diff --git a/.planning/phases/02-lab-01-iam-sicurezza/02-VALIDATION.md b/.planning/phases/02-lab-01-iam-sicurezza/02-VALIDATION.md new file mode 100644 index 0000000..4dd9360 --- /dev/null +++ b/.planning/phases/02-lab-01-iam-sicurezza/02-VALIDATION.md @@ -0,0 +1,91 @@ +--- +phase: 2 +slug: lab-01-iam-sicurezza +status: draft +nyquist_compliant: false +wave_0_complete: false +created: 2026-03-24 +--- + +# Phase 2 — Validation Strategy + +> Per-phase validation contract for feedback sampling during execution. + +--- + +## Test Infrastructure + +| Property | Value | +|----------|-------| +| **Framework** | Bash script testing + Docker inspection | +| **Config file** | none — Wave 0 installs | +| **Quick run command** | `labs/lab-01-iam/tests/test-01-setup.sh` | +| **Full suite command** | `labs/lab-01-iam/tests/run-all-tests.sh` | +| **Estimated runtime** | ~15 seconds | + +--- + +## Sampling Rate + +- **After every task commit:** Run quick test for affected component +- **After every plan wave:** Run full test suite +- **Before `/gsd:verify-work`:** Full suite must be green +- **Max feedback latency:** 20 seconds + +--- + +## Per-Task Verification Map + +| Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status | +|---------|------|------|-------------|-----------|-------------------|-------------|--------| +| 02-01-01 | 01 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/test-01-user.sh` | ✅ W0 | ⬜ pending | +| 02-01-02 | 01 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/test-01-user.sh` | ✅ W0 | ⬜ pending | +| 02-02-01 | 02 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/test-02-permission.sh` | ✅ W0 | ⬜ pending | +| 02-02-02 | 02 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/test-02-permission.sh` | ✅ W0 | ⬜ pending | +| 02-03-01 | 03 | 1 | INF-01 | docker | `docker inspect --format='{{.Config.User}}' lab01-nginx 2>/dev/null || echo "not built"` | ✅ W0 | ⬜ pending | +| 02-03-02 | 03 | 2 | DOCT-01 | file | `test -f labs/lab-01-iam/tutorial.md` | — | ⬜ pending | +| 02-03-03 | 03 | 2 | DOCT-02 | file | `test -f how-to-guides/docker-user-setup.md` | — | ⬜ pending | +| 02-03-04 | 03 | 2 | DOCT-03 | file | `test -f labs/lab-01-iam/REFERENCE.md` | — | ⬜ pending | +| 02-03-05 | 03 | 2 | DOCT-04 | file | `test -f labs/lab-01-iam/EXPLANATION.md` | — | ⬜ pending | +| 02-04-01 | 04 | 2 | TEST-05 | script | `labs/lab-01-iam/tests/double-check.sh` | ✅ W0 | ⬜ pending | +| 02-04-02 | 04 | 2 | PARA-01 | content | `grep -q "IAM.*Linux" labs/lab-01-iam/EXPLANATION.md` | — | ⬜ pending | +| 02-04-03 | 04 | 2 | PARA-03 | content | `grep -q "differenza" labs/lab-01-iam/EXPLANATION.md` | — | ⬜ pending | + +*Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky* + +--- + +## Wave 0 Requirements + +- [ ] `labs/lab-01-iam/tests/test-01-user.sh` — Verifies user creation fails without docker group +- [ ] `labs/lab-01-iam/tests/test-02-permission.sh` — Verifies docker socket access requires group membership +- [ ] `labs/lab-01-iam/tests/double-check.sh` — Final validation script for student self-check +- [ ] Docker group exists on test system +- [ ] Test can distinguish between permission denied and other errors + +*All tests must follow TDI: RED (fail first) → GREEN (implement) → REFACTOR* + +--- + +## Manual-Only Verifications + +| Behavior | Requirement | Why Manual | Test Instructions | +|----------|-------------|------------|-------------------| +| Student follows tutorial successfully | DOCT-01, DOCT-05 | Requires human judgment | Follow tutorial literally on fresh system | +| Student understands IAM parallels | PARA-01 | Requires comprehension check | Read EXPLANATION.md, verify mapping is clear | +| Tutorial uses "little often" approach | DOCT-05 | Subjective assessment | Verify tutorial has small incremental steps | + +*Core functionality has automated verification.* + +--- + +## Validation Sign-Off + +- [ ] All tasks have `` verify or Wave 0 dependencies +- [ ] Sampling continuity: no 3 consecutive tasks without automated verify +- [ ] Wave 0 covers all MISSING references +- [ ] No watch-mode flags +- [ ] Feedback latency < 20s +- [ ] `nyquist_compliant: true` set in frontmatter + +**Approval:** pending