ahmido
f50d57370f
## Summary - cut over the admin runtime to the workspace-first environment and operations routes from spec 280 - retarget governance artifact resources, related navigation, and operation drillthroughs to the surviving admin panel contract from spec 282 - add focused feature and browser coverage plus spec close-out updates for the shipped 280/282 slice ## Validation - `cd apps/platform && ./vendor/bin/sail bin pint --dirty --format agent` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/WorkspaceFoundation tests/Feature/Workspaces tests/Feature/ManagedEnvironment tests/Feature/RequiredPermissions tests/Feature/Operations tests/Feature/MonitoringOperationsTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec280WorkspaceTenancyEnvironmentRoutingSmokeTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactAdminPanelRegistrationTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactEnvironmentContextTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactDeepLinkContractTest.php tests/Feature/Filament/GovernanceArtifacts/GovernanceArtifactLegacyTenantPanelGuardTest.php` - `cd apps/platform && ./vendor/bin/sail artisan test --compact tests/Browser/Spec282GovernanceArtifactRetargetingSmokeTest.php` ## Notes - provider registration remains in `apps/platform/bootstrap/providers.php` - Filament stays on v5 with Livewire v4 semantics - touched searchable governance surfaces remain truthful or disabled in the same slice Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #341
374 lines
15 KiB
YAML
374 lines
15 KiB
YAML
openapi: 3.1.0
|
|
info:
|
|
title: Governance Artifact Retargeting to ManagedEnvironment
|
|
version: 0.1.0
|
|
description: |
|
|
Logical route contract for the bounded 282 cutover slice.
|
|
This models the workspace-first admin ownership of existing governance artifact surfaces,
|
|
including collection routes, detail routes, and the workspace-first operations detail surface.
|
|
Backup items remain nested inside existing backup-set or restore-run surfaces and do not
|
|
become a standalone top-level route family in 282.
|
|
servers:
|
|
- url: /admin
|
|
paths:
|
|
/workspaces/{workspace}/environments/{environment}/inventory:
|
|
get:
|
|
summary: List inventory items for one managed environment
|
|
operationId: listEnvironmentInventory
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped inventory register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/inventory/{record}:
|
|
get:
|
|
summary: View one inventory item in one managed environment
|
|
operationId: showEnvironmentInventoryItem
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped inventory detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/findings:
|
|
get:
|
|
summary: List findings for one managed environment
|
|
operationId: listEnvironmentFindings
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped findings register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/findings/{record}:
|
|
get:
|
|
summary: View one finding in one managed environment
|
|
operationId: showEnvironmentFinding
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped finding detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/finding-exceptions:
|
|
get:
|
|
summary: List finding exceptions for one managed environment
|
|
operationId: listEnvironmentFindingExceptions
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped finding exception register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/finding-exceptions/{record}:
|
|
get:
|
|
summary: View one finding exception in one managed environment
|
|
operationId: showEnvironmentFindingException
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped finding exception detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/policies:
|
|
get:
|
|
summary: List policies for one managed environment
|
|
operationId: listEnvironmentPolicies
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped policies register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/policies/{record}:
|
|
get:
|
|
summary: View one policy in one managed environment
|
|
operationId: showEnvironmentPolicy
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped policy detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/policy-versions:
|
|
get:
|
|
summary: List policy versions for one managed environment
|
|
operationId: listEnvironmentPolicyVersions
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped policy version register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/policy-versions/{record}:
|
|
get:
|
|
summary: View one policy version in one managed environment
|
|
operationId: showEnvironmentPolicyVersion
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped policy version detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/backup-schedules:
|
|
get:
|
|
summary: List backup schedules for one managed environment
|
|
operationId: listEnvironmentBackupSchedules
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped backup schedule register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/backup-schedules/{record}:
|
|
get:
|
|
summary: View one backup schedule in one managed environment
|
|
operationId: showEnvironmentBackupSchedule
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped backup schedule detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/backups:
|
|
get:
|
|
summary: List backup sets for one managed environment
|
|
operationId: listEnvironmentBackupSets
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped backup sets register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/backups/{record}:
|
|
get:
|
|
summary: View one backup set in one managed environment
|
|
operationId: showEnvironmentBackupSet
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped backup set detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/restore-runs:
|
|
get:
|
|
summary: List restore runs for one managed environment
|
|
operationId: listEnvironmentRestoreRuns
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped restore runs register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/restore-runs/{record}:
|
|
get:
|
|
summary: View one restore run in one managed environment
|
|
operationId: showEnvironmentRestoreRun
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped restore run detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/evidence:
|
|
get:
|
|
summary: List evidence snapshots for one managed environment
|
|
operationId: listEnvironmentEvidenceSnapshots
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped evidence register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/evidence/{record}:
|
|
get:
|
|
summary: View one evidence snapshot in one managed environment
|
|
operationId: showEnvironmentEvidenceSnapshot
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped evidence detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/reviews:
|
|
get:
|
|
summary: List tenant reviews for one managed environment
|
|
operationId: listEnvironmentReviews
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped tenant review register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/reviews/{record}:
|
|
get:
|
|
summary: View one tenant review in one managed environment
|
|
operationId: showEnvironmentReview
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped tenant review detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/review-packs:
|
|
get:
|
|
summary: List review packs for one managed environment
|
|
operationId: listEnvironmentReviewPacks
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped review pack register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/review-packs/{record}:
|
|
get:
|
|
summary: View one review pack in one managed environment
|
|
operationId: showEnvironmentReviewPack
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped review pack detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/stored-reports:
|
|
get:
|
|
summary: List stored reports for one managed environment
|
|
operationId: listEnvironmentStoredReports
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped stored report register
|
|
'404':
|
|
description: Workspace or environment scope not accessible
|
|
/workspaces/{workspace}/environments/{environment}/stored-reports/{record}:
|
|
get:
|
|
summary: View one stored report in one managed environment
|
|
operationId: showEnvironmentStoredReport
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Environment'
|
|
- $ref: '#/components/parameters/ArtifactRecord'
|
|
responses:
|
|
'200':
|
|
description: Environment-scoped stored report detail
|
|
'404':
|
|
description: Workspace, environment, or record scope not accessible
|
|
/workspaces/{workspace}/operations:
|
|
get:
|
|
summary: List operations for one workspace with optional environment context
|
|
operationId: listWorkspaceOperationsForArtifacts
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/ManagedEnvironmentFilter'
|
|
responses:
|
|
'200':
|
|
description: Workspace operations register with optional managed-environment filter
|
|
'404':
|
|
description: Workspace or managed-environment scope not accessible
|
|
/workspaces/{workspace}/operations/{operation}:
|
|
get:
|
|
summary: View one operation in one workspace
|
|
operationId: showWorkspaceOperation
|
|
parameters:
|
|
- $ref: '#/components/parameters/Workspace'
|
|
- $ref: '#/components/parameters/Operation'
|
|
responses:
|
|
'200':
|
|
description: Workspace operation detail used by artifact-origin drillthroughs
|
|
'404':
|
|
description: Workspace or operation scope not accessible
|
|
components:
|
|
parameters:
|
|
Workspace:
|
|
name: workspace
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: Workspace slug or route identifier
|
|
Environment:
|
|
name: environment
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: Managed-environment slug or route identifier
|
|
ArtifactRecord:
|
|
name: record
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: Environment-owned artifact record route identifier
|
|
Operation:
|
|
name: operation
|
|
in: path
|
|
required: true
|
|
schema:
|
|
type: string
|
|
description: Workspace operation route identifier
|
|
ManagedEnvironmentFilter:
|
|
name: managed_environment_id
|
|
in: query
|
|
required: false
|
|
schema:
|
|
type: integer
|
|
description: Optional environment filter used by artifact-origin operation drillthroughs |