Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 14 additions & 16 deletions frontend/src/pages/reports/ReportsPage.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -8,19 +8,18 @@ import type { components } from '@/api/schema';

// ReportsPage — the compliance-artifact library at /reports.
//
// MVP scope (matches docs/engineering/prototypes/openwatch-v1/Reports.html
// but built honestly): ONE template, the Fleet Compliance Executive
// Summary. "Generate report" computes a point-in-time posture snapshot
// from data that already exists (host_rule_state pass/fail + critical,
// the fleet rollup, recent drift) and stores it as a report row with
// JSON content. The Library tab lists those rows; clicking one opens a
// simple detail panel rendering the stored content JSON.
// Two report kinds, generatable from the Library's kind selector: the
// Fleet Compliance Executive Summary (leadership) and the Framework
// Attestation (auditor/GRC). "Generate report" computes a point-in-time,
// immutable snapshot from data that already exists and stores it as a
// report row; the Library lists those rows and the detail panel renders a
// kind-aware body (ExecutiveBody / AttestationBody) over the frozen content.
//
// Live: scope picker, coverage caveat, PDF/JSON download, Ed25519 signing
// with a "Signed" badge + offline Verify (re-hash the canonical JSON face,
// Ed25519-verify the signature against the published key). Still deferred
// (honest "coming soon" states, NOT faked): OSCAL export, the Templates
// gallery, the Scheduled dispatcher.
// Live: kind selector, scope + framework pickers, coverage caveat, Ed25519
// signing with a "Signed" badge + offline Verify, and downloadable faces
// (PDF cover, CSV evidence, OSCAL SAR, canonical JSON). Still deferred
// (honest "coming soon" states, NOT faked): the Templates gallery and the
// Scheduled dispatcher.

type Report = components['schemas']['Report'];

Expand Down Expand Up @@ -1091,8 +1090,7 @@ function ExecutiveBody({ content }: { content: ExecutiveContent }) {
borderTop: '1px solid var(--ow-line)',
}}
>
Figures reflect the last successful scan per host, not current state. Signing, PDF, and
OSCAL export are not part of this MVP.
Figures reflect the last successful scan per host, not current state.
</div>
</div>
);
Expand Down Expand Up @@ -1237,8 +1235,8 @@ function ComingSoon({ what }: { what: string }) {
}}
>
{what === 'Templates'
? 'A gallery of report templates (attestation, remediation, exceptions) requires signing and PDF/OSCAL rendering, which are not built yet. Today the Library generates a Fleet Compliance Executive Summary.'
: 'Scheduled report delivery requires a dispatcher and signing, which are not built yet. For now, generate reports on demand from the Library tab.'}
? 'The report kinds (Fleet Compliance Executive Summary and Framework Attestation) are live in the Library tab, each with signed PDF, CSV, OSCAL, and JSON faces. A gallery for building and saving custom report templates is not built yet.'
: 'Scheduled report delivery requires a dispatcher, which is not built yet. For now, generate reports on demand from the Library tab.'}
</div>
</div>
</Panel>
Expand Down
32 changes: 16 additions & 16 deletions specs/frontend/reports.spec.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,14 @@ spec:
feature: The /reports page - a Library tab listing generated reports with a Generate action, plus deferred Templates and Scheduled tabs, over api-reports
description: >
ReportsPage is the operator's compliance-artifact library over
api-reports. The openwatch-v1 Reports.html prototype is a richer
surface (a six-template gallery, a Scheduled dispatcher with
delivery rows, a signed-report viewer modal, and an OSCAL artifact
viewer), but most of that is backend-gated: the MVP backend signs
nothing, renders no PDF or OSCAL, and runs no scheduler. This spec
covers the data-faithful subset, styled to the prototype: a Library
tab plus a Generate action, with the Templates and Scheduled tabs
rendered as honest "coming soon" deferred states rather than faked
data or signing.
api-reports. The Library tab generates two report kinds (the Fleet
Compliance Executive Summary and the Framework Attestation) and opens
each in a kind-aware detail panel with Ed25519 signing + offline
Verify and downloadable faces (PDF cover, CSV evidence, OSCAL SAR,
canonical JSON). What remains prototype-only from the openwatch-v1
Reports.html surface is the multi-template gallery BUILDER and the
Scheduled dispatcher; those two tabs render honest "coming soon"
deferred states rather than faked data.

The Library tab issues a single query keyed ["reports"] against GET
/api/v1/reports via api.GET from @/api/client and renders a table of
Expand Down Expand Up @@ -49,23 +48,24 @@ spec:
objective:
summary: >
Opening /reports shows the real Library of generated reports with a
Generate action gated on host:write, and presents the Templates and
kind-aware Generate action gated on host:write, signed downloadable
faces (PDF/CSV/OSCAL/JSON) with offline Verify, and the Templates and
Scheduled tabs as honest deferred states, with loading, empty, and
error handling. No faked signing, PDF, OSCAL, or schedules.
error handling. No faked data: the deferred tabs render coming-soon
states rather than fabricated templates or schedules.
scope:
includes:
- 'ReportsPage at /reports: Library tab table from GET /api/v1/reports'
- 'Library columns: title, type chip (kind), scope, data as of, generated by, format'
- 'Generate action: POST /api/v1/reports:generate, ["reports"] invalidation, permission gated on host:write'
- 'Generate action: POST /api/v1/reports:generate (kind + scope + framework), ["reports"] invalidation, permission gated on host:write'
- 'Kind-aware detail body, signing badge + offline Verify, and downloadable PDF/CSV/OSCAL/JSON faces'
- 'Templates and Scheduled tabs as honest "coming soon" deferred states (no endpoint, no faked data)'
- 'Route mounted at path "reports" under protectedRoute and the sidebar Reports entry enabled'
- 'Prototype styling on --ow-* tokens with honest loading / empty / error states'
excludes:
- 'The signed-report viewer modal and the "Signed" badge (the MVP stores no signature)'
- 'PDF and OSCAL export plus the OSCAL artifact viewer (no rendering in the MVP)'
- 'The six-template Templates gallery with a per-template builder (deferred to a coming-soon state)'
- 'The multi-template gallery BUILDER (saving custom report templates; the report kinds themselves are live, deferred to a coming-soon state)'
- 'The Scheduled dispatcher with delivery rows and toggles (deferred to a coming-soon state)'
- 'A scope or framework-lens or period picker on Generate (the MVP generates the executive summary for all hosts)'
- 'A period dimension on Generate (applies to the trend, not the point-in-time report)'

constraints:
- id: C-01
Expand Down
Loading