mirror of
https://github.com/azaion/gps-denied-onboard.git
synced 2026-06-21 08:41:12 +00:00
[AZ-489] [AZ-490] ADR-010 design pass: operator-mission as cold-start anchor
Architecture, contracts, and task amendments for the flight-route-driven preflight + cold-start origin feature (ADR-010). No source code touched in this commit; the implementation commits for AZ-489 / AZ-490 / AZ-419 land separately. * architecture.md: ADR-010, new Principle #14, amended Principle #11, external systems gain flights service + Mission Planner UI, data model gains Flight / Waypoint / TakeoffOrigin. * system-flows.md: F1 gains phase 0 (Flight resolve), F2 gains cold-start ladder, F7 gains mid-flight bounded-delta GPS gate. * glossary.md: Flight, Flights API, Mid-flight bounded-delta GPS gate, Mission Planner UI, Takeoff origin, Waypoint. * C10: description + cache_provisioner + manifest_verifier bumped to v1.1 carrying takeoff_origin + flight_id in the manifest hash. * C12: description updated + new flights_api_client.md contract v1.0. * C5: description + state_estimator_protocol bumped to v1.1 with set_takeoff_origin + 3-clause spoof-promotion gate. * AZ-323/324/325/326/328/419 amended in place. AZ-490 spec created (C5 set_takeoff_origin entrypoint). * Dependencies table: 142 tasks / 478 pts / 15 forward edges (2 new tasks, 2 backward deps, 2 forward deps from AZ-419). * Leftovers cleared: 2026-05-11 Jira transition entries for AZ-355 and AZ-386 are deleted (Jira reconnected; both already transitioned in their respective implementation commits). Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
Oleksandr Bezdieniezhnykh
@@ -1,15 +1,15 @@
|
||||
# Dependencies Table
|
||||
|
||||
**Date**: 2026-05-10 (refreshed after E-BBT decomposition)
|
||||
**Total Tasks**: 140 (99 product + 41 blackbox-test)
|
||||
**Total Complexity Points**: 472 (339 product + 133 blackbox-test)
|
||||
**Date**: 2026-05-11 (refreshed after AZ-489 + AZ-490 onboarding for ADR-010 operator-origin path)
|
||||
**Total Tasks**: 142 (101 product + 41 blackbox-test)
|
||||
**Total Complexity Points**: 478 (345 product + 133 blackbox-test)
|
||||
|
||||
Dependencies columns list only the tracker-ID portion (descriptive tail
|
||||
text in each task spec is omitted here for table-readability). The
|
||||
authoritative dependency narrative — including "co-developed", "forward
|
||||
dependency", and helper-vs-Protocol distinctions — lives in each task's
|
||||
own `Dependencies:` field. The graph is a strict DAG: a topological
|
||||
traversal visits all 140 tasks. The 13 forward edges (dep ID > task ID)
|
||||
traversal visits all 142 tasks. The 15 forward edges (dep ID > task ID)
|
||||
are all declared and documented below under **Cycle Check**.
|
||||
|
||||
| Task | Name | Complexity | Dependencies | Epic |
|
||||
@@ -61,9 +61,9 @@ are all declared and documented below under **Cycle Check**.
|
||||
| AZ-323 | C10 Manifest Builder | 3 | AZ-263, AZ-269, AZ-266, AZ-280, AZ-281, AZ-303 | AZ-252 |
|
||||
| AZ-324 | C10 ManifestVerifier | 3 | AZ-263, AZ-269, AZ-266, AZ-280, AZ-281 | AZ-252 |
|
||||
| AZ-325 | C10 CacheProvisioner | 3 | AZ-263, AZ-269, AZ-266, AZ-303, AZ-321, AZ-322, AZ-323 | AZ-252 |
|
||||
| AZ-326 | C12 CLI App | 3 | AZ-263, AZ-269, AZ-266 | AZ-253 |
|
||||
| AZ-326 | C12 CLI App | 3 | AZ-263, AZ-269, AZ-266, AZ-489 | AZ-253 |
|
||||
| AZ-327 | C12 Companion Bringup | 3 | AZ-263, AZ-269, AZ-266 | AZ-253 |
|
||||
| AZ-328 | C12 Build-Cache Orchestrator | 5 | AZ-326, AZ-327, AZ-316, AZ-325, AZ-263, AZ-269, AZ-266 | AZ-253 |
|
||||
| AZ-328 | C12 Build-Cache Orchestrator | 5 | AZ-326, AZ-327, AZ-316, AZ-325, AZ-489, AZ-263, AZ-269, AZ-266 | AZ-253 |
|
||||
| AZ-329 | C12 Post-Landing Upload | 3 | AZ-326, AZ-319, AZ-272, AZ-263, AZ-269, AZ-266 | AZ-253 |
|
||||
| AZ-330 | C12 OperatorReLocService | 3 | AZ-326, AZ-273, AZ-263, AZ-269, AZ-266 | AZ-253 |
|
||||
| AZ-331 | C1 VioStrategy Protocol | 3 | AZ-263, AZ-269, AZ-266, AZ-270, AZ-272, AZ-276, AZ-277 | AZ-254 |
|
||||
@@ -126,7 +126,7 @@ are all declared and documented below under **Cycle Check**.
|
||||
| AZ-416 | FT-P-09-AP — ArduPilot Plane GPS_INPUT contract + MAVLink 2.0 signing handshake | 5 | AZ-406, AZ-407 | AZ-262 |
|
||||
| AZ-417 | FT-P-09-iNav — iNav MSP2_SENSOR_GPS contract conformance | 3 | AZ-406, AZ-407 | AZ-262 |
|
||||
| AZ-418 | FT-P-10 — GTSAM smoothing-loop look-back accuracy | 3 | AZ-406, AZ-407 | AZ-262 |
|
||||
| AZ-419 | FT-P-11 — Cold-start initialization from FC EKF | 3 | AZ-406, AZ-407 | AZ-262 |
|
||||
| AZ-419 | FT-P-11 — Cold-start init (operator-manifest primary + FC EKF secondary + bounded-delta gate)| 3 | AZ-406, AZ-407, AZ-489 (forward), AZ-490 (forward) | AZ-262 |
|
||||
| AZ-420 | FT-P-12 + FT-P-13 — GCS downsample + GCS-originated re-loc command | 3 | AZ-406, AZ-407 | AZ-262 |
|
||||
| AZ-421 | FT-P-15 + FT-P-16 + FT-P-18 — Tile cache + offline + no-raw-retention | 3 | AZ-406, AZ-407 | AZ-262 |
|
||||
| AZ-422 | FT-P-17 + FT-N-06 — Mid-flight tile generation + freshness | 3 | AZ-406, AZ-407 | AZ-262 |
|
||||
@@ -154,6 +154,8 @@ are all declared and documented below under **Cycle Check**.
|
||||
| AZ-444 | Tier-2 Jetson harness wrapper — run-tier2.sh, ssh provisioning, systemd, ASan-fuzz | 5 | AZ-406 | AZ-262 |
|
||||
| AZ-445 | CSV reporter + evidence bundler — per-NFR machine-readable outputs + traceability-status.json | 2 | AZ-406 | AZ-262 |
|
||||
| AZ-446 | CSV reporter refinements — trend-line + acceptance-band annotations + Monte Carlo CI | 2 | AZ-406, AZ-445 | AZ-262 |
|
||||
| AZ-489 | C12 FlightsApiClient — fetch Flight from suite flights service + offline JSON fallback | 3 | AZ-263, AZ-269, AZ-266, AZ-279, AZ-280 | AZ-253 |
|
||||
| AZ-490 | C5 set_takeoff_origin entrypoint — accept operator origin from C10 Manifest | 3 | AZ-263, AZ-269, AZ-266, AZ-272, AZ-273, AZ-279, AZ-381, AZ-383, AZ-384, AZ-385, AZ-386 | AZ-260 |
|
||||
|
||||
## Notes
|
||||
|
||||
@@ -189,6 +191,23 @@ are all declared and documented below under **Cycle Check**.
|
||||
`blackout_spoof.py`; NFT-RES-04 is the focused 35 s escalation
|
||||
scenario while FT-N-04 covers the 5 s / 15 s / 35 s ladder.
|
||||
- AZ-446 depends on AZ-445 — refinements layer over the bundler.
|
||||
- **ADR-010 operator-origin path** (added 2026-05-11):
|
||||
- **AZ-489 (C12 FlightsApiClient)** is the new read-only Flight
|
||||
resolver for C12; it has no consumers inside its own epic but
|
||||
feeds AZ-326 (CLI flags) and AZ-328 (orchestrator phase 0) — both
|
||||
declare a hard backward dep on AZ-489. The CLI's `--flight-id` /
|
||||
`--flight-file` flags + AZ-328's flight-resolve phase 0 cannot
|
||||
land without it.
|
||||
- **AZ-490 (C5 set_takeoff_origin)** extends the AZ-381 Protocol
|
||||
with the pre-takeoff entrypoint, amends the AZ-385 source-label
|
||||
state machine with the third bounded-delta clause, and depends
|
||||
on AZ-381..AZ-386 (Protocol + factor adds + marginals + source
|
||||
label gate + ESKF baseline) plus AZ-272/273/279 for FDR + Vincenty.
|
||||
All deps are backward; AZ-490 ships after the C5 epic core lands.
|
||||
- **AZ-419 (FT-P-11 cold-start)** carries forward deps on both
|
||||
AZ-489 + AZ-490 — the blackbox cold-start scenario now exercises
|
||||
the operator-manifest primary path (needs both) AND the FC EKF
|
||||
secondary fallback (back-compat).
|
||||
- **All E-BBT tasks depend on AZ-406 (test infrastructure)**; this is
|
||||
by design — AZ-406 is the foundation every blackbox test depends on
|
||||
(analogous to AZ-263 for the product side).
|
||||
@@ -202,13 +221,13 @@ are all declared and documented below under **Cycle Check**.
|
||||
- C3 `CrossDomainMatcher` → AZ-344 (Protocol) + AZ-345/346/347 (concrete)
|
||||
- C3.5 `ConditionalRefiner` → AZ-348 (Protocol + Passthrough) + AZ-349 (AdHoP)
|
||||
- C4 `PoseEstimator` → AZ-355 (Protocol) + AZ-358/361 (concrete)
|
||||
- C5 `StateEstimator` → AZ-381 (Protocol) + AZ-382..AZ-389 (concrete)
|
||||
- C5 `StateEstimator` → AZ-381 (Protocol) + AZ-382..AZ-389 (concrete) + AZ-490 (`set_takeoff_origin` entrypoint + bounded-delta gate)
|
||||
- C6 `TileStore` / `DescriptorIndex` → AZ-303 (Interfaces) + AZ-304/305/306/307/308
|
||||
- C7 `InferenceRuntime` → AZ-297 (Protocol) + AZ-298/299/300/301/302
|
||||
- C8 `FcAdapter` / `GcsAdapter` → AZ-390 (Protocols) + AZ-391..AZ-397
|
||||
- C10 Provisioning → AZ-321/322/323/324/325
|
||||
- C11 Tile Manager → AZ-316/317/318/319/320
|
||||
- C12 Operator Tooling → AZ-326/327/328/329/330
|
||||
- C12 Operator Tooling → AZ-326/327/328/329/330 + AZ-489 (FlightsApiClient)
|
||||
- C13 FDR Writer → AZ-291..AZ-296
|
||||
|
||||
- **Cross-cutting product modules**:
|
||||
@@ -244,7 +263,7 @@ are all declared and documented below under **Cycle Check**.
|
||||
## Cycle Check
|
||||
|
||||
A static dependency-graph traversal (Kahn topological sort) visits all
|
||||
140 nodes — no cycles. The 13 forward edges (dep ID > task ID) are all
|
||||
142 nodes — no cycles. The 15 forward edges (dep ID > task ID) are all
|
||||
declared, bounded, and documented:
|
||||
|
||||
- **AZ-267 → AZ-272** (FDR Log Bridge → FdrRecord Schema; shipped in
|
||||
@@ -261,6 +280,13 @@ declared, bounded, and documented:
|
||||
optionally for the ASan-fuzz mode). AZ-444 is therefore scheduled
|
||||
as the first Tier-2 E-BBT deliverable; the dependent scenarios land
|
||||
on top of it.
|
||||
- **AZ-326 → AZ-489, AZ-328 → AZ-489** (C12 CLI + orchestrator
|
||||
depend on the new C12 FlightsApiClient task added 2026-05-11; the
|
||||
client lands first inside the C12 epic and the CLI/orchestrator
|
||||
then plug it in).
|
||||
- **AZ-419 → AZ-489, AZ-419 → AZ-490** (blackbox cold-start scenario
|
||||
forward-depends on both the C12 client + the new C5 entrypoint;
|
||||
the scenario lands after both product tasks).
|
||||
|
||||
The graph is therefore a strict DAG once these documented forward
|
||||
edges are accounted for, and remains sortable by tracker ID modulo
|
||||
|
||||
Reference in New Issue
Block a user