Backlog
Investigations and plans waiting for implementation, sorted by last updated date.
| Document | Goal | Updated |
|---|---|---|
| INVESTIGATE: Top-level UIS CLI doc + keeping command examples in sync | Two related issues: | 2026-05-20 |
INVESTIGATE: Harmonise the UIS CLI grammar — uis <noun> <verb> [target] everywhere | — | 2026-05-20 |
| Investigate: UIS Connect Commands for All Services | Build a generic uis service connect <service> [arg] surface that opens an interactive client into any deployed service. Replaces the per-service-verb framing (uis connect postgresql …) with a single umbrella verb under uis service <verb> (alongside future uis service logs, uis service describe, etc.). | 2026-05-20 |
| Plan: AKS Manual Setup — variable-by-variable runbook for first-run provisioning | Provide a self-contained runbook for the first manual run-through of platforms/azure-aks/ against an Azure subscription. Explains every config variable (what it is, where to find it, what changes if you change it), every authentication step, and every script in the order it must run. Companion to PLAN-001-aks-step1-verification.md — that plan's Phase 2 lists the eight scripts to run; this plan is the detailed how and why for someone doing it for the first time. | 2026-05-15 |
| Investigate: First UIS Stack Template | Decide which UIS stack template to create first, then build it as the reference implementation for uis template. | 2026-05-15 |
| INVESTIGATE: Version Pinning for Helm Charts and Container Images | Everything works today, but 18 of 21 Helm charts and several container images have no version pinning. Any upstream release — intentional or accidental — can break the system without warning. A single ./uis deploy could pull a new chart version with breaking changes. | 2026-05-15 |
| INVESTIGATE: Verification Playbooks Usage and Coverage | The ansible/playbooks/utility/ folder contains a mix of verification playbooks, task includes, setup helpers, and one-off utilities. Several of these files appear to have no active caller in the current repo. | 2026-05-15 |
| Investigate: Version Metadata in Service Scripts | Decide how service scripts should expose version information for docs generation and CLI display | 2026-05-15 |
| INVESTIGATE: Remote Deployment Targets & Target Management | — | 2026-05-15 |
| INVESTIGATE: Provision-Host Tools and Provider Authentication | — | 2026-05-15 |
| INVESTIGATE: Platform Provisioning Layer | — | 2026-05-15 |
Investigate: migrate hosts/* to platforms/* (or formally retire) | — | 2026-05-15 |
| Investigate: Metabase Internal BI / Data Exploration for UIS | Deploy Metabase as the internal data-exploration and validation tool for UIS-hosted applications, providing visual SQL exploration, ad-hoc questions, and dashboards for development teams — starting with Atlas, with reusability for future apps. | 2026-05-15 |
| Notes for installing EspoCRM in UIS | — | 2026-05-15 |
| Investigate: Enonic Deployment (apps + content) | Design how artefacts get into the Enonic XP instance running in UIS. Two related artefact types: | 2026-05-15 |
| Investigate: Add an email/SMTP capability to UIS | Provide a single, project-wide way to send email from UIS-deployed services. Today no UIS service can send email because there is no SMTP relay deployed in the cluster and no shared SMTP_* configuration in the secrets layer. This blocks user-onboarding flows in several services we already ship (and several we plan to add). Decide whether to host an SMTP relay inside UIS (dev-only catcher, prod-ish relay) or to point all services at an external provider via shared SMTP credentials, then wire up the chosen pattern once so every service consumes it the same way. | 2026-05-15 |
| Investigate: Dagster Orchestration Platform for UIS | Deploy Dagster as the data orchestration platform in UIS, providing scheduling, observability, and lineage for data pipelines across applications — starting with Atlas, with reusability for future apps. | 2026-05-15 |
| Investigate: Backstage Enhancements | Evaluate and prioritize additional Backstage features beyond the initial deployment (PLAN-002) | 2026-05-15 |
| Investigate: Backstage Authentik OIDC Authentication | Investigate adding Authentik OIDC authentication to Backstage (replacing guest access) | 2026-05-15 |
| INVESTIGATE: Authentik User Config Migration | User-configurable Authentik data (test users, domains, protected services, OAuth apps) is hardcoded in manifests/ where users shouldn't be editing files. This data should live in .uis.extend/ so users can customize their setup without touching infrastructure code. | 2026-05-15 |
| Investigate: DCT One-Command ArgoCD Deployment | Enable a developer to deploy their current project to the UIS Kubernetes cluster from inside the DCT devcontainer with a single command. | 2026-05-15 |
| --- | — | 2026-05-15 |
Investigate: Surface in-cluster service port on services.json | Add the primary in-cluster Kubernetes Service port to each service entry in website/src/data/services.json so that downstream consumers (documentation generators, template tooling, dashboards) can render accurate <service>.<namespace>.svc.cluster.local:<port> references without hardcoding per-service ports or guessing from conventions. | 2026-05-15 |
| Investigate: Docs Markdown Generator Update Logic | Add logic to uis-docs-markdown.sh to update metadata-driven sections of existing markdown pages without overwriting manually written content | 2026-05-15 |
| Investigate: customer onboarding flow for "I need a database for my app" | — | 2026-05-15 |
| --- | — | 2026-05-15 |
Investigate: ./uis deploy <service> semantics for services without a playbook | Decide what ./uis deploy <service> should do when the target service has SCRIPT_PLAYBOOK="" (and SCRIPT_MANIFEST="") — the "metadata-only" case introduced when service-postgrest.sh shipped without a playbook (PLAN-001 documentation gate; PLAN-002 will add the playbook). | 2026-05-15 |
Investigate: ./uis deploy <svc> should auto-regenerate stale kubernetes-secrets.yml | Decide whether (and how) ./uis deploy <svc> should detect a stale generated kubernetes-secrets.yml and either regenerate it automatically or refuse to deploy until the user does. Today, edits to default-secrets.env, 00-common-values.env.template, or 00-master-secrets.yml.template silently no-op for any service that's already deployed unless the user remembers to run ./uis secrets generate && ./uis secrets apply between the template edit and the next deploy. | 2026-05-15 |
| INVESTIGATE backlog — priority view | — | 2026-05-15 |
Investigate: Make 00-common-values.env.template defaults visibly sourced from default-secrets.env | Eliminate the silent-overwrite confusion in the secrets-template flow. A reader of provision-host/uis/templates/secrets-templates/00-common-values.env.template should see, at the line where a DEFAULT_* value is defined, that the value is auto-populated from provision-host/uis/templates/default-secrets.env at init time. Today the template ships with placeholder values (e.g. DEFAULT_ADMIN_PASSWORD=TestPassword@123) that are sed-overwritten by the seven canonical values from default-secrets.env during init_secrets() — the substitution is invisible to a contributor reading either file in isolation. | 2026-05-07 |