Phase 1 Journey Hardening
Status
Implemented architecture and validation foundation.
Persona-Based Outcomes
| Persona | Journey to prove | Achieved by this foundation |
|---|---|---|
| Platform owner | Log in, create tenant, bootstrap first tenant admin. | Journey is now tracked as a required Phase 1 validation path with API, UI, audit, and deployed smoke layers. |
| Tenant admin | Create enrollment token, onboard endpoint, manage tenant configuration. | Agent onboarding is covered by API-level validation; enrollment token issue/revoke and SCIM setup now have mutation plus follow-up read/list contracts. |
| Operator | Triage alerts, create tickets, investigate assets. | Ticket and alert triage mutations now have API response-state contracts and UI refresh assertions before broader operator workflows expand. |
| Auditor | Read redacted evidence and request exports inside a time-boxed session. | Auditor export request now has mutation plus follow-up read coverage; redaction and every-read audit remain part of the persona acceptance path. |
| Endpoint agent | Exchange enrollment token and heartbeat into visible asset state. | API journey coverage now proves token exchange, runtime service-account heartbeat, asset list/detail visibility, matching agent identity, and cross-tenant denial; backend response-contract coverage now pins the /api/v1/assets list shape the portal table consumes; frontend coverage proves the Assets portal renders the heartbeat-created asset and matching runtime-lite identity instead of falling back to an empty table. |
What Changed
- Added
docs/quality/phase1-journey-hardening.mdas the canonical architecture note for journey validation. - Added the OP-080 through OP-085 quality stream to the taskboard.
- Updated developer and AI-agent guardrails so future features include persona journey validation or an explicit not-applicable note.
- Added an initial API-level journey test for tenant admin enrollment through agent heartbeat and asset visibility.
- Added a backend list-shape contract for
/api/v1/assetsusing an enrolled endpoint heartbeat and approved-inventory join, plus a portal-side asset journey test that models the heartbeat-created asset and matching agent identity. Together they guard both the read model and the UI consumer from showing agent cards while the tenant-scoped asset table remains empty. - Made
smoke_aws_devexplicitly depend on successfuldeploy_aws_devso AWS smoke evidence can only run after the Helm revision under test is deployed. - Added OP-083 deployed persona smoke as an opt-in post-deploy probe that validates authenticated session/docs, tenant bootstrap, enrollment token issue/revoke, agent exchange/heartbeat, and asset list/detail against AWS dev with redacted artifacts.
- Expanded OP-084 frontend/API response contracts so mutation-success, follow-up read/list, permission-denied, and navigation-return states are pinned for the first critical console workflows: tickets, alert triage, enrollment tokens, SCIM connections, compliance exports, and compliance policy forking.
- Added frontend assertions that successful visible mutations refresh the server-rendered console snapshot, preventing page-local success state from disappearing when a persona navigates away and returns.
- Consolidated OP-085 asset read models so
/api/v1/assets,/api/v1/assets/{asset_id}, and/api/v1/assets/{asset_id}/timelineuse the same canonical assembly for approved inventory, runtime identity, inventory JSON, discovery source, lifecycle, and confidence fields. - Added a heartbeat-created asset contract that compares list and detail fields and proves timeline references carry the same tenant-scoped asset context.
Validation
Run:
make validate-contracts
make typecheck-python
make lint
make test-sqlite
npm --prefix frontend test -- --run
make docs-build
git diff --cached --check
Non-Scope
- No broad runtime rewrite.
- No new AWS resources.
- No deployment from this feature branch.
- No browser SSH runtime implementation.
- No replacement of existing route/component tests.