ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
6a27609875
TenantAtlas/specs/039-inventory-program/spec.md
Ahmed Darrazi 6a27609875 spec: add inventory specs 039-044
2026-01-07 14:58:39 +01:00

56 lines
2.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Feature Specification: Inventory Program (Meta)
**Feature Branch**: `feat/039-inventory-program`
**Created**: 2026-01-07
**Status**: Draft
## Purpose
This is an epic/program-level specification that anchors vision, scope, principles, and a roadmap for an Inventory-first approach across TenantPilot.
This document is intentionally non-implementation and does not require immediate code changes.
## Program Goals
- Establish Inventory as the primary substrate for analysis, reporting, monitoring, and UI navigation (Inventory is “last observed”, not absolute Intune truth).
- Maintain immutable snapshots/backups as explicit actions (manual/scheduled), separate from inventory sync.
- Provide a config-driven coverage/support matrix across policy types (backup/restore/risk/support).
- Build toward dependency visibility, cross-tenant comparison/promotion, and drift detection.
## Key Definitions
- **Inventory**: TenantPilots last observed catalog of Intune objects (mutable; updated by sync runs).
- **Snapshot/Backup**: Immutable capture of an objects payload for versioning/restore (explicit action).
- **Coverage/Support Matrix**: Derived view describing support level (backup/restore/risk) per policy type.
## Data Domains
- Inventory Items
- Sync Runs (observability)
- Support/Capabilities derived from contracts/config
- Dependencies (links between inventory items and foundation objects)
- Cross-tenant context (explicit and access-checked)
## Principles (Program-level)
- Inventory-first, snapshots-second
- Read/write separation by default (preview + confirmation + audit + tests for writes)
- Single contract path to Graph
- Deterministic capabilities
- Tenant isolation is non-negotiable
- Automation is idempotent & observable (locks, run records, stable error codes)
- Data minimization & safe logging
## Roadmap / Decomposition
- **Spec 040 — Inventory Core**: inventory items + sync runs + deterministic selection + missing semantics
- **Spec 041 — Inventory UI**: inventory lists, coverage matrix, sync runs UI, policy viewer
- **Spec 042 — Dependencies Graph**: inventory_links and dependency views (assignments/scope tags/filters first)
- **Spec 043 — Cross-tenant Compare & Promotion**: read-only compare first; gated promotion later
- **Spec 044 — Drift MVP**: drift findings based on inventory/run metadata and optional hashes
## Non-Goals
- This meta spec does not define concrete schemas or endpoints.
- This meta spec does not introduce new write paths (promotion/remediation) without dedicated feature specs.
Reference in New Issue View Git Blame Copy Permalink