Finalize UI truthfulness and bootstrap hardening
This commit is contained in:
master
@@ -7,11 +7,13 @@ Web
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Console-level configuration pane showing integration status grouped by sections with connection health, detail views per integration, and a state management service for tracking configuration changes.
|
||||
Console-level configuration pane showing live integration status grouped by sections with connection health, detail views per integration, and signal-based state management. The mounted page now derives rows from the integrations API and unified audit instead of seeded connector records.
|
||||
|
||||
## Implementation Details
|
||||
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/configuration-pane/`
|
||||
- **Routes**: `configuration-pane.routes.ts`
|
||||
- **Canonical route**: `/setup/configuration-pane`
|
||||
- **Legacy alias**: `/settings/configuration-pane`
|
||||
- **Components**:
|
||||
- `configuration-pane` (`src/Web/StellaOps.Web/src/app/features/configuration-pane/components/configuration-pane.component.ts`)
|
||||
- `integration-detail` (`src/Web/StellaOps.Web/src/app/features/configuration-pane/components/integration-detail.component.ts`)
|
||||
@@ -22,11 +24,15 @@ Console-level configuration pane showing integration status grouped by sections
|
||||
- **Models**:
|
||||
- `src/Web/StellaOps.Web/src/app/features/configuration-pane/models/configuration-pane.models.ts`
|
||||
- **Source**: Feature matrix scan
|
||||
- **Current runtime source of truth**:
|
||||
- Registry, vault, and settings-store rows are composed from the live integrations API.
|
||||
- History is composed from unified audit integration events.
|
||||
- Database, cache, and telemetry sections remain explicit empty or missing states until a backing contract exists.
|
||||
|
||||
## E2E Test Plan
|
||||
- **Setup**:
|
||||
- [ ] Log in with a user that has appropriate permissions
|
||||
- [ ] Navigate to `/console/configuration`
|
||||
- [ ] Navigate to `/setup/configuration-pane`
|
||||
- [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
|
||||
- **Core verification**:
|
||||
- [ ] Verify settings form loads with current values pre-populated
|
||||
@@ -51,19 +57,32 @@ Console-level configuration pane showing integration status grouped by sections
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/configuration-pane/run-003/tier2-ui-check.json`
|
||||
- Notes: `/console/configuration` failed strict end-user assertion because the `Configuration` heading never rendered during the Playwright transaction.
|
||||
|
||||
## Recheck (run-004)
|
||||
## Historical Recheck (run-004)
|
||||
- Date (UTC): 2026-02-11
|
||||
- Status: VERIFIED (strict Tier 2 UI replay)
|
||||
- Tier 1 evidence: Focused configuration-pane suite passed 3/3 across 1 file.
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/configuration-pane/run-004/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Navigate to `/settings/configuration-pane` and verify heading, summary metrics, and integration list render.
|
||||
- Verify `Primary Database` row using scoped `.integration-name` selector.
|
||||
- Verify the then-current seeded `Primary Database` row using scoped `.integration-name` selector.
|
||||
- Open integration detail panel and verify `Edit Configuration` action is visible.
|
||||
|
||||
|
||||
## Recheck (run-007)
|
||||
## Historical Recheck (run-007)
|
||||
- Date (UTC): 2026-02-11T10:08:09Z
|
||||
- Status: PASSED (strict Tier 2 UI replay)
|
||||
- Tier 2 evidence: docs/qa/feature-checks/runs/web/configuration-pane/run-007/tier2-ui-check.json
|
||||
- Notes: Verified on /settings/configuration-pane with configuration summary and detail-panel interaction assertions.
|
||||
- Notes: Verified on /settings/configuration-pane with configuration summary and detail-panel interaction assertions against the earlier synthetic configuration-pane service.
|
||||
|
||||
## Recheck (run-008)
|
||||
- Date (UTC): 2026-04-15T17:03:18Z
|
||||
- Status: VERIFIED (strict Tier 2 UI replay)
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/configuration-pane/run-008/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Open `/setup/configuration-pane` and verify the mounted configuration heading and summary copy render from the live integrations-backed page.
|
||||
- Verify the removed seeded `Primary Database` row does not appear on the mounted route.
|
||||
|
||||
## 2026-04-15 Truthful State Cutover
|
||||
- `configuration-pane-api.service.ts` no longer seeds connector rows, health checks, or history in mounted flows.
|
||||
- The route now renders only integrations exposed by the live integrations API and shows explicit empty sections where backend coverage does not exist.
|
||||
- The mounted page returned to `VERIFIED` after the run-008 live replay against `/setup/configuration-pane`.
|
||||
|
||||
@@ -0,0 +1,43 @@
|
||||
# Image Security Release-Backed UI
|
||||
|
||||
## Module
|
||||
Web
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Mounted `/security/images` workspace that derives scope from live releases, release components, environments, findings, and SBOM explorer data. The page now renders truthful empty states when no release is selected and explicit unavailable-state messaging where the current backend contracts expose metadata only.
|
||||
|
||||
## Implementation Details
|
||||
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/image-security/`
|
||||
- **Canonical route**: `/security/images`
|
||||
- **Components**:
|
||||
- `image-security-shell` (`src/Web/StellaOps.Web/src/app/features/image-security/image-security-shell.component.ts`)
|
||||
- `image-summary-tab` (`src/Web/StellaOps.Web/src/app/features/image-security/tabs/image-summary-tab.component.ts`)
|
||||
- `image-findings-tab` (`src/Web/StellaOps.Web/src/app/features/image-security/tabs/image-findings-tab.component.ts`)
|
||||
- `image-sbom-tab` (`src/Web/StellaOps.Web/src/app/features/image-security/tabs/image-sbom-tab.component.ts`)
|
||||
- `image-vex-tab` (`src/Web/StellaOps.Web/src/app/features/image-security/tabs/image-vex-tab.component.ts`)
|
||||
- `image-evidence-tab` (`src/Web/StellaOps.Web/src/app/features/image-security/tabs/image-evidence-tab.component.ts`)
|
||||
- **Services**:
|
||||
- `image-security-data` (`src/Web/StellaOps.Web/src/app/features/image-security/image-security-data.service.ts`)
|
||||
- **Source**: `docs/implplan/SPRINT_20260415_008_FE_ui_truthful_state_cutover_and_todo_wiring.md`
|
||||
|
||||
## E2E Test Plan
|
||||
- **Setup**:
|
||||
- [ ] Log in with a user that has appropriate permissions
|
||||
- [ ] Navigate to `/security/images`
|
||||
- [ ] Ensure at least one release exists so the scope selector can populate
|
||||
- **Core verification**:
|
||||
- [ ] Verify the empty state teaches the operator to select a release instead of showing fake image data
|
||||
- [ ] Select a release and verify live release images populate
|
||||
- [ ] Verify VEX and Evidence tabs show truthful metadata-only copy when deeper contracts are unavailable
|
||||
|
||||
## Verification
|
||||
- Date (UTC): 2026-04-15T17:03:18Z
|
||||
- Tier 1 note: focused Angular suite `src/Web/StellaOps.Web/src/tests/image_security/image-security-truthful-state.spec.ts` passed 8/8 during the truthful-state cutover.
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/image-security-release-backed-ui/run-001/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Open `/security/images` and verify the mounted empty state renders `No image security scope selected`.
|
||||
- Select a live release and verify `Release images` renders from real release-scoped data.
|
||||
- Open `VEX` and `Evidence` tabs and verify the mounted page reports metadata-only or release-level limitations explicitly instead of showing fake tab content.
|
||||
@@ -44,3 +44,11 @@ Integration Hub frontend with list view showing integration status/health, detai
|
||||
- Tier 2 (behavior): pass (`tier2-e2e-check.json`)
|
||||
- Verified on (UTC): 2026-02-11T07:02:25Z
|
||||
|
||||
## Recheck (run-002)
|
||||
- Date (UTC): 2026-04-15T17:03:18Z
|
||||
- Status: VERIFIED (strict Tier 2 UI replay)
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/integration-hub-ui/run-002/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Open `/setup/integrations/activity` and verify the mounted Integration Activity heading and audit-trail copy render.
|
||||
- Verify the removed `Mock data for development` feed text is absent from the mounted page.
|
||||
|
||||
|
||||
@@ -1,42 +0,0 @@
|
||||
# Issuer Trust Management UI
|
||||
|
||||
## Module
|
||||
Web
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Issuer directory trust management UI with issuer list, issuer detail view showing keys and trust bundles, key rotation wizard with confirmation, and issuer lifecycle management under Admin > Trust > Issuers.
|
||||
|
||||
## Implementation Details
|
||||
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/issuer-trust/`
|
||||
- **Routes**: `issuer-trust.routes.ts`
|
||||
- **Components**:
|
||||
- `issuer-detail` (`src/Web/StellaOps.Web/src/app/features/issuer-trust/components/issuer-detail.component.ts`)
|
||||
- `issuer-editor` (`src/Web/StellaOps.Web/src/app/features/issuer-trust/components/issuer-editor.component.ts`)
|
||||
- `issuer-list` (`src/Web/StellaOps.Web/src/app/features/issuer-trust/components/issuer-list.component.ts`)
|
||||
- `key-rotation` (`src/Web/StellaOps.Web/src/app/features/issuer-trust/components/key-rotation.component.ts`)
|
||||
- `issuer-trust` (`src/Web/StellaOps.Web/src/app/features/issuer-trust/issuer-trust.component.ts`)
|
||||
- **Source**: SPRINT_20251229_024_FE_issuer_trust_ui
|
||||
|
||||
## E2E Test Plan
|
||||
- **Setup**:
|
||||
- [ ] Log in with a user that has appropriate permissions
|
||||
- [ ] Navigate to `/admin/issuers`
|
||||
- [ ] Ensure test data exists (scanned artifacts, SBOM data, or seed data as needed)
|
||||
- **Core verification**:
|
||||
- [ ] Verify the component renders correctly with sample data
|
||||
- [ ] Verify interactive elements respond to user input
|
||||
- [ ] Verify data is fetched and displayed from the correct API endpoints
|
||||
- **Edge cases**:
|
||||
- [ ] Verify graceful handling when backend API is unavailable (error state)
|
||||
- [ ] Verify responsive layout at different viewport sizes
|
||||
- [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)
|
||||
|
||||
## Verification
|
||||
- Run: `docs/qa/feature-checks/runs/web/issuer-trust-management-ui/run-001/`
|
||||
- Tier 0 (source): pass (`tier0-source-check.json`)
|
||||
- Tier 1 (build/tests): pass (`tier1-build-check.json`)
|
||||
- Tier 2 (behavior): pass (`tier2-e2e-check.json`)
|
||||
- Verified on (UTC): 2026-02-11T07:21:27Z
|
||||
@@ -1,43 +0,0 @@
|
||||
# Node Diff Table Component (Tabular SBOM Change Comparison)
|
||||
|
||||
## Module
|
||||
Web
|
||||
|
||||
## Status
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Tabular SBOM component-change diff view with change-type filter chips, debounced search, multi-column sorting, row selection with bulk actions, pagination, clipboard actions, and CSV export for lineage comparisons.
|
||||
|
||||
## Implementation Details
|
||||
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/lineage/components/node-diff-table/`
|
||||
- **Primary component**:
|
||||
- `diff-table.component.ts`
|
||||
- `diff-table.component.html`
|
||||
- `diff-table.component.scss`
|
||||
- `models/diff-table.models.ts`
|
||||
- **Service dependency**:
|
||||
- `src/Web/StellaOps.Web/src/app/features/lineage/services/lineage-graph.service.ts`
|
||||
- **Behavioral tests**:
|
||||
- `src/Web/StellaOps.Web/src/tests/lineage/node-diff-table-component.spec.ts`
|
||||
|
||||
## E2E Test Plan
|
||||
- **Setup**:
|
||||
- [ ] Log in with a user that has appropriate permissions
|
||||
- [ ] Navigate to lineage comparison workflow hosting the node diff table
|
||||
- [ ] Ensure comparison data exists (added/removed/changed components)
|
||||
- **Core verification**:
|
||||
- [ ] Verify component rows render and sort deterministically
|
||||
- [ ] Verify search is debounced and filter chips (including both-changed) work
|
||||
- [ ] Verify bulk actions, pagination, and API-input based diff fetch behavior
|
||||
- **Edge cases**:
|
||||
- [ ] Verify graceful handling when backend API is unavailable (error state)
|
||||
- [ ] Verify responsive layout at different viewport sizes
|
||||
- [ ] Verify accessibility (keyboard navigation, screen reader labels, ARIA attributes)
|
||||
|
||||
## Verification
|
||||
- Run: `docs/qa/feature-checks/runs/web/node-diff-table-component/run-001/`
|
||||
- Tier 0 (source): pass (`tier0-source-check.json`)
|
||||
- Tier 1 (build/tests): pass (`tier1-build-check.json`)
|
||||
- Tier 2 (behavior): pass (`tier2-e2e-check.json`)
|
||||
- Verified on (UTC): `2026-02-11T09:03:08.3546412Z`
|
||||
@@ -42,3 +42,11 @@ Offline Kit UI with OfflineModeService, ManifestValidator, BundleFreshness widge
|
||||
- Tier 1 (build/tests): pass (`tier1-build-check.json`)
|
||||
- Tier 2 (behavior): pass (`tier2-e2e-check.json`)
|
||||
- Verified on (UTC): `2026-02-11T09:23:15.9520926Z`
|
||||
|
||||
## Recheck (run-002)
|
||||
- Date (UTC): 2026-04-15T17:03:18Z
|
||||
- Status: VERIFIED (strict Tier 2 UI replay)
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/offline-kit-ui-integration/run-002/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Open `/ops/operations/offline-kit/bundles` and verify the mounted bundle-management page renders.
|
||||
- Verify the removed seeded bundle text (`Mock data - in production, load from IndexedDB or cache`) is absent.
|
||||
|
||||
@@ -9,6 +9,8 @@ VERIFIED
|
||||
## Description
|
||||
Policy governance controls with risk budget dashboard, trust weighting with impact preview, risk profiles CRUD, sealed mode toggle, and policy conflict dashboard with resolution wizard.
|
||||
|
||||
Conflict source previews in the resolution wizard now render source metadata only. The current governance conflicts contract does not expose full rule or policy bodies, so the wizard explicitly reports preview content as unavailable instead of generating synthetic JSON.
|
||||
|
||||
## Implementation Details
|
||||
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/policy-governance/`
|
||||
- **Routes**: `policy-governance.routes.ts`
|
||||
@@ -48,4 +50,14 @@ Policy governance controls with risk budget dashboard, trust weighting with impa
|
||||
## Verification
|
||||
- Run: `docs/qa/feature-checks/runs/web/policy-governance-controls-ui/run-001/`
|
||||
- Date (UTC): 2026-02-11
|
||||
- Recheck note: the prior verification predates the truthful metadata-only preview cutover in `conflict-resolution-wizard.component.ts`.
|
||||
|
||||
## Recheck (run-002)
|
||||
- Date (UTC): 2026-04-15T17:03:18Z
|
||||
- Status: VERIFIED (strict Tier 2 UI replay)
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/policy-governance-controls-ui/run-002/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Open `/ops/policy/governance/conflicts` and verify the mounted governance surface renders.
|
||||
- Open a live conflict resolution flow, advance into the compare step, and verify the wizard reports metadata-only previews instead of fabricated rule bodies.
|
||||
- Verify the mounted compare step does not render generated `"condition"` or `"action"` JSON fields.
|
||||
|
||||
|
||||
@@ -15,12 +15,12 @@ Follow-up note: canonical `Ops > Platform Setup` leaf URLs are preserved by `doc
|
||||
- **Feature directories**:
|
||||
- `src/Web/StellaOps.Web/src/app/features/topology/`
|
||||
- `src/Web/StellaOps.Web/src/app/features/trust-admin/`
|
||||
- `src/Web.StellaOps.Web/src/app/features/platform/setup/`
|
||||
- `src/Web.StellaOps.Web/src/app/features/settings/`
|
||||
- `src/Web/StellaOps.Web/src/app/features/platform/setup/`
|
||||
- `src/Web/StellaOps.Web/src/app/features/settings/`
|
||||
- **Primary components**:
|
||||
- `topology-shell` (`src/Web.StellaOps.Web/src/app/features/topology/topology-shell.component.ts`)
|
||||
- `trust-admin` (`src/Web.StellaOps.Web/src/app/features/trust-admin/trust-admin.component.ts`)
|
||||
- `platform-setup-home` (`src/Web.StellaOps.Web/src/app/features/platform/setup/platform-setup-home.component.ts`)
|
||||
- `topology-shell` (`src/Web/StellaOps.Web/src/app/features/topology/topology-shell.component.ts`)
|
||||
- `trust-admin` (`src/Web/StellaOps.Web/src/app/features/trust-admin/trust-admin.component.ts`)
|
||||
- `platform-setup-home` (`src/Web/StellaOps.Web/src/app/features/platform/setup/platform-setup-home.component.ts`)
|
||||
- **Canonical routes**:
|
||||
- `/setup/topology/overview`
|
||||
- `/setup/topology/regions`
|
||||
@@ -66,3 +66,12 @@ Follow-up note: canonical `Ops > Platform Setup` leaf URLs are preserved by `doc
|
||||
- Playwright passed: `1` topology/trust cutover scenario.
|
||||
- Production build passed; existing bundle-budget warnings remain unchanged from the baseline.
|
||||
- Verified on (UTC): 2026-03-08T08:06:30Z
|
||||
|
||||
## Recheck (run-002)
|
||||
- Date (UTC): 2026-04-15T17:03:18Z
|
||||
- Status: VERIFIED (strict Tier 2 UI replay)
|
||||
- Tier 2 evidence: `docs/qa/feature-checks/runs/web/topology-trust-administration-ui/run-002/tier2-ui-check.json`
|
||||
- Replay scope:
|
||||
- Open `/setup/topology/overview` and verify the mounted topology page exposes the live `Command` and `Topology` view-mode radios.
|
||||
- Verify the removed `Mock topology layout for when API returns empty` text is absent.
|
||||
- Canonical issuer management remains mounted under `features/trust-admin/*`; the orphaned `features/issuer-trust/*` checked page was retired because it no longer owns a live route.
|
||||
|
||||
@@ -7,11 +7,14 @@ Web
|
||||
VERIFIED
|
||||
|
||||
## Description
|
||||
Trust administration dashboard with signing key management including rotation wizard, issuer trust scores, air-gap audit feed, incident audit, and mTLS certificate inventory.
|
||||
Trust administration dashboard with signing key management including rotation wizard, issuer trust scores, air-gap audit feed, incident audit, and mTLS certificate inventory. The canonical mounted issuer management route `/setup/trust-signing/issuers` is owned by this trust-admin workspace.
|
||||
|
||||
## Implementation Details
|
||||
- **Feature directory**: `src/Web/StellaOps.Web/src/app/features/trust-admin/`
|
||||
- **Routes**: `trust-admin.routes.ts`
|
||||
- **Canonical mounted routes**:
|
||||
- `/setup/trust-signing`
|
||||
- `/setup/trust-signing/issuers`
|
||||
- **Components**:
|
||||
- `airgap-audit` (`src/Web/StellaOps.Web/src/app/features/trust-admin/airgap-audit.component.ts`)
|
||||
- `certificate-inventory` (`src/Web/StellaOps.Web/src/app/features/trust-admin/certificate-inventory.component.ts`)
|
||||
@@ -36,7 +39,7 @@ Trust administration dashboard with signing key management including rotation wi
|
||||
## E2E Test Plan
|
||||
- **Setup**:
|
||||
- [ ] Log in with a user that has appropriate permissions
|
||||
- [ ] Navigate to `/admin/trust`
|
||||
- [ ] Navigate to `/setup/trust-signing`
|
||||
- [ ] Ensure trust dashboard summary fixture/API data is available
|
||||
- **Core verification**:
|
||||
- [ ] Verify the dashboard loads without errors and displays summary cards/metrics
|
||||
@@ -53,3 +56,4 @@ Trust administration dashboard with signing key management including rotation wi
|
||||
- Tier 0: PASS (source/symbol verification for trust-admin routes/component wiring and new behavior harness).
|
||||
- Tier 1: PASS (`npm run test` focused suite: 24 files / 118 tests; `npm run build` passed with known baseline warnings).
|
||||
- Tier 2: PASS (route section coverage, summary/alert metrics behavior, URL-driven active-tab semantics, and refresh error recovery behavior).
|
||||
- Route ownership note: this checked feature is the active owner for the mounted issuer workflow after the trust-admin cutover. The older `features/issuer-trust/*` checked page was retired when its route family lost all active consumers.
|
||||
|
||||
Reference in New Issue
Block a user