Console Phase 2.5 Interaction Audit — 2026-05-07 UTC

Status: Phase 2.5 complete (live interaction sweep on prod console). Method: Playwright MCP browser session, operator-authenticated. Hover, click, modal-open verified. No destructive actions invoked. Prod SHA at time of audit: 27c4356 (deployed 02:44 UTC). Includes #1322 P0 fixes + #1321 build-strip; does NOT include #1323 health ring (latest merge but not yet deployed).

Working interactions

✓ Hover popover (PR #1263)

Hovering a tile triggers a popover beneath the tile with structured key-value rows: surface / status / error / checked. Renders correctly on DEGRADED tile (support.raxx.app showed status DEGRADED, error http_404, checked 24s ago).

Screenshot: screenshots/01-hover-degraded.png

What's there vs. spec: core key-value layout works. Per #1263 carve-outs, these were intentionally deferred: sparkline (needs probe-history endpoint not yet built), live "next poll in Xs" countdown (needs per-tile interval from backend), site-detail "full detail →" footer link.

Polish opportunities: - No visible chevron pointing from popover to tile — spec calls for 12px clip-path chevron at left:20px - Popover overlaps the row of tiles beneath (z-index correct, but visually busy) - Popover stays sticky after mouse moves to next tile — could swap content immediately

✓ Deploy modal entry state (PR #1267 + ADR-0028)

Clicking deploy button on a tile opens a strong-friction modal for production deploys:

• Red PRODUCTION badge with surface name
• "Deploying to production" with current → target main ref arrow
• Editable target ref input (default main) for branch/SHA selection
• Typed confirmation phrase: deploy raxx-mockups to production (exact-match, lowercase, no autocorrect)
• TOTP authenticator code field (enabled after phrase is confirmed)
• Deploy button disabled until both gates pass
• Cancel button (deploy-cancel-btn) closes safely without firing

Screenshot: screenshots/04-deploy-modal-open.png

Two cancel buttons in the DOM — deploy-cancel-btn (entry state) and deploy-dispatch-cancel-btn (in-flight cancel). That's good design — both states have an exit. Did NOT exercise the in-flight states (would require firing a real deploy).

What's pending visual confirmation: the 8 in-flight states from docs/design/console-deploy-flow/mockups/state-*.html (dispatching / queued / running / validating / done-success / done-failure / multi-surface / all-states-composite). PR #1323 wired these, will become visible when next deploy fires from console.

✓ Recent Activity drawer

Click the "Recent activity (15) ↓" toggle expands three columns: - Deploys (last 5) — shows real deploy events with success ✓ markers - Actions (last 5) — audit log entries (including my access_denied · /billing attempts from Phase 2 audit yesterday, confirming the audit log is working) - Rotations (last 5) — shows the recent rotation activity. CF_PAGES_READ_TOKEN now shows completed / triggered pairs, not the historical "Failed: GET /user/tokens" — someone fixed the CF token rotation since yesterday's QA

Screenshot: screenshots/06-recent-activity-expanded.png

This is the deepest-functioning widget on the dashboard — pulls from three different data sources and renders consistently.

✓ Site detail page (no ring yet, pre-#1323-deploy)

Visit /dashboard/sites/tickets — page renders correctly: - Header: hostname + status badge (HEALTHY) - Liveness / Last Deploy / Build / Sentry 24h metric quartet - Latency history chart (24h / 48h / 7d / 30d toggles) - Probe history table (last 48 entries with timestamps, OK, latency, HTTP, vendor) - Surface Control Flags toggle (FLAG_ENFORCE_CF_ORIGIN shown)

Screenshot: screenshots/05-tickets-site-detail.png

Health ring will land after next prod deploy. PR #1323 is merged (or about to be) but not deployed yet to 27c4356.

Bugs surfaced

🚩 Surface registry has 3 tiles without surface_id mapping

api.raxx.app, raxx-mockups.pages.dev, console.raxx.app — these tiles render on the dashboard but lack a detail → link. The other 5+ surfaces have detail links (tickets, vault, status-raxx, raxx-app, docs-raxx).

Confirmed by trying to navigate /dashboard/sites/console-self: returns "Surface console-self is not in the registry" (the type tag from /status page is CONSOLE_SELF but that's the hosting-class tag, not the surface_id).

The 5 surfaces that DO have detail links: tickets, vault, status-raxx, raxx-app, docs-raxx. The 3 that don't: api.raxx.app, raxx-mockups.pages.dev, console.raxx.app — likely missing entries in config/status-surfaces.yaml or the dashboard's surface→site_id resolver.

Screenshot of error: screenshots/03-site-detail-pre-ring.png (shows "Surface console-self is not in the registry").

Severity: MEDIUM — the dashboard works, but 3 surfaces are operationally less observable than the others. Worth a small registry-fix card.

Audit-log validation (interesting observation)

Yesterday's Phase 2 QA hit /billing and /billing/alert-config — both returned 403 due to my superadmin role lacking console-billing-read. Today, those same actions are visible in the Recent Activity → Actions column as access_denied · /billing/alert-config and access_denied · /billing.

That confirms: - Audit logging captures denied attempts (not just successful ones) - Per memory project_workflow_uuid_tracing_decisions.md — every action gets traced even when blocked - The audit log surface is functional end-to-end

This is a stronger signal than "the page renders" — the data layer + UI layer + audit boundary all working together.

What this Phase 2.5 did NOT exercise

• Tile pulse + breathing line animations — visible in static screenshot only as state class; can't capture animation in PNG. Would need video. Skipping.
• Build-strip deploy state visuals (PR #1321) — no live deploy in flight to trigger them. Would require firing an actual deploy or using staging.
• Health ring on site detail (PR #1323) — not yet deployed to prod
• Deploy modal in-flight states (8 mockups) — would require firing a real deploy
• Mobile long-press popover (PR #1263) — needs touch device
• Form submissions — no destructive actions invoked
• HTMX 30s refresh cycle — not exercised; would need to wait + re-snapshot
• Flag promotion mark/approve/promote flow — /console/flags is empty (P0 bug fixed in #1322 but maybe not deployed)
• Secret rotate modal v2 — would invoke a real rotation
• Investigate-from-status FreeScout integration — visible button but not clicked (would auto-file a ticket)

Recommendations

P1 (next session):

1. Fix surface registry for 3 missing tiles — add api.raxx.app, raxx-mockups.pages.dev, console.raxx.app to whatever yaml/config drives the surface→site_id resolver. After fix, all 9 tiles get clickable detail links.

2. Deploy #1323 to prod — health ring will land. Worth doing before next QA pass.

3. Sparkline implementation card for the popover — referenced in #1263 carve-outs, deferred until probe-history endpoint exists. Can be filed standalone.

P2 (after prod deploys catch up):

4. Animation capture rig — Playwright supports video capture; could record 5s of dashboard with DEGRADED tile to visually verify pulse + breathing-line. Useful for design QA + regression.

5. Deploy modal in-flight states fixture — build a /dashboard/_deploy_modal/preview?state=running debug route (flag-gated) that lets us inspect each of the 8 states without firing a real deploy. Saves operator time when reviewing the visual fidelity.

6. Hover popover chevron — small visual polish; spec calls for 12px chevron at left:20px from tile.

Comparison to yesterday's Phase 2 (PR #1320)

Audit run by: Claude Code main agent + Playwright MCP, 2026-05-07 ~03:45 UTC Browser session: authenticated via interactive SSO at start of session Screenshots: 6 captured under screenshots/