Project Plan¶
Version: 1.0 · Date: May 2025 · Status: Active
Sprint-by-sprint delivery plan for the Construo platform. Calibrated for one junior developer (full-time) with AI tooling, guided by a non-coding product owner.
Team and Assumptions¶
| Assumption | Detail |
|---|---|
| Junior developer pace | 55–65% of mid-level output. AI tooling closes the gap on boilerplate and documentation — not on architecture, debugging, or security-sensitive code. |
| AI tooling role | Cursor/Copilot for autocomplete. Claude for drafting code blocks, writing tests, explaining errors, generating boilerplate. Never merge code you cannot explain. |
| Product owner role | 1–1.5 days per week minimum. Write acceptance criteria before each sprint. Answer questions within 4 hours. Functional sign-off at sprint end. |
| Sprint length | 2 weeks |
| Velocity | 6–8 story points early; rising to 10–12 by Sprint 6 |
| Code review | AI-assisted (Claude reviews PRs). PO spot-checks in staging. Quarterly external security review from Sprint 8. |
20% buffer built into every sprint
This buffer accounts for interruptions, bugs from previous sprints, and AI-generated code that needs reworking. It will be used — do not treat it as slack.
AI development rules¶
Before writing any code, read AI-Assisted Development. These rules are not optional.
Phase Overview¶
| Phase | Sprints | Weeks | Goal |
|---|---|---|---|
| Phase 0 — Foundation | 1–3 | 1–6 | Working CI/CD, deployed AWS, auth end-to-end, tenant provisioning, React skeleton |
| Phase 1 — Core Modules | 4–11 | 7–22 | All 8 V1 modules, offline sync operational |
| Phase 2 — Production Ready | 12–16 | 23–32 | White-label, ERP integration, security hardening, pilot tenants |
| Phase 3 — Launch | 17–20 | 33–40 | Pilot feedback, mobile, Cyber Essentials, commercial launch |
Phase 0 — Foundation (Weeks 1–6)¶
Goal: The junior has a working, deployed environment they can build on with confidence. By end of Sprint 3, a URL in the browser shows a real tenant's logged-in dashboard.
Phase 0 is non-negotiable
No user-facing features ship in Phase 0. A fragile foundation causes far more delay in Phases 1 and 2 than taking the time to build it properly.
For the full step-by-step walkthrough, see Phase 0 Walkthrough.
Sprint 1 — Weeks 1–2¶
Infrastructure foundations:
- GitHub monorepo with folder structure from architecture document
- Terraform: VPC, RDS, ECR, ECS cluster (no tasks yet), S3 buckets
- GitHub Actions CI pipeline: lint → test → build on every PR
- FastAPI health endpoint deployed to Fargate and responding at ALB URL
- AWS Budgets alert at £200/month
Sprint 2 — Weeks 3–4¶
Authentication and tenant isolation:
- AWS Cognito User Pool configured
- Entra ID SAML federation (use Microsoft 365 Developer tenant for testing)
- JWT middleware in FastAPI: verify tokens, attach tenant context
- Tenant registry:
public.tenantstable, schema-per-tenant provisioning script - React skeleton: Vite + React Router + Tailwind, login/logout flow
- Full end-to-end confirmed: browser → CloudFront → React → FastAPI → RDS
Sprint 3 — Weeks 5–6¶
Edge layer and sync:
- ElastiCache Redis, tenant context caching
- CloudFront distribution with WAF (OWASP managed rules)
- Route 53 wildcard DNS (
*.construo.io) - Two tenant subdomains proved with isolated data
- Sentry error tracking configured
- Basic RBAC: role claims from JWT, route-level guards
- PowerSync SDK installed, one entity proved syncing to local SQLite
- Project onboarding README written
Product owner checklist for Phase 0:
- Write a one-page profile for each pilot tenant (company, size, modules, IDP)
- Obtain Microsoft 365 Developer account for Entra ID testing
- Agree and register the platform domain
- Review and approve Terraform plan before any AWS resources are created
- Set up Linear and create Sprint 1 board on day 1
Phase 1 — Core Modules (Weeks 7–22)¶
Goal: A complete platform a real construction project manager could use daily. All 8 V1 modules built, offline sync works, stable enough for pilot tenants.
Sprint 4 — Weeks 7–8¶
- Projects module: CRUD, list views, search and filter
- Sites module: linked to projects, address, status, GPS coordinates
- Navigation structure (sidebar, module routing)
- Custom fields proven on project form for test tenant
Sprint 5 — Weeks 9–10¶
- Personnel module: worker register CRUD, licence storage (type, number, expiry, photo)
- Expiry alert emails via SES: 30-day warning before licence lapses
- Personnel list: search/filter by name, company
- Offline sync for personnel
Sprint 6 — Weeks 11–12¶
- Site Attendance: manual sign-in/out per site per date
- Daily headcount view per site
- QR code check-in: printable QR per site, scanning pre-fills check-in form
- Induction tracking: block sign-in if induction not completed
- Offline sync for attendance
Sprint 7 — Weeks 13–14¶
- Site Diary: create daily entry (date, weather, temperature, works, visitors, instructions, issues)
- Photo attachments: up to 10 photos per entry uploaded to S3
- Sign-off workflow: foreman completes, PM countersigns
- PDF export of diary entry (WeasyPrint Lambda)
- Offline sync for diary entries
Sprint 8 — Weeks 15–16¶
- Plant & Equipment register: asset CRUD, site allocation, hire date tracking
- Inspection and hire expiry alerts (30 days)
- Daily on-site plant log
- Deliveries log: date, supplier, material, quantity, condition on receipt
Sprint 9 — Weeks 17–18¶
- Incidents & Near Misses: log incident, RIDDOR classification
- Investigation workflow: assign, track, close out
- Photo evidence attachment
- Subcontractor management: company register, compliance document storage, expiry alerts
Sprint 10 — Weeks 19–20¶
- Document Register: S3 upload, version control, categories, expiry tracking, full-text search
- Module enable/disable UI for tenant admin
Sprint 11 — Weeks 21–22¶
- Field Schema Builder UI: tenant admin adds custom fields to any entity
- Fields appear in forms and list views
- Sprint buffer: 3–4 days fixing bugs from internal testing
- End-of-phase walkthrough: PO and junior go through every module, create punch list
Product owner responsibilities in Phase 1:
- Write acceptance criteria for each sprint before it starts
- Do a functional walkthrough on the last day of each sprint
- By Sprint 6: confirm first pilot tenant and agree Phase 2 onboarding date
- By Sprint 9: draft user guide in Notion
Phase 2 — Production Ready (Weeks 23–32)¶
Goal: Platform ready for real paying tenants. Security hardened, compliance started, performance tested, first pilot tenants onboarded to staging.
Sprint 12 — Weeks 23–24¶
- White-label config: logo upload, primary/secondary colours, email from-name
- CloudFront CNAME for custom tenant domains
- Email notification templates with tenant branding (SES)
Sprint 13 — Weeks 25–26¶
- Tenant onboarding flow: platform admin UI to create a new tenant
- Automated provisioning: schema, Cognito app client, S3 prefix, DNS, all from one form
- First-login wizard: logo, first user, modules, first project
- User invitation flow: Cognito sends invite link
Sprint 14 — Weeks 27–28¶
- Generic ERP integration layer: API key management, webhook registration
- Outbound webhook delivery (SQS Lambda, retry logic, delivery log)
- CSV export on all major list views
- OpenAPI documentation at
api.construo.io/docs
Sprint 15 — Weeks 29–30¶
- Security hardening: full review of all API endpoints for missing permission checks
- Rate limiting on authentication endpoints
- S3 presigned URL flow review
- Data retention Lambda
- GDPR tooling: data export (JSON) and deletion request workflow
Sprint 16 — Weeks 31–32¶
- Performance: database indexes, slow query review (RDS Performance Insights)
- Load testing with Locust (50 concurrent users, 4 tenants)
- CloudWatch dashboards and PagerDuty/SNS alerts
- First pilot tenant onboarded to staging — walk through every module
- Fix all critical-severity bugs before sprint end
Don't skip Sprint 15
Security issues found after commercial launch are exponentially more expensive to fix — technically and reputationally.
Phase 3 — Launch (Weeks 33–40)¶
Goal: Commercial launch with paying tenants, platform stable under real usage, monitoring mature, Cyber Essentials submitted.
Sprint 17 — Weeks 33–34¶
- Pilot feedback triage: fix all critical and high severity issues
- Top 3–5 usability improvements from pilot
- Updated user guide
- Second pilot tenant onboarded to staging
Sprint 18 — Weeks 35–36¶
- Mobile experience: test and fix on iOS Safari and Android Chrome
- Offline sync tested on real intermittent mobile connectivity
- QR code check-in and photo upload tested on device cameras
- Layout and touch-target fixes on key workflows
Sprint 19 — Weeks 37–38¶
- CloudWatch runbooks for all alert types
- Deployment, rollback, and database restore documented
- Uptime monitoring configured (Better Uptime)
- Database PITR restore tested in staging
- Cyber Essentials self-assessment completed with assessor
Sprint 20 — Weeks 39–40¶
- Third and fourth paying tenants onboarded
- Invoicing and billing process confirmed
- Final regression test across all modules and tenant configurations
-
v1.0.0tagged in GitHub - RDS Multi-AZ enabled for production
- Launch communications sent
- Fortnightly release cadence established
Roles and Responsibilities (RACI)¶
| Activity | Product Owner | Developer |
|---|---|---|
| Write acceptance criteria | R / A | C |
| Prioritise and manage the backlog | R / A | I |
| Architectural decisions | C | R / A |
| Day-to-day coding and testing | I | R / A |
| AI prompt engineering and code review | I | R / A |
| Sprint planning | C | R / A |
| Sprint review and sign-off | R / A | C |
| AWS infrastructure (Terraform) | I | R / A |
| Security-sensitive code (auth, permissions) | A | R |
| Functional testing in staging | R / A | C |
| Tenant onboarding | R / A | C |
| Communication with pilot tenants | R / A | I |
| Legal (DPA, terms of service) | R / A | I |
| Compliance submissions | R / A | C |
| Monitoring and incident response | A | R |
| Documentation | A | R |
R = Responsible (does the work) · A = Accountable (owns the outcome) · C = Consulted · I = Informed
Definition of Done¶
Every ticket is only Done when all of the following are true:
- Code reviewed (junior used Claude to review the PR; all issues addressed; no TODO comments)
- Tests written (happy path + error path pytest per endpoint; Vitest for non-trivial React logic)
- Deployed to staging (not just passing locally)
- Acceptance criteria met (every checkbox verified in staging)
- No regressions (all existing tests pass; smoke test of adjacent features)
- Offline behaviour verified (for sync-enabled features: tested with DevTools network disabled)
- No secrets in code (grep for hardcoded credentials before PR)
- PO signed off (for user-facing features: PO has seen it working in staging)
Tooling Stack¶
| Category | Tool | Cost |
|---|---|---|
| Project management | Linear | Free tier |
| Version control | GitHub | Free |
| AI IDE | Cursor | ~£15/month |
| AI assistant | Claude Pro | ~£15/month |
| Communication | Slack | Free tier |
| Design | Figma | Free tier |
| Error tracking | Sentry | Free for early stage |
| Uptime monitoring | Better Uptime | ~£20/month |
| Documentation | This site | Free (self-hosted) |
| Secrets | 1Password Teams | ~£15/month |
| Load testing | Locust | Free |
Total tooling: ~£65–70/month. Negligible cost for the quality improvement to a solo junior developer.
Key Milestones¶
| Milestone | Target week | Success criteria |
|---|---|---|
| M1: Infrastructure live | Week 2 | FastAPI health endpoint at ALB URL. RDS accessible. CI green. |
| M2: Auth end-to-end | Week 4 | Login works via Cognito and Entra ID SAML. JWT validated. Tenant context loaded. |
| M3: Foundation complete | Week 6 | Two tenant subdomains with isolated data. PowerSync proved. Sentry active. |
| M4: First module shipped | Week 8 | Projects and Sites functional in staging. Custom fields working. |
| M5: Core modules complete | Week 22 | All 8 V1 modules functional. Offline sync working. PO signed off. |
| M6: First pilot onboarded | Week 30 | First real tenant on staging. All critical feedback logged. |
| M7: Security hardened | Week 30 | All permission checks reviewed. GDPR tools working. Retention configured. |
| M8: Cyber Essentials submitted | Week 38 | Questionnaire submitted. All controls verified by assessor. |
| M9: Commercial launch | Week 40 | 2+ paying tenants live. Monitoring active. Runbooks written. v1.0.0 tagged. |
Risks¶
| Risk | Likelihood | Impact | Mitigation |
|---|---|---|---|
| Junior accepts AI code without understanding it | High | Critical | Teach-back rule; weekly plain-English walk-through with PO |
| Junior stays blocked for days without escalating | High | High | Explicit rule: 2 hours blocked → use Claude to diagnose; 4 hours → post in community |
| Scope creep mid-sprint | High | Medium | All requests to backlog; only critical bugs interrupt a sprint; PO owns this boundary |
| Offline sync proves more complex than expected | Medium | High | PowerSync chosen to avoid building from scratch; fallback is online-only Phase 1 |
| Junior leaves mid-project | Medium | Critical | ADRs, IaC, inline comments, weekly state-of-project doc, Claude can help onboard replacement |
| AWS costs spike | Medium | Medium | Budgets alert at 80%/100%; no new resources without PO approval |
| Compliance work reveals rework | Low | High | Audit logging and isolation built into Phase 0; Cyber Essentials scoping begins Phase 2 |