ahmido
2e6504618c
## Summary - add the localized evaluation-readiness route pair at `/evaluierung` and `/en/evaluation` with a shared page component - wire homepage, platform, trust, review-pack, use-case, footer, and locale-switcher discovery paths into the new evaluation surface - add smoke coverage plus full Spec Kit artifacts for the evaluation, procurement, and rollout readiness feature ## Validation - `corepack pnpm --filter @tenantatlas/website build` - `WEBSITE_PORT=4322 corepack pnpm --filter @tenantatlas/website test tests/smoke/public-routes.spec.ts` - `WEBSITE_PORT=4323 corepack pnpm --filter @tenantatlas/website test tests/smoke/interaction.spec.ts` Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #408
254 lines
8.3 KiB
YAML
254 lines
8.3 KiB
YAML
openapi: 3.1.0
|
|
info:
|
|
title: Tenantial Public Evaluation Readiness Routes
|
|
version: 0.1.0
|
|
description: >
|
|
Static public website route contract for Spec 409. These routes return
|
|
HTML pages only and do not expose platform runtime APIs, tenant data,
|
|
onboarding state, procurement workflows, legal-document downloads, or
|
|
trial-provisioning behavior.
|
|
servers:
|
|
- url: http://127.0.0.1:4321
|
|
description: Local website preview using WEBSITE_PORT default
|
|
paths:
|
|
/evaluierung:
|
|
get:
|
|
summary: German public evaluation, procurement, and rollout-readiness page
|
|
operationId: getGermanEvaluationReadinessPage
|
|
tags:
|
|
- Public Website
|
|
responses:
|
|
"200":
|
|
description: Static HTML evaluation-readiness page
|
|
content:
|
|
text/html:
|
|
schema:
|
|
type: string
|
|
examples:
|
|
page:
|
|
summary: Required visible content
|
|
value: "Tenantial sicher evaluieren und kontrolliert pilotieren. Demo, Pilot-Scope, Provider-Berechtigungen und Trust-Fragen in einem belastbaren Ablauf."
|
|
"404":
|
|
description: Route not configured
|
|
x-content-requirements:
|
|
locale: de
|
|
mustInclude:
|
|
- Hero framing for safe evaluation and controlled pilot readiness
|
|
- Evaluation path from discovery call to review and next step
|
|
- Preparation section covering use case, scope, owner, security/privacy contact, review objective, and success criteria
|
|
- Typical pilot scenarios for MSP, internal IT, backup/versioning, evidence/audit, and provider-permission readiness
|
|
- Stakeholder section covering MSP, IT, Microsoft 365 admin, security, Datenschutz, and procurement roles
|
|
- Security and procurement checklist with trust, AVV/DPA/TOM status, provider permissions, hosting/subprocessors, audit/retention, and commercial fit
|
|
- Microsoft 365 access section describing read-oriented access, write or recovery-adjacent access, consent/admin-role readiness, and no blind execution
|
|
- Boundary section explaining what the first evaluation does not require
|
|
- Example timeline framed as non-guaranteed guidance
|
|
- Buyer FAQ with direct, cautious answers
|
|
- Final CTA with real destinations only
|
|
- Real CTA destinations only
|
|
mustNotInclude:
|
|
- href="#"
|
|
- procurement readiness website surface
|
|
- productization gap
|
|
- repo-real foundation
|
|
- workspace-first route context
|
|
- capability registry
|
|
- provider-neutral artifact taxonomy
|
|
- instant trial
|
|
- self-service onboarding available
|
|
- sofort kostenlos starten
|
|
- DSGVO-konform
|
|
- ISO-zertifiziert
|
|
- NIS2-konform
|
|
- garantiert auditbereit
|
|
- automatic remediation
|
|
- automatic restore
|
|
- one-click restore
|
|
- Google supported
|
|
- AWS supported
|
|
- no customer data stored
|
|
- in Deutschland gehostet
|
|
/en/evaluation:
|
|
get:
|
|
summary: English public evaluation, procurement, and rollout-readiness page
|
|
operationId: getEnglishEvaluationReadinessPage
|
|
tags:
|
|
- Public Website
|
|
responses:
|
|
"200":
|
|
description: Static HTML evaluation-readiness page
|
|
content:
|
|
text/html:
|
|
schema:
|
|
type: string
|
|
examples:
|
|
page:
|
|
summary: Required visible content
|
|
value: "Evaluate Tenantial through a controlled demo, focused pilot, and clear trust review path for Microsoft 365 governance."
|
|
"404":
|
|
description: Route not configured
|
|
x-content-requirements:
|
|
locale: en
|
|
mustInclude:
|
|
- Hero framing for safe evaluation and controlled pilot readiness
|
|
- Evaluation path from discovery call to review and next step
|
|
- Preparation section covering use case, scope, owner, security/privacy contact, review objective, and success criteria
|
|
- Typical pilot scenarios for MSP, internal IT, backup/versioning, evidence/audit, and provider-permission readiness
|
|
- Stakeholder section covering MSP, IT, Microsoft 365 admin, security, privacy, and procurement roles
|
|
- Security and procurement checklist with trust, AVV/DPA/TOM status, provider permissions, hosting/subprocessors, audit/retention, and commercial fit
|
|
- Microsoft 365 access section describing read-oriented access, write or recovery-adjacent access, consent/admin-role readiness, and no blind execution
|
|
- Boundary section explaining what the first evaluation does not require
|
|
- Example timeline framed as non-guaranteed guidance
|
|
- Buyer FAQ with direct, cautious answers
|
|
- Final CTA with real destinations only
|
|
- Real CTA destinations only
|
|
mustNotInclude:
|
|
- href="#"
|
|
- procurement readiness website surface
|
|
- productization gap
|
|
- repo-real foundation
|
|
- workspace-first route context
|
|
- capability registry
|
|
- provider-neutral artifact taxonomy
|
|
- instant trial
|
|
- self-service onboarding available
|
|
- DSGVO-konform
|
|
- ISO-zertifiziert
|
|
- NIS2-konform
|
|
- guaranteed audit readiness
|
|
- automatic remediation
|
|
- automatic restore
|
|
- one-click restore
|
|
- Google supported
|
|
- AWS supported
|
|
- no customer data stored
|
|
- hosted in Germany
|
|
components:
|
|
schemas:
|
|
EvaluationPathStep:
|
|
type: object
|
|
required:
|
|
- key
|
|
- title
|
|
- content
|
|
properties:
|
|
key:
|
|
type: string
|
|
enum:
|
|
- discovery-call
|
|
- product-walkthrough
|
|
- security-privacy-review
|
|
- technical-readiness-check
|
|
- focused-pilot
|
|
- review-next-step
|
|
title:
|
|
type: string
|
|
content:
|
|
type: string
|
|
PreparationCard:
|
|
type: object
|
|
required:
|
|
- key
|
|
- title
|
|
- content
|
|
properties:
|
|
key:
|
|
type: string
|
|
enum:
|
|
- use-case
|
|
- microsoft-365-scope
|
|
- technical-owner
|
|
- security-privacy-contact
|
|
- review-objective
|
|
- success-criteria
|
|
title:
|
|
type: string
|
|
content:
|
|
type: string
|
|
PilotScenarioCard:
|
|
type: object
|
|
required:
|
|
- key
|
|
- title
|
|
- content
|
|
properties:
|
|
key:
|
|
type: string
|
|
enum:
|
|
- msp-customer-review
|
|
- internal-it-governance
|
|
- policy-backup-versioning
|
|
- evidence-audit-preparation
|
|
- provider-permission-readiness
|
|
title:
|
|
type: string
|
|
content:
|
|
type: string
|
|
StakeholderCard:
|
|
type: object
|
|
required:
|
|
- key
|
|
- title
|
|
- content
|
|
properties:
|
|
key:
|
|
type: string
|
|
enum:
|
|
- msp-service-owner
|
|
- msp-operator
|
|
- it-leadership
|
|
- microsoft-365-admin
|
|
- security
|
|
- datenschutz-dpo
|
|
- procurement-vendor-management
|
|
title:
|
|
type: string
|
|
content:
|
|
type: string
|
|
SecurityChecklistItem:
|
|
type: object
|
|
required:
|
|
- key
|
|
- title
|
|
- content
|
|
properties:
|
|
key:
|
|
type: string
|
|
enum:
|
|
- trust-privacy
|
|
- avv-dpa-tom
|
|
- provider-permissions
|
|
- hosting-subprocessors
|
|
- audit-retention
|
|
- commercial-fit
|
|
title:
|
|
type: string
|
|
content:
|
|
type: string
|
|
AccessPrinciple:
|
|
type: object
|
|
required:
|
|
- key
|
|
- title
|
|
- content
|
|
properties:
|
|
key:
|
|
type: string
|
|
enum:
|
|
- read-oriented-access
|
|
- write-recovery-adjacent-access
|
|
- consent-admin-roles
|
|
- no-blind-execution
|
|
title:
|
|
type: string
|
|
content:
|
|
type: string
|
|
BuyerFaqItem:
|
|
type: object
|
|
required:
|
|
- question
|
|
- answer
|
|
properties:
|
|
question:
|
|
type: string
|
|
answer:
|
|
type: string |