docs: update roadmap with actual branch names in key_auto_rotation.md

Manuthor · Manuthor · commit 5f074fae8cad · 2026-05-28T16:16:07.000+02:00
diff --git a/documentation/docs/kmip_support/key_auto_rotation.md b/documentation/docs/kmip_support/key_auto_rotation.md
@@ -464,17 +464,22 @@ This feature is delivered as a cascade of five stacked pull requests, each
 building on the previous one:
 
 ```text
-develop ← PR 1 ← PR 2 ← PR 3 ← PR 4 ← PR 5
+develop
+  ← PR 1  docs/key-autorotation-spec
+  ← PR 2  feat/key-rotation-manual
+  ← PR 3  feat/key-rotation-scheduler
+  ← PR 4  feat/key-rotation-notifications
+  ← PR 5  feat/key-rotation-ui
 ```
 
-### PR 1 — Specification (this document)
+### PR 1 — Specification (`docs/key-autorotation-spec` → `develop`)
 
 Publish the complete key auto-rotation specification so reviewers and
 subsequent PRs have a stable reference.  Standardise terminology: **Key
 Rotation** for symmetric/asymmetric re-keying, **Certificate Renewal** for
 certificate operations.
 
-### PR 2 — Manual rotation for all key types + test vectors
+### PR 2 — Manual rotation for all key types + test vectors (`feat/key-rotation-manual` → `docs/key-autorotation-spec`)
 
 Implement `Re-Key` and `Re-Key Key Pair` for all six scenarios described
 in this document:
@@ -488,7 +493,7 @@ in this document:
 
 All test vectors green at merge time.  No auto-rotation scheduler in this PR.
 
-### PR 3 — Auto-rotation scheduler + deadline detection
+### PR 3 — Auto-rotation scheduler + deadline detection (`feat/key-rotation-scheduler` → `feat/key-rotation-manual`)
 
 Background cron that finds due keys and rotates them automatically:
 
@@ -500,17 +505,21 @@ Background cron that finds due keys and rotates them automatically:
   rotation) emitting events via a `Notifier` trait (no-op stub until PR 4)
 - OTel counter `kms.key.auto_rotation` on every successful rotation
 
-### PR 4 — Notification system (webhooks)
+### PR 4 — Notification system (`feat/key-rotation-notifications` → `feat/key-rotation-scheduler`)
 
-First concrete `Notifier` implementation — POST JSON to configured URLs:
+`NotificationsStore` trait + SMTP email notifier for key renewal warnings and
+rotation events:
 
-- **Events**: `rotation_success`, `rotation_failure`, `approaching_deadline`
-- Exponential-backoff retry; failures logged but never block rotation
-- Configuration designed as an extensible enum for future sinks (email,
-  Slack, cloud pub/sub)
-- Wizard step for notification endpoint setup
+- **Events stored**: `rotation_success`, `rotation_failure`, `approaching_deadline`
+- `dispatch_renewal_warnings()` background scanner with threshold-based dedup
+  (`rotate_last_warning_days` attribute prevents duplicate alerts)
+- SMTP email delivery via `lettre`; failures logged but never block rotation
+- HTTP API: `GET /notifications`, `GET /notifications/unread/count`,
+  `POST /notifications/{id}/read`, `POST /notifications/read-all`
+- `SmtpConfig` + `RenewalNotificationStrategy` configuration
+- `NoopNotificationsStore` for the Redis-findex backend
 
-### PR 5 — UI and CLI features
+### PR 5 — UI and CLI features (`feat/key-rotation-ui` → `feat/key-rotation-notifications`)
 
 Mirror rotation features in the Web UI and `ckms` CLI:
 
