ahmido
73a3a62451
## Summary - unify empty-state UX across the six in-scope Filament list pages - move empty-state ownership toward resource `table()` definitions while preserving existing RBAC behavior - add focused Pest coverage for empty-state rendering, CTA outcomes, populated-state regression behavior, and action-surface compliance - add the Spec 122 planning artifacts and product discovery documents used for this pass ## Changed surfaces - `PolicyResource` - `BackupSetResource` - `RestoreRunResource` - `BackupScheduleResource` - `WorkspaceResource` - `AlertDeliveryResource` ## Tests - `vendor/bin/sail artisan test --compact tests/Feature/Filament/EmptyStateConsistencyTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/Filament/Alerts/AlertDeliveryViewerTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/Filament/CreateCtaPlacementTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/PolicySyncStartSurfaceTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/BackupScheduling/BackupScheduleLifecycleAuthorizationTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/Filament/BackupSetUiEnforcementTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/Filament/RestoreRunUiEnforcementTest.php` - `vendor/bin/sail artisan test --compact tests/Feature/Guards/ActionSurfaceContractTest.php` - `vendor/bin/sail bin pint --dirty --format agent` ## Notes - Filament v5 / Livewire v4.0+ compliance is preserved. - Panel provider registration remains unchanged in `bootstrap/providers.php`. - No new globally searchable resources were added. - Destructive actions were not introduced by this pass. - Alert Deliveries is documented as the explicit no-header-action exemption for the empty-state CTA relocation rule. - Manual light/dark visual QA evidence is still expected in the PR/review artifact set for the remaining checklist items (`T018`, `T025`). Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de> Reviewed-on: #148
4.6 KiB
Product Roadmap
Strategic thematic blocks and release trajectory. This is the "big picture" — not individual specs.
Last updated: 2026-03-08
Release History
| Release | Theme | Status |
|---|---|---|
| R1 "Golden Master Governance" | Baseline drift as production feature, operations polish | Done |
| R1 cont. | Ops canonicalization, action surface contract, ops-ux enforcement | Done |
| R2 "Tenant Reviews & Evidence" | Evidence packs, stored reports, permission posture, alerts | Partial |
| R2 cont. | Alert escalation + notification routing | Done |
Active / Near-term
UI & Product Maturity Polish
Empty state consistency, list-expand parity, workspace chooser refinement, navigation semantics. Goal: Every surface feels intentional and guided for first-run evaluation.
Active specs: 122, 121, 112
Secret & Security Hardening
Secret redaction integrity, provider access hardening, required permissions sidebar. Goal: Enterprise trust — no credential leaks, no permission gaps.
Active specs: 120, 108, 106
Baseline Drift Engine (Cutover)
Full content capture, cutover to unified engine, resume capability. Goal: Ship drift detection as the complete production governance feature.
Active specs: 119 (cutover)
Planned (Next Quarter)
R2 Completion — Evidence & Exception Workflows
- Review pack export (Spec 109 — done)
- Exception/risk-acceptance workflow for Findings → Not yet specced
- Formal "evidence pack" entity → Not yet specced
- Workspace-level PII override for review packs → deferred from 109
Policy Lifecycle / Ghost Policies
Soft delete detection, automatic restore, "Deleted" badge, restore from backup. Draft exists (Spec 900). Needs spec refresh and prioritization. Risk: Ghost policies create confusion for backup item references.
Platform Operations Maturity
- CSV export for filtered run metadata (deferred from Spec 114)
- Raw error/context drilldowns for system console (deferred from Spec 114)
- Multi-workspace operator selection in
/system(deferred from Spec 113)
Mid-term (2–3 Quarters)
MSP Portfolio & Operations (Multi-Tenant)
Multi-tenant health dashboard, SLA/compliance reports (PDF), cross-tenant troubleshooting center. Source: 0800-future-features brainstorming, identified as highest priority pillar. Prerequisite: Cross-tenant compare (Spec 043 — draft only).
Drift & Change Governance ("Revenue Lever #1")
Change approval workflows (DEV→PROD with audit pack), guardrails/policy freeze windows, tamper detection. Source: 0800-future-features brainstorming. Prerequisite: Drift engine fully shipped, findings workflow mature.
Standardization & Policy Quality ("Intune Linting")
Policy linter (naming, scope tag requirements, no All-Users on high-risk), company standards as templates, policy hygiene (duplicate finder, unassigned, orphaned, stale). Source: 0800-future-features brainstorming.
Long-term
Tenant-to-Tenant / Staging→Prod Promotion
Compare/diff between tenants, mapping UI (groups, scope tags, filters, named locations, app refs), promotion plan (preview → dry-run → cutover → verify). Source: 0800-future-features, Spec 043 draft.
Recovery Confidence ("Killer Feature")
Automated restore tests in test tenants, recovery readiness report, preflight score. Source: 0800-future-features brainstorming.
Security Suite Layer
Security posture score, blast radius display, opt-in high-risk enablement. Source: 0800-future-features brainstorming.
Script & Secrets Governance
Script diff + approval + rollback, secret scanning, allowlist/signing workflow. Source: 0800-future-features brainstorming.
Infrastructure & Platform Debt
| Item | Risk | Status |
|---|---|---|
No .env.example in repo |
Onboarding friction | Open |
| No CI pipeline config | No automated quality gate | Open |
| No PHPStan/Larastan | No static analysis | Open |
| SQLite for tests vs PostgreSQL in prod | Schema drift risk | Open |
| No formal release process | Manual deploys | Open |
| Dokploy config external to repo | Env drift | Open |
Priority Ranking (from Product Brainstorming)
- MSP Portfolio + Alerting
- Drift + Approval Workflows
- Standardization / Linting
- Promotion DEV→PROD
- Recovery Confidence
How to use this file
- Big themes live here.
- Concrete spec candidates → see spec-candidates.md
- Small discoveries from implementation → see discoveries.md
- Product principles → see principles.md