V3 V1 Workflow Parity Audit v1¶
Status: active migration audit.
This document tracks workflow parity between the old V1 pages and the V3 production surfaces. V1 was useful as an entity dump; V3 should preserve the operator/user capability while changing the shape to workflow-first pages.
Rule¶
If a V1 action is still needed, it must land in V3 as one of these patterns:
- Workbench action queue for things an operator should triage now.
- Resource operations panel for actions scoped to one resource.
- Lifecycle/activity tab for what happened and where to pivot next.
- Family local nav for sibling workbenches inside one product family.
Do not add one-off buttons to isolated pages unless they fit one of those patterns.
Parity is not only route/read parity. A V3 replacement is incomplete until the resource lifecycle is visible by intent:
- Setup: create, enroll, bootstrap, configure, grant, attach, publish.
- Update: edit, activate, retire, upgrade, role/scope change, quota change.
- Maintenance: probe, repair, rotate, reconcile, drift review, health check.
- Recovery: retry, resume, rerun, restore, re-enroll, compensate.
- Destructive: release, decommission, detach, remove, delete, revoke.
- Evidence: audit, task, workflow, event, runbook, log, trace, or provider handoff.
When a V1 page exposed an action through an admin button or entity row, the V3 page must make the intent and post-click progress explicit. Hiding the same action behind a new button is not a completed migration.
Current Parity Matrix¶
| V1 surface | V3 target | Parity status | Notes |
|---|---|---|---|
/allocations |
/v3-prod/workloads |
mostly covered | V3 unifies compute and app runtimes. Default filter is active. Keep allocation/task/audit events visible from workload detail. |
/allocations/{id} |
/v3-prod/allocations/{id} → /v3-prod/workloads/{id} |
mostly covered | Allocation detail now resolves to the owning workload and preserves legacy panel intent for connect/metrics/events/storage/config. Console, metrics, storage, events/tasks exist. Need continued hardening for null telemetry and slice network/metric gaps found in kind/dev. |
/apps/catalog |
/v3-prod/apps, /v3-prod/launch/app/{slug} |
mostly covered | V3 launch is production-bound. Keep scheduler apps prominent in seed data and visual ordering. |
/apps/instances |
/v3-prod/workloads |
mostly covered | Unified runtime list covers status and open actions. Workload detail now carries app runtime management for members, member operations, version changes, and operation history. |
/apps/instances/{id} |
/v3-prod/apps/instances/{id} → /v3-prod/workloads/{id} |
mostly covered | App-instance detail now resolves to the owning workload and preserves legacy panel intent for connect/metrics/events/storage/config. V3 covers connect/metrics/tasks for app workloads and exposes safe runtime operations: start, stop, restart, repair, decommission, upgrade, rollback, add member, drain member, remove member, member/audit activity, and safe bootstrap/runtime credential posture without private material. Credential rotate/reconcile mutations remain a follow-up. |
/apps/artifacts |
/v3-prod/apps/artifacts |
mostly covered | Project-scoped artifact workbench lists app artifacts, creates publish intents, registers digests, and exposes verify/promote/deprecate/revoke/retire actions. Follow-up: richer artifact detail/activity drawer if operators need per-artifact event history. |
/settings/profile |
/v3-prod/account/profile |
covered | Includes identity/linking shape. |
/settings/ssh-keys |
/v3-prod/account/security, /v3-prod/access/credentials |
covered | Account owns personal key records; Access shows cross-project credential posture. |
/settings/team |
/v3-prod/access/memberships |
covered | V3 splits project/tenant views. |
/access/quotas |
/v3-prod/access/quotas |
covered | Effective project/user allocation headroom is now distinct from entitlements. Platform-wide quota policy editing remains under /v3-prod/platform/config/quotas. |
/admin/nodes |
/v3-prod/platform/lifecycle, /v3-prod/platform/lifecycle/nodes/{id} |
covered for current workflows | Lifecycle workbench and node detail exist. Node detail now has operations for probe, Netdata, bootstrap, re-enroll, agent repair, cert repair, resume/reactivate, MAAS re-image, destructive detach/remove/delete, and slice slot discovery/approval. |
/admin/nodes/onboardings/{id} |
/v3-prod/platform/lifecycle/onboardings/{id} |
covered | Resume/rerun, timeline, install output, MAAS events, summary, and error evidence are present. |
/admin/nodes/decommissions/{id} |
/v3-prod/platform/lifecycle/decommissions/{id} |
covered | Resume/rerun/cancel, timeline, install output, MAAS events, summary, and error evidence are present. |
/admin/maas |
/v3-prod/platform/lifecycle/maas |
mostly covered | Sites, drift, onboarding/decommission summaries visible. The page now explains the site → profile → onboard operator path and links to setup checklist/register-site actions. |
/admin/maas/new |
/v3-prod/platform/lifecycle/maas/new |
covered | Site create workflow exists. |
/admin/maas/{siteId} |
/v3-prod/platform/lifecycle/maas/{siteId} |
mostly covered | Site detail is now workflow-shaped with operations, discovery, profiles, fabric, and workflows tabs. Site settings, credential write, probe, direct one-node onboarding, batch onboarding, candidate ignore/suppress/restore/onboard, profile create/update/disable, and RoCE upsert/enable/disable/delete are available. Needs live kind validation against real MAAS data. |
/admin/skus |
/v3-prod/platform/config/skus |
covered | SKU publish queue now supports create, edit, pricing, activate, and retire. |
/admin/os-images |
/v3-prod/platform/config/os-images |
mostly covered | Compatibility matrix now supports image registration and disable. Edit-in-place is not in the current API contract; use create new image plus disable old image. |
/admin/quotas |
/v3-prod/platform/config/quotas |
covered for current policy | Allocation concurrency policy edit exists. Future tenant/project/user quotas are separate work. |
/admin/audit-logs |
/v3-prod/platform/evidence |
covered | V3 evidence has filters, drawer, and pivots. |
/admin/payments/sessions |
/v3-prod/platform/finance |
mostly covered | Stuck-first session list, interventions, and first-class finance activity stream exist. Session rows open a recovery panel with user pivot, internal balance credit, and refund workflow creation using the payment session as reference. Follow-up: add a true provider-reconcile endpoint if operators need replay rather than credit/refund. |
/admin/users |
/v3-prod/platform/iam |
covered | Governance-first user directory exists. |
/admin/users/{id} |
/v3-prod/platform/iam/users/{id} |
mostly covered | User detail includes roles, membership, credit/refund, evidence/finance pivots. |
/admin/telemetry |
/v3-prod/platform/ops and future observability surface |
partial/deferred | V3 Ops has signals. Netdata edge routing is deferred; app/user observability is future work. |
/admin/overview, /admin/ops |
/v3-prod/platform/overview, /v3-prod/platform/ops |
mostly covered | V3 is workflow-first. Continue validating live read models. |
Remaining Follow-Ups¶
- Backend resource activity/capability read models: node detail and app runtime detail now have first-class activity/capability read models. Storage bucket detail now includes bucket, attachment, grant, and audit activity in its Events tab. Platform config now exposes config audit/activity rows for SKU, OS image, policy/quota, MAAS profile, and MAAS site changes. Access audit now exposes membership, service-account, credential, entitlement, identity, and connectivity mutation history. Finance now exposes payment session, ledger, refund, and finance-audit lifecycle rows without provider payment references or raw webhook payloads. The UI now exposes the lifecycle operation shape, but some non-node pages may still build activity from facts, tasks, or workflow cards until their durable resource activity stream is available.
- App runtime credential operations: bootstrap/runtime credential posture is now exposed without surfacing private material. Reconcile, rotate, and disable workflows remain follow-ups until their mutation contracts are safe and audited.
- MAAS provisioning validation: validate site settings, credentials/probe, direct one-node onboarding, batch onboarding, discovery review/onboard, profile CRUD, RoCE assignment actions, workflow install output, MAAS event pivots, and decommission cancel against real MAAS data in kind.
- Payment recovery backend follow-up: decide whether stuck sessions need a first-class provider reconcile/replay endpoint. V3 currently supports user credit and refund workflows from the finance workbench.
- Access/identity write workflows: SSO provider setup, network/security policy changes, service-account rotation/disable, entitlement updates, and scoped quota writes need real contracts before V3 should expose them as mutable controls. Access quota posture is read-only today; keep mutable quota policy under Platform Config unless a scoped quota contract exists.
- Final UX polish pass after functional parity: some migrated pages still
read too much like data-dense admin views. After the remaining workflow
validation passes, compare against
/v3mocks and tighten visual hierarchy, navigation return paths, and family-local drill-down behavior.
Backend/Contract Gaps Found During Audit¶
- V3 app workload detail has stable
project_idandapp_instance_idfor safe runtime operations, stitches version/member/operation-history workflows from existing app instance APIs, and includes first-class credential posture without credential material. It still needs operation capability flags for credential reconcile/rotate/disable. - Node detail exposes operation capability flags and a unified activity stream from allocations, node tasks, agent lifecycle, MAAS decommissioning, and audit events.
- Storage bucket detail exposes a first-class activity stream from bucket posture, workload attachments, sharing grants, and audit events without surfacing provider credentials.
- Platform config exposes a first-class activity stream from config audit rows covering SKU, OS image, policy/quota, MAAS profile, and MAAS site changes.
- Platform finance exposes a first-class activity stream from payment sessions, ledger entries, refund requests, and finance audit actions while keeping raw provider references out of the read model.
- Non-node resource details should receive first-class lifecycle/audit event streams so activity is not derived from facts, tasks, and workflow cards.