Align live titles and trust setup overview

2026-03-09 11:20:19 +02:00
parent 29fec722df
commit 49d1c57597
16 changed files with 604 additions and 156 deletions
--- a/docs/implplan/SPRINT_20260309_002_FE_live_frontdoor_canonical_route_sweep.md
+++ b/docs/implplan/SPRINT_20260309_002_FE_live_frontdoor_canonical_route_sweep.md
@@ -54,6 +54,7 @@ Completion criteria:
 | 2026-03-09 | Fixed a harness defect in the shared auth/session model: the original live sweep restored `sessionStorage` only in the login tab, so every freshly opened route page was unauthenticated and falsely redirected to `/welcome`. Moved session seeding into `createAuthenticatedContext(...)` and reused the helper from the other live scripts. | Developer |
 | 2026-03-09 | Ran the authenticated 106-route sweep against the rebuilt stack. After removing redirect/copy false positives, the real live backlog is 19 failing routes: reachability; feeds-airgap; jobengine; quotas; dead-letter; aoc; signals; packs; ai-runs; notifications; status; sbom-sources; policy simulation; policy trust-weights; policy staleness; policy audit; setup/platform trust-signing; and setup notifications. | Developer |
 | 2026-03-09 | Expanded the canonical live sweep inventory to include the revived release-investigation, evidence-thread, and registry-admin routes so future frontdoor passes cover those pages as first-class surfaces instead of leaving them to ad hoc follow-up scripts. | Developer |
+| 2026-03-09 | After the full image rebuild and the next web-only repair pass, reran the authenticated 111-route sweep. The live backlog moved to 24 failing routes, with the earlier title regressions and feeds-airgap issue cleared while new backend/runtime failures remained concentrated in analytics, JobEngine, integrations, policy governance, notifications, and trust authorization. | Developer |

 ## Decisions & Risks
 - Decision: keep this sprint focused on broad route-level live verification and action inventory, not on fixing specific route defects before the rebuilt stack is actually exercised.
--- a/docs/implplan/SPRINT_20260309_009_FE_live_contract_alignment_titles_trust_feeds.md
+++ b/docs/implplan/SPRINT_20260309_009_FE_live_contract_alignment_titles_trust_feeds.md
@@ -0,0 +1,79 @@
+# Sprint 20260309-009 - FE Live Contract Alignment for Titles, Trust, and Feeds
+
+## Topic & Scope
+- Repair the live frontdoor defects that are caused by frontend contract drift rather than backend outages: route titles being overwritten after branding loads, the feeds-airgap page advertising a blocking incident by default, and trust-signing pages still calling retired `/api/v1/trust/*` endpoints.
+- Keep this iteration focused on canonical route correctness for `/security/*`, `/ops/operations/feeds-airgap`, `/ops/platform-setup/trust-signing`, and `/setup/trust-signing` on the rebuilt `https://stella-ops.local` stack.
+- Working directory: `src/Web/StellaOps.Web`.
+- Allowed coordination edits: `docs/implplan/SPRINT_20260309_002_FE_live_frontdoor_canonical_route_sweep.md`, `docs/modules/platform/architecture-overview.md`, `docs/technical/architecture/console-branding.md`, `docs/api/console/samples/console-status-sample.json`.
+- Expected evidence: focused frontend unit tests, rebuilt web bundle synced into compose, and authenticated live Playwright rechecks for the repaired routes.
+
+## Dependencies & Concurrency
+- Depends on `SPRINT_20260309_002_FE_live_frontdoor_canonical_route_sweep.md` for the current authenticated failure inventory and on the completed full-stack rebuild baseline.
+- Safe parallelism: stay inside `src/Web/StellaOps.Web/**`; do not edit backend services or router configuration in this sprint.
+
+## Documentation Prerequisites
+- `AGENTS.md`
+- `src/Web/StellaOps.Web/AGENTS.md`
+- `docs/code-of-conduct/CODE_OF_CONDUCT.md`
+- `docs/qa/feature-checks/FLOW.md`
+- `docs/technical/architecture/console-branding.md`
+
+## Delivery Tracker
+
+### FE-CONTRACT-009-001 - Stop branding from clobbering route titles
+Status: DONE
+Dependency: none
+Owners: Developer, Test Automation
+Task description:
+- Remove the direct `document.title` overwrite from branding application and re-apply Angular route titles after branding changes so canonical route titles remain stable on live navigations.
+- Add focused tests proving branding refreshes preserve route-derived titles instead of collapsing to the bare brand string.
+
+Completion criteria:
+- [ ] Branding updates no longer overwrite route titles after navigation.
+- [ ] Focused frontend tests cover the route-title preservation path.
+- [ ] Live `/security/advisories-vex`, `/security/sbom-lake`, and `/security/reachability` pass the title expectation checks in the authenticated sweep.
+
+### FE-CONTRACT-009-002 - Align trust-signing UI with live administration endpoints
+Status: DOING
+Dependency: FE-CONTRACT-009-001
+Owners: Developer, Test Automation
+Task description:
+- Replace the retired `/api/v1/trust/*` assumptions used by the trust-signing shell and default key dashboard with adapter logic over the live `/api/v1/administration/trust-signing*` endpoints.
+- Preserve operator-visible capabilities on the base shell and key inventory route without relying on dead frontdoor paths.
+
+Completion criteria:
+- [ ] `TrustHttpService` no longer requests `/api/v1/trust/*` during canonical trust-signing page loads.
+- [ ] Focused frontend tests prove the trust adapter maps live administration responses into the shell and key-dashboard view models.
+- [ ] Live `/ops/platform-setup/trust-signing` and `/setup/trust-signing` render without 404 response errors.
+
+### FE-CONTRACT-009-003 - Replace the static feeds-airgap blocking incident baseline
+Status: DONE
+Dependency: FE-CONTRACT-009-002
+Owners: Developer, QA
+Task description:
+- Remove the hardcoded blocking incident state from the static feeds-airgap page baseline so the canonical route reflects a healthy control-plane default unless live health data says otherwise.
+- Keep the airgap actions and cross-links intact while making the summary/status copy consistent with a clean demo bootstrap.
+
+Completion criteria:
+- [ ] The page no longer renders a blocking incident banner by default.
+- [ ] Operator actions and tab flows still work after the content refresh.
+- [ ] Live `/ops/operations/feeds-airgap` passes the canonical route sweep.
+
+## Execution Log
+| Date (UTC) | Update | Owner |
+| --- | --- | --- |
+| 2026-03-09 | Sprint created after the full rebuild and authenticated 111-route sweep isolated three frontend-owned defect families: branding/title races, a hardcoded feeds-airgap blocking incident, and stale trust-signing API wiring against retired `/api/v1/trust/*` routes. | Developer |
+| 2026-03-09 | Removed the branding title overwrite, added route-title reapplication in the root shell, rebuilt/synced the web bundle, and confirmed the live sweep now passes `/security/advisories-vex`, `/security/reachability`, and `/ops/operations/feeds-airgap`. | Developer |
+| 2026-03-09 | Rebased trust-signing base routes onto an overview-first shell backed by the live administration projection and removed the old `/api/v1/trust/dashboard` 404 path. Live trust routes still fail, but now on a real `403` from `/api/v1/administration/trust-signing`, which narrows the remaining defect to authorization/policy alignment. | Developer |
+
+## Decisions & Risks
+- Decision: treat these defects as frontend contract-alignment work first because the live stack rebuild already proved the failures reproduce after a clean redeploy.
+- Risk: the trust-signing shell expects richer models than the live administration endpoints currently expose, so the adapter layer must preserve deterministic behavior without inventing backend-only actions that do not exist.
+- Decision: keep the feeds-airgap page static for this sprint but move it to a healthy baseline rather than fabricating a live incident in the default control-plane state.
+- Decision: switch the base trust-signing route to an overview-first shell because the rebuilt platform exposes an administration projection, while the prior default key dashboard depended on richer retired endpoints that no longer exist.
+- Risk: trust-signing remains blocked by a live `403` even after frontend contract alignment; the next iteration needs to inspect demo scopes and platform authorization, not just web routing.
+
+## Next Checkpoints
+- 2026-03-09: land the branding/title preservation fix with focused tests.
+- 2026-03-09: land the trust-signing contract adapter and recheck the live setup routes.
+- 2026-03-09: refresh the feeds-airgap baseline content and rerun the authenticated Playwright slice.
--- a/docs/technical/architecture/console-branding.md
+++ b/docs/technical/architecture/console-branding.md
@@ -56,7 +56,8 @@ If Authority is unreachable, the UI uses the static defaults.
 ## 6. UI Application
 - Branding service fetches `/console/branding` after login.
 - Applies CSS variables on `document.documentElement`.
- Updates header/logo assets and document title.
+- Updates header/logo assets and provides the brand suffix used by the router title strategy.
+- Route titles remain owned by Angular route metadata so a late branding refresh cannot collapse the browser title to the bare tenant brand.
 - Supports theme-specific overrides using `data-theme` selectors.

 ## 7. Audit and Offline
@@ -68,4 +69,3 @@ If Authority is unreachable, the UI uses the static defaults.
 - `docs/UI_GUIDE.md`
 - `docs/modules/ui/architecture.md`
 - `docs/modules/authority/architecture.md`
-