admin/goodgo-platform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: organize docs — move 37 files from root into docs/ subfolders

Browse Source 
Root now contains only essential files:
  README.md, CLAUDE.md, CHANGELOG.md, CONTRIBUTING.md

Reorganized into:
  docs/audits/       — all audit reports & checklists (71 files)
  docs/architecture/  — codebase overview, implementation plan
  docs/guides/        — auth guide, implementation checklist
  docs/load-testing/  — k6 load test guides & endpoints
  docs/security/      — payment & security reviews

Also removed 5 untracked debug/investigation files and
cleaned up playwright-report/ & test-results/ artifacts.

Co-Authored-By: Claude Opus 4 (1M context) <noreply@anthropic.com>
This commit is contained in:
Ho Ngoc Hai
2026-04-13 12:09:14 +07:00
parent ccfc176e40
commit b93c28fa01
38 changed files with 252 additions and 412 deletions
Download Patch File Download Diff File Expand all files Collapse all files

383
docs/architecture/IMPLEMENTATION_PLAN.md Normal file
View File

@@ -0,0 +1,383 @@
# GoodGo Platform AI — Implementation Plan
**Last Updated:** 2026-04-12
---
## Milestones
### Milestone 1: Walking Skeleton (Phase 0)
**Goal:** Any engineer can clone, install, and start developing.
**Execution Order:**
1. **[TEC-1415] Monorepo Scaffolding** + **[TEC-1416] Docker Compose** (parallel — no deps)
2. **[TEC-1420] ESLint/Prettier** (after F1)
3. **[TEC-1417] Prisma Schema** (after F1 + F2)
4. **[TEC-1418] Shared Module** (after F1)
5. **[TEC-1419] CI/CD Pipeline** (after F1)
```
F1 (Monorepo) ──┬── F6 (Lint/Prettier)
├── F3 (Prisma Schema) ←── F2 (Docker)
├── F4 (Shared Module)
└── F5 (CI/CD)
F2 (Docker) ─────┘
```
### Milestone 2: Core Product (Phase 1)
**Goal:** Users can register, post listings, and search properties.
**Execution Order:**
1. **[TEC-1421] Auth Backend** (after F3, F4)
2. **[TEC-1425] Security Hardening** + **[TEC-1426] Error Handling** (parallel, after F1/F4)
3. **[TEC-1422] Auth Frontend** (after C1)
4. **[TEC-1423] Listings Backend** (after C1)
5. **[TEC-1424] Search Backend** (after C3)
6. **[TEC-1427] Listings Frontend** (after C3)
7. **[TEC-1428] Search + Landing Frontend** (after C5)
```
F3 + F4 ──→ C1 (Auth BE) ──┬── C2 (Auth FE)
├── C3 (Listings BE) ──┬── C5 (Search BE) ──→ C6 (Search FE)
│ └── C4 (Listings FE)
├── X1 (Security)
└── X3 (Error Handling)
```
### Milestone 3: Monetization (Phase 2)
**Goal:** Revenue-generating MVP with payments, subscriptions, and admin tools.
```
C1 ──→ M1 (Payments) ──→ M2 (Subscriptions)
C1 ──→ M3 (Notifications)
C1 + C3 ──→ M4 (Admin)
Phase 1 ──→ X4 (E2E Tests)
```
### Milestone 4: AI-Powered (Phase 3)
**Goal:** Differentiated product with AI features.
```
F2 ──→ A1 (AI/ML Container) ──→ A2 (Analytics)
C5 + A2 ──→ A3 (MCP Servers)
```
---
## Dependency Map
| Task | Depends On |
| ------------- | ---------- |
| TEC-1415 (F1) | None |
| TEC-1416 (F2) | None |
| TEC-1417 (F3) | F1, F2 |
| TEC-1418 (F4) | F1 |
| TEC-1419 (F5) | F1 |
| TEC-1420 (F6) | F1 |
| TEC-1421 (C1) | F3, F4 |
| TEC-1422 (C2) | C1 |
| TEC-1423 (C3) | C1, F3 |
| TEC-1424 (C5) | C3, F2 |
| TEC-1425 (X1) | F1 |
| TEC-1426 (X3) | F4 |
| TEC-1427 (C4) | C3 |
| TEC-1428 (C6) | C5 |
| TEC-1429 (M1) | C1 |
| TEC-1430 (M2) | M1 |
| TEC-1431 (M3) | C1 |
| TEC-1432 (M4) | C1, C3 |
| TEC-1433 (X4) | Phase 1 |
### Milestone 5: Production Hardening (Phase 4)
**Goal:** Fix all critical security issues. Establish production deployment capability.
**Execution Order:**
1. **[TEC-1449] JWT Secret Fix** + **[TEC-1451] HMAC Timing Fix** + **[TEC-1452] MinIO Fix** + **[TEC-1453] CSRF** (parallel — no deps between them)
2. **[TEC-1455] DB Index** (independent — can run parallel with above)
3. **[TEC-1450] Deployment Pipeline** (after security fixes verified)
4. **[TEC-1457] Backups + Logs** (after deployment infra exists)
5. **[TEC-1456] Test Coverage** (parallel — independent of infra)
```
TEC-1449 (JWT) ──────┐
TEC-1451 (HMAC) ─────┤
TEC-1452 (MinIO) ────┼──→ TEC-1450 (Deploy Pipeline) ──→ TEC-1457 (Backups + Logs)
TEC-1453 (CSRF) ─────┘
TEC-1455 (DB Index) ──────────────────────────────────(independent)
TEC-1456 (Tests) ─────────────────────────────────────(independent)
```
### Milestone 6: Quality & Polish (Phase 5)
**Goal:** Production-quality UX, documentation, and performance.
```
Phase 4 done ──→ TEC-1458 (Redis Caching)
TEC-1459 (Frontend Polish) (parallel)
TEC-1460 (OpenAPI/Swagger) (parallel)
TEC-1461 (Documentation) (parallel)
```
---
## Dependency Map (Phase 4-5)
| Task | Depends On |
| --------------- | ----------------- |
| TEC-1449 | None |
| TEC-1450 | TEC-1449 (security first) |
| TEC-1451 | None |
| TEC-1452 | None |
| TEC-1453 | None |
| TEC-1455 | None |
| TEC-1456 | None |
| TEC-1457 | TEC-1450 |
| TEC-1458 | Phase 4 |
| TEC-1459 | None |
| TEC-1460 | None |
| TEC-1461 | None |
### Milestone 7: MVP Feature Completion & Audit (Phase 6)
**Goal:** Complete remaining MVP features (Agent Portal, AI, Payments), clean up tech debt from audit.
**Sprint 1 — Stabilize (Week 1):**
1. **[TEC-1592] Commit untracked files** (P0, no deps)
2. **[TEC-1593] Fix Architect agent** (P0, no deps)
3. **[TEC-1594] i18n consolidation** (P1, no deps)
**Sprint 2 — Agent Portal + Payments (Weeks 2-3):**
4. **[TEC-1595] Agent Portal** (P1, after TEC-1592)
5. **[TEC-1597] Payment flow** (P1, after TEC-1592)
6. **[TEC-1598] Smoke tests** (P1, independent)
**Sprint 3 — AI & Quality (Weeks 4-5):**
7. **[TEC-1596] AI/ML integration** (P1, after TEC-1592)
8. **[TEC-1599] Test coverage** (P2, independent)
9. **[TEC-1600] OpenAPI docs** (P2, independent)
**Sprint 4 — Hardening (Weeks 5-6):**
10. **[TEC-1601] K6 baselines** (P2, independent)
11. **[TEC-1602] Security audit** (P2, after Phase 4 security fixes)
12. **[TEC-1603] DB index optimization** (P2, independent)
13. **[TEC-1604] Sentry integration** (P2, independent)
```
TEC-1592 (Commit) ──┬── TEC-1595 (Agent Portal)
├── TEC-1596 (AI/ML)
└── TEC-1597 (Payments)
TEC-1593 (Architect Fix) ─── (independent)
TEC-1594 (i18n) ────────────── (independent)
TEC-1598 (Smoke Tests) ─────── (independent)
TEC-1599..1604 (P2 quality) ── (all independent, parallel)
```
---
## Dependency Map (Phase 6)
| Task | Depends On |
| --------------- | ----------------- |
| TEC-1592 | None |
| TEC-1593 | None |
| TEC-1594 | None |
| TEC-1595 | TEC-1592 |
| TEC-1596 | TEC-1592 |
| TEC-1597 | TEC-1592 |
| TEC-1598 | None |
| TEC-1599 | None |
| TEC-1600 | None |
| TEC-1601 | None |
| TEC-1602 | Phase 4 security |
| TEC-1603 | None |
| TEC-1604 | None |
### Milestone 8: Post-MVP Improvements (Phase 7)
**Goal:** Fix remaining bugs, harden for production, improve UX and DX.
**Wave 1 — Critical Bug Fixes (1-2 days):**
1. **[TEC-1647] Fix Reviews routing** (P0, no deps)
2. **[TEC-1648] Fix Health endpoints** (P0, no deps)
3. **[TEC-1649] Fix Login error handling** (P0, needs DB)
4. **[TEC-1650] Fix Listing 404** (P1, needs DB)
**Wave 2 — Production Readiness (3-5 days):**
5. **[TEC-1651] E2E CI environment** (P1, no deps)
6. **[TEC-1652] Run E2E tests** (P1, after Wave 1 fixes)
7. **[TEC-1653] Security headers audit** (P1, no deps)
8. **[TEC-1658] PgBouncer pooling** (P1, no deps)
**Wave 3 — User-Facing Quality (1-2 weeks):**
9. **[TEC-1654] Mobile responsive** (P1, no deps)
10. **[TEC-1655] SEO optimization** (P1, no deps)
11. **[TEC-1656] Per-user rate limiting** (P1, no deps)
12. **[TEC-1657] Admin audit logging** (P1, no deps)
**Wave 4 — Engineering Excellence (2-3 weeks):**
13. **[TEC-1659] Graceful degradation** (P2, no deps)
14. **[TEC-1660] Error codes documentation** (P2, no deps)
15. **[TEC-1661] RUM + Web Vitals** (P2, no deps)
16. **[TEC-1662] Update QA Tracker** (P2, after Wave 2)
```
TEC-1647 (Reviews) ──┐
TEC-1648 (Health) ────┼── TEC-1652 (E2E Tests) ── TEC-1662 (QA Update)
TEC-1649 (Login) ─────┤
TEC-1650 (Listing) ───┘
TEC-1651 (CI E2E) ──────── (independent)
TEC-1653 (Headers) ─────── (independent)
TEC-1658 (PgBouncer) ───── (independent)
TEC-1654..1657 (Wave 3) ── (all independent, parallel)
TEC-1659..1661 (Wave 4) ── (all independent, parallel)
```
---
## Dependency Map (Phase 7)
| Task | Depends On |
| --------------- | ----------------- |
| TEC-1647 | None |
| TEC-1648 | None |
| TEC-1649 | None |
| TEC-1650 | None |
| TEC-1651 | None |
| TEC-1652 | TEC-1647, TEC-1648 |
| TEC-1653 | None |
| TEC-1654 | None |
| TEC-1655 | None |
| TEC-1656 | None |
| TEC-1657 | None |
| TEC-1658 | None |
| TEC-1659 | None |
| TEC-1660 | None |
| TEC-1661 | None |
| TEC-1662 | TEC-1652 |
### Milestone 9: CEO Audit Wave 5 — Security & Features (Phase 7 continued)
**Goal:** Address security vulnerabilities, improve test coverage, implement missing Sprint 3 feature.
**Wave 5a — Security (DAY 1-2, parallel):**
1. **[TEC-1684] Fix npm vulnerabilities** (P0, Security Engineer)
2. **[TEC-1685] Fix lint error** (P1, QA Engineer)
**Wave 5b — Quality & Features (WEEK 1-2):**
3. **[TEC-1686] Test coverage push** (P1, QA Engineer, after 5a)
4. **[TEC-1688] Saved Searches + Alerts** (P1, Architect)
5. **[TEC-1687] Dependabot setup** (P2, DevOps Engineer)
```
TEC-1684 (NPM Vuln) ─────── (independent, P0)
TEC-1685 (Lint) ──────────── TEC-1686 (Test Coverage)
TEC-1688 (Saved Searches) ── (independent, P1)
TEC-1687 (Dependabot) ────── (independent, P2)
```
---
## Dependency Map (Wave 5)
| Task | Depends On |
| --------------- | ----------------- |
| TEC-1684 | None |
| TEC-1685 | None |
| TEC-1686 | TEC-1685 |
| TEC-1687 | None |
| TEC-1688 | None |
---
## Rollout Notes
- **Phase 0-6 complete** — 51/51 tasks done, MVP feature-complete
- **Phase 7 is current priority** — bug fixes and production hardening
- **Wave 13 is current sprint** — 6 tasks (TEC-1918 through TEC-1923)
- **Total project status** (from Paperclip, 2026-04-12): 219 done / 3 in progress / 9 todo / 3 cancelled out of 234 issues
- **Critical path:** TEC-1918 (TS errors) → TEC-1919 (E2E unblock) → production readiness checklist (TEC-1922)
- **Priorities:** CI green (TEC-1918), E2E (TEC-1919), backlog grooming (TEC-1920), /pricing page (TEC-1921)
- **Production path:** Wave 13 fixes → production readiness checklist → go-live decision
### Milestone 13: CEO Audit Wave 13 (Phase 7 continued)
**Goal:** Fix remaining TS errors, unblock E2E, groom backlog, complete pricing page, production readiness checklist.
**Wave 13A — CI Fix (Day 1):**
1. **[TEC-1918] Fix 7 TS compile errors in web test files** (P0, Senior Backend Engineer)
**Wave 13B — Features & Quality (Days 2-3):**
2. **[TEC-1919] Unblock E2E test environment** (P1, DevOps Engineer)
3. **[TEC-1920] Backlog grooming — deduplicate and close resolved** (P1, QA Engineer)
4. **[TEC-1921] Complete /pricing page** (P1, Senior Frontend Engineer)
**Wave 13C — Documentation & Readiness (Days 3-5):**
5. **[TEC-1922] Production readiness checklist** (P2, SRE Engineer)
6. **[TEC-1923] Update PROJECT_TRACKER.md** (P2, Technical Writer)
```
TEC-1918 (TS Errors) ──→ TEC-1919 (E2E Unblock)
TEC-1920 (Backlog) ────── (independent)
TEC-1921 (/pricing) ───── (independent)
TEC-1922 (Readiness) ──── (after TEC-1918/1919)
TEC-1923 (Tracker) ────── (independent)
```
---
## Dependency Map (Wave 13)
| Task | Depends On |
| --------------- | ----------------- |
| TEC-1918 | None |
| TEC-1919 | TEC-1918 |
| TEC-1920 | None |
| TEC-1921 | None |
| TEC-1922 | TEC-1918, TEC-1919|
| TEC-1923 | None |
### Milestone 12: CEO Audit — CI Pipeline Fix (Phase 7 Wave 12)
**Goal:** Restore CI pipeline to green. Fix all TypeScript, ESLint, and test failures. Commit outstanding work.
**Wave 12A — Fix CI (Day 1, parallel):**
1. **[TEC-1898] Fix Prisma 7 migration** (P0, Senior Backend Engineer)
2. **[TEC-1899] Fix 31 failing unit tests** (P0, QA Engineer)
3. **[TEC-1900] Fix ESLint errors + commit files** (P0, Senior Backend Engineer, after TEC-1898)
**Wave 12B — Bug Fixes (Days 2-3):**
4. **[TEC-1649] Login 500→401 fix** (P1, in progress)
5. **[TEC-1657] Admin audit logging** (P1, todo)
6. **[TEC-1878] E2E environment** (P1, DevOps Engineer)
7. **[TEC-1847] React component tests** (P1, QA Engineer)
```
TEC-1898 (Prisma Fix) ──┬── TEC-1900 (ESLint + Commit)
TEC-1899 (Test Fixes) ──┘
TEC-1649 (Login Fix) ─── (independent, in progress)
TEC-1878 (E2E Env) ────── (independent)
TEC-1657 (Audit Logs) ─── (independent)
TEC-1847 (RTL Tests) ──── (independent)
```
---
## Dependency Map (Wave 12)
| Task | Depends On |
| --------------- | ----------------- |
| TEC-1898 | None |
| TEC-1899 | None |
| TEC-1900 | TEC-1898 |
| TEC-1649 | None |
| TEC-1657 | None |
| TEC-1878 | None |
| TEC-1847 | None |