ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/305-feature-readiness-gate-audit/spec.md
ahmido f24e72269c docs: add Spec 305 readiness gate audit (#360) 
## Summary
- add the Spec 305 docs-only readiness gate package under `specs/305-feature-readiness-gate-audit/`
- record a repo-based readiness audit after Specs 301-304 across workspace/admin runtime, environment-bound surfaces, legacy route retirement, governance, OperationRun links, evidence/reports, findings, reviews, RBAC, audit, navigation, and test lanes
- document the final recommendation as `GO WITH CONDITIONS`
- explicitly block a fresh greenfield `Decision Register & Approval Workflow v1` restart because repo truth already includes Spec 265 runtime and tests
- capture the required follow-up: reconcile stale product queue docs or start a narrowly scoped follow-up that builds on existing Decision Register truth

## Scope
- docs-only audit artifact plus Spec Kit files
- no application runtime changes
- no migrations
- no UI or route changes
- no test edits

## Key Conditions Recorded
- do not create a duplicate fresh Decision Register v1 spec
- reconcile stale `docs/product/implementation-ledger.md` and `docs/product/spec-candidates.md` before using them as queue truth
- keep future work on canonical workspace/environment admin routes
- split future artifact lifecycle or approval-mutation changes into explicit follow-up specs

## Filament / Runtime Notes
- remains compliant with Filament v5 on Livewire v4
- no provider registration changes; provider registration location remains `apps/platform/bootstrap/providers.php`
- no globally searchable resources were added or changed in this docs-only PR
- no destructive actions were added or changed
- no asset registration changes; existing deploy posture for `cd apps/platform && php artisan filament:assets` is unchanged

## Validation Notes
- the audit artifact records the focused repo validation evidence used for the readiness decision
- no new runtime validation was executed in this turn beyond committing and pushing the docs-only package

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #360
2026-05-15 09:00:38 +00:00

227 lines
19 KiB
Markdown
Raw Permalink Blame History

# Feature Specification: Feature Readiness Gate Audit
**Feature Branch**: `305-feature-readiness-gate-audit`
**Created**: 2026-05-15
**Status**: Ready for docs-only audit
**Input**: User description: "Create the next spec as 305-feature-readiness-gate-audit. Docs-only audit whether TenantPilot after Specs 301-304 is ready to restart the first real productization feature, likely Decision Register & Approval Workflow v1."
## Spec Candidate Check *(mandatory - SPEC-GATE-001)*
- **Problem**: Specs 301-304 changed the admin runtime, workspace/environment surface model, legacy tenant-panel posture, and navigation assumptions. Before starting the next productization feature, the repo needs a grounded readiness gate rather than relying on roadmap intent.
- **Today's failure**: Without this audit, the next feature spec can accidentally duplicate already implemented Decision Register work, depend on stale product docs, or reintroduce assumptions from the retired legacy tenant panel.
- **User-visible improvement**: Productization planning gets a clear GO / GO WITH CONDITIONS / NO-GO signal backed by repo evidence, with blockers and recommended actions called out before feature work starts.
- **Smallest enterprise-capable version**: A docs-only readiness artifact that reviews the 12 requested areas, records evidence paths, marks readiness with the required status set, and explicitly evaluates whether Decision Register & Approval Workflow v1 may start as the next feature spec.
- **Explicit non-goals**: No runtime code changes, migrations, new UI surfaces, tests changes, broad refactors, roadmap rewrite, legacy compatibility restoration, or Decision Register feature specification/implementation.
- **Permanent complexity imported**: One docs artifact (`feature-readiness-audit.md`) plus this spec, plan, tasks, and requirements checklist. No new runtime model, enum, service, status family, route, UI concept, or test family.
- **Why now**: The repo just completed foundation and retirement specs 301-304; the next feature should only start once workspace-first admin runtime, route retirement, governance foundations, evidence, findings, reviews, RBAC, audit, navigation, and test lanes are confirmed feature-ready.
- **Why not local**: A local note would not create an auditable Spec Kit gate, would not force the Decision Register duplication check, and would not preserve the evidence trail for the next feature candidate.
- **Approval class**: Cleanup.
- **Red flags triggered**: Potential duplicate feature work, stale roadmap/spec-candidate truth, and broad cross-surface audit scope. These are handled by keeping the output docs-only, bounded to repo evidence, and explicitly forbidding runtime changes.
- **Score**: Nutzen: 2 | Dringlichkeit: 2 | Scope: 2 | Komplexitaet: 2 | Produktnaehe: 2 | Wiederverwendung: 2 | **Gesamt: 12/12**
- **Decision**: approve.
## Spec Scope Fields *(mandatory)*
- **Scope**: canonical-view.
- **Primary Routes**: No route changes. Audit evidence includes `/admin`, `/admin/workspaces/{workspace}`, `/admin/workspaces/{workspace}/environments/{environment}`, OperationRun detail links, governance pages, evidence/report/review resources, and retired legacy route families.
- **Data Ownership**: No data changes. Audit references existing workspace-owned and tenant/environment-owned records only.
- **RBAC**: No RBAC change. Audit verifies repo evidence for workspace membership, capabilities, 404/403 behavior, and audit/event foundations.
For canonical-view specs:
- **Default filter behavior when tenant-context is active**: N/A - no runtime query or page behavior changes.
- **Explicit entitlement checks preventing cross-tenant leakage**: N/A - audit-only. Existing tests and resource traits are reviewed as evidence.
## Cross-Cutting / Shared Pattern Reuse *(mandatory when the feature touches notifications, status messaging, action links, header actions, dashboard signals/cards, alerts, navigation entry points, evidence/report viewers, or any other existing shared operator interaction family; otherwise write `N/A - no shared interaction family touched`)*
- **Cross-cutting feature?**: yes, audit-only.
- **Interaction class(es)**: navigation, routing, global search, OperationRun links, governance inbox, findings, evidence/report viewers, review packs, RBAC, audit/event foundations, and test lanes.
- **Systems touched**: Documentation only under `specs/305-feature-readiness-gate-audit/`.
- **Existing pattern(s) to extend**: Spec Kit spec/plan/tasks/checklist workflow and repo-local feature audit artifacts.
- **Shared contract / presenter / builder / renderer to reuse**: No runtime shared contract is changed. Audit evidence may cite `WorkspaceScopedTenantRoutes`, `ScopesGlobalSearchToTenant`, `OperationRunLinks`, governance builders, policies, capabilities, and audit log support.
- **Why the existing shared path is sufficient or insufficient**: Existing runtime paths are sufficient for evidence gathering; this spec only records readiness.
- **Allowed deviation and why**: none.
- **Consistency impact**: The audit must use the exact readiness status vocabulary: `ready`, `ready with caveat`, `blocker`, `not applicable`.
- **Review focus**: Confirm that the audit stays repo-based and does not begin Decision Register feature design.
## OperationRun UX Impact *(mandatory when the feature creates, queues, deduplicates, resumes, blocks, completes, or deep-links to an `OperationRun`; otherwise write `N/A - no OperationRun start or link semantics touched`)*
- **Touches OperationRun start/completion/link UX?**: no.
- **Shared OperationRun UX contract/layer reused**: N/A.
- **Delegated start/completion UX behaviors**: N/A.
- **Local surface-owned behavior that remains**: none.
- **Queued DB-notification policy**: N/A.
- **Terminal notification path**: N/A.
- **Exception required?**: none.
## Provider Boundary / Platform Core Check *(mandatory when the feature changes shared provider/platform seams, identity scope, governed-subject taxonomy, compare strategy selection, provider connection descriptors, or operator vocabulary that may leak provider-specific semantics into platform-core truth; otherwise write `N/A - no shared provider/platform boundary touched`)*
- **Shared provider/platform boundary touched?**: no.
- **Boundary classification**: N/A.
- **Seams affected**: none.
- **Neutral platform terms preserved or introduced**: N/A.
- **Provider-specific semantics retained and why**: none.
- **Why this does not deepen provider coupling accidentally**: The work is documentation-only and audits existing repo truth.
- **Follow-up path**: none.
## UI / Surface Guardrail Impact *(mandatory when operator-facing surfaces are changed; otherwise write `N/A`)*
| Surface / Change | Operator-facing surface change? | Native vs Custom | Shared-Family Relevance | State Layers Touched | Exception Needed? | Low-Impact / `N/A` Note |
|---|---|---|---|---|---|---|
| Feature readiness audit artifact | no | N/A | navigation, governance, evidence, reviews, RBAC, audit evidence only | none | no | `N/A - repository workflow only` |
## Decision-First Surface Role *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing surface change.
## Audience-Aware Disclosure *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing surface change.
## UI/UX Surface Classification *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing surface change.
## Operator Surface Contract *(mandatory when operator-facing surfaces are changed)*
N/A - no operator-facing surface change.
## Proportionality Review *(mandatory when structural complexity is introduced)*
- **New source of truth?**: no runtime source of truth. The audit artifact is a Spec Kit decision record for the next-spec gate.
- **New persisted entity/table/artifact?**: yes, documentation artifact only: `feature-readiness-audit.md`.
- **New abstraction?**: no.
- **New enum/state/reason family?**: no.
- **New cross-domain UI framework/taxonomy?**: no.
- **Current operator problem**: The productization queue needs a repo-backed readiness decision before the next feature spec starts.
- **Existing structure is insufficient because**: Roadmap and spec-candidate documents can drift from implemented repo truth; a gate artifact makes the current decision auditable.
- **Narrowest correct implementation**: One audit artifact plus normal Spec Kit prep files.
- **Ownership cost**: Reviewers must read the audit during the next-feature gate. No runtime maintenance cost.
- **Alternative intentionally rejected**: Starting the Decision Register spec immediately was rejected because repo evidence shows existing Decision Register implementation and tests that must be reconciled first.
- **Release truth**: Current-release preparation.
### Compatibility posture
This feature assumes a pre-production environment.
Backward compatibility, legacy aliases, migration shims, historical fixtures, and compatibility-specific tests are out of scope unless explicitly required by this spec.
Canonical replacement is preferred over preservation.
## Testing / Lane / Runtime Impact *(mandatory for runtime behavior changes)*
- **Test purpose / classification**: Feature, Unit, and Browser-lane evidence review only. No new tests.
- **Validation lane(s)**: confidence and browser-existing evidence, using focused commands where practical.
- **Why this classification and these lanes are sufficient**: The change is documentation-only; existing focused tests are used to validate that the foundation surfaces remain green.
- **New or expanded test families**: none.
- **Fixture / helper cost impact**: none.
- **Heavy-family visibility / justification**: No heavy family is added. Existing browser smoke tests may be cited, but docs-only work does not require adding or changing browser tests.
- **Special surface test profile**: global-context-shell, standard-native-filament, shared-detail-family, monitoring-state-page evidence only.
- **Standard-native relief or required special coverage**: ordinary focused repo validation only.
- **Reviewer handoff**: Review `feature-readiness-audit.md`, confirm no application/test changes, and rerun the listed focused commands if needed.
- **Budget / baseline / trend impact**: none.
- **Escalation needed**: none.
- **Active feature PR close-out entry**: Guardrail.
- **Planned validation commands**:
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Guards/NoLegacyTenantPanelRuntimeTest.php tests/Feature/Guards/NoActiveTenantResourceRoutesTest.php tests/Feature/Workspaces/WorkspaceIntendedUrlLegacyRejectionTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/PanelNavigationSegregationTest.php tests/Feature/Filament/AdminTenantSurfaceParityTest.php tests/Feature/Filament/AdminSharedSurfacePanelParityTest.php tests/Feature/Filament/TenantOwnedResourceScopeParityTest.php tests/Feature/Filament/InventoryCoverageAdminTenantParityTest.php tests/Feature/Filament/EntraGroupAdminScopeTest.php tests/Feature/Filament/EntraGroupGlobalSearchScopeTest.php tests/Feature/Filament/PolicyResourceAdminSearchParityTest.php tests/Feature/Filament/PolicyVersionAdminSearchParityTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Unit/Support/GovernanceDecisions/GovernanceDecisionRegisterBuilderTest.php tests/Unit/Support/GovernanceInbox/GovernanceInboxSectionBuilderTest.php tests/Feature/Governance/DecisionRegisterPageTest.php tests/Feature/Governance/DecisionRegisterAuthorizationTest.php tests/Feature/Governance/GovernanceInboxPageTest.php tests/Feature/Governance/GovernanceInboxAuthorizationTest.php tests/Feature/Findings/FindingExceptionDecisionRegisterNavigationTest.php tests/Feature/Findings/FindingExceptionDetailDecisionSummaryTest.php tests/Feature/Findings/FindingExceptionDecisionRegisterBoundariesTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Evidence/EvidenceSnapshotResourceTest.php tests/Feature/Evidence/EvidenceSnapshotAuditLogTest.php tests/Feature/EnvironmentReview/EnvironmentReviewAuditLogTest.php tests/Feature/EnvironmentReview/EnvironmentReviewRegisterTest.php tests/Feature/EnvironmentReview/EnvironmentReviewRegisterRbacTest.php tests/Feature/Reviews/CustomerReviewWorkspacePageTest.php tests/Feature/Reviews/CustomerReviewWorkspaceAuthorizationTest.php tests/Feature/Reviews/CustomerReviewWorkspacePackAccessTest.php tests/Feature/Reviews/CustomerReviewWorkspaceLaunchLinksTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Monitoring/OperationsDashboardDrillthroughTest.php tests/Feature/Operations/LegacyRunRoutesNotFoundTest.php tests/Feature/ProviderConnections/LegacyRedirectTest.php tests/Feature/RequiredPermissions/RequiredPermissionsLegacyRouteTest.php tests/Feature/Guards/ManagedEnvironmentCanonicalRouteContractTest.php tests/Feature/Filament/PolicyVersionResolvedReferenceLinksTest.php`
- `git diff --check`
## User Scenarios & Testing *(mandatory)*
### User Story 1 - Readiness Matrix (Priority: P1)
As a productization reviewer, I need a repo-based readiness matrix after Specs 301-304 so I can decide whether the next feature spec can start.
**Why this priority**: The matrix is the core artifact that converts repo evidence into the requested GO / GO WITH CONDITIONS / NO-GO recommendation.
**Independent Test**: Review `feature-readiness-audit.md` and confirm every requested audit area appears with one of the required status values, repo evidence, caveat/blocker notes, and recommended actions.
**Acceptance Scenarios**:
1. **Given** Specs 301-304 are completed context, **When** the audit is read, **Then** each requested readiness area is classified as `ready`, `ready with caveat`, `blocker`, or `not applicable`.
2. **Given** a readiness area is blocked, **When** the audit is read, **Then** the blocker includes a recommended action.
---
### User Story 2 - Next Feature Gate Recommendation (Priority: P1)
As the next-spec owner, I need an explicit recommendation about Decision Register & Approval Workflow v1 so I do not start duplicate or unsafe productization work.
**Why this priority**: The user explicitly asked whether Decision Register & Approval Workflow v1 may be the next feature spec.
**Independent Test**: Review the Decision Register evaluation section and confirm it states whether the next feature may start and under which conditions.
**Acceptance Scenarios**:
1. **Given** repo evidence for existing Decision Register work is present, **When** the audit is completed, **Then** the recommendation distinguishes fresh duplicate feature work from a legitimate follow-up or close-out path.
2. **Given** roadmap/spec-candidate documents drift from repo truth, **When** the audit is completed, **Then** the drift is recorded as a condition rather than silently accepted as current truth.
---
### User Story 3 - Validation Evidence (Priority: P2)
As a reviewer, I need the audit to record focused validation commands and outcomes so the recommendation is grounded in current test evidence.
**Why this priority**: The audit is docs-only, but the readiness claim should still be backed by focused Filament/navigation, governance, findings, evidence, review, OperationRun, and route-retirement checks where practical.
**Independent Test**: Run or inspect the validation section and confirm `git diff --check` is included and no tests were added or changed.
**Acceptance Scenarios**:
1. **Given** focused validation commands can run locally, **When** the audit closes, **Then** their results are documented.
2. **Given** a validation command cannot run, **When** the audit closes, **Then** the reason and residual risk are documented.
### Edge Cases
- Existing product docs can describe a candidate as unimplemented while repo code and tests show implementation exists.
- Legacy routes can be absent from route lists while stale copy still references retired tenant-panel semantics.
- A docs-only gate can discover caveats that are not runtime blockers but should become conditions for the next feature spec.
- Focused tests can fail for pre-existing reasons; this audit must document the failure and avoid editing application code or tests.
## Requirements *(mandatory)*
### Functional Requirements
- **FR-001**: The spec MUST produce `specs/305-feature-readiness-gate-audit/feature-readiness-audit.md`.
- **FR-002**: The audit artifact MUST include a repo-based matrix covering all 12 requested readiness areas.
- **FR-003**: The matrix MUST use only the status values `ready`, `ready with caveat`, `blocker`, and `not applicable`.
- **FR-004**: Each blocker MUST include a recommended action.
- **FR-005**: The audit MUST explicitly evaluate whether Decision Register & Approval Workflow v1 may start as the next feature spec.
- **FR-006**: The audit MUST document a final recommendation of `GO`, `GO WITH CONDITIONS`, or `NO-GO`.
- **FR-007**: The work MUST NOT modify application runtime code, database migrations, tests, UI surfaces, or route behavior.
- **FR-008**: The work MUST NOT specify or implement the Decision Register feature.
- **FR-009**: The work MUST document focused validation commands and outcomes where practical, including `git diff --check`.
- **FR-010**: The audit MUST preserve Specs 301-304 as completed context and avoid reopening their implementation scopes.
### Key Entities *(include if feature involves data)*
- **Feature Readiness Audit**: A documentation-only artifact that records readiness status, repo evidence, caveats/blockers, recommended actions, validation outcomes, and the next-feature recommendation.
## Success Criteria *(mandatory)*
### Measurable Outcomes
- **SC-001**: `feature-readiness-audit.md` exists and includes all 12 requested readiness areas.
- **SC-002**: Every matrix row has a status from the required vocabulary, evidence, caveat/blocker note, and recommended action.
- **SC-003**: The audit states `GO`, `GO WITH CONDITIONS`, or `NO-GO` and explains the Decision Register next-feature decision.
- **SC-004**: `git diff --check` passes.
- **SC-005**: `git status --short` shows only `specs/305-feature-readiness-gate-audit/` changes.
## Assumptions
- Specs 301-304 are completed context and should not be edited by this feature.
- Existing code and tests are allowed as evidence, but this feature does not change them.
- If the repo already contains Decision Register implementation, the audit should treat that as repo truth even if roadmap or candidate docs are stale.
## Out of Scope
- Application code, migrations, factories, seeders, routes, policies, resources, pages, jobs, events, or services.
- Test creation, test edits, browser spec additions, or fixture changes.
- Decision Register & Approval Workflow v1 specification or implementation.
- Roadmap rewrite or broad product strategy changes.
- Reintroducing legacy tenant panel routes, compatibility aliases, or compatibility tests.
Reference in New Issue View Git Blame Copy Permalink