ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
74e75c3edf
TenantAtlas/specs/282-governance-artifact-retargeting/tasks.md
ahmido f50d57370f feat: cut over workspace-first admin environment surfaces (#341) 
## Summary
- cut over the admin runtime to the workspace-first environment and operations routes from spec 280
- retarget governance artifact resources, related navigation, and operation drillthroughs to the surviving admin panel contract from spec 282
- add focused feature and browser coverage plus spec close-out updates for the shipped 280/282 slice

## Validation
- `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/WorkspaceFoundation tests/Feature/Workspaces tests/Feature/ManagedEnvironment tests/Feature/RequiredPermissions tests/Feature/Operations tests/Feature/MonitoringOperationsTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec280WorkspaceTenancyEnvironmentRoutingSmokeTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php`
- `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php`

## Notes
- provider registration remains in `apps/platform/bootstrap/providers.php`
- Filament stays on v5 with Livewire v4 semantics
- touched searchable governance surfaces remain truthful or disabled in the same slice

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #341
2026-05-07 23:50:36 +00:00

21 KiB
Raw Blame History

description
Task list for Governance Artifact Retargeting to ManagedEnvironment

Tasks: Governance Artifact Retargeting to ManagedEnvironment

Input: Design documents from specs/282-governance-artifact-retargeting/
Prerequisites: specs/282-governance-artifact-retargeting/spec.md, specs/282-governance-artifact-retargeting/plan.md, specs/282-governance-artifact-retargeting/checklists/requirements.md, specs/282-governance-artifact-retargeting/research.md, specs/282-governance-artifact-retargeting/data-model.md, specs/282-governance-artifact-retargeting/quickstart.md, specs/282-governance-artifact-retargeting/contracts/governance-artifact-retargeting.logical.openapi.yaml

Tests: REQUIRED (Pest). Keep proof bounded to apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php, apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php, apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php, apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php, and apps/platform/tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php.
Operations: No new OperationRun family. Reuse apps/platform/app/Support/OperationRunLinks.php and apps/platform/app/Support/Navigation/RelatedNavigationResolver.php for all artifact-origin operation drillthroughs.
RBAC: Workspace membership remains the first 404 boundary, managed-environment entitlement remains the second 404 boundary, and in-scope capability denials stay 403.
Shared Pattern Reuse: Reuse ResolvesPanelTenantContext, InteractsWithTenantOwnedRecords, OperateHubShell, CanonicalNavigationContext, RelatedNavigationResolver, OperationRunLinks, and current artifact presenters. Do not add local route helper frameworks or compatibility shims.
Filament / Panel Guardrails: Filament remains v5 on Livewire v4. Provider registration remains in apps/platform/bootstrap/providers.php. Touched searchable resources must keep truthful destinations or remain disabled. Existing destructive or high-impact actions keep ->requiresConfirmation() plus current server authorization. Asset strategy stays unchanged.
Compatibility Posture: Reject schema changes, lifecycle rewrites, stored-report productization drift, provider/taxonomy/RBAC/copy spillover, tenant-panel fallbacks, and route aliases. Keep Specs 267, 277, and 283 through 287 deferred.
External Prerequisite: Spec 280 workspace-first environment route shell must already be merged or otherwise present on the implementation branch before any runtime or test task starts.
Organization: Tasks are grouped by user story so admin-panel registration, read-only artifact context, operation drillthroughs, and no-legacy guardrails remain independently testable.
Review Outcome: blocked-by-prerequisite
Workflow Outcome: keep
Test-governance Outcome: keep

Test Governance Checklist

  • Lane assignment stays fast-feedback, confidence, and one narrow browser lane.
  • New or changed tests stay in the smallest honest families under apps/platform/tests/Feature/Filament/GovernanceArtifacts/ plus one browser smoke file only.
  • Workspace and managed-environment fixtures remain explicit; no tenant-panel compatibility fixtures or hidden context defaults become shared setup.
  • Planned validation commands match spec.md, plan.md, and quickstart.md exactly.
  • standard-native-filament and global-context-shell expectations stay explicit for touched surfaces.
  • Any attempt to absorb Specs 267, 277, or 283 through 287 resolves as split or reject-or-split, not hidden scope.

Phase 0: External Gate

Purpose: Confirm the runtime prerequisite from Spec 280 is available before implementation begins.

  • T000 Confirm Spec 280 is already merged or otherwise present on the implementation branch before any runtime or test task begins.

Phase 1: Setup (Shared Context)

Purpose: Confirm the bounded artifact-surface inventory, proof files, and adjacent-spec boundaries before runtime edits begin.

  • T001 Review specs/282-governance-artifact-retargeting/spec.md, plan.md, checklists/requirements.md, research.md, data-model.md, quickstart.md, and contracts/governance-artifact-retargeting.logical.openapi.yaml together so implementation stays on Spec 282 only.
  • T002 [P] Confirm the current governance-register inventory and admin-hide guards in apps/platform/app/Filament/Resources/InventoryItemResource.php, PolicyResource.php, PolicyVersionResource.php, FindingResource.php, and FindingExceptionResource.php.
  • T003 [P] Confirm the current recovery and backup inventory and tenant-panel URLs in apps/platform/app/Filament/Resources/BackupScheduleResource.php, BackupSetResource.php, and RestoreRunResource.php.
  • T004 [P] Confirm the current read-only artifact fallbacks and mixed environment-context handling in apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php, TenantReviewResource.php, ReviewPackResource.php, and StoredReportResource.php.
  • T005 [P] Confirm the shared context and deep-link seams in apps/platform/app/Filament/Concerns/ResolvesPanelTenantContext.php, apps/platform/app/Filament/Concerns/InteractsWithTenantOwnedRecords.php, apps/platform/app/Support/OperateHub/OperateHubShell.php, apps/platform/app/Support/Navigation/CanonicalNavigationContext.php, apps/platform/app/Support/Navigation/RelatedNavigationResolver.php, and apps/platform/app/Support/OperationRunLinks.php.
  • T006 [P] Confirm deferred boundaries in specs/267-artifact-lifecycle-retention/spec.md, specs/277-stored-reports-surface/spec.md, specs/280-workspace-tenancy-environment-routing/spec.md, specs/281-provider-connection-scope/spec.md, and specs/282-governance-artifact-retargeting/checklists/requirements.md.

Phase 2: Foundational (Blocking Prerequisites)

Purpose: Establish the proving suite and the shared admin-panel environment-context contract that all touched artifact families depend on.

Critical: No user-story work should begin until this phase is complete.

  • T007 [P] Add failing coverage in apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php for admin-panel registration and workspace-first route ownership of the touched artifact resource families.
  • T008 [P] Add failing coverage in apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php for workspace membership, managed-environment entitlement, mismatched workspace and environment 404, and admin-panel environment resolution without tenant-panel ownership. Mismatched workspace/environment 404 proof landed in GovernanceArtifactAdminPanelRegistrationTest.php because the live HTTP route-ownership assertions and deny-as-404 contract share the same canonical URL surface.
  • T009 [P] Add failing coverage in apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php for artifact-origin related links and operation drillthroughs using workspace-first environment and operations routes.
  • T010 [P] Add failing guard coverage in apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php for touched artifact families that still hide from admin, emit tenant: or panel: 'tenant' URLs, or depend on /admin/t route language.
  • T011 [P] Add the narrow browser smoke in apps/platform/tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php for one workspace-first environment artifact flow covering one governance register and one read-only artifact surface.
  • T012 Update apps/platform/app/Filament/Concerns/ResolvesPanelTenantContext.php, apps/platform/app/Filament/Concerns/InteractsWithTenantOwnedRecords.php, and any cooperating admin-shell helpers so the workspace-first environment route contract is the authoritative context source for the touched artifact families.

Checkpoint: The proving files exist, the admin-panel environment-context helper contract is ready, and user-story work can proceed on top of one shared context model.

Phase 3: User Story 1 - Open governance resources for one environment inside the admin panel (Priority: P1)

Goal: The core governance resource families open inside the workspace-first admin runtime with no tenant-panel registration drift.

Independent Test: Open representative governance registers such as findings, policies, or inventory for one managed environment and confirm they resolve under workspace-first environment routes.

Tests for User Story 1

  • T013 [P] [US1] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php to prove touched governance-register resources stop hiding from the admin panel and open only workspace-first environment routes.
  • T014 [P] [US1] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php to prove collection and detail access deny mismatched workspace or environment scope as 404 for the touched governance-register families. The live 404 route proof landed in GovernanceArtifactAdminPanelRegistrationTest.php because it exercises the canonical HTTP resource URLs directly.

Implementation for User Story 1

  • T015 [US1] Retarget admin registration and route ownership in apps/platform/app/Filament/Resources/InventoryItemResource.php, PolicyResource.php, PolicyVersionResource.php, FindingResource.php, and FindingExceptionResource.php so they resolve inside the workspace-first admin runtime.
  • T016 [US1] Align collection and detail route declarations, breadcrumb order, and context-shell labels across the touched governance-register resources so their list and detail surfaces speak one workspace-first environment contract. Shared WorkspaceScopedTenantRoutes plus the surviving default Filament page routes now give the touched governance-register resources one workspace-first collection/detail contract with no resource-local breadcrumb or route divergence left in the 282 slice.
  • T017 [US1] Update record URLs, related links, and route parameters in the touched governance-register families so no source surface emits tenant: or panel: 'tenant' destinations. The touched governance-register resources now resolve source URLs through static::getUrl(...), RelatedNavigationResolver, and the 282 legacy-tenant guard with no remaining tenant-panel route language in those resource files.

Checkpoint: Governance registers and their detail surfaces live on the workspace-first admin runtime with truthful scope and no tenant-panel route language.

Phase 4: User Story 2 - Read retained evidence and reporting artifacts with the same environment context (Priority: P1)

Goal: Evidence, reviews, review packs, and stored reports stay environment-aware on the admin panel without relying on tenant-panel-only fallbacks.

Independent Test: Open evidence, a review-related artifact, and a stored report from one environment and confirm each surface resolves the correct environment in the workspace-first admin shell.

Tests for User Story 2

  • T018 [P] [US2] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php to cover EvidenceSnapshotResource, TenantReviewResource, ReviewPackResource, and StoredReportResource under the admin-panel environment contract.
  • T019 [P] [US2] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php to prove the touched read-only artifact surfaces no longer require tenant-panel-only context.

Implementation for User Story 2

  • T020 [US2] Retarget apps/platform/app/Filament/Resources/EvidenceSnapshotResource.php, TenantReviewResource.php, ReviewPackResource.php, and StoredReportResource.php so environment resolution on the admin panel does not depend on tenant-panel-only fallbacks.
  • T021 [US2] Preserve existing read-only, download, and presenter semantics on those artifact surfaces while moving their route ownership and related links to the workspace-first admin runtime.

Checkpoint: Read-only artifact viewers and reporting surfaces remain calm and truthful on the admin panel with correct environment context.

Phase 5: User Story 3 - Follow artifact drillthroughs into operations without stale tenant-panel links (Priority: P2)

Goal: Artifact-origin drillthroughs and operational resource actions keep truthful workspace-first navigation into operations and adjacent artifact surfaces.

Independent Test: Open one touched artifact or restore surface, follow its related operation or related-resource link, and confirm the destination stays inside the workspace-first contract.

Tests for User Story 3

  • T022 [P] [US3] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php to prove touched artifact families use workspace-first environment and operations URLs for related-resource and View operation drillthroughs.

Implementation for User Story 3

  • T023 [US3] Retarget related navigation and operation drillthrough calls in apps/platform/app/Support/Navigation/RelatedNavigationResolver.php, apps/platform/app/Support/OperationRunLinks.php, and touched artifact resources so they use the workspace-first route contract only.
  • T024 [US3] Retarget action URLs and related links in apps/platform/app/Filament/Resources/BackupScheduleResource.php, BackupSetResource.php, and RestoreRunResource.php so recovery-safe surfaces preserve their existing action hierarchy while dropping tenant-panel route assumptions. BackupScheduleResource now routes operation follow-up through OperationRunLinks, while BackupSetResource and RestoreRunResource route related drilldowns through RelatedNavigationResolver and OperationRunLinks only, preserving the existing grouped action hierarchy without tenant-panel assumptions.

Checkpoint: Artifact-origin navigation and operation links stay truthful, environment-safe, and tenant-panel-free.

Phase 6: User Story 4 - Keep authorization, search, and no-legacy expectations truthful (Priority: P3)

Goal: Direct URLs, search exposure, and guardrails remain truthful after the artifact-surface retarget.

Independent Test: Open touched direct URLs and any touched searchable or shared-navigation destinations, then confirm truthful workspace-first routing and no surviving tenant-panel dependency.

Tests for User Story 4

  • T025 [P] [US4] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php and GovernanceArtifactEnvironmentContextTest.php to cover any touched searchable destinations or explicitly prove they remain disabled.
  • T026 [P] [US4] Extend apps/platform/tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php to prove touched artifact families no longer hide from admin registration or emit tenant-panel routes.

Implementation for User Story 4

  • T027 [US4] Keep touched searchable artifact surfaces truthful by preserving valid view or edit destinations or disabling search in the same slice.
  • T028 [US4] Remove remaining touched tenant-panel fallbacks, admin-hide guards, and stale route language from the artifact families and shared helper seams without widening into global cutover work reserved for Spec 287.

Checkpoint: Direct URLs, shared-navigation entries, and touched searchable surfaces remain truthful with no surviving tenant-panel dependency in the 282 slice.

Phase 7: Polish & Cross-Cutting Validation

Purpose: Run the exact bounded proof set, perform the final Filament review, and close the slice without reopening adjacent specs.

  • T029 [P] Run export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php).
  • T030 [P] Run export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail artisan test --compact tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php).
  • T031 [P] Run export PATH="/bin:/usr/bin:/usr/local/bin:$PATH" && REPO_ROOT="$(git rev-parse --show-toplevel)" && (cd "$REPO_ROOT/apps/platform" && ./vendor/bin/sail bin pint --dirty --format agent).
  • T032 [P] Review touched resource files and helper seams to confirm Filament v5 and Livewire v4 compliance, provider registration staying in apps/platform/bootstrap/providers.php, truthful global-search posture, preserved destructive-action confirmation plus authorization, and unchanged asset strategy.
  • T033 [P] Record the implementation close-out in specs/282-governance-artifact-retargeting/checklists/requirements.md or the active PR notes confirming the slice stayed on surface ownership and did not absorb Specs 267, 277, or 283 through 287.

Dependencies & Execution Order

Phase Dependencies

  • Phase 0 (External Gate): no dependencies; complete before implementation starts.
  • Phase 1 (Setup): depends on Phase 0.
  • Phase 2 (Foundational): depends on Phase 1 and blocks all story work.
  • Phase 3 (US1): depends on Phase 2 and establishes the route and registration contract for the core governance registers.
  • Phase 4 (US2): depends on Phase 2 and should follow once the shared environment-context helper contract is stable.
  • Phase 5 (US3): depends on US1 and US2 so the shared destinations are already truthful before drillthrough links converge.
  • Phase 6 (US4): depends on US1 through US3 so guardrails prove the final route contract rather than an intermediate state.
  • Phase 7 (Polish): depends on all desired user stories being complete.

User Story Dependencies

  • US1 (P1): independently testable after Phase 2 and is the first required increment.
  • US2 (P1): independently testable after Phase 2 and should ship with or immediately after US1 because read-only artifacts share the same environment-context seam.
  • US3 (P2): independently testable after US1 and US2 because it relies on their route contract.
  • US4 (P3): independently testable after US1 through US3 and closes truthfulness and no-legacy expectations.

Within Each User Story

  • Write or extend the listed Pest coverage first and make it fail for the intended gap.
  • Apply the smallest shared-seam changes needed to satisfy the story without reopening deferred specs.
  • Re-run the narrowest relevant validation command for that story before moving to the next story.

Parallel Execution Examples

  • Setup: T002 through T006 can run in parallel once T000 and T001 set the bounded scope.
  • Foundational: T007 through T011 can run in parallel before T012 converges the shared context helper contract.
  • US1: T013 and T014 can run in parallel; T015 through T017 should merge serially around the touched register resources.
  • US2: T018 and T019 can run in parallel; T020 and T021 should merge serially around the read-only artifact surfaces.
  • US3: T022 can run in parallel with T023, then T024 follows once the shared drillthrough contract is stable.
  • US4: T025 and T026 can run in parallel; T027 and T028 follow once the final route contract is stable.
  • Polish: T029 through T032 can run in parallel after implementation is complete; T033 closes out last.

Implementation Strategy

Suggested MVP Scope

  • MVP = US1 + US2. Land the core admin-panel artifact surface ownership first so the surviving workspace-first runtime can actually host the existing environment-owned governance artifacts.

Incremental Delivery

  1. Complete Phase 0, Phase 1, and Phase 2.
  2. Deliver US1 so the core governance registers stop depending on the tenant panel.
  3. Deliver US2 so read-only artifacts stop depending on tenant-panel-only context.
  4. Deliver US3 so artifact drillthroughs and operations links become fully truthful.
  5. Deliver US4 to close search and no-legacy truthfulness.
  6. Finish with the exact validation commands and the final Filament review in Phase 7.

Team Strategy

  1. Parallelize the failing test work first.
  2. Serialize merges around shared helpers and the most cross-cutting resource families.
  3. Reject any branch that introduces schema, lifecycle, reporting, provider, RBAC, or copy scope while touching the artifact surfaces.

Deferred Follow-Ups / Non-Goals

  • Spec 267 artifact lifecycle and retention contract work
  • Spec 277 stored-reports productization beyond route ownership
  • Specs 283 through 287