ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
a74ab12f04
TenantAtlas/specs/153-evidence-domain-foundation/quickstart.md
ahmido a74ab12f04 feat: implement evidence domain foundation (#183) 
## Summary
- add the Evidence Snapshot domain with immutable tenant-scoped snapshots, per-dimension items, queued generation, audit actions, badge mappings, and Filament list/detail surfaces
- add the workspace evidence overview, capability and policy wiring, Livewire update-path hardening, and review-pack integration through explicit evidence snapshot resolution
- add spec 153 artifacts, migrations, factories, and focused Pest coverage for evidence, review-pack reuse, authorization, action-surface regressions, and audit behavior

## Testing
- `vendor/bin/sail artisan test --compact --stop-on-failure`
- `CI=1 vendor/bin/sail artisan test --compact`
- `vendor/bin/sail bin pint --dirty --format agent`

## Notes
- branch: `153-evidence-domain-foundation`
- commit: `b7dfa279`
- spec: `specs/153-evidence-domain-foundation/`

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #183
2026-03-19 13:32:52 +00:00

65 lines
3.0 KiB
Markdown
Raw Blame History

# Quickstart: Evidence Domain Foundation
## Goal
Validate that the application can capture, inspect, reuse, and expire immutable evidence snapshots built from existing internal governance artifacts.
## Prerequisites
1. Start Sail and ensure the application database is up.
2. Apply migrations for the evidence snapshot tables.
3. Ensure at least one tenant has existing data in these domains:
- findings
- stored permission posture report
- stored Entra admin roles report
- baseline/drift posture summary or equivalent run context
- recent operation runs
## Happy-path validation
1. Open `/admin/t/{tenant}/evidence` for an authorized tenant member.
2. Trigger `Create snapshot`.
3. Confirm the UI shows queued intent feedback and a linked run.
4. Follow the linked run in Monitoring and wait for the background run to complete.
5. Open `/admin/t/{tenant}/evidence/{snapshot}` and verify:
- snapshot status is `active`
- snapshot completeness state matches the available inputs
- each first-slice evidence dimension appears exactly once
- stale or missing dimensions are explicitly marked
- the detail page links to the canonical run detail instead of rendering a separate progress surface
6. Modify one live source artifact, such as a finding or stored report.
7. Re-open the original snapshot and confirm its captured data did not change.
8. Trigger `Refresh evidence` and confirm a new snapshot is created or the existing one is reused if the fingerprint is unchanged.
## Authorization checks
1. As a non-member, request the tenant evidence routes and confirm deny-as-not-found behavior.
2. As an in-scope member without `evidence.manage`, confirm listing/detail works with `evidence.view` but `Create snapshot` and `Expire snapshot` are forbidden.
## Downstream consumer validation
1. Resolve tenant evidence through the new snapshot resolver from a downstream flow.
2. Confirm the downstream flow receives either:
- an explicit eligible snapshot id, or
- an explicit missing/ineligible result
3. Confirm no silent fallback to live ad hoc assembly occurs in covered consumers.
## Focused test commands
```bash
vendor/bin/sail artisan test --compact tests/Feature/Evidence tests/Unit/Evidence tests/Feature/ReviewPack tests/Feature/ManagedTenants/AuthorizationSemanticsTest.php tests/Feature/Guards/ActionSurfaceContractTest.php
vendor/bin/sail bin pint --dirty --format agent
```
## Suggested first test files
- `tests/Feature/Evidence/EvidenceSnapshotResourceTest.php`
- `tests/Feature/Evidence/EvidenceOverviewPageTest.php`
- `tests/Feature/Evidence/GenerateEvidenceSnapshotJobTest.php`
- `tests/Feature/Evidence/EvidenceSnapshotAuditLogTest.php`
- `tests/Feature/ManagedTenants/AuthorizationSemanticsTest.php`
- `tests/Feature/Guards/ActionSurfaceContractTest.php`
- `tests/Unit/Evidence/EvidenceSnapshotFingerprintTest.php`
- `tests/Unit/Evidence/EvidenceCompletenessEvaluatorTest.php`
- `tests/Unit/Evidence/EvidenceSnapshotResolverTest.php`
- `tests/Feature/ReviewPack/ReviewPackGenerationTest.php`
Reference in New Issue View Git Blame Copy Permalink