# System Review Path

This is the compact engineering route for inspecting DriveDesk Core. It ties
the public root, Platform Tour, demo, API, SDK, operations evidence, incident
response, release safety, GitOps, OpenTofu, and evidence index into one
verifiable chain.

Document path: `docs/public/SYSTEM_REVIEW_PATH.md`.

For the timeboxed verification route, continue with
`docs/public/REVIEWER_QUICKSTART.md`.

The path is public-safe: it uses synthetic data and sanitized evidence only.

## 3-Minute Route

| Step | Inspect | What it proves |
| --- | --- | --- |
| 1 | GitHub Pages engineering reference | The public entrypoint is generated by the export pipeline and links demo, docs, OpenAPI, CI, and evidence. |
| 2 | `docs/public/PLATFORM_TOUR.md` | The Business OS tour connects business event -> workflow -> adapter -> incident -> proof in one route. |
| 3 | `apps/admin/public-demo/` Workflow, Control Tower, Integrations, Operations, Incidents, and Proof tabs | The demo exposes executable system behavior, not a static screenshot. |
| 4 | `docs/public/PROJECT_STATUS.md` | Current validated state, limits, and next engineering work are explicit. |
| 5 | `docs/public/TECHNICAL_CAPABILITY_MAP.md` | Each visible capability maps to implementation surface, evidence, and verifier commands. |
| 6 | `docs/public/ENGINEERING_PROOF.md` | The demo Proof tab, API payload, OpenAPI schema, SDK, docs, and CI gates share one proof contract. |

## Evidence Chain

```text
architecture -> demo -> API -> SDK -> workflow -> observability -> incident -> release safety -> GitOps/IaC -> evidence index
```

The fastest end-to-end demo chain is:

```text
business event -> workflow -> adapter -> incident -> proof
approval -> notification -> adapter -> incident -> recovery -> proof
```

Primary artifacts:

| Area | Artifact |
| --- | --- |
| Platform tour | `docs/public/PLATFORM_TOUR.md` |
| Architecture | `docs/public/SYSTEM_DESIGN.md` |
| Demo API | `docs/public/API_BACKED_DEMO.md`, `docs/openapi.json`, `GET /demo/public`, `GET /demo/connector-fixture-replay`, `GET /demo/business-intake-pipeline`, `GET /demo/business-task-handoff`, `GET /demo/business-notification-channels`, `GET /demo/business-context-assistant`, `GET /demo/business-action-execution`, `GET /demo/business-approval-gateway`, `GET /demo/integration-runtime`, `GET /demo/integration-execution`, `GET /demo/integration-repair`, `GET /demo/business-scenario-replay` |
| SDK | `docs/public/CLIENT_SDK.md`, `sdk/generated/public-demo/` |
| Workflow | `docs/public/WORKFLOW_DEMO.md`, `endToEndScenario` |
| Connector replay | `docs/public/CONNECTOR_FIXTURE_REPLAY.md`, `GET /demo/connector-fixture-replay`, `examples/connector-fixtures/replay-fixtures.sanitized.json` |
| Business intake pipeline | `docs/public/BUSINESS_INTAKE_PIPELINE.md`, `GET /demo/business-intake-pipeline`, `businessIntakePipeline` |
| Business task handoff | `docs/public/BUSINESS_TASK_HANDOFF.md`, `GET /demo/business-task-handoff`, `businessTaskHandoff` |
| Business notification channels | `docs/public/BUSINESS_NOTIFICATION_CHANNELS.md`, `GET /demo/business-notification-channels`, `businessNotificationChannels` |
| Business Context Assistant | `docs/public/BUSINESS_CONTEXT_ASSISTANT.md`, `GET /demo/business-context-assistant`, `businessContextAssistant`, `POST /tenants/{tenant_id}/business-workbench-context/preview` |
| Business action execution | `docs/public/BUSINESS_ACTION_EXECUTION.md`, `GET /demo/business-action-execution`, `businessActionExecution`, `POST /tenants/{tenant_id}/business-action-executions/preview` |
| Business approval gateway | `docs/public/BUSINESS_APPROVAL_GATEWAY.md`, `GET /demo/business-approval-gateway`, `businessApprovalGateway`, `POST /tenants/{tenant_id}/business-approval-gateway/preview` |
| Integration runtime | `docs/public/INTEGRATION_RUNTIME.md`, `GET /demo/integration-runtime`, `integrationRuntime`, `POST /tenants/{tenant_id}/integration-runtime/preview`, `adapter_runtime.previewed` |
| Integration execution | `docs/public/INTEGRATION_EXECUTION.md`, `GET /demo/integration-execution`, `integrationExecution`, `POST /tenants/{tenant_id}/integration-executions/preview`, `integration_execution.run_ledger_prepared` |
| Integration repair | `docs/public/INTEGRATION_REPAIR.md`, `GET /demo/integration-repair`, `integrationRepair`, `docs/public/evidence/integration-repair.sanitized.json` |
| Business scenario replay | `docs/public/BUSINESS_SCENARIO_REPLAY.md`, `GET /demo/business-scenario-replay`, `businessScenarioReplay` |
| Observability | `docs/public/OBSERVABILITY_PROOF.md` |
| Alert routing | `docs/public/ALERT_ROUTING_EVIDENCE.md` |
| Incident response | `docs/public/INCIDENT_RESPONSE_DEMO.md` |
| Release safety | `docs/public/SANITIZED_EVIDENCE.md` |
| GitOps | `docs/public/GITOPS_DELIVERY.md` |
| OpenTofu | `docs/public/OPENTOFU_PLAN_EVIDENCE.md` |
| Evidence index | `docs/public/EVIDENCE_INDEX.md`, `docs/public/evidence/public-evidence-index.sanitized.json` |

## Verification Commands

```bash
bash scripts/check_public_system_review_path.sh
bash scripts/check_public_platform_tour.sh
bash scripts/check_public_pages_entrypoint.sh
bash scripts/check_public_demo_api.sh
bash scripts/check_public_business_intake_pipeline.sh
bash scripts/check_public_business_task_handoff.sh
bash scripts/check_public_business_notification_channels.sh
bash scripts/check_public_business_context_assistant.sh
bash scripts/check_public_business_action_execution.sh
bash scripts/check_public_business_approval_gateway.sh
bash scripts/check_public_integration_runtime.sh
bash scripts/check_public_integration_execution.sh
bash scripts/check_public_integration_repair.sh
bash scripts/check_public_business_scenario_replay.sh
bash scripts/check_public_engineering_proof.sh
bash scripts/check_public_connector_fixture_replay.sh
bash scripts/ci_smoke_public.sh
```

## What This Proves

- The project has a single external entrypoint for system inspection.
- The static demo, API contract, generated SDK, and proof payload are connected.
- The business event -> workflow -> adapter -> incident -> proof route is
  visible through the Platform Tour and public demo tabs.
- Operations evidence covers observability, alert routing, incidents, recovery,
  release safety, GitOps, and OpenTofu.
- The public/private boundary is checked through repeatable gates, not manual
  file selection.

## Boundary

This path contains synthetic data and sanitized evidence only. It does not
include private runtime addresses, credentials, raw logs, request bodies,
customer records, payment provider secrets, or production deployment state.
