--- phase: 2 slug: lab-01-iam-sicurezza status: draft nyquist_compliant: false wave_0_complete: false created: 2026-03-24 --- # Phase 2 — Validation Strategy > Per-phase validation contract for feedback sampling during execution. --- ## Test Infrastructure | Property | Value | |----------|-------| | **Framework** | Bash script testing + Docker inspection | | **Config file** | none — Wave 0 installs | | **Quick run command** | `labs/lab-01-iam/tests/test-01-setup.sh` | | **Full suite command** | `labs/lab-01-iam/tests/run-all-tests.sh` | | **Estimated runtime** | ~15 seconds | --- ## Sampling Rate - **After every task commit:** Run quick test for affected component - **After every plan wave:** Run full test suite - **Before `/gsd:verify-work`:** Full suite must be green - **Max feedback latency:** 20 seconds --- ## Per-Task Verification Map | Task ID | Plan | Wave | Requirement | Test Type | Automated Command | File Exists | Status | |---------|------|------|-------------|-----------|-------------------|-------------|--------| | 02-01-01 | 01 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/test-01-user.sh` | ✅ W0 | ⬜ pending | | 02-01-02 | 01 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/test-01-user.sh` | ✅ W0 | ⬜ pending | | 02-02-01 | 02 | 1 | TEST-01 | script | `labs/lab-01-iam/tests/test-02-permission.sh` | ✅ W0 | ⬜ pending | | 02-02-02 | 02 | 1 | LAB-01 | script | `labs/lab-01-iam/tests/test-02-permission.sh` | ✅ W0 | ⬜ pending | | 02-03-01 | 03 | 1 | INF-01 | docker | `docker inspect --format='{{.Config.User}}' lab01-nginx 2>/dev/null || echo "not built"` | ✅ W0 | ⬜ pending | | 02-03-02 | 03 | 2 | DOCT-01 | file | `test -f labs/lab-01-iam/tutorial.md` | — | ⬜ pending | | 02-03-03 | 03 | 2 | DOCT-02 | file | `test -f how-to-guides/docker-user-setup.md` | — | ⬜ pending | | 02-03-04 | 03 | 2 | DOCT-03 | file | `test -f labs/lab-01-iam/REFERENCE.md` | — | ⬜ pending | | 02-03-05 | 03 | 2 | DOCT-04 | file | `test -f labs/lab-01-iam/EXPLANATION.md` | — | ⬜ pending | | 02-04-01 | 04 | 2 | TEST-05 | script | `labs/lab-01-iam/tests/double-check.sh` | ✅ W0 | ⬜ pending | | 02-04-02 | 04 | 2 | PARA-01 | content | `grep -q "IAM.*Linux" labs/lab-01-iam/EXPLANATION.md` | — | ⬜ pending | | 02-04-03 | 04 | 2 | PARA-03 | content | `grep -q "differenza" labs/lab-01-iam/EXPLANATION.md` | — | ⬜ pending | *Status: ⬜ pending · ✅ green · ❌ red · ⚠️ flaky* --- ## Wave 0 Requirements - [ ] `labs/lab-01-iam/tests/test-01-user.sh` — Verifies user creation fails without docker group - [ ] `labs/lab-01-iam/tests/test-02-permission.sh` — Verifies docker socket access requires group membership - [ ] `labs/lab-01-iam/tests/double-check.sh` — Final validation script for student self-check - [ ] Docker group exists on test system - [ ] Test can distinguish between permission denied and other errors *All tests must follow TDI: RED (fail first) → GREEN (implement) → REFACTOR* --- ## Manual-Only Verifications | Behavior | Requirement | Why Manual | Test Instructions | |----------|-------------|------------|-------------------| | Student follows tutorial successfully | DOCT-01, DOCT-05 | Requires human judgment | Follow tutorial literally on fresh system | | Student understands IAM parallels | PARA-01 | Requires comprehension check | Read EXPLANATION.md, verify mapping is clear | | Tutorial uses "little often" approach | DOCT-05 | Subjective assessment | Verify tutorial has small incremental steps | *Core functionality has automated verification.* --- ## Validation Sign-Off - [ ] All tasks have `` verify or Wave 0 dependencies - [ ] Sampling continuity: no 3 consecutive tasks without automated verify - [ ] Wave 0 covers all MISSING references - [ ] No watch-mode flags - [ ] Feedback latency < 20s - [ ] `nyquist_compliant: true` set in frontmatter **Approval:** pending