stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

Refine live Playwright changed-surface checks

Browse Source
This commit is contained in:
master
2026-03-08 22:55:12 +02:00
parent 4f445ad951
commit 5d5f4de2e1
3 changed files with 619 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

73
docs/implplan/SPRINT_20260308_024_FE_live_frontdoor_playwright_auth_and_changed_surface_recheck.md Normal file
View File

@@ -0,0 +1,73 @@
# Sprint 20260308_024 - FE Live Frontdoor Playwright Auth And Changed Surface Recheck
## Topic & Scope
- Establish a reusable Playwright path that authenticates against the real `https://stella-ops.local` front door instead of seeded in-browser stub auth.
- Recheck heavily changed web and search surfaces with that live session so defects are promoted from suspected harness noise to confirmed product failures.
- Keep the work scoped to web QA/developer iteration assets and evidence, without repo-wide automation churn.
- Working directory: `src/Web/StellaOps.Web`.
- Expected evidence: focused Playwright live-auth harness, targeted route/action verification output, sprint log updates.
## Dependencies & Concurrency
- Depends on the compose stack already being reachable at `https://stella-ops.local`.
- Safe to run in parallel with unrelated backend/search feature work as long as web route/auth contracts are not being rewritten at the same time.
- Avoid touching unrelated in-flight files from the component-revival and search-consolidation agents.
## Documentation Prerequisites
- `AGENTS.md`
- `docs/qa/feature-checks/FLOW.md`
- `docs/code-of-conduct/TESTING_PRACTICES.md`
- `devops/compose/README.md`
## Delivery Tracker
### FE-LIVE-AUTH - Add reusable real-auth Playwright entrypoint
Status: DONE
Dependency: none
Owners: QA, Developer
Task description:
- Replace ad hoc scratch probing with a reusable Playwright flow that signs into the real front door using the documented compose bootstrap account, waits for the SPA to settle, and can be reused by targeted page/action checks.
Completion criteria:
- [x] A focused live-auth helper or fixture exists under `src/Web/StellaOps.Web` and authenticates through `https://stella-ops.local/connect/authorize`.
- [x] The helper captures enough evidence to distinguish auth failures from product defects.
### FE-LIVE-CHANGED-SURFACES - Recheck changed mission-control and search surfaces with real auth
Status: DONE
Dependency: FE-LIVE-AUTH
Owners: QA
Task description:
- Use the real-auth browser path to recheck mission-control and search-adjacent surfaces that were rebuilt this turn, including degraded banners, route fallbacks, dead actions, and request failures that survive a genuine session.
Completion criteria:
- [x] Focused Playwright evidence exists for mission-control board plus changed search-related surfaces.
- [x] Remaining failures are written down as confirmed defects with enough detail for implementation.
### FE-LIVE-LOG - Record findings and next fix slice
Status: DONE
Dependency: FE-LIVE-CHANGED-SURFACES
Owners: Project Manager, QA
Task description:
- Record what was verified, what failed, and which slice should be fixed next so subsequent iterations do not regress into shallow “all clear” sweeps.
Completion criteria:
- [x] Sprint execution log captures the live-auth setup and the changed-surface recheck outcome.
- [x] Decisions & Risks lists any residual blockers or assumptions.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2026-03-08 | Sprint created to replace stub-auth probing with reusable real-auth Playwright verification against `stella-ops.local` after web and AdvisoryAI/search rebuilds. | Codex |
| 2026-03-08 | Added reusable live-auth and changed-surface Playwright helpers under `src/Web/StellaOps.Web/scripts`, using the real Authority login flow and persisted session storage evidence so browser verification no longer depends on stub auth. | Codex |
| 2026-03-08 | Refined the changed-surface sweep to exercise real page actions: mission-board navigation, registry-admin audit-tab routing, Evidence Threads PURL search/empty-result flow, and missing-detail/back-navigation handling. | Codex |
| 2026-03-08 | Refreshed live evidence after the auth and contract fixes: mission-control, advisories/VEX, policy overview, Evidence Threads, timeline, deploy diff guard state, change trace, and registry-admin routes now complete without confirmed frontdoor defects in the scoped sweep. | Codex |
## Decisions & Risks
- Current scratch probes proved the compose bootstrap Authority account exists and can reach the real `/connect/authorize` login page, but they are too ad hoc for sustained iteration.
- `net::ERR_ABORTED` during the authorize redirect is expected browser navigation churn and is captured separately from product failures in the live-auth report.
- The changed-surface harness needed product-aware checks to avoid false negatives: registry-admin is identified by its workspace heading rather than the surrounding Integrations shell heading; Evidence Threads is PURL-driven and must be exercised through search plus missing-detail guard flows instead of phantom row clicks; deploy diff without digests is a guarded state, not a broken route.
- The compose demo stack currently exposes no seeded EvidenceLocker thread rows, so the live browser pass covers empty-result and missing-detail flows while positive-path detail normalization remains covered by focused frontend tests.
- If the real auth/session flow changes under parallel agent work, the live-auth helper must be updated instead of falling back to stub auth.
## Next Checkpoints
- Carry the same real-auth Playwright path into the next page/action iteration instead of regressing into status-code sweeps.
- Promote any newly confirmed failures into the next narrow implementation sprint.

89
docs/implplan/SPRINT_20260308_025_FE_live_contract_alignment_for_timeline_evidence_and_registry.md Normal file
View File

@@ -0,0 +1,89 @@
# Sprint 20260308_025 - FE Live Contract Alignment For Timeline Evidence And Registry
## Topic & Scope
- Repair the confirmed live defects from the real authenticated Playwright pass on `https://stella-ops.local`.
- Realign revived web surfaces to the contracts that actually ship today instead of preserving stale UI assumptions.
- Keep the implementation centered in `src/Web/StellaOps.Web` while allowing the minimal Authority, Router, and compose edits needed to make the live stack authorize and route correctly.
- Working directory: `src/Web/StellaOps.Web`.
- Allowed coordination edits: `src/Authority/**`, `src/Router/**`, `devops/compose/**`, `docs/features/checked/web/**`, `docs/contracts/**`, and the live-auth sprint log in `docs/implplan/SPRINT_20260308_024_FE_live_frontdoor_playwright_auth_and_changed_surface_recheck.md`.
- Expected evidence: focused Angular/unit coverage, targeted rebuilds, live Playwright rechecks, and sprint execution-log updates.
## Dependencies & Concurrency
- Depends on Sprint `20260308_024` live-auth findings and evidence artifacts.
- Safe to run in parallel with search improvements as long as the shared frontdoor auth helper remains intact.
- Avoid unrelated revived-component files outside the touched route families.
## Documentation Prerequisites
- `AGENTS.md`
- `docs/qa/feature-checks/FLOW.md`
- `docs/contracts/artifact-canonical-record-v1.md`
- `docs/implplan/SPRINT_20260308_021_FE_unreachable_evidence_thread_and_persona_workspaces_routes.md`
- `src/Registry/AGENTS.md`
## Delivery Tracker
### FE-LCA-001 - Fix investigation timeline runtime contract
Status: DONE
Dependency: none
Owners: Developer (FE), QA
Task description:
- Repair the `Timeline` page runtime error caused by an incomplete standalone component import set and add focused regression coverage so the same break cannot silently return in future route revivals.
Completion criteria:
- [x] `/releases/investigation/timeline` renders without Angular Material runtime errors.
- [x] Focused test coverage exists for the filter component import/runtime path.
### FE-LCA-002 - Realign Evidence Threads UI to the canonical EvidenceLocker API
Status: DONE
Dependency: FE-LCA-001
Owners: Product Manager, Developer (FE), Documentation author
Task description:
- Replace the stale revived evidence-thread browser assumptions with the real shipped EvidenceLocker contract: PURL-based list lookup and canonical-id detail records.
- Remove or replace unsupported UI actions so the route exposes only functionality backed by the live product.
Completion criteria:
- [x] `/evidence/threads` works against `/api/v1/evidence/thread` without console errors.
- [x] Evidence-thread detail routes handle missing and found canonical records without runtime failures.
- [x] Feature/docs notes are updated to describe the actual supported evidence-thread behavior.
### FE-LCA-003 - Make Registry Admin routable and authorized from the live frontdoor
Status: DONE
Dependency: FE-LCA-001
Owners: Developer (FE), Developer (Authority), Developer (Router)
Task description:
- Add the missing frontdoor route specificity for registry admin and align the authority/UI scope contract so admin users can actually reach the plan endpoints from the browser session used by the console.
Completion criteria:
- [x] `/api/admin/plans*` is routed to `registry-token` ahead of the generic platform `/api/admin` mapping.
- [x] The live `stella-ops-ui` auth path can request and receive `registry.admin`.
- [x] `/ops/integrations/registry-admin` and `/ops/integrations/registry-admin/audit` render their intended workspace without 404/403 failures.
### FE-LCA-004 - Rebuild and rerun live Playwright verification
Status: DONE
Dependency: FE-LCA-002
Owners: QA, Test Automation
Task description:
- Rebuild the touched web and auth/router surfaces, refresh the live stack, and rerun the real frontdoor Playwright checks for the repaired routes before marking this slice done.
Completion criteria:
- [x] Focused builds/tests pass for the touched modules.
- [x] Live Playwright evidence is refreshed for timeline, evidence threads, and registry admin.
- [x] Residual defects, if any, are logged instead of waved through.
## Execution Log
| Date (UTC) | Update | Owner |
| --- | --- | --- |
| 2026-03-08 | Sprint created from live Playwright findings: timeline runtime failure, evidence-thread contract drift, and registry-admin gateway/auth drift. | Codex |
| 2026-03-08 | Fixed the timeline runtime import gap, rewired Evidence Threads to the shipped EvidenceLocker PURL/canonical-id contract, and refreshed the focused frontend coverage around the list/view/service behavior. | Codex |
| 2026-03-08 | Added the missing `registry.admin` Authority scope, durable bootstrap-client reconciliation, frontdoor route specificity for `/api/admin/plans*`, and fresh-database seed coverage so the from-scratch stack converges without manual Authority patches. | Codex |
| 2026-03-08 | Rebuilt the web bundle, rebuilt the Authority image, refreshed the live stack, and reran the real frontdoor Playwright sweep. Timeline, Evidence Threads, Registry Admin, Registry Audit, and the adjacent changed surfaces are clean in the refreshed live evidence. | Codex |
## Decisions & Risks
- Evidence Threads will be aligned to the shipped EvidenceLocker API rather than preserving the revived but unsupported graph/transcript/export assumptions.
- Registry Admin is not a frontend-only defect: live evidence shows both gateway routing drift and missing UI token scope coverage.
- The `registry.admin` scope defect required an actual Authority image rebuild because the compose service is image-based, not source-mounted. Restarting the old container was insufficient even after the code/config changes landed.
- The compose demo stack currently exposes no seeded EvidenceLocker rows, so live browser verification covers the supported search, empty-result, missing-detail, and back-navigation flows while positive-path detail normalization remains covered by focused frontend tests.
## Next Checkpoints
- Continue the next page/action iteration with the same real-auth Playwright path.
- Treat any newly discovered route/action defect as a fresh narrow implementation slice instead of expanding this sprint.