28 lines
1.7 KiB
Markdown
28 lines
1.7 KiB
Markdown
# Requirements Checklist — Foundations in Inventory (047)
|
|
|
|
## Constitution Gates
|
|
|
|
- [x] Tenant isolation: all foundation sync reads/writes are scoped to Tenant::current()/tenant_id (no leakage).
|
|
- [x] No snapshot/backup side effects: Inventory sync must not write to policy_versions/backup_* tables.
|
|
- [x] Config-driven types: foundation types are sourced from config('tenantpilot.foundation_types') only (no hardcoded lists).
|
|
- [x] No UI Graph calls: Inventory/Dependencies UI must render using DB-only resolution (no runtime Graph/Entra lookups).
|
|
- [x] Idempotency: re-running sync does not create duplicates; last_seen_at/last_seen_run_id update deterministically.
|
|
- [x] Data minimization: foundation meta_jsonb is sanitized (stored == InventoryMetaSanitizer::sanitize(stored)).
|
|
- [x] Observability: InventorySyncRun observed/upserted counts include foundations when enabled, exclude when disabled.
|
|
- [x] Tests exist and were executed (targeted at minimum).
|
|
|
|
## Feature 047 Functional Coverage
|
|
|
|
- [x] FR-001 Foundation types MVP are synced when include_foundations=true (roleScopeTag, assignmentFilter, notificationMessageTemplate).
|
|
- [x] FR-002 include_foundations=false produces no foundation node sync side effects.
|
|
- [x] FR-003 Foundation nodes stored as InventoryItems with stable identity (tenant_id + policy_type + external_id).
|
|
- [x] FR-004 Inventory Coverage UI shows Policies + Foundations.
|
|
- [x] FR-005 Inventory Items UI can filter/browse foundations.
|
|
|
|
## Test Gates
|
|
|
|
- [x] T020/T021: include_foundations on/off behavior is covered by feature tests.
|
|
- [x] T023: foundation meta_jsonb sanitized invariant (no payload dump).
|
|
- [x] T024: run counts include/exclude foundations (deterministic setup).
|
|
- [x] Pint run (T020) and targeted tests run (T021).
|