@evolith/core-domain 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +102 -0
- package/dist/domain/services/default-workflow-definition.js +4 -1
- package/dist/domain/services/default-workflow-definition.js.map +1 -1
- package/dist/gates/decision/gate-decision.js.map +1 -1
- package/package.json +1 -2
- package/rulesets/README.es.md +0 -170
- package/rulesets/README.md +0 -170
- package/rulesets/acl/README.es.md +0 -41
- package/rulesets/acl/README.md +0 -41
- package/rulesets/acl/anti-corruption-layer.rules.es.json +0 -99
- package/rulesets/acl/anti-corruption-layer.rules.json +0 -99
- package/rulesets/adr/ADR_COVERAGE.es.md +0 -133
- package/rulesets/adr/ADR_COVERAGE.md +0 -133
- package/rulesets/adr/README.es.md +0 -17
- package/rulesets/adr/README.md +0 -17
- package/rulesets/adr/adr-0002-hexagonal-architecture.rules.json +0 -103
- package/rulesets/adr/adr-0005-cicd-quality-gates.rules.json +0 -102
- package/rulesets/adr/adr-0010-multi-tenancy.rules.json +0 -129
- package/rulesets/adr/adr-0018-testing-pyramid.rules.json +0 -115
- package/rulesets/adr/adr-0032-protocol-selection.rules.json +0 -134
- package/rulesets/adr/adr-0040-multi-runtime.rules.json +0 -131
- package/rulesets/adr/adr-0050-gitflow-branching.rules.json +0 -176
- package/rulesets/adr/generated/adr-0001-monorepo-orchestration-principle.rules.json +0 -29
- package/rulesets/adr/generated/adr-0006-microservices-transition-via-sidecar-pattern.rules.json +0 -29
- package/rulesets/adr/generated/adr-0009-strict-dependency-pinning-and-automated-vulnerability-manage.rules.json +0 -29
- package/rulesets/adr/generated/adr-0011-fault-tolerance-and-resiliency-patterns.rules.json +0 -29
- package/rulesets/adr/generated/adr-0013-cloud-infrastructure-topology-and-disaster-recovery-dr.rules.json +0 -28
- package/rulesets/adr/generated/adr-0014-multi-layer-distributed-caching-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0015-event-driven-architecture-eda-for-intra-domain-communication.rules.json +0 -29
- package/rulesets/adr/generated/adr-0016-immutable-business-audit-trail-and-change-tracking.rules.json +0 -29
- package/rulesets/adr/generated/adr-0017-feature-flagging-strategy-for-progressive-delivery.rules.json +0 -28
- package/rulesets/adr/generated/adr-0019-tactical-design-patterns-for-future-proofing.rules.json +0 -29
- package/rulesets/adr/generated/adr-0020-identity-provider-abstraction-strategy.rules.json +0 -28
- package/rulesets/adr/generated/adr-0024-centralized-configuration-feature-platform.rules.json +0 -28
- package/rulesets/adr/generated/adr-0025-feature-flag-provider-abstraction-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0028-self-hosted-open-source-hybrid-infrastructure.rules.json +0 -29
- package/rulesets/adr/generated/adr-0030-two-tier-distributed-gateway-model.rules.json +0 -28
- package/rulesets/adr/generated/adr-0031-schema-per-bounded-context-and-domain-event-catalog.rules.json +0 -29
- package/rulesets/adr/generated/adr-0033-transactional-outbox-pattern-for-async-messaging.rules.json +0 -28
- package/rulesets/adr/generated/adr-0034-cqrs-pattern-application-matrix.rules.json +0 -29
- package/rulesets/adr/generated/adr-0035-distributed-saga-pattern-implementation-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0036-message-bus-delivery-flow-control-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0037-enterprise-performance-concurrency-chaos-verification-strate.rules.json +0 -28
- package/rulesets/adr/generated/adr-0039-deployment-topology-abstraction-environment-switcher.rules.json +0 -29
- package/rulesets/adr/generated/adr-0041-dual-engine-policy-evaluation-native-opa.rules.json +0 -28
- package/rulesets/adr/generated/adr-0044-configurable-security-persistence-strategy-agnosticism-vs-na.rules.json +0 -29
- package/rulesets/adr/generated/adr-0045-microservice-extraction-readiness-criteria.rules.json +0 -29
- package/rulesets/adr/generated/adr-0046-unified-traceability-via-w3c-tracecontext.rules.json +0 -29
- package/rulesets/adr/generated/adr-0047-progressive-architecture-evolution-framework-modular-monolit.rules.json +0 -29
- package/rulesets/adr/generated/adr-0048-enterprise-taxonomy-standardization-and-reference-layout.rules.json +0 -28
- package/rulesets/adr/generated/adr-0049-naming-semantics-clean-code-policy-e2e-and-global.rules.json +0 -29
- package/rulesets/adr/generated/adr-0051-enterprise-database-engine-selection-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0052-unit-testing-isolation-strategy-mocks-vs-stubs.rules.json +0 -29
- package/rulesets/adr/generated/adr-0053-integration-and-e2e-testing-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0054-database-design-and-normalization-standards.rules.json +0 -29
- package/rulesets/adr/generated/adr-0055-microfrontends-architecture-strategy.rules.json +0 -28
- package/rulesets/adr/generated/adr-0056-enterprise-naming-design-conventions-multi-language-multi-pl.rules.json +0 -29
- package/rulesets/adr/generated/adr-0057-architecture-intelligence-catalog.rules.json +0 -27
- package/rulesets/adr/generated/adr-0058-ai-consumable-architecture-knowledge.rules.json +0 -27
- package/rulesets/adr/generated/adr-0067-modular-monolith-persistence-boundaries.rules.json +0 -28
- package/rulesets/adr/generated/adr-0068-documentation-release-gitflow.rules.json +0 -29
- package/rulesets/adr/generated/adr-0069-ai-agent-context-protocol-integration.rules.json +0 -28
- package/rulesets/adr/generated/adr-0070-lean-root-repository-taxonomy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0071-domain-layer-base-class-and-inheritance-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0072-utc-date-storage-browser-timezone-detection-and-language-res.rules.json +0 -29
- package/rulesets/adr/generated/adr-0073-unified-cli-mcp-output-contract-and-gate-evidence-schema.rules.json +0 -29
- package/rulesets/adr/generated/adr-0074-evolith-core-api-native-exposure-layer.rules.json +0 -29
- package/rulesets/adr/generated/adr-0075-core-api-authentication-strategy.rules.json +0 -28
- package/rulesets/adr/generated/adr-0076-domain-oriented-microservice-architecture-doma.rules.json +0 -28
- package/rulesets/adr/generated/adr-0077-masstransit-v9-commercial-pivot-stay-on-v8-monitor-opentrans.rules.json +0 -28
- package/rulesets/adr/generated/adr-0078-domain-financial-separation-governance.rules.json +0 -29
- package/rulesets/adr/generated/adr-0079-multi-topology-reference-corpus-and-topology-manifest-contra.rules.json +0 -29
- package/rulesets/adr/generated/adr-0080-remote-repository-reference-contract.rules.json +0 -29
- package/rulesets/adr/generated/adr-0081-agentic-ai-sandbox-isolation-boundary.rules.json +0 -29
- package/rulesets/adr/generated/adr-0082-agentic-ai-prompt-context-and-tool-trust-boundary.rules.json +0 -28
- package/rulesets/adr/generated/adr-0083-agentic-ai-action-authorization-and-audit.rules.json +0 -29
- package/rulesets/adr/generated/adr-0084-data-mesh-and-data-as-a-product.rules.json +0 -29
- package/rulesets/adr/generated/adr-0085-agnostic-opa-wasm-distribution-architecture.rules.json +0 -28
- package/rulesets/adr/generated/adr-0086-agentic-ai-telemetry-cost-control-standard.rules.json +0 -27
- package/rulesets/adr/generated/adr-0087-attribute-based-access-control-abac-for-agentic-tool-executi.rules.json +0 -29
- package/rulesets/adr/generated/adr-0088-sovereign-identity-for-agentic-ai.rules.json +0 -29
- package/rulesets/adr/generated/adr-0089-event-driven-agentic-workflow-pattern.rules.json +0 -28
- package/rulesets/adr/generated/adr-0090-rag-knowledge-governance-standard.rules.json +0 -29
- package/rulesets/adr/generated/adr-0091-workload-identity-token-rotation-standard.rules.json +0 -29
- package/rulesets/adr/generated/adr-0092-agent-infinite-loop-prevention-and-circuit-breaker-rules.rules.json +0 -29
- package/rulesets/adr/generated/adr-0093-concurrency-control-and-resource-locking-standard-for-mcp-to.rules.json +0 -29
- package/rulesets/adr/generated/adr-0094-multi-agent-handoff-and-task-delegation-standards.rules.json +0 -29
- package/rulesets/adr/generated/adr-0095-serverless-architecture-governance.rules.json +0 -29
- package/rulesets/adr/generated/adr-0096-edge-computing-architecture-governance.rules.json +0 -29
- package/rulesets/adr/generated/adr-0097-knowledge-lifecycle-governance-standard.rules.json +0 -29
- package/rulesets/adr/generated/adr-0098-rest-uri-versioning-and-deprecation-policy.rules.json +0 -29
- package/rulesets/adr/generated/adr-0099-opa-bundle-distribution-via-s3-minio.rules.json +0 -27
- package/rulesets/adr/generated/adr-ai-augmented-0001-harness-engineering-for-ai-augmented-development.rules.json +0 -29
- package/rulesets/adr/generated/adr-ai-augmented-0002-mcp-integration-protocol-for-agent-tool-invocation.rules.json +0 -29
- package/rulesets/adr/generated/adr-ai-augmented-0003-model-selection-governance-for-ai-augmented-workflows.rules.json +0 -29
- package/rulesets/adr/generated/adr-ai-augmented-0004-agents-md-as-mandatory-repository-artifact.rules.json +0 -29
- package/rulesets/adr/generated/adr-ai-augmented-0005-human-in-the-loop-policy-for-autonomous-agent-operations.rules.json +0 -29
- package/rulesets/adr/generated/adr-android-0042-canonical-android-native-mobile-architecture.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0041-canonical-net-c-backend-architecture.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0060-net-multi-tenancy-dual-layer-strategy-ef-core-sql-server.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0061-transactional-event-lifecycle-in-ef-core.rules.json +0 -28
- package/rulesets/adr/generated/adr-dotnet-0062-net-immutable-audit-trail-via-ddl-triggers-delta-capture.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0063-b2b-request-idempotency-middleware-in-asp-net-core.rules.json +0 -28
- package/rulesets/adr/generated/adr-dotnet-0064-net-request-scope-observability-context-propagation.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0065-net-pii-safe-structured-logging-pipeline-serilog.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0066-net-lightweight-http-idempotency-via-imemorycache-idistribut.rules.json +0 -28
- package/rulesets/adr/generated/adr-dotnet-0069-net-grpc-service-setup-protobuf-contracts.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0070-net-api-endpoint-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-dotnet-0071-net-data-access-strategy-ef-core-as-default-orm-dapper-for-o.rules.json +0 -27
- package/rulesets/adr/generated/adr-dotnet-0072-net-aop-cross-cutting-concern-strategy-dispatchproxy-over-pi.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0003-strict-typescript-standards.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0004-frontend-offline-resilience.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0007-observability-with-opentelemetry-loki-and-jaeger.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0008-progressive-multi-module-evolution-with-api-gateway-and-bff-.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0012-advanced-authorization-rbac-abac-strategy.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0021-high-performance-authentication-graph-compilation.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0022-contextual-authentication-and-pluggable-output-projections.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0023-centralized-authorization-core-strategy.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0026-adaptive-mfa-and-passwordless-platform.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0027-dual-protocol-api-strategy-rest-grpc.rules.json +0 -28
- package/rulesets/adr/generated/adr-nodejs-0029-adoption-of-tactical-ddd-primitives-library.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0038-enterprise-error-handling-result-pattern-strategy.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0043-data-access-and-orm-strategy-for-node-js.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0044-frontend-clean-architecture-layer-boundaries-react.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0045-frontend-state-management-zustand-tanstack-query-dual-strate.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0046-prohibition-of-raw-technical-identifiers-in-user-interfaces.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0047-actionable-user-error-contract-and-correlated-diagnostics.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0048-feature-flag-system-scope-and-structured-criteria-model.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0074-monorepo-orchestration-with-nx.rules.json +0 -29
- package/rulesets/adr/generated/adr-nodejs-0075-application-gateway-bff-with-nestjs.rules.json +0 -29
- package/rulesets/architecture/README.es.md +0 -21
- package/rulesets/architecture/README.md +0 -21
- package/rulesets/architecture/opa/progressive-axis.rego +0 -50
- package/rulesets/cli/README.es.md +0 -17
- package/rulesets/cli/README.md +0 -17
- package/rulesets/cli/core-parity.rules.json +0 -61
- package/rulesets/cli/release-readiness.rules.json +0 -77
- package/rulesets/compliance-baseline/README.es.md +0 -26
- package/rulesets/compliance-baseline/README.md +0 -26
- package/rulesets/compliance-baseline/compliance-baseline.rules.json +0 -81
- package/rulesets/contracts/README.es.md +0 -19
- package/rulesets/contracts/README.md +0 -19
- package/rulesets/contracts/evolith-machine-contracts.json +0 -29
- package/rulesets/contracts/fixtures/gate-evidence.success.json +0 -10
- package/rulesets/contracts/fixtures/output-envelope.success.json +0 -23
- package/rulesets/cross-cutting/README.es.md +0 -14
- package/rulesets/cross-cutting/README.md +0 -14
- package/rulesets/cross-cutting/compliance-baseline.rules.json +0 -81
- package/rulesets/cross-cutting/definition-of-done.rules.json +0 -135
- package/rulesets/cross-cutting/engineering-manifesto.rules.json +0 -145
- package/rulesets/cross-cutting/repository-taxonomy.rules.json +0 -172
- package/rulesets/definition-of-done/README.es.md +0 -26
- package/rulesets/definition-of-done/README.md +0 -26
- package/rulesets/definition-of-done/definition-of-done.rules.json +0 -135
- package/rulesets/engineering-manifesto/README.es.md +0 -26
- package/rulesets/engineering-manifesto/README.md +0 -26
- package/rulesets/engineering-manifesto/engineering-manifesto.rules.json +0 -145
- package/rulesets/evidence/README.es.md +0 -12
- package/rulesets/evidence/README.md +0 -12
- package/rulesets/evidence/evidence-manifest.rules.json +0 -48
- package/rulesets/executive-scorecards/executive-scorecards.rules.es.json +0 -213
- package/rulesets/executive-scorecards/executive-scorecards.rules.json +0 -213
- package/rulesets/governance/README.es.md +0 -13
- package/rulesets/governance/README.md +0 -13
- package/rulesets/governance/abac-mcp-access.rules.es.json +0 -41
- package/rulesets/governance/abac-mcp-access.rules.json +0 -41
- package/rulesets/governance/executive-scorecards.rules.es.json +0 -213
- package/rulesets/governance/executive-scorecards.rules.json +0 -213
- package/rulesets/governance/inheritance.rules.json +0 -115
- package/rulesets/governance/knowledge-intake.rules.json +0 -18
- package/rulesets/governance/open-core-boundary.rules.es.json +0 -148
- package/rulesets/governance/open-core-boundary.rules.json +0 -148
- package/rulesets/governance/satellite-contracts.rules.json +0 -183
- package/rulesets/infrastructure/helm-enforcement.rules.json +0 -21
- package/rulesets/infrastructure/opa/helm-enforcement.rego +0 -25
- package/rulesets/infrastructure/opa/helm-enforcement.test.rego +0 -31
- package/rulesets/infrastructure/opa/opa-sidecar-bundle.rego +0 -115
- package/rulesets/infrastructure/opa/opa-sidecar-bundle.test.rego +0 -66
- package/rulesets/infrastructure/opa-sidecar-bundle.rules.json +0 -18
- package/rulesets/mcp/README.es.md +0 -12
- package/rulesets/mcp/README.md +0 -12
- package/rulesets/mcp/protocol-compliance.rules.json +0 -57
- package/rulesets/observability/README.es.md +0 -12
- package/rulesets/observability/README.md +0 -12
- package/rulesets/observability/telemetry-evidence.rules.json +0 -48
- package/rulesets/opa/README.es.md +0 -22
- package/rulesets/opa/README.md +0 -22
- package/rulesets/opa/abac-mcp-tool-access.rego +0 -122
- package/rulesets/opa/abac-mcp-tool-access.test.rego +0 -33
- package/rulesets/opa/anti-corruption-layer.rego +0 -39
- package/rulesets/opa/anti-corruption-layer.test.rego +0 -118
- package/rulesets/opa/ci-cd.rego +0 -41
- package/rulesets/opa/ci-cd.test.rego +0 -23
- package/rulesets/opa/cicd-quality-gates.rego +0 -29
- package/rulesets/opa/cicd-quality-gates.test.rego +0 -54
- package/rulesets/opa/cli-core-parity.rego +0 -17
- package/rulesets/opa/cli-core-parity.test.rego +0 -39
- package/rulesets/opa/cli-readiness.rego +0 -32
- package/rulesets/opa/cli-readiness.test.rego +0 -23
- package/rulesets/opa/cli-release-readiness.rego +0 -21
- package/rulesets/opa/cli-release-readiness.test.rego +0 -46
- package/rulesets/opa/compliance-baseline.rego +0 -95
- package/rulesets/opa/compliance-baseline.test.rego +0 -89
- package/rulesets/opa/dod.rego +0 -42
- package/rulesets/opa/dod.test.rego +0 -250
- package/rulesets/opa/engineering-manifesto.rego +0 -78
- package/rulesets/opa/engineering-manifesto.test.rego +0 -133
- package/rulesets/opa/evidence.rego +0 -64
- package/rulesets/opa/evidence.test.rego +0 -23
- package/rulesets/opa/executive-scorecards.rego +0 -41
- package/rulesets/opa/executive-scorecards.test.rego +0 -60
- package/rulesets/opa/gitflow-branching.rego +0 -41
- package/rulesets/opa/gitflow-branching.test.rego +0 -60
- package/rulesets/opa/governance.rego +0 -39
- package/rulesets/opa/governance.test.rego +0 -23
- package/rulesets/opa/hexagonal-architecture.rego +0 -33
- package/rulesets/opa/hexagonal-architecture.test.rego +0 -57
- package/rulesets/opa/infrastructure/helm-enforcement.rego +0 -33
- package/rulesets/opa/infrastructure/opa-sidecar-bundle.rego +0 -42
- package/rulesets/opa/knowledge-intake.rego +0 -98
- package/rulesets/opa/knowledge-intake.test.rego +0 -50
- package/rulesets/opa/main.rego +0 -147
- package/rulesets/opa/main_test.rego +0 -149
- package/rulesets/opa/mcp.rego +0 -61
- package/rulesets/opa/mcp.test.rego +0 -27
- package/rulesets/opa/multi-runtime.rego +0 -33
- package/rulesets/opa/multi-runtime.test.rego +0 -53
- package/rulesets/opa/multi-tenancy.rego +0 -33
- package/rulesets/opa/multi-tenancy.test.rego +0 -53
- package/rulesets/opa/open-core-boundary.rego +0 -33
- package/rulesets/opa/open-core-boundary.test.rego +0 -60
- package/rulesets/opa/protocol-selection.rego +0 -29
- package/rulesets/opa/protocol-selection.test.rego +0 -46
- package/rulesets/opa/rbac/gate-role-enforcement.rego +0 -112
- package/rulesets/opa/repository-taxonomy.rego +0 -98
- package/rulesets/opa/repository-taxonomy.test.rego +0 -91
- package/rulesets/opa/satellite-contracts.rego +0 -42
- package/rulesets/opa/satellite-contracts.test.rego +0 -70
- package/rulesets/opa/schemas/abac-mcp-tool-access.input.schema.json +0 -21
- package/rulesets/opa/schemas/anti-corruption-layer.input.schema.json +0 -25
- package/rulesets/opa/schemas/ci-cd.input.schema.json +0 -27
- package/rulesets/opa/schemas/cicd-quality-gates.input.schema.json +0 -33
- package/rulesets/opa/schemas/cli-core-parity.input.schema.json +0 -30
- package/rulesets/opa/schemas/cli-readiness.input.schema.json +0 -28
- package/rulesets/opa/schemas/cli-release-readiness.input.schema.json +0 -26
- package/rulesets/opa/schemas/compliance-baseline.input.schema.json +0 -25
- package/rulesets/opa/schemas/dod.input.schema.json +0 -38
- package/rulesets/opa/schemas/engineering-manifesto.input.schema.json +0 -24
- package/rulesets/opa/schemas/evidence.input.schema.json +0 -35
- package/rulesets/opa/schemas/executive-scorecards.input.schema.json +0 -36
- package/rulesets/opa/schemas/gitflow-branching.input.schema.json +0 -36
- package/rulesets/opa/schemas/governance.input.schema.json +0 -19
- package/rulesets/opa/schemas/hexagonal-architecture.input.schema.json +0 -46
- package/rulesets/opa/schemas/knowledge-intake.input.schema.json +0 -57
- package/rulesets/opa/schemas/mcp.input.schema.json +0 -38
- package/rulesets/opa/schemas/multi-runtime.input.schema.json +0 -27
- package/rulesets/opa/schemas/multi-tenancy.input.schema.json +0 -27
- package/rulesets/opa/schemas/open-core-boundary.input.schema.json +0 -36
- package/rulesets/opa/schemas/protocol-selection.input.schema.json +0 -26
- package/rulesets/opa/schemas/repository-taxonomy.input.schema.json +0 -18
- package/rulesets/opa/schemas/satellite-contracts.input.schema.json +0 -38
- package/rulesets/opa/schemas/taxonomy.input.schema.json +0 -27
- package/rulesets/opa/schemas/testing-pyramid.input.schema.json +0 -42
- package/rulesets/opa/schemas/version-pinning.input.schema.json +0 -39
- package/rulesets/opa/sdlc/coverage.rego +0 -49
- package/rulesets/opa/sdlc/coverage.test.rego +0 -29
- package/rulesets/opa/sdlc/pyramid-distribution.rego +0 -31
- package/rulesets/opa/sdlc/pyramid-distribution.test.rego +0 -33
- package/rulesets/opa/taxonomy.rego +0 -51
- package/rulesets/opa/taxonomy.test.rego +0 -28
- package/rulesets/opa/telemetry-evidence.rego +0 -102
- package/rulesets/opa/testing-pyramid.rego +0 -49
- package/rulesets/opa/testing-pyramid.test.rego +0 -81
- package/rulesets/opa/version-pinning.rego +0 -99
- package/rulesets/opa/version-pinning.test.rego +0 -28
- package/rulesets/phase-gates/README.es.md +0 -28
- package/rulesets/phase-gates/README.md +0 -28
- package/rulesets/phase-gates/phase-gates.rules.json +0 -297
- package/rulesets/quality-thresholds/README.es.md +0 -28
- package/rulesets/quality-thresholds/README.md +0 -28
- package/rulesets/quality-thresholds/quality-thresholds.rules.json +0 -96
- package/rulesets/repository-taxonomy/README.es.md +0 -26
- package/rulesets/repository-taxonomy/README.md +0 -26
- package/rulesets/repository-taxonomy/repository-taxonomy.rules.json +0 -172
- package/rulesets/satellite-contracts/README.es.md +0 -27
- package/rulesets/satellite-contracts/README.md +0 -27
- package/rulesets/satellite-contracts/satellite-contracts.rules.json +0 -183
- package/rulesets/schema/README.es.md +0 -39
- package/rulesets/schema/README.md +0 -39
- package/rulesets/schema/adr.schema.json +0 -138
- package/rulesets/schema/agile-backlog.schema.json +0 -91
- package/rulesets/schema/ballpark-estimation.schema.json +0 -109
- package/rulesets/schema/build-vs-compose.schema.json +0 -98
- package/rulesets/schema/cli-impact-analysis.schema.json +0 -114
- package/rulesets/schema/discovery-canvas.schema.json +0 -92
- package/rulesets/schema/evolith-user-story.schema.json +0 -105
- package/rulesets/schema/evolith-yaml.schema.json +0 -191
- package/rulesets/schema/functional-story.schema.json +0 -111
- package/rulesets/schema/gate-evidence.schema.json +0 -85
- package/rulesets/schema/integration-evidence.schema.json +0 -47
- package/rulesets/schema/knowledge-intake.schema.json +0 -67
- package/rulesets/schema/knowledge-projection.schema.json +0 -24
- package/rulesets/schema/maturity-evidence.schema.json +0 -59
- package/rulesets/schema/observability-validation.schema.json +0 -85
- package/rulesets/schema/on-call-handoff.schema.json +0 -91
- package/rulesets/schema/output-envelope.schema.json +0 -102
- package/rulesets/schema/prd.schema.json +0 -117
- package/rulesets/schema/release-notes.schema.json +0 -138
- package/rulesets/schema/rollback-rehearsal.schema.json +0 -73
- package/rulesets/schema/ruleset-sdlc.schema.json +0 -59
- package/rulesets/schema/ruleset-standard.schema.json +0 -73
- package/rulesets/schema/security-scan-report.schema.json +0 -79
- package/rulesets/schema/source-registry.schema.json +0 -51
- package/rulesets/schema/technical-feasibility.schema.json +0 -66
- package/rulesets/schema/technical-story.schema.json +0 -112
- package/rulesets/schema/test-summary-report.schema.json +0 -158
- package/rulesets/schema/topology-composition.schema.json +0 -43
- package/rulesets/schema/topology-manifest.schema.json +0 -421
- package/rulesets/sdlc/README.es.md +0 -12
- package/rulesets/sdlc/README.md +0 -12
- package/rulesets/sdlc/default-workflow.yaml +0 -73
- package/rulesets/sdlc/dependency-pinning.rules.json +0 -183
- package/rulesets/sdlc/phase-gates.rules.json +0 -297
- package/rulesets/sdlc/quality-thresholds.rules.json +0 -96
- package/rulesets/topologies/README.es.md +0 -42
- package/rulesets/topologies/README.md +0 -42
- package/rulesets/topologies/agentic-ai/README.es.md +0 -142
- package/rulesets/topologies/agentic-ai/README.md +0 -142
- package/rulesets/topologies/agentic-ai/adoption.es.md +0 -37
- package/rulesets/topologies/agentic-ai/adoption.md +0 -37
- package/rulesets/topologies/agentic-ai/agent.config.schema.json +0 -100
- package/rulesets/topologies/agentic-ai/agentic-ai.rego +0 -46
- package/rulesets/topologies/agentic-ai/agentic-ai.rules.json +0 -109
- package/rulesets/topologies/agentic-ai/agentic-ai.test.rego +0 -68
- package/rulesets/topologies/agentic-ai/agentic-ai.wasm +0 -0
- package/rulesets/topologies/agentic-ai/cli/cli-flows.es.md +0 -35
- package/rulesets/topologies/agentic-ai/cli/cli-flows.md +0 -45
- package/rulesets/topologies/agentic-ai/evidence.es.md +0 -25
- package/rulesets/topologies/agentic-ai/evidence.md +0 -25
- package/rulesets/topologies/agentic-ai/evolution.es.md +0 -26
- package/rulesets/topologies/agentic-ai/evolution.md +0 -26
- package/rulesets/topologies/agentic-ai/fixtures/invalid-agent.config.json +0 -48
- package/rulesets/topologies/agentic-ai/fixtures/valid-agent.config.json +0 -48
- package/rulesets/topologies/agentic-ai/maturity.es.md +0 -33
- package/rulesets/topologies/agentic-ai/maturity.md +0 -33
- package/rulesets/topologies/agentic-ai/mcp/mcp-manifest.json +0 -100
- package/rulesets/topologies/agentic-ai/openapi/openapi.yaml +0 -187
- package/rulesets/topologies/agentic-ai/operations.es.md +0 -32
- package/rulesets/topologies/agentic-ai/operations.md +0 -32
- package/rulesets/topologies/agentic-ai/parity-fixtures/compliant.json +0 -18
- package/rulesets/topologies/agentic-ai/parity-fixtures/violation.json +0 -22
- package/rulesets/topologies/agentic-ai/patterns.es.md +0 -32
- package/rulesets/topologies/agentic-ai/patterns.md +0 -32
- package/rulesets/topologies/agentic-ai/resilience.es.md +0 -26
- package/rulesets/topologies/agentic-ai/resilience.md +0 -26
- package/rulesets/topologies/agentic-ai/runbooks.es.md +0 -48
- package/rulesets/topologies/agentic-ai/runbooks.md +0 -48
- package/rulesets/topologies/agentic-ai/security.es.md +0 -26
- package/rulesets/topologies/agentic-ai/security.md +0 -26
- package/rulesets/topologies/agentic-ai/topology.manifest.json +0 -127
- package/rulesets/topologies/data-mesh/README.es.md +0 -69
- package/rulesets/topologies/data-mesh/README.md +0 -69
- package/rulesets/topologies/data-mesh/adoption.es.md +0 -95
- package/rulesets/topologies/data-mesh/adoption.md +0 -95
- package/rulesets/topologies/data-mesh/cli/cli-flows.es.md +0 -41
- package/rulesets/topologies/data-mesh/cli/cli-flows.md +0 -53
- package/rulesets/topologies/data-mesh/data-mesh.rego +0 -11
- package/rulesets/topologies/data-mesh/data-mesh.rules.json +0 -100
- package/rulesets/topologies/data-mesh/data-mesh.test.rego +0 -107
- package/rulesets/topologies/data-mesh/data-mesh.wasm +0 -0
- package/rulesets/topologies/data-mesh/evidence.es.md +0 -111
- package/rulesets/topologies/data-mesh/evidence.md +0 -111
- package/rulesets/topologies/data-mesh/evolution.es.md +0 -67
- package/rulesets/topologies/data-mesh/evolution.md +0 -67
- package/rulesets/topologies/data-mesh/fixtures/invalid.topology.config.json +0 -12
- package/rulesets/topologies/data-mesh/fixtures/valid.topology.config.json +0 -12
- package/rulesets/topologies/data-mesh/maturity.es.md +0 -36
- package/rulesets/topologies/data-mesh/maturity.md +0 -36
- package/rulesets/topologies/data-mesh/mcp/mcp-manifest.json +0 -68
- package/rulesets/topologies/data-mesh/openapi/openapi.yaml +0 -186
- package/rulesets/topologies/data-mesh/operations.es.md +0 -63
- package/rulesets/topologies/data-mesh/operations.md +0 -63
- package/rulesets/topologies/data-mesh/parity-fixtures/compliant.json +0 -18
- package/rulesets/topologies/data-mesh/parity-fixtures/violation.json +0 -21
- package/rulesets/topologies/data-mesh/patterns.es.md +0 -67
- package/rulesets/topologies/data-mesh/patterns.md +0 -67
- package/rulesets/topologies/data-mesh/resilience.es.md +0 -64
- package/rulesets/topologies/data-mesh/resilience.md +0 -64
- package/rulesets/topologies/data-mesh/runbooks.es.md +0 -147
- package/rulesets/topologies/data-mesh/runbooks.md +0 -147
- package/rulesets/topologies/data-mesh/security.es.md +0 -66
- package/rulesets/topologies/data-mesh/security.md +0 -66
- package/rulesets/topologies/data-mesh/topology.config.schema.json +0 -30
- package/rulesets/topologies/data-mesh/topology.manifest.json +0 -107
- package/rulesets/topologies/edge-computing/README.es.md +0 -81
- package/rulesets/topologies/edge-computing/README.md +0 -81
- package/rulesets/topologies/edge-computing/adoption.es.md +0 -268
- package/rulesets/topologies/edge-computing/adoption.md +0 -268
- package/rulesets/topologies/edge-computing/cli/cli-flows.es.md +0 -41
- package/rulesets/topologies/edge-computing/cli/cli-flows.md +0 -53
- package/rulesets/topologies/edge-computing/edge-computing.rego +0 -41
- package/rulesets/topologies/edge-computing/edge-computing.rules.json +0 -50
- package/rulesets/topologies/edge-computing/edge-computing.test.rego +0 -33
- package/rulesets/topologies/edge-computing/edge-computing.wasm +0 -0
- package/rulesets/topologies/edge-computing/evidence.es.md +0 -263
- package/rulesets/topologies/edge-computing/evidence.md +0 -263
- package/rulesets/topologies/edge-computing/evolution.es.md +0 -257
- package/rulesets/topologies/edge-computing/evolution.md +0 -257
- package/rulesets/topologies/edge-computing/fixtures/invalid.topology.config.json +0 -6
- package/rulesets/topologies/edge-computing/fixtures/valid.topology.config.json +0 -6
- package/rulesets/topologies/edge-computing/maturity.es.md +0 -36
- package/rulesets/topologies/edge-computing/maturity.md +0 -36
- package/rulesets/topologies/edge-computing/mcp/mcp-manifest.json +0 -72
- package/rulesets/topologies/edge-computing/openapi/openapi.yaml +0 -187
- package/rulesets/topologies/edge-computing/operations.es.md +0 -148
- package/rulesets/topologies/edge-computing/operations.md +0 -148
- package/rulesets/topologies/edge-computing/parity-fixtures/compliant.json +0 -12
- package/rulesets/topologies/edge-computing/parity-fixtures/violation.json +0 -13
- package/rulesets/topologies/edge-computing/patterns.es.md +0 -291
- package/rulesets/topologies/edge-computing/patterns.md +0 -290
- package/rulesets/topologies/edge-computing/resilience.es.md +0 -232
- package/rulesets/topologies/edge-computing/resilience.md +0 -229
- package/rulesets/topologies/edge-computing/runbooks.es.md +0 -405
- package/rulesets/topologies/edge-computing/runbooks.md +0 -405
- package/rulesets/topologies/edge-computing/security.es.md +0 -218
- package/rulesets/topologies/edge-computing/security.md +0 -218
- package/rulesets/topologies/edge-computing/topology.config.schema.json +0 -13
- package/rulesets/topologies/edge-computing/topology.manifest.json +0 -113
- package/rulesets/topologies/event-driven/README.es.md +0 -71
- package/rulesets/topologies/event-driven/README.md +0 -71
- package/rulesets/topologies/event-driven/adoption.es.md +0 -67
- package/rulesets/topologies/event-driven/adoption.md +0 -67
- package/rulesets/topologies/event-driven/cli/cli-flows.es.md +0 -41
- package/rulesets/topologies/event-driven/cli/cli-flows.md +0 -53
- package/rulesets/topologies/event-driven/event-driven.rego +0 -11
- package/rulesets/topologies/event-driven/event-driven.rules.json +0 -100
- package/rulesets/topologies/event-driven/event-driven.test.rego +0 -107
- package/rulesets/topologies/event-driven/event-driven.wasm +0 -0
- package/rulesets/topologies/event-driven/evidence.es.md +0 -69
- package/rulesets/topologies/event-driven/evidence.md +0 -69
- package/rulesets/topologies/event-driven/evolution.es.md +0 -59
- package/rulesets/topologies/event-driven/evolution.md +0 -59
- package/rulesets/topologies/event-driven/fixtures/invalid.topology.config.json +0 -12
- package/rulesets/topologies/event-driven/fixtures/valid.topology.config.json +0 -12
- package/rulesets/topologies/event-driven/maturity.es.md +0 -36
- package/rulesets/topologies/event-driven/maturity.md +0 -36
- package/rulesets/topologies/event-driven/mcp/mcp-manifest.json +0 -68
- package/rulesets/topologies/event-driven/openapi/openapi.yaml +0 -186
- package/rulesets/topologies/event-driven/operations.es.md +0 -67
- package/rulesets/topologies/event-driven/operations.md +0 -67
- package/rulesets/topologies/event-driven/parity-fixtures/compliant.json +0 -18
- package/rulesets/topologies/event-driven/parity-fixtures/violation.json +0 -21
- package/rulesets/topologies/event-driven/patterns.es.md +0 -68
- package/rulesets/topologies/event-driven/patterns.md +0 -68
- package/rulesets/topologies/event-driven/resilience.es.md +0 -65
- package/rulesets/topologies/event-driven/resilience.md +0 -65
- package/rulesets/topologies/event-driven/runbooks.es.md +0 -79
- package/rulesets/topologies/event-driven/runbooks.md +0 -79
- package/rulesets/topologies/event-driven/security.es.md +0 -59
- package/rulesets/topologies/event-driven/security.md +0 -59
- package/rulesets/topologies/event-driven/topology.config.schema.json +0 -30
- package/rulesets/topologies/event-driven/topology.manifest.json +0 -109
- package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.es.json +0 -111
- package/rulesets/topologies/progressive-axis/distributed-modules/distributed-modules.rules.json +0 -111
- package/rulesets/topologies/progressive-axis/microservices/microservices.rules.es.json +0 -106
- package/rulesets/topologies/progressive-axis/microservices/microservices.rules.json +0 -106
- package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.es.json +0 -148
- package/rulesets/topologies/progressive-axis/modular-monolith/modular-monolith.rules.json +0 -148
- package/rulesets/topologies/serverless/README.es.md +0 -74
- package/rulesets/topologies/serverless/README.md +0 -74
- package/rulesets/topologies/serverless/adoption.es.md +0 -50
- package/rulesets/topologies/serverless/adoption.md +0 -50
- package/rulesets/topologies/serverless/cli/cli-flows.es.md +0 -41
- package/rulesets/topologies/serverless/cli/cli-flows.md +0 -53
- package/rulesets/topologies/serverless/evidence.es.md +0 -66
- package/rulesets/topologies/serverless/evidence.md +0 -66
- package/rulesets/topologies/serverless/evolution.es.md +0 -36
- package/rulesets/topologies/serverless/evolution.md +0 -36
- package/rulesets/topologies/serverless/fixtures/invalid.topology.config.json +0 -6
- package/rulesets/topologies/serverless/fixtures/valid.topology.config.json +0 -6
- package/rulesets/topologies/serverless/maturity.es.md +0 -36
- package/rulesets/topologies/serverless/maturity.md +0 -36
- package/rulesets/topologies/serverless/mcp/mcp-manifest.json +0 -72
- package/rulesets/topologies/serverless/openapi/openapi.yaml +0 -186
- package/rulesets/topologies/serverless/operations.es.md +0 -36
- package/rulesets/topologies/serverless/operations.md +0 -36
- package/rulesets/topologies/serverless/parity-fixtures/compliant.json +0 -13
- package/rulesets/topologies/serverless/parity-fixtures/violation.json +0 -15
- package/rulesets/topologies/serverless/patterns.es.md +0 -36
- package/rulesets/topologies/serverless/patterns.md +0 -36
- package/rulesets/topologies/serverless/resilience.es.md +0 -36
- package/rulesets/topologies/serverless/resilience.md +0 -36
- package/rulesets/topologies/serverless/runbooks.es.md +0 -68
- package/rulesets/topologies/serverless/runbooks.md +0 -68
- package/rulesets/topologies/serverless/security.es.md +0 -36
- package/rulesets/topologies/serverless/security.md +0 -36
- package/rulesets/topologies/serverless/serverless.rego +0 -32
- package/rulesets/topologies/serverless/serverless.rules.json +0 -33
- package/rulesets/topologies/serverless/serverless.test.rego +0 -28
- package/rulesets/topologies/serverless/serverless.wasm +0 -0
- package/rulesets/topologies/serverless/topology.config.schema.json +0 -28
- package/rulesets/topologies/serverless/topology.manifest.json +0 -114
|
@@ -1,133 +0,0 @@
|
|
|
1
|
-
package evolith.engineering_manifesto_test
|
|
2
|
-
|
|
3
|
-
import data.evolith.engineering_manifesto
|
|
4
|
-
|
|
5
|
-
test_compliant_code_has_no_violations {
|
|
6
|
-
violations := engineering_manifesto.violations with input as {
|
|
7
|
-
"classLineCount": 100,
|
|
8
|
-
"classMethodCount": 8,
|
|
9
|
-
"liskovViolations": 0,
|
|
10
|
-
"domainImportsInfrastructure": false,
|
|
11
|
-
"maxCyclomaticComplexity": 10,
|
|
12
|
-
"circularDependencies": false,
|
|
13
|
-
"magicNumbersCount": 0
|
|
14
|
-
}
|
|
15
|
-
count(violations) == 0
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
test_class_exceeding_200_lines_is_violation {
|
|
19
|
-
violations := engineering_manifesto.violations with input as {
|
|
20
|
-
"classLineCount": 250,
|
|
21
|
-
"classMethodCount": 10,
|
|
22
|
-
"liskovViolations": 0,
|
|
23
|
-
"domainImportsInfrastructure": false,
|
|
24
|
-
"maxCyclomaticComplexity": 10,
|
|
25
|
-
"circularDependencies": false,
|
|
26
|
-
"magicNumbersCount": 0
|
|
27
|
-
}
|
|
28
|
-
violations[_].id == "EM-S-01"
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
test_liskov_violations_detected {
|
|
32
|
-
violations := engineering_manifesto.violations with input as {
|
|
33
|
-
"classLineCount": 100,
|
|
34
|
-
"classMethodCount": 8,
|
|
35
|
-
"liskovViolations": 2,
|
|
36
|
-
"domainImportsInfrastructure": false,
|
|
37
|
-
"maxCyclomaticComplexity": 10,
|
|
38
|
-
"circularDependencies": false,
|
|
39
|
-
"magicNumbersCount": 0
|
|
40
|
-
}
|
|
41
|
-
violations[_].id == "EM-S-03"
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
test_domain_imports_infrastructure_is_violation {
|
|
45
|
-
violations := engineering_manifesto.violations with input as {
|
|
46
|
-
"classLineCount": 100,
|
|
47
|
-
"classMethodCount": 8,
|
|
48
|
-
"liskovViolations": 0,
|
|
49
|
-
"domainImportsInfrastructure": true,
|
|
50
|
-
"maxCyclomaticComplexity": 10,
|
|
51
|
-
"circularDependencies": false,
|
|
52
|
-
"magicNumbersCount": 0
|
|
53
|
-
}
|
|
54
|
-
violations[_].id == "EM-S-05"
|
|
55
|
-
}
|
|
56
|
-
|
|
57
|
-
test_cyclomatic_complexity_exceeds_threshold {
|
|
58
|
-
violations := engineering_manifesto.violations with input as {
|
|
59
|
-
"classLineCount": 100,
|
|
60
|
-
"classMethodCount": 8,
|
|
61
|
-
"liskovViolations": 0,
|
|
62
|
-
"domainImportsInfrastructure": false,
|
|
63
|
-
"maxCyclomaticComplexity": 20,
|
|
64
|
-
"circularDependencies": false,
|
|
65
|
-
"magicNumbersCount": 0
|
|
66
|
-
}
|
|
67
|
-
violations[_].id == "EM-K-01"
|
|
68
|
-
}
|
|
69
|
-
|
|
70
|
-
test_god_class_by_line_count {
|
|
71
|
-
violations := engineering_manifesto.violations with input as {
|
|
72
|
-
"classLineCount": 600,
|
|
73
|
-
"classMethodCount": 10,
|
|
74
|
-
"liskovViolations": 0,
|
|
75
|
-
"domainImportsInfrastructure": false,
|
|
76
|
-
"maxCyclomaticComplexity": 10,
|
|
77
|
-
"circularDependencies": false,
|
|
78
|
-
"magicNumbersCount": 0
|
|
79
|
-
}
|
|
80
|
-
violations[_].id == "AP-01"
|
|
81
|
-
}
|
|
82
|
-
|
|
83
|
-
test_god_class_by_method_count {
|
|
84
|
-
violations := engineering_manifesto.violations with input as {
|
|
85
|
-
"classLineCount": 300,
|
|
86
|
-
"classMethodCount": 25,
|
|
87
|
-
"liskovViolations": 0,
|
|
88
|
-
"domainImportsInfrastructure": false,
|
|
89
|
-
"maxCyclomaticComplexity": 10,
|
|
90
|
-
"circularDependencies": false,
|
|
91
|
-
"magicNumbersCount": 0
|
|
92
|
-
}
|
|
93
|
-
violations[_].id == "AP-01"
|
|
94
|
-
}
|
|
95
|
-
|
|
96
|
-
test_circular_dependencies_detected {
|
|
97
|
-
violations := engineering_manifesto.violations with input as {
|
|
98
|
-
"classLineCount": 100,
|
|
99
|
-
"classMethodCount": 8,
|
|
100
|
-
"liskovViolations": 0,
|
|
101
|
-
"domainImportsInfrastructure": false,
|
|
102
|
-
"maxCyclomaticComplexity": 10,
|
|
103
|
-
"circularDependencies": true,
|
|
104
|
-
"magicNumbersCount": 0
|
|
105
|
-
}
|
|
106
|
-
violations[_].id == "AP-02"
|
|
107
|
-
}
|
|
108
|
-
|
|
109
|
-
test_magic_numbers_detected {
|
|
110
|
-
violations := engineering_manifesto.violations with input as {
|
|
111
|
-
"classLineCount": 100,
|
|
112
|
-
"classMethodCount": 8,
|
|
113
|
-
"liskovViolations": 0,
|
|
114
|
-
"domainImportsInfrastructure": false,
|
|
115
|
-
"maxCyclomaticComplexity": 10,
|
|
116
|
-
"circularDependencies": false,
|
|
117
|
-
"magicNumbersCount": 5
|
|
118
|
-
}
|
|
119
|
-
violations[_].id == "AP-05"
|
|
120
|
-
}
|
|
121
|
-
|
|
122
|
-
test_all_violations_detected {
|
|
123
|
-
violations := engineering_manifesto.violations with input as {
|
|
124
|
-
"classLineCount": 600,
|
|
125
|
-
"classMethodCount": 25,
|
|
126
|
-
"liskovViolations": 3,
|
|
127
|
-
"domainImportsInfrastructure": true,
|
|
128
|
-
"maxCyclomaticComplexity": 25,
|
|
129
|
-
"circularDependencies": true,
|
|
130
|
-
"magicNumbersCount": 10
|
|
131
|
-
}
|
|
132
|
-
count(violations) >= 5
|
|
133
|
-
}
|
|
@@ -1,64 +0,0 @@
|
|
|
1
|
-
package evolith.evidence
|
|
2
|
-
|
|
3
|
-
# Helper to get all evidence files
|
|
4
|
-
evidence_files := [file | input.core.evidence[file]]
|
|
5
|
-
|
|
6
|
-
violations[{"id": "EVD-01", "message": ".harness/evidence directory not found or empty"}] {
|
|
7
|
-
count(evidence_files) == 0
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
violations[{"id": "EVD-02", "message": ".harness/evidence directory not found or empty"}] {
|
|
11
|
-
count(evidence_files) == 0
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
violations[{"id": "EVD-03", "message": ".harness/evidence directory not found or empty"}] {
|
|
15
|
-
count(evidence_files) == 0
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
violations[{"id": "EVD-04", "message": ".harness/evidence directory not found or empty"}] {
|
|
19
|
-
count(evidence_files) == 0
|
|
20
|
-
}
|
|
21
|
-
|
|
22
|
-
violations[{"id": "EVD-01", "message": msg}] {
|
|
23
|
-
manifest := input.core.evidence[file]
|
|
24
|
-
required := {"id", "source", "generatedAt", "producer"}
|
|
25
|
-
actual := {k | manifest[k]}
|
|
26
|
-
missing := required - actual
|
|
27
|
-
count(missing) > 0
|
|
28
|
-
msg := sprintf("%v missing fields: %v", [file, concat(", ", missing)])
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
violations[{"id": "EVD-01", "message": msg}] {
|
|
32
|
-
manifest := input.core.evidence[file]
|
|
33
|
-
not manifest.evaluatedRules
|
|
34
|
-
not manifest.relatedRuleIds
|
|
35
|
-
not manifest.relatedGateId
|
|
36
|
-
msg := sprintf("%v missing evaluatedRules or relatedGateId", [file])
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
violations[{"id": "EVD-02", "message": msg}] {
|
|
40
|
-
manifest := input.core.evidence[file]
|
|
41
|
-
not manifest.sourceRef
|
|
42
|
-
msg := sprintf("%v missing sourceRef", [file])
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
violations[{"id": "EVD-03", "message": msg}] {
|
|
46
|
-
manifest := input.core.evidence[file]
|
|
47
|
-
required := {"status", "evaluatedRules", "blockingFailures"}
|
|
48
|
-
actual := {k | manifest[k]}
|
|
49
|
-
missing := required - actual
|
|
50
|
-
count(missing) > 0
|
|
51
|
-
msg := sprintf("%v missing fields: %v", [file, concat(", ", missing)])
|
|
52
|
-
}
|
|
53
|
-
|
|
54
|
-
violations[{"id": "EVD-04", "message": msg}] {
|
|
55
|
-
manifest := input.core.evidence[file]
|
|
56
|
-
not manifest.retentionPeriod
|
|
57
|
-
msg := sprintf("%v missing retentionPeriod or owner", [file])
|
|
58
|
-
}
|
|
59
|
-
|
|
60
|
-
violations[{"id": "EVD-04", "message": msg}] {
|
|
61
|
-
manifest := input.core.evidence[file]
|
|
62
|
-
not manifest.owner
|
|
63
|
-
msg := sprintf("%v missing retentionPeriod or owner", [file])
|
|
64
|
-
}
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
package evolith.evidence_test
|
|
2
|
-
|
|
3
|
-
import data.evolith.evidence
|
|
4
|
-
|
|
5
|
-
test_complete_evidence_has_no_violations {
|
|
6
|
-
violations := evidence.violations with input as {"core": {"evidence": {"gate-evidence.json": {"id": "gate-001", "source": "cli", "generatedAt": "2026-06-20", "producer": "evolith-cli", "evaluatedRules": ["MM-R01"], "relatedGateId": "gate-01", "sourceRef": "main", "status": "passed", "blockingFailures": [], "retentionPeriod": "90d", "owner": "architecture-team"}}}}
|
|
7
|
-
count(violations) == 0
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
test_missing_evidence_directory_is_rejected {
|
|
11
|
-
violations := evidence.violations with input as {"core": {"evidence": {}}}
|
|
12
|
-
violations[_].id == "EVD-01"
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
test_evidence_missing_source_ref_is_rejected {
|
|
16
|
-
violations := evidence.violations with input as {"core": {"evidence": {"gate-evidence.json": {"id": "gate-001", "source": "cli", "generatedAt": "2026-06-20", "producer": "evolith-cli", "evaluatedRules": ["MM-R01"], "relatedGateId": "gate-01", "status": "passed", "blockingFailures": [], "retentionPeriod": "90d", "owner": "architecture-team"}}}}
|
|
17
|
-
violations[_].id == "EVD-02"
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
test_evidence_missing_retention_period_is_rejected {
|
|
21
|
-
violations := evidence.violations with input as {"core": {"evidence": {"gate-evidence.json": {"id": "gate-001", "source": "cli", "generatedAt": "2026-06-20", "producer": "evolith-cli", "evaluatedRules": ["MM-R01"], "relatedGateId": "gate-01", "sourceRef": "main", "status": "passed", "blockingFailures": []}}}}
|
|
22
|
-
violations[_].id == "EVD-04"
|
|
23
|
-
}
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
package evolith.executive_scorecards
|
|
2
|
-
|
|
3
|
-
violations[{"id": "DORA-01", "message": "Deployment Frequency metric not declared or dashboard required but missing"}] {
|
|
4
|
-
not input.satellite.scorecards.deploymentFrequencyDeclared
|
|
5
|
-
}
|
|
6
|
-
|
|
7
|
-
violations[{"id": "DORA-02", "message": "Lead Time for Changes metric not declared or dashboard required but missing"}] {
|
|
8
|
-
not input.satellite.scorecards.leadTimeDeclared
|
|
9
|
-
}
|
|
10
|
-
|
|
11
|
-
violations[{"id": "DORA-03", "message": "Change Failure Rate metric not declared or dashboard required but missing"}] {
|
|
12
|
-
not input.satellite.scorecards.changeFailureRateDeclared
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
violations[{"id": "DORA-04", "message": "Time to Restore (MTTR) metric not declared or dashboard required but missing"}] {
|
|
16
|
-
not input.satellite.scorecards.timeToRestoreDeclared
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
violations[{"id": "SPACE-01", "message": "Observability infrastructure (traces, logs, metrics) not operational in production"}] {
|
|
20
|
-
not input.satellite.scorecards.observabilityOperational
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
violations[{"id": "SPACE-02", "message": "Satellite performance (P95 latency) not measured or dashboard not linked in scorecards"}] {
|
|
24
|
-
not input.satellite.scorecards.performanceDashboardLinked
|
|
25
|
-
}
|
|
26
|
-
|
|
27
|
-
violations[{"id": "SPACE-03", "message": "Team cognitive load survey not completed or score not recorded in satellite scorecards"}] {
|
|
28
|
-
not input.satellite.scorecards.cognitivLoadSurveyCompleted
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
violations[{"id": "SPACE-04", "message": "Collaboration index (cross-team PRs and shared ADRs) not computed — required for SPACE executive review"}] {
|
|
32
|
-
not input.satellite.scorecards.collaborationIndexComputed
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
violations[{"id": "SPACE-05", "message": "Executive sponsor not assigned or quarterly review not documented"}] {
|
|
36
|
-
not input.satellite.scorecards.executiveSponsorAssigned
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
violations[{"id": "DRIFT-01", "message": "Architecture Drift Index not measured or exceeds 10% threshold"}] {
|
|
40
|
-
input.satellite.scorecards.architectureDriftIndex > 10
|
|
41
|
-
}
|
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
package evolith.executive_scorecards_test
|
|
2
|
-
|
|
3
|
-
import data.evolith.executive_scorecards
|
|
4
|
-
|
|
5
|
-
compliant_input := {"satellite": {"scorecards": {
|
|
6
|
-
"deploymentFrequencyDeclared": true,
|
|
7
|
-
"leadTimeDeclared": true,
|
|
8
|
-
"changeFailureRateDeclared": true,
|
|
9
|
-
"timeToRestoreDeclared": true,
|
|
10
|
-
"observabilityOperational": true,
|
|
11
|
-
"executiveSponsorAssigned": true,
|
|
12
|
-
"architectureDriftIndex": 5,
|
|
13
|
-
}}}
|
|
14
|
-
|
|
15
|
-
test_compliant_scorecards_has_no_violations {
|
|
16
|
-
violations := executive_scorecards.violations with input as compliant_input
|
|
17
|
-
count(violations) == 0
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
test_missing_deployment_frequency_is_rejected {
|
|
21
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/deploymentFrequencyDeclared", "value": false}])
|
|
22
|
-
violations := executive_scorecards.violations with input as i
|
|
23
|
-
violations[_].id == "DORA-01"
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
test_missing_lead_time_is_rejected {
|
|
27
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/leadTimeDeclared", "value": false}])
|
|
28
|
-
violations := executive_scorecards.violations with input as i
|
|
29
|
-
violations[_].id == "DORA-02"
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
test_missing_change_failure_rate_is_rejected {
|
|
33
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/changeFailureRateDeclared", "value": false}])
|
|
34
|
-
violations := executive_scorecards.violations with input as i
|
|
35
|
-
violations[_].id == "DORA-03"
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
test_missing_time_to_restore_is_rejected {
|
|
39
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/timeToRestoreDeclared", "value": false}])
|
|
40
|
-
violations := executive_scorecards.violations with input as i
|
|
41
|
-
violations[_].id == "DORA-04"
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
test_missing_observability_is_rejected {
|
|
45
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/observabilityOperational", "value": false}])
|
|
46
|
-
violations := executive_scorecards.violations with input as i
|
|
47
|
-
violations[_].id == "SPACE-01"
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
test_missing_executive_sponsor_is_rejected {
|
|
51
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/executiveSponsorAssigned", "value": false}])
|
|
52
|
-
violations := executive_scorecards.violations with input as i
|
|
53
|
-
violations[_].id == "SPACE-05"
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
test_drift_index_exceeding_threshold_is_rejected {
|
|
57
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/scorecards/architectureDriftIndex", "value": 15}])
|
|
58
|
-
violations := executive_scorecards.violations with input as i
|
|
59
|
-
violations[_].id == "DRIFT-01"
|
|
60
|
-
}
|
|
@@ -1,41 +0,0 @@
|
|
|
1
|
-
package evolith.gitflow_branching
|
|
2
|
-
|
|
3
|
-
violations[{"id": "GIT-01", "message": "Branch name does not follow pattern: type/ticket-id-description"}] {
|
|
4
|
-
input.satellite.git.branchNameInvalid
|
|
5
|
-
}
|
|
6
|
-
|
|
7
|
-
violations[{"id": "GIT-02", "message": "Direct push to protected branch detected — all changes must come through PRs"}] {
|
|
8
|
-
input.satellite.git.directPushToProtectedBranch
|
|
9
|
-
}
|
|
10
|
-
|
|
11
|
-
violations[{"id": "GIT-03", "message": "PR merged without minimum 1 approved review"}] {
|
|
12
|
-
not input.satellite.git.prHasMinimumReview
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
violations[{"id": "GIT-04", "message": "Release tag does not follow semver format v{major}.{minor}.{patch}"}] {
|
|
16
|
-
input.satellite.git.releaseTagInvalid
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
violations[{"id": "GIT-05", "message": "Feature branches must merge via squash or rebase — merge commits that clutter history with intermediary commits are not allowed on protected branches"}] {
|
|
20
|
-
input.satellite.git.featureBranchMergeNotSquashOrRebase
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
violations[{"id": "GIT-06", "message": "Hotfix branch not following expedited merge path — hotfix/* must merge directly to main and back-merge to develop within the release cycle"}] {
|
|
24
|
-
input.satellite.git.hotfixNotExpeditedPath
|
|
25
|
-
}
|
|
26
|
-
|
|
27
|
-
violations[{"id": "GIT-07", "message": "Stale branch not deleted after merge — branches merged more than 7 days ago must be removed from remote"}] {
|
|
28
|
-
input.satellite.git.hasStaleBranchesAfterMerge
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
violations[{"id": "GIT-08", "message": "Commit message does not follow Conventional Commits format"}] {
|
|
32
|
-
input.satellite.git.commitMessageInvalid
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
violations[{"id": "GIT-09", "message": "Environment promotion does not follow develop→qa→uat→main sequence"}] {
|
|
36
|
-
input.satellite.git.promotionSequenceInvalid
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
violations[{"id": "GIT-10", "message": "PR into qa/uat/main/release/hotfix without minimum 2 approvals"}] {
|
|
40
|
-
not input.satellite.git.higherEnvPrHasTwoApprovals
|
|
41
|
-
}
|
|
@@ -1,60 +0,0 @@
|
|
|
1
|
-
package evolith.gitflow_branching_test
|
|
2
|
-
|
|
3
|
-
import data.evolith.gitflow_branching
|
|
4
|
-
|
|
5
|
-
compliant_input := {"satellite": {"git": {
|
|
6
|
-
"branchNameInvalid": false,
|
|
7
|
-
"directPushToProtectedBranch": false,
|
|
8
|
-
"prHasMinimumReview": true,
|
|
9
|
-
"releaseTagInvalid": false,
|
|
10
|
-
"commitMessageInvalid": false,
|
|
11
|
-
"promotionSequenceInvalid": false,
|
|
12
|
-
"higherEnvPrHasTwoApprovals": true,
|
|
13
|
-
}}}
|
|
14
|
-
|
|
15
|
-
test_compliant_gitflow_has_no_violations {
|
|
16
|
-
violations := gitflow_branching.violations with input as compliant_input
|
|
17
|
-
count(violations) == 0
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
test_invalid_branch_name_is_rejected {
|
|
21
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/branchNameInvalid", "value": true}])
|
|
22
|
-
violations := gitflow_branching.violations with input as i
|
|
23
|
-
violations[_].id == "GIT-01"
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
test_direct_push_to_protected_branch_is_rejected {
|
|
27
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/directPushToProtectedBranch", "value": true}])
|
|
28
|
-
violations := gitflow_branching.violations with input as i
|
|
29
|
-
violations[_].id == "GIT-02"
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
test_pr_without_review_is_rejected {
|
|
33
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/prHasMinimumReview", "value": false}])
|
|
34
|
-
violations := gitflow_branching.violations with input as i
|
|
35
|
-
violations[_].id == "GIT-03"
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
test_invalid_release_tag_is_rejected {
|
|
39
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/releaseTagInvalid", "value": true}])
|
|
40
|
-
violations := gitflow_branching.violations with input as i
|
|
41
|
-
violations[_].id == "GIT-04"
|
|
42
|
-
}
|
|
43
|
-
|
|
44
|
-
test_invalid_commit_message_is_rejected {
|
|
45
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/commitMessageInvalid", "value": true}])
|
|
46
|
-
violations := gitflow_branching.violations with input as i
|
|
47
|
-
violations[_].id == "GIT-08"
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
test_invalid_promotion_sequence_is_rejected {
|
|
51
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/promotionSequenceInvalid", "value": true}])
|
|
52
|
-
violations := gitflow_branching.violations with input as i
|
|
53
|
-
violations[_].id == "GIT-09"
|
|
54
|
-
}
|
|
55
|
-
|
|
56
|
-
test_higher_env_pr_without_two_approvals_is_rejected {
|
|
57
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/git/higherEnvPrHasTwoApprovals", "value": false}])
|
|
58
|
-
violations := gitflow_branching.violations with input as i
|
|
59
|
-
violations[_].id == "GIT-10"
|
|
60
|
-
}
|
|
@@ -1,39 +0,0 @@
|
|
|
1
|
-
package evolith.governance
|
|
2
|
-
|
|
3
|
-
violations[{"id": "INH-01", "message": "Satellite contains a rulesets/ directory — inheriting from Core only is required"}] {
|
|
4
|
-
input.satellitePath != input.corePath
|
|
5
|
-
|
|
6
|
-
# Check if "rulesets" is in satellite directories
|
|
7
|
-
dirs := {dir | dir := input.satellite.directories[_]}
|
|
8
|
-
dirs["rulesets"]
|
|
9
|
-
}
|
|
10
|
-
|
|
11
|
-
violations[{"id": "INH-02", "message": "Satellite coreRef.version must be a specific semver — 'latest' or unpinned references are prohibited"}] {
|
|
12
|
-
input.satellitePath != input.corePath
|
|
13
|
-
not input.satellite.contracts.coreVersionPinned
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
violations[{"id": "INH-03", "message": "Satellite governance version cannot be downgraded — downgrade requires Architecture Board exception with --force flag"}] {
|
|
17
|
-
input.satellitePath != input.corePath
|
|
18
|
-
input.satellite.contracts.governanceVersionDowngraded
|
|
19
|
-
}
|
|
20
|
-
|
|
21
|
-
violations[{"id": "INH-04", "message": "Satellite local ADRs must reference Core corpus — DECISIONS.md or local ADR registry with coreRef is required for extension decisions"}] {
|
|
22
|
-
input.satellitePath != input.corePath
|
|
23
|
-
files := {file | file := input.satellite.files[_]}
|
|
24
|
-
not files["DECISIONS.md"]
|
|
25
|
-
not input.satellite.contracts.hasLocalAdrRegistry
|
|
26
|
-
}
|
|
27
|
-
|
|
28
|
-
violations[{"id": "INH-05", "message": "Local ADR promotion to Core requires Architecture Board review artifact — no approval evidence found for this ADR promotion"}] {
|
|
29
|
-
input.satellitePath != input.corePath
|
|
30
|
-
input.satellite.contracts.hasAdrsAwaitingPromotion
|
|
31
|
-
not input.satellite.contracts.hasArchitectureBoardApproval
|
|
32
|
-
}
|
|
33
|
-
|
|
34
|
-
violations[{"id": "INH-06", "message": "Satellite missing DECISIONS.md in root directory"}] {
|
|
35
|
-
input.satellitePath != input.corePath
|
|
36
|
-
|
|
37
|
-
files := {file | file := input.satellite.files[_]}
|
|
38
|
-
not files["DECISIONS.md"]
|
|
39
|
-
}
|
|
@@ -1,23 +0,0 @@
|
|
|
1
|
-
package evolith.governance_test
|
|
2
|
-
|
|
3
|
-
import data.evolith.governance
|
|
4
|
-
|
|
5
|
-
test_satellite_without_rulesets_has_no_violations {
|
|
6
|
-
violations := governance.violations with input as {"satellitePath": "/satellite", "corePath": "/core", "satellite": {"directories": ["src", "docs"], "files": ["DECISIONS.md", "README.md"]}}
|
|
7
|
-
count(violations) == 0
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
test_satellite_with_rulesets_is_rejected {
|
|
11
|
-
violations := governance.violations with input as {"satellitePath": "/satellite", "corePath": "/core", "satellite": {"directories": ["rulesets", "src"], "files": ["DECISIONS.md"]}}
|
|
12
|
-
violations[_].id == "INH-01"
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
test_satellite_missing_decisions_md_is_rejected {
|
|
16
|
-
violations := governance.violations with input as {"satellitePath": "/satellite", "corePath": "/core", "satellite": {"directories": ["src"], "files": ["README.md"]}}
|
|
17
|
-
violations[_].id == "INH-06"
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
test_core_repo_is_exempt_from_inheritance_rules {
|
|
21
|
-
violations := governance.violations with input as {"satellitePath": "/core", "corePath": "/core", "satellite": {"directories": ["rulesets"], "files": []}}
|
|
22
|
-
count(violations) == 0
|
|
23
|
-
}
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
package evolith.hexagonal_architecture
|
|
2
|
-
|
|
3
|
-
violations[{"id": "HXA-01", "message": "Core (Domain) layer has framework imports — must be pure TypeScript only"}] {
|
|
4
|
-
input.satellite.layers.core.hasFrameworkImports
|
|
5
|
-
}
|
|
6
|
-
|
|
7
|
-
violations[{"id": "HXA-02", "message": "Application layer has infrastructure imports — may import Core and NestJS DI only"}] {
|
|
8
|
-
input.satellite.layers.application.hasInfrastructureImports
|
|
9
|
-
}
|
|
10
|
-
|
|
11
|
-
violations[{"id": "HXA-03", "message": "Infrastructure layer does not implement Core port interfaces"}] {
|
|
12
|
-
not input.satellite.layers.infrastructure.implementsPorts
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
violations[{"id": "HXA-04", "message": "Dependency direction violated — backward imports detected"}] {
|
|
16
|
-
input.satellite.layers.hasBackwardImports
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
violations[{"id": "HXA-05", "message": "AOP concerns found in Core/Application layers — prohibited"}] {
|
|
20
|
-
input.satellite.layers.core.hasAopDecorators
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
violations[{"id": "HXA-05", "message": "AOP concerns found in Core/Application layers — prohibited"}] {
|
|
24
|
-
input.satellite.layers.application.hasAopDecorators
|
|
25
|
-
}
|
|
26
|
-
|
|
27
|
-
violations[{"id": "HXA-06", "message": "AOP concerns (interceptors, decorators) must be implemented exclusively in Infrastructure layer — not in Core or Application"}] {
|
|
28
|
-
input.satellite.layers.infrastructure.aopNotInInfrastructure
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
violations[{"id": "HXA-07", "message": "Core domain tests require framework bootstrap — must run without framework"}] {
|
|
32
|
-
input.satellite.layers.core.domainTestsRequireBootstrap
|
|
33
|
-
}
|
|
@@ -1,57 +0,0 @@
|
|
|
1
|
-
package evolith.hexagonal_architecture_test
|
|
2
|
-
|
|
3
|
-
import data.evolith.hexagonal_architecture
|
|
4
|
-
|
|
5
|
-
compliant_input := {"satellite": {"layers": {
|
|
6
|
-
"core": {"hasFrameworkImports": false, "hasAopDecorators": false, "domainTestsRequireBootstrap": false},
|
|
7
|
-
"application": {"hasInfrastructureImports": false, "hasAopDecorators": false},
|
|
8
|
-
"infrastructure": {"implementsPorts": true},
|
|
9
|
-
"hasBackwardImports": false,
|
|
10
|
-
}}}
|
|
11
|
-
|
|
12
|
-
test_compliant_hexagonal_has_no_violations {
|
|
13
|
-
violations := hexagonal_architecture.violations with input as compliant_input
|
|
14
|
-
count(violations) == 0
|
|
15
|
-
}
|
|
16
|
-
|
|
17
|
-
test_core_framework_imports_is_rejected {
|
|
18
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/core/hasFrameworkImports", "value": true}])
|
|
19
|
-
violations := hexagonal_architecture.violations with input as i
|
|
20
|
-
violations[_].id == "HXA-01"
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
test_application_infrastructure_imports_is_rejected {
|
|
24
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/application/hasInfrastructureImports", "value": true}])
|
|
25
|
-
violations := hexagonal_architecture.violations with input as i
|
|
26
|
-
violations[_].id == "HXA-02"
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
test_infrastructure_not_implementing_ports_is_rejected {
|
|
30
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/infrastructure/implementsPorts", "value": false}])
|
|
31
|
-
violations := hexagonal_architecture.violations with input as i
|
|
32
|
-
violations[_].id == "HXA-03"
|
|
33
|
-
}
|
|
34
|
-
|
|
35
|
-
test_backward_imports_is_rejected {
|
|
36
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/hasBackwardImports", "value": true}])
|
|
37
|
-
violations := hexagonal_architecture.violations with input as i
|
|
38
|
-
violations[_].id == "HXA-04"
|
|
39
|
-
}
|
|
40
|
-
|
|
41
|
-
test_aop_in_core_is_rejected {
|
|
42
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/core/hasAopDecorators", "value": true}])
|
|
43
|
-
violations := hexagonal_architecture.violations with input as i
|
|
44
|
-
violations[_].id == "HXA-05"
|
|
45
|
-
}
|
|
46
|
-
|
|
47
|
-
test_aop_in_application_is_rejected {
|
|
48
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/application/hasAopDecorators", "value": true}])
|
|
49
|
-
violations := hexagonal_architecture.violations with input as i
|
|
50
|
-
violations[_].id == "HXA-05"
|
|
51
|
-
}
|
|
52
|
-
|
|
53
|
-
test_domain_tests_requiring_bootstrap_is_rejected {
|
|
54
|
-
i := json.patch(compliant_input, [{"op": "replace", "path": "/satellite/layers/core/domainTestsRequireBootstrap", "value": true}])
|
|
55
|
-
violations := hexagonal_architecture.violations with input as i
|
|
56
|
-
violations[_].id == "HXA-07"
|
|
57
|
-
}
|
|
@@ -1,33 +0,0 @@
|
|
|
1
|
-
package evolith.infrastructure.helm
|
|
2
|
-
|
|
3
|
-
import rego.v1
|
|
4
|
-
|
|
5
|
-
# INFRA-001: Helm Charts Over Raw Manifests Enforcement
|
|
6
|
-
# Native counterpart: rulesets/infrastructure/helm-enforcement.rules.json
|
|
7
|
-
# ADR ref: ADR-0076
|
|
8
|
-
|
|
9
|
-
violations contains {"id": "INFRA-001", "message": msg} if {
|
|
10
|
-
file := input.infrastructure.kubernetesFiles[_]
|
|
11
|
-
not contains(file, "Chart.yaml")
|
|
12
|
-
not contains(file, "values.yaml")
|
|
13
|
-
not contains(file, "templates/")
|
|
14
|
-
endswith(file, ".yaml")
|
|
15
|
-
msg := sprintf("Raw Kubernetes manifest detected: %v — wrap in a Helm Chart (Chart.yaml required)", [file])
|
|
16
|
-
}
|
|
17
|
-
|
|
18
|
-
violations contains {"id": "INFRA-001", "message": "No Helm Chart.yaml found in Kubernetes infrastructure directory — all Kubernetes configs must use Helm"} if {
|
|
19
|
-
dirs := {d | d := input.infrastructure.directories[_]}
|
|
20
|
-
dirs["kubernetes"]
|
|
21
|
-
not any_chart_yaml
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
any_chart_yaml if {
|
|
25
|
-
file := input.infrastructure.kubernetesFiles[_]
|
|
26
|
-
contains(file, "Chart.yaml")
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
default allow := false
|
|
30
|
-
|
|
31
|
-
allow if {
|
|
32
|
-
count(violations) == 0
|
|
33
|
-
}
|
|
@@ -1,42 +0,0 @@
|
|
|
1
|
-
package evolith.infrastructure.opa_sidecar
|
|
2
|
-
|
|
3
|
-
import rego.v1
|
|
4
|
-
|
|
5
|
-
# INFRA-OPA-001: OPA Sidecar Bundle Integrity
|
|
6
|
-
# Native counterpart: rulesets/infrastructure/opa-sidecar-bundle.rules.json
|
|
7
|
-
|
|
8
|
-
violations contains {"id": "INFRA-OPA-001", "message": msg} if {
|
|
9
|
-
sidecar := input.infrastructure.opaSidecars[_]
|
|
10
|
-
not startswith(sidecar.bundleUrl, "https://")
|
|
11
|
-
msg := sprintf("OPA sidecar '%v' bundle URL must use HTTPS — unauthenticated transport prohibited", [sidecar.name])
|
|
12
|
-
}
|
|
13
|
-
|
|
14
|
-
violations contains {"id": "INFRA-OPA-001", "message": msg} if {
|
|
15
|
-
sidecar := input.infrastructure.opaSidecars[_]
|
|
16
|
-
not sidecar.credentialsFromSecret
|
|
17
|
-
msg := sprintf("OPA sidecar '%v' must source credentials from a Kubernetes Secret, not inline config", [sidecar.name])
|
|
18
|
-
}
|
|
19
|
-
|
|
20
|
-
violations contains {"id": "INFRA-OPA-001", "message": msg} if {
|
|
21
|
-
sidecar := input.infrastructure.opaSidecars[_]
|
|
22
|
-
not sidecar.bundleSignatureVerified
|
|
23
|
-
msg := sprintf("OPA sidecar '%v' does not verify bundle signatures — signed bundle verification is required", [sidecar.name])
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
violations contains {"id": "INFRA-OPA-001", "message": msg} if {
|
|
27
|
-
sidecar := input.infrastructure.opaSidecars[_]
|
|
28
|
-
not sidecar.bundleDigestPinned
|
|
29
|
-
msg := sprintf("OPA sidecar '%v' does not pin expected SHA-256 bundle digest — digest pinning required", [sidecar.name])
|
|
30
|
-
}
|
|
31
|
-
|
|
32
|
-
violations contains {"id": "INFRA-OPA-001", "message": msg} if {
|
|
33
|
-
sidecar := input.infrastructure.opaSidecars[_]
|
|
34
|
-
not sidecar.failClosedOnBundleLoad
|
|
35
|
-
msg := sprintf("OPA sidecar '%v' is not configured to fail-closed if bundle activation fails — readiness probe must block traffic until bundle is active", [sidecar.name])
|
|
36
|
-
}
|
|
37
|
-
|
|
38
|
-
default allow := false
|
|
39
|
-
|
|
40
|
-
allow if {
|
|
41
|
-
count(violations) == 0
|
|
42
|
-
}
|