pig/pig-farm-controller
1
0
Fork 0
Code Issues 16 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6f7e462589982b694c3f55f07bbff05c1e60e180
pig-farm-controller/bmad/bmm/workflows/testarch/trace/instructions.md

1046 lines
35 KiB
Markdown
Raw Normal View History

bmad初始化
2025-11-01 19:22:39 +08:00
# Test Architect Workflow: Requirements Traceability & Quality Gate Decision
**Workflow:** `testarch-trace`
**Purpose:** Generate requirements-to-tests traceability matrix, analyze coverage gaps, and make quality gate decisions (PASS/CONCERNS/FAIL/WAIVED)
**Agent:** Test Architect (TEA)
**Format:** Pure Markdown v4.0 (no XML blocks)
---
## Overview
This workflow operates in two sequential phases to validate test coverage and deployment readiness:
**PHASE 1 - REQUIREMENTS TRACEABILITY:** Create comprehensive traceability matrix mapping acceptance criteria to implemented tests, identify coverage gaps, and provide actionable recommendations.
**PHASE 2 - QUALITY GATE DECISION:** Use traceability results combined with test execution evidence to make gate decisions (PASS/CONCERNS/FAIL/WAIVED) that determine deployment readiness.
**Key Capabilities:**
- Map acceptance criteria to specific test cases across all levels (E2E, API, Component, Unit)
- Classify coverage status (FULL, PARTIAL, NONE, UNIT-ONLY, INTEGRATION-ONLY)
- Prioritize gaps by risk level (P0/P1/P2/P3) using test-priorities framework
- Apply deterministic decision rules based on coverage and test execution results
- Generate gate decisions with evidence and rationale
- Support waivers for business-approved exceptions
- Update workflow status and notify stakeholders
---
## Prerequisites
**Required (Phase 1):**
- Acceptance criteria (from story file OR provided inline)
- Implemented test suite (or acknowledge gaps to be addressed)
**Required (Phase 2 - if `enable_gate_decision: true`):**
- Test execution results (CI/CD test reports, pass/fail rates)
- Test design with risk priorities (P0/P1/P2/P3)
**Recommended:**
- `test-design.md` (for risk assessment and priority context)
- `nfr-assessment.md` (for release-level gates)
- `tech-spec.md` (for technical implementation context)
- Test framework configuration (playwright.config.ts, jest.config.js, etc.)
**Halt Conditions:**
- If story lacks any implemented tests AND no gaps are acknowledged, recommend running `*atdd` workflow first
- If acceptance criteria are completely missing, halt and request them
- If Phase 2 enabled but test execution results missing, warn and skip gate decision
---
## PHASE 1: REQUIREMENTS TRACEABILITY
This phase focuses on mapping requirements to tests, analyzing coverage, and identifying gaps.
---
### Step 1: Load Context and Knowledge Base
**Actions:**
1. Load relevant knowledge fragments from `{project-root}/bmad/bmm/testarch/tea-index.csv`:
- `test-priorities-matrix.md` - P0/P1/P2/P3 risk framework with automated priority calculation, risk-based mapping, tagging strategy (389 lines, 2 examples)
- `risk-governance.md` - Risk-based testing approach: 6 categories (TECH, SEC, PERF, DATA, BUS, OPS), automated scoring, gate decision engine, coverage traceability (625 lines, 4 examples)
- `probability-impact.md` - Risk scoring methodology: probability × impact matrix, automated classification, dynamic re-assessment, gate integration (604 lines, 4 examples)
- `test-quality.md` - Definition of Done for tests: deterministic, isolated with cleanup, explicit assertions, length/time limits (658 lines, 5 examples)
- `selective-testing.md` - Duplicate coverage patterns: tag-based, spec filters, diff-based selection, promotion rules (727 lines, 4 examples)
2. Read story file (if provided):
- Extract acceptance criteria
- Identify story ID (e.g., 1.3)
- Note any existing test design or priority information
3. Read related BMad artifacts (if available):
- `test-design.md` - Risk assessment and test priorities
- `tech-spec.md` - Technical implementation details
- `PRD.md` - Product requirements context
**Output:** Complete understanding of requirements, priorities, and existing context
---
### Step 2: Discover and Catalog Tests
**Actions:**
1. Auto-discover test files related to the story:
- Search for test IDs (e.g., `1.3-E2E-001`, `1.3-UNIT-005`)
- Search for describe blocks mentioning feature name
- Search for file paths matching feature directory
- Use `glob` to find test files in `{test_dir}`
2. Categorize tests by level:
- **E2E Tests**: Full user journeys through UI
- **API Tests**: HTTP contract and integration tests
- **Component Tests**: UI component behavior in isolation
- **Unit Tests**: Business logic and pure functions
3. Extract test metadata:
- Test ID (if present)
- Describe/context blocks
- It blocks (individual test cases)
- Given-When-Then structure (if BDD)
- Assertions used
- Priority markers (P0/P1/P2/P3)
**Output:** Complete catalog of all tests for this feature
---
### Step 3: Map Criteria to Tests
**Actions:**
1. For each acceptance criterion:
- Search for explicit references (test IDs, describe blocks mentioning criterion)
- Map to specific test files and it blocks
- Use Given-When-Then narrative to verify alignment
- Document test level (E2E, API, Component, Unit)
2. Build traceability matrix:
```
| Criterion ID | Description | Test ID | Test File | Test Level | Coverage Status |
|--------------|-------------|---------|-----------|------------|-----------------|
| AC-1 | User can... | 1.3-E2E-001 | e2e/auth.spec.ts | E2E | FULL |
```
3. Classify coverage status for each criterion:
- **FULL**: All scenarios validated at appropriate level(s)
- **PARTIAL**: Some coverage but missing edge cases or levels
- **NONE**: No test coverage at any level
- **UNIT-ONLY**: Only unit tests (missing integration/E2E validation)
- **INTEGRATION-ONLY**: Only API/Component tests (missing unit confidence)
4. Check for duplicate coverage:
- Same behavior tested at multiple levels unnecessarily
- Flag violations of selective testing principles
- Recommend consolidation where appropriate
**Output:** Complete traceability matrix with coverage classifications
---
### Step 4: Analyze Gaps and Prioritize
**Actions:**
1. Identify coverage gaps:
- List criteria with NONE, PARTIAL, UNIT-ONLY, or INTEGRATION-ONLY status
- Assign severity based on test-priorities framework:
- **CRITICAL**: P0 criteria without FULL coverage (blocks release)
- **HIGH**: P1 criteria without FULL coverage (PR blocker)
- **MEDIUM**: P2 criteria without FULL coverage (nightly test gap)
- **LOW**: P3 criteria without FULL coverage (acceptable gap)
2. Recommend specific tests to add:
- Suggest test level (E2E, API, Component, Unit)
- Provide test description (Given-When-Then)
- Recommend test ID (e.g., `1.3-E2E-004`)
- Explain why this test is needed
3. Calculate coverage metrics:
- Overall coverage percentage (criteria with FULL coverage / total criteria)
- P0 coverage percentage (critical paths)
- P1 coverage percentage (high priority)
- Coverage by level (E2E%, API%, Component%, Unit%)
4. Check against quality gates:
- P0 coverage >= 100% (required)
- P1 coverage >= 90% (recommended)
- Overall coverage >= 80% (recommended)
**Output:** Prioritized gap analysis with actionable recommendations and coverage metrics
---
### Step 5: Verify Test Quality
**Actions:**
1. For each mapped test, verify:
- Explicit assertions are present (not hidden in helpers)
- Test follows Given-When-Then structure
- No hard waits or sleeps
- Self-cleaning (test cleans up its data)
- File size < 300 lines
- Test duration < 90 seconds
2. Flag quality issues:
- **BLOCKER**: Missing assertions, hard waits, flaky patterns
- **WARNING**: Large files, slow tests, unclear structure
- **INFO**: Style inconsistencies, missing documentation
3. Reference knowledge fragments:
- `test-quality.md` for Definition of Done
- `fixture-architecture.md` for self-cleaning patterns
- `network-first.md` for Playwright best practices
- `data-factories.md` for test data patterns
**Output:** Quality assessment for each test with improvement recommendations
---
### Step 6: Generate Deliverables (Phase 1)
**Actions:**
1. Create traceability matrix markdown file:
- Use template from `trace-template.md`
- Include full mapping table
- Add coverage status section
- Add gap analysis section
- Add quality assessment section
- Add recommendations section
- Save to `{output_folder}/traceability-matrix.md`
2. Generate gate YAML snippet (if enabled):
```yaml
traceability:
story_id: '1.3'
coverage:
overall: 85%
p0: 100%
p1: 90%
p2: 75%
gaps:
critical: 0
high: 1
medium: 2
status: 'PASS' # or "FAIL" if P0 < 100%
```
3. Create coverage badge/metric (if enabled):
- Generate badge markdown: `![Coverage](https://img.shields.io/badge/coverage-85%25-green)`
- Export metrics to JSON for CI/CD integration
4. Update story file (if enabled):
- Add "Traceability" section to story markdown
- Link to traceability matrix
- Include coverage summary
- Add gate status
**Output:** Complete Phase 1 traceability deliverables
**Next:** If `enable_gate_decision: true`, proceed to Phase 2. Otherwise, workflow complete.
---
## PHASE 2: QUALITY GATE DECISION
This phase uses traceability results to make a quality gate decision (PASS/CONCERNS/FAIL/WAIVED) based on evidence and decision rules.
**When Phase 2 Runs:** Automatically after Phase 1 if `enable_gate_decision: true` (default: true)
**Skip Conditions:** If test execution results (`test_results`) not provided, warn and skip Phase 2.
---
### Step 7: Gather Quality Evidence
**Actions:**
1. **Load Phase 1 traceability results** (inherited context):
- Coverage metrics (P0/P1/overall percentages)
- Gap analysis (missing/partial tests)
- Quality concerns (test quality flags)
- Traceability matrix
2. **Load test execution results** (if `test_results` provided):
- Read CI/CD test reports (JUnit XML, TAP, JSON)
- Extract pass/fail counts by priority
- Calculate pass rates:
- **P0 pass rate**: `(P0 passed / P0 total) * 100`
- **P1 pass rate**: `(P1 passed / P1 total) * 100`
- **Overall pass rate**: `(All passed / All total) * 100`
- Identify failing tests and map to criteria
3. **Load NFR assessment** (if `nfr_file` provided):
- Read `nfr-assessment.md` or similar
- Check critical NFR status (performance, security, scalability)
- Flag any critical NFR failures
4. **Load supporting artifacts**:
- `test-design.md` → Risk priorities, DoD checklist
- `story-*.md` or `Epics.md` → Requirements context
- `bmm-workflow-status.md` → Workflow completion status (if `check_all_workflows_complete: true`)
5. **Validate evidence freshness** (if `validate_evidence_freshness: true`):
- Check timestamps of test-design, traceability, NFR assessments
- Warn if artifacts are >7 days old
6. **Check prerequisite workflows** (if `check_all_workflows_complete: true`):
- Verify test-design workflow complete
- Verify trace workflow complete (Phase 1)
- Verify nfr-assess workflow complete (if release-level gate)
**Output:** Consolidated evidence bundle with all quality signals
---
### Step 8: Apply Decision Rules
**If `decision_mode: "deterministic"`** (rule-based - default):
**Decision rules** (based on `workflow.yaml` thresholds):
1. **PASS** if ALL of the following are true:
- P0 coverage ≥ `min_p0_coverage` (default: 100%)
- P1 coverage ≥ `min_p1_coverage` (default: 90%)
- Overall coverage ≥ `min_overall_coverage` (default: 80%)
- P0 test pass rate = `min_p0_pass_rate` (default: 100%)
- P1 test pass rate ≥ `min_p1_pass_rate` (default: 95%)
- Overall test pass rate ≥ `min_overall_pass_rate` (default: 90%)
- Critical NFRs passed (if `nfr_file` provided)
- No unresolved security issues ≤ `max_security_issues` (default: 0)
- No test quality red flags (hard waits, no assertions)
2. **CONCERNS** if ANY of the following are true:
- P1 coverage 80-89% (below threshold but not critical)
- P1 test pass rate 90-94% (below threshold but not critical)
- Overall pass rate 85-89%
- P2 coverage <50% (informational)
- Some non-critical NFRs failing
- Minor test quality concerns (large test files, inferred mappings)
- **Note**: CONCERNS does NOT block deployment but requires acknowledgment
3. **FAIL** if ANY of the following are true:
- P0 coverage <100% (missing critical tests)
- P0 test pass rate <100% (failing critical tests)
- P1 coverage <80% (significant gap)
- P1 test pass rate <90% (significant failures)
- Overall coverage <80%
- Overall pass rate <85%
- Critical NFRs failing (`max_critical_nfrs_fail` exceeded)
- Unresolved security issues (`max_security_issues` exceeded)
- Major test quality issues (tests with no assertions, pervasive hard waits)
4. **WAIVED** (only if `allow_waivers: true`):
- Decision would be FAIL based on rules above
- Business stakeholder has approved waiver
- Waiver documented with:
- Justification (time constraint, known limitation, acceptable risk)
- Approver name and date
- Mitigation plan (follow-up stories, manual testing)
- Waiver evidence linked (email, Slack thread, ticket)
**Risk tolerance adjustments:**
- If `allow_p2_failures: true` → P2 test failures do NOT affect gate decision
- If `allow_p3_failures: true` → P3 test failures do NOT affect gate decision
- If `escalate_p1_failures: true` → P1 failures require explicit manager/lead approval
**If `decision_mode: "manual"`:**
- Present evidence summary to team
- Recommend decision based on rules above
- Team makes final call in meeting/chat
- Document decision with approver names
**Output:** Gate decision (PASS/CONCERNS/FAIL/WAIVED) with rule-based rationale
---
### Step 9: Document Decision and Evidence
**Actions:**
1. **Create gate decision document**:
- Save to `gate_output_file` (default: `{output_folder}/gate-decision-{gate_type}-{story_id}.md`)
- Use structure below
2. **Document structure**:
```markdown
# Quality Gate Decision: {gate_type} {story_id/epic_num/release_version}
**Decision**: [PASS / CONCERNS / FAIL / WAIVED]
**Date**: {date}
**Decider**: {decision_mode} (deterministic | manual)
**Evidence Date**: {test_results_date}
---
## Summary
[1-2 sentence summary of decision and key factors]
---
## Decision Criteria
| Criterion | Threshold | Actual | Status |
| ----------------- | --------- | -------- | ------- |
| P0 Coverage | ≥100% | 100% | ✅ PASS |
| P1 Coverage | ≥90% | 88% | ⚠️ FAIL |
| Overall Coverage | ≥80% | 92% | ✅ PASS |
| P0 Pass Rate | 100% | 100% | ✅ PASS |
| P1 Pass Rate | ≥95% | 98% | ✅ PASS |
| Overall Pass Rate | ≥90% | 96% | ✅ PASS |
| Critical NFRs | All Pass | All Pass | ✅ PASS |
| Security Issues | 0 | 0 | ✅ PASS |
**Overall Status**: 7/8 criteria met → Decision: **CONCERNS**
---
## Evidence Summary
### Test Coverage (from Phase 1 Traceability)
- **P0 Coverage**: 100% (5/5 criteria fully covered)
- **P1 Coverage**: 88% (7/8 criteria fully covered)
- **Overall Coverage**: 92% (12/13 criteria covered)
- **Gap**: AC-5 (P1) missing E2E test
### Test Execution Results
- **P0 Pass Rate**: 100% (12/12 tests passed)
- **P1 Pass Rate**: 98% (45/46 tests passed)
- **Overall Pass Rate**: 96% (67/70 tests passed)
- **Failures**: 3 P2 tests (non-blocking)
### Non-Functional Requirements
- Performance: ✅ PASS (response time <500ms)
- Security: ✅ PASS (no vulnerabilities)
- Scalability: ✅ PASS (handles 10K users)
### Test Quality
- All tests have explicit assertions ✅
- No hard waits detected ✅
- Test files <300 lines
- Test IDs follow convention ✅
---
## Decision Rationale
**Why CONCERNS (not PASS)**:
- P1 coverage at 88% is below 90% threshold
- AC-5 (P1 priority) missing E2E test for error handling scenario
- This is a known gap from test-design phase
**Why CONCERNS (not FAIL)**:
- P0 coverage is 100% (critical paths validated)
- Overall coverage is 92% (above 80% threshold)
- Test pass rate is excellent (96% overall)
- Gap is isolated to one P1 criterion (not systemic)
**Recommendation**:
- Acknowledge gap and proceed with deployment
- Add missing AC-5 E2E test in next sprint
- Create follow-up story: "Add E2E test for AC-5 error handling"
---
## Next Steps
- [ ] Create follow-up story for AC-5 E2E test
- [ ] Deploy to staging environment
- [ ] Monitor production for edge cases related to AC-5
- [ ] Update traceability matrix after follow-up test added
---
## References
- Traceability Matrix: `bmad/output/traceability-matrix.md`
- Test Design: `bmad/output/test-design-epic-2.md`
- Test Results: `ci-artifacts/test-report-2025-01-15.xml`
- NFR Assessment: `bmad/output/nfr-assessment-release-1.2.md`
```
3. **Include evidence links** (if `require_evidence: true`):
- Link to traceability matrix
- Link to test execution reports (CI artifacts)
- Link to NFR assessment
- Link to test-design document
- Link to relevant PRs, commits, deployments
4. **Waiver documentation** (if decision is WAIVED):
- Approver name and role (e.g., "Jane Doe, Engineering Manager")
- Approval date and method (e.g., "2025-01-15, Slack thread")
- Justification (e.g., "Time-boxed MVP, missing tests will be added in v1.1")
- Mitigation plan (e.g., "Manual testing by QA, follow-up stories created")
- Evidence link (e.g., "Slack: #engineering 2025-01-15 3:42pm")
**Output:** Complete gate decision document with evidence and rationale
---
### Step 10: Update Status Tracking and Notify
**Actions:**
1. **Update workflow status** (if `append_to_history: true`):
- Append gate decision to `bmm-workflow-status.md` under "Gate History" section
- Format:
```markdown
## Gate History
### Story 1.3 - User Login (2025-01-15)
- **Decision**: CONCERNS
- **Reason**: P1 coverage 88% (below 90%)
- **Document**: [gate-decision-story-1.3.md](bmad/output/gate-decision-story-1.3.md)
- **Action**: Deploy with follow-up story for AC-5
```
2. **Generate stakeholder notification** (if `notify_stakeholders: true`):
- Create concise summary message for team communication
- Include: Decision, key metrics, action items
- Format for Slack/email/chat:
```
🚦 Quality Gate Decision: Story 1.3 - User Login
Decision: ⚠️ CONCERNS
- P0 Coverage: ✅ 100%
- P1 Coverage: ⚠️ 88% (below 90%)
- Test Pass Rate: ✅ 96%
Action Required:
- Create follow-up story for AC-5 E2E test
- Deploy to staging for validation
Full Report: bmad/output/gate-decision-story-1.3.md
```
3. **Request sign-off** (if `require_sign_off: true`):
- Prompt for named approver (tech lead, QA lead, PM)
- Document approver name and timestamp in gate decision
- Block until sign-off received (interactive prompt)
**Output:** Status tracking updated, stakeholders notified, sign-off obtained (if required)
**Workflow Complete**: Both Phase 1 (traceability) and Phase 2 (gate decision) deliverables generated.
---
## Decision Matrix (Quick Reference)
| Scenario | P0 Cov | P1 Cov | Overall Cov | P0 Pass | P1 Pass | Overall Pass | NFRs | Decision |
| --------------- | ----------------- | ------ | ----------- | ------- | ------- | ------------ | ---- | ------------ |
| All green | 100% | ≥90% | ≥80% | 100% | ≥95% | ≥90% | Pass | **PASS** |
| Minor gap | 100% | 80-89% | ≥80% | 100% | 90-94% | 85-89% | Pass | **CONCERNS** |
| Missing P0 | <100% | - | - | - | - | - | - | **FAIL** |
| P0 test fail | 100% | - | - | <100% | - | - | - | **FAIL** |
| P1 gap | 100% | <80% | - | 100% | - | - | - | **FAIL** |
| NFR fail | 100% | ≥90% | ≥80% | 100% | ≥95% | ≥90% | Fail | **FAIL** |
| Security issue | - | - | - | - | - | - | Yes | **FAIL** |
| Business waiver | [FAIL conditions] | - | - | - | - | - | - | **WAIVED** |
---
## Waiver Management
**When to use waivers:**
- Time-boxed MVP releases (known gaps, follow-up planned)
- Low-risk P1 gaps with mitigation (manual testing, monitoring)
- Technical debt acknowledged by product/engineering leadership
- External dependencies blocking test automation
**Waiver approval process:**
1. Document gap and risk in gate decision
2. Propose mitigation plan (manual testing, follow-up stories, monitoring)
3. Request approval from stakeholder (EM, PM, QA lead)
4. Link approval evidence (email, chat thread, meeting notes)
5. Add waiver to gate decision document
6. Create follow-up stories to close gaps
**Waiver does NOT apply to:**
- P0 gaps (always blocking)
- Critical security issues (always blocking)
- Critical NFR failures (performance, data integrity)
---
## Example Gate Decisions
### Example 1: PASS (All Criteria Met)
```
Decision: ✅ PASS
Summary: All quality criteria met. Story 1.3 is ready for production deployment.
Evidence:
- P0 Coverage: 100% (5/5 criteria)
- P1 Coverage: 95% (19/20 criteria)
- Overall Coverage: 92% (24/26 criteria)
- P0 Pass Rate: 100% (12/12 tests)
- P1 Pass Rate: 98% (45/46 tests)
- Overall Pass Rate: 96% (67/70 tests)
- NFRs: All pass (performance, security, scalability)
Action: Deploy to production ✅
```
### Example 2: CONCERNS (Minor Gap, Non-Blocking)
```
Decision: ⚠️ CONCERNS
Summary: P1 coverage slightly below threshold (88% vs 90%). Recommend deploying with follow-up story.
Evidence:
- P0 Coverage: 100% ✅
- P1 Coverage: 88% ⚠️ (below 90%)
- Overall Coverage: 92% ✅
- Test Pass Rate: 96% ✅
- Gap: AC-5 (P1) missing E2E test
Action:
- Deploy to staging for validation
- Create follow-up story for AC-5 E2E test
- Monitor production for edge cases related to AC-5
```
### Example 3: FAIL (P0 Gap, Blocking)
```
Decision: ❌ FAIL
Summary: P0 coverage incomplete. Missing critical validation test. BLOCKING deployment.
Evidence:
- P0 Coverage: 80% ❌ (4/5 criteria, AC-2 missing)
- AC-2: "User cannot login with invalid credentials" (P0 priority)
- No tests validate login security for invalid credentials
- This is a critical security gap
Action:
- Add P0 test for AC-2: 1.3-E2E-004 (invalid credentials)
- Re-run traceability after test added
- Re-evaluate gate decision after P0 coverage = 100%
Deployment BLOCKED until P0 gap resolved ❌
```
### Example 4: WAIVED (Business Decision)
```
Decision: ⚠️ WAIVED
Summary: P1 coverage below threshold (75% vs 90%), but waived for MVP launch.
Evidence:
- P0 Coverage: 100% ✅
- P1 Coverage: 75% ❌ (below 90%)
- Gap: 5 P1 criteria missing E2E tests (error handling, edge cases)
Waiver:
- Approver: Jane Doe, Engineering Manager
- Date: 2025-01-15
- Justification: Time-boxed MVP for investor demo. Core functionality (P0) fully validated. P1 gaps are low-risk edge cases.
- Mitigation: Manual QA testing for P1 scenarios, follow-up stories created for automated tests in v1.1
- Evidence: Slack #engineering 2025-01-15 3:42pm
Action:
- Deploy to production with manual QA validation ✅
- Add 5 E2E tests for P1 gaps in v1.1 sprint
- Monitor production logs for edge case occurrences
```
---
## Non-Prescriptive Approach
**Minimal Examples:** This workflow provides principles and patterns, not rigid templates. Teams should adapt the traceability and gate decision formats to their needs.
**Key Patterns to Follow:**
- Map criteria to tests explicitly (don't rely on inference alone)
- Prioritize by risk (P0 gaps are critical, P3 gaps are acceptable)
- Check coverage at appropriate levels (E2E for journeys, Unit for logic)
- Verify test quality (explicit assertions, no flakiness)
- Apply deterministic gate rules for consistency
- Document gate decisions with clear evidence
- Use waivers judiciously (business approved, mitigation planned)
**Extend as Needed:**
- Add custom coverage classifications
- Integrate with code coverage tools (Istanbul, NYC)
- Link to external traceability systems (JIRA, Azure DevOps)
- Add compliance or regulatory requirements
- Customize gate decision thresholds per project
- Add manual approval workflows for gate decisions
---
## Coverage Classification Details
### FULL Coverage
- All scenarios validated at appropriate test level(s)
- Edge cases considered
- Both happy path and error paths tested
- Assertions are explicit and complete
### PARTIAL Coverage
- Some scenarios validated but missing edge cases
- Only happy path tested (missing error paths)
- Assertions present but incomplete
- Coverage exists but needs enhancement
### NONE Coverage
- No tests found for this criterion
- Complete gap requiring new tests
- Critical if P0/P1, acceptable if P3
### UNIT-ONLY Coverage
- Only unit tests exist (business logic validated)
- Missing integration or E2E validation
- Risk: Implementation may not work end-to-end
- Recommendation: Add integration or E2E tests for critical paths
### INTEGRATION-ONLY Coverage
- Only API or Component tests exist
- Missing unit test confidence for business logic
- Risk: Logic errors may not be caught quickly
- Recommendation: Add unit tests for complex algorithms or state machines
---
## Duplicate Coverage Detection
Use selective testing principles from `selective-testing.md`:
**Acceptable Overlap:**
- Unit tests for business logic + E2E tests for user journey (different aspects)
- API tests for contract + E2E tests for full workflow (defense in depth for critical paths)
**Unacceptable Duplication:**
- Same validation at multiple levels (e.g., E2E testing math logic better suited for unit tests)
- Multiple E2E tests covering identical user path
- Component tests duplicating unit test logic
**Recommendation Pattern:**
- Test logic at unit level
- Test integration at API/Component level
- Test user experience at E2E level
- Avoid testing framework behavior at any level
---
## Integration with BMad Artifacts
### With test-design.md
- Use risk assessment to prioritize gap remediation
- Reference test priorities (P0/P1/P2/P3) for severity classification and gate decision
- Align traceability with originally planned test coverage
### With tech-spec.md
- Understand technical implementation details
- Map criteria to specific code modules
- Verify tests cover technical edge cases
### With PRD.md
- Understand full product context
- Verify acceptance criteria align with product goals
- Check for unstated requirements that need coverage
### With nfr-assessment.md
- Load non-functional validation results for gate decision
- Check critical NFR status (performance, security, scalability)
- Include NFR pass/fail in gate decision criteria
---
## Quality Gates (Phase 1 Recommendations)
### P0 Coverage (Critical Paths)
- **Requirement:** 100% FULL coverage
- **Severity:** BLOCKER if not met
- **Action:** Do not release until P0 coverage is complete
### P1 Coverage (High Priority)
- **Requirement:** 90% FULL coverage
- **Severity:** HIGH if not met
- **Action:** Block PR merge until addressed
### P2 Coverage (Medium Priority)
- **Requirement:** No strict requirement (recommended 80%)
- **Severity:** MEDIUM if gaps exist
- **Action:** Address in nightly test improvements
### P3 Coverage (Low Priority)
- **Requirement:** No requirement
- **Severity:** LOW if gaps exist
- **Action:** Optional - add if time permits
---
## Example Traceability Matrix
````markdown
# Traceability Matrix - Story 1.3
**Story:** User Authentication
**Date:** 2025-10-14
**Status:** 85% Coverage (1 HIGH gap)
## Coverage Summary
| Priority | Total Criteria | FULL Coverage | Coverage % | Status |
| --------- | -------------- | ------------- | ---------- | ------- |
| P0 | 3 | 3 | 100% | ✅ PASS |
| P1 | 5 | 4 | 80% | ⚠️ WARN |
| P2 | 4 | 3 | 75% | ✅ PASS |
| P3 | 2 | 1 | 50% | ✅ PASS |
| **Total** | **14** | **11** | **79%** | ⚠️ WARN |
## Detailed Mapping
### AC-1: User can login with email and password (P0)
- **Coverage:** FULL ✅
- **Tests:**
- `1.3-E2E-001` - tests/e2e/auth.spec.ts:12
- Given: User has valid credentials
- When: User submits login form
- Then: User is redirected to dashboard
- `1.3-UNIT-001` - tests/unit/auth-service.spec.ts:8
- Given: Valid email and password hash
- When: validateCredentials is called
- Then: Returns user object
### AC-2: User sees error for invalid credentials (P0)
- **Coverage:** FULL ✅
- **Tests:**
- `1.3-E2E-002` - tests/e2e/auth.spec.ts:28
- Given: User has invalid password
- When: User submits login form
- Then: Error message is displayed
- `1.3-UNIT-002` - tests/unit/auth-service.spec.ts:18
- Given: Invalid password hash
- When: validateCredentials is called
- Then: Throws AuthenticationError
### AC-3: User can reset password via email (P1)
- **Coverage:** PARTIAL ⚠️
- **Tests:**
- `1.3-E2E-003` - tests/e2e/auth.spec.ts:44
- Given: User requests password reset
- When: User clicks reset link
- Then: User can set new password
- **Gaps:**
- Missing: Email delivery validation
- Missing: Expired token handling
- Missing: Unit test for token generation
- **Recommendation:** Add `1.3-API-001` for email service integration and `1.3-UNIT-003` for token logic
## Gap Analysis
### Critical Gaps (BLOCKER)
- None ✅
### High Priority Gaps (PR BLOCKER)
1. **AC-3: Password reset email edge cases**
- Missing tests for expired tokens, invalid tokens, email failures
- Recommend: `1.3-API-001` (email service integration) and `1.3-E2E-004` (error paths)
- Impact: Users may not be able to recover accounts in error scenarios
### Medium Priority Gaps (Nightly)
1. **AC-7: Session timeout handling** - UNIT-ONLY coverage (missing E2E validation)
## Quality Assessment
### Tests with Issues
- `1.3-E2E-001` ⚠️ - 145 seconds (exceeds 90s target) - Optimize fixture setup
- `1.3-UNIT-005` ⚠️ - 320 lines (exceeds 300 line limit) - Split into multiple test files
### Tests Passing Quality Gates
- 11/13 tests (85%) meet all quality criteria ✅
## Gate YAML Snippet
```yaml
traceability:
story_id: '1.3'
coverage:
overall: 79%
p0: 100%
p1: 80%
p2: 75%
p3: 50%
gaps:
critical: 0
high: 1
medium: 1
low: 1
status: 'WARN' # P1 coverage below 90% threshold
recommendations:
- 'Add 1.3-API-001 for email service integration'
- 'Add 1.3-E2E-004 for password reset error paths'
- 'Optimize 1.3-E2E-001 performance (145s → <90s)'
```
````
## Recommendations
1. **Address High Priority Gap:** Add password reset edge case tests before PR merge
2. **Optimize Slow Test:** Refactor `1.3-E2E-001` to use faster fixture setup
3. **Split Large Test:** Break `1.3-UNIT-005` into focused test files
4. **Enhance P2 Coverage:** Add E2E validation for session timeout (currently UNIT-ONLY)
```
---
## Validation Checklist
Before completing this workflow, verify:
**Phase 1 (Traceability):**
- ✅ All acceptance criteria are mapped to tests (or gaps are documented)
- ✅ Coverage status is classified (FULL, PARTIAL, NONE, UNIT-ONLY, INTEGRATION-ONLY)
- ✅ Gaps are prioritized by risk level (P0/P1/P2/P3)
- ✅ P0 coverage is 100% or blockers are documented
- ✅ Duplicate coverage is identified and flagged
- ✅ Test quality is assessed (assertions, structure, performance)
- ✅ Traceability matrix is generated and saved
**Phase 2 (Gate Decision - if enabled):**
- ✅ Test execution results loaded and pass rates calculated
- ✅ NFR assessment results loaded (if applicable)
- ✅ Decision rules applied consistently (PASS/CONCERNS/FAIL/WAIVED)
- ✅ Gate decision document created with evidence
- ✅ Waiver documented if decision is WAIVED (approver, justification, mitigation)
- ✅ Workflow status updated (bmm-workflow-status.md)
- ✅ Stakeholders notified (if enabled)
---
## Notes
**Phase 1 (Traceability):**
- **Explicit Mapping:** Require tests to reference criteria explicitly (test IDs, describe blocks) for maintainability
- **Risk-Based Prioritization:** Use test-priorities framework (P0/P1/P2/P3) to determine gap severity
- **Quality Over Quantity:** Better to have fewer high-quality tests with FULL coverage than many low-quality tests with PARTIAL coverage
- **Selective Testing:** Avoid duplicate coverage - test each behavior at the appropriate level only
**Phase 2 (Gate Decision):**
- **Deterministic Rules:** Use consistent thresholds (P0=100%, P1≥90%, overall≥80%) for objectivity
- **Evidence-Based:** Every decision must cite specific metrics (coverage %, pass rates, NFRs)
- **Waiver Discipline:** Waivers require approver name, justification, mitigation plan, and evidence link
- **Non-Blocking CONCERNS:** Use CONCERNS for minor gaps that don't justify blocking deployment (e.g., P1 at 88% vs 90%)
- **Automate in CI/CD:** Generate YAML snippets that can be consumed by CI/CD pipelines for automated quality gates
---
## Troubleshooting
### "No tests found for this story"
- Run `*atdd` workflow first to generate failing acceptance tests
- Check test file naming conventions (may not match story ID pattern)
- Verify test directory path is correct
### "Cannot determine coverage status"
- Tests may lack explicit mapping to criteria (no test IDs, unclear describe blocks)
- Review test structure and add Given-When-Then narrative
- Add test IDs in format: `{STORY_ID}-{LEVEL}-{SEQ}` (e.g., 1.3-E2E-001)
### "P0 coverage below 100%"
- This is a **BLOCKER** - do not release
- Identify missing P0 tests in gap analysis
- Run `*atdd` workflow to generate missing tests
- Verify with stakeholders that P0 classification is correct
### "Duplicate coverage detected"
- Review selective testing principles in `selective-testing.md`
- Determine if overlap is acceptable (defense in depth) or wasteful (same validation at multiple levels)
- Consolidate tests at appropriate level (logic → unit, integration → API, journey → E2E)
### "Test execution results missing" (Phase 2)
- Phase 2 gate decision requires `test_results` (CI/CD test reports)
- If missing, Phase 2 will be skipped with warning
- Provide JUnit XML, TAP, or JSON test report path via `test_results` variable
### "Gate decision is FAIL but deployment needed urgently"
- Request business waiver (if `allow_waivers: true`)
- Document approver, justification, mitigation plan
- Create follow-up stories to address gaps
- Use WAIVED decision only for non-P0 gaps
---
## Related Workflows
**Prerequisites:**
- `testarch-test-design` - Define test priorities (P0/P1/P2/P3) before tracing (required for Phase 2)
- `testarch-atdd` or `testarch-automate` - Generate tests before tracing coverage
**Complements:**
- `testarch-nfr-assess` - Non-functional requirements validation (recommended for release gates)
- `testarch-test-review` - Review test quality issues flagged in traceability
**Next Steps:**
- If gate decision is PASS/CONCERNS → Deploy and monitor
- If gate decision is FAIL → Add missing tests, re-run trace workflow
- If gate decision is WAIVED → Deploy with mitigation, create follow-up stories
---
<!-- Powered by BMAD-CORE™ -->
```
Reference in New Issue Copy Permalink