ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/355-platform-sellable-smoke-matrix/tasks.md
ahmido f35782a163 feat: platform sellable smoke matrix (spec 355) (#426) 
Added artifacts, screenshots, and documentation for the platform sellable smoke matrix. Fixed a bug in FindingRiskGovernanceResolver and updated related tests.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #426
2026-06-05 10:42:31 +00:00

162 lines
12 KiB
Markdown
Raw Permalink Blame History

# Tasks: Spec 355 - Platform Sellable Smoke Matrix
**Input**: `specs/355-platform-sellable-smoke-matrix/spec.md`, `plan.md`, `repo-truth-map.md`, `artifacts/platform-sellable-smoke-matrix.md`, `artifacts/platform-sellable-readiness-report.md`, and `checklists/requirements.md`
**Tests**: Browser verification is required. Targeted Pest unit/feature/browser coverage is required only if a direct in-scope P0/P1 fix is applied.
## Test Governance Checklist
- [x] Lane assignment is explicit and narrow: browser-first for the matrix, targeted unit/feature/browser only when a direct fix lands.
- [x] New or changed tests stay in the smallest honest family, and any browser addition beyond artifact capture is explicit.
- [x] Shared helpers, factories, seeds, and context defaults stay cheap by default.
- [x] Planned validation commands cover the slice without pulling unrelated lane cost.
- [x] The affected surfaces remain the current strategic/operator owner surfaces, not a new runtime family.
- [x] No new persisted product truth, workflow engine, or provider/platform abstraction is planned.
## Phase 1: Preparation And Repo Truth
**Purpose**: Keep the verification gate bounded to current repo truth and surface any dependency blockers before browser work starts.
- [x] T001 Re-read `spec.md`, `plan.md`, `tasks.md`, `repo-truth-map.md`, and `checklists/requirements.md`.
- [x] T002 Re-run `git status --short --branch`, `git diff --stat`, and `git log -1 --oneline`, then update `specs/355-platform-sellable-smoke-matrix/repo-truth-map.md`.
- [x] T003 Re-verify the current runtime truth in:
- `apps/platform/app/Filament/Pages/EnvironmentDashboard.php`
- `apps/platform/app/Filament/Resources/ProviderConnectionResource.php`
- `apps/platform/app/Filament/Pages/EnvironmentRequiredPermissions.php`
- `apps/platform/app/Filament/Pages/Reviews/CustomerReviewWorkspace.php`
- `apps/platform/app/Filament/Resources/EnvironmentReviewResource/Pages/ViewEnvironmentReview.php`
- `apps/platform/app/Filament/Pages/Monitoring/FindingExceptionsQueue.php`
- `apps/platform/app/Filament/Resources/FindingExceptionResource/Pages/ViewFindingException.php`
- `apps/platform/app/Filament/Pages/Governance/GovernanceInbox.php`
- `apps/platform/app/Filament/Pages/Monitoring/EvidenceOverview.php`
- `apps/platform/app/Filament/Resources/EvidenceSnapshotResource/Pages/ViewEvidenceSnapshot.php`
- `apps/platform/app/Filament/Resources/OperationRunResource.php`
- [x] T004 Re-verify Specs 351-354 as dependency truth, using commits, checked tasks, browser smoke assets, screenshots, and recorded findings rather than trusting one metadata field alone.
- [x] T005 If Spec 354 still has any of the named dependency concerns open (`accepted-risk state priority`, `approval queue scope continuity`, `dominant guidance localization`, or `fake/inert recommended action semantics`), record the blocker explicitly in `repo-truth-map.md` and do not issue a final sellable-readiness verdict.
- [x] T006 Confirm no migration, package, env var, queue family, scheduler, storage, panel/provider, asset-registration, or global-search change is required for the baseline verification path.
## Phase 2: Fixture Inventory
**Purpose**: Determine which required states can be exercised honestly before the browser matrix is run.
- [x] T007 Inventory existing local/testing/browser helpers:
- `admin.local.smoke-login`
- `tenantpilot:review-output:seed-browser-fixture`
- existing browser smoke tests for Specs 346, 351, 352, 353, and 354
- [x] T008 Record available or missing fixture truth for:
- provider blocker
- review-output blocker
- ready draft / publish path
- accepted risk expiring
- accepted risk expired
- accepted risk incomplete
- pending renewal non-lapsed and lapsed if repo-backed
- governance inbox item
- evidence missing or stale
- operation follow-up / proof
- no urgent action
- [x] T009 Update `specs/355-platform-sellable-smoke-matrix/artifacts/blocked-fixtures.md` for any state that cannot be exercised honestly with current repo fixtures.
- [x] T010 Keep `repo-truth-map.md` current if runtime inspection proves the smoke matrix must narrow or explicitly block one or more flows.
## Phase 3: Browser Smoke Matrix
**Purpose**: Run the required cross-surface flows and capture first-screen proof.
- [x] T011 Run Flow 1: Environment Dashboard -> provider blocker, and verify provider readiness outranks review-output guidance when both signals exist.
- [x] T012 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/01-dashboard-provider-blocker.png`.
- [x] T013 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/02-provider-required-permissions-target.png`.
- [x] T014 Run Flow 2: Environment Dashboard -> review-output blocker, and verify the primary action lands on the review-output owner surface expected by Spec 351.
- [x] T015 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/03-dashboard-review-output-blocker.png`.
- [x] T016 Run Flow 3: Customer Review Workspace -> review-output resolve loop, and verify no fake action or duplicate primary rail appears during the loop.
- [x] T017 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/04-customer-review-workspace-resolve-action.png`.
- [x] T018 Run Flow 4: Environment Review detail in `customer_workspace` context, and verify output readiness remains clear without reintroducing a duplicate CTA rail.
- [x] T019 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/05-review-detail-customer-workspace-context.png`.
- [x] T020 Run Flow 5: Provider Connections / Required Permissions, and verify missing permissions or verification blockers are explained before raw diagnostic detail.
- [x] T021 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/06-provider-guidance.png`.
- [x] T022 Run Flow 6: Finding Exceptions / accepted-risk states, and verify expired/expiring governance outranks weaker pending-renewal or informational states where fixture truth exists.
- [x] T023 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/07-accepted-risk-expiring.png`.
- [x] T024 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/08-accepted-risk-expired.png`.
- [x] T025 Run Flow 7: Governance Inbox, and verify it stays the queue-clearing command surface instead of becoming a second dashboard summary.
- [x] T026 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/09-governance-inbox.png`.
- [x] T027 Run Flow 8: Evidence Overview / evidence basis, and verify missing or stale evidence is understandable without defaulting to raw-report presentation.
- [x] T028 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/10-evidence-overview.png`.
- [x] T029 Run Flow 9: operation proof, and verify the linked run belongs to the expected environment/source context and does not overclaim governance health.
- [x] T030 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/11-operation-proof.png`.
- [x] T031 Run Flow 10: no urgent action state, and verify the calm state does not read as empty, broken, or warning-heavy.
- [x] T032 Save `specs/355-platform-sellable-smoke-matrix/artifacts/screenshots/12-no-urgent-action.png`.
- [x] T033 Record console errors, network/server errors, final URL/scope state, and customer-safe boundary observations for every flow in `artifacts/platform-sellable-smoke-matrix.md`.
## Phase 4: Classification And Readiness Report
**Purpose**: Turn browser observations into a conservative sellable-readiness result.
- [x] T034 Fill `specs/355-platform-sellable-smoke-matrix/artifacts/platform-sellable-smoke-matrix.md` with expected primary action, actual primary action, scope result, customer-safe result, errors, screenshot path, and classification for every required flow.
- [x] T035 Mark missing states/screenshots as `BLOCKED` instead of `PASS`.
- [x] T036 Write `specs/355-platform-sellable-smoke-matrix/artifacts/platform-sellable-readiness-report.md` with:
- Executive Summary
- pass/fail/blocked counts
- P0/P1/P2/P3 findings
- demo readiness
- sellable foundation readiness
- customer-safe boundary assessment
- operator workflow assessment
- recommended close/fix/defer decision
- [x] T037 Keep the readiness report conservative when dependency verification or fixture coverage is incomplete.
## Phase 5: Minimal P0/P1 Fixes Only
**Purpose**: Allow only direct in-scope runtime correction when the smoke matrix proves a blocking issue.
- [x] T038 If a verified P0/P1 issue is directly in scope, add the narrowest failing targeted test before editing runtime code.
- [x] T039 Apply only the minimal owner-surface fix required to address the verified P0/P1 issue. Do not add a new product surface, persistence, taxonomy, or framework.
- [x] T040 Re-run the affected browser flow after the fix and update the screenshot, matrix row, and readiness report.
- [x] T041 If a verified issue is out of scope or fixture-blocked, document it in the readiness report as a deferred blocker and do not broaden Spec 355.
Execution note:
The only runtime patch in this slice closed a Spec 354 dependency-gate defect in dominant accepted-risk guidance localization. It stayed in scope because Spec 355 explicitly required that gate to be clear before close-out, and the fix was bounded to an existing warning-message resolver plus targeted regression coverage.
## Phase 6: Regression And Final Validation
**Purpose**: Prove any direct fix stayed bounded and did not regress the adjacent guidance slices.
- [ ] T042 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=Spec351`.
- [ ] T043 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=Spec352`.
- [ ] T044 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=Spec353`.
- [ ] T045 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=Spec354`.
- [ ] T046 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=CustomerReviewWorkspace`.
- [ ] T047 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=EnvironmentDashboard`.
- [ ] T048 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=ProviderConnection`.
- [x] T049 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=FindingException`.
- [x] T050 Run `cd apps/platform && ./vendor/bin/sail artisan test --compact --filter=ResolutionGuidance`.
- [x] T051 Run any new direct-fix test file added in Phase 5.
- [x] T052 Run `cd apps/platform && ./vendor/bin/sail pint --dirty` if runtime files changed.
- [x] T053 Run `git diff --check`.
- [x] T054 Record explicitly whether the full suite was or was not run.
Execution note:
Broad family filters (`Spec351`-`Spec354`) were attempted via direct `pest` equivalents, but the current Sail container repeatedly killed those wide runs with exit `137`. Narrower affected Spec 354 regressions were run instead and are recorded in the readiness report.
## Non-Goals Checklist
- [x] NT001 Do not add Customer Portal, PDF/HTML renderer, AI guidance, PSA/ITSM handoff, or a new workflow engine.
- [x] NT002 Do not redesign Environment Dashboard, Governance Inbox, Evidence Overview, Customer Review Workspace, or Operations as part of this spec.
- [x] NT003 Do not add new provider execution logic, provider framework, or Graph render calls.
- [x] NT004 Do not add a new persisted sellable-readiness, smoke-result, or fixture-truth entity.
- [x] NT005 Do not treat blocked fixture states as pass or infer customer-safe readiness without browser evidence.
- [x] NT006 Do not reopen or normalize historical spec packages 351-354 during this slice.
## Required Final Report Content
When implementation later completes, report:
- branch
- files changed
- flows tested
- screenshot count
- pass/fail/blocked summary
- P0/P1/P2/P3 findings
- readiness decision
- tests run
- whether full suite was run
- deferred follow-up specs
Reference in New Issue View Git Blame Copy Permalink