Appearance
The Mission Lifecycle
What this chapter covers
A mission is the unit of operational accountability: one truck, one driver, one planned route, one set of pickup and delivery milestones, one audit trail. This chapter describes the eight states a mission moves through, how it advances automatically as the truck crosses geofences, how it pauses and resumes, how a mistaken start is unwound, and the rule that a vehicle can only be on one mission at a time. It is an engine-side chapter, so the edge cases are part of the contract.
The picture
The two terminal states are completed and cancelled. Everything before them is a mission still in motion.
The eight states
- created — a draft placeholder reserved for future draft flows. Every operational mission today begins at
assigned. - assigned — a truck and driver are committed to the mission, but the delivery leg has not necessarily begun. New missions start here.
- en_route_to_origin — the truck is driving to the pickup point, ahead of loading. This is the pickup leg.
- active — loaded and underway on the main delivery leg.
- paused — temporarily suspended; resume reactivates the same mission.
- arrived — the truck has reached its destination; the mission stays open until it is completed or cancelled.
- completed — terminal success.
- cancelled — terminal cancellation.
The valid transitions are fixed:
| From | Can move to | Meaning |
|---|---|---|
created | assigned, cancelled | Future draft compatibility. |
assigned | en_route_to_origin, active, cancelled | Committed, main leg may not have started. |
en_route_to_origin | active, cancelled | Driving to pickup. |
active | paused, arrived, assigned, cancelled | Underway; active → assigned is false-start recovery. |
paused | active, cancelled | Suspended; resume reactivates. |
arrived | completed, cancelled | Reached destination; complete, or cancel if delivery is refused. |
completed | — | Terminal. |
cancelled | — | Terminal. |
arrived → active is intentionally not valid. If a truck leaves the destination and comes back, the mission reached its destination once; the right response is to complete it, cancel it, or start a new mission — not to quietly reactivate a finished one.
One active assignment per vehicle — and per driver
A vehicle can be on only one active assignment at a time, and a driver can hold only one active assignment at a time. The guarded set for both rules is assigned, en_route_to_origin, active, and paused. Mission creation rejects any attempt to place a truck that already has an active assignment onto a second one, and equally rejects assigning a driver who already holds one — a driver cannot be at the wheel of two trucks at once. The rejection carries a clear message ("Ce chauffeur est déjà affecté à une mission") rather than a silent failure, and it fires the same way whether the clash is created at dispatch or introduced by editing a running mission's vehicle or driver.
arrived sits slightly apart: it is a post-drive, not-yet-closed state. Treat an arrived mission as work that still needs a final decision, but the current one-active guards do not block reassigning that vehicle or driver once the mission has reached arrived. Closing it still matters for clean diaries, customer history, and reporting.
Automatic advancement from geofences
Two of the most important transitions happen on their own, driven by the truck crossing waypoint geofences rather than by anyone pressing a button.
Departure — assigned → en_route_to_origin
An assigned truck away from its origin is judged to have departed toward pickup when either signal fires:
- Travelled threshold — the truck has covered more than 50 km measured from the last real park onward. A separate accumulator is zeroed whenever a stop lasts longer than 30 minutes, so a truck doing local errands over several days — drive across town, park overnight, drive again — cannot sum its way past 50 km and false-trigger a departure it never made.
- City exit — the truck leaves a city geofence other than the one containing its origin. When the origin has no enclosing city, any city exit counts.
Arrival — active → arrived
The mission moves to arrived when the truck reaches the final destination waypoint. Waypoint evidence — the truck actually being inside the destination geofence — is what advances the mission, not a projected guess about where it should be.
Confirming the load
Between assignment and active is the moment the truck loads and departs the origin. This is where a start is easiest to get wrong: a truck shuffling around a sprawling port looks a lot like a truck leaving it. Korido confirms the load carefully so it never declares a start that did not happen:
- A single-stage origin can activate when the truck exits the origin area with enough evidence.
- A two-stage origin — a port or warehouse nested inside a larger city, like our tanker's Douala port — marks a suspected start when the inner geofence is exited and confirms only when the outer city is left. Re-entering the inner area clears the suspicion.
- A driver can confirm loading manually when assigned to the vehicle and physically at the origin.
The two-stage case is the parent nesting from Part 4 doing its job. The port sits inside the city, so clearing the port still leaves the truck inside city limits:
Pause and resume
A pause changes how the ETA is read, how Route Guard behaves, and what a customer sees.
A mission auto-pauses when it is active, an open stop has run past the lifecycle dwell threshold, the ignition is off, and the truck is either off-corridor or on a mission with no corridor. An operator can also pause manually with a reason: system-detected, mechanical issue, driver rest, border delay, cargo issue, or administrative.
The crucial distinction is whether the pause has a known duration:
- Known-duration pause. When the dispatcher records an estimated resume time — "the driver rests until 06:00 tomorrow" — the arrival estimator treats that time as the new departure anchor and keeps producing a real ETA from it.
- Indeterminate pause. With no resume time, the arrival prediction is frozen and confidence drops to low. Korido would rather show an honest "we don't know when this resumes" than a precise-looking ETA it cannot stand behind.
Resume clears the pause fields and returns the mission to active. A background prompt can nudge the owner or driver about a stopped active mission before manual intervention.
False-start recovery
Automatic loading inference can be wrong — a truck can shuffle around an origin in a way that looks like departure. False-start recovery unwinds it. When an owner flags a false start, the mission returns from active to assigned, the pause and prompt counters reset, the pickup-leg waypoints are rebuilt, trips and events created under the mistaken start are unlinked, any open deviation closes with a false-start reason, and the engine's mission sub-state is reset. The mission gets a clean second chance, free of the phantom departure.
Edge cases
- A truck that goes dark for a long time. A background safety net watches for a mission still non-terminal while the vehicle has been silent past a long threshold. When that happens it can cancel the mission, close open deviations, abandon unfinished prediction rows, clear the vehicle's active-mission marker, and write an audit entry explaining the automatic cancellation. This is deliberately exceptional — it represents a truck effectively gone, not an ordinary signal gap.
- Arrived is not gone. Product logic must not treat an arrived mission as finished. The truck has reached the destination, but the mission still needs the owner to complete or cancel it.
- Departure accumulator reset. The 30-minute reset that guards the travelled-threshold is shorter than the day-long pause that triggers a pickup-route rebuild, on purpose: departure detection cares about any genuine long park breaking the travel run, while a route rebuild only cares about a park long enough to imply a changed road.
- Lifecycle runs after waypoint detection. Within a single telemetry batch, the mission state is decided after waypoint visits open and close, because those arrivals and exits are the evidence the lifecycle reads. Route Guard, ETA, and fuel logic then run against the settled mission state, never a half-updated one.
How it connects
- Creating missions — how a mission enters
assignedin the first place. - Driving rules — the policy resolved onto a mission at creation and applied live.
- Progression and ETA — how pause, arrival, and blocking incidents shape the arrival estimate.
- Route Guard — how lifecycle transitions drive several deviation close reasons.
- Part 3 (the fleet engine) — the stops, gaps, and movement state machine that feed lifecycle evidence.