d9e7a02
d9e7a02e9e45715544d9c7b961b3c273f97667fb3da8c0d
69d1cd7| Status | File | + | - |
|---|---|---|---|
| M |
README.md
|
2 | 0 |
| A |
examples/sprint-08-parity-matrix.md
|
28 | 0 |
| A |
examples/validate-sprint-08-parity.sh
|
64 | 0 |
README.mdmodified@@ -60,6 +60,8 @@ gartk prompt path with a persistent in-process modal session and falls back to | ||
| 60 | 60 | 7. `examples/validate-sprint-04-runtime.sh` |
| 61 | 61 | 8. `examples/sprint-07-validation.md` |
| 62 | 62 | 9. `examples/validate-sprint-07.sh` |
| 63 | +10. `examples/sprint-08-parity-matrix.md` | |
| 64 | +11. `examples/validate-sprint-08-parity.sh` | |
| 63 | 65 | |
| 64 | 66 | ## Troubleshooting |
| 65 | 67 | 1. `Authorization requires authentication but no agent is available` |
examples/sprint-08-parity-matrix.mdadded@@ -0,0 +1,28 @@ | ||
| 1 | +# Sprint 08 Parity Matrix | |
| 2 | + | |
| 3 | +Use this matrix to certify behavior against mature desktop PolicyKit agents. | |
| 4 | + | |
| 5 | +## Automated Prerequisites | |
| 6 | +1. `cargo test --workspace` | |
| 7 | +2. `./examples/validate-sprint-08-parity.sh` | |
| 8 | + | |
| 9 | +## Matrix | |
| 10 | +| Scenario | Procedure | Expected Result | Status | Evidence | | |
| 11 | +| --- | --- | --- | --- | --- | | |
| 12 | +| Success path | Trigger `pkcheck --allow-user-interaction --process $$ --action-id com.mesonbuild.install.run` and enter correct password | Prompt completes, auth is authorized, no failure flash | Pending | daemon log + `garcardctl auth-summary` | | |
| 13 | +| Failure path | Trigger same `pkcheck` and enter wrong password | Prompt flashes error, reprompts in place, `auth-summary.last_outcome=failure` before retry | Pending | daemon log + `garcardctl auth-summary` | | |
| 14 | +| Cancel path | Trigger `pkcheck`, cancel prompt | Request exits cleanly, `auth-summary.last_outcome=canceled` | Pending | daemon log + `garcardctl auth-summary` | | |
| 15 | +| Timeout path | Set short timeout (`GARCARD_PROMPT_TIMEOUT_SECS=2`), trigger auth, do not respond | Request times out, `auth-summary.last_outcome=timeout` | Pending | daemon log + `garcardctl auth-summary` | | |
| 16 | +| Multi-identity flow | Trigger policy requiring identity choice | Identity list rendered, selected identity is honored | Pending | prompt capture + daemon log | | |
| 17 | +| Retention choice flow | Trigger policy exposing retention options | Retention choice accepted and recorded in `auth-summary` | Pending | `garcardctl auth-summary` | | |
| 18 | +| Temp auth introspection | Run `garcardctl temp-list` after successful retained auth | Active temporary authorization entries are listed | Pending | command output | | |
| 19 | +| Temp auth revoke single | Run `garcardctl temp-revoke <id>` | Target authorization removed | Pending | `temp-list` before/after | | |
| 20 | +| Temp auth revoke all | Run `garcardctl temp-revoke-all` | All temporary authorizations removed | Pending | `temp-list` before/after | | |
| 21 | +| Daemon restart during lifecycle | Restart daemon and rerun status/diag/temp commands | Control plane recovers without stale socket state | Pending | `validate-sprint-07.sh` output | | |
| 22 | +| Polkit restart recovery | Restart polkit and relaunch daemon | Diagnostics recover, control commands remain responsive | Pending | script output + daemon log | | |
| 23 | + | |
| 24 | +## Signoff | |
| 25 | +1. Date: | |
| 26 | +2. Operator: | |
| 27 | +3. Result (`PASS`/`FAIL`): | |
| 28 | +4. Blocking gaps: | |
examples/validate-sprint-08-parity.shadded@@ -0,0 +1,64 @@ | ||
| 1 | +#!/usr/bin/env bash | |
| 2 | +set -euo pipefail | |
| 3 | + | |
| 4 | +REPORT_FILE="${GARCARD_SPRINT08_REPORT_FILE:-${PWD}/target/sprint-08-parity-evidence.md}" | |
| 5 | +RUN_INTERACTIVE="${GARCARD_SPRINT08_RUN_INTERACTIVE:-0}" | |
| 6 | +ACTION_ID="${GARCARD_SPRINT08_ACTION_ID:-com.mesonbuild.install.run}" | |
| 7 | + | |
| 8 | +mkdir -p "$(dirname "${REPORT_FILE}")" | |
| 9 | + | |
| 10 | +timestamp() { | |
| 11 | + date -u +"%Y-%m-%dT%H:%M:%SZ" | |
| 12 | +} | |
| 13 | + | |
| 14 | +append_section() { | |
| 15 | + local heading="$1" | |
| 16 | + { | |
| 17 | + echo | |
| 18 | + echo "## ${heading}" | |
| 19 | + echo | |
| 20 | + } >>"${REPORT_FILE}" | |
| 21 | +} | |
| 22 | + | |
| 23 | +{ | |
| 24 | + echo "# Sprint 08 Parity Evidence" | |
| 25 | + echo | |
| 26 | + echo "- generated_at: $(timestamp)" | |
| 27 | + echo "- host: $(hostname)" | |
| 28 | + echo "- action_id: ${ACTION_ID}" | |
| 29 | + echo | |
| 30 | +} >"${REPORT_FILE}" | |
| 31 | + | |
| 32 | +append_section "Workspace Tests" | |
| 33 | +cargo test --workspace | tee -a "${REPORT_FILE}" | |
| 34 | + | |
| 35 | +append_section "Sprint 04 Reliability Baseline" | |
| 36 | +./examples/validate-sprint-04.sh | tee -a "${REPORT_FILE}" | |
| 37 | + | |
| 38 | +append_section "Sprint 07 Lifecycle Baseline (Non-Interactive)" | |
| 39 | +GARCARD_SPRINT07_RUN_PKCHECK=0 ./examples/validate-sprint-07.sh | tee -a "${REPORT_FILE}" | |
| 40 | + | |
| 41 | +if [[ "${RUN_INTERACTIVE}" == "1" ]]; then | |
| 42 | + append_section "Sprint 07 Lifecycle Interactive Loop" | |
| 43 | + if command -v pkcheck >/dev/null 2>&1; then | |
| 44 | + GARCARD_SPRINT07_RUN_PKCHECK=1 \ | |
| 45 | + GARCARD_SPRINT07_ACTION_ID="${ACTION_ID}" \ | |
| 46 | + ./examples/validate-sprint-07.sh | tee -a "${REPORT_FILE}" | |
| 47 | + else | |
| 48 | + echo "pkcheck not found; interactive loop skipped" | tee -a "${REPORT_FILE}" | |
| 49 | + fi | |
| 50 | +else | |
| 51 | + append_section "Interactive Loop Status" | |
| 52 | + echo "Skipped interactive parity loop (set GARCARD_SPRINT08_RUN_INTERACTIVE=1 to enable)." \ | |
| 53 | + | tee -a "${REPORT_FILE}" | |
| 54 | +fi | |
| 55 | + | |
| 56 | +append_section "Next Manual Matrix Steps" | |
| 57 | +{ | |
| 58 | + echo "1. Open examples/sprint-08-parity-matrix.md." | |
| 59 | + echo "2. Record PASS/FAIL and attach evidence pointers from this report." | |
| 60 | + echo "3. Add daemon log references for success/failure/cancel/timeout and retention coverage." | |
| 61 | +} | tee -a "${REPORT_FILE}" | |
| 62 | + | |
| 63 | +echo "Sprint 08 parity baseline complete." | |
| 64 | +echo "Evidence report: ${REPORT_FILE}" | |