ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
platform-dev
TenantAtlas/specs/367-operationrun-actionability-system/tasks.md
ahmido 564da05096 feat: implement operation run actionability system (#439) 
This PR introduces the Operation Run Actionability System.

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #439
2026-06-08 13:34:25 +00:00

126 lines
14 KiB
Markdown
Raw Permalink Blame History

# Tasks: OperationRun Actionability System v1
**Input**: `specs/367-operationrun-actionability-system/spec.md`, `specs/367-operationrun-actionability-system/plan.md`
**Prerequisites**: Specs 358-365 are context only; do not rewrite completed close-out history.
**Tests**: Required. Use Pest 4 Unit, Feature, Guard/Architecture, and one bounded Browser smoke only if rendered UI changes.
**No implementation in prep**: This task list is for the later implementation loop.
## Test Governance Checklist
- [x] Lane assignment is named and is the narrowest sufficient proof for the changed behavior.
- [x] New or changed tests stay in the smallest honest family, and any browser addition is explicit.
- [x] Shared helpers, factories, seeds, fixtures, and context defaults stay cheap by default; any widening is isolated or documented.
- [x] Planned validation commands cover the change without pulling in unrelated lane cost.
- [x] The declared surface test profiles are `monitoring-state-page`, `dashboard-signal`, and `shared-detail-family`.
- [x] Any material budget, baseline, trend, or escalation note is recorded in the active spec close-out.
## Phase 1: Setup and Repo Truth Inventory
**Purpose**: Confirm exact operation-type inventory, current consumers, and current-state proof seams before implementation.
- [x] T001 Confirm current branch is `367-operationrun-actionability-system` and working tree intent with `git status --short --branch`.
- [x] T002 Read `specs/367-operationrun-actionability-system/spec.md`, `plan.md`, `tasks.md`, and `checklists/requirements.md`.
- [x] T003 Read Specs 358-365 as context only; do not modify those packages.
- [x] T004 Inspect `apps/platform/app/Models/OperationRun.php` for `terminalFollowUp()`, `dashboardNeedsFollowUp()`, `problemClass()`, `requiresOperatorReview()`, and `requiresDashboardFollowUp()`.
- [x] T005 Inspect `apps/platform/app/Support/OperationCatalog.php`, `apps/platform/app/Support/OperationRunType.php`, and `apps/platform/app/Support/OperationTypeAlias.php` for canonical and legacy operation-type values.
- [x] T006 Inspect `apps/platform/app/Services/Providers/ProviderOperationRegistry.php` and provider start-gate code for provider operation types.
- [x] T007 Inspect `apps/platform/app/Support/Operations/Reconciliation/OperationRunReconciliationRegistry.php` and all reconciliation adapters for supported operation families.
- [x] T008 Search `apps/platform/app`, `apps/platform/database`, and `apps/platform/tests` for operation type strings; record every `OperationCatalog::canonicalInventory()` entry, discovered alias, policy group, and missing policy candidate in `specs/367-operationrun-actionability-system/repo-truth-map.md`.
- [x] T009 Search for current consumers of `terminalFollowUp`, `dashboardNeedsFollowUp`, `problemClass`, `requiresOperatorReview`, and `requiresDashboardFollowUp`; record all consumers in `repo-truth-map.md`, including Operations workbench stats, Governance Inbox, environment dashboard summary, workspace overview, `OperationUxPresenter`, and shell active-run paths.
- [x] T010 Inspect `apps/platform/app/Models/ProviderConnection.php` and related provider health services to identify safe current-state proof fields for `consent_status=granted` and `verification_status=healthy`.
- [x] T011 Confirm no migration, env var, package, queue, scheduler, storage, Filament asset, panel-provider, or global-search change is required; update spec/plan before coding if false.
## Phase 2: Failing Tests First
**Purpose**: Prove the behavior before changing runtime code.
- [x] T012 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367OperationRunActionabilityResultTest.php` for status/actionable boolean/result metadata semantics.
- [x] T013 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367ProviderConnectionActionabilityPolicyTest.php` for later same-scope success, healthy current state, unresolved blocker, and cross-scope non-resolution.
- [x] T014 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367RepeatableOperationActionabilityPolicyTest.php` for inventory, policy, directory groups, role definitions, compliance, and permission posture alias families.
- [x] T015 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367BaselineArtifactActionabilityPolicyTest.php` for baseline capture/compare and evidence/review/review-pack artifact proof.
- [x] T016 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367HighRiskActionabilityPolicyTest.php` for restore, promotion, purge, and destructive-like default manual-review behavior.
- [x] T017 [P] Add `apps/platform/tests/Unit/Support/Operations/Spec367ActionabilityRegistryCoverageTest.php` proving all known canonical `OperationCatalog` types and discovered aliases are explicitly covered or explicitly classified.
- [x] T018 [P] Add or extend guard coverage under `apps/platform/tests/Feature/Guards/` proving dashboard/current-follow-up UI consumers do not directly use raw `terminalFollowUp()`, `dashboardNeedsFollowUp()`, or `problemClass()` as current actionability truth after migration.
- [x] T019 Add `apps/platform/tests/Feature/Monitoring/Spec367DashboardOperationActionabilityTest.php` proving the Provider Connection CTA loop is gone in `NeedsAttention`.
- [x] T020 Add `apps/platform/tests/Feature/Filament/Spec367BaselineCompareNowActionabilityTest.php` proving `BaselineCompareNow` uses actionability counts for Operations calmness.
- [x] T021 Add `apps/platform/tests/Feature/Monitoring/Spec367OperationsActionabilityFilterTest.php` proving current-follow-up filters include actionable/manual-review rows and exclude superseded/resolved rows while history remains visible.
- [x] T022 Add `apps/platform/tests/Feature/Operations/Spec367OperationRunActionEligibilityAlignmentTest.php` proving `OperationRunActionEligibility` does not produce primary CTAs that contradict non-actionable actionability results.
- [x] T023 Add cross-workspace and cross-environment denial tests proving later success/current state in another scope cannot resolve a run.
- [x] T024 Add a fail-hard Graph client binding to at least one render/evaluation feature test to prove actionability is DB-only.
- [x] T025 If rendered UI changes materially, add `apps/platform/tests/Browser/Spec367OperationRunActionabilitySmokeTest.php` for the Provider Connection loop and Operations history visibility.
## Phase 3: Core Actionability Contract
**Purpose**: Add the derived actionability layer without persistence.
- [x] T026 Create an actionability status enum/value object, likely `apps/platform/app/Support/Operations/Actionability/OperationRunActionabilityStatus.php`.
- [x] T027 Create an actionability result value object, likely `apps/platform/app/Support/Operations/Actionability/OperationRunActionabilityResult.php`.
- [x] T028 Create an actionability policy interface or equivalent callable contract under `apps/platform/app/Support/Operations/Actionability/`.
- [x] T029 Create `OperationRunActionabilityResolver` with `evaluate(OperationRun $run)`, `evaluateMany(Collection $runs)`, and actionable/current-follow-up helpers.
- [x] T030 Create an actionability registry that maps canonical operation families to policies and exposes covered canonical types.
- [x] T031 Reuse `OperationCatalog::canonicalCode()` and `OperationCatalog::rawValuesForCanonical()` for aliases instead of creating another operation-type source.
- [x] T032 Add batch preloading/grouped lookup support so dashboard, Operations list, governance inbox, environment dashboard, and workspace overview consumers do not run per-row domain queries.
- [x] T033 Keep evaluation read-only; do not mutate `operation_runs.context`, status, outcome, related records, or audit logs.
## Phase 4: Policy Implementations
**Purpose**: Implement the minimum explicit policies needed by v1.
- [x] T034 Implement provider connection check actionability for `provider.connection.check`.
- [x] T035 In provider policy, mark old blockers `superseded_by_later_success` when later same-workspace/same-environment/same-provider-connection success exists.
- [x] T036 In provider policy, mark old blockers `resolved_by_current_state` only when current ProviderConnection proof is same-scope and reliably healthy.
- [x] T037 Implement repeatable sync actionability for inventory, policy, directory groups, role definitions, compliance, and permission posture alias families.
- [x] T038 Implement baseline capture/compare actionability using later same-scope success or current baseline artifact proof only when repo truth supports it.
- [x] T039 Implement evidence/review/review-pack artifact actionability using existing EvidenceSnapshot, EnvironmentReview, ReviewPack, and reconciliation proof where available.
- [x] T040 Implement backup operation actionability for `backup_set.update`, `backup.schedule.execute`, `backup.schedule.retention`, and `backup.schedule.purge`.
- [x] T041 Implement restore/promotion/destructive-like actionability as default `requires_manual_review` for terminal problem outcomes.
- [x] T042 Classify alert/notification/delivery/informational operation types and every remaining canonical `OperationCatalog` type discovered in Phase 1 explicitly as actionable, manual-review, superseded-capable, resolved-by-current-state-capable, or informational; do not leave silent defaults.
- [x] T043 For incomplete correlation proof, return actionable or manual-review rather than superseded/resolved.
## Phase 5: Consumer Migration
**Purpose**: Move current-follow-up UI from historical terminal truth to actionability.
- [x] T044 Update `OperationRun::dashboardNeedsFollowUp()` or add a replacement scope/helper so current dashboard follow-up uses actionability-backed query/evaluation semantics.
- [x] T045 Update `OperationRun::problemClass()` and related constants only if needed; preserve history and compatibility until consumers are migrated.
- [x] T046 Update `apps/platform/app/Filament/Widgets/Dashboard/NeedsAttention.php` to count current actionable/manual-review terminal runs through the resolver.
- [x] T047 Update `apps/platform/app/Filament/Widgets/Dashboard/BaselineCompareNow.php` to use actionability-backed Operations follow-up counts and links.
- [x] T048 Update `apps/platform/app/Support/OperationRunLinks.php` so current-follow-up links use actionability/problem filters that cannot target resolved/superseded historical rows as current work.
- [x] T049 Update `apps/platform/app/Filament/Pages/Monitoring/Operations.php` filters/prefilters/workbench state and `apps/platform/app/Filament/Widgets/Operations/OperationsWorkbenchStats.php` to support current actionability while keeping historical rows reachable.
- [x] T050 Update `apps/platform/app/Filament/Resources/OperationRunResource.php`, `apps/platform/app/Filament/Pages/Operations/TenantlessOperationRunViewer.php`, and `apps/platform/app/Support/OpsUx/OperationUxPresenter.php` so list/detail/decision copy shows actionability truth separately from historical status where current follow-up is displayed.
- [x] T051 Update `apps/platform/app/Support/GovernanceInbox/GovernanceInboxSectionBuilder.php`, `apps/platform/app/Support/EnvironmentDashboard/EnvironmentDashboardSummaryBuilder.php`, and `apps/platform/app/Support/Workspaces/WorkspaceOverviewBuilder.php` so aggregate operation follow-up uses current actionability counts and links, or explicitly documents any remaining historical-only usage.
- [x] T052 Update `apps/platform/app/Support/Operations/OperationRunActionEligibility.php` to consume actionability and avoid primary actions for superseded/resolved rows unless the action is pure history/detail navigation.
- [x] T053 Update `apps/platform/app/Livewire/BulkOperationProgress.php` and `App\Support\OpsUx\ActiveRuns` so shell active-run progress remains active-run only; remove current terminal follow-up from active progress or convert it to a distinct actionability-backed non-active signal with test coverage.
- [x] T054 Update EN/DE localization keys only for new visible actionability labels/reasons; avoid raw reason-code leakage.
## Phase 6: UI Coverage and Documentation-In-Feature
**Purpose**: Keep UI-COV and close-out evidence inside the active spec package.
- [x] T055 Decide whether implementation materially changes Operations/dashboard/governance-inbox/environment-dashboard/workspace-overview coverage artifacts.
- [x] T056 If coverage artifacts change, update the relevant `docs/ui-ux-enterprise-audit/` route inventory/design matrix/page report entries.
- [x] T057 If coverage artifacts do not change, record the checked no-update rationale in `specs/367-operationrun-actionability-system/implementation-close-out.md` or the active PR close-out.
- [x] T058 If browser smoke is run, store screenshots or notes under `specs/367-operationrun-actionability-system/artifacts/`.
- [x] T059 Record implementation close-out including Filament v5/Livewire v4 compliance, provider location, global search status, destructive action status, asset strategy, test commands, and deployment impact.
## Phase 7: Validation
**Purpose**: Prove the feature and guardrails without broad suite drift.
- [x] T060 Run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Unit/Support/Operations tests/Feature/Operations tests/Feature/Monitoring tests/Feature/Filament`.
- [x] T061 Run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Feature/Guards`.
- [x] T062 If browser coverage was added, run `cd apps/platform && ./vendor/bin/sail php vendor/bin/pest tests/Browser/Spec367OperationRunActionabilitySmokeTest.php`.
- [x] T063 Run `cd apps/platform && ./vendor/bin/sail pint --dirty --test`.
- [x] T064 Run `git diff --check`.
- [x] T065 Review `rg -n "terminalFollowUp|dashboardNeedsFollowUp|problemClass|requiresDashboardFollowUp|requiresOperatorReview" apps/platform/app` and confirm any remaining usages are historical-only, model/internal compatibility, or explicitly documented in `repo-truth-map.md` / implementation close-out.
- [x] T066 Review `rg -n "GraphClientInterface|graph\\("` in new/changed actionability files and confirm there are no render-time Graph calls.
- [x] T067 Confirm no migrations, packages, env vars, queues, scheduler changes, storage changes, panel provider changes, global search changes, or Filament asset registrations were introduced.
## Explicit Non-Goals
- [x] T068 Do not add manual acknowledge/resolve UI.
- [x] T069 Do not create a persisted actionability table or column.
- [x] T070 Do not rewrite historical OperationRun rows.
- [x] T071 Do not introduce new destructive actions, retries, restore re-execution, or force-complete actions.
- [x] T072 Do not enable global search for `OperationRunResource`.
Reference in New Issue View Git Blame Copy Permalink