Setup adapter produccion
Consola de integraciones
Una superficie operativa controla contratos DB/auth-ready locales, modos provider y checklist de paso a produccion.
Contrato escenario
ScenarioStore.v1
La forma API es estable para un futuro DB adapter.
Actores de rol
5
Usuarios demo mapean a futuros claims RBAC.
Modos provider
6
Providers mock/local muestran objetivos productivos.
Preflight
1/5
Readiness de migracion snapshot antes del DB/auth cutover real.
Pasos cutover
0/6
Gates completados contra tareas de infraestructura.
Connection
0/4
Readiness de endpoint redacted para el adapter seleccionado.
Integration Readiness Copilot
2/9 integration gates are ready for db-auth-session-adapter.
Recommended integration action
Record adapter connection evidence
Connection checks show 0/4; record the redacted endpoint packet before dry-run.
Provider contracts
6 local-to-production provider contracts are visible.
Session adapter
ScenarioStore.v1 runs with mock-auth-header for the local demo contract.
Migration preflight
Preflight is 1/5 with snapshot checksum bfg-eba94650.
Migration runbook
Runbook is 1/6 with decision BLOCKED_PENDING_PREFLIGHT.
Release handoff
Release is 3/5 with decision BLOCKED_PENDING_DRY_RUN.
Rollback drill
Rollback is 0/4 with decision BLOCKED_PENDING_DRY_RUN.
Integration blocker checklist
Production readiness decision
Infrastructure decision prompt
db-auth-session-adapter is selected for rehearsal, but BLOCKED_PENDING_DRY_RUN keeps real DB/auth cutover blocked until infrastructure owners choose the live provider.
Decision needed
Choose the real DB/auth provider before wiring production
Release gates show 3/5; data cutover remains 0/5. Keep demo evidence open, but do not claim production readiness.
Selected adapter target
db-auth-session-adapter
The target is ready for local replay, not live production traffic.
Auth/RBAC owner
OIDC/RBAC
OIDC, roles and secret handling need owner confirmation before code wiring.
Go/no-go decision
BLOCKED_PENDING_DRY_RUN
Local demo can proceed while production remains blocked.
Provider selection acceptance
Provider selection acceptance stub
Anna Kowalska debe aceptar db-auth-session-adapter antes del live DB/auth wiring; BLOCKED_PENDING_DRY_RUN sigue siendo la unica decision de produccion permitida.
Live DB/auth provider
db-auth-session-adapter
Anna Kowalska debe elegir el contrato real del provider para db-auth-session-adapter.
Auth/RBAC owner
OIDC/RBAC
Anna Kowalska debe confirmar roles, claims y secret handling antes de usuarios live.
Tenant y secrets boundary
single-tenant-local
db-auth-session-adapter sigue bloqueado hasta aceptar tenant isolation y managed secrets.
Live wiring go/no-go
BLOCKED_PENDING_DRY_RUN
BLOCKED_PENDING_DRY_RUN queda locked hasta sign-off de provider, auth y rollback owners.
Infrastructure selection decision
ProductionInfrastructureDecision.v1 blocker
Anna Kowalska debe elegir hosting, region, runtime ownership y secrets/backup boundaries para db-auth-session-adapter; BLOCKED_PENDING_DRY_RUN queda locked hasta que exista esta decision.
Hosting provider and account
db-auth-session-adapter
Anna Kowalska debe elegir la cuenta/provider live hosting antes de que db-auth-session-adapter reciba production traffic.
Anna Kowalska asume esta infrastructure decision antes del real DB/auth wiring.
Region y data residency
EU region pending
EU region, data residency y backup locality deben confirmarse antes del live DB/auth wiring.
Anna Kowalska asume esta infrastructure decision antes del real DB/auth wiring.
Runtime operations owner
Managed runtime pending
On-call, deploy, monitoring e incident owner deben nombrarse para db-auth-session-adapter.
Anna Kowalska asume esta infrastructure decision antes del real DB/auth wiring.
Secrets y backup boundary
Secrets/backup pending
Managed secrets, backup/RPO y restore owner deben aceptarse antes de cambiar BLOCKED_PENDING_DRY_RUN.
Anna Kowalska asume esta infrastructure decision antes del real DB/auth wiring.
Reviewer proof path
Use these routes to show the blocker, evidence and audit trail without pretending live infrastructure exists.
Guarded DB/auth wiring
ProductionDbAuthAdapterWiring.v1 preflight
Local contract wiring para db-auth-session-adapter puede empezar tras infrastructure acceptance (0/4); production traffic queda disabled hasta live credentials.
Infrastructure acceptance
Requiere hosting, EU region, runtime owner y secrets/backup ownership aceptados para db-auth-session-adapter.
db-auth-session-adapter.infrastructureAcceptance
Endpoint contract
Usa el redacted adapter endpoint contract sin live external connection.
db-auth-session-adapter.endpointContract
Tenant context
Mapea organization y tenant claims antes de cualquier live database write.
db-auth-session-adapter.tenantContext
OIDC/RBAC claims
Prepara role claims para MD, dispatcher, accountant, driver y client scopes.
db-auth-session-adapter.oidcRbacClaims
RLS policy draft
Confirma tenant-scoped RLS policy plan listo para migration review.
db-auth-session-adapter.rlsPolicyDraft
Secrets y backup boundary
Mantiene secrets, backup/RPO y restore ownership ligados a infrastructure decision aceptada.
db-auth-session-adapter.secretsBackupBoundary
Live credentials
Blocked hasta que una persona aporte provider credentials revisadas fuera del local demo workspace.
db-auth-session-adapter.liveCredentials
Production traffic queda disabled
Decision=BLOCKED_PENDING_INFRASTRUCTURE_OR_CREDENTIALS; traffic=production_traffic_disabled. Live credentials y secrets no existen en el MVP workspace.
Preflight no ejecutado; infrastructure status: blocked.
Contratos provider
Providers mock-first con objetivos productivos
Cada dependencia externa tiene modo local MVP y ruta nombrada de reemplazo productivo.
Scenario store
Persiste hoy el escenario demo y define el futuro contrato de sesion DB.
Modo actual
file-local
Modo objetivo
Postgres/RLS
Auth y RBAC
Headers de rol impulsan el MVP y preservan limites user, tenant y permission.
Modo actual
mock-auth-header
Modo objetivo
OIDC/RBAC
Document intelligence
Salidas OCR locales tienen forma de respuestas productivas de extraccion.
Modo actual
local-ocr
Modo objetivo
Document AI
KSeF e-invoice
Paquetes mock de factura mantienen finance listo para API regulada.
Modo actual
mock-ksef
Modo objetivo
KSeF API
Mapas y ETA
Logica ETA local puede cambiarse por live maps y traffic provider.
Modo actual
local-eta
Modo objetivo
Maps/ETA API
Driver offline sync
Service worker y trip cache definen la futura frontera background-sync.
Modo actual
service-worker
Modo objetivo
Background sync
Sesion live
Estado adapter actual
Storage adapter
file-local
Modo auth
mock-auth-header
Modo tenant
single-tenant-local
Ultima escritura
Aun sin escritura
Mapa RBAC
Actores por rol
Los mismos actor ids y permisos viajan por headers Scenario API y luego pueden ser auth claims.
Anna Kowalska
user_md_anna ยท BFG Control
Marek Zielinski
user_dispatcher_marek ยท Dispatch desk
Olena Shevchenko
user_accountant_olena ยท Finance
Petro Tarasenko
driver_tarasenko ยท BFG Driver
Lviv Farma Distribution
cp_client_lviv_farma ยท Client Portal
Paso a produccion
Checklist migracion DB/auth
Aceptar cada cutover rehearsal con owner para convertir el checklist DB/auth en audit evidence.
Contratos cerrados
Scenario envelope, actor headers y metadata fields estan cubiertos por smokes.
Owner: Anna Kowalska ยท Direccion
Headers de rol mapeados
Managing Director, Dispatcher, Accountant, Driver y Client son visibles.
Owner: Marek Zielinski ยท Despacho
Rehearsal Scenario Store
Confirmar payload file-local para DB replay.
Owner: Marek Zielinski ยท Despacho
Esquema DB
Crear tablas tenant, user, permission y scenario-state para adapter productivo.
Owner: Olena Shevchenko ยท Contabilidad
Secrets y auth
Conectar el provider OIDC/RBAC elegido sin requerir paid keys en el MVP.
Owner: Olena Shevchenko ยท Contabilidad
Migracion y rollback
Pasar local demo state al DB adapter y mantener rollback para demos.
Owner: Anna Kowalska ยท Direccion
Panel de decision del adapter
Production adapter decision board
Muestra la eleccion del adapter DB/auth, entorno, secretos, schema, migracion, rollback y aprobaciones antes del production cutover.
Adapter selection status
db-auth-session-adapter
Staging target is explicitly selected while the local MVP keeps the file adapter for demos.
Owner
Anna Kowalska
Direccion
Evidence
Target locked
Environment readiness
Staging to production
Contracts and replayable Scenario Store payload must be accepted before the DB/auth environment opens.
Owner
Marek Zielinski
Despacho
Evidence
0/2 checks accepted
Secrets and RBAC owner
OIDC/RBAC handoff
Role headers and secret handling must both be accepted before real user auth is wired.
Owner
Olena Shevchenko
Contabilidad
Evidence
0/2 checks accepted
Schema and RLS
Postgres/RLS
Tenant, user, permission and scenario-state tables need owner acceptance before adapter migration.
Owner
Olena Shevchenko
Contabilidad
Evidence
0/1 checks accepted
Migration dry-run
Seed backfill rehearsal
The local demo state needs a dry-run path into the DB adapter before reviewer cutover.
Owner
Anna Kowalska
Direccion
Evidence
0/1 checks accepted
Rollback window
File-local fallback
Keep the file-local adapter ready until migration and replay evidence are accepted together.
Owner
Anna Kowalska
Direccion
Evidence
0/2 checks accepted
Release owner approvals
6 owner checks
All owner-led cutover rehearsals must be accepted before production release sign-off.
Owner
Anna Kowalska
Direccion
Evidence
0/6 checks accepted
Migration runbook
Production migration runbook
Portable SQL/RLS outline and operator checklist for replaying the current ScenarioStore snapshot into the selected DB/auth adapter without live secrets.
Freeze snapshot
0 / bfg-feb1d61b
Carry BFGScenarioSnapshot.v1 rows and checksum into the migration packet.
Schema and RLS
0/6
Tenant, user, snapshot and audit tables are mapped for the selected adapter.
Actor claims
5
Demo actors and permissions become future DB/auth claims.
Adapter replay
0/4 + 0/5
Connection and dry-run evidence prove the target can replay the payload.
Checksum verification
1/5
Preflight readiness and checksum close the migration verification loop.
Rollback seal
BLOCKED_PENDING_DRY_RUN
Release and rollback decisions remain bound to the local fallback adapter.
ProductionAdapterMigrationRunbook.v1 SQL Outline
ProductionAdapterMigrationRunbook.v1 targets db-auth-session-adapter with checksum bfg-feb1d61b; keep it as a reviewer-safe migration rehearsal outline until real infrastructure is connected.
-- ProductionAdapterMigrationRunbook.v1
-- source=BFGScenarioSnapshot.v1
-- target=db-auth-session-adapter
-- session=grant-demo-local
-- checksum=bfg-feb1d61b
-- rows=0
-- runbook_decision=BLOCKED_PENDING_PREFLIGHT
create schema if not exists bfg_flowcontrol;
create table if not exists bfg_flowcontrol.tenants (
tenant_id text primary key,
name text not null,
created_at timestamptz not null default now()
);
create table if not exists bfg_flowcontrol.users (
user_id text primary key,
tenant_id text not null references bfg_flowcontrol.tenants(tenant_id),
role_key text not null,
display_name text not null,
permissions text[] not null default '{}'
);
create table if not exists bfg_flowcontrol.scenario_snapshots (
snapshot_id text primary key,
tenant_id text not null references bfg_flowcontrol.tenants(tenant_id),
checksum text not null,
schema_version text not null,
payload jsonb not null,
created_at timestamptz not null default now()
);
create table if not exists bfg_flowcontrol.audit_events (
event_id text primary key,
tenant_id text not null references bfg_flowcontrol.tenants(tenant_id),
actor_id text not null references bfg_flowcontrol.users(user_id),
source text not null,
payload jsonb not null,
created_at timestamptz not null default now()
);
alter table bfg_flowcontrol.users enable row level security;
alter table bfg_flowcontrol.scenario_snapshots enable row level security;
alter table bfg_flowcontrol.audit_events enable row level security;
drop policy if exists bfg_tenant_users on bfg_flowcontrol.users;
drop policy if exists bfg_tenant_snapshots on bfg_flowcontrol.scenario_snapshots;
drop policy if exists bfg_tenant_audit on bfg_flowcontrol.audit_events;
create policy bfg_tenant_users on bfg_flowcontrol.users
using (tenant_id = current_setting('bfg.tenant_id', true));
create policy bfg_tenant_snapshots on bfg_flowcontrol.scenario_snapshots
using (tenant_id = current_setting('bfg.tenant_id', true));
create policy bfg_tenant_audit on bfg_flowcontrol.audit_events
using (tenant_id = current_setting('bfg.tenant_id', true));Runbook decision BLOCKED_PENDING_PREFLIGHT; 1/6 migration checks are ready.
Cutover de datos
Consola de cutover de datos
Convierte el runbook de migracion en evidencia por lotes para tenant, operaciones, finanzas y auditoria antes de conectar DB/auth en vivo.
Seed tenant y RBAC
5 actors
Actores demo y permisos forman el primer seed tenant/user.
Replay operativo
0 rows
Ordenes, eventos de conductor, cliente y dispatch siguen replayables.
Libro financiero
0 rows
KSeF y pagos quedan separados para migracion financiera.
Audit trail
0 rows
Risk, cutover, connection, dry-run y sign-off quedan unidos.
Freeze snapshot
0 rows
Filas y checksum de BFGScenarioSnapshot.v1 quedan bloqueados.
Seed tenant/RLS
1/6
Tablas del runbook y RLS estan listas para el adapter.
Replay de lotes
0/4 + 0/5
Connection y dry-run prueban replay seguro.
Paridad audit
1/4
Todos los lotes tienen datos y evidencia preflight.
Sello rollback
BLOCKED_PENDING_DRY_RUN
Release y rollback mantienen visible el fallback file-local.
Paquete ProductionDataCutoverPlan.v1
db-auth-session-adapter empaqueta 5 filas de lotes con checksum bfg-e7a2d068; usalo como plan seguro hasta elegir infraestructura productiva.
ProductionDataCutoverPlan.v1 target=db-auth-session-adapter session=grant-demo-local snapshot_schema=BFGScenarioSnapshot.v1 snapshot_checksum=bfg-e7a2d068 snapshot_rows=0 batch_rows=5 batches=1/4 steps=0/5 connection=0/4 dry_run=0/5 runbook_decision=BLOCKED_PENDING_PREFLIGHT release_decision=BLOCKED_PENDING_DRY_RUN rollback_decision=BLOCKED_PENDING_DRY_RUN cutover_decision=BLOCKED_PENDING_DATA_CUTOVER
Decision BLOCKED_PENDING_DATA_CUTOVER; 0/5 checks de cutover y 1 grupos de lotes listos.
Adapter connection
Production adapter connection wizard
Registra endpoint redacted, TLS/RBAC y write-probe evidence sin guardar secretos.
Endpoint reachability
Endpoint seleccionado nombrado y reachable.
Esperando connection check
TLS fingerprint
Fingerprint reviewer-safe capturado.
Esperando connection check
RBAC session
Claims demo mapean tenant/user boundary.
Esperando connection check
Write probe
No-secret probe replayable antes de cutover.
Esperando connection check
ProductionAdapterConnection.v1 packet
Adapter target
db-auth-session-adapter
Redacted endpoint
No registrado
Endpoint fingerprint
Fingerprint no registrado
Registra el packet cuando endpoint, TLS, RBAC y write probe esten confirmados.
Dry-run del adaptador
Transcript del dry-run del adaptador productivo
Ejecuta un transcript local que reproduce el escenario file-backed en el contrato DB/auth adapter seleccionado sin infraestructura live.
Export snapshot
Congela orders, driver events, finance events y reviewer evidence.
Esperando dry-run
Validacion schema map
Mapea Scenario Store fields a tablas tenant, user, order, document y audit.
Esperando dry-run
Ensayo RBAC claims
Reproduce demo actor ids como future auth claims.
Esperando dry-run
Adapter replay transcript
Escribe y lee el payload por el contrato DB/auth adapter.
Esperando dry-run
Rollback checkpoint
Mantiene file-local fallback y replay id hasta aprobar cutover.
Esperando dry-run
ProductionAdapterDryRun.v1 checkpoint
db-auth-session-adapter
Ejecuta el dry-run para guardar un checkpoint replayable para reviewers.
Migration preflight
Preflight de migracion snapshot
Reporte DB/auth rehearsal seguro para reviewer desde el payload BFGScenarioSnapshot.v1 actual, adapter target y rollback evidence.
Payload snapshot
0 filas
BFGScenarioSnapshot.v1 queda fijado con row count y checksum.
Schema map
1/7
Adapter decision y cutover evidence nombran tenant/user/order/document/audit tables.
RBAC claims
5 actores
Demo actor ids y permissions estan listos como auth claims.
Adapter replay
0/5
ProductionAdapterDryRun.v1 prueba write/read compatibility para el adapter elegido.
Rollback evidence
Bloqueado
Release y rollback packets mantienen explicito el file-local fallback.
Reporte ProductionAdapterMigrationPreflight.v1
BFGScenarioSnapshot.v1 tiene 0 filas y checksum bfg-eba94650; usa este reporte para DB/auth migration rehearsal antes de live infrastructure.
ProductionAdapterMigrationPreflight.v1 schema=BFGScenarioSnapshot.v1 target=db-auth-session-adapter session=grant-demo-local checksum=bfg-eba94650 rows=0 adapter_contract=ScenarioStore.v1 dry_run=0/5 connection=0/4 rollback_decision=BLOCKED_PENDING_DRY_RUN
Release handoff
Export production release env
Env reviewer-ready muestra modo adapter local, target, rollback owner y decision go/no-go.
Env vars
9
Nueve valores release vienen de session metadata.
Adapter target
1/7
El target DB/auth elegido es visible.
Dry-run transcript
0/5
Replay transcript prueba compatibilidad del payload local.
Rollback
file-local
Fallback adapter queda explicito.
Owner evidence
0/6
Cutover owner checks estan ligados a Scenario Store.
Bloque release env
BFG_RELEASE_ENVIRONMENT=local-demo BFG_RELEASE_TARGET=db-auth-session-adapter BFG_SCENARIO_ADAPTER=ScenarioStore.v1 BFG_STORAGE_ADAPTER=file-local BFG_AUTH_MODE=mock-auth-header BFG_TENANT_MODE=single-tenant-local BFG_ROLLBACK_OWNER=user_md_anna BFG_RELEASE_EVIDENCE=ProductionAdapterDryRun.v1 BFG_RELEASE_DECISION=BLOCKED_PENDING_DRY_RUN
Decision BLOCKED_PENDING_DRY_RUN; 3/5 gates de release handoff listos.
Simulacro rollback
Simulacro de rollback productivo
Ops ensaya el owner de fallback, el adaptador de storage y el paquete de auditoria antes del cutover real.
Ventana freeze
BLOCKED_PENDING_DRY_RUN
Production queda bloqueado hasta revisar la decision local go/no-go.
Owner acknowledgement
Anna Kowalska
Managing Director posee la decision rollback y el paquete de auditoria.
Storage fallback
file-local
El adaptador file-local sigue como ruta explicita de rollback.
Paquete auditoria
ProductionRollbackDrill.v1
Release y rollback evidence se unen en un paquete exportable.
Paquete de auditoria rollback
BFG_ROLLBACK_DECISION=BLOCKED_PENDING_DRY_RUN BFG_ROLLBACK_OWNER=user_md_anna BFG_ROLLBACK_STORAGE=file-local BFG_ROLLBACK_AUTH=mock-auth-header BFG_ROLLBACK_EVIDENCE=ProductionReleaseHandoff.v1 BFG_ROLLBACK_PACKET=ProductionRollbackDrill.v1
Decision BLOCKED_PENDING_DRY_RUN; 0/4 checks de rollback estan listos para Anna Kowalska.
Entornos
Plan rollout adapter
Demo local
file-local
Corre ahora con file-local scenario state y contratos mock provider.
Staging
db-auth-session-adapter
Siguiente objetivo para DB persistence, auth claims y provider secrets.
Produccion
tenant-rbac-adapter
Adapter final tenant-scoped con auth real y provider audit logs.