ahmido
602195324b
specs for additional intune types Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local> Reviewed-on: #28
34 lines
1.4 KiB
Markdown
34 lines
1.4 KiB
Markdown
# Tasks: Custom Compliance Scripts (Windows) (026)
|
|
|
|
**Branch**: `feat/026-custom-compliance-scripts`
|
|
**Date**: 2026-01-04
|
|
**Input**: [spec.md](./spec.md), [plan.md](./plan.md)
|
|
|
|
## Phase 1: Setup
|
|
- [x] T001 Create spec/plan/tasks and checklist.
|
|
|
|
## Phase 2: Research & Design
|
|
- [ ] T002 Confirm Graph resource + `@odata.type` and required permissions.
|
|
- [ ] T003 Confirm patchable fields and define `update_strip_keys` / `update_whitelist`.
|
|
- [ ] T004 Confirm assignments endpoints (`/assignments`, `/assign`) and body shape.
|
|
- [ ] T005 Decide restore mode + risk classification.
|
|
|
|
## Phase 3: Tests (TDD)
|
|
- [ ] T006 Add sync test for `deviceComplianceScript`.
|
|
- [ ] T007 Add snapshot/version capture test (incl. `detectionScriptContent`).
|
|
- [ ] T008 Add restore preview test (restore_mode + action).
|
|
- [ ] T009 Add restore execution test (sanitization + assignment apply).
|
|
- [ ] T010 Add normalized display test for key fields.
|
|
|
|
## Phase 4: Implementation
|
|
- [ ] T011 Add `deviceComplianceScript` to `config/tenantpilot.php`.
|
|
- [ ] T012 Add Graph contract entry in `config/graph_contracts.php`.
|
|
- [ ] T013 Implement snapshot capture handling (script content preservation rules).
|
|
- [ ] T014 Implement restore apply support (contract-driven sanitization + assignments).
|
|
- [ ] T015 Add `DeviceComplianceScriptNormalizer` and register it.
|
|
|
|
## Phase 5: Verification
|
|
- [ ] T016 Run targeted tests.
|
|
- [ ] T017 Run Pint (`./vendor/bin/pint --dirty`).
|
|
|