# Tracker Dashboard — Implementation Tracker **Created:** 2026-05-25 **Source:** [`docs/ROADMAP.md`](./ROADMAP.md) · [`docs/PRODUCTION_READINESS_HANDOFF_ROADMAP.md`](./PRODUCTION_READINESS_HANDOFF_ROADMAP.md) **Companion docs:** [`docs/PRD.md`](./PRD.md), `AGENTS.md` --- ## How to Use This Document - Each task has a checkbox. **Check it off and add the commit SHA in parentheses** when done. - Run the verification commands listed in each phase before marking it done. - **Dependency chain:** Phase 1.A → 1.B → 1.C → 1.D → 1.E → 1.F (Phase 1 is sequential). - **After Phase 1:** Phases 2 and 3 can be parallelised by different agents; Phase 4 depends on Phase 3 webhooks; Phases 5 and 6 can be parallelised after Phase 4. --- ## Baseline (May 25, 2026) | Surface | Typecheck | Tests | Build | Container health | | ---------------- | ---------- | ---------- | ---------- | ---------------------------- | | tracker-web | unverified | unverified | unverified | ⚠️ unhealthy (B-001/B-002) | | platform-service | unverified | unverified | unverified | ⚠️ unhealthy (B-001 cascade) | | valkey | n/a | n/a | n/a | ⚠️ unhealthy (B-001 root) | **Action:** Establish baseline by running `pnpm run verify` in `dashboards/tracker-web` and recording results here before starting Phase 1.A. --- ## Phase 1.A — Container Health Restoration **Goal:** All tracker-related containers report `(healthy)`. **Estimated effort:** 2–4 hours. **Dependencies:** None — start here. - [ ] **1.A.1** Diagnose `valkey` unhealthy status (`______`) - [ ] **1.A.2** Restart `platform-service` after valkey is green (`______`) - [ ] **1.A.3** Implement real `/health` route in tracker-web (`______`) - [ ] **1.A.4** Add `restart: unless-stopped` to all tracker services (`______`) - [ ] **1.A.5** Add 8 GB swap to VM (`______`) - [ ] **1.A.6** Cap Gitea CI runner concurrency to 2 (`______`) **Verification:** `docker ps | grep tracker-web` shows `(healthy)`. Record output below. ``` [paste docker ps output here after 1.A is complete] ``` --- ## Phase 1.B — Workspace Health **Goal:** Green `pnpm run verify` with no React-instance warnings. **Estimated effort:** 1–2 hours. **Dependencies:** None — can run in parallel with 1.A. - [ ] **1.B.1** Pin React + React-DOM via `pnpm.overrides` (`______`) - [ ] **1.B.2** Verify `pnpm-workspace.yaml` canonical paths (`______`) - [ ] **1.B.3** Clean `pnpm install` to relink (`______`) - [ ] **1.B.4** Typecheck passes (`______`) - [ ] **1.B.5** Lint passes (`______`) - [ ] **1.B.6** Test passes (`______`) - [ ] **1.B.7** Build passes (`______`) - [ ] **1.B.8** Resolve React-compiler advisories (`______`) - [ ] **1.B.9** Remove dead code from lint pass (`______`) - [ ] **1.B.10** Add dedicated `e2e/tsconfig.json` (`______`) --- ## Phase 1.C — Docker Hardening **Goal:** Self-contained Docker image, healthy in compose, correct runtime URLs. **Estimated effort:** 3–5 hours. **Dependencies:** 1.A complete (valkey + platform-service healthy). - [ ] **1.C.1** Adopt `scripts/docker-prep.sh` (`______`) - [ ] **1.C.2** Add `.docker-deps/` to `.gitignore` (`______`) - [ ] **1.C.3** Bake `NEXT_PUBLIC_*` at build time (`______`) - [ ] **1.C.4** Fix standalone static-chunks 404 (`______`) - [ ] **1.C.5** IPv4 healthcheck (`______`) - [ ] **1.C.6** Corp-proxy build args (`______`) - [ ] **1.C.7** `docker-compose.override.yml` for sibling services (`______`) - [ ] **1.C.8** Verify `docker compose up -d --build` brings tracker-web up healthy (`______`) --- ## Phase 1.D — UI Drift Ratchet **Goal:** One-way CI gate preventing UI regressions. **Estimated effort:** 2–3 hours. **Dependencies:** 1.B complete. - [ ] **1.D.1** Add `scripts/ui-drift-audit.sh` (`______`) - [ ] **1.D.2** Add `scripts/ui-drift-ratchet.sh` (`______`) - [ ] **1.D.3** Hard-zero categories enforced (`______`) - [ ] **1.D.4** Add `audit:release-guards` script (`______`) - [ ] **1.D.5** Wire into Gitea CI workflow (`______`) --- ## Phase 1.E — Test Hardening **Goal:** Tests that catch real regressions. **Estimated effort:** 6–10 hours. **Dependencies:** 1.C complete (compose stack up). - [ ] **1.E.1** Vitest unit ≥ 80 % on `src/lib/` (`______`) - [ ] **1.E.2** Playwright E2E happy path (`______`) - [ ] **1.E.3** Playwright E2E public flow (`______`) - [ ] **1.E.4** Docker compose E2E test script (`______`) - [ ] **1.E.5** Seed scripts (`______`) - [ ] **1.E.6** Port-conflict-proof Playwright (`______`) - [ ] **1.E.7** E2E cleanup traps (`______`) - [ ] **1.E.8** Playwright `BASE_URL` switch (`______`) - [ ] **1.E.9** `@axe-core/playwright` installed + wired (`______`) - [ ] **1.E.10** API contract tests (`______`) - [ ] **1.E.11** Cosmos emulator CI job (`______`) - [ ] **1.E.12** Live shared-service smoke (`______`) --- ## Phase 1.F — Observability + Security **Goal:** Visible signals + locked-down ingress. **Estimated effort:** 4–6 hours. **Dependencies:** 1.A complete; can run in parallel with 1.D / 1.E. - [ ] **1.F.1** Global React error boundary (`______`) - [ ] **1.F.2** Structured logging via `@bytelyst/logger` (`______`) - [ ] **1.F.3** Loki log forwarding (`______`) - [ ] **1.F.4** Prometheus `/metrics` endpoint (`______`) - [ ] **1.F.5** Grafana alert wired (`______`) - [ ] **1.F.6** Client error tracking (`______`) - [ ] **1.F.7** Security headers audit (`______`) - [ ] **1.F.8** CSRF tokens on mutating routes (`______`) - [ ] **1.F.9** Audit log on item mutations (`______`) - [ ] **1.F.10** PII scrubbing in logs (`______`) - [ ] **1.F.11** MEK rotation runbook (`______`) - [ ] **1.F.12** Secret management runbook (`______`) --- ## Phase 1 Exit Criteria All boxes checked + verifications recorded above + the following live-system checks pass: - [ ] `docker ps | grep tracker` — all `(healthy)` for > 24 h - [ ] `pnpm run verify` exits 0 with no warnings - [ ] `pnpm run audit:release-guards` exits 0 - [ ] `pnpm test:e2e:ci` exits 0 against deployed stack - [ ] `pnpm smoke:local` exits 0 end-to-end - [ ] Bugs B-001, B-002, B-005, B-009, B-010, B-019, B-020, B-021 marked closed - [ ] Grafana synthetic-error test fires alert within 5 min **Phase 1 sign-off commit:** `______` --- ## Phases 2–6 Detailed task lists for Phases 2–6 will be expanded into per-phase trackers as each phase begins. See [`docs/ROADMAP.md`](./ROADMAP.md) for current scope and [`docs/roadmaps/`](./roadmaps/) for focused execution plans. | Phase | Tracker file | Status | | ----- | ----------------------------------- | ---------- | | 2 | _to be created when Phase 2 starts_ | 🔲 Planned | | 3 | _to be created when Phase 3 starts_ | 🔲 Planned | | 4 | _to be created when Phase 4 starts_ | 🔲 Planned | | 5 | _to be created when Phase 5 starts_ | 🔲 Planned | | 6 | _to be created when Phase 6 starts_ | 🔲 Planned |