Phase readiness¶
Decided
Source:
doc/Phase_Readiness_Tracker.md · last snapshot 2026-02-24 baseline + ongoing implementation deltas
The readiness tracker is the gating dashboard — what's been signed off, what's in progress, and what evidence backs each gate. Distinct from the work queue (commit-level) and Implementation Roadmap (phase definitions).
Status taxonomy¶
stateDiagram-v2
[*] --> NotStarted: phase exists in roadmap
NotStarted --> InProgress: work begins
InProgress --> ReadyForSignoff: deliverables complete, awaiting review
ReadyForSignoff --> SignedOff: architecture/security/ops owners approve
InProgress --> CompletedDocBaseline: docs/contracts complete; runtime continues
CompletedDocBaseline --> SignedOff: implementation lands
SignedOff --> [*]: phase locked| Status | Meaning |
|---|---|
Not Started |
Phase queued; no work yet |
In Progress |
Active deliverables in flight |
Ready for Signoff |
Deliverables complete; awaiting owner review |
Signed Off |
Owner-approved; phase locked |
Completed (Doc Baseline) |
Documentation/contract baseline done; runtime implementation continues |
Current snapshot (2026-02-24 baseline + ongoing)¶
flowchart TB
classDef done fill:#d1e7dd,stroke:#0a3622
classDef inprog fill:#fff3cd,stroke:#332701
classDef notstarted fill:#eceff1,stroke:#455a64
P1[Phase 1 — Architecture, Trust Boundaries, Tech Stack]:::done
P2[Phase 2 — Domain Model, State Machines, Data Flows]:::done
P3[Phase 3 — API Contracts OpenAPI + AsyncAPI]:::done
P4[Phase 4 — ERD and Persistence Model]:::done
EXEC[Implementation Execution — Code]:::inprog
P1 --> P2 --> P3 --> P4 --> EXECCompleted (doc baseline)¶
| Item | Evidence |
|---|---|
| Target architecture, trust boundaries, ADR set, domain ownership map | architecture/Architecture_v1.md, architecture/adrs/*, Domain_Ownership_Map.md |
| PRD + UX journeys aligned with architecture | product/PRD.md, product/UX_Journeys.md |
| OpenAPI + AsyncAPI contracts hardened | api/openapi.draft.yaml (33k lines), api/asyncapi.draft.yaml (2.3k lines) |
ERD + db_schema_v1.sql stabilized |
architecture/ERD.md, db_schema_v1.sql (2,574 lines) |
| Governance baseline | Coding_Standards.md, Testing_Standards.md, Security_Control_Verification.md, Contract_Invariant_Gates.md, enforcement policies, reviewguard draft |
| Local dev environment baseline | operations/local-dev/* |
| CI platform selected | .gitlab-ci.yml + scripts/ci/* host-agnostic gates |
| Core process scaffolds runnable | cmd/api, cmd/outbox-relay, cmd/notification-relay, cmd/billing-worker, cmd/provisioning-worker, cmd/webhook-worker |
| First vertical slice | POST /api/v1/allocations → DB allocation row + outbox in one transaction |
| Admin token deny-list | Auth middleware path implemented |
Implementation execution — in progress (code, not just docs)¶
gantt
title Recent commit landings (illustrative ordering, last 60 days)
dateFormat X
axisFormat %s
section Outbox + relays
outbox relay runtime + NATS publisher :done, c1, 0, 1
notification relay NATS->Redis scaffold :done, c2, after c1, 1
section Workers
billing worker pull-consumer runtime :done, c3, after c2, 1
provisioning worker pull-consumer runtime :done, c4, after c3, 1
webhook worker ingest scaffold :done, c5, after c4, 1
section Auth + slice
admin token deny-list :done, c6, after c5, 1
first allocation vertical slice :done, c7, after c6, 1
section CI + obs hardening
go vet + token-query CI guards :done, c8, after c7, 1
webhook reconciliation counters :done, c9, after c8, 1
Prometheus counters for alerts :done, c10, after c9, 1
integration smoke default DB wiring :done, c11, after c10, 1
security scan stage tool-aware :done, c12, after c11, 1
constant-time token compare hardening :done, c13, after c12, 1
API internal stats + Prom export :done, c14, after c13, 1The recent commit graph above is illustrative of cadence; commit shas are in the actual tracker.
Outstanding items — Parallel Ops Track¶
Per Phase_Readiness_Tracker.md §Implementation Execution Progress, the open execution items are:
flowchart LR
OPEN[Open execution items] --> O1[SLO / alerts<br/>concrete staging-prod artifacts]
OPEN --> O2[Runbooks / on-call drills]
OPEN --> O3[Backup / restore DR]
OPEN --> O4[Secrets / key ops]
OPEN --> O5[East/west security<br/>+ cert lifecycle]
OPEN --> O6[Watchlist phase schedule]Tracked in:
operations/Parallel_Ops_Track.mdoperations/Watchlist_Phase_Schedule.mdoperations/Scalability_Security_Watchlist.mdoperations/evidence/pki_stepca_staging_readiness.md— TaskC-OPS-002
Evidence model¶
Every signed-off item must have machine-traceable evidence.
flowchart LR
PH[Phase / gate] --> EV{Evidence type}
EV -- doc baseline --> D[Path to .md file]
EV -- contract --> C[OpenAPI / AsyncAPI section]
EV -- code --> COM[git sha or file path]
EV -- test --> T[Test name + green CI link]
EV -- artifact --> A[evidence file under<br/>operations/evidence/]
D & C & COM & T & A --> SO[Signoff record<br/>actor + date + correlation_id]How signoff happens¶
sequenceDiagram
autonumber
participant DEV as Phase owner
participant TRK as Phase_Readiness_Tracker.md
participant REV as Architecture / security / ops reviewer
participant Q as Agent_Work_Queue.yaml
DEV->>TRK: mark phase "Ready for Signoff"<br/>+ link evidence
DEV->>Q: ensure all child tasks done or moved
DEV->>REV: request review
REV->>REV: audit evidence against criteria
alt approved
REV->>TRK: mark "Signed Off"<br/>+ record reviewer + date
else gaps
REV->>DEV: list specific gaps
DEV->>DEV: address gaps — re-request
endCross-references¶
| What you want | Where to look |
|---|---|
| Phase definition with deliverables | Implementation roadmap |
| Current task being worked on | Active work queue |
| Production go/no-go state | Release readiness |
| Specific area gap | Gap trackers |
| Live commit ledger | Execution_Progress.md |
Source¶
→ Phase_Readiness_Tracker.md is the canonical doc.