ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
dedca3c612
TenantAtlas/specs/040-inventory-core/tasks.md
ahmido dedca3c612 spec: add inventory specs 039-044 (#42) 
What’s included
	•	specs/039-inventory-program/ — program/epic overview (vision + phased plan)
	•	specs/041-inventory-ui/ — UI skeleton (Inventory list, Coverage, Sync Runs)
	•	specs/042-inventory-dependencies-graph/ — dependency graph skeleton (assignments/filters/scope tags → later)
	•	specs/043-cross-tenant-compare-and-promotion/ — compare/promotion skeleton (read-only first; writes gated later)
	•	specs/044-drift-mvp/ — drift detection skeleton (read-only by default)

Why

We need a clear, spec-first structure for:
	•	separating Inventory (“last observed”) from Snapshots/Backups (immutable)
	•	scaling to MSP / multi-tenant workflows (portfolio, compare, monitoring)
	•	making future modules (security suite, drift, promotion) consistent with the Constitution (fail-safe, auditability, contract-driven Graph)

Scope / Non-goals (this PR)
	•	No implementation tasks executed
	•	No DB migrations, services, jobs, or UI changes
	•	No changes to Graph contracts or supported policy types

Review focus
	•	Naming/numbering and folder structure (spec.md, plan.md, tasks.md for each spec)
	•	Scope boundaries and non-goals across 041–044
	•	Alignment with Constitution principles (tenant isolation, read-only default for analysis, explicit gating for high-risk writes)

Follow-up (next PRs)
	•	Spec 040: Inventory Core (data model + selection hash + missing semantics + NFRs + tests)
	•	Implementation PRs will be split per spec (040 → 041 → 042/043/044)

⸻

Co-authored-by: Ahmed Darrazi <ahmeddarrazi@adsmac.local>
Reviewed-on: #42
2026-01-07 14:01:07 +00:00

1.7 KiB
Raw Blame History

Tasks: Inventory Core (040)

Input: specs/040-inventory-core/spec.md, specs/040-inventory-core/plan.md

P1 — MVP (US1/US2)

  • T001 [US1] Define Inventory Item data model (tenant-scoped identity + last_seen fields)
  • T002 [US1] Define Sync Run data model (tenant_id, selection_hash, status, timestamps, counts, stable error codes)
  • T003 [US1] Implement deterministic selection hashing (canonical json + sha256)
  • T004 [US1] Implement inventory upsert semantics (no duplicates)
  • T005 [US1] Enforce tenant isolation in all inventory/run queries
  • T006 [US2] Implement derived “missing” computation relative to latest completed run (tenant_id + selection_hash)
  • T007 [US2] Ensure low-confidence missing when latestRun is partial/failed or had_errors
  • T008 [US2] Implement meta_jsonb whitelist enforcement (drop unknown keys, never fail sync)

P2 — Observability & Safety (US3 + NFR)

  • T009 [US3] Ensure run records include stable error codes and counts
  • T010 [NFR] Add idempotency + locks to prevent overlapping runs per tenant+selection
  • T011 [NFR] Add global + per-tenant concurrency limiting strategy
  • T012 [NFR] Implement throttling handling strategy (backoff + jitter for transient Graph failures)

Tests (Required for runtime behavior)

  • T020 [US1] Tests: upsert does not create duplicates; last_seen updated
  • T021 [US2] Tests: missing derived per latestRun(selection_hash); selection isolation
  • T022 [US2] Tests: partial/failed run => low confidence missing
  • T023 [US2] Tests: meta whitelist drops unknown keys without failing
  • T024 [NFR] Tests: selection_hash determinism (array ordering)

Notes

  • “deleted” is reserved and MUST NOT be produced in this feature.