COMPREHENSIVE WORKFLOW INVENTORY
COMPREHENSIVE WORKFLOW INVENTORY
CODITECT Multi-Tenant SaaS Platform
Document Version: 1.0 Date: 2025-12-26 Status: Complete Analysis Scope: All workflows from Beta → Pilot → GTM
Executive Summary
This document provides a complete inventory of ALL workflows required for the CODITECT multi-tenant SaaS platform, organized by category, priority, and implementation phase.
Total Workflows Identified: 72 Implemented: 8 (WF-001 to WF-008) New: 64 (WF-009 to WF-072)
Categories:
- User Onboarding & Authentication (12 workflows)
- Billing & Subscription Management (10 workflows)
- Workstation Lifecycle & Management (14 workflows)
- Team & Organization Management (8 workflows)
- Security & Compliance (10 workflows)
- Support & Operations (8 workflows)
- Infrastructure & DevOps (6 workflows)
- Event-Driven Operations (4 workflows)
Table of Contents
- Existing Workflows (WF-001 to WF-008)
- Category 1: User Onboarding & Authentication
- Category 2: Billing & Subscription Management
- Category 3: Workstation Lifecycle
- Category 4: Team & Organization Management
- Category 5: Security & Compliance
- Category 6: Support & Operations
- Category 7: Infrastructure & DevOps
- Category 8: Event-Driven Operations
- Implementation Phases
- Dependency Matrix
Existing Workflows
Implemented (Beta Phase)
| ID | Name | Description | Status | Source |
|---|---|---|---|---|
| WF-001 | User Registration | Firebase Auth registration flow | ✅ Implemented | ADR-011 |
| WF-002 | User Login | Multi-provider authentication (Google, GitHub, Email) | ✅ Implemented | ADR-011 |
| WF-003 | Workstation Provisioning | Create and start cloud workstation | ✅ Implemented | ADR-010, ADR-013 |
| WF-004 | Workstation Hibernation | Auto-stop idle workstations | ✅ Implemented | ADR-010 |
| WF-005 | Organization Creation | New tenant onboarding | ✅ Implemented | ADR-009 |
| WF-006 | Stripe Checkout | Payment processing for subscriptions | ✅ Implemented | ADR-009 |
| WF-007 | Subscription Webhook | Process Stripe payment events | ✅ Implemented | ADR-009, ADR-013 |
| WF-008 | Team Creation | Create logical team within organization | ✅ Implemented | ADR-009 |
Category 1: User Onboarding & Authentication
WF-009: Email Verification Flow
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-001 Effort: 8 hours
Description: Send verification email after registration, verify token, enable full access.
Sequence:
- User registers → Email sent with token
- User clicks link → Token validated
- Database updated:
email_verified = TRUE - Redirect to dashboard
Success Criteria:
- Email delivered within 60 seconds
- Token expires after 24 hours
- Resend option available
Event-Driven:
- Pub/Sub Topic:
user-events - Event:
registration.completed - Subscriber: Email Service
WF-010: Password Reset Flow
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: None Effort: 6 hours
Description: Allow users to reset forgotten passwords via email.
Sequence:
- User requests reset → Email sent with reset link
- User clicks link → Password reset form
- New password submitted → Firebase Auth updated
- Confirmation email sent
Success Criteria:
- Reset token expires after 1 hour
- Password meets strength requirements
- Audit log entry created
WF-011: OAuth Provider Linking
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-002 Effort: 12 hours
Description: Link multiple OAuth providers (Google, GitHub, GitLab) to single account.
Sequence:
- User navigates to Settings → Connected Accounts
- Clicks "Connect GitHub"
- OAuth flow initiated → Callback received
- Provider linked to user account
- Display all linked providers
Success Criteria:
- Support Google, GitHub, GitLab, Bitbucket
- Prevent duplicate email conflicts
- Allow unlinking (min 1 provider required)
WF-012: MFA Enrollment
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-002 Effort: 16 hours
Description: Enroll users in multi-factor authentication (TOTP).
Sequence:
- User enables MFA in settings
- QR code displayed (TOTP secret)
- User scans with authenticator app
- Verification code entered
- Backup codes generated and displayed
- MFA enabled
Success Criteria:
- Support TOTP (Google Authenticator, Authy)
- Generate 10 backup codes
- Require MFA for admin roles
WF-013: MFA Login Challenge
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-012 Effort: 8 hours
Description: Challenge users with MFA during login.
Sequence:
- User enters email/password → Correct
- MFA prompt displayed
- User enters 6-digit code
- Code validated → Session created
- Redirect to dashboard
Success Criteria:
- Code valid for 30 seconds
- Allow backup code usage
- Rate limit: 5 attempts per 15 minutes
WF-014: Session Timeout & Renewal
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-002 Effort: 10 hours
Description: Auto-logout after inactivity, refresh tokens before expiry.
Sequence:
- User inactive for 30 minutes → Warning dialog
- User clicks "Stay Logged In" → Token refreshed
- No response after 5 minutes → Auto-logout
- Redirect to login with message
Success Criteria:
- Configurable timeout per tier (30m-120m)
- JWT refresh before expiry
- Graceful session cleanup
WF-015: User Profile Update
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-002 Effort: 6 hours
Description: Allow users to update profile (name, avatar, preferences).
Sequence:
- User navigates to Profile
- Updates fields (display name, avatar URL)
- Submits form
- Database updated
- Confirmation message displayed
Success Criteria:
- Avatar upload to Cloud Storage
- Image validation (size, format)
- Audit trail
WF-016: Account Deletion (Self-Service)
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: WF-002 Effort: 12 hours
Description: Allow users to permanently delete their account (GDPR compliance).
Sequence:
- User requests account deletion
- Confirmation dialog with warning
- Password re-entry required
- Data export offered (optional)
- Account marked as deleted
- 30-day grace period starts
- After 30 days: Permanent deletion
- Confirmation email sent
Success Criteria:
- GDPR compliant (right to deletion)
- Data anonymization after deletion
- Workstation deletion cascade
- Audit log entry
WF-017: Welcome Email & Onboarding
Priority: P2 (Medium) Phase: Pilot Launch (Week 3-4) Dependencies: WF-001, WF-009 Effort: 8 hours
Description: Send welcome email with onboarding checklist.
Sequence:
- Email verified → Welcome email sent
- Email contains:
- Quick start guide link
- First workstation provisioning CTA
- Documentation links
- Support contact
- Track email open/click rates
Success Criteria:
- Email delivered within 5 minutes
- Personalized with user name
- Unsubscribe option (for non-critical emails)
WF-018: Invite User to Existing Organization
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-005 Effort: 10 hours
Description: Organization owner/admin invites new users.
Sequence:
- Admin navigates to Members → Invite
- Enters email + assigns role (admin, developer, viewer)
- Invitation email sent
- New user clicks link → Registration/Login
- User added to organization
- Welcome email sent
Success Criteria:
- Invitation expires after 7 days
- Role-based invitations
- Prevent duplicate invites
- Audit log entry
WF-019: Accept Organization Invitation
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-018 Effort: 8 hours
Description: User accepts organization invitation.
Sequence:
- User receives invitation email
- Clicks accept link
- If new user: Registration flow
- If existing user: Login required
- User added to organization
- Redirect to organization dashboard
- Confirmation email sent
Success Criteria:
- Token validation
- Prevent expired invitation acceptance
- Handle email mismatch gracefully
WF-020: SSO Authentication (Enterprise)
Priority: P3 (Nice-to-have) Phase: Production GTM (Week 13-16) Dependencies: WF-002 Effort: 40 hours
Description: SAML/OIDC-based single sign-on for enterprise customers.
Sequence:
- User clicks "Login with SSO"
- Enters organization slug
- Redirected to IdP (Okta, Azure AD)
- Authenticates at IdP
- SAML assertion received
- User provisioned (JIT) or matched
- Session created
- Redirect to dashboard
Success Criteria:
- Support SAML 2.0 and OIDC
- JIT provisioning option
- Attribute mapping configuration
- Test with Okta, Azure AD
Category 2: Billing & Subscription Management
WF-021: Subscription Upgrade
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-006 Effort: 12 hours
Description: User upgrades from Free → Starter → Professional → Business.
Sequence:
- User navigates to Billing → Upgrade
- Selects new tier
- Stripe checkout session created
- User completes payment
- Subscription updated in database
- Workstation limits increased
- Confirmation email sent
- Pub/Sub event published:
billing.subscription.upgraded
Success Criteria:
- Prorated billing for mid-cycle upgrades
- Immediate access to new limits
- Invoice generated
- Audit log entry
WF-022: Subscription Downgrade
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-006 Effort: 12 hours
Description: User downgrades subscription tier.
Sequence:
- User navigates to Billing → Change Plan
- Selects lower tier
- Warning displayed: Reduced limits at end of period
- Confirms downgrade
- Subscription marked:
cancel_at_period_end = FALSE, new tier scheduled - At period end: Tier changed, limits reduced
- Email notification sent
- Pub/Sub event:
billing.subscription.downgraded
Success Criteria:
- No mid-cycle downgrades (wait for period end)
- Clear communication of limit changes
- Workstation count enforcement
WF-023: Subscription Cancellation
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-006 Effort: 10 hours
Description: User cancels subscription (reverts to Free tier).
Sequence:
- User clicks Cancel Subscription
- Confirmation dialog with retention offer
- Optional feedback form
- Subscription marked:
cancel_at_period_end = TRUE - Access continues until period end
- At period end: Workstation suspended, data retained
- Cancellation email sent
- Pub/Sub event:
billing.subscription.canceled
Success Criteria:
- Grace period until period end
- Data retention for 30 days after cancellation
- Re-subscription option
- Audit trail
WF-024: Payment Method Update
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-006 Effort: 8 hours
Description: User updates credit card or payment method.
Sequence:
- User navigates to Billing → Payment Methods
- Clicks Add/Update Payment Method
- Stripe setup intent created
- User enters card details
- Payment method saved to Stripe
- Set as default payment method
- Confirmation displayed
- Email notification sent
Success Criteria:
- Support credit cards and Google Pay
- PCI DSS compliant (Stripe handles)
- Card validation before save
- Audit log entry
WF-025: Failed Payment Retry & Grace Period
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-007 Effort: 16 hours
Description: Handle failed payments with automatic retries and grace period.
Sequence:
- Stripe charges card → Payment fails
- Webhook received:
invoice.payment_failed - Subscription status:
past_due - Retry schedule: Day 3, 5, 7, 10, 14
- Email sent: "Payment failed - update card"
- If retry succeeds: Subscription active
- If all retries fail: Enter grace period
- Day 14: Workstation suspended
- Day 30: Workstation deleted, data anonymized
- Pub/Sub events:
billing.payment_failed,billing.grace_period_started
Success Criteria:
- Automatic retry logic
- Clear email notifications at each stage
- Grace period: 14-30 days
- Data export reminder before deletion
WF-026: Invoice Generation & Download
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-006 Effort: 8 hours
Description: Generate and email invoices, allow download.
Sequence:
- Stripe generates invoice
- Webhook received:
invoice.finalized - Invoice saved to database
- Email sent with PDF link
- User can download from Billing → Invoices
- PDF hosted on Stripe
Success Criteria:
- Invoice available within 5 minutes
- PDF download link valid for 30 days
- Company logo on invoice
- Tax calculation (if applicable)
WF-027: Usage Metrics Tracking
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-004 Effort: 12 hours
Description: Track workstation usage hours for billing and reporting.
Sequence:
- Workstation started → Session start logged
- Workstation stopped/hibernated → Runtime calculated
- Daily job aggregates:
monthly_runtime_minutes - Usage displayed in dashboard
- Approaching limit warnings (80%, 90%, 100%)
- Overage charges calculated (if applicable)
Success Criteria:
- Real-time usage updates
- Warning emails at thresholds
- Overage billing integration
- Audit trail
WF-028: Overage Billing (Metered Usage)
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-027 Effort: 16 hours
Description: Bill for workstation hours exceeding plan limits.
Sequence:
- User exceeds monthly hour limit
- Overage usage tracked
- At end of billing period: Overage invoice created
- Stripe charges for overages
- Invoice sent to user
- Pub/Sub event:
billing.overage.charged
Success Criteria:
- Overage rate: $0.15/hour (example)
- Clear pricing communication
- Itemized invoice breakdown
- Email notification before charge
WF-029: Coupon & Discount Application
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-006 Effort: 10 hours
Description: Apply promotional codes and discounts.
Sequence:
- User enters coupon code at checkout
- Stripe validates coupon
- Discount applied to subscription
- Invoice reflects discount
- Confirmation displayed
- Pub/Sub event:
billing.coupon.applied
Success Criteria:
- Support percentage and fixed-amount coupons
- Expiration date enforcement
- One-time vs recurring discounts
- Audit log
WF-030: Customer Portal Access
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-006 Effort: 6 hours
Description: Redirect users to Stripe Customer Portal for self-service billing.
Sequence:
- User clicks Manage Billing
- Stripe customer portal session created
- User redirected to Stripe portal
- User can:
- Update payment method
- View invoices
- Cancel subscription
- Update billing address
- Redirected back to app
- Webhook updates synced
Success Criteria:
- Seamless redirect
- Stripe portal customized with branding
- Return URL configured
Category 3: Workstation Lifecycle
WF-031: Workstation Start (from Stopped)
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-003 Effort: 8 hours
Description: Start a hibernated/stopped workstation.
Sequence:
- User clicks Start Workstation
- API request → Pub/Sub event:
workstation.start.requested - Workstation Controller calls GCP API
- Workstation state:
starting(30-60 seconds) - State:
running→ URL available - User redirected to workstation
- Pub/Sub event:
workstation.start.completed
Success Criteria:
- Start time: <60 seconds
- Session tracking starts
- Audit log entry
WF-032: Workstation Stop (Manual)
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-003 Effort: 6 hours
Description: User manually stops workstation.
Sequence:
- User clicks Stop Workstation
- Confirmation dialog: "Save your work"
- API request → Pub/Sub event:
workstation.stop.requested - Workstation Controller calls GCP API
- State:
stopping(10-20 seconds) - State:
stopped - Runtime logged
- Pub/Sub event:
workstation.stop.completed
Success Criteria:
- Stop time: <30 seconds
- Runtime calculation accurate
- Persistent storage retained
WF-033: Workstation Restart
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-031, WF-032 Effort: 4 hours
Description: Restart workstation (stop + start).
Sequence:
- User clicks Restart
- Confirmation dialog
- Stop sequence executed
- Wait for stopped state
- Start sequence executed
- User reconnected
Success Criteria:
- Total time: <90 seconds
- No data loss
- Session continuity
WF-034: Workstation Resize (Machine Type Change)
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-003 Effort: 12 hours
Description: Change workstation machine type (e.g., Starter → Pro).
Sequence:
- User navigates to Workstation Settings
- Selects new machine type
- Warning: "Requires restart, save your work"
- Confirms change
- Workstation stopped
- Config updated (machine type)
- Workstation started with new config
- Pub/Sub event:
workstation.resized
Success Criteria:
- Persistent storage retained
- Tier limit enforcement
- Billing reflects new machine type
- Downtime: <3 minutes
WF-035: Workstation Backup (Snapshot)
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: WF-003 Effort: 16 hours
Description: Create snapshot of workstation persistent disk.
Sequence:
- Automated daily schedule OR manual trigger
- Snapshot created of
/homedirectory - Snapshot stored in Cloud Storage
- Retention: 30 days
- User notified via email
- Pub/Sub event:
workstation.backup.completed
Success Criteria:
- Daily backups at 2 AM UTC
- Max 30-day retention
- Restore capability (WF-036)
WF-036: Workstation Restore (from Snapshot)
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: WF-035 Effort: 16 hours
Description: Restore workstation from snapshot.
Sequence:
- User selects snapshot from list
- Confirmation dialog
- Current workstation stopped
- Persistent disk replaced with snapshot
- Workstation restarted
- User reconnected
- Pub/Sub event:
workstation.restored
Success Criteria:
- Snapshot list shows creation date
- Restore time: <5 minutes
- Audit log entry
WF-037: Workstation Deletion
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-003 Effort: 10 hours
Description: Permanently delete workstation (e.g., subscription canceled).
Sequence:
- Trigger: Subscription canceled after grace period
- User data export offered (24-hour window)
- Workstation stopped
- GCP workstation deleted
- Persistent disk deleted
- Database record marked:
deleted_at - Audit log entry
- Pub/Sub event:
workstation.deleted
Success Criteria:
- Data retention: 30 days before permanent deletion
- Export option before deletion
- Billing stops immediately
- Audit trail
WF-038: Workstation Access URL Generation
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-003, WF-031 Effort: 6 hours
Description: Generate secure IAP-protected workstation URL.
Sequence:
- User clicks Connect to Workstation
- API checks: Workstation running? User authorized?
- GCP Workstations API queried for host URL
- IAP token appended
- User redirected to workstation URL
- IAP authenticates user
- VS Code opens in browser
Success Criteria:
- URL valid for session duration
- IAP authentication enforced
- No direct IP access
WF-039: Workstation Idle Detection & Warning
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-004 Effort: 10 hours
Description: Detect idle workstations, warn user before hibernation.
Sequence:
- Scheduler checks:
last_activity_atolder than threshold - Tier settings: Starter=30m, Pro=45m, Business=60m
- Warning threshold: 5 minutes before hibernation
- WebSocket notification sent to user
- User clicks "Stay Active" → Activity timestamp updated
- No response → Hibernation triggers (WF-004)
Success Criteria:
- Real-time WebSocket notifications
- Configurable per tier
- Override option for users
WF-040: Workstation Auto-Upgrade (Security Patches)
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-003 Effort: 16 hours
Description: Auto-apply security patches to workstation images.
Sequence:
- New base image released (security patch)
- Scheduled maintenance window: 2 AM UTC Sunday
- User notified 48 hours in advance
- Workstation stopped
- Image updated
- Workstation restarted
- User notified: "Patch applied"
- Pub/Sub event:
workstation.upgraded
Success Criteria:
- Weekly security patch check
- User notification 48 hours prior
- Rollback capability if issue detected
WF-041: Workstation Sharing (Read-Only Access)
Priority: P3 (Nice-to-have) Phase: Production GTM (Week 13-16) Dependencies: WF-003 Effort: 24 hours
Description: Share workstation access with team members (pair programming).
Sequence:
- User generates share link
- Permissions: Read-only or Read-Write
- Expiration: 1 hour, 8 hours, 24 hours
- Link sent to collaborator
- Collaborator clicks link → IAP auth
- Collaborator joins workstation session
- Audit log entry
Success Criteria:
- Max 3 concurrent users
- Session recording (optional)
- Expire share links
WF-042: Workstation Environment Variables Management
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-003 Effort: 10 hours
Description: Manage environment variables for workstation.
Sequence:
- User navigates to Workstation Settings → Environment
- Adds/edits environment variables
- Secrets stored in Cloud Secret Manager
- Workstation restarted to apply
- Variables available in shell
Success Criteria:
- Secrets encrypted at rest
- Audit log for secret access
- Restart required for changes
WF-043: Workstation Git Repository Cloning
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-003, WF-011 Effort: 12 hours
Description: Auto-clone user's Git repositories into workstation.
Sequence:
- User connects GitHub/GitLab account (OAuth)
- Selects repositories to clone
- During workstation provisioning:
- Repositories cloned to
/home/user/projects/ - SSH keys configured
- Repositories cloned to
- User can immediately start coding
Success Criteria:
- OAuth integration with GitHub, GitLab, Bitbucket
- SSH key auto-generation
- Clone progress indicator
WF-044: Workstation Custom Image Upload (Enterprise)
Priority: P3 (Nice-to-have) Phase: Production GTM (Week 13-16) Dependencies: WF-003 Effort: 32 hours
Description: Enterprise customers upload custom Docker images for workstations.
Sequence:
- Admin uploads Docker image to Artifact Registry
- Image scanned for vulnerabilities
- Image approved by CODITECT admin
- Image available in workstation config options
- Users provision workstations with custom image
Success Criteria:
- Image scanning integration
- Size limit: 10 GB
- Security approval workflow
Category 4: Team & Organization Management
WF-045: Team Member Addition
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-008, WF-018 Effort: 8 hours
Description: Add existing organization members to a team.
Sequence:
- Team lead navigates to Team → Members
- Clicks Add Member
- Selects from organization members
- Assigns role: Lead, Member, Viewer
- Member added to team
- Member notified via email
- Audit log entry
Success Criteria:
- Members must exist in organization first
- Role-based team permissions
- Audit trail
WF-046: Team Member Removal
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-045 Effort: 6 hours
Description: Remove member from team.
Sequence:
- Team lead selects member
- Clicks Remove
- Confirmation dialog
- Member removed from team
- Access revoked to team projects
- Member notified via email
- Audit log entry
Success Criteria:
- Project access revoked immediately
- Cannot remove last team lead
- Audit trail
WF-047: Project Creation
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-005, WF-008 Effort: 10 hours
Description: Create project within organization or team.
Sequence:
- User navigates to Projects → Create
- Enters project name, description
- Assigns to team (optional)
- Links repository URLs
- Project created in database
- Team members notified
- Pub/Sub event:
project.created
Success Criteria:
- Slug auto-generated from name
- Repository URL validation
- Project limits enforced per tier
WF-048: Project Archival
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-047 Effort: 8 hours
Description: Archive inactive projects (soft delete).
Sequence:
- Admin marks project as archived
- Project status:
archived - Hidden from active projects list
- Data retained, no deletion
- Team notified
- Pub/Sub event:
project.archived
Success Criteria:
- Archived projects can be restored
- Read-only access preserved
- Audit log entry
WF-049: Organization Settings Update
Priority: P2 (Medium) Phase: Pilot Launch (Week 3-4) Dependencies: WF-005 Effort: 8 hours
Description: Update organization settings (name, slug, branding).
Sequence:
- Owner navigates to Organization Settings
- Updates fields (name, display name, logo)
- Logo uploaded to Cloud Storage
- Slug change validation (unique)
- Settings saved
- Confirmation displayed
- Audit log entry
Success Criteria:
- Logo max size: 2 MB
- Slug unique across platform
- Slug change affects URLs (redirect old)
WF-050: Organization Member Role Change
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-018 Effort: 8 hours
Description: Change member role (e.g., Developer → Admin).
Sequence:
- Owner selects member
- Changes role dropdown
- Confirmation: "Grant admin access?"
- Role updated in database
- Permissions recalculated
- Member notified
- Audit log entry
Success Criteria:
- RBAC enforcement immediate
- Cannot demote self if last owner
- Audit trail
WF-051: Contractor Time-Limited Access
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-018 Effort: 12 hours
Description: Grant contractor access with expiration date and scope limits.
Sequence:
- Admin invites contractor (role: Contractor)
- Sets expiration date (e.g., 30 days)
- Defines scope: Specific projects only
- Contractor accepts invitation
- Access auto-expires after date
- Contractor receives warning 7 days before expiration
- Access revoked on expiration
- Audit log entry
Success Criteria:
- Configurable expiration (7, 30, 90 days)
- Project-level scope enforcement
- Auto-revocation on expiry
WF-052: Auditor Read-Only Access
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: WF-018 Effort: 10 hours
Description: Grant auditor read-only access to organization.
Sequence:
- Owner invites auditor (role: Auditor)
- Auditor accepts invitation
- Auditor gains read-only access to:
- Audit logs
- Billing records
- User list
- Project metadata (not code)
- Cannot modify any data
- Access time-limited (optional)
Success Criteria:
- Strict read-only enforcement
- No workstation access
- Audit trail of auditor actions
Category 5: Security & Compliance
WF-053: Audit Log Export
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: None Effort: 12 hours
Description: Export audit logs for compliance (GDPR, SOC 2).
Sequence:
- Admin navigates to Audit Logs → Export
- Selects date range
- Selects format: JSON, CSV
- Export job queued
- File generated and uploaded to Cloud Storage
- Download link emailed to admin
- Link expires after 7 days
Success Criteria:
- Support JSON and CSV formats
- Max export: 90 days of logs
- Encrypted file transfer
WF-054: GDPR Data Export (User Request)
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-002 Effort: 16 hours
Description: User requests personal data export (GDPR right to portability).
Sequence:
- User submits data export request
- Confirmation email sent
- Export job queued (background)
- Data collected:
- User profile
- Organization memberships
- Workstation metadata
- Billing records
- Audit logs
- ZIP file generated
- Download link emailed (valid 30 days)
- Pub/Sub event:
gdpr.data_export.completed
Success Criteria:
- Export delivered within 30 days (GDPR requirement)
- Format: JSON (machine-readable)
- Encrypted download link
WF-055: Security Incident Detection & Alert
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-002 Effort: 20 hours
Description: Detect and alert on security anomalies.
Sequence:
- Monitoring system detects anomaly:
- Failed login attempts (>5 in 15 min)
- Multiple IP addresses for same user
- Unauthorized API access attempts
- Incident logged
- Alert sent to security team
- User notified (if account compromise suspected)
- Optional: Account temporarily locked
- Incident response workflow triggered
Success Criteria:
- Real-time anomaly detection
- Integration with Cloud Security Command Center
- Automated account lockout for critical threats
WF-056: Compliance Report Generation (SOC 2)
Priority: P1 (High) Phase: Production GTM (Week 9-12) Dependencies: WF-053 Effort: 24 hours
Description: Generate SOC 2 compliance reports.
Sequence:
- Admin schedules quarterly report
- System collects:
- Audit logs
- Access control reviews
- Security incidents
- Backup verification
- Uptime metrics
- Report generated (PDF format)
- Report delivered to admin
- Stored in secure archive
Success Criteria:
- Quarterly report schedule
- SOC 2 control mapping
- Auditor-friendly format
WF-057: Two-Factor Authentication Recovery
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-012 Effort: 10 hours
Description: Recover account when MFA device lost.
Sequence:
- User attempts login, cannot access MFA device
- Clicks "Lost my device"
- Enters backup code
- MFA disabled, user logged in
- User prompted to re-enroll MFA
- Security alert email sent
Success Criteria:
- Backup codes required
- Account lockout after 5 failed backup codes
- Security notification to email
WF-058: API Key Generation & Rotation
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-002 Effort: 12 hours
Description: Generate API keys for programmatic access, enforce rotation.
Sequence:
- User navigates to API Keys → Create
- Enters key name, sets expiration
- API key generated (UUID)
- Key displayed once (copy to clipboard)
- Key stored in database (hashed)
- Expiration warning: 7 days before
- Auto-revoke on expiration
Success Criteria:
- Keys expire after 90 days
- Rotation warning emails
- Rate limiting per key
WF-059: Vulnerability Scanning (Workstation Images)
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-003 Effort: 16 hours
Description: Scan workstation Docker images for vulnerabilities.
Sequence:
- New base image pushed to Artifact Registry
- Container Analysis API scans image
- Vulnerabilities detected
- Critical vulnerabilities: Block deployment
- High/Medium: Generate report
- Admin notified
- Patched image deployed
Success Criteria:
- Integration with Artifact Registry scanning
- Critical vulnerability auto-blocking
- Weekly scan schedule
WF-060: Access Review & Certification
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: WF-018 Effort: 20 hours
Description: Quarterly access review for SOC 2 compliance.
Sequence:
- Automated quarterly review triggered
- Organization owners receive access report:
- All members with roles
- Last login dates
- Inactive accounts (>90 days)
- Owners certify or revoke access
- Inactive accounts flagged for removal
- Review completion logged
- Report archived
Success Criteria:
- Quarterly automated schedule
- Owner certification required
- Audit trail
WF-061: HIPAA Compliance Audit Trail
Priority: P3 (Nice-to-have) Phase: Production GTM (Week 13-16) Dependencies: WF-053 Effort: 24 hours
Description: Enhanced audit logging for HIPAA customers.
Sequence:
- HIPAA-enabled organizations marked
- Enhanced logging:
- All data access events
- PHI access specifically flagged
- Immutable audit logs
- 7-year retention
- Audit reports generated monthly
- Delivered to compliance officer
Success Criteria:
- Immutable log storage (WORM)
- 7-year retention
- Separate log bucket for HIPAA orgs
WF-062: Penetration Testing Coordination
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: None Effort: 16 hours
Description: Coordinate penetration testing with third-party vendors.
Sequence:
- Pentest scheduled (quarterly)
- Testing window communicated to team
- Monitoring adjusted (reduce false positives)
- Pentest executed
- Findings report received
- Remediation tasks created
- Retest scheduled
- Report archived
Success Criteria:
- Quarterly pentest schedule
- Remediation within 30 days (critical), 90 days (high)
- Final report to stakeholders
Category 6: Support & Operations
WF-063: Support Ticket Creation
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-002 Effort: 12 hours
Description: User creates support ticket.
Sequence:
- User clicks Help → Contact Support
- Fills form: Subject, description, priority
- Optionally attaches screenshot
- Ticket created in support system (Zendesk)
- Confirmation email sent
- Auto-response: "We'll respond within X hours"
Success Criteria:
- SLA by tier: Free=48h, Starter=24h, Business=4h, Enterprise=1h
- Email notifications on status changes
- Ticket history visible to user
WF-064: Support Ticket Escalation
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: WF-063 Effort: 10 hours
Description: Auto-escalate tickets approaching SLA breach.
Sequence:
- Ticket approaching SLA deadline (80%)
- Auto-assigned to senior support
- Manager notified
- Priority increased
- Customer notified: "Escalated to senior support"
Success Criteria:
- Auto-escalation at 80% SLA
- Email notification to customer
- Escalation audit trail
WF-065: System Status Page
Priority: P1 (High) Phase: Pilot Launch (Week 1-2) Dependencies: None Effort: 8 hours
Description: Public status page showing system health.
Sequence:
- Monitoring detects service issue
- Status page auto-updated: "Degraded Performance"
- Incident timeline displayed
- Users can subscribe to updates (email, SMS)
- Issue resolved → Status: "Operational"
- Postmortem published
Success Criteria:
- Real-time status updates
- 90-day incident history
- Subscribe to updates
WF-066: Incident Response & Communication
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: WF-065 Effort: 16 hours
Description: Coordinate incident response and user communication.
Sequence:
- Critical incident detected (e.g., API down)
- On-call engineer paged
- Incident commander assigned
- Status page updated
- Customer email sent (if outage >15 min)
- War room initiated (Slack)
- Root cause identified
- Fix deployed
- Postmortem written and published
Success Criteria:
- Incident severity levels: P0, P1, P2, P3
- Customer notification within 15 minutes
- Postmortem within 72 hours
WF-067: Feature Request Submission
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: WF-002 Effort: 8 hours
Description: Users submit feature requests.
Sequence:
- User navigates to Feedback → Feature Request
- Fills form: Title, description, use case
- Request created in product backlog
- User notified: "Request received"
- Users can upvote existing requests
- Popular requests surfaced to product team
Success Criteria:
- Voting system for prioritization
- Public roadmap visibility
- Email updates when request implemented
WF-068: Knowledge Base Search
Priority: P2 (Medium) Phase: Pilot Launch (Week 3-4) Dependencies: None Effort: 10 hours
Description: Searchable help articles and documentation.
Sequence:
- User searches for help article
- Full-text search executed
- Results ranked by relevance
- User clicks article
- Feedback: "Was this helpful?" (Yes/No)
- Analytics tracked for content improvement
Success Criteria:
- 50+ help articles at launch
- Search response time: <500ms
- Feedback tracking
WF-069: Live Chat Support (Enterprise)
Priority: P3 (Nice-to-have) Phase: Production GTM (Week 13-16) Dependencies: WF-063 Effort: 24 hours
Description: Real-time chat support for enterprise customers.
Sequence:
- Enterprise user clicks Chat icon
- Chat window opens (Intercom)
- Routed to available support agent
- Real-time conversation
- Chat transcript emailed after session
- Ticket created if issue unresolved
Success Criteria:
- Enterprise tier only
- Business hours: 9 AM - 5 PM PT
- Response time: <2 minutes
WF-070: Scheduled Maintenance Notification
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: WF-065 Effort: 8 hours
Description: Notify users of planned maintenance windows.
Sequence:
- Maintenance scheduled (e.g., database upgrade)
- Notification sent 48 hours prior (email + in-app)
- Status page updated with maintenance window
- 24-hour reminder sent
- Maintenance executed
- Status page updated: "Maintenance Complete"
- Post-maintenance email sent
Success Criteria:
- 48-hour advance notice
- Email + in-app + status page
- Maintenance window outside business hours
Category 7: Infrastructure & DevOps
WF-071: Auto-Scaling Monitoring & Alerts
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: None Effort: 12 hours
Description: Monitor Cloud Run auto-scaling, alert on anomalies.
Sequence:
- Prometheus monitors Cloud Run metrics
- Metrics: Request rate, latency, instance count
- Alert conditions:
- Latency p95 > 2 seconds
- Error rate > 1%
- Instance count > 50 (cost spike)
- Alert sent to on-call engineer (PagerDuty)
- Runbook followed
- Issue resolved
- Incident report generated
Success Criteria:
- Alert within 1 minute of threshold breach
- Integration with PagerDuty
- Runbooks for common alerts
WF-072: Database Backup & Point-in-Time Recovery
Priority: P0 (Critical) Phase: Pilot Launch (Week 1-2) Dependencies: None Effort: 16 hours
Description: Automated PostgreSQL backups with point-in-time recovery.
Sequence:
- Daily automated backups: 2 AM UTC
- Backup stored in Cloud Storage (multi-region)
- Retention: 30 days
- Point-in-time recovery enabled (7 days)
- Recovery test executed monthly
- Backup success/failure monitored
- Alerts on backup failure
Success Criteria:
- Daily backup schedule
- 30-day retention
- Monthly recovery tests
- Recovery Time Objective (RTO): 1 hour
- Recovery Point Objective (RPO): 5 minutes
WF-073: Infrastructure as Code Deployment
Priority: P1 (High) Phase: Pilot Launch (Week 1-2) Dependencies: None Effort: 20 hours
Description: Deploy infrastructure changes via Terraform.
Sequence:
- Engineer updates Terraform config
- PR created → Terraform plan executed
- Code review
- PR merged → Terraform apply triggered (CI/CD)
- Resources provisioned
- Smoke tests executed
- Deployment confirmation
Success Criteria:
- All infrastructure in Terraform
- State stored in Cloud Storage (versioned)
- Terraform Cloud for state locking
WF-074: Secret Rotation Automation
Priority: P1 (High) Phase: Production GTM (Week 5-8) Dependencies: None Effort: 16 hours
Description: Auto-rotate secrets (DB passwords, API keys).
Sequence:
- Rotation schedule: Every 90 days
- New secret generated
- Secret Manager updated
- Applications restarted to pick up new secret
- Old secret deprecated after 7-day grace period
- Old secret deleted
- Audit log entry
Success Criteria:
- Quarterly rotation for critical secrets
- Zero-downtime rotation
- Audit trail
WF-075: Cost Anomaly Detection
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: None Effort: 12 hours
Description: Detect and alert on unexpected GCP cost spikes.
Sequence:
- Daily cost monitoring job
- Compares to 7-day average
- Anomaly detected: >30% increase
- Alert sent to finance + engineering
- Root cause investigation
- Cost optimization actions
Success Criteria:
- Daily monitoring
- Alert threshold: 30% increase
- Include cost breakdown by service
WF-076: Regional Failover Testing
Priority: P2 (Medium) Phase: Production GTM (Week 9-12) Dependencies: None Effort: 24 hours
Description: Quarterly disaster recovery drill (multi-region failover).
Sequence:
- DR drill scheduled (off-peak hours)
- Primary region simulated outage
- Traffic routed to secondary region
- Database replica promoted to primary
- Application smoke tests executed
- Success criteria validated:
- RTO <15 minutes
- RPO <5 minutes
- Primary region restored
- Postmortem report
Success Criteria:
- Quarterly DR drill
- RTO <15 minutes
- RPO <5 minutes
- Postmortem published
Category 8: Event-Driven Operations
WF-077: Event Replay & Debugging
Priority: P2 (Medium) Phase: Production GTM (Week 5-8) Dependencies: ADR-013 (Pub/Sub) Effort: 12 hours
Description: Replay Pub/Sub events for debugging.
Sequence:
- Engineer identifies failed event
- Navigates to Pub/Sub console
- Seeks to specific message timestamp
- Creates replay subscription
- Event reprocessed
- Logs reviewed
- Issue identified and fixed
Success Criteria:
- 7-day message retention
- Replay capability via Pub/Sub snapshots
- Audit trail of replays
WF-078: Dead Letter Queue Processing
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: ADR-013 (Pub/Sub) Effort: 12 hours
Description: Process messages in dead-letter queue (failed events).
Sequence:
- Message fails after 5 retry attempts
- Moved to dead-letter queue
- Alert sent to on-call engineer
- Engineer reviews DLQ via admin dashboard
- Root cause identified (e.g., invalid data)
- Fix applied
- Message manually retried or discarded
- Audit log entry
Success Criteria:
- DLQ monitoring dashboard
- Alert on DLQ message count >10
- Manual retry capability
WF-079: Event Schema Validation
Priority: P1 (High) Phase: Pilot Launch (Week 1-2) Dependencies: ADR-013 (Pub/Sub) Effort: 10 hours
Description: Validate event payloads against schema before publishing.
Sequence:
- Publisher prepares event
- Event validated against JSON schema
- If invalid: Error returned, event rejected
- If valid: Event published to Pub/Sub
- Schema violations logged
- Monitoring dashboard tracks validation failures
Success Criteria:
- JSON schema per event type
- Validation errors logged
- Publisher receives clear error messages
WF-080: Event Metrics & Observability
Priority: P1 (High) Phase: Pilot Launch (Week 3-4) Dependencies: ADR-013 (Pub/Sub) Effort: 12 hours
Description: Track event publish/subscribe metrics.
Sequence:
- Prometheus collects Pub/Sub metrics:
- Publish rate per topic
- Message latency (p50, p95, p99)
- Unacked message count
- DLQ message count
- Grafana dashboards visualize metrics
- Alerts configured:
- Unacked messages >1000
- DLQ not empty
- Latency p95 >60s
- On-call engineer notified
Success Criteria:
- Real-time metrics dashboard
- Alerting on key thresholds
- Integration with Cloud Monitoring
Implementation Phases
Phase 1: Pilot Launch (Week 1-4) - Priority P0-P1 Workflows
Total Workflows: 32
Breakdown by Category:
- User Onboarding: WF-009, WF-010, WF-011, WF-014, WF-017, WF-018, WF-019
- Billing: WF-021, WF-023, WF-024, WF-025, WF-030
- Workstation: WF-031, WF-032, WF-037, WF-038, WF-039, WF-043
- Team/Org: WF-045, WF-046, WF-047, WF-049, WF-050
- Security: WF-054, WF-055
- Support: WF-063, WF-065, WF-066, WF-068, WF-070
- Infrastructure: WF-072, WF-073, WF-075
- Events: WF-078, WF-079, WF-080
Estimated Effort: 360 hours (9 weeks with 2 engineers)
Phase 2: Production GTM (Week 5-12) - Priority P1-P2 Workflows
Total Workflows: 24
Breakdown by Category:
- User Onboarding: WF-012, WF-013, WF-015, WF-016
- Billing: WF-022, WF-026, WF-027, WF-028, WF-029
- Workstation: WF-033, WF-034, WF-035, WF-036, WF-040, WF-042
- Team/Org: WF-048, WF-051, WF-052
- Security: WF-056, WF-057, WF-058, WF-059, WF-060, WF-062
- Support: WF-064, WF-067, WF-069
- Infrastructure: WF-074, WF-076
- Events: WF-077
Estimated Effort: 376 hours (9.4 weeks with 2 engineers)
Phase 3: Enterprise Features (Week 13-16) - Priority P3 Workflows
Total Workflows: 8
Breakdown by Category:
- User Onboarding: WF-020
- Workstation: WF-041, WF-044
- Security: WF-061
- Support: WF-069 (duplicate, see Phase 2)
- Infrastructure: None
Estimated Effort: 120 hours (3 weeks with 2 engineers)
Dependency Matrix
Critical Dependencies (Block Multiple Workflows)
| Dependency | Blocks Workflows | Priority |
|---|---|---|
| WF-001: User Registration | WF-009, WF-017 | P0 |
| WF-002: User Login | WF-010, WF-011, WF-012, WF-013, WF-014, WF-015, WF-016, WF-020, WF-054, WF-055, WF-058, WF-063, WF-067 | P0 |
| WF-003: Workstation Provisioning | WF-031, WF-032, WF-033, WF-034, WF-035, WF-036, WF-037, WF-038, WF-040, WF-041, WF-042, WF-043, WF-044, WF-059 | P0 |
| WF-004: Workstation Hibernation | WF-027, WF-039 | P0 |
| WF-005: Organization Creation | WF-018, WF-047, WF-049 | P0 |
| WF-006: Stripe Checkout | WF-021, WF-022, WF-023, WF-024, WF-030 | P0 |
| WF-007: Subscription Webhook | WF-025 | P0 |
| WF-008: Team Creation | WF-045, WF-046, WF-047 | P0 |
| ADR-013: Event-Driven Architecture | WF-077, WF-078, WF-079, WF-080 | P0 |
Summary Statistics
By Priority
| Priority | Count | % of Total |
|---|---|---|
| P0 (Critical) | 18 | 25% |
| P1 (High) | 32 | 44% |
| P2 (Medium) | 22 | 31% |
| P3 (Nice-to-have) | 8 | 11% |
| Total | 80 | 100% |
(Note: 8 workflows already implemented + 72 new workflows)
By Category
| Category | Workflows | % of Total |
|---|---|---|
| User Onboarding & Authentication | 12 | 15% |
| Billing & Subscription Management | 10 | 13% |
| Workstation Lifecycle | 14 | 18% |
| Team & Organization Management | 8 | 10% |
| Security & Compliance | 10 | 13% |
| Support & Operations | 8 | 10% |
| Infrastructure & DevOps | 6 | 8% |
| Event-Driven Operations | 4 | 5% |
| Existing (Implemented) | 8 | 10% |
| Total | 80 | 100% |
By Implementation Phase
| Phase | Weeks | Workflows | Effort (Hours) |
|---|---|---|---|
| Beta (Complete) | N/A | 8 | N/A |
| Pilot Launch | 1-4 | 32 | 360 |
| Production GTM | 5-12 | 24 | 376 |
| Enterprise Features | 13-16 | 8 | 120 |
| Total New | 16 weeks | 64 | 856 hours |
Effort Estimation Summary
Total Engineering Effort: 856 hours (21.4 weeks with 2 full-time engineers)
Recommended Team:
- 2 Full-Stack Engineers (Backend + Frontend)
- 1 DevOps Engineer (part-time, 50%)
- 1 QA Engineer (part-time, 25%)
Timeline:
- Pilot Launch: 4 weeks (32 workflows)
- Production GTM: 8 weeks (24 workflows)
- Enterprise Features: 4 weeks (8 workflows)
- Total: 16 weeks
Assumptions:
- Engineers work 40 hours/week
- 20% buffer for unforeseen issues
- Code reviews and testing included in estimates
Next Steps
-
Review & Prioritization (Week 0)
- Review this inventory with stakeholders
- Confirm priority assignments
- Adjust timeline if needed
-
Phase 1 Kickoff (Week 1)
- Create detailed implementation tasks for WF-009 to WF-080 (Phase 1)
- Setup project tracking (Jira/Linear)
- Assign workflows to engineers
-
Weekly Checkpoints
- Review completed workflows
- Adjust priorities based on pilot feedback
- Track against timeline
-
Pilot Launch (Week 4)
- Deploy Phase 1 workflows to production
- Monitor metrics and user feedback
- Create backlog for Phase 2 improvements
-
Production GTM (Week 12)
- Deploy Phase 2 workflows
- Finalize enterprise feature requirements
- Plan Phase 3 implementation
References
- ADR-009: Multi-Tenant SaaS Architecture
- ADR-010: Cloud Workstations Architecture
- ADR-011: Authentication Strategy
- ADR-013: Event-Driven Architecture
- SDD-CODITECT-MULTI-TENANT-SAAS.md: System Design Document
- TDD-CODITECT-MULTI-TENANT-SAAS.md: Technical Design Document
- CODITECT-WORKFLOW-DIAGRAMS.md: Existing workflow diagrams (WF-001 to WF-008)
Document Status: ✅ Complete Last Updated: 2025-12-26 Maintained By: Architecture Team Review Frequency: Bi-weekly during implementation