ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
ee9faf5b01
TenantAtlas/specs/101-golden-master-baseline-governance-v1/quickstart.md
Ahmed Darrazi 74ab2d1404 feat: Phase 2 foundational - capabilities, migrations, models, factories, badges, support classes 
T003-T018b: Add workspace_baselines.view/manage capabilities, role mappings,
baseline_capture/baseline_compare operation labels, severity summary keys,
5 migrations, 4 models, 4 factories, BaselineScope, BaselineReasonCodes,
BaselineProfileStatus badge domain + mapper.
2026-02-19 14:15:46 +01:00

61 lines
2.3 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Phase 1 — Quickstart (Developer)
This quickstart is for exercising Baseline Governance v1 locally.
## Prereqs
- Docker running
- Laravel Sail available
## Setup
1. Start containers: `vendor/bin/sail up -d`
2. Install deps (if needed): `vendor/bin/sail composer install`
3. Migrate: `vendor/bin/sail artisan migrate`
4. Build frontend assets (if UI changes arent visible): `vendor/bin/sail npm run dev`
## Happy path walkthrough
### 1) Create a baseline profile
- Navigate to Admin → Governance → Baselines
- Create a profile with:
- name
- status = draft
- scope filter (policy types/domains)
### 2) Capture from a source tenant
- From the Baseline Profile view page, trigger “Capture from tenant”
- Select a source tenant
- Confirm the action
- You should see a queued notification with “View run” that links to Monitoring → Operations
Expected:
- An `OperationRun` of type `baseline_capture` is created (or reused if one is already queued/running)
- On success, an immutable `baseline_snapshot` is created and the profiles `active_snapshot_id` is updated (when profile is active)
### 3) Assign baseline to a tenant
- Navigate to the tenant context (Admin → choose tenant)
- Assign the baseline profile to the tenant (v1: exactly one baseline per tenant)
- Optionally define an override filter that narrows scope
### 4) Compare now (Soll vs Ist)
- Navigate to the “Soll vs Ist” landing page for the tenant
- Click “Compare now”
Expected:
- An `OperationRun` of type `baseline_compare` is created/reused
- Findings are created/updated with stable fingerprints
- The compare run summary is persisted (totals + severity breakdown)
## Precondition failure checks
These should return **HTTP 422** with `reason_code`, and must **not** create an `OperationRun`:
- compare with no assignment: `baseline.compare.no_assignment`
- compare when profile not active: `baseline.compare.profile_not_active`
- compare when no active snapshot: `baseline.compare.no_active_snapshot`
- capture with missing source tenant: `baseline.capture.missing_source_tenant`
## Test focus (when implementation lands)
- BaselineProfile CRUD + RBAC (404 vs 403)
- Capture idempotency (dedupe snapshot identity)
- Compare idempotency (dedupe finding fingerprint)
- Action surfaces comply with the Filament Action Surface Contract
Reference in New Issue View Git Blame Copy Permalink