ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
9b5bc7c09a
TenantAtlas/specs/014-enrollment-autopilot/plan.md

49 lines
2.0 KiB
Markdown
Raw Blame History

# Plan: Enrollment & Autopilot (014)
**Branch**: `014-enrollment-autopilot`
**Date**: 2026-01-01
**Input**: [spec.md](./spec.md)
## Goal
Provide end-to-end support for enrollment & Autopilot configuration items with readable normalized settings and safe restore behavior.
## Scope
### In scope
- Policy types:
- `windowsAutopilotDeploymentProfile` (restore enabled)
- `windowsEnrollmentStatusPage` (restore enabled)
- `enrollmentRestriction` (restore preview-only)
- Readable “Normalized settings” for the above types.
- Restore behavior:
- Autopilot/ESP: apply via existing restore mechanisms (create-if-missing allowed)
- Enrollment restrictions: must be skipped on execution by default (preview-only)
- Tests for normalization + UI rendering + preview-only enforcement.
### Out of scope
- New restore wizard flows/pages.
- Enabling execution for enrollment restrictions (requires product decision).
- New external services.
## Approach
1. Verify `config/graph_contracts.php` and `config/tenantpilot.php` entries for the three policy types.
2. Implement a new policy type normalizer to provide stable, enrollment-relevant blocks for:
- Autopilot deployment profiles
- Enrollment Status Page
- Enrollment restrictions
3. Register the normalizer with the `policy-type-normalizers` tag.
4. Add tests:
- Unit tests for normalized output stability/shape.
- Filament feature tests verifying “Normalized settings” renders for each type.
- Feature test verifying `enrollmentRestriction` restore is preview-only and skipped on execution.
5. Run targeted tests and Pint.
## Risks & Mitigations
- Payload shape variance across tenants: normalizer must handle missing keys safely.
- Enrollment restrictions are high impact: execution must remain disabled by default (preview-only).
## Success Criteria
- Normalized settings are stable and readable for all in-scope types.
- Restore execution skips preview-only types and reports clear result reasons.
- Tests cover normalization and preview-only enforcement.
Reference in New Issue View Git Blame Copy Permalink