ahmido/TenantAtlas
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects 1 Releases Wiki Activity
f08924525d
TenantAtlas/specs/117-baseline-drift-engine/quickstart.md
ahmido f08924525d Spec 117: Baseline Drift Engine + evidence fidelity/provenance (#142) 
Implements Spec 117 (Golden Master Baseline Drift Engine):

- Adds provider-chain resolver for current state hashes (content evidence via PolicyVersion, meta evidence via inventory)
- Updates baseline capture + compare jobs to use resolver and persist provenance + fidelity
- Adds evidence_fidelity column/index + Filament UI badge/filter/provenance display for findings
- Adds performance guard test + integration tests for drift, fidelity semantics, provenance, filter behavior
- UX fix: Policies list shows "Sync from Intune" header action only when records exist; empty-state CTA remains and is functional

Tests:
- `vendor/bin/sail artisan test --compact tests/Feature/Filament/PolicySyncCtaPlacementTest.php`
- `vendor/bin/sail artisan test --compact --filter=Baseline`

Checklist:
- specs/117-baseline-drift-engine/checklists/requirements.md ✓

Co-authored-by: Ahmed Darrazi <ahmed.darrazi@live.de>
Reviewed-on: #142
2026-03-03 07:23:01 +00:00

36 lines
1.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Quickstart — Spec 117 Baseline Drift Engine
## Prereqs
- Docker running
- Dependencies installed: `vendor/bin/sail composer install`
- Containers up: `vendor/bin/sail up -d`
## Run the minimum checks
- Format (dirty only): `vendor/bin/sail bin pint --dirty --format agent`
- Tests (focused): `vendor/bin/sail artisan test --compact --filter=Baseline` (adjust filter to match added tests)
## Manual verification flow (admin)
1) Capture a baseline snapshot via the existing Baseline UI.
2) Trigger “Compare baseline to tenant” via the existing compare landing page.
3) Open Monitoring → the `OperationRun` for the compare:
- Verify `context.baseline_compare.coverage` and `context.baseline_compare.evidence_gaps` are populated.
4) Open Findings:
- Verify each finding shows a fidelity badge (`content` or `meta`).
- Verify provenance is shown for both baseline and current evidence: fidelity, source, observed timestamp.
- Verify filtering by fidelity works.
## Developer notes
- v1.5 compare must not fetch anything upstream. Evidence sources are strictly:
- `PolicyVersion` (content) since baseline snapshot `captured_at`
- Inventory meta contract (meta)
- When neither side has evidence for a subject, no finding should be created; the compare run should record an evidence gap.
## Troubleshooting
- If UI changes dont appear, run assets: `vendor/bin/sail npm run dev`.
- If tests fail due to stale schema, run: `vendor/bin/sail artisan migrate`.
Reference in New Issue View Git Blame Copy Permalink