setup and mock fixes
This commit is contained in:
master
@@ -120,7 +120,7 @@ Completion criteria:
|
||||
- [x] Runtime behavior uses tokenized API abstraction with real endpoint backing
|
||||
|
||||
### 042-T9 - Replace inline component mock datasets with backend loads
|
||||
Status: TODO
|
||||
Status: DONE
|
||||
Dependency: 042-T1, 042-T7, 042-T8
|
||||
Owners: Developer (FE)
|
||||
Task description:
|
||||
@@ -128,8 +128,8 @@ Task description:
|
||||
- For surfaces lacking existing backend endpoints, mark task `BLOCKED` with explicit endpoint gap and keep temporary fallback isolated.
|
||||
|
||||
Completion criteria:
|
||||
- [ ] Runtime components prefer backend data and only use fallback when explicitly unavailable
|
||||
- [ ] Any unresolved surfaces are tracked as `BLOCKED` with endpoint gap details
|
||||
- [x] Runtime components prefer backend data and only use fallback when explicitly unavailable
|
||||
- [x] Any unresolved surfaces are tracked as `BLOCKED` with endpoint gap details
|
||||
|
||||
### 042-T10 - Contract transformations, telemetry, and error semantics
|
||||
Status: TODO
|
||||
@@ -156,7 +156,7 @@ Completion criteria:
|
||||
- [ ] E2E/API evidence confirms runtime uses real backend responses
|
||||
|
||||
### 042-T12 - Docs and contract ledger synchronization
|
||||
Status: TODO
|
||||
Status: DOING
|
||||
Dependency: 042-T1, 042-T11
|
||||
Owners: Documentation author, Developer (FE)
|
||||
Task description:
|
||||
@@ -164,7 +164,7 @@ Task description:
|
||||
- Link doc updates in sprint Decisions & Risks and keep migration guidance deterministic/offline-aware.
|
||||
|
||||
Completion criteria:
|
||||
- [ ] `docs/modules/ui/**` and endpoint ledger reflect final binding reality
|
||||
- [x] `docs/modules/ui/**` and endpoint ledger reflect final binding reality
|
||||
- [ ] Sprint records unresolved gaps, decisions, and mitigation paths
|
||||
|
||||
## Execution Log
|
||||
@@ -177,6 +177,9 @@ Completion criteria:
|
||||
| 2026-02-21 | Unblocked `web-checked-feature-recheck` by preventing `**/policy/**` route stubs from hijacking document navigations; full Playwright run completed with 222 passed, 187 skipped, 0 failed (`npx playwright test --workers=2 --reporter=list`). | QA / Developer (FE) |
|
||||
| 2026-02-21 | Completed runtime DI cutover for evidence/policy-simulation/proof plus store-level tokenization (delta verdict, risk budget, fix verification, scoring, ABAC) and removed runtime `useClass: Mock...`/`inject(Mock...)` paths in `src/Web/StellaOps.Web/src/app/**`. | Developer (FE) |
|
||||
| 2026-02-21 | Validation: `npm run build` passed; targeted specs passed: `npx ng test --watch=false --include=src/tests/audit_reason_capsule/findings-list.reason-capsule.spec.ts`, `npx ng test --watch=false --include=src/tests/triage/vex-trust-column-in-findings-and-triage-lists.behavior.spec.ts`, `npx ng test --watch=false --include=src/tests/policy_studio/policy-simulation.behavior.spec.ts`, `npx ng test --watch=false --include=src/tests/signals_runtime_dashboard/signals-runtime-dashboard.service.spec.ts`, `npx ng test --watch=false --include=src/tests/policy_governance/risk-budget-dashboard.component.spec.ts`. | Developer (FE) |
|
||||
| 2026-02-21 | 042-T9 completed for inline runtime datasets: `simulation-history.component.ts`, `conflict-detection.component.ts`, `batch-evaluation.component.ts`, and `graph-explorer.component.ts` now load backend data through `POLICY_SIMULATION_API` and `GRAPH_PLATFORM_API` instead of inline mocks; app config now binds graph runtime base/token providers. | Developer (FE) |
|
||||
| 2026-02-21 | Validation after T9 cutover: `npm run build` (with `NODE_OPTIONS=--max-old-space-size=6144`) passed; targeted tests passed: `npx ng test --watch=false --include=src/tests/policy_studio/policy-simulation.behavior.spec.ts --include=src/tests/signals_runtime_dashboard/signals-runtime-dashboard.service.spec.ts` and `npx ng test --watch=false --include=src/tests/security-risk/security-risk-routes.spec.ts --include=src/tests/security-risk/sbom-graph-page.component.spec.ts`. | Developer (FE) |
|
||||
| 2026-02-21 | T12 documentation sync started: updated `docs/modules/ui/README.md` with runtime endpoint cutover summary and updated `docs/modules/ui/v2-rewire/S00_endpoint_contract_ledger_v2_pack22.md` with Policy Simulation + Graph Explorer endpoint rows reflecting runtime bindings. | Developer / Documentation author |
|
||||
## Decisions & Risks
|
||||
- Decision: runtime DI must resolve API tokens to HTTP clients; mock classes are test/dev assets only.
|
||||
- Decision: no new backend contracts are assumed in this sprint; if a required endpoint is missing, task becomes `BLOCKED` with explicit contract gap.
|
||||
@@ -184,6 +187,8 @@ Completion criteria:
|
||||
- Risk: component-level `providers` can silently override global DI. Mitigation: inventory + explicit removal task (042-T7) with verification.
|
||||
- Risk: direct `inject(Mock...)` usage bypasses app config contracts. Mitigation: mandatory tokenized refactor task (042-T8).
|
||||
- Cross-module note: docs updates required in `docs/modules/ui/**` and endpoint ledger docs under `docs/modules/ui/v2-rewire/`.
|
||||
- `BLOCKED` endpoint gap: `src/Web/StellaOps.Web/src/app/features/releases/state/release-detail.store.ts` still uses inline mock state and `setTimeout` flows; the store is not yet mapped to a finalized release-detail endpoint contract in the Pack 22 ledger row `S22-T03-REL-02`.
|
||||
- `BLOCKED` endpoint gap: `src/Web/StellaOps.Web/src/app/features/lineage/components/lineage-why-safe-panel/lineage-why-safe-panel.component.ts` still returns inline mock explanations; a tokenized API client/contract for "why-safe" explanation is not yet present in `core/api/**` runtime bindings.
|
||||
|
||||
## Next Checkpoints
|
||||
- 2026-02-22 UTC: Complete T1 inventory and finalize endpoint mapping/risk list.
|
||||
|
||||
@@ -0,0 +1,176 @@
|
||||
# Sprint 20260221_043 - Setup + Seed Error-Handling Stabilization
|
||||
|
||||
## Topic & Scope
|
||||
- Stabilize local bootstrap so first-time setup succeeds deterministically without misleading health failures.
|
||||
- Fix demo seeding paths so expected failure modes return explicit API/CLI errors instead of HTTP 500 or opaque crashes.
|
||||
- Harden migration + seed workflow ordering to prevent schema-missing failures on fresh databases.
|
||||
- Improve onboarding docs for new operators with a minimal "first 30 minutes" path and troubleshooting matrix.
|
||||
- Working directory: `docs/implplan`.
|
||||
- Expected evidence: reproducible setup transcript, targeted test outputs, API response samples, updated docs with cross-links.
|
||||
|
||||
## Dependencies & Concurrency
|
||||
- Depends on current compose baseline in `devops/compose/` and current seed SQL set under module persistence projects.
|
||||
- Can run in parallel:
|
||||
- Platform API error handling tasks can run in parallel with compose setup script fixes.
|
||||
- Docs updates can run in parallel with code fixes after API/CLI contracts are stable.
|
||||
- Must run sequentially:
|
||||
- Migration-ordering validation must complete before final seed API/CLI validation.
|
||||
- QA sign-off must run after all code + doc tasks are complete.
|
||||
|
||||
## Documentation Prerequisites
|
||||
- `docs/quickstart.md`
|
||||
- `docs/dev/DEV_ENVIRONMENT_SETUP.md`
|
||||
- `docs/operations/devops/` (compose/bootstrap runbooks)
|
||||
- `docs/modules/platform/architecture-overview.md`
|
||||
- `docs/modules/cli/AGENTS.md` and relevant CLI docs
|
||||
- `docs/modules/scheduler/architecture.md`
|
||||
|
||||
## Delivery Tracker
|
||||
|
||||
### PM-001 - Scope lock and owner mapping
|
||||
Status: DONE
|
||||
Dependency: none
|
||||
Owners: Project Manager
|
||||
Task description:
|
||||
- Confirm final issue list from bootstrap + seeding runs and map each issue to an owning module/team.
|
||||
- Freeze acceptance criteria for setup reliability, seed API behavior, seed CLI behavior, and onboarding docs before coding starts.
|
||||
|
||||
Completion criteria:
|
||||
- [x] Issue inventory is captured with owner + priority + target artifact.
|
||||
- [x] Exit criteria are explicit for each issue (pass/fail objective, no ambiguity).
|
||||
|
||||
### DEVOPS-001 - Setup script reliability and health reporting fixes
|
||||
Status: DONE
|
||||
Dependency: PM-001
|
||||
Owners: Developer, Test Automation
|
||||
Task description:
|
||||
- Update setup smoke checks and health summary logic in `scripts/setup.ps1` to use active container names and avoid false negatives from duplicate compose scope checks.
|
||||
- Ensure setup output distinguishes blocking failures vs. advisory warnings.
|
||||
|
||||
Completion criteria:
|
||||
- [x] Fresh reset + setup run completes without false "container missing" errors.
|
||||
- [x] Health summary reports exact unhealthy services with no duplicate/noisy entries.
|
||||
|
||||
### PLATFORM-001 - Seed API authorization contract fix
|
||||
Status: DONE
|
||||
Dependency: PM-001
|
||||
Owners: Developer
|
||||
Task description:
|
||||
- Replace invalid seed endpoint authorization policy usage with a registered platform policy.
|
||||
- Ensure unauthorized/forbidden requests return 401/403, not 500.
|
||||
|
||||
Completion criteria:
|
||||
- [x] `POST /api/v1/admin/seed-demo` no longer throws due to missing policy.
|
||||
- [x] Automated endpoint tests verify 401/403 behavior paths.
|
||||
|
||||
### PLATFORM-002 - Seed API deterministic error responses
|
||||
Status: DONE
|
||||
Dependency: PLATFORM-001
|
||||
Owners: Developer, Test Automation
|
||||
Task description:
|
||||
- Harden seed endpoint request validation and operational error handling with structured ProblemDetails responses (bad module filter, disabled seeding, missing DB config, module execution failures).
|
||||
- Preserve partial module result visibility while preventing unhandled exceptions from surfacing as generic 500s.
|
||||
|
||||
Completion criteria:
|
||||
- [x] Known error paths return deterministic status codes and machine-readable payloads.
|
||||
- [x] No unhandled exceptions are emitted for expected user/operator errors.
|
||||
|
||||
### CLI-001 - Seed/migration CLI hardening for first-run flows
|
||||
Status: DONE
|
||||
Dependency: PM-001
|
||||
Owners: Developer
|
||||
Task description:
|
||||
- Improve CLI guidance and behavior so users can reliably run startup migrations before seed migrations on empty databases.
|
||||
- Fix dry-run reporting semantics so output correctly reflects pending seed migrations.
|
||||
- Eliminate seed command instability/crash regressions observed in repeated runs.
|
||||
|
||||
Completion criteria:
|
||||
- [x] CLI clearly guides required sequence: startup migrations -> seed migrations.
|
||||
- [x] Dry-run output accurately reports discovered seed migrations.
|
||||
- [x] Repeated seed command runs are stable and idempotent.
|
||||
|
||||
### SCHEDULER-001 - Scheduler startup migration idempotency repair
|
||||
Status: DONE
|
||||
Dependency: PM-001
|
||||
Owners: Developer, Test Automation
|
||||
Task description:
|
||||
- Fix `scheduler` startup migration trigger creation logic to be rerunnable without duplicate-trigger errors.
|
||||
- Add regression test coverage for rerun-on-existing-schema migration behavior.
|
||||
|
||||
Completion criteria:
|
||||
- [x] Re-running scheduler startup migration on an initialized schema succeeds cleanly.
|
||||
- [x] Regression tests cover duplicate-trigger prevention.
|
||||
|
||||
### DEVOPS-002 - Dev compose auxiliary service stability (rekor/rustfs)
|
||||
Status: DONE
|
||||
Dependency: PM-001
|
||||
Owners: Developer
|
||||
Task description:
|
||||
- Resolve `rekor-v2` restart-loop configuration and validate `rustfs` port/command consistency between compose profiles.
|
||||
- Ensure setup docs call out optional vs required auxiliary services where appropriate.
|
||||
|
||||
Completion criteria:
|
||||
- [x] Dev compose profile no longer restart-loops for known default path.
|
||||
- [x] Service status after bootstrap is consistent with documented expectations.
|
||||
|
||||
### QA-001 - End-to-end bootstrap + seed verification
|
||||
Status: DONE
|
||||
Dependency: DEVOPS-001
|
||||
Owners: QA, Test Automation
|
||||
Task description:
|
||||
- Run full verification pipeline on a clean environment:
|
||||
- from-scratch bootstrap,
|
||||
- startup migrations,
|
||||
- API-based seed checks,
|
||||
- CLI-based seed checks,
|
||||
- DB-level validation of seeded demo entities.
|
||||
- Capture command output snippets and API response payloads as evidence.
|
||||
|
||||
Completion criteria:
|
||||
- [x] Tiered verification evidence confirms setup and seeding success.
|
||||
- [x] Expected error scenarios return documented structured responses.
|
||||
|
||||
### DOCS-001 - New-operator onboarding hardening
|
||||
Status: DONE
|
||||
Dependency: PM-001
|
||||
Owners: Documentation author
|
||||
Task description:
|
||||
- Update quickstart/onboarding docs with:
|
||||
- explicit bootstrap sequence,
|
||||
- migration/seed sequence,
|
||||
- expected service states,
|
||||
- first login/demo exploration path,
|
||||
- troubleshooting decision tree for common failures.
|
||||
- Add a compact "known warnings vs blocking failures" section.
|
||||
|
||||
Completion criteria:
|
||||
- [x] New operator can follow docs from clean clone to seeded demo state without tribal knowledge.
|
||||
- [x] Troubleshooting table covers observed failure modes from this sprint.
|
||||
|
||||
## Execution Log
|
||||
| Date (UTC) | Update | Owner |
|
||||
| --- | --- | --- |
|
||||
| 2026-02-21 | Sprint created to track setup, seed error handling, and onboarding stabilization planning. | Project Manager |
|
||||
| 2026-02-21 | Issue inventory and owner mapping finalized; implementation started with setup reliability fixes. | Project Manager |
|
||||
| 2026-02-21 | Setup reliability hardening completed (`scripts/setup.ps1`), including active-service health filtering and clean full-stack bootstrap behavior. | Developer |
|
||||
| 2026-02-21 | Seed API/CLI hardening completed with deterministic ProblemDetails responses, auth-path regression tests (`401/403`), and migration-ordering fixes. | Developer |
|
||||
| 2026-02-21 | Scheduler migration idempotency regressions fixed (`001` + `003`) with new rerun coverage; CLI demo seeding rerun succeeded. | Developer |
|
||||
| 2026-02-21 | Onboarding docs updated: `docs/quickstart.md`, `docs/dev/DEV_ENVIRONMENT_SETUP.md` with first-30-min path and troubleshooting matrix. | Documentation author |
|
||||
| 2026-02-21 | Rebuilt `stellaops/platform:dev`, restarted platform service, and verified live `POST /api/v1/admin/seed-demo` now returns `401 Unauthorized` (no stale-policy 500). | QA |
|
||||
|
||||
## Decisions & Risks
|
||||
- Cross-module edits are expected for implementation despite this sprint living in `docs/implplan`: `scripts/`, `devops/compose/`, `src/Platform/`, `src/Cli/`, `src/Scheduler/`, and `docs/`.
|
||||
- Risk: seed endpoint contract changes may affect UI clients and automation expecting legacy response shape.
|
||||
- Mitigation: define and freeze ProblemDetails contract + success payload schema before implementation.
|
||||
- Risk: migration idempotency fixes can introduce drift against existing persisted schemas.
|
||||
- Mitigation: run replayable migration tests on both empty and already-initialized schemas.
|
||||
- Risk: compose auxiliary service hardening may differ across host OS networking stacks.
|
||||
- Mitigation: validate on Windows and Linux runners and document host-specific notes.
|
||||
- Risk: live docker stack may still return legacy behavior if local images were not rebuilt after source changes.
|
||||
- Mitigation: call out rebuild/restart requirement in troubleshooting docs and verification notes.
|
||||
- Risk: MTP currently ignores legacy `--filter` semantics in this repo's configuration.
|
||||
- Mitigation: capture full project run counts in evidence and validate targeted behavior with dedicated test classes.
|
||||
|
||||
## Next Checkpoints
|
||||
- 2026-02-21: Sprint implementation complete; ready for maintainer review/merge.
|
||||
- 2026-02-22: Optional follow-up: rebuild/publish refreshed `stellaops/platform:dev` image to align live stack behavior with source patches.
|
||||
Reference in New Issue
Block a user