ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
27d520b4aa
TenantAtlas/specs/215-website-core-pages/spec.md
Ahmed Darrazi 27d520b4aa
Some checks failed
PR Fast Feedback / fast-feedback (pull_request) Failing after 1m10s
Details
feat: implement website core pages IA
2026-04-19 12:16:45 +02:00

21 KiB
Raw Blame History

Feature Specification: Website Information Architecture / Core Pages

Feature Branch: 215-website-core-pages
Created: 2026-04-19
Status: Draft
Input: User description: "Define the initial information architecture and core public pages for apps/website, including required pages, page roles, navigation, route model, optional surfaces, trust/legal/update rules, and explicit exclusion of apps/platform and page-level design."

Spec Candidate Check (mandatory - SPEC-GATE-001)

  • Problem: apps/website currently risks inheriting its page inventory from theme defaults or ad hoc page requests instead of from a deliberate buyer journey and product-truth model.
  • Today's failure: Early website work can produce too many thin pages, unclear navigation, buried trust signals, and premature prominence for pricing, docs, or content hubs before product understanding is solid.
  • User-visible improvement: Visitors can understand what the product is, why it matters, why it is credible, and what to do next without navigating a bloated or immature sitemap.
  • Smallest enterprise-capable version: Define a website-local information architecture with required public pages, clear page jobs, a small navigation model, route priorities, and explicit rules for optional and later surfaces.
  • Explicit non-goals: Visual page design, hero or section composition, final copy, SEO strategy, CMS decisions, detailed docs IA, Filament or platform theming, platform IA, auth or app routing, pricing-model decisions, and full content drafting.
  • Permanent complexity imported: A website-local IA vocabulary for core surfaces, optional surfaces, deferred surfaces, primary navigation, footer navigation, outcome explanation, trust claims, and discoverability rules.
  • Why now: The website is early enough that route and navigation decisions can still be shaped before empty prestige pages and template-driven structure become expensive defaults.
  • Why not local: Solving IA one page at a time cannot prevent cross-site navigation drift, cannot prioritize trust and buyer understanding consistently, and cannot stop placeholder routes from becoming normalized.
  • Approval class: Core Enterprise
  • Red flags triggered: New website-local taxonomy for public surfaces; risk of drifting into design-detail work; risk of accidental bleed into apps/platform expectations.
  • Score: Nutzen: 3 | Dringlichkeit: 2 | Scope: 2 | Komplexitaet: 1 | Produktnaehe: 1 | Wiederverwendung: 2 | Gesamt: 11/12
  • Decision: approve

Spec Scope Fields (mandatory)

  • Scope: workspace
  • Primary Routes: Required core routes are /, /product, /trust, /changelog, the primary conversion route /contact, /privacy, and /imprint; the optional initial content surface for this feature is /resources; retained secondary supporting routes may include /legal, /terms, /solutions, and /integrations without core prominence; deferred route families include later /pricing, /docs, and any expanded dedicated solutions-hub structure.
  • Data Ownership: Website-owned public IA contract only: page taxonomy, route priorities, navigation model, and public-surface rules. No tenant-owned records, platform data, or shared persistence are introduced.
  • RBAC: None. This feature applies to public website surfaces and introduces no authorization model.

Proportionality Review (mandatory when structural complexity is introduced)

  • New source of truth?: yes
  • New persisted entity/table/artifact?: no
  • New abstraction?: yes
  • New enum/state/reason family?: no
  • New cross-domain UI framework/taxonomy?: yes, but only within apps/website
  • Current operator problem: Website contributors and reviewers do not yet have a shared rule set for which public pages deserve prominence, which routes are mandatory, and how product, trust, and next-step surfaces should relate to each other.
  • Existing structure is insufficient because: Theme-provided pages and page-local decisions optimize local convenience but do not guarantee a coherent buyer journey, do not prevent empty prestige pages, and do not protect website work from drifting into platform concerns.
  • Narrowest correct implementation: A website-only IA specification that defines required pages, optional pages, deferred pages, route priorities, and public-surface rules without prescribing page design or implementation details.
  • Ownership cost: Future website work must align with this IA before adding routes, promoting new top-level links, or surfacing public claims that require supporting trust context.
  • Alternative intentionally rejected: Allowing page inventory to emerge from theme defaults or from page-by-page requests was rejected because it would prioritize breadth over clarity and create avoidable credibility problems.
  • Release truth: Current-release truth for apps/website; this spec must not be interpreted as a shared website-platform contract.

Testing / Lane / Runtime Impact (mandatory for runtime behavior changes)

  • Test purpose / classification: Browser
  • Validation lane(s): fast-feedback
  • Why this classification and these lanes are sufficient: This spec governs public route composition, navigation behavior, and discoverability on a static website surface. Build proof plus browser smoke coverage of representative public routes is the narrowest honest proof; no database, auth, tenant, or platform runtime setup is required.
  • New or expanded test families: Focused website smoke coverage for required core routes, global navigation, footer navigation, primary CTA reachability, and optional-surface suppression when content is absent.
  • Fixture / helper cost impact: low; browser smoke helpers may expand slightly, but no backend fixtures, seeds, memberships, providers, or session setup are needed.
  • Heavy-family visibility / justification: none; validation stays in fast-feedback only.
  • Special surface test profile: N/A
  • Standard-native relief or required special coverage: Route-level smoke coverage is sufficient; no platform or operator-surface coverage is required.
  • Reviewer handoff: Reviewers should confirm that required routes exist, trust remains top-level visible, one primary conversion path is obvious, optional content hubs are not promoted when empty, and no route or navigation obligation leaks into apps/platform.
  • Budget / baseline / trend impact: none beyond small website smoke-suite growth.
  • Escalation needed: document-in-feature
  • Active feature PR close-out entry: Smoke Coverage
  • Planned validation commands: corepack pnpm build:website and cd apps/website && corepack pnpm exec playwright test

User Scenarios & Testing (mandatory)

User Story 1 - Understand the product and next step quickly (Priority: P1)

A first-time evaluator can land on the website, understand what TenantPilot / TenantAtlas is, find the most relevant deeper pages, and identify a clear next step without being forced through pricing, docs, or thin placeholder pages.

Why this priority: Product understanding and next-step clarity are the primary purpose of the public website and the strongest reason to keep the IA small.

Independent Test: Review the homepage and global navigation and confirm that a first-time visitor can identify the product surface, trust surface, changelog surface, and primary conversion surface without needing any deferred routes.

Acceptance Scenarios:

  1. Given a first-time visitor lands on /, When they review the homepage and primary navigation, Then they can identify what the product is, where to validate trust, and how to take the next step.
  2. Given a visitor enters directly on /product, When they want more confidence or a sales path, Then they can reach /trust and the primary contact surface without navigating through unrelated pages.

User Story 2 - Validate trust and technical seriousness (Priority: P1)

A technical decision maker or security stakeholder can find a dedicated trust surface that supports public claims about security, isolation, hosting, and operating discipline without relying on vague marketing copy.

Why this priority: Trust is a first-class purchase filter for this product category and must be structurally visible, not buried as footer-only material.

Independent Test: Review /trust and confirm that public trust, hosting, or residency claims have one explicit supporting surface and are not scattered or implied without context.

Acceptance Scenarios:

  1. Given a visitor sees a public claim about hosting region, isolation, or operational discipline, When they open /trust, Then they find that claim explained, bounded, or explicitly limited on that page.
  2. Given the homepage keeps trust content intentionally concise, When a technical evaluator needs deeper reassurance, Then the IA routes them to /trust rather than forcing them to infer trust from unrelated marketing sections.

User Story 3 - See visible product progress (Priority: P2)

A returning visitor or existing follower can verify that the product is evolving by using a dedicated changelog surface instead of hunting across product pages or editorial content.

Why this priority: Visible product motion helps credibility, but it comes after basic product and trust understanding.

Independent Test: Review the core IA and confirm that a returning visitor has a direct route to dated product updates without depending on a blog or resource hub.

Acceptance Scenarios:

  1. Given a returning visitor wants to know what changed recently, When they open /changelog, Then they see dated, concrete progress signals in one dedicated surface.
  2. Given optional resources or later editorial content is not yet substantive, When the visitor uses primary navigation, Then the IA does not elevate an empty content hub in place of the changelog.

Edge Cases

  • Optional /resources content is not ready yet, and the later editorial articles collection is still unpublished, so the website must remain coherent without promoting either surface in primary navigation.
  • A public hosting or data-residency claim exists, but no supporting trust explanation is available yet; the claim must be removed or the trust surface must support it before publication.
  • A separate /solutions hub is not launched initially, so homepage and product surfaces must still carry buyer-oriented outcome explanation.
  • A future /demo route may exist eventually, but /contact remains the clear primary next-step path in the initial IA.
  • Docs or pricing material may exist in partial form, but they must not be promoted as primary navigation until they are mature enough to support honest public expectations.

Requirements (mandatory)

Constitution alignment (required): This feature introduces no Microsoft Graph calls, no queueing, no long-running operations, no authorization changes, and no Filament operator surfaces. Its contract is explicitly local to apps/website and must not create obligations for apps/platform.

Constitution alignment (UI-SEM-001 / LAYER-001 / BLOAT-001): This feature intentionally introduces a website-local IA and surface-priority layer because ad hoc route growth and theme-driven page inventories are insufficient to produce a coherent enterprise website. The layer is scoped narrowly to public website surfaces and must not expand into platform IA or a shared website-platform taxonomy without a separate spec.

Implementation boundary: Any implementation under this specification MUST preserve the existing website working contract by keeping @tenantatlas/website, WEBSITE_PORT, and the root dev:website / build:website workflows intact, and it MUST NOT introduce runtime or package coupling to apps/platform.

Functional Requirements

  • FR-001: The specification MUST define an initial public information architecture for apps/website that is explicitly local to the website and explicitly excludes apps/platform, platform IA, Filament theming, and app-auth routing decisions.
  • FR-002: The initial required core surfaces MUST be Home, Product, Trust, the primary conversion surface /contact, Privacy, and Imprint.
  • FR-003: The initial IA MUST classify Changelog as a strongly recommended public surface with a named role in the website journey.
  • FR-004: The IA MAY classify Resources as an optional initial surface, but only when substantive content exists and the route is not a placeholder; any later blog/editorial surface MUST remain unpublished until a separate spec activates it.
  • FR-005: Pricing, Customers or Case Studies, Careers, Compare or Alternatives, Status, a full Docs portal, and a dedicated Solutions hub MUST be treated as deferred surfaces rather than initial core requirements.
  • FR-006: The homepage at / MUST act as a routing, positioning, and trust hub that explains the product at a high level and opens clear paths to Product, Trust, Changelog, and the primary conversion surface.
  • FR-007: The homepage MUST include buyer-oriented outcome or use-case explanation and MUST NOT rely on feature taxonomy alone to explain why the product matters.
  • FR-008: The product surface at /product MUST explain what TenantPilot / TenantAtlas is, what it is not, how its capability areas are grouped, and how those capabilities relate to buyer outcomes.
  • FR-009: The product surface MUST cover, at an appropriate public level, Backup, Restore, Versioning, Audit, Inventory or Drift Detection, and Governance topics such as Baselines, Findings, Exceptions, Evidence, and Reviews.
  • FR-010: The trust surface at /trust MUST exist as a first-class public page and MUST cover security and operating principles, a public-safe architecture overview, tenant isolation, credential or access handling, protection measures, update and operating discipline, and a path for deeper trust or security questions.
  • FR-011: Any public claim about hosting region, data residency, tenant isolation, or security posture MUST be supported, bounded, or contextualized on /trust, and the website MUST NOT make absolute legal-compliance claims that it cannot responsibly qualify.
  • FR-012: The changelog surface at /changelog MUST show dated, concrete product progress and MUST NOT be treated as a replacement for the product page or for long-form editorial content.
  • FR-013: The website MUST expose /contact as the clear, low-friction primary conversion surface, and if a demo option exists later, it MUST remain secondary unless a future spec changes the primary conversion route.
  • FR-014: The initial top-level navigation MUST remain intentionally small and SHOULD default to Product, Trust, Changelog, optional Resources only when substantive, and Contact, plus one primary CTA.
  • FR-015: The brand or logo MUST route visitors to /.
  • FR-016: No top-level navigation item or other prominent public link MAY point to a placeholder, thin-content, or template-only page.
  • FR-017: Trust MUST remain visible in top-level navigation and MUST NOT be relegated to footer-only discoverability.
  • FR-018: The footer MUST group product, trust or legal, contact, and optional content or docs links in a consistent public navigation model.
  • FR-019: The initial URL model MUST use short, clear public paths and MUST avoid unnecessary early nesting, artificial segmentation, or mixing marketing routes with app routes.
  • FR-020: The website MUST provide a buyer-oriented outcome or use-case explanation layer on the homepage, on the product page, or on both, even if a dedicated /solutions hub is not launched initially.
  • FR-021: Docs MAY become discoverable once a minimal, credible documentation surface exists, but the IA MUST NOT force Docs into primary navigation before that threshold is met.
  • FR-022: Pricing MAY be introduced later, but the IA MUST NOT force Pricing into primary navigation until packaging, expectations, and public framing are mature enough to be honest and coherent.
  • FR-023: The page relationship model MUST support an entry route, a first-clarification phase, a deeper-exploration phase, and a clear action phase ending in Contact.
  • FR-024: Public website language and page prioritization MUST favor product truth, trust, outcome understanding, and clear next steps over hype, fake maturity signals, or inflated enterprise theater.
  • FR-025: The specification MUST define its deliverables explicitly: required core page list, role of each page, top-level navigation, footer navigation, route model, optional-surface rules, deferred-surface list, outcome-explanation rule, trust-claim rule, and docs-discoverability rule.
  • FR-026: No requirement in this specification MAY be interpreted as a commitment to platform routing, platform design, or shared website-platform IA work.
  • FR-027: Implementation work under this specification MUST preserve the website working contract by retaining @tenantatlas/website, WEBSITE_PORT, and the root dev:website / build:website workflows, and it MUST NOT introduce runtime coupling or shared-package obligations for apps/platform.

Out of Scope

  • Visual design of individual pages
  • Hero or section composition
  • Final production copy
  • SEO keyword planning
  • CMS selection
  • Detailed documentation IA
  • Filament or apps/platform theming
  • Platform IA
  • Auth or app-routing behavior
  • Pricing-model decisions
  • Full content drafting for each page

Assumptions

  • apps/website must work for enterprise buyers, MSPs, technical decision makers, security or governance stakeholders, and returning followers without creating separate website tracks for each audience in the initial IA.
  • Outcome and use-case explanation can live inside Home and Product initially without requiring a dedicated Solutions hub.
  • Legal basics must be present from the start, while Docs and Pricing can remain deferred until their public substance is strong enough.
  • The initial website should favor a small number of durable public routes over a broad marketing sitemap.
  • For Spec 215 execution, the optional content surface standardizes on /resources; the existing editorial articles collection remains unpublished until a later blog/editorial spec activates it.
  • Existing /legal, /terms, /solutions, and /integrations pages may remain published as secondary supporting surfaces, but they MUST NOT displace the required core IA in top-level navigation or buyer flow.

Key Entities (include if feature involves data)

  • Core Surface: A required initial public page that carries one named job in the buyer journey and is part of the minimal credible website.
  • Optional Initial Surface: A page family such as Resources that is allowed in the initial IA only if substantive content exists at launch.
  • Deferred Surface: A public page family intentionally excluded from the initial core website until its content, claims, or business model are mature enough.
  • Trust Surface: The dedicated public page that supports technical seriousness, trust claims, and bounded public statements about hosting, residency, isolation, and operating discipline.
  • Outcome Explanation Layer: The buyer-oriented explanation of operational or business problems solved by the product, expressed without depending on a dedicated Solutions hub.
  • Primary Conversion Surface: The main next-step path, Contact in the initial IA, that converts public understanding into a clear action.

Success Criteria (mandatory)

Measurable Outcomes

  • SC-001: The IA defines 100% of required initial core routes: /, /product, /trust, /changelog, the primary conversion route /contact, /privacy, and /imprint.
  • SC-002: 100% of top-level navigation items in the initial IA map to named core or approved optional surfaces with explicit roles, and 0 prominent links point to placeholder or thin-content pages.
  • SC-003: From each core entry route (/, /product, /trust, and /changelog), a visitor can reach the primary conversion surface in no more than 2 clicks.
  • SC-004: 100% of public hosting, residency, isolation, or security claims in the initial IA have a designated supporting or bounding surface on /trust, or the claim is excluded from the public website.
  • SC-005: Reviewers can map the four core buyer questions - what is it, who is it for, why trust it, and what next - to explicit public surfaces without requiring an initial Pricing page, Docs portal, or dedicated Solutions hub.
  • SC-006: The initial informational top-level navigation exposes no more than 5 public route entries plus one primary CTA, preserving a deliberately small public IA.

Planned Follow-on Specs

  • Spec 216 - Homepage Structure and Section Model
  • Spec 217 - Product Page Structure
  • Spec 218 - Trust Surface
  • Spec 219 - Contact / Demo Flow
  • Spec 220 - Changelog Surface
  • Spec 221 - Blog / Resources Surface, if activated
  • Spec 222 - Solutions / Use-Case Surfaces, if activated later
  • Spec 223 - Pricing Surface, if activated later