├── lane-decisions.md
|
|
├── browser-evidence.md
|
|
└── checklists/
|
|
└── requirements.md
|
|
```
|
|
|
|
### Source Code (repository root)
|
|
|
|
Expected touched surfaces during implementation are tests and small owner files only if proven:
|
|
|
|
```text
|
|
apps/platform/tests/
|
|
├── Feature/
|
|
├── Browser/
|
|
├── Unit/
|
|
└── Pest.php
|
|
|
|
apps/platform/app/
|
|
├── Support/
|
|
├── Policies/
|
|
└── Filament/
|
|
|
|
apps/platform/routes/web.php
|
|
scripts/
|
|
├── platform-test-lane
|
|
├── platform-test-report
|
|
└── platform-test-artifacts
|
|
```
|
|
|
|
**Structure Decision**: Use existing Laravel app, existing Pest tests, existing Spec Kit artifacts, and existing lane scripts. No new base directory or application dependency is planned.
|
|
|
|
## Complexity Tracking
|
|
|
|
| Violation | Why Needed | Simpler Alternative Rejected Because |
|
|
|---|---|---|
|
|
| Broad test-suite stabilization scope | Spec 295 proved the remaining full-suite failures span route, panel, RBAC, provider, browser, and heavy lanes | A narrow single-file fix would not restore the full-suite CI signal or classify remaining default-suite exceptions |
|
|
| Additional spec-local evidence artifacts | The user explicitly requires failure inventory, fix log, lane decisions, and browser evidence to prevent hidden skips and screenshot churn | A single `tasks.md` checklist would not preserve root-cause and lane-decision accountability during a long repair loop |
|
|
|
|
## Phase 0: Safety Gate
|
|
|
|
1. Run:
|
|
|
|
```bash
|
|
git branch --show-current
|
|
git status --short
|
|
git diff --stat
|
|
```
|
|
|
|
2. Confirm branch is `296-full-suite-green-signal-restoration`.
|
|
3. Stop if unrelated uncommitted changes exist.
|
|
4. Read:
|
|
|
|
```text
|
|
.specify/memory/constitution.md
|
|
specs/293-post-cutover-suite-stabilization/failure-classification.md
|
|
specs/294-provider-verification-runtime-semantics/failure-classification.md
|
|
specs/295-full-suite-ci-baseline/failure-classification.md
|
|
specs/295-full-suite-ci-baseline/tasks.md
|
|
```
|
|
|
|
## Phase 1: Baseline Snapshot
|
|
|
|
Run:
|
|
|
|
```bash
|
|
cd apps/platform
|
|
./vendor/bin/sail artisan test --compact
|
|
```
|
|
|
|
If raw output is too long or not classifiable, run:
|
|
|
|
```bash
|
|
./scripts/platform-test-lane fast-feedback
|
|
./scripts/platform-test-lane confidence
|
|
./scripts/platform-test-lane heavy-governance
|
|
./scripts/platform-test-lane browser
|
|
```
|
|
|
|
Populate `failure-inventory.md` before any repair.
|
|
|
|
## Phase 2: Guard Lanes First
|
|
|
|
Run and repair red groups before lower-priority work:
|
|
|
|
- Spec 288 guard lane from `spec.md`
|
|
- Spec 293 cutover regression lane from `spec.md`
|
|
- Spec 294 ProviderConnections/Verification lane:
|
|
|
|
```bash
|
|
cd apps/platform
|
|
./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections tests/Feature/Verification
|
|
```
|
|
|
|
## Phase 3: Root-Cause Cluster Order
|
|
|
|
Repair in this order:
|
|
|
|
1. Legacy Cutover Test Debt
|
|
2. Workspace Route / Operation URL Drift
|
|
3. Filament Panel Context / Resource URL Drift
|
|
4. RBAC / Capability / Authorization Drift
|
|
5. Provider Boundary / Provider Operation Restdrift
|
|
6. Browser Lane Failures
|
|
7. Heavy Governance / Summary Count / Relation Manager UI Drift
|
|
|
|
For each cluster: reproduce one focused failure, read owner code, classify, fix minimally, rerun focused file, rerun affected lane, update `failure-inventory.md` and `fix-log.md`.
|
|
|
|
## Phase 4: Lane And Browser Decisions
|
|
|
|
- Keep default suite tests in default unless a test is proven browser/heavy/external-runtime-only.
|
|
- Document moved/skipped/obsolete tests in `lane-decisions.md`.
|
|
- Copy browser evidence to `/tmp/tenantpilot-296-browser-evidence`.
|
|
- Do not commit screenshot baselines unless `browser-evidence.md` explicitly says why the new baseline is correct.
|
|
|
|
## Phase 5: Full Suite Green Loop
|
|
|
|
Run:
|
|
|
|
```bash
|
|
cd apps/platform
|
|
./vendor/bin/sail artisan test --compact
|
|
```
|
|
|
|
If red, add new groups to `failure-inventory.md`, repair the smallest next root cause, and repeat.
|
|
|
|
## Phase 6: Final Validation
|
|
|
|
Required:
|
|
|
|
```bash
|
|
cd apps/platform
|
|
./vendor/bin/sail artisan test --compact
|
|
./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections tests/Feature/Verification
|
|
./vendor/bin/sail bin pint --dirty --format agent
|
|
git diff --check
|
|
```
|
|
|
|
Also run the Spec 288 and Spec 293 command blocks from `spec.md`. Run browser lane if browser files or screenshots changed.
|
|
|
|
## Filament v5 / Livewire v4 Review Contract
|
|
|
|
- Livewire v4.0+ compliance: required; installed version is Livewire 4.1.4.
|
|
- Provider registration location: Laravel 12 panel providers stay in `apps/platform/bootstrap/providers.php`; do not register panel providers in `bootstrap/app.php`.
|
|
- Global search: no planned resource additions. For any touched globally searchable resource, verify it has an Edit or View page, or global search is disabled.
|
|
- Destructive actions: any touched destructive action must still use `->action(...)`, `->requiresConfirmation()`, and server-side authorization.
|
|
- Asset strategy: no asset registration is planned. If registered assets change, deployment must include `cd apps/platform && php artisan filament:assets`; otherwise N/A.
|
|
- Testing plan: Livewire/Filament pages, resources, relation managers, and actions are tested through existing Livewire/Pest patterns, not by mounting static resource classes.
|
|
|
|
## Rollout Considerations
|
|
|
|
- No env vars planned.
|
|
- No migrations planned.
|
|
- No queue/cron changes planned.
|
|
- No storage volume changes planned, except transient browser evidence under `/tmp`.
|
|
- CI/Gitea impact is limited to restored default/full-suite signal and any documented lane classification update.
|
|
|
|
## Stop Conditions
|
|
|
|
- Unrelated dirty worktree before implementation.
|
|
- Guard lane red group that cannot be fixed without changing product scope.
|
|
- A required runtime fix expands beyond a local owner seam.
|
|
- A security/RBAC failure would require weakening authorization to pass.
|
|
- Browser or heavy failures remain but cannot be honestly classified into default/controlled lanes.
|
|
|