# GPUaaS Tonight Execution Plan - 2026-06-15 ## Objective Finish MFA as a product feature, then advance the documentation portal and environment readiness program without returning to ceremony-heavy review loops. Primary outcome for tonight: 1. MFA user/admin/ops flows are documented, tested through UAT/e2e where safe, deployed to kind and dev, and honestly marked product-complete or blocked by named residual gaps. 2. Documentation portal work has durable Fairway tasks for persona-first product, architecture, security, developer, App/SDK, IAM, infra, ops, and user-guide audiences. 3. Staging and demo environment work has durable tasks for repeatable setup and UAT evidence. ## Operating Principles - User journey first. A feature is not complete because the provider drill passed; it is complete when the user/admin/operator journey works or has a named product gap. - Product-facing naming is `AI Cloud`. Treat `GPUaaS` as an internal repo/code label until we complete a controlled naming sweep. Do not add new outward `GPUaaS` branding. - Lightweight review is the default. Use grouped review or one accountable reviewer for low/medium child tasks. Escalate only for live/source/prod mutation, credentials, public exposure, sensitive-operation enforcement, break-glass, production claims, or external compliance claims. - If a manual step repeats more than twice, create or improve a script. - Use tmux or SSH for git/deploy/watch work when Codex Desktop sandbox blocks `.git/index.lock`, long watches, or environment operations. - Record evidence in Fairway, but do not let Fairway ceremony replace product validation. ## Active Task Handles ### MFA product readiness - `IAM-MFA-PRODUCT-COMPLETE-READINESS-001` - `IAM-MFA-PRODUCT-FLOW-GAP-AUDIT-001` - `PRODUCT-GAP-IAM-MFA-PROVIDER-FACTOR-READBACK-001` - `PRODUCT-GAP-IAM-MFA-FACTOR-MANAGE-FLOW-001` - `PRODUCT-GAP-IAM-MFA-FACTOR-REMOVE-DISABLE-FLOW-001` - `PRODUCT-GAP-IAM-MFA-FACTOR-RECOVERY-FLOW-001` - `PRODUCT-GAP-IAM-MFA-ADMIN-BREAKGLASS-POLICY-FLOW-001` - `PRODUCT-GAP-IAM-MFA-USER-FACING-BRANDING-SCAN-001` - `IAM-MFA-ADMIN-OPS-SURFACE-GAP-001` - `IAM-MFA-FULL-FUNCTIONAL-UAT-001` - `IAM-MFA-KIND-DEV-UAT-DEPLOY-CLOSEOUT-001` Immediate next MFA batch: 1. Run/extend MFA factor lifecycle UAT around: - no factor setup; - existing factor state; - add backup authenticator; - request removal/recovery; - cancel/error returns; - provider unavailable/unknown; - user-facing AI Cloud branding and no raw provider internals; - admin/ops/superadmin daily-vs-breakglass behavior. 2. Fix gaps directly when they are product bugs. 3. Deploy kind, then dev, from committed SHA. 4. Record CI/dev deployment and UAT evidence. ### Platform service version visibility - `OPS-PLATFORM-SERVICE-VERSION-SURFACE-001` Use this to add the platform admin/ops page or read model that shows running service versions, git SHAs, images, and environment deployment status. ### Documentation portal Existing portal program: - `DOCS-PORTAL-COMPLETION-EPIC` - `DOCS-PORTAL-PERSONA-IA-001` - `DOCS-PORTAL-CURRENT-CONTENT-REFRESH-001` - `DOCS-PORTAL-DIAGRAMS-FLOWS-001` - `DOCS-PORTAL-API-SDK-REFERENCE-001` - `DOCS-PORTAL-PUBLICATION-TRACKS-001` - `DOCS-PORTAL-CLOUDFLARE-DEPLOYMENT-001` - `DOCS-PORTAL-CONTINUOUS-GATES-001` Portal direction: - First iteration can be static Cloudflare Pages without auth. - Keep publication personas/tracks so auth and external filtering can be added later. - Avoid exposing internal-only material as public/customer-ready. ### Staging and demo environments - `OPS-STAGING-TWO-NODE-REPEATABLE-SETUP-001` - `OPS-DEMO-FRESH-ENV-SUPPORTED-APPS-UAT-001` Staging direction: - Two-node, config-driven, repeatable, production-like enough to become the production deployment model. Demo direction: - Fresh environment with supported apps seeded/installed by scripts. - UAT and handoff docs must be good enough to give to other teams. ## Git And Execution Surface Use `tmux gpuaas-git` for commit/push/deploy boundaries when possible: ```bash tmux send-keys -t gpuaas-git 'cd /Users/subash/dev/GPUasService && git status --short --branch' C-m tmux capture-pane -pt gpuaas-git -S -120 ``` If a provider needs broader unattended execution, use a named tmux provider session and record the task/session/evidence in Fairway.