docs: define deployment zone overlays

2026-05-24 12:58:18 +02:00
parent e60e8d5bb4
commit ea2fa1203b
4 changed files with 316 additions and 1 deletions
--- a/docs/graph-explorer-contract.md
+++ b/docs/graph-explorer-contract.md
@@ -89,6 +89,13 @@ Hosts should also include useful optional fields when available: `label`,
 `freshnessState`, `confidence`, `visualSize`, `ownership`, `unresolved`,
 `sourceReferences`, and `deepLinks`.

+Fabric hosts should also include deployment overlay fields when available:
+`deploymentEnvironment`, `deploymentScenario`, `routingAuthority`,
+`accessZone`, `policyAuthority`, `exposure`, and `host`. These fields describe
+where an element runs or is reachable in a concrete deployment scenario. They
+do not define fabric membership and must remain filter/grouping metadata unless
+the host explicitly promotes a separate graph relationship with evidence.
+
 Edges may include layout hints used by the client-side layout engine:
 `sameRepo`, `sourceRepo`, `targetRepo`, `layoutAffinity`,
 `layoutIdealLength`, and `layoutElasticity`. Fabric uses these hints to keep
@@ -132,6 +139,30 @@ The first Fabric manifest declares:
 | `binding` | Binding assertions between consumer dependencies and providers. |
 | `library` | Future library/SBOM inventory nodes. |

+## Zone Overlay Modes
+
+The graph explorer should support zone-oriented modes for Fabric payloads:
+
+| Mode | Purpose |
+|------|---------|
+| `fabric` | Group by financial responsibility: fabric, subfabric, owner. |
+| `environment` | Group by `dev`, `test`, `prod`, or other deployment environment. |
+| `deployment-scenario` | Group by concrete scenario such as `bernd-laptop`, `coulombcore`, or `railiance01`. |
+| `routing-authority` | Group by loopback launcher, Compose port mapping, ingress controller, reverse proxy, DNS, or equivalent route authority. |
+| `access-zone` | Group by intended reachability such as `private-dev`, `collaborator-test`, `early-access`, `production-public`, or `production-admin`. |
+
+Zone modes are diagnostic views. They answer "where does this run or who can
+reach it here?" without mutating the underlying Fabric responsibility boundary.
+
+Useful warnings for the graph explorer include:
+
+- control surfaces in user-facing access zones;
+- production nodes with unrestricted developer access;
+- early-access routes without a policy authority;
+- services present in production but missing from test;
+- local-only surfaces that appear in shared or production scenarios;
+- conflicting port or host claims within the same deployment scenario.
+
 ## Repo-Scoping Compatibility

 Repo-scoping can adapt without a rewrite because its current graph payload
@@ -167,3 +198,5 @@ Host repos should own:
 - authentication and authorization
 - domain-specific graph modes
 - deep links back to source systems
+- deployment overlay extraction from the route/proxy/deployment authority they
+  control