ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
548a37c888
TenantAtlas/specs/294-provider-verification-runtime-semantics/tasks.md
ahmido d3158f5103 test: stabilize provider verification runtime semantics (#349) 
## Summary
- align verification-start tests with the canonical credential-enabled provider fixture
- seed required tenant-permission evidence for provider operation start tests so inventory/compliance assertions exercise the real queued and `scopeBusy` contracts
- refresh stale provider-connection and verification-report test baselines to current shared output
- add the complete Spec 294 artifacts for the bounded provider/verification stabilization follow-up

## Scope
- bounded to `apps/platform/tests`, shared Pest test helpers, and `specs/294-provider-verification-runtime-semantics`
- no runtime application code changes under `apps/platform/app`
- no schema, route-cutover, framework, or asset changes

## Validation
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Verification/VerificationAuthorizationTest.php tests/Feature/Verification/VerificationStartAfterCompletionTest.php tests/Feature/Verification/VerificationStartDedupeTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections/ProviderDispatchGateStartSurfaceTest.php tests/Feature/ProviderConnections/ProviderOperationConcurrencyTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections/ProviderConnectionNeutralitySpec238Test.php tests/Feature/Verification/ProviderConnectionHealthCheckWritesReportTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections tests/Feature/Verification`
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`

## Notes
- browser smoke was not run because the final diff contains no runtime app or UI changes; only tests, shared test helpers, and spec artifacts changed
- provider registration remains unchanged in `apps/platform/bootstrap/providers.php`
- no new globally searchable resource or destructive action behavior was introduced

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #349
2026-05-11 08:26:17 +00:00

103 lines
7.6 KiB
Markdown
Raw Blame History

# Tasks: Provider Verification Runtime Semantics Stabilization
**Input**: Design documents from `specs/294-provider-verification-runtime-semantics/`
**Prerequisites**: `spec.md`, `plan.md`, `research.md`, `data-model.md`, `quickstart.md`, `failure-classification.md`, `checklists/requirements.md`
**Review Artifact**: `specs/294-provider-verification-runtime-semantics/checklists/requirements.md`
**Failure Inventory**: `specs/294-provider-verification-runtime-semantics/failure-classification.md`
## Review Metadata
- **Review outcome class**: `acceptable-special-case`
- **Workflow outcome**: `keep`
- **Test-governance outcome**: `keep`
- **Stop / split triggers**: route-cutover repair, full-suite repair outside the target lane, new tables, persisted provider profiles, new run status values, new provider abstractions, new verification schema version, or historical-spec rewrites
## Pinned Failure-Classification Categories
- `surface-or-report-baseline-drift`
- `fixture-contract-drift`
- `provider-verification-runtime-regression`
- `dedupe-concurrency-contract-drift`
- `out-of-scope-existing-debt`
- `resolved-or-not-needed`
## Pinned Stabilization Seams
- `provider-neutrality-surface`
- `shared-startable-fixtures`
- `verification-start-contract`
- `provider-dispatch-concurrency`
- `verification-report-summary`
## Grouping Unit
In `294`, one failure group equals one failing test file or one failing scenario cluster that shares one seam and one category. The authoritative grouped baseline lives in `failure-classification.md`.
## Test Governance Checklist
- [x] The primary proof command is the bounded ProviderConnections/Verification feature lane.
- [x] Focused reruns are defined for verification start, provider dispatch/concurrency, and surface/report baseline clusters.
- [x] The existing provider-connection scope browser smoke is conditional and reused only if visible provider-connection disclosure changes.
- [x] No new browser family or heavy-governance lane is required.
- [x] Formatting is closed with `./vendor/bin/sail bin pint --dirty --format agent`.
## Phase 1: Setup and Classification
- [x] T001 Review `spec.md`, `plan.md`, `research.md`, `data-model.md`, `quickstart.md`, `failure-classification.md`, and `checklists/requirements.md` before touching runtime or tests; confirm Spec `293` remains context only.
- [x] T002 [P] Re-run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections tests/Feature/Verification`; the grouped prep-time baseline remained unchanged before implementation, and the final in-scope rerun closed green at `109 passed`.
- [x] T003 [P] Confirm each failing group still maps to exactly one pinned seam and one pinned category before the first code change.
## Phase 2: User Story 1 - Verification start contract (Priority: P1)
**Goal**: canonical startable verification fixtures and runtime owners agree on `started`, `deduped`, fresh post-completion reruns, and real blocked semantics.
**Independent Proof**:
```bash
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Verification/VerificationAuthorizationTest.php tests/Feature/Verification/VerificationStartAfterCompletionTest.php tests/Feature/Verification/VerificationStartDedupeTest.php
```
- [x] T004 [P] Update `apps/platform/tests/Feature/Verification/VerificationAuthorizationTest.php` so the started path uses a canonical startable fixture and any intentionally blocked case stays explicit.
- [x] T005 [P] Update `apps/platform/tests/Feature/Verification/VerificationStartAfterCompletionTest.php` and `apps/platform/tests/Feature/Verification/VerificationStartDedupeTest.php` to pin fresh-run-after-completion and same-run dedupe semantics against canonical fixture data.
- [x] T006 Verify `apps/platform/tests/Pest.php` remains the canonical source of startable verification truth and update the touched verification fixture call sites to use `createUserWithTenant(..., fixtureProfile: 'credential-enabled')`.
- [x] T007 Focused reruns proved the canonical verification runtime owner already matched repo truth, so no `StartVerification` runtime change was needed.
## Phase 3: User Story 2 - Provider-operation concurrency (Priority: P1)
**Goal**: same-operation reruns dedupe, different active operations on the same provider connection return `scopeBusy`, and queue/run counts stay gate-owned.
**Independent Proof**:
```bash
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections/ProviderDispatchGateStartSurfaceTest.php tests/Feature/ProviderConnections/ProviderOperationConcurrencyTest.php
```
- [x] T008 [P] Update `apps/platform/tests/Feature/ProviderConnections/ProviderDispatchGateStartSurfaceTest.php` to pin the current cross-operation `scopeBusy` follow-through and queue-count contract.
- [x] T009 [P] Update `apps/platform/tests/Feature/ProviderConnections/ProviderOperationConcurrencyTest.php` to pin same-operation dedupe, cross-operation `scopeBusy`, and run-identity expectations after fixture alignment.
- [x] T010 Align the provider-operation fixture prerequisites instead of widening runtime code; focused reruns proved `ProviderOperationStartGate` and `OperationRunService` did not need changes once capability evidence existed.
## Phase 4: User Story 3 - Surface and report baselines (Priority: P2)
**Goal**: provider connection disclosure and verification report summaries match the current shared owner truth.
**Independent Proof**:
```bash
export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections/ProviderConnectionNeutralitySpec238Test.php tests/Feature/Verification/ProviderConnectionHealthCheckWritesReportTest.php
```
- [x] T011 [P] Update `apps/platform/tests/Feature/ProviderConnections/ProviderConnectionNeutralitySpec238Test.php` so the assertions pin the current neutral target-scope disclosure and nested provider identity detail baseline without reintroducing `Entra`-only wording.
- [x] T012 [P] Update `apps/platform/tests/Feature/Verification/ProviderConnectionHealthCheckWritesReportTest.php` so `summary.counts.total` follows the current emitted check inventory instead of a stale literal ceiling.
- [x] T013 Focused reruns proved the current surface/report producers were already correct, so no runtime change was needed in the provider target-scope or verification report seams.
## Phase 5: Cross-Cutting Validation and Close-Out
- [x] T014 Run the focused verification-start proof command from Phase 2 until it passes.
- [x] T015 Run the focused provider-dispatch proof command from Phase 3 until it passes.
- [x] T016 Run the focused surface/report proof command from Phase 4 until it passes.
- [x] T017 Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/ProviderConnections tests/Feature/Verification` and confirm the full in-scope lane is green.
- [x] T018 [P] Runtime provider-connection disclosure did not change in application code, so the existing browser smoke was not required for this implementation.
- [x] T019 Run `export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`.
- [x] T020 Review `failure-classification.md` and `checklists/requirements.md` one last time to confirm no route-cutover, full-suite, table/profile/run-status, provider-framework, verification-schema-version, or historical-spec-rewrite work slipped into `294`, and classify any residual mismatch instead of widening scope silently.
Reference in New Issue View Git Blame Copy Permalink