Setup adapter production
Console integrations
Une surface settings operationnelle pilote contrats DB/auth-ready locaux, modes provider et checklist de passage production.
Contrat scenario
ScenarioStore.v1
La forme API est stable pour un futur DB adapter.
Acteurs roles
5
Les users demo se mappent aux futurs claims RBAC.
Modes provider
6
Providers mock/local exposent les cibles production.
Preflight
1/5
Readiness de migration snapshot avant le vrai DB/auth cutover.
Etapes cutover
0/6
Gates termines face aux taches infrastructure.
Connection
0/4
Readiness endpoint redacted pour adapter selectionne.
Integration Readiness Copilot
2/9 integration gates are ready for db-auth-session-adapter.
Recommended integration action
Record adapter connection evidence
Connection checks show 0/4; record the redacted endpoint packet before dry-run.
Provider contracts
6 local-to-production provider contracts are visible.
Session adapter
ScenarioStore.v1 runs with mock-auth-header for the local demo contract.
Migration preflight
Preflight is 1/5 with snapshot checksum bfg-eba94650.
Migration runbook
Runbook is 1/6 with decision BLOCKED_PENDING_PREFLIGHT.
Release handoff
Release is 3/5 with decision BLOCKED_PENDING_DRY_RUN.
Rollback drill
Rollback is 0/4 with decision BLOCKED_PENDING_DRY_RUN.
Integration blocker checklist
Production readiness decision
Infrastructure decision prompt
db-auth-session-adapter is selected for rehearsal, but BLOCKED_PENDING_DRY_RUN keeps real DB/auth cutover blocked until infrastructure owners choose the live provider.
Decision needed
Choose the real DB/auth provider before wiring production
Release gates show 3/5; data cutover remains 0/5. Keep demo evidence open, but do not claim production readiness.
Selected adapter target
db-auth-session-adapter
The target is ready for local replay, not live production traffic.
Auth/RBAC owner
OIDC/RBAC
OIDC, roles and secret handling need owner confirmation before code wiring.
Go/no-go decision
BLOCKED_PENDING_DRY_RUN
Local demo can proceed while production remains blocked.
Provider selection acceptance
Provider selection acceptance stub
Anna Kowalska doit accepter db-auth-session-adapter avant le live DB/auth wiring; BLOCKED_PENDING_DRY_RUN reste la seule decision production autorisee.
Live DB/auth provider
db-auth-session-adapter
Anna Kowalska doit choisir le vrai contrat provider pour db-auth-session-adapter.
Auth/RBAC owner
OIDC/RBAC
Anna Kowalska doit confirmer roles, claims et secret handling avant les users live.
Tenant and secrets boundary
single-tenant-local
db-auth-session-adapter reste bloque jusqu'a validation tenant isolation et managed secrets.
Live wiring go/no-go
BLOCKED_PENDING_DRY_RUN
BLOCKED_PENDING_DRY_RUN reste locked jusqu'au sign-off provider, auth et rollback owners.
Infrastructure selection decision
ProductionInfrastructureDecision.v1 blocker
Anna Kowalska doit choisir hosting, region, runtime ownership et secrets/backup boundaries pour db-auth-session-adapter; BLOCKED_PENDING_DRY_RUN reste locked tant que cette decision manque.
Hosting provider and account
db-auth-session-adapter
Anna Kowalska doit choisir le compte/provider live hosting avant que db-auth-session-adapter recoive production traffic.
Anna Kowalska porte cette infrastructure decision avant le real DB/auth wiring.
Region et data residency
EU region pending
EU region, data residency et backup locality doivent etre confirmes avant le live DB/auth wiring.
Anna Kowalska porte cette infrastructure decision avant le real DB/auth wiring.
Runtime operations owner
Managed runtime pending
On-call, deploy, monitoring et incident owner doivent etre nommes pour db-auth-session-adapter.
Anna Kowalska porte cette infrastructure decision avant le real DB/auth wiring.
Secrets et backup boundary
Secrets/backup pending
Managed secrets, backup/RPO et restore owner doivent etre acceptes avant changement de BLOCKED_PENDING_DRY_RUN.
Anna Kowalska porte cette infrastructure decision avant le real DB/auth wiring.
Reviewer proof path
Use these routes to show the blocker, evidence and audit trail without pretending live infrastructure exists.
Guarded DB/auth wiring
ProductionDbAuthAdapterWiring.v1 preflight
Le local contract wiring pour db-auth-session-adapter peut commencer apres infrastructure acceptance (0/4); production traffic reste disabled jusqu aux live credentials.
Infrastructure acceptance
Exige hosting, EU region, runtime owner et secrets/backup ownership acceptes pour db-auth-session-adapter.
db-auth-session-adapter.infrastructureAcceptance
Endpoint contract
Utilise le redacted adapter endpoint contract sans live external connection.
db-auth-session-adapter.endpointContract
Tenant context
Mappe organization et tenant claims avant tout live database write.
db-auth-session-adapter.tenantContext
OIDC/RBAC claims
Prepare role claims pour MD, dispatcher, accountant, driver et client scopes.
db-auth-session-adapter.oidcRbacClaims
RLS policy draft
Confirme le tenant-scoped RLS policy plan pret pour migration review.
db-auth-session-adapter.rlsPolicyDraft
Secrets et backup boundary
Garde secrets, backup/RPO et restore ownership lies a infrastructure decision acceptee.
db-auth-session-adapter.secretsBackupBoundary
Live credentials
Blocked jusqu a des provider credentials revus hors du local demo workspace.
db-auth-session-adapter.liveCredentials
Production traffic reste disabled
Decision=BLOCKED_PENDING_INFRASTRUCTURE_OR_CREDENTIALS; traffic=production_traffic_disabled. Live credentials et secrets ne sont pas dans le MVP workspace.
Preflight non execute; infrastructure status: blocked.
Contrats provider
Providers mock-first avec cibles production
Chaque dependance externe a un mode local MVP et un chemin de remplacement production nomme.
Scenario store
Persiste le scenario demo aujourd'hui et definit le futur contrat session DB.
Mode actuel
file-local
Mode cible
Postgres/RLS
Auth et RBAC
Headers de role pilotent le MVP en gardant limites user, tenant et permission.
Mode actuel
mock-auth-header
Mode cible
OIDC/RBAC
Document intelligence
Sorties OCR locales ont la forme des reponses extraction production.
Mode actuel
local-ocr
Mode cible
Document AI
KSeF e-invoice
Packages facture mock gardent finance pret pour API regulee.
Mode actuel
mock-ksef
Mode cible
KSeF API
Maps et ETA
Logique ETA locale peut etre remplacee par live maps et traffic provider.
Mode actuel
local-eta
Mode cible
Maps/ETA API
Driver offline sync
Service worker et trip cache definissent la future frontiere background-sync.
Mode actuel
service-worker
Mode cible
Background sync
Session live
Etat adapter actuel
Storage adapter
file-local
Mode auth
mock-auth-header
Mode tenant
single-tenant-local
Derniere ecriture
Pas encore ecrit
Carte RBAC
Acteurs par role
Les memes actor ids et permissions passent par les headers Scenario API et pourront devenir auth claims.
Anna Kowalska
user_md_anna ยท BFG Control
Marek Zielinski
user_dispatcher_marek ยท Dispatch desk
Olena Shevchenko
user_accountant_olena ยท Finance
Petro Tarasenko
driver_tarasenko ยท BFG Driver
Lviv Farma Distribution
cp_client_lviv_farma ยท Client Portal
Passage production
Checklist migration DB/auth
Accepter chaque cutover rehearsal par owner pour transformer la checklist DB/auth en audit evidence.
Contrats figes
Scenario envelope, actor headers et metadata fields sont couverts par smokes.
Owner: Anna Kowalska ยท Direction
Headers roles mappes
Managing Director, Dispatcher, Accountant, Driver et Client sont visibles.
Owner: Marek Zielinski ยท Dispatch
Rehearsal Scenario Store
Confirmer le payload file-local pour DB replay.
Owner: Marek Zielinski ยท Dispatch
Schema DB
Creer tables tenant, user, permission et scenario-state pour adapter production.
Owner: Olena Shevchenko ยท Comptabilite
Secrets et auth
Connecter le provider OIDC/RBAC choisi sans imposer de paid keys au MVP.
Owner: Olena Shevchenko ยท Comptabilite
Migration et rollback
Migrer local demo state vers DB adapter et garder un rollback pour demos.
Owner: Anna Kowalska ยท Direction
Decision board adapter
Production adapter decision board
Suit le choix DB/auth adapter, readiness environnement, secrets, schema, migration, rollback et validations owner avant production cutover.
Adapter selection status
db-auth-session-adapter
Staging target is explicitly selected while the local MVP keeps the file adapter for demos.
Owner
Anna Kowalska
Direction
Evidence
Target locked
Environment readiness
Staging to production
Contracts and replayable Scenario Store payload must be accepted before the DB/auth environment opens.
Owner
Marek Zielinski
Dispatch
Evidence
0/2 checks accepted
Secrets and RBAC owner
OIDC/RBAC handoff
Role headers and secret handling must both be accepted before real user auth is wired.
Owner
Olena Shevchenko
Comptabilite
Evidence
0/2 checks accepted
Schema and RLS
Postgres/RLS
Tenant, user, permission and scenario-state tables need owner acceptance before adapter migration.
Owner
Olena Shevchenko
Comptabilite
Evidence
0/1 checks accepted
Migration dry-run
Seed backfill rehearsal
The local demo state needs a dry-run path into the DB adapter before reviewer cutover.
Owner
Anna Kowalska
Direction
Evidence
0/1 checks accepted
Rollback window
File-local fallback
Keep the file-local adapter ready until migration and replay evidence are accepted together.
Owner
Anna Kowalska
Direction
Evidence
0/2 checks accepted
Release owner approvals
6 owner checks
All owner-led cutover rehearsals must be accepted before production release sign-off.
Owner
Anna Kowalska
Direction
Evidence
0/6 checks accepted
Migration runbook
Production migration runbook
Portable SQL/RLS outline and operator checklist for replaying the current ScenarioStore snapshot into the selected DB/auth adapter without live secrets.
Freeze snapshot
0 / bfg-feb1d61b
Carry BFGScenarioSnapshot.v1 rows and checksum into the migration packet.
Schema and RLS
0/6
Tenant, user, snapshot and audit tables are mapped for the selected adapter.
Actor claims
5
Demo actors and permissions become future DB/auth claims.
Adapter replay
0/4 + 0/5
Connection and dry-run evidence prove the target can replay the payload.
Checksum verification
1/5
Preflight readiness and checksum close the migration verification loop.
Rollback seal
BLOCKED_PENDING_DRY_RUN
Release and rollback decisions remain bound to the local fallback adapter.
ProductionAdapterMigrationRunbook.v1 SQL Outline
ProductionAdapterMigrationRunbook.v1 targets db-auth-session-adapter with checksum bfg-feb1d61b; keep it as a reviewer-safe migration rehearsal outline until real infrastructure is connected.
-- ProductionAdapterMigrationRunbook.v1
-- source=BFGScenarioSnapshot.v1
-- target=db-auth-session-adapter
-- session=grant-demo-local
-- checksum=bfg-feb1d61b
-- rows=0
-- runbook_decision=BLOCKED_PENDING_PREFLIGHT
create schema if not exists bfg_flowcontrol;
create table if not exists bfg_flowcontrol.tenants (
tenant_id text primary key,
name text not null,
created_at timestamptz not null default now()
);
create table if not exists bfg_flowcontrol.users (
user_id text primary key,
tenant_id text not null references bfg_flowcontrol.tenants(tenant_id),
role_key text not null,
display_name text not null,
permissions text[] not null default '{}'
);
create table if not exists bfg_flowcontrol.scenario_snapshots (
snapshot_id text primary key,
tenant_id text not null references bfg_flowcontrol.tenants(tenant_id),
checksum text not null,
schema_version text not null,
payload jsonb not null,
created_at timestamptz not null default now()
);
create table if not exists bfg_flowcontrol.audit_events (
event_id text primary key,
tenant_id text not null references bfg_flowcontrol.tenants(tenant_id),
actor_id text not null references bfg_flowcontrol.users(user_id),
source text not null,
payload jsonb not null,
created_at timestamptz not null default now()
);
alter table bfg_flowcontrol.users enable row level security;
alter table bfg_flowcontrol.scenario_snapshots enable row level security;
alter table bfg_flowcontrol.audit_events enable row level security;
drop policy if exists bfg_tenant_users on bfg_flowcontrol.users;
drop policy if exists bfg_tenant_snapshots on bfg_flowcontrol.scenario_snapshots;
drop policy if exists bfg_tenant_audit on bfg_flowcontrol.audit_events;
create policy bfg_tenant_users on bfg_flowcontrol.users
using (tenant_id = current_setting('bfg.tenant_id', true));
create policy bfg_tenant_snapshots on bfg_flowcontrol.scenario_snapshots
using (tenant_id = current_setting('bfg.tenant_id', true));
create policy bfg_tenant_audit on bfg_flowcontrol.audit_events
using (tenant_id = current_setting('bfg.tenant_id', true));Runbook decision BLOCKED_PENDING_PREFLIGHT; 1/6 migration checks are ready.
Cutover donnees
Console cutover donnees production
Transforme le runbook de migration en preuves par lots pour tenant, operations, finance et audit avant toute connexion DB/auth live.
Seed tenant et RBAC
5 actors
Acteurs demo et permissions deviennent le premier seed tenant/user.
Replay operations
0 rows
Ordres, evenements driver, demandes client et dispatch restent rejouables.
Ledger finance
0 rows
KSeF et paiements sont separes pour la migration finance.
Audit trail
0 rows
Risk, cutover, connection, dry-run et sign-off restent lies.
Freeze snapshot
0 rows
Lignes et checksum BFGScenarioSnapshot.v1 sont verrouilles.
Seed tenant/RLS
1/6
Tables du runbook et RLS sont pretes pour adapter cible.
Replay lots
0/4 + 0/5
Connection et dry-run prouvent un replay sur.
Parite audit
1/4
Tous les lots ont donnees et preuve preflight.
Seal rollback
BLOCKED_PENDING_DRY_RUN
Release et rollback gardent le fallback file-local explicite.
Paquet ProductionDataCutoverPlan.v1
db-auth-session-adapter regroupe 5 lignes de lots avec checksum bfg-e7a2d068; a garder comme plan safe jusqu au choix infrastructure.
ProductionDataCutoverPlan.v1 target=db-auth-session-adapter session=grant-demo-local snapshot_schema=BFGScenarioSnapshot.v1 snapshot_checksum=bfg-e7a2d068 snapshot_rows=0 batch_rows=5 batches=1/4 steps=0/5 connection=0/4 dry_run=0/5 runbook_decision=BLOCKED_PENDING_PREFLIGHT release_decision=BLOCKED_PENDING_DRY_RUN rollback_decision=BLOCKED_PENDING_DRY_RUN cutover_decision=BLOCKED_PENDING_DATA_CUTOVER
Decision BLOCKED_PENDING_DATA_CUTOVER; 0/5 controles cutover et 1 groupes de lots prets.
Adapter connection
Production adapter connection wizard
Enregistre endpoint redacted, TLS/RBAC et write-probe evidence sans stocker de secrets.
Endpoint reachability
Endpoint selectionne nomme et reachable.
En attente connection check
TLS fingerprint
Fingerprint reviewer-safe capture.
En attente connection check
RBAC session
Claims demo mappes vers tenant/user boundary.
En attente connection check
Write probe
Probe no-secret replayable avant cutover.
En attente connection check
ProductionAdapterConnection.v1 packet
Adapter target
db-auth-session-adapter
Redacted endpoint
Non enregistre
Endpoint fingerprint
Fingerprint non enregistre
Enregistrer le packet quand endpoint, TLS, RBAC et write probe sont confirmes.
Dry-run adaptateur
Transcript du dry-run adaptateur production
Execute un transcript local qui rejoue le scenario file-backed dans le contrat DB/auth adapter selectionne sans infrastructure live.
Export snapshot
Fige orders, driver events, finance events et reviewer evidence.
En attente dry-run
Validation schema map
Mappe Scenario Store fields vers tenant, user, order, document et audit tables.
En attente dry-run
Repetition RBAC claims
Rejoue demo actor ids comme futurs auth claims.
En attente dry-run
Adapter replay transcript
Ecrit et lit le payload via le contrat DB/auth adapter.
En attente dry-run
Rollback checkpoint
Garde file-local fallback et replay id jusqu au cutover approuve.
En attente dry-run
ProductionAdapterDryRun.v1 checkpoint
db-auth-session-adapter
Lance le dry-run pour creer un checkpoint adapter replayable pour les reviewers.
Migration preflight
Preflight de migration snapshot
Rapport DB/auth rehearsal reviewer-safe depuis le payload BFGScenarioSnapshot.v1 actuel, adapter target et rollback evidence.
Payload snapshot
0 lignes
BFGScenarioSnapshot.v1 est fige avec row count et checksum.
Schema map
1/7
Adapter decision et cutover evidence nomment tenant/user/order/document/audit tables.
RBAC claims
5 acteurs
Demo actor ids et permissions sont prets comme auth claims.
Adapter replay
0/5
ProductionAdapterDryRun.v1 prouve write/read compatibility pour l adapter choisi.
Rollback evidence
Bloque
Release et rollback packets gardent le file-local fallback explicite.
Rapport ProductionAdapterMigrationPreflight.v1
BFGScenarioSnapshot.v1 contient 0 lignes et checksum bfg-eba94650; utilise ce rapport pour DB/auth migration rehearsal avant live infrastructure.
ProductionAdapterMigrationPreflight.v1 schema=BFGScenarioSnapshot.v1 target=db-auth-session-adapter session=grant-demo-local checksum=bfg-eba94650 rows=0 adapter_contract=ScenarioStore.v1 dry_run=0/5 connection=0/4 rollback_decision=BLOCKED_PENDING_DRY_RUN
Release handoff
Export production release env
Env reviewer-ready montre le mode adapter local, target, rollback owner et decision go/no-go.
Env vars
9
Neuf valeurs release viennent de session metadata.
Adapter target
1/7
Le target DB/auth choisi est visible.
Dry-run transcript
0/5
Replay transcript prouve la compatibilite payload local.
Rollback
file-local
Fallback adapter reste explicite.
Owner evidence
0/6
Cutover owner checks sont lies a Scenario Store.
Bloc release env
BFG_RELEASE_ENVIRONMENT=local-demo BFG_RELEASE_TARGET=db-auth-session-adapter BFG_SCENARIO_ADAPTER=ScenarioStore.v1 BFG_STORAGE_ADAPTER=file-local BFG_AUTH_MODE=mock-auth-header BFG_TENANT_MODE=single-tenant-local BFG_ROLLBACK_OWNER=user_md_anna BFG_RELEASE_EVIDENCE=ProductionAdapterDryRun.v1 BFG_RELEASE_DECISION=BLOCKED_PENDING_DRY_RUN
Decision BLOCKED_PENDING_DRY_RUN; 3/5 gates release handoff prets.
Drill rollback
Drill rollback production
Ops repete le owner de fallback, l adaptateur storage et le paquet audit avant le vrai cutover infrastructure.
Fenetre freeze
BLOCKED_PENDING_DRY_RUN
Production reste bloque jusqu a revue de la decision locale go/no-go.
Owner acknowledgement
Anna Kowalska
Managing Director possede la decision rollback et le paquet audit.
Storage fallback
file-local
L adaptateur file-local reste le chemin rollback explicite.
Paquet audit
ProductionRollbackDrill.v1
Les evidences release et rollback sont liees dans un paquet exportable.
Paquet audit rollback
BFG_ROLLBACK_DECISION=BLOCKED_PENDING_DRY_RUN BFG_ROLLBACK_OWNER=user_md_anna BFG_ROLLBACK_STORAGE=file-local BFG_ROLLBACK_AUTH=mock-auth-header BFG_ROLLBACK_EVIDENCE=ProductionReleaseHandoff.v1 BFG_ROLLBACK_PACKET=ProductionRollbackDrill.v1
Decision BLOCKED_PENDING_DRY_RUN; 0/4 checks rollback sont prets pour Anna Kowalska.
Environnements
Plan rollout adapter
Demo locale
file-local
Tourne maintenant avec file-local scenario state et contrats provider mock.
Staging
db-auth-session-adapter
Prochaine cible pour DB persistence, auth claims et provider secrets.
Production
tenant-rbac-adapter
Adapter final tenant-scoped avec vraie auth et provider audit logs.