44 lines
1.6 KiB
Markdown
44 lines
1.6 KiB
Markdown
# Release Gate: Membership Platform (v1)
|
|
|
|
This gate controls deploy/no-deploy decisions for membership-gated commerce changes.
|
|
|
|
## Gate Categories
|
|
|
|
1. Contract/API compatibility
|
|
2. Conformance vectors
|
|
3. Security checks
|
|
4. Legal/policy checks
|
|
5. Observability checks
|
|
|
|
## Deploy Criteria (All Required)
|
|
|
|
1. `docs/conformance/membership-gating-vectors.md`: all vectors pass.
|
|
2. `docs/conformance/member-channel-vectors.md`: all vectors pass.
|
|
3. `docs/conformance/governance-install-vectors.md`: all vectors pass.
|
|
4. OpenAPI and implementation remain compatible.
|
|
5. Signature replay tests pass.
|
|
6. Quote expiry tests pass.
|
|
7. Tx mismatch tests pass.
|
|
8. Membership gate blocks non-members in all checkout paths.
|
|
9. Member channel blocks inactive memberships.
|
|
10. Governance activation blocks inactive/unknown entitlement states.
|
|
11. Terms/privacy copy still match utility-access framing.
|
|
12. Structured logs and metrics are emitted for each state transition.
|
|
|
|
## No-Deploy Triggers
|
|
|
|
1. Any conformance vector failure.
|
|
2. Any path that allows purchase without active membership.
|
|
3. Any activation path that proceeds with non-active entitlement.
|
|
4. Any member channel path serving events to suspended/revoked memberships.
|
|
5. Any governance runtime activation without valid signed package verification.
|
|
6. Any missing audit evidence on successful purchase.
|
|
7. Any breaking API change without version bump and migration note.
|
|
|
|
## Evidence Bundle Required for Release
|
|
|
|
1. Test result artifact references.
|
|
2. Contract address/version snapshot.
|
|
3. Policy hash snapshot.
|
|
4. Change summary and rollback plan.
|