safepropel 1.0.9 → 1.2.0

package/.propel/templates/automated-e2e-template.md

@@ -0,0 +1,114 @@
+# E2E Test Workflow: [JOURNEY_NAME]
+
+## Metadata
+| Field | Value |
+|-------|-------|
+| Journey | [JOURNEY_NAME] |
+| Source | [PATH_TO_SPEC] |
+| UC Chain | [UC-001 → UC-002 → UC-003] |
+| Base URL | [APPLICATION_URL] |
+
+## Journey Overview
+
+### TC-E2E-[JOURNEY_ID]-001: [JOURNEY_NAME]
+**Type:** e2e | **Priority:** P0
+
+**Journey Flow:**
+| Step | Use Case | Action | Expected State |
+|------|----------|--------|----------------|
+| 1 | UC-001 | [ACTION] | [STATE] |
+| 2 | UC-002 | [ACTION] | [STATE] |
+| 3 | UC-003 | [ACTION] | [STATE] |
+
+**Session Requirements:**
+- Authentication: [REQUIRED/NOT_REQUIRED]
+- State Persistence: [COOKIES/LOCAL_STORAGE/SESSION]
+- Cleanup: [STRATEGY]
+
+**Steps:**
+```yaml
+e2e_steps:
+  - phase: "UC-001: [NAME]"
+    steps:
+      - step_id: "E2E-001"
+        action: navigate
+        target: "[URL]"
+        expect: "page loads successfully"
+
+      - step_id: "E2E-002"
+        action: fill
+        target: "getByLabel('[FIELD_LABEL]')"
+        value: "[TEST_VALUE]"
+        expect: "field accepts input"
+
+      - step_id: "E2E-003"
+        action: click
+        target: "getByRole('button', {name: '[BUTTON_NAME]'})"
+        expect: "[EXPECTED_RESULT]"
+        checkpoint: true
+
+  - phase: "UC-002: [NAME]"
+    steps:
+      - step_id: "E2E-004"
+        action: verify
+        target: "getByText('[SUCCESS_MESSAGE]')"
+        expect: "visible"
+
+      - step_id: "E2E-005"
+        action: click
+        target: "getByRole('link', {name: '[LINK_NAME]'})"
+        expect: "navigation to [NEXT_PAGE]"
+        checkpoint: true
+
+  - phase: "UC-003: [NAME]"
+    steps:
+      - step_id: "E2E-006"
+        action: [ACTION_TYPE]
+        target: "[LOCATOR]"
+        expect: "[EXPECTED_RESULT]"
+        checkpoint: true
+```
+
+**Journey Test Data:**
+```yaml
+journey_data:
+  user:
+    email: "[EMAIL]"
+    password: "[PASSWORD]"
+  [entity_name]:
+    [field_1]: "[VALUE_1]"
+    [field_2]: "[VALUE_2]"
+```
+
+---
+
+## Page Objects
+```yaml
+pages:
+  - name: "[PageName]Page"
+    file: "pages/[page-name].page.ts"
+    elements:
+      - [elementName]: "getByRole('[role]', {name: '[name]'})"
+      - [elementName]: "getByLabel('[LABEL]')"
+      - [elementName]: "getByTestId('[TEST_ID]')"
+    actions:
+      - [methodName](params): "[PURPOSE]"
+```
+
+## Success Criteria
+- [ ] All journey phases complete without errors
+- [ ] Session state maintained across phases
+- [ ] Checkpoints validate intermediate states
+- [ ] Journey runs independently
+- [ ] All assertions use web-first patterns
+
+## Locator Reference
+| Priority | Method | Example |
+|----------|--------|---------|
+| 1st | getByRole | `getByRole('button', {name: 'Submit'})` |
+| 2nd | getByTestId | `getByTestId('user-menu')` |
+| 3rd | getByLabel | `getByLabel('Email')` |
+| AVOID | CSS | `.btn-primary`, `#dynamic-123` |
+
+---
+*Template: automated-e2e-template.md | Output: .propel/context/test/e2e_[journey].md*

package/.propel/templates/automated-testing-template.md

@@ -0,0 +1,119 @@
+# Test Workflow: [FEATURE_NAME]
+
+## Metadata
+| Field | Value |
+|-------|-------|
+| Feature | [FEATURE_NAME] |
+| Source | [PATH_TO_SPEC] |
+| Use Case | [UC-XXX] |
+| Base URL | [APPLICATION_URL] |
+
+## Test Cases
+
+### TC-[UC_ID]-HP-001: [HAPPY_PATH_NAME]
+**Type:** happy_path | **Priority:** P0
+
+**Preconditions:**
+- [PRECONDITION_1]
+- [PRECONDITION_2]
+
+**Steps:**
+```yaml
+steps:
+  - step_id: "001"
+    action: navigate
+    target: "[URL]"
+    expect: "page loads successfully"
+
+  - step_id: "002"
+    action: fill
+    target: "getByLabel('[FIELD_LABEL]')"
+    value: "[TEST_VALUE]"
+    expect: "field accepts input"
+
+  - step_id: "003"
+    action: click
+    target: "getByRole('button', {name: '[BUTTON_NAME]'})"
+    expect: "[EXPECTED_RESULT]"
+
+  - step_id: "004"
+    action: verify
+    target: "getByText('[SUCCESS_MESSAGE]')"
+    expect: "visible"
+```
+
+**Test Data:**
+```yaml
+test_data:
+  [FIELD_NAME]: "[VALUE]"
+  [FIELD_NAME_2]: "[VALUE_2]"
+```
+
+---
+
+### TC-[UC_ID]-EC-001: [EDGE_CASE_NAME]
+**Type:** edge_case | **Priority:** P1
+
+**Scenario:** [BOUNDARY_CONDITION_DESCRIPTION]
+
+**Steps:**
+```yaml
+steps:
+  - step_id: "EC001"
+    action: [ACTION_TYPE]
+    target: "[LOCATOR]"
+    value: "[BOUNDARY_VALUE]"
+    expect: "[EXPECTED_BEHAVIOR]"
+```
+
+---
+
+### TC-[UC_ID]-ER-001: [ERROR_CASE_NAME]
+**Type:** error | **Priority:** P1
+
+**Trigger:** [WHAT_CAUSES_ERROR]
+
+**Steps:**
+```yaml
+steps:
+  - step_id: "ER001"
+    action: [ACTION_TYPE]
+    target: "[LOCATOR]"
+    value: "[INVALID_VALUE]"
+    expect: "[ERROR_MESSAGE_OR_BEHAVIOR]"
+```
+
+---
+
+## Page Objects
+```yaml
+pages:
+  - name: "[PageName]Page"
+    file: "pages/[page-name].page.ts"
+    elements:
+      - submitButton: "getByRole('button', {name: '[NAME]'})"
+      - emailInput: "getByLabel('[LABEL]')"
+      - errorAlert: "getByRole('alert')"
+      - [elementName]: "getByTestId('[TEST_ID]')"
+    actions:
+      - login(email, password): "Fill credentials and submit"
+      - [methodName]: "[PURPOSE]"
+```
+
+## Success Criteria
+- [ ] All happy path steps execute without errors
+- [ ] Edge case validations pass
+- [ ] Error scenarios handled correctly
+- [ ] Test runs independently (no shared state)
+- [ ] All assertions use web-first patterns
+
+## Locator Reference
+| Priority | Method | Example |
+|----------|--------|---------|
+| 1st | getByRole | `getByRole('button', {name: 'Submit'})` |
+| 2nd | getByTestId | `getByTestId('user-menu')` |
+| 3rd | getByLabel | `getByLabel('Email')` |
+| AVOID | CSS | `.btn-primary`, `#dynamic-123` |
+
+---
+*Template: automated-testing-template.md | Output: .propel/context/test/tw_[feature]_[YYYYMMDD].md*

package/.propel/templates/cicd-specification-template.md

@@ -0,0 +1,249 @@
+# CI/CD Pipeline Specification
+
+## Project Overview
+[Brief description of the application and deployment requirements]
+
+## Target Configuration
+| Attribute | Value |
+|-----------|-------|
+| CI/CD Platform | [GitHub Actions / Azure DevOps / GitLab CI] |
+| Deployment Target | [Kubernetes / Container Apps / VMs / Serverless] |
+| Environments | [dev, qa, staging, prod] |
+| Branching Strategy | [GitFlow / Trunk-based / GitHub Flow] |
+
+## Technology Stack Summary
+| Layer | Technology | Build Tool | Test Framework |
+|-------|------------|------------|----------------|
+| Frontend | [React/Angular/Vue] | [npm/yarn] | [Jest/Vitest] |
+| Backend | [.NET/Node/Python] | [dotnet/npm/pip] | [xUnit/Jest/pytest] |
+| Infrastructure | [Terraform] | [terraform] | [terratest] |
+
+---
+
+## Pipeline Stages
+
+### Stage 1: Build Verification (CICD-XXX)
+- CICD-001: Pipeline MUST compile/build all application artifacts
+- CICD-002: Pipeline MUST verify all dependencies resolve successfully
+- CICD-003: Pipeline MUST generate build metadata (version, commit SHA, timestamp)
+- CICD-004: Pipeline MUST fail on compilation errors
+
+### Stage 2: Code Quality (CICD-XXX)
+- CICD-010: Pipeline MUST run linters ([ESLint/StyleCop/Pylint])
+- CICD-011: Pipeline MUST enforce code coverage threshold (>= [80]%)
+- CICD-012: Pipeline MUST fail on code quality degradation
+- CICD-013: Pipeline MUST generate code quality reports
+
+### Stage 3: Security Scanning (CICD-XXX)
+- CICD-020: Pipeline MUST run SAST using [CodeQL/SonarQube/Semgrep]
+- CICD-021: Pipeline MUST run SCA using [Snyk/OWASP Dependency-Check]
+- CICD-022: Pipeline MUST scan container images using [Trivy/Grype]
+- CICD-023: Pipeline MUST run secrets detection using [GitLeaks/TruffleHog]
+- CICD-024: Pipeline MUST fail on CRITICAL/HIGH vulnerabilities
+- CICD-025: [UNCLEAR] Pipeline MUST [ambiguous security requirement]
+
+**Note:** Mark unclear requirements with [UNCLEAR] tag.
+
+### Stage 4: Testing (CICD-XXX)
+- CICD-030: Pipeline MUST run unit tests with [X]% coverage threshold
+- CICD-031: Pipeline MUST run integration tests for [scope]
+- CICD-032: Pipeline MUST run E2E tests for [critical user journeys]
+- CICD-033: Pipeline MUST run performance tests for production deployments
+- CICD-034: Pipeline MUST generate test reports in [format]
+
+### Stage 5: Infrastructure Validation (CICD-XXX)
+- CICD-040: Pipeline MUST run `terraform plan` before apply
+- CICD-041: Pipeline MUST run policy checks using [OPA/Sentinel/Checkov]
+- CICD-042: Pipeline MUST validate IaC security using [tfsec/checkov]
+- CICD-043: Pipeline MUST estimate infrastructure cost using [Infracost]
+
+### Stage 6: Deployment (CICD-XXX)
+- CICD-050: Pipeline MUST deploy to [environment] using [strategy]
+- CICD-051: Pipeline MUST validate deployment prerequisites
+- CICD-052: Pipeline MUST run smoke tests post-deployment
+- CICD-053: Pipeline MUST support automated rollback on failure
+
+### Stage 7: Approval Gates (CICD-XXX)
+- CICD-060: Pipeline MUST require [1] approval for staging deployment
+- CICD-061: Pipeline MUST require [2] approvals for production deployment
+- CICD-062: Pipeline MUST enforce [24h/72h] approval timeout
+- CICD-063: Pipeline MUST notify approvers via [channel]
+
+---
+
+## Environment Pipeline Matrix
+
+| Stage | dev | qa | staging | prod |
+|-------|-----|----|---------| ---- |
+| Build | Auto | Auto | Auto | Auto |
+| Lint | Auto | Auto | Auto | Auto |
+| Unit Tests | Auto | Auto | Auto | Auto |
+| SAST | Auto | Auto | Auto | Auto |
+| SCA | Auto | Auto | Auto | Auto |
+| Container Scan | Auto | Auto | Auto | Auto |
+| Secrets Scan | Auto | Auto | Auto | Auto |
+| Integration Tests | Skip | Auto | Auto | Auto |
+| E2E Tests | Skip | Auto | Auto | Auto |
+| Performance Tests | Skip | Skip | Skip | Auto |
+| IaC Validation | Auto | Auto | Auto | Auto |
+| Manual Approval | No | No | Yes (1) | Yes (2) |
+| Deploy | Auto | Auto | After Approval | After Approval |
+| Smoke Tests | Auto | Auto | Auto | Auto |
+
+---
+
+## Security Gates Configuration
+
+| Gate | Tool | Threshold | Blocking | Environments |
+|------|------|-----------|----------|--------------|
+| SAST | [CodeQL] | 0 Critical, 0 High | Yes | All |
+| SCA | [Snyk] | 0 Critical, 0 High | Yes | All |
+| Container | [Trivy] | 0 Critical | Yes | All |
+| Secrets | [GitLeaks] | 0 findings | Yes | All |
+| IaC | [tfsec] | 0 Critical | Yes | All |
+| Coverage | [tool] | >= 80% | Yes | All |
+
+---
+
+## Deployment Strategy
+
+### Strategy Per Environment
+| Environment | Strategy | Rollback | Health Check |
+|-------------|----------|----------|--------------|
+| dev | Rolling | Manual | Basic |
+| qa | Rolling | Manual | Basic |
+| staging | Blue/Green | Automated | Full |
+| prod | Canary (10% → 50% → 100%) | Automated | Full + Metrics |
+
+### Canary Configuration (Production)
+```yaml
+canary:
+  steps:
+    - weight: 10
+      pause: 5m
+      analysis: error_rate < 1%
+    - weight: 50
+      pause: 15m
+      analysis: error_rate < 1% AND p99_latency < 500ms
+    - weight: 100
+```
+
+---
+
+## Rollback Procedures
+
+### Automated Rollback Triggers
+- Smoke test failure
+- Error rate > [5]%
+- Health check failures > [3] consecutive
+- P99 latency > [X]ms
+
+### Rollback Steps
+1. Detect failure via [monitoring/health checks]
+2. Trigger rollback to previous version
+3. Verify rollback success
+4. Notify stakeholders via [channel]
+5. Create incident ticket in [system]
+
+### Artifact Retention
+| Environment | Retention Period |
+|-------------|-----------------|
+| dev | 7 days |
+| qa | 30 days |
+| staging | 90 days |
+| prod | 365 days |
+
+---
+
+## Notification Strategy
+
+### Notification Events
+| Event | Recipients | Channel | Priority |
+|-------|------------|---------|----------|
+| Build Failure | Commit author, Team | [Slack/Teams] | High |
+| Security Gate Failure | Security team, Commit author | [Slack/Teams/Email] | Critical |
+| Deployment Started | Operations | [Slack/Teams] | Info |
+| Deployment Completed | Operations, Stakeholders | [Slack/Teams] | Info |
+| Rollback Executed | On-call, Management | [PagerDuty/Slack] | Critical |
+| Approval Required | Designated approvers | [Slack/Teams/Email] | High |
+
+---
+
+## Pipeline Triggers
+
+### Branch Triggers
+| Branch Pattern | Pipeline Type | Environments |
+|----------------|--------------|--------------|
+| `feature/*` | CI only | dev |
+| `develop` | CI + CD | qa |
+| `release/*` | CI + CD | staging |
+| `main` | CI + CD | prod |
+| `hotfix/*` | CI + CD (expedited) | staging → prod |
+
+### Manual Triggers
+- Re-run failed pipeline
+- Deploy specific version
+- Rollback to previous version
+
+---
+
+## Secrets Configuration
+
+### Required Secrets
+| Secret Name | Purpose | Source | Rotation |
+|-------------|---------|--------|----------|
+| REGISTRY_TOKEN | Container registry auth | [Key Vault/Secret Manager] | 90 days |
+| DEPLOY_CREDENTIALS | Cloud deployment | [OIDC/Managed Identity] | N/A |
+| SONAR_TOKEN | Code quality scanning | [Key Vault/Secret Manager] | 365 days |
+| SNYK_TOKEN | Vulnerability scanning | [Key Vault/Secret Manager] | 365 days |
+
+### Secret Access
+- Secrets accessed via [GitHub Secrets/Azure Key Vault/GCP Secret Manager]
+- Environment-specific secrets isolated
+- Secrets masked in all logs
+
+---
+
+## Requirement Traceability
+
+| CICD ID | Description | Source Requirement |
+|---------|-------------|-------------------|
+| CICD-001 | Build verification | TR-XXX |
+| CICD-020 | SAST scanning | NFR-XXX (Security) |
+| CICD-030 | Unit testing | NFR-XXX (Quality) |
+| CICD-050 | Deployment | NFR-XXX (Availability) |
+
+---
+
+## Human Review Checklist
+
+### Security
+- [ ] All security gates configured correctly
+- [ ] No secrets in pipeline code
+- [ ] Approval requirements match policy
+- [ ] OIDC configured for cloud auth (no long-lived credentials)
+
+### Testing
+- [ ] Code coverage threshold appropriate
+- [ ] E2E tests cover critical user journeys
+- [ ] Performance tests have baselines defined
+
+### Deployment
+- [ ] Rollback procedure documented and tested
+- [ ] Deployment strategy appropriate for workload
+- [ ] Health checks configured correctly
+
+### Notifications
+- [ ] All notification channels configured
+- [ ] Escalation paths defined
+- [ ] On-call integration configured
+
+---
+
+## Approval
+
+| Role | Name | Date | Signature |
+|------|------|------|-----------|
+| DevOps Engineer | | | |
+| Security Engineer | | | |
+| Development Lead | | | |