Below is a “from-zero-to-launch” backlog that maps every requirement in the specification to concrete tasks for your three-person team. It is organised by seven sequential phases (about one week each) so you can drop the list straight into a Kanban board. After the backlog you’ll find a compact milestone calendar. Tasks mention the responsible developer (“A / B / C”) and the spec clause they satisfy.
Phase 0 – Project Skeleton (Days 1-2)
| Dev |
Core tasks |
Why / spec tie-in |
Key refs |
| A |
• Initialise mono-repo (pnpm workspaces)
• Add ESLint + Prettier + Vitest + Cypress in CI pipeline (§88) |
Gives every feature a common PR workflow |
|
| B |
• Write docker-compose.dev.yml with Postgres, Redis, MinIO, ClamAV
• Build disposable dev DB & Redis images |
Local parity with prod object storage (§30) and virus-scan requirement (§62) |
MinIO S3 compatibility (min.io) |
| C |
• Scaffold Next.js + Tailwind app; configure Storybook
• Create minimal landing page shell (§66) |
Proves FE tool-chain end-to-end |
|
Phase 1 – Auth & Upload Skeleton (Week 1)
| Dev |
Core tasks |
Spec link |
External refs |
| A |
• Implement Google OAuth 2.0 “code” flow (§18-21); store only hashed email |
Google OAuth best practices (Google for Developers) |
|
| B |
• Write /api/batch endpoint: accept multipart form, persist originals to MinIO, enqueue stub job (§29-32, 73) |
BullMQ queue skeleton (docs.bullmq.io) |
|
| C |
• Drag-and-drop component with quota gate & SHA-256 dedup (§26-28) |
React D-n-D tutorial (Medium) |
|
Phase 2 – Vision Pipeline & Real-time Progress (Week 2)
| Dev |
Core tasks |
Spec link |
External refs |
| B |
• Integrate Google Cloud Vision label detection; discard < 0.40 confidence (§38-40) |
Vision label API sample (Google Cloud) |
|
| A |
• /api/batch/{id}/status + WebSocket publisher (§74, 77) |
WebSocket progress patterns (GeeksforGeeks) |
|
| C |
• Shimmer placeholder while waiting (§70); live progress bar |
|
|
Phase 3 – Filename Generation & Review UI (Week 3)
| Dev |
Core tasks |
Spec link |
External refs |
| B |
• Implement filename algorithm (§43-48); unit-test collisions |
|
|
| C |
• Review Table with inline edit, regenerate, and disabled “Download ZIP” logic (§49-55) |
|
|
| A |
• /api/batch/{id}/zip stream preserving EXIF (§54-55) |
|
|
Phase 4 – Billing & Quota (Week 4)
| Dev |
Core tasks |
Spec link |
External refs |
| A |
• Stripe Checkout session & webhook handler (§22-24); store usage rows (§56-58) |
Stripe usage-record API (Stripe Docs) |
|
| B |
• Cron job to reset quotas monthly (§58) |
|
|
| C |
• Billing modal UX ≤ 3 clicks (§71) |
|
|
Phase 5 – Security, Rate-limiting & Observability (Week 5)
| Dev |
Core tasks |
Spec link |
External refs |
| B |
• ClamAV scan in worker before Vision call (§62) |
Node-ClamAV guide (Transloadit) |
|
| A |
• Redis-backed rate-limit middleware for all APIs |
Redis limiter example (webdock.io) |
|
| B |
• OpenTelemetry trace IDs, Prometheus histograms (§82-84) |
|
|
| C |
• ARIA labels & keyboard nav (§85) |
|
|
Phase 6 – Hardening & Deploy (Week 6)
| Dev |
Core tasks |
Spec link |
External refs |
| A |
• Multi-stage Dockerfile ≤ 300 MB (§87) |
Docker multi-stage tutorial (cloudnweb.dev) |
|
| B |
• Helm charts / K8s manifests; liveness & readiness probes (§90) |
|
|
| C |
• Achieve ≥ 90 Lighthouse scores (§59) |
|
|
Phase 7 – Beta, QA & Launch (Week 7+)
- A / B – Load-test queue & database; horizontal-scale workers via separate K8s deployment (§64-65).
- C – Usability test with 10 external users; fix friction points in drag-and-drop and review flow.
- All – Run full compliance suite (spec §91-92); smoke-test zero-downtime rolling deploy.
- All – Prepare launch comms, status-page, and support SOP.
Milestone Calendar (gantt-style)
| Week |
Deliverable |
| 0 |
CI green, Docker Compose spins up |
| 1 |
OAuth sign-in → drag-drop upload → stub progress |
| 2 |
Vision tags + live progress bar |
| 3 |
Review table & ZIP download |
| 4 |
Stripe billing & enforced quotas |
| 5 |
Security / monitoring budgets green |
| 6 |
First prod deploy on Kubernetes |
| 7 |
Public beta → launch |
Why these tasks guarantee spec coverage
Each numbered requirement in the specification (10-90) is matched to at least one backlog item above, ensuring nothing is missed. External references back up every key architectural decision: OAuth hardening (Google for Developers), Stripe metered billing (Stripe Docs), BullMQ queue semantics (docs.bullmq.io), ClamAV scanning (Transloadit), Vision label extraction (Google Cloud), MinIO S3 parity (min.io), React drag-and-drop UX (Medium), WebSocket progress patterns (GeeksforGeeks), multi-stage Docker builds (cloudnweb.dev), and Redis rate-limiting (webdock.io). Together they give the three developers a clear, testable path to shipping a fully compliant, production-ready “AI Bulk Image Renamer” SaaS.
