@r3dlex/ai-catapult 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +139 -0
- package/bin/ai-catapult.js +229 -0
- package/dist/claude-plugin/.claude-plugin/marketplace.json +28 -0
- package/dist/claude-plugin/.claude-plugin/plugin.json +21 -0
- package/dist/claude-plugin/skills/ai-catapult-init/REFERENCE.md +1284 -0
- package/dist/claude-plugin/skills/ai-catapult-init/SKILL.md +79 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/README.md +48 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/archgate.md +42 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/brd-prd-traceability.md +64 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/cascade.md +110 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/ci-policy.md +107 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/documentation-blueprint.md +185 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/evals.md +93 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/foundation.md +19 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/host-policy-automation.md +151 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/language-packs.md +63 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/mcp-a2a.md +63 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/memory.md +102 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/migration.md +107 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/phases/01-discover-decide.md +33 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/phases/README.md +33 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/readme-documentation.md +120 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/release-versioning.md +188 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/skill-modernization.md +72 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/sync.md +111 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/topology.md +102 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/traceability.md +136 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/tracker-adapters.md +51 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/validation.md +276 -0
- package/dist/claude-plugin/skills/ai-catapult-init/modules/workflow.md +45 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/AGENTS.md +69 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/CLAUDE.md +3 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/GEMINI.md +3 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/boundary-manifest.json +247 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/drift/backups/.gitkeep +0 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/drift/last-drift.json +7 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/evals/.gitkeep +0 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/evals/coverage-exceptions.json +1 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/handoff/.gitkeep +0 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/matrix.json +19 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/mcp/a2a-handoff.md +51 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/mcp/registry.json +27 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/observability/audit-checklist.md +32 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/observability/conventions.md +35 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/phases/01-discover-decide/status.json +16 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/phases/02-govern-plan/status.json +15 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/phases/03-configure-generate/status.json +22 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/phases/04-validate-handoff/status.json +18 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/policies/model-routing.json +29 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/reviews/ai-failure-modes.md +42 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/rules/security.md +38 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/rules/technical-bounds.md +38 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/skills/git-ops.json +6 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/skills/workspace-sync.json +6 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/system-prompts/architect.md +31 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/system-prompts/developer.md +31 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/system-prompts/qa-engineer.md +31 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/traceability/.gitkeep +0 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/workflows/repo-workflow.json +42 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-ai/workflows/repo-workflow.md +52 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-github/workflows/ci-prek.yml +21 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/dot-rules.ts +178 -0
- package/dist/claude-plugin/skills/ai-catapult-init/templates/prek.toml +13 -0
- package/dist/codex-plugin/.codex-plugin/plugin.json +11 -0
- package/dist/codex-plugin/skills/ai-catapult-init/REFERENCE.md +1284 -0
- package/dist/codex-plugin/skills/ai-catapult-init/SKILL.md +79 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/README.md +48 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/archgate.md +42 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/brd-prd-traceability.md +64 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/cascade.md +110 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/ci-policy.md +107 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/documentation-blueprint.md +185 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/evals.md +93 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/foundation.md +19 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/host-policy-automation.md +151 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/language-packs.md +63 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/mcp-a2a.md +63 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/memory.md +102 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/migration.md +107 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/phases/01-discover-decide.md +33 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/phases/README.md +33 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/readme-documentation.md +120 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/release-versioning.md +188 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/skill-modernization.md +72 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/sync.md +111 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/topology.md +102 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/traceability.md +136 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/tracker-adapters.md +51 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/validation.md +276 -0
- package/dist/codex-plugin/skills/ai-catapult-init/modules/workflow.md +45 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/AGENTS.md +69 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/CLAUDE.md +3 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/GEMINI.md +3 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/boundary-manifest.json +247 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/drift/backups/.gitkeep +0 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/drift/last-drift.json +7 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/evals/.gitkeep +0 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/evals/coverage-exceptions.json +1 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/handoff/.gitkeep +0 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/matrix.json +19 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/mcp/a2a-handoff.md +51 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/mcp/registry.json +27 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/observability/audit-checklist.md +32 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/observability/conventions.md +35 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/phases/01-discover-decide/status.json +16 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/phases/02-govern-plan/status.json +15 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/phases/03-configure-generate/status.json +22 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/phases/04-validate-handoff/status.json +18 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/policies/model-routing.json +29 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/reviews/ai-failure-modes.md +42 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/rules/security.md +38 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/rules/technical-bounds.md +38 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/skills/git-ops.json +6 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/skills/workspace-sync.json +6 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/system-prompts/architect.md +31 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/system-prompts/developer.md +31 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/system-prompts/qa-engineer.md +31 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/traceability/.gitkeep +0 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/workflows/repo-workflow.json +42 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-ai/workflows/repo-workflow.md +52 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-github/workflows/ci-prek.yml +21 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/dot-rules.ts +178 -0
- package/dist/codex-plugin/skills/ai-catapult-init/templates/prek.toml +13 -0
- package/package.json +51 -0
- package/scripts/build-claude-plugin.sh +179 -0
- package/scripts/build-codex-plugin.sh +104 -0
- package/scripts/snapshot-dist.sh +26 -0
- package/setup.sh +63 -0
- package/skills.lock.json +6 -0
- package/src/install.js +380 -0
- package/src/scaffold.js +220 -0
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
---
|
|
2
|
+
name: ai-catapult-init
|
|
3
|
+
description: 'Bootstrap AI-ready repo governance, traceability, cascade, catalog audits, validation. Deprecated compatibility aliases: init-ai-repo, ai-sdlc-init. Use when setting up AI SDLC.'
|
|
4
|
+
---
|
|
5
|
+
|
|
6
|
+
# Init AI Repo
|
|
7
|
+
|
|
8
|
+
## Quick Start
|
|
9
|
+
|
|
10
|
+
Run this skill in the target repo. `ai-catapult-init` is the canonical skill name; `init-ai-repo` and `ai-sdlc-init` remain deprecated compatibility aliases. Use dry-run first when scope or host choices are unclear. Keep hosted settings as checklist output unless the user explicitly requests an admin/credentialed action.
|
|
11
|
+
|
|
12
|
+
## Workflow
|
|
13
|
+
|
|
14
|
+
### Phase 1 — Discover & Decide
|
|
15
|
+
Inspect repository state, host tooling, trackers, CI, and runtime conventions. Choose greenfield bootstrap, brownfield adoption, hosted-tracker-first, or local fallback. Emit `.ai/matrix.json`, `.ai/init/repo-profile.json`, `.ai/init/sdlc-path.md`, and `.ai/phases/01-discover-decide/`. OMX surfaces: `$deep-interview`, `$plan`, `$ralplan`; OMC surfaces must produce the same artifact contract.
|
|
16
|
+
|
|
17
|
+
### Phase 2 — Govern & Plan
|
|
18
|
+
Generate or refresh `AGENTS.md`, `RULES.md`, `PLANS.md`, `CONTRIBUTING.md`, active/archived specs, ADRs, `.ai/work-intake/`, `.ai/plans/`, and `.ai/phases/02-govern-plan/`. Ensure a hosted issue/ticket when configured and authorized. Local fallback is allowed before coding, but it must be reconciled before final PR merge. Require active spec/PRD, plan, and acceptance criteria before implementation.
|
|
19
|
+
|
|
20
|
+
### Phase 3 — Configure & Generate
|
|
21
|
+
Generate command/runtime surfaces and policy automation under `.ai/bin/`, `.ai/policies/`, `.ai/commands/omx/`, `.ai/commands/omc/`, `.ai/language-packs/`, optional `Makefile`/`justfile`, and `.ai/phases/03-configure-generate/`. OMX surfaces: `$ralph`, `$team`, `$ultragoal`, `$ultrawork`; OMC aliases/commands delegate to the same generated structures rather than duplicate semantics.
|
|
22
|
+
|
|
23
|
+
### Phase 4 — Validate & Handoff
|
|
24
|
+
Run local validation, drift checks, generated smoke tests, and hosted/local ticket reconciliation. Emit `.ai/validation/report.md`, `.ai/drift/migration-manifest.json`, `.ai/handoff/init-ai-repo-handoff.md`, and `.ai/phases/04-validate-handoff/`. OMX surfaces: `$doctor`, `$code-review`, `$team`, `$ralph`. The handoff records done, verified, remaining, and reconciliation status.
|
|
25
|
+
|
|
26
|
+
### Internal checkpoints
|
|
27
|
+
|
|
28
|
+
The public workflow is four phases, but the generator preserves the original eight internal checkpoints for compatibility and traceability:
|
|
29
|
+
|
|
30
|
+
1. Detect repo state
|
|
31
|
+
2. Choose SDLC path
|
|
32
|
+
3. Scaffold foundation and v3 layout
|
|
33
|
+
4. Scaffold work intake
|
|
34
|
+
5. Configure host adapters
|
|
35
|
+
6. Configure CI and policy
|
|
36
|
+
7. Select language packs
|
|
37
|
+
8. Validate and emit handoff
|
|
38
|
+
|
|
39
|
+
## PR Merge Gate
|
|
40
|
+
|
|
41
|
+
Every implementation initialized by this skill must assume protected `main` and PR-only delivery. Emit provider-specific branch-policy checklist/config artifacts unless the user explicitly authorizes hosted mutation with credentials. Admin users may self-approve only when host policy permits it and the host/runtime explicitly supports an admin approve/admin bypass lane for the same actor; all required checks must still pass. If the host rejects same-actor review approval (for example, GitHub hosted PR review), use a distinct admin reviewer or explicit host admin bypass/admin merge. Record the actor, authority, reason, checks, and approval mode, and fail closed when same-actor admin approval support cannot be proven.
|
|
42
|
+
|
|
43
|
+
When this skill creates or updates PR workflow guidance, require merge only after:
|
|
44
|
+
|
|
45
|
+
1. The **architect** confirms the implementation still matches ADRs, module boundaries, branch policy, and acceptance criteria.
|
|
46
|
+
2. The **reviewer** confirms code quality, safety, documentation, and drift checks have no blocking findings.
|
|
47
|
+
3. The **executor** confirms the requested change is implemented, cleanup is complete, and all required checks are green.
|
|
48
|
+
4. All actionable PR comments are resolved and local CI plus host SCM CI (GitHub Actions, Azure Pipelines, or GitLab CI as applicable) are green.
|
|
49
|
+
5. The loop reaches explicit agreement across architect, reviewer, and executor; if any role disagrees, comments remain actionable, checks are not green, or branch policy forbids merge, do not merge or auto-merge.
|
|
50
|
+
|
|
51
|
+
`modules/ci-policy.md` adds a mechanical eval-coverage check to this PR merge gate: a changed shippable skill must declare a structurally valid evalset. See `modules/evals.md`.
|
|
52
|
+
|
|
53
|
+
## Module Map
|
|
54
|
+
|
|
55
|
+
- `modules/README.md` — read when choosing which Layer 3 module applies.
|
|
56
|
+
- `modules/phases/README.md` — read when mapping the four public phases to internal checkpoints.
|
|
57
|
+
- `modules/topology.md` — read when generating `.ai/matrix.json` or validating umbrella depth.
|
|
58
|
+
- `modules/documentation-blueprint.md` — read when generating the v3 `.ai/`, `.memory/`, and `docs/` trees.
|
|
59
|
+
- `modules/memory.md` — read when defining `.memory/human-override/` and `.memory/self-learned` schemas.
|
|
60
|
+
- `modules/sync.md` — read when implementing physical-copy sync and drift detection.
|
|
61
|
+
- `modules/host-policy-automation.md` — read when applying hosted branch/PR/policy mutations safely.
|
|
62
|
+
- `modules/validation.md` — read when validating generated artifacts, depth rules, and golden fixtures.
|
|
63
|
+
- `REFERENCE.md` — read only for legacy full template bodies that have not yet moved into focused modules.
|
|
64
|
+
- `modules/readme-documentation.md` — read when initializing, augmenting, or rewriting `README.md`.
|
|
65
|
+
- `modules/release-versioning.md` — read when initializing release tagging, versioning, or CI/CD release workflows.
|
|
66
|
+
- `modules/workflow.md` — read when generating repo workflow docs, workflow/status manifests, entry-surface links, and handoff indexes.
|
|
67
|
+
- `modules/traceability.md` — read when generating stable traceability IDs, graph schema, backlink validation, graph fixtures, or cross-skill requirement/work-artifact links.
|
|
68
|
+
- `modules/cascade.md` — read when generating multi-repo cascade plans, first-run confirmation gates, idempotent linked updates, host adapter contracts, audits, and reconciliation reports.
|
|
69
|
+
- `modules/skill-modernization.md` — read when auditing compact descriptions, progressive disclosure, trigger boundaries, cross-skill links, and AI-SDLC compatibility.
|
|
70
|
+
- `modules/evals.md` — read when generating the `.ai/evals/` scaffold or the offline eval-coverage gate that `modules/ci-policy.md` adds to the PR merge gate.
|
|
71
|
+
- `modules/mcp-a2a.md` — read when generating the `.ai/mcp/` registry stub and the A2A cross-agent handoff convention.
|
|
72
|
+
|
|
73
|
+
## Safety Rules
|
|
74
|
+
|
|
75
|
+
- Keep `SKILL.md` under 100 body lines; move variants to modules.
|
|
76
|
+
- Treat GitHub/ADO/GitLab/Jira branch and policy settings as confirmation-gated mutations; do not apply them without explicit opt-in even with admin credentials.
|
|
77
|
+
- Reference `setup-skills` and `publish-semver` host docs instead of copying their full semantics.
|
|
78
|
+
- Preserve existing GitLab/local support unless a later module explicitly migrates it.
|
|
79
|
+
- Physical-copy is the canonical sync strategy; symlinks and git submodules are not.
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
# Init AI Repo Modules
|
|
2
|
+
|
|
3
|
+
Layer 3 modules keep the canonical `ai-catapult-init` skill lean. These files live under the canonical `ai-catapult-init/` path; `init-ai-repo/` and `ai-sdlc-init/` are deprecated compatibility path/alias shims. Read only the module that matches the current scaffold decision.
|
|
4
|
+
|
|
5
|
+
| Module | When to read |
|
|
6
|
+
| --- | --- |
|
|
7
|
+
| `foundation.md` | Read when creating the base AI SDLC scaffold: Karpathy guidance, ADRs, `.rules.ts`, prek, sync scripts, and doc markers. |
|
|
8
|
+
| `validation.md` | Read when running scaffold verification, golden fixture checks, or regression tests. |
|
|
9
|
+
| `brd-prd-traceability.md` | Read when adding BRD, PRD, issue/ticket, agent brief, and drift-report backlinks. |
|
|
10
|
+
| `tracker-adapters.md` | Read when choosing GitHub, ADO, GitLab, Jira, or local markdown tracker integration. |
|
|
11
|
+
| `ci-policy.md` | Read when adding GitHub/ADO/GitLab CI and branch-policy/ruleset checklist artifacts. |
|
|
12
|
+
| `host-policy-automation.md` | Read when applying hosted branch/PR/policy mutations to GitHub, ADO, GitLab, or Jira, or when emitting dry-run diffs and confirmation gates. |
|
|
13
|
+
| `archgate.md` | Read when configuring structural `.rules.ts` validation or optional semantic/drift checks. |
|
|
14
|
+
| `language-packs.md` | Read when selecting local/CI checks for TypeScript, Python, Rust, Go, JVM, .NET Core/EF Core, legacy .NET/EF, or polyglot repos. |
|
|
15
|
+
| `readme-documentation.md` | Read when initializing, augmenting, or rewriting `README.md` (template mode for sparse repos, safe augmentation/rewrite for existing). |
|
|
16
|
+
| `release-versioning.md` | Read when initializing release tagging, versioning, or CI/CD release workflows (Hybrid default, SemVer/CalVer variants, GHA/Azure/GitLab templates, tag guardrails). |
|
|
17
|
+
| `topology.md` | Read when the target repo needs a standalone or umbrella topology matrix, depth validation, or `.ai/matrix.json` schema generation. |
|
|
18
|
+
| `documentation-blueprint.md` | Read when generating the v3 canonical `.ai/`, `.memory/`, `docs/architecture`, `docs/specifications`, `docs/learning` trees, and the entry files. |
|
|
19
|
+
| `memory.md` | Read when defining the `.memory/human-override/` and `.memory/self-learned` schemas. |
|
|
20
|
+
| `sync.md` | Read when implementing physical-copy sync, drift detection, backups, or audit logs. |
|
|
21
|
+
| `migration.md` | Read when migrating a target repo from a legacy AI-SDLC scaffold to the v3 layout, or when classifying legacy artifacts. |
|
|
22
|
+
| `phases/README.md` | Read when mapping the four public phases to internal checkpoints. |
|
|
23
|
+
| `phases/01-discover-decide.md` | Read when executing Phase 1 discovery, lane selection, hosted-ticket posture, and OMX/OMC planning surfaces. |
|
|
24
|
+
| `workflow.md` | Read when generating repo workflow docs, workflow/status manifests, entry-surface links, and handoff indexes. |
|
|
25
|
+
| `traceability.md` | Read when generating stable IDs, graph schema, backlink validation, graph fixtures, and cross-skill artifact links. |
|
|
26
|
+
| `cascade.md` | Read when generating multi-repo cascade plans, first-run confirmation gates, idempotent linked updates, host adapter contracts, audits, and reconciliation reports. |
|
|
27
|
+
| `skill-modernization.md` | Read when auditing compact descriptions, progressive disclosure, trigger boundaries, cross-skill links, and AI-SDLC compatibility. |
|
|
28
|
+
|
|
29
|
+
`workflow.md`, `traceability.md`, `cascade.md`, and `skill-modernization.md` are active phase modules. Fall back to `REFERENCE.md` only for legacy template bodies that have not yet moved into focused modules.
|
|
30
|
+
|
|
31
|
+
## Module ordering for a fresh v3 scaffold
|
|
32
|
+
|
|
33
|
+
1. `topology.md` — decide standalone or umbrella, set `max_allowed_depth`.
|
|
34
|
+
2. `documentation-blueprint.md` — generate the v3 tree.
|
|
35
|
+
3. `memory.md` — wire `.memory/` schemas.
|
|
36
|
+
4. `sync.md` — wire physical-copy propagation and drift.
|
|
37
|
+
5. `tracker-adapters.md` + `host-policy-automation.md` — choose tracker and apply path.
|
|
38
|
+
6. `ci-policy.md` — CI workflow and branch-policy checklist.
|
|
39
|
+
7. `language-packs.md` — choose checks.
|
|
40
|
+
8. `validation.md` — verify the scaffold matches the blueprint and golden fixtures.
|
|
41
|
+
9. `foundation.md` + `brd-prd-traceability.md` + `archgate.md` + `migration.md` — supporting modules as needed (migration only when a legacy scaffold is present).
|
|
42
|
+
|
|
43
|
+
## Phase modules
|
|
44
|
+
|
|
45
|
+
| Module | Purpose |
|
|
46
|
+
|--------|---------|
|
|
47
|
+
| [`phases/README.md`](phases/README.md) | Four-phase AI-SDLC phase index and original eight-checkpoint mapping. |
|
|
48
|
+
| [`phases/01-discover-decide.md`](phases/01-discover-decide.md) | Phase 1 discovery, lane selection, hosted-ticket posture, and OMX/OMC planning surfaces. |
|
|
@@ -0,0 +1,42 @@
|
|
|
1
|
+
# Archgate Module
|
|
2
|
+
|
|
3
|
+
Read when configuring `.rules.ts` validation, CI governance, or optional semantic/drift checks.
|
|
4
|
+
|
|
5
|
+
## Default structural check
|
|
6
|
+
|
|
7
|
+
Structural validation stays fast and default-on:
|
|
8
|
+
|
|
9
|
+
```sh
|
|
10
|
+
bash scripts/validate-rules.sh .rules.ts
|
|
11
|
+
bash scripts/archgate.sh --mode structural --rules .rules.ts --format json
|
|
12
|
+
```
|
|
13
|
+
|
|
14
|
+
The structural check verifies that `.rules.ts` exports the required rule domains and remains suitable for local/CI execution.
|
|
15
|
+
|
|
16
|
+
## JSON contract
|
|
17
|
+
|
|
18
|
+
`bash scripts/archgate.sh --format json` emits one JSON object:
|
|
19
|
+
|
|
20
|
+
```json
|
|
21
|
+
{
|
|
22
|
+
"status": "pass|fail|skipped",
|
|
23
|
+
"mode": "structural|semantic|drift",
|
|
24
|
+
"rulesFile": ".rules.ts",
|
|
25
|
+
"base": "<optional base ref>",
|
|
26
|
+
"head": "<optional head ref>",
|
|
27
|
+
"checks": [
|
|
28
|
+
{ "id": "archgate-structural", "status": "pass", "message": "..." }
|
|
29
|
+
],
|
|
30
|
+
"exitCode": 0
|
|
31
|
+
}
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
## Optional semantic/drift checks
|
|
35
|
+
|
|
36
|
+
Semantic and drift modes are opt-in. They must not block CI until the repo has project-specific rules and `ARCHGATE_SEMANTIC=1` is deliberately configured.
|
|
37
|
+
|
|
38
|
+
```sh
|
|
39
|
+
ARCHGATE_SEMANTIC=1 bash scripts/archgate.sh --mode drift --base origin/main --head HEAD --format json
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
Drift checks compare the PR diff with BRD, PRD, acceptance criteria, relevant ADRs, and `.rules.ts`. Until a project-specific checker exists, the contract returns `skipped` without `ARCHGATE_SEMANTIC=1` and `fail` with it.
|
|
@@ -0,0 +1,64 @@
|
|
|
1
|
+
# BRD/PRD Traceability Module
|
|
2
|
+
|
|
3
|
+
Read when the repo needs a visible path from business need to implementation tickets and drift verification.
|
|
4
|
+
|
|
5
|
+
## Artifact chain
|
|
6
|
+
|
|
7
|
+
1. **BRD** — captures business problem, measurable outcome, stakeholders, constraints, risks, and success metrics.
|
|
8
|
+
2. **PRD** — references the BRD, translates business outcomes into user stories, acceptance criteria, implementation decisions, and testing decisions.
|
|
9
|
+
3. **Tickets/issues/work items** — reference both BRD and PRD, slice implementation as tracer bullets, and carry acceptance criteria.
|
|
10
|
+
4. **Agent brief** — references the ticket, PRD, relevant ADRs, Archgate rules, and verification commands.
|
|
11
|
+
5. **Drift report** — checks PR diff against BRD, PRD, acceptance criteria, ADRs, and `.rules.ts`.
|
|
12
|
+
|
|
13
|
+
## Minimum fields
|
|
14
|
+
|
|
15
|
+
### BRD
|
|
16
|
+
|
|
17
|
+
- `BRD ID`
|
|
18
|
+
- `Business problem`
|
|
19
|
+
- `Target users/stakeholders`
|
|
20
|
+
- `Desired outcomes / metrics`
|
|
21
|
+
- `Constraints and non-goals`
|
|
22
|
+
- `Risks and open questions`
|
|
23
|
+
|
|
24
|
+
### PRD
|
|
25
|
+
|
|
26
|
+
- `PRD ID`
|
|
27
|
+
- `BRD link`
|
|
28
|
+
- `Problem statement`
|
|
29
|
+
- `Solution`
|
|
30
|
+
- `User stories`
|
|
31
|
+
- `Acceptance criteria`
|
|
32
|
+
- `Implementation decisions`
|
|
33
|
+
- `Testing decisions`
|
|
34
|
+
- Optional `versionImpact` metadata (`major|minor|patch|none`) when the product owner wants an explicit release-impact claim; release tooling must still infer impact from PRD/spec prose when this field is absent.
|
|
35
|
+
- `Out of scope`
|
|
36
|
+
|
|
37
|
+
### Ticket/work item
|
|
38
|
+
|
|
39
|
+
- `BRD link`
|
|
40
|
+
- `PRD link`
|
|
41
|
+
- `Parent link`
|
|
42
|
+
- `What to build`
|
|
43
|
+
- `Acceptance criteria`
|
|
44
|
+
- `Version impact` — copy the highest available PRD/spec/ADR signal; do not infer a lower impact from commits when the product spec says otherwise.
|
|
45
|
+
- `Blocked by`
|
|
46
|
+
- `Verification`
|
|
47
|
+
|
|
48
|
+
## Version-impact signal precedence
|
|
49
|
+
|
|
50
|
+
Use a **highest-signal-wins** rule whenever release/versioning behavior needs a version-impact decision:
|
|
51
|
+
|
|
52
|
+
1. Explicit PRD, product spec, acceptance criteria, or ADR compatibility statements.
|
|
53
|
+
2. Ticket/work-item version-impact fields copied from the PRD/spec chain.
|
|
54
|
+
3. Conventional-commit or diff inference.
|
|
55
|
+
4. Operator defaults or unknown impact.
|
|
56
|
+
|
|
57
|
+
If signals conflict, preserve every signal in the audit record and select the highest-priority source above. Do not downgrade a PRD/spec breaking-change signal because commits look non-breaking.
|
|
58
|
+
|
|
59
|
+
## Skill handoffs
|
|
60
|
+
|
|
61
|
+
- `to-prd` consumes a BRD link/ID when present and writes it into the PRD Traceability section.
|
|
62
|
+
- `to-issues` copies BRD and PRD backlinks into every generated ticket/work item.
|
|
63
|
+
- `triage` preserves traceability fields while changing state/labels/tags.
|
|
64
|
+
- `ai-catapult-init` release versioning consumes PRD/spec prose and optional `versionImpact` metadata as auditable inputs; incompatible explicit claims must be recorded for review before tagging.
|
|
@@ -0,0 +1,110 @@
|
|
|
1
|
+
# Cascade Module
|
|
2
|
+
|
|
3
|
+
Read when initializing multiple repositories together or when an umbrella repository must keep parent/child work items, traceability graphs, workflow handoffs, and tracker links in sync. This module owns multi-repo orchestration, idempotency, parent/child linking, reconciliation, and composition of tracker adapters with host-policy safety.
|
|
4
|
+
|
|
5
|
+
## Generated outputs
|
|
6
|
+
|
|
7
|
+
| Output | Purpose |
|
|
8
|
+
| --- | --- |
|
|
9
|
+
| `.ai/cascade/cascade-plan.json` | Machine-readable plan for topology discovery, parent/child work items, host adapters, and intended mutations. |
|
|
10
|
+
| `.ai/cascade/audit.jsonl` | Append-only audit of dry-run, blocked, confirmed, apply, readback, and idempotent update events. |
|
|
11
|
+
| `.ai/cascade/reconciliation-report.md` | Human report proving linked items are present, duplicates are absent, and host/local readback matched. |
|
|
12
|
+
| `.ai/cascade/host-adapters/<host>.json` | Mocked adapter contract fixture for GitHub, Azure DevOps, GitLab, Jira, and Local Markdown. |
|
|
13
|
+
|
|
14
|
+
Workflow and handoff surfaces must link to the cascade plan, audit, and reconciliation report when this branch is available.
|
|
15
|
+
|
|
16
|
+
## Common cascade workflow
|
|
17
|
+
|
|
18
|
+
1. **Discover topology** — read `.ai/matrix.json`; standalone repos produce a no-op plan unless the user explicitly selects multiple repos. Umbrella repos read `managed_repositories` and reject paths that violate the topology depth rule.
|
|
19
|
+
2. **Plan links** — create a parent work item for the mother repo and child work items for each managed repo; every child records `parent_id`, `parent_url` or `parent_path`, BRD/PRD links, and traceability node IDs.
|
|
20
|
+
3. **Dry-run mutations** — route hosted changes through `modules/host-policy-automation.md`; local markdown writes remain normal file writes but still appear in the dry-run plan.
|
|
21
|
+
4. **First-run confirmation** — the first externally visible apply requires a confirmation token matching `^ct-[0-9]{4}-[0-9]{2}-[0-9]{2}-[0-9]{3}$`. Without it, hosted adapters must return `apply-blocked-no-confirmation` and must not call mutation endpoints.
|
|
22
|
+
5. **Apply and readback** — apply only the confirmed plan, capture host response IDs/ETags/version numbers, then read back each parent/child link before reporting success.
|
|
23
|
+
6. **Idempotent subsequent update** — after a confirmed cascade scope exists, later runs update the known linked items by stable ID instead of creating duplicates. Unsupported, destructive, or policy-changing mutations still require fresh confirmation.
|
|
24
|
+
7. **Audit and reconcile** — append every dry-run/apply/readback/idempotency event to `.ai/cascade/audit.jsonl`, then write `.ai/cascade/reconciliation-report.md` with duplicate count, missing link count, and readback status.
|
|
25
|
+
|
|
26
|
+
## Host adapter cascade contract
|
|
27
|
+
|
|
28
|
+
Each configured host adapter must expose the same logical operations:
|
|
29
|
+
|
|
30
|
+
- `discover_scope`
|
|
31
|
+
- `plan_parent_item`
|
|
32
|
+
- `plan_child_item`
|
|
33
|
+
- `dry_run`
|
|
34
|
+
- `confirm_first_run`
|
|
35
|
+
- `apply_confirmed_plan`
|
|
36
|
+
- `readback_links`
|
|
37
|
+
- `apply_idempotent_update`
|
|
38
|
+
- `audit_event`
|
|
39
|
+
- `reconcile`
|
|
40
|
+
|
|
41
|
+
Configured hosts are `github`, `ado`, `gitlab`, `jira`, and `local-markdown`. Hosted adapters delegate externally visible mutation safety to `modules/host-policy-automation.md`; local markdown writes still record audit/readback evidence but do not need confirmation.
|
|
42
|
+
|
|
43
|
+
## Host adapter JSON schema
|
|
44
|
+
|
|
45
|
+
Each `.ai/cascade/host-adapters/<host>.json` is a mocked, offline contract fixture — never a live connector and never a credential store. The schema is intentionally small so the idempotency and no-duplicate guarantees are mechanically checkable without a network:
|
|
46
|
+
|
|
47
|
+
| Field | Type | Meaning |
|
|
48
|
+
| --- | --- | --- |
|
|
49
|
+
| `schema_version` | string | Adapter contract version (`"1.0"`). |
|
|
50
|
+
| `host` | string | One of `github`, `ado`, `gitlab`, `jira`, `local-markdown`. |
|
|
51
|
+
| `host_label` | string | Human label for the tracker surface. |
|
|
52
|
+
| `hosted` | bool | `true` for externally visible hosts; `false` for `local-markdown`. |
|
|
53
|
+
| `adapter_doc` | string | Pointer to the `setup-skills/*` adapter detail doc. |
|
|
54
|
+
| `operations` | string[] | Exactly the 10 logical operations (see below). |
|
|
55
|
+
| `safety` | object | `credentials_stored: false`, `host_policy_mutation: false`, and (for hosted) `first_run_without_confirmation: "blocked"`, `confirmation_token_required: true`, `confirmation_token` matching `^ct-[0-9]{4}-[0-9]{2}-[0-9]{2}-[0-9]{3}$`. |
|
|
56
|
+
| `dry_run` | object | Planned mutation summary (`status`, `would_create_parent`, `would_create_children`). No external call. |
|
|
57
|
+
| `apply` | object | First confirmed apply result (`status`, `parent_key`, `child_keys`). |
|
|
58
|
+
| `second_run` | object | Idempotent re-run result: `status: "updated-existing"`, `duplicates_created: 0`, and a stable `idempotency_key`. |
|
|
59
|
+
| `readback` | object | Required link evidence: `status`, `parent_link_present`, `child_links_present`. |
|
|
60
|
+
| `audit_path` | string | Pointer to `.ai/cascade/audit.jsonl`. |
|
|
61
|
+
|
|
62
|
+
The `operations` array is exactly these 10 logical ops: `discover_scope`, `plan_parent_item`, `plan_child_item`, `dry_run`, `confirm_first_run`, `apply_confirmed_plan`, `readback_links`, `apply_idempotent_update`, `audit_event`, `reconcile`.
|
|
63
|
+
|
|
64
|
+
### Stable idempotency key
|
|
65
|
+
|
|
66
|
+
`second_run.idempotency_key` is the stable key (derived from the cascade `cascade_id`, e.g. `init-ai-repo:<repo-id>:cascade`) that maps the cascade scope to already-created host work items. On any re-run, the adapter resolves the existing child by this key and **updates it in place** (`status: "updated-existing"`) instead of creating a duplicate; `duplicates_created` stays `0`. This is the contract that makes the no-duplicate-child guarantee testable offline (see `tests/cascade-host-adapter-schema_test.sh`, which runs a mocked adapter twice and asserts a single child).
|
|
67
|
+
|
|
68
|
+
### No credentials
|
|
69
|
+
|
|
70
|
+
Adapter fixtures must never contain API tokens, access/refresh tokens, OAuth secrets, bearer headers, passwords, or any `authorization:` material. Credential handling is owned by `setup-skills` configuration and `modules/host-policy-automation.md`, never serialized into cascade artifacts.
|
|
71
|
+
|
|
72
|
+
```json
|
|
73
|
+
{
|
|
74
|
+
"schema_version": "1.0",
|
|
75
|
+
"host": "github",
|
|
76
|
+
"hosted": true,
|
|
77
|
+
"operations": [
|
|
78
|
+
"discover_scope", "plan_parent_item", "plan_child_item", "dry_run",
|
|
79
|
+
"confirm_first_run", "apply_confirmed_plan", "readback_links",
|
|
80
|
+
"apply_idempotent_update", "audit_event", "reconcile"
|
|
81
|
+
],
|
|
82
|
+
"safety": {
|
|
83
|
+
"first_run_without_confirmation": "blocked",
|
|
84
|
+
"confirmation_token_required": true,
|
|
85
|
+
"confirmation_token": "ct-2026-06-27-001",
|
|
86
|
+
"credentials_stored": false,
|
|
87
|
+
"host_policy_mutation": false
|
|
88
|
+
},
|
|
89
|
+
"apply": { "status": "created-or-linked", "parent_key": "GH-101", "child_keys": ["GH-102"] },
|
|
90
|
+
"second_run": { "status": "updated-existing", "duplicates_created": 0, "idempotency_key": "init-ai-repo:umbrella-root:cascade" },
|
|
91
|
+
"readback": { "status": "match", "parent_link_present": true, "child_links_present": true }
|
|
92
|
+
}
|
|
93
|
+
```
|
|
94
|
+
|
|
95
|
+
## Safety rules
|
|
96
|
+
|
|
97
|
+
- Never auto-create hosted parent/child items on the first run without an explicit confirmation token.
|
|
98
|
+
- Never create duplicate child work items when a stable `cascade_id` or traceability node already maps to a host item.
|
|
99
|
+
- Never store credentials, API tokens, OAuth refresh tokens, or secret headers in cascade plans, host adapter fixtures, audit logs, or reconciliation reports.
|
|
100
|
+
- Never downgrade missing readback to success; if readback cannot prove parent/child links, reconciliation status is `fail` or `blocked`.
|
|
101
|
+
- Never mutate host branch, project, workflow, permission, or approval policy from cascade; those changes remain owned by `host-policy-automation.md` and require their own confirmation.
|
|
102
|
+
|
|
103
|
+
## Cross-skill contracts
|
|
104
|
+
|
|
105
|
+
- `ai-catapult-init` creates the cascade plan, links it from workflow/handoff, and validates no duplicates.
|
|
106
|
+
- `setup-skills` supplies host adapter operation details for GitHub, Azure DevOps, GitLab, Jira, and Local Markdown.
|
|
107
|
+
- `to-issues` creates or updates child work items using the cascade stable IDs instead of free-form duplicates.
|
|
108
|
+
- `triage` preserves parent/child backlinks when issue state changes.
|
|
109
|
+
- `to-prd` and `brd-prd-traceability.md` provide BRD/PRD links for parent and child items.
|
|
110
|
+
- `traceability.md` records parent/child host URLs or local paths as graph nodes and edges.
|
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
# CI and Branch Policy Module
|
|
2
|
+
|
|
3
|
+
Read when adding CI files or branch-policy/ruleset checklist artifacts. This module is scaffold guidance, not hosted-policy automation.
|
|
4
|
+
|
|
5
|
+
## Official docs anchors
|
|
6
|
+
|
|
7
|
+
- GitHub rulesets: https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-rulesets/about-rulesets
|
|
8
|
+
- GitHub branch protection: https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches
|
|
9
|
+
- Azure Repos branch policies: https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies-overview?view=azure-devops
|
|
10
|
+
- Azure Repos policy settings and build validation: https://learn.microsoft.com/en-us/azure/devops/repos/git/branch-policies?view=azure-devops
|
|
11
|
+
- Azure Pipelines triggers: https://learn.microsoft.com/en-us/azure/devops/pipelines/build/triggers?view=azure-devops
|
|
12
|
+
|
|
13
|
+
## Safety boundary
|
|
14
|
+
|
|
15
|
+
By default, write checklist artifacts into the repo. Do not call GitHub or Azure DevOps APIs/CLIs that mutate branch rules, rulesets, or policies unless the user explicitly requests it and confirms admin credentials/permissions.
|
|
16
|
+
|
|
17
|
+
Every initialized implementation assumes protected `main` and PR-only delivery. The scaffold may emit provider-specific checklists/config templates for branch rules, but hosted policy mutation remains opt-in and explicit.
|
|
18
|
+
|
|
19
|
+
## GitHub path
|
|
20
|
+
|
|
21
|
+
### CI scaffold
|
|
22
|
+
|
|
23
|
+
- Write `.github/workflows/ci-prek.yml` as a separate workflow.
|
|
24
|
+
- Keep existing `.github/workflows/ci.yml` intact.
|
|
25
|
+
- Include the `validate-rules` prek hook and any detected language-pack checks.
|
|
26
|
+
|
|
27
|
+
### Branch ruleset/protection checklist
|
|
28
|
+
|
|
29
|
+
Create `docs/agents/branch-policy-github.md` with:
|
|
30
|
+
|
|
31
|
+
- Default branch target, usually `main` or `dev`.
|
|
32
|
+
- Required PR before merge.
|
|
33
|
+
- Protected `main` ruleset/protection intent; direct pushes are disallowed.
|
|
34
|
+
- Required status checks, including the AI SDLC prek workflow.
|
|
35
|
+
- Required review count and stale-review dismissal policy.
|
|
36
|
+
- Whether administrators may self-approve PRs through admin approve/admin bypass, and the local policy rationale when allowed; this is valid only when the host/runtime explicitly supports admin approval for the same actor. GitHub hosted PR review rejects same-actor approval, so GitHub requires a distinct admin reviewer or explicit admin bypass/admin merge with actor, authority, reason, checks, and approval mode recorded.
|
|
37
|
+
- Optional linear history, signed commits, merge queue, or deployment requirements.
|
|
38
|
+
- Ruleset/protection owner and whether enforcement is active, evaluate-only, or checklist-only.
|
|
39
|
+
- Links to the official GitHub rulesets and branch protection docs above.
|
|
40
|
+
|
|
41
|
+
### PR merge gate
|
|
42
|
+
|
|
43
|
+
For any PR workflow or branch-policy checklist created by this skill, state that merge is allowed only when all of these are true:
|
|
44
|
+
|
|
45
|
+
- **Architect** agrees the PR still matches ADRs, module boundaries, branch policy, and acceptance criteria.
|
|
46
|
+
- **Reviewer** agrees code quality, safety, documentation, and drift checks have no blocking findings.
|
|
47
|
+
- **Executor** agrees the requested change is complete, cleanup is done, and required checks are green.
|
|
48
|
+
- All actionable PR comments are resolved.
|
|
49
|
+
- Eval coverage: structurally valid eval declaration required. A skill changed in the PR diff that declares an `eval:` key (a shippable capability) must reference a structurally valid evalset — an `.ai/evals/<set>/` directory with `evalset.json`, `rubric.md`, and `judge-config.json`, each parsing and well-formed. Doc-only or unchanged skills are exempt, and an audited-exception token in `.ai/evals/coverage-exceptions.json` (owner, reason, expiry) bypasses the gate for non-shippable changes. This check is offline and deterministic: eval coverage is enforced structurally in CI; eval quality is verified via an out-of-band LM-judge run, never by a model or network call in CI. See `modules/evals.md`.
|
|
50
|
+
- Observability audit: the generated `.ai/observability/audit-checklist.md` token-cost and trajectory-audit checklist has been reviewed for any PR that changes agent behavior. This check is offline and deterministic: the checklist is a generated convention; token-cost and trajectory metering run out-of-band, never as a model or network call in CI. See `modules/documentation-blueprint.md` and ADR-0005.
|
|
51
|
+
- AI-failure-mode review: for any PR containing AI-generated or AI-assisted code, the generated `.ai/reviews/ai-failure-modes.md` checklist has been worked through — hallucinated dependencies, slopsquatting, inadequate error handling, and "looks-right" / subtle correctness gaps. This check is offline and deterministic: the checklist is a generated review convention, not a live CI gate. See `modules/documentation-blueprint.md` (spec §4.B).
|
|
52
|
+
- Local CI and host SCM CI (GitHub Actions, Azure Pipelines, or GitLab CI as applicable) are green.
|
|
53
|
+
- The architect, reviewer, and executor loop reaches explicit agreement. If any role disagrees, comments remain actionable, or checks are not green, do not merge.
|
|
54
|
+
- Auto-merge may be enabled only after actionable comments are resolved, local CI and host SCM CI are green, the architect/reviewer/executor loop agrees, and branch policy permits merge.
|
|
55
|
+
|
|
56
|
+
## Azure DevOps path
|
|
57
|
+
|
|
58
|
+
### CI scaffold
|
|
59
|
+
|
|
60
|
+
Write `azure-pipelines.yml` only when ADO Pipelines is selected:
|
|
61
|
+
|
|
62
|
+
```yaml
|
|
63
|
+
trigger:
|
|
64
|
+
branches:
|
|
65
|
+
include:
|
|
66
|
+
- main
|
|
67
|
+
|
|
68
|
+
pr:
|
|
69
|
+
branches:
|
|
70
|
+
include:
|
|
71
|
+
- main
|
|
72
|
+
|
|
73
|
+
pool:
|
|
74
|
+
vmImage: ubuntu-latest
|
|
75
|
+
|
|
76
|
+
steps:
|
|
77
|
+
- checkout: self
|
|
78
|
+
- script: bash scripts/validate-rules.sh .rules.ts
|
|
79
|
+
displayName: Validate Archgate rules
|
|
80
|
+
```
|
|
81
|
+
|
|
82
|
+
### Branch policy/build-validation checklist
|
|
83
|
+
|
|
84
|
+
Create `docs/agents/branch-policy-ado.md` with:
|
|
85
|
+
|
|
86
|
+
- Project, repository, and protected branch target.
|
|
87
|
+
- Minimum reviewer count.
|
|
88
|
+
- Linked work-item requirement when desired.
|
|
89
|
+
- Comment resolution requirement.
|
|
90
|
+
- Build validation policy referencing the selected pipeline.
|
|
91
|
+
- Required status/check naming convention.
|
|
92
|
+
- Whether administrators may self-approve PRs through admin approve/admin bypass, and the local policy rationale when allowed; this is valid only when the host/runtime explicitly supports admin approval for the same actor and the merge record captures actor, authority, reason, checks, and approval mode.
|
|
93
|
+
- Distinction between YAML `pr` triggers and Azure Repos branch-policy build validation.
|
|
94
|
+
- Links to the official Microsoft branch policy and pipeline trigger docs above.
|
|
95
|
+
|
|
96
|
+
## GitLab/local path
|
|
97
|
+
|
|
98
|
+
Keep existing GitLab/local tracker support. If GitLab CI or local-only checks are selected, write a checklist that mirrors the same intent: protected main/default branch, PR/MR-only delivery, required review, required checks, comment resolution, traceability, and explicit owner.
|
|
99
|
+
|
|
100
|
+
## Validation CI vs release CI
|
|
101
|
+
|
|
102
|
+
The `ai-catapult-init` scaffold produces two distinct CI flows. They must be kept separate:
|
|
103
|
+
|
|
104
|
+
- **Validation CI** (`.github/workflows/ci-prek.yml` and equivalents for Azure Pipelines and GitLab CI) — runs on every push and PR. Owns prek hooks, Archgate structural checks, language-pack checks, golden verification, and lint/typecheck/test. Status checks from validation CI gate PR merges.
|
|
105
|
+
- **Release CI** (`modules/release-versioning.md` provider templates) — runs on push to `main`, on tag push, and via `workflow_dispatch`. Owns the release/versioning strategy, the `release.json` manifest, the tag guardrails, and the optional publish step. Status checks from release CI gate tag creation, not PR merges.
|
|
106
|
+
|
|
107
|
+
A common mistake is to fold release logic into validation CI (e.g. running semantic-release on every push). This module explicitly rejects that pattern. Release CI must not run on PRs, and validation CI must not produce tags or push to registries.
|