@trohde/earos 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (135) hide show
  1. package/README.md +156 -0
  2. package/assets/init/.agents/skills/earos-artifact-gen/SKILL.md +106 -0
  3. package/assets/init/.agents/skills/earos-artifact-gen/references/interview-guide.md +313 -0
  4. package/assets/init/.agents/skills/earos-artifact-gen/references/output-guide.md +367 -0
  5. package/assets/init/.agents/skills/earos-assess/SKILL.md +212 -0
  6. package/assets/init/.agents/skills/earos-assess/references/calibration-benchmarks.md +160 -0
  7. package/assets/init/.agents/skills/earos-assess/references/output-templates.md +311 -0
  8. package/assets/init/.agents/skills/earos-assess/references/scoring-protocol.md +281 -0
  9. package/assets/init/.agents/skills/earos-calibrate/SKILL.md +153 -0
  10. package/assets/init/.agents/skills/earos-calibrate/references/agreement-metrics.md +188 -0
  11. package/assets/init/.agents/skills/earos-calibrate/references/calibration-protocol.md +263 -0
  12. package/assets/init/.agents/skills/earos-create/SKILL.md +257 -0
  13. package/assets/init/.agents/skills/earos-create/references/criterion-writing-guide.md +268 -0
  14. package/assets/init/.agents/skills/earos-create/references/dependency-rules.md +193 -0
  15. package/assets/init/.agents/skills/earos-create/references/rubric-interview-guide.md +123 -0
  16. package/assets/init/.agents/skills/earos-create/references/validation-checklist.md +238 -0
  17. package/assets/init/.agents/skills/earos-profile-author/SKILL.md +251 -0
  18. package/assets/init/.agents/skills/earos-profile-author/references/criterion-writing-guide.md +280 -0
  19. package/assets/init/.agents/skills/earos-profile-author/references/design-methods.md +158 -0
  20. package/assets/init/.agents/skills/earos-profile-author/references/profile-checklist.md +173 -0
  21. package/assets/init/.agents/skills/earos-remediate/SKILL.md +118 -0
  22. package/assets/init/.agents/skills/earos-remediate/references/output-template.md +199 -0
  23. package/assets/init/.agents/skills/earos-remediate/references/remediation-patterns.md +330 -0
  24. package/assets/init/.agents/skills/earos-report/SKILL.md +85 -0
  25. package/assets/init/.agents/skills/earos-report/references/portfolio-template.md +181 -0
  26. package/assets/init/.agents/skills/earos-report/references/single-artifact-template.md +168 -0
  27. package/assets/init/.agents/skills/earos-review/SKILL.md +130 -0
  28. package/assets/init/.agents/skills/earos-review/references/challenge-patterns.md +163 -0
  29. package/assets/init/.agents/skills/earos-review/references/output-template.md +180 -0
  30. package/assets/init/.agents/skills/earos-template-fill/SKILL.md +177 -0
  31. package/assets/init/.agents/skills/earos-template-fill/references/evidence-writing-guide.md +186 -0
  32. package/assets/init/.agents/skills/earos-template-fill/references/section-rubric-mapping.md +200 -0
  33. package/assets/init/.agents/skills/earos-validate/SKILL.md +113 -0
  34. package/assets/init/.agents/skills/earos-validate/references/fix-patterns.md +281 -0
  35. package/assets/init/.agents/skills/earos-validate/references/validation-checks.md +287 -0
  36. package/assets/init/.claude/CLAUDE.md +4 -0
  37. package/assets/init/AGENTS.md +293 -0
  38. package/assets/init/CLAUDE.md +635 -0
  39. package/assets/init/README.md +507 -0
  40. package/assets/init/calibration/gold-set/.gitkeep +0 -0
  41. package/assets/init/calibration/results/.gitkeep +0 -0
  42. package/assets/init/core/core-meta-rubric.yaml +643 -0
  43. package/assets/init/docs/consistency-report.md +325 -0
  44. package/assets/init/docs/getting-started.md +194 -0
  45. package/assets/init/docs/profile-authoring-guide.md +51 -0
  46. package/assets/init/docs/terminology.md +126 -0
  47. package/assets/init/earos.manifest.yaml +104 -0
  48. package/assets/init/evaluations/.gitkeep +0 -0
  49. package/assets/init/examples/aws-event-driven-order-processing/artifact.yaml +2056 -0
  50. package/assets/init/examples/aws-event-driven-order-processing/evaluation.yaml +973 -0
  51. package/assets/init/examples/aws-event-driven-order-processing/report.md +244 -0
  52. package/assets/init/examples/example-solution-architecture.evaluation.yaml +136 -0
  53. package/assets/init/examples/multi-cloud-data-analytics/artifact.yaml +715 -0
  54. package/assets/init/overlays/data-governance.yaml +94 -0
  55. package/assets/init/overlays/regulatory.yaml +154 -0
  56. package/assets/init/overlays/security.yaml +92 -0
  57. package/assets/init/profiles/adr.yaml +225 -0
  58. package/assets/init/profiles/capability-map.yaml +223 -0
  59. package/assets/init/profiles/reference-architecture.yaml +426 -0
  60. package/assets/init/profiles/roadmap.yaml +205 -0
  61. package/assets/init/profiles/solution-architecture.yaml +227 -0
  62. package/assets/init/research/architecture-assessment-rubrics-research.docx +0 -0
  63. package/assets/init/research/architecture-assessment-rubrics-research.md +566 -0
  64. package/assets/init/research/reference-architecture-research.md +751 -0
  65. package/assets/init/standard/EAROS.md +1426 -0
  66. package/assets/init/standard/schemas/artifact.schema.json +1295 -0
  67. package/assets/init/standard/schemas/artifact.uischema.json +65 -0
  68. package/assets/init/standard/schemas/evaluation.schema.json +284 -0
  69. package/assets/init/standard/schemas/rubric.schema.json +383 -0
  70. package/assets/init/templates/evaluation-record.template.yaml +58 -0
  71. package/assets/init/templates/new-profile.template.yaml +65 -0
  72. package/bin.js +188 -0
  73. package/dist/assets/_basePickBy-BVu6YmSW.js +1 -0
  74. package/dist/assets/_baseUniq-CWRzQDz_.js +1 -0
  75. package/dist/assets/arc-CyDBhtDM.js +1 -0
  76. package/dist/assets/architectureDiagram-2XIMDMQ5-BH6O4dvN.js +36 -0
  77. package/dist/assets/blockDiagram-WCTKOSBZ-2xmwdjpg.js +132 -0
  78. package/dist/assets/c4Diagram-IC4MRINW-BNmPRFJF.js +10 -0
  79. package/dist/assets/channel-CiySTNoJ.js +1 -0
  80. package/dist/assets/chunk-4BX2VUAB-DGQTvirp.js +1 -0
  81. package/dist/assets/chunk-55IACEB6-DNMAQAC_.js +1 -0
  82. package/dist/assets/chunk-FMBD7UC4-BJbVTQ5o.js +15 -0
  83. package/dist/assets/chunk-JSJVCQXG-BCxUL74A.js +1 -0
  84. package/dist/assets/chunk-KX2RTZJC-H7wWZOfz.js +1 -0
  85. package/dist/assets/chunk-NQ4KR5QH-BK4RlTQF.js +220 -0
  86. package/dist/assets/chunk-QZHKN3VN-0chxDV5g.js +1 -0
  87. package/dist/assets/chunk-WL4C6EOR-DexfQ-AV.js +189 -0
  88. package/dist/assets/classDiagram-VBA2DB6C-D7luWJQn.js +1 -0
  89. package/dist/assets/classDiagram-v2-RAHNMMFH-D7luWJQn.js +1 -0
  90. package/dist/assets/clone-ylgRbd3D.js +1 -0
  91. package/dist/assets/cose-bilkent-S5V4N54A-DS2IOCfZ.js +1 -0
  92. package/dist/assets/cytoscape.esm-CyJtwmzi.js +331 -0
  93. package/dist/assets/dagre-KLK3FWXG-BbSoTTa3.js +4 -0
  94. package/dist/assets/defaultLocale-DX6XiGOO.js +1 -0
  95. package/dist/assets/diagram-E7M64L7V-C9TvYgv0.js +24 -0
  96. package/dist/assets/diagram-IFDJBPK2-DowUMWrg.js +43 -0
  97. package/dist/assets/diagram-P4PSJMXO-BL6nrnQF.js +24 -0
  98. package/dist/assets/erDiagram-INFDFZHY-rXPRl8VM.js +70 -0
  99. package/dist/assets/flowDiagram-PKNHOUZH-DBRM99-W.js +162 -0
  100. package/dist/assets/ganttDiagram-A5KZAMGK-INcWFsBT.js +292 -0
  101. package/dist/assets/gitGraphDiagram-K3NZZRJ6-DMwpfE91.js +65 -0
  102. package/dist/assets/graph-DLQn37b-.js +1 -0
  103. package/dist/assets/index-BFFITMT8.js +650 -0
  104. package/dist/assets/index-H7f6VTz1.css +1 -0
  105. package/dist/assets/infoDiagram-LFFYTUFH-B0f4TWRM.js +2 -0
  106. package/dist/assets/init-Gi6I4Gst.js +1 -0
  107. package/dist/assets/ishikawaDiagram-PHBUUO56-CsU6XimZ.js +70 -0
  108. package/dist/assets/journeyDiagram-4ABVD52K-CQ7ibNib.js +139 -0
  109. package/dist/assets/kanban-definition-K7BYSVSG-DzEN7THt.js +89 -0
  110. package/dist/assets/katex-B1X10hvy.js +261 -0
  111. package/dist/assets/layout-C0dvb42R.js +1 -0
  112. package/dist/assets/linear-j4a8mGj7.js +1 -0
  113. package/dist/assets/mindmap-definition-YRQLILUH-DP8iEuCf.js +68 -0
  114. package/dist/assets/ordinal-Cboi1Yqb.js +1 -0
  115. package/dist/assets/pieDiagram-SKSYHLDU-BpIAXgAm.js +30 -0
  116. package/dist/assets/quadrantDiagram-337W2JSQ-DrpXn5Eg.js +7 -0
  117. package/dist/assets/requirementDiagram-Z7DCOOCP-Bg7EwHlG.js +73 -0
  118. package/dist/assets/sankeyDiagram-WA2Y5GQK-BWagRs1F.js +10 -0
  119. package/dist/assets/sequenceDiagram-2WXFIKYE-q5jwhivG.js +145 -0
  120. package/dist/assets/stateDiagram-RAJIS63D-B_J9pE-2.js +1 -0
  121. package/dist/assets/stateDiagram-v2-FVOUBMTO-Q_1GcybB.js +1 -0
  122. package/dist/assets/timeline-definition-YZTLITO2-dv0jgQ0z.js +61 -0
  123. package/dist/assets/treemap-KZPCXAKY-Dt1dkIE7.js +162 -0
  124. package/dist/assets/vennDiagram-LZ73GAT5-BdO5RgRZ.js +34 -0
  125. package/dist/assets/xychartDiagram-JWTSCODW-CpDVe-8v.js +7 -0
  126. package/dist/index.html +23 -0
  127. package/export-docx.js +1583 -0
  128. package/init.js +353 -0
  129. package/manifest-cli.mjs +207 -0
  130. package/package.json +83 -0
  131. package/schemas/artifact.schema.json +1295 -0
  132. package/schemas/artifact.uischema.json +65 -0
  133. package/schemas/evaluation.schema.json +284 -0
  134. package/schemas/rubric.schema.json +383 -0
  135. package/serve.js +238 -0
package/schemas/artifact.schema.json ADDED
@@ -0,0 +1,1295 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://earos.io/schemas/artifact.schema.json",
4
+ "title": "EAROS Architecture Artifact",
5
+ "description": "Schema for EAROS-governed architecture artifact documents. Derived from the required_evidence fields of the core meta-rubric (EAROS-CORE-002) and artifact-type profiles. Sections map directly to rubric criteria so that a well-completed document generates the evidence an assessor needs. Derivation chain: Rubric criteria (required_evidence) → this schema (sections) → artifact document → evaluation record.",
6
+ "type": "object",
7
+ "required": ["kind", "artifact_type", "metadata", "sections"],
8
+ "properties": {
9
+ "kind": {
10
+ "type": "string",
11
+ "const": "artifact",
12
+ "title": "Document kind",
13
+ "description": "Fixed discriminator value. Always 'artifact' for architecture documents. Distinguishes from 'core_rubric', 'profile', 'overlay', and 'evaluation' file kinds."
14
+ },
15
+ "artifact_type": {
16
+ "type": "string",
17
+ "enum": ["reference_architecture"],
18
+ "title": "Artifact type",
19
+ "description": "The type of architecture artifact this document represents. Determines which EAROS profile applies alongside the core meta-rubric. 'reference_architecture' uses profile EAROS-REFARCH-001."
20
+ },
21
+ "metadata": {
22
+ "type": "object",
23
+ "title": "Document metadata",
24
+ "description": "Administrative and identification fields. Maps to evidence required by core criteria STK-01 (purpose, stakeholders, decision_context) and MNT-01 (owner, version, last_updated, change_log). All required fields must be present for a score above 1 on MNT-01.",
25
+ "required": ["title", "version", "status", "owner", "purpose"],
26
+ "properties": {
27
+ "title": {
28
+ "type": "string",
29
+ "title": "Title",
30
+ "description": "Full title of the architecture document. Should identify the system or platform and the nature of the document. Example: 'Payments Platform Reference Architecture v2'."
31
+ },
32
+ "version": {
33
+ "type": "string",
34
+ "title": "Version",
35
+ "description": "Semantic version of this artifact (MAJOR.MINOR.PATCH). Increment MAJOR for breaking structural changes, MINOR for new sections or significant content updates, PATCH for corrections and clarifications.",
36
+ "pattern": "^\\d+\\.\\d+\\.\\d+$",
37
+ "examples": ["1.0.0", "2.1.0"]
38
+ },
39
+ "status": {
40
+ "type": "string",
41
+ "title": "Status",
42
+ "description": "Lifecycle status: 'draft' (in progress, not yet reviewed), 'candidate' (ready for Architecture Board review), 'approved' (formally accepted), 'deprecated' (superseded by a newer version).",
43
+ "enum": ["draft", "candidate", "approved", "deprecated"]
44
+ },
45
+ "author": {
46
+ "type": "string",
47
+ "title": "Author",
48
+ "description": "Individual who created or last significantly updated this document. This is authorship credit, not ongoing ownership responsibility."
49
+ },
50
+ "owner": {
51
+ "type": "string",
52
+ "title": "Owner",
53
+ "description": "Team or individual with ongoing stewardship responsibility for this document. The owner keeps it current, triages feedback from adopting teams, and decides when to deprecate. Evidence for core criterion MNT-01. Example: 'Enterprise Architecture, Payments Domain'."
54
+ },
55
+ "effective_date": {
56
+ "type": "string",
57
+ "format": "date",
58
+ "title": "Effective date",
59
+ "description": "Date from which this version is the active reference. Format: YYYY-MM-DD."
60
+ },
61
+ "next_review_date": {
62
+ "type": "string",
63
+ "format": "date",
64
+ "title": "Next review date",
65
+ "description": "Date by which this document must be reviewed and either reconfirmed or updated. Establishes a review cadence, which is evidence for MNT-01 score ≥ 3. Format: YYYY-MM-DD."
66
+ },
67
+ "last_updated": {
68
+ "type": "string",
69
+ "format": "date",
70
+ "title": "Last updated",
71
+ "description": "Date of the most recent substantive change. Format: YYYY-MM-DD."
72
+ },
73
+ "purpose": {
74
+ "type": "string",
75
+ "title": "Purpose statement",
76
+ "description": "One or two sentences stating what this document is for and what decisions it supports. Evidence for core criterion STK-01 (major gate). Example: 'This reference architecture defines the target pattern for all event-driven microservices on the Payments platform. It supports Architecture Board review and serves as the golden path for new service development.'"
77
+ },
78
+ "decision_context": {
79
+ "type": "string",
80
+ "title": "Decision or usage context",
81
+ "description": "The governance or project context in which this document is being used — the Architecture Board review it supports, the programme it belongs to, or the migration decision it underpins. Evidence for core criterion STK-01."
82
+ },
83
+ "stakeholders": {
84
+ "type": "array",
85
+ "title": "Stakeholders",
86
+ "description": "Named individuals or roles with a significant concern in this architecture. Each entry should identify who the stakeholder is and what concern this document addresses for them. Evidence for core criterion STK-01 (named stakeholder list required for score ≥ 2).",
87
+ "items": {
88
+ "type": "object",
89
+ "title": "Stakeholder",
90
+ "required": ["role"],
91
+ "properties": {
92
+ "name": {
93
+ "type": "string",
94
+ "title": "Name or team",
95
+ "description": "Individual name or team name (e.g. 'Head of Payments', 'Security Architecture', 'Platform Team')."
96
+ },
97
+ "role": {
98
+ "type": "string",
99
+ "title": "Role",
100
+ "description": "Stakeholder's organisational role or relationship to this architecture."
101
+ },
102
+ "concerns": {
103
+ "type": "string",
104
+ "title": "Concerns addressed",
105
+ "description": "What this stakeholder needs to understand from this document. Used to justify which views and sections are included. Evidence for core criterion STK-02 (concern-to-view mapping)."
106
+ }
107
+ }
108
+ }
109
+ },
110
+ "change_log": {
111
+ "type": "array",
112
+ "title": "Change log",
113
+ "description": "History of substantive changes to this document, most recent first. Provides provenance and supports governance traceability. Evidence for core criterion MNT-01 — a change log with at least one entry is required for MNT-01 score ≥ 3.",
114
+ "items": {
115
+ "type": "object",
116
+ "title": "Change log entry",
117
+ "required": ["version", "date", "changes"],
118
+ "properties": {
119
+ "version": {
120
+ "type": "string",
121
+ "title": "Version",
122
+ "description": "Version number this entry corresponds to."
123
+ },
124
+ "date": {
125
+ "type": "string",
126
+ "format": "date",
127
+ "title": "Date",
128
+ "description": "Date this version was published. Format: YYYY-MM-DD."
129
+ },
130
+ "author": {
131
+ "type": "string",
132
+ "title": "Author",
133
+ "description": "Who made the changes."
134
+ },
135
+ "changes": {
136
+ "type": "array",
137
+ "title": "Changes",
138
+ "description": "List of substantive changes in this version. Each item should describe what changed and why.",
139
+ "items": {
140
+ "type": "string"
141
+ },
142
+ "minItems": 1
143
+ }
144
+ }
145
+ }
146
+ }
147
+ }
148
+ },
149
+ "sections": {
150
+ "type": "object",
151
+ "title": "Document sections",
152
+ "description": "The substantive content of the architecture document, organised into assessment-aligned sections. Each section maps to one or more EAROS rubric criteria and their required_evidence fields. A section omitted or left empty will result in a lower score on the corresponding criterion.",
153
+ "required": ["scope"],
154
+ "properties": {
155
+ "reading_guide": {
156
+ "type": "object",
157
+ "title": "Reading guide",
158
+ "description": "Maps document sections to stakeholder concerns so readers know which parts address their specific interests. Evidence for core criterion STK-02. Having an explicit section-to-concern mapping is required for STK-02 score ≥ 3.",
159
+ "properties": {
160
+ "how_to_use": {
161
+ "type": "string",
162
+ "title": "How to use this document",
163
+ "description": "Brief narrative explaining the document's structure and how different readers should navigate it."
164
+ },
165
+ "section_map": {
166
+ "type": "array",
167
+ "title": "Section-to-concern mapping",
168
+ "description": "Explicit table mapping each section to the audience and concern it addresses. A complete mapping with every section covered is evidence for STK-02 score 4.",
169
+ "items": {
170
+ "type": "object",
171
+ "title": "Section mapping entry",
172
+ "required": ["section", "audience", "concern"],
173
+ "properties": {
174
+ "section": {
175
+ "type": "string",
176
+ "title": "Section",
177
+ "description": "Name or number of the document section."
178
+ },
179
+ "audience": {
180
+ "type": "string",
181
+ "title": "Audience",
182
+ "description": "Stakeholder role(s) this section is primarily for."
183
+ },
184
+ "concern": {
185
+ "type": "string",
186
+ "title": "Concern addressed",
187
+ "description": "The specific stakeholder concern this section addresses."
188
+ }
189
+ }
190
+ }
191
+ }
192
+ }
193
+ },
194
+ "scope": {
195
+ "type": "object",
196
+ "title": "Scope and boundary",
197
+ "description": "Defines exactly what is and is not covered by this architecture. Without clear scope, the artifact may be rated 'not_reviewable'. Evidence for core criterion SCP-01 (critical gate — score < 2 triggers not_reviewable status).",
198
+ "required": ["statement"],
199
+ "properties": {
200
+ "statement": {
201
+ "type": "string",
202
+ "title": "Scope statement",
203
+ "description": "A concise, unambiguous statement of what this reference architecture covers. Should name specific systems, services, or domains included."
204
+ },
205
+ "in_scope": {
206
+ "type": "array",
207
+ "title": "In scope",
208
+ "description": "Explicit list of systems, services, domains, or concerns that this architecture covers.",
209
+ "items": {
210
+ "type": "string"
211
+ }
212
+ },
213
+ "out_of_scope": {
214
+ "type": "array",
215
+ "title": "Out of scope",
216
+ "description": "Explicit list of items intentionally excluded, with a brief rationale or reference to where they are addressed. Having explicit exclusions is required for SCP-01 score > 2. Example: 'Authentication — handled by IAM platform, see IAM-2024-001'.",
217
+ "items": {
218
+ "type": "string"
219
+ }
220
+ },
221
+ "boundary_definition": {
222
+ "type": "string",
223
+ "title": "Boundary definition",
224
+ "description": "Description of the system context boundary — what is inside this architecture vs. what is external. Can reference or describe the C4 context diagram or equivalent boundary representation."
225
+ },
226
+ "assumptions": {
227
+ "type": "array",
228
+ "title": "Contextual assumptions",
229
+ "description": "Assumptions about the environment that define the conditions under which this scope is valid. Each assumption should state the consequence if it is violated. Evidence for SCP-01 score ≥ 3.",
230
+ "items": {
231
+ "type": "object",
232
+ "title": "Assumption",
233
+ "required": ["assumption"],
234
+ "properties": {
235
+ "assumption": {
236
+ "type": "string",
237
+ "title": "Assumption",
238
+ "description": "The assumption being made. Example: 'Banking Core API versioned contract is stable for 12 months'."
239
+ },
240
+ "consequence_if_violated": {
241
+ "type": "string",
242
+ "title": "Consequence if violated",
243
+ "description": "What happens to this architecture if the assumption proves false."
244
+ }
245
+ }
246
+ }
247
+ }
248
+ }
249
+ },
250
+ "drivers_and_principles": {
251
+ "type": "object",
252
+ "title": "Drivers and principles",
253
+ "description": "Business drivers, requirements, and architecture principles that shaped this design. Evidence for core criterion TRC-01 (major gate). Drivers and principles listed here must be traceable to specific design elements throughout the document — listing them without connecting them to the architecture achieves only a score of 1.",
254
+ "properties": {
255
+ "drivers": {
256
+ "type": "array",
257
+ "title": "Business drivers",
258
+ "description": "The business motivations, problems, or opportunities that this architecture addresses. Each driver should have an explicit architecture_response linking it to a design element or decision. Evidence for TRC-01.",
259
+ "items": {
260
+ "type": "object",
261
+ "title": "Driver",
262
+ "required": ["description"],
263
+ "properties": {
264
+ "id": {
265
+ "type": "string",
266
+ "title": "Driver ID",
267
+ "description": "Short reference ID for traceability (e.g. 'DR-01'). Used by decisions and design elements to reference back to this driver."
268
+ },
269
+ "description": {
270
+ "type": "string",
271
+ "title": "Description",
272
+ "description": "The business driver, requirement, or opportunity in concrete terms. Example: 'Reduce payment fraud rate by 30% within 12 months'."
273
+ },
274
+ "architecture_response": {
275
+ "type": "string",
276
+ "title": "Architecture response",
277
+ "description": "How this architecture responds to or satisfies the driver. Reference specific sections, decisions, or components by name. This linkage is the evidence for TRC-01 score ≥ 2."
278
+ }
279
+ }
280
+ }
281
+ },
282
+ "principles": {
283
+ "type": "array",
284
+ "title": "Architecture principles",
285
+ "description": "Enterprise or domain architecture principles that constrain or guide design decisions. Principles cited here should be referenced in the rationale of architecture decisions throughout the document.",
286
+ "items": {
287
+ "type": "object",
288
+ "title": "Principle",
289
+ "required": ["name"],
290
+ "properties": {
291
+ "id": {
292
+ "type": "string",
293
+ "title": "Principle ID",
294
+ "description": "Reference ID from the enterprise architecture principles catalogue."
295
+ },
296
+ "name": {
297
+ "type": "string",
298
+ "title": "Name",
299
+ "description": "Short name of the principle. Example: 'API-first', 'Zero-trust networking', 'Platform over bespoke'."
300
+ },
301
+ "how_applied": {
302
+ "type": "string",
303
+ "title": "How applied in this architecture",
304
+ "description": "How this principle manifests in this architecture. Reference specific design elements or decisions. This is the evidence required by TRC-01 for principles."
305
+ }
306
+ }
307
+ }
308
+ }
309
+ }
310
+ },
311
+ "architecture_views": {
312
+ "type": "object",
313
+ "title": "Architecture views",
314
+ "description": "The set of views representing the reference architecture from different perspectives. Evidence for profile criterion RA-VIEW-01 (major gate) and RA-VIEW-02. RA-VIEW-01 score 2 requires three views; score 3 requires all four primary views with a data flow narrative; score 4 requires cross-references between views and a security view.",
315
+ "properties": {
316
+ "context": {
317
+ "type": "object",
318
+ "title": "Context view",
319
+ "description": "Shows how the system relates to its environment — external actors, upstream/downstream systems, and the system boundary. Equivalent to C4 Level 1. Required for RA-VIEW-01 score ≥ 2.",
320
+ "properties": {
321
+ "description": {
322
+ "type": "string",
323
+ "title": "Description",
324
+ "description": "Narrative explaining what this view shows and the key relationships with external systems and actors. Should identify who initiates interactions and what data flows at the boundary."
325
+ },
326
+ "diagram_source": {
327
+ "type": "string",
328
+ "title": "Diagram source",
329
+ "description": "Diagram source code or image content. Preferred formats for RA-VIEW-02 scoring: Structurizr DSL, PlantUML, Mermaid, or ArchiMate exchange format. Image-only scores lower on RA-VIEW-02."
330
+ },
331
+ "source_type": {
332
+ "type": "string",
333
+ "title": "Source type",
334
+ "description": "Format of the diagram source. 'structurizr', 'plantuml', or 'mermaid' enable diagram-as-code scoring for RA-VIEW-02.",
335
+ "enum": ["structurizr", "plantuml", "mermaid", "archimate", "image", "visio"]
336
+ }
337
+ }
338
+ },
339
+ "functional": {
340
+ "type": "object",
341
+ "title": "Functional / container view",
342
+ "description": "Shows the major structural components (containers, services, or modules) of the architecture and their relationships. Equivalent to C4 Level 2. Required for RA-VIEW-01 score ≥ 2.",
343
+ "properties": {
344
+ "description": {
345
+ "type": "string",
346
+ "title": "Description",
347
+ "description": "Narrative describing the structural decomposition and the responsibilities of each major component. Technology annotations should be visible."
348
+ },
349
+ "diagram_source": {
350
+ "type": "string",
351
+ "title": "Diagram source",
352
+ "description": "Diagram source code. Preferred: Structurizr DSL, PlantUML, or Mermaid."
353
+ },
354
+ "source_type": {
355
+ "type": "string",
356
+ "title": "Source type",
357
+ "enum": ["structurizr", "plantuml", "mermaid", "archimate", "image", "visio"]
358
+ }
359
+ }
360
+ },
361
+ "deployment": {
362
+ "type": "object",
363
+ "title": "Deployment view",
364
+ "description": "Shows infrastructure topology — how components are deployed across nodes, containers, cloud regions, or availability zones. Required for RA-VIEW-01 score ≥ 3.",
365
+ "properties": {
366
+ "description": {
367
+ "type": "string",
368
+ "title": "Description",
369
+ "description": "Narrative explaining the deployment topology, including infrastructure choices, multi-AZ or multi-region strategy, and key operational characteristics."
370
+ },
371
+ "diagram_source": {
372
+ "type": "string",
373
+ "title": "Diagram source"
374
+ },
375
+ "source_type": {
376
+ "type": "string",
377
+ "title": "Source type",
378
+ "enum": ["structurizr", "plantuml", "mermaid", "archimate", "image", "visio"]
379
+ }
380
+ }
381
+ },
382
+ "data_flow": {
383
+ "type": "object",
384
+ "title": "Data flow view",
385
+ "description": "Describes how data moves through the system at runtime. Required for RA-VIEW-01 score ≥ 3. A diagram without a numbered walkthrough is not sufficient — narrative_steps are required evidence.",
386
+ "properties": {
387
+ "description": {
388
+ "type": "string",
389
+ "title": "Description",
390
+ "description": "Overview of the primary data flows and processing patterns, including key integration points and transformations."
391
+ },
392
+ "narrative_steps": {
393
+ "type": "array",
394
+ "title": "Numbered flow steps",
395
+ "description": "Step-by-step walkthrough of the primary data flow. Numbered steps are required evidence for RA-VIEW-01 — a diagram alone does not satisfy this criterion.",
396
+ "items": {
397
+ "type": "object",
398
+ "title": "Flow step",
399
+ "required": ["step", "description"],
400
+ "properties": {
401
+ "step": {
402
+ "type": "integer",
403
+ "title": "Step number"
404
+ },
405
+ "description": {
406
+ "type": "string",
407
+ "title": "Description",
408
+ "description": "What happens at this step — which component sends what data to which component, and any transformation or decision point."
409
+ }
410
+ }
411
+ }
412
+ }
413
+ }
414
+ },
415
+ "security": {
416
+ "type": "object",
417
+ "title": "Security view (optional — required for score 4)",
418
+ "description": "Shows the security architecture: trust boundaries, authentication/authorisation mechanisms, data protection controls, and security domains. Optional but required for RA-VIEW-01 score 4.",
419
+ "properties": {
420
+ "description": {
421
+ "type": "string",
422
+ "title": "Description",
423
+ "description": "Narrative describing the security architecture, trust boundaries, and key controls."
424
+ },
425
+ "diagram_source": {
426
+ "type": "string",
427
+ "title": "Diagram source"
428
+ },
429
+ "source_type": {
430
+ "type": "string",
431
+ "title": "Source type",
432
+ "enum": ["structurizr", "plantuml", "mermaid", "archimate", "image", "visio"]
433
+ }
434
+ }
435
+ },
436
+ "element_catalog": {
437
+ "type": "array",
438
+ "title": "Element catalog",
439
+ "description": "Structured inventory of all named components in the architecture. Required evidence for RA-VIEW-02. Enables assessors to verify that diagram names, technology choices, and responsibilities are consistent across all views. The catalog is the single source of truth for component names.",
440
+ "items": {
441
+ "type": "object",
442
+ "title": "Catalog entry",
443
+ "required": ["name", "type", "responsibility"],
444
+ "properties": {
445
+ "name": {
446
+ "type": "string",
447
+ "title": "Name",
448
+ "description": "Canonical name for this component. Must match exactly how it appears in all diagrams — any discrepancy is evidence for a lower CON-01 score."
449
+ },
450
+ "type": {
451
+ "type": "string",
452
+ "title": "Type",
453
+ "description": "Category of architecture element.",
454
+ "enum": ["service", "database", "queue", "gateway", "cache", "storage", "external_system", "user", "container", "module", "library", "pipeline", "function", "other"]
455
+ },
456
+ "technology": {
457
+ "type": "string",
458
+ "title": "Technology",
459
+ "description": "Specific technology, runtime, or platform used. Example: 'Node.js 20', 'PostgreSQL 16', 'Apache Kafka 3.x', 'AWS Lambda'."
460
+ },
461
+ "responsibility": {
462
+ "type": "string",
463
+ "title": "Responsibility",
464
+ "description": "What this component does in one or two sentences."
465
+ },
466
+ "relationships": {
467
+ "type": "array",
468
+ "title": "Key relationships",
469
+ "description": "The most important dependencies or interactions with other named components. Use the canonical name of the related component.",
470
+ "items": {
471
+ "type": "string"
472
+ }
473
+ }
474
+ }
475
+ }
476
+ }
477
+ }
478
+ },
479
+ "decisions": {
480
+ "type": "array",
481
+ "title": "Architecture decisions (ADRs)",
482
+ "description": "Architecture Decision Records documenting the key design choices made in this reference architecture. Evidence for profile criterion RA-DEC-01 (major gate). Score 1: technology choices without rationale. Score 2: rationale without alternatives. Score 3: ADR format with alternatives and trade-offs. Score 4: full ADRs with revisit conditions.",
483
+ "items": {
484
+ "type": "object",
485
+ "title": "Architecture Decision Record",
486
+ "required": ["id", "title", "context", "decision", "rationale"],
487
+ "properties": {
488
+ "id": {
489
+ "type": "string",
490
+ "title": "Decision ID",
491
+ "description": "Unique identifier for this decision. Example: 'ADR-001', 'D-07'."
492
+ },
493
+ "title": {
494
+ "type": "string",
495
+ "title": "Title",
496
+ "description": "Short title summarising the decision. Example: 'Use event-driven architecture for inter-service communication'."
497
+ },
498
+ "context": {
499
+ "type": "string",
500
+ "title": "Context",
501
+ "description": "The situation, constraint, or driver that makes this decision necessary. What problem does this decision solve? Reference driver IDs where applicable."
502
+ },
503
+ "options": {
504
+ "type": "array",
505
+ "title": "Options considered",
506
+ "description": "Alternatives evaluated before choosing. Required for RA-DEC-01 score ≥ 3. Documenting only the chosen option without alternatives is an anti-pattern.",
507
+ "items": {
508
+ "type": "object",
509
+ "title": "Option",
510
+ "required": ["id", "description"],
511
+ "properties": {
512
+ "id": {
513
+ "type": "string",
514
+ "title": "Option ID",
515
+ "description": "Short identifier (e.g. 'A', 'B', 'Option 1')."
516
+ },
517
+ "description": {
518
+ "type": "string",
519
+ "title": "Description",
520
+ "description": "What this option proposes."
521
+ },
522
+ "pros": {
523
+ "type": "array",
524
+ "title": "Pros",
525
+ "items": { "type": "string" }
526
+ },
527
+ "cons": {
528
+ "type": "array",
529
+ "title": "Cons",
530
+ "items": { "type": "string" }
531
+ }
532
+ }
533
+ }
534
+ },
535
+ "decision": {
536
+ "type": "string",
537
+ "title": "Decision",
538
+ "description": "Which option was chosen. State the choice clearly."
539
+ },
540
+ "rationale": {
541
+ "type": "string",
542
+ "title": "Rationale",
543
+ "description": "Why this option was chosen. Reference business drivers and architecture principles. Example: 'Option C selected because it satisfies DR-01 (fraud reduction) and aligns with the API-first principle'."
544
+ },
545
+ "tradeoffs": {
546
+ "type": "string",
547
+ "title": "Trade-offs accepted",
548
+ "description": "What is sacrificed or complicated by this decision. Required for RA-DEC-01 score ≥ 3. Example: 'Increased operational complexity in exchange for auditability and decoupling'."
549
+ },
550
+ "consequences": {
551
+ "type": "string",
552
+ "title": "Consequences",
553
+ "description": "Follow-on work, constraints, or implications this decision creates for adopting teams."
554
+ },
555
+ "revisit_conditions": {
556
+ "type": "string",
557
+ "title": "Revisit conditions",
558
+ "description": "Specific conditions under which this decision should be reconsidered. Required for RA-DEC-01 score 4. Example: 'Revisit if throughput exceeds 50K events/sec or if team lacks event sourcing experience'."
559
+ },
560
+ "driver_refs": {
561
+ "type": "array",
562
+ "title": "Driver references",
563
+ "description": "IDs of business drivers from drivers_and_principles.drivers that motivated this decision. Cross-referencing decisions to drivers is evidence for TRC-01.",
564
+ "items": { "type": "string" }
565
+ }
566
+ }
567
+ }
568
+ },
569
+ "component_classification": {
570
+ "type": "object",
571
+ "title": "Component classification",
572
+ "description": "Defines the prescriptiveness of each component — which elements are mandatory, recommended, or optional. Evidence for profile criterion RA-DEC-02. Score 2: mandatory and optional elements distinguished. Score 3: three-level classification with rationale. Score 4: customisation framework with decision trees for deviation.",
573
+ "properties": {
574
+ "components": {
575
+ "type": "array",
576
+ "title": "Component mandate levels",
577
+ "description": "Classification table mapping each major component or design pattern to its mandate level with rationale.",
578
+ "items": {
579
+ "type": "object",
580
+ "title": "Classification entry",
581
+ "required": ["name", "mandate_level"],
582
+ "properties": {
583
+ "name": {
584
+ "type": "string",
585
+ "title": "Component or pattern",
586
+ "description": "Name of the component, pattern, or design choice being classified. Should match the name in the element catalog."
587
+ },
588
+ "mandate_level": {
589
+ "type": "string",
590
+ "title": "Mandate level",
591
+ "description": "mandatory: all adopting teams must use this; recommended: should use unless there is a justified reason not to; optional: teams may use based on context.",
592
+ "enum": ["mandatory", "recommended", "optional"]
593
+ },
594
+ "rationale": {
595
+ "type": "string",
596
+ "title": "Rationale",
597
+ "description": "Why this component has this mandate level."
598
+ }
599
+ }
600
+ }
601
+ },
602
+ "extension_points": {
603
+ "type": "array",
604
+ "title": "Extension points",
605
+ "description": "Formally defined variation points where adopting teams may deviate from the reference architecture without seeking an exception. Evidence for RA-DEC-02 score ≥ 3.",
606
+ "items": {
607
+ "type": "object",
608
+ "title": "Extension point",
609
+ "required": ["name", "description"],
610
+ "properties": {
611
+ "name": {
612
+ "type": "string",
613
+ "title": "Extension point name"
614
+ },
615
+ "description": {
616
+ "type": "string",
617
+ "title": "Description",
618
+ "description": "What can be varied at this point and the constraints on variation."
619
+ },
620
+ "guidance": {
621
+ "type": "string",
622
+ "title": "Guidance",
623
+ "description": "Recommendations on how to use this extension point, including when deviation is acceptable."
624
+ },
625
+ "examples": {
626
+ "type": "string",
627
+ "title": "Example valid variations"
628
+ }
629
+ }
630
+ }
631
+ }
632
+ }
633
+ },
634
+ "quality_attributes": {
635
+ "type": "array",
636
+ "title": "Quality attributes",
637
+ "description": "Measurable targets for each quality attribute relevant to this architecture. Evidence for profile criterion RA-QA-01 (major gate). Score 1: adjectives without numbers. Score 2: some measurable targets. Score 3: all material attributes with validation approaches. Score 4: automated fitness functions in CI/CD.",
638
+ "items": {
639
+ "type": "object",
640
+ "title": "Quality attribute",
641
+ "required": ["attribute", "target"],
642
+ "properties": {
643
+ "attribute": {
644
+ "type": "string",
645
+ "title": "Quality attribute",
646
+ "description": "Name of the quality attribute. Use concrete, assessable names — not adjectives. Examples: 'Availability', 'Latency P99', 'Throughput', 'Error rate', 'Recovery Time Objective (RTO)', 'Recovery Point Objective (RPO)'.",
647
+ "examples": ["Availability", "Latency P99", "Throughput", "Error rate", "Recovery Time Objective (RTO)", "Recovery Point Objective (RPO)", "Security posture"]
648
+ },
649
+ "target": {
650
+ "type": "string",
651
+ "title": "Measurable target",
652
+ "description": "A specific, measurable number or threshold. Must not be an adjective — numbers required. Example: '99.95% monthly availability', 'P99 < 200ms under 10K concurrent users', '5000 TPS sustained'."
653
+ },
654
+ "measurement": {
655
+ "type": "string",
656
+ "title": "Measurement method",
657
+ "description": "How this attribute is measured in practice. Example: 'synthetic probes every 30s via monitoring platform', 'APM P99 latency histogram from production traffic'."
658
+ },
659
+ "validation_strategy": {
660
+ "type": "string",
661
+ "title": "Validation strategy",
662
+ "description": "How compliance with this target is validated before and after deployment. Required for RA-QA-01 score ≥ 3. Example: 'Gatling load test with 10K concurrent users in staging environment before each release'."
663
+ },
664
+ "fitness_function": {
665
+ "type": "string",
666
+ "title": "Fitness function",
667
+ "description": "Automated test or check that continuously validates this attribute in CI/CD pipeline. Required for RA-QA-01 score 4. Example: 'Gatling load test fails build if P99 > 200ms; chaos engineering run weekly via Gremlin'."
668
+ },
669
+ "quality_scenario": {
670
+ "type": "string",
671
+ "title": "Quality scenario",
672
+ "description": "TOGAF or SEI-style quality scenario describing the stimulus, source, environment, response, and response measure for this attribute."
673
+ }
674
+ }
675
+ }
676
+ },
677
+ "operational_model": {
678
+ "type": "object",
679
+ "title": "Operational model",
680
+ "description": "How the architecture is operated, monitored, scaled, and recovered in production. Evidence for profile criterion RA-OPS-01 (major gate). Score 2: monitoring and scaling described in principle with SLOs mentioned. Score 3: concrete monitoring dashboards, scaling policies, SLOs, basic DR. Score 4: complete runbooks, alerting configs, error budgets.",
681
+ "properties": {
682
+ "slos": {
683
+ "type": "array",
684
+ "title": "Service Level Objectives",
685
+ "description": "Defined SLOs for this architecture. Required evidence for RA-OPS-01. Each SLO must have a specific numeric target.",
686
+ "items": {
687
+ "type": "object",
688
+ "title": "SLO",
689
+ "required": ["name", "target"],
690
+ "properties": {
691
+ "name": {
692
+ "type": "string",
693
+ "title": "SLO name",
694
+ "description": "Name of the SLO. Example: 'API availability', 'P99 request latency', 'Successful request rate'."
695
+ },
696
+ "target": {
697
+ "type": "string",
698
+ "title": "Target",
699
+ "description": "Numeric target. Example: '99.95%', '< 200ms', '> 99.9%'."
700
+ },
701
+ "measurement_window": {
702
+ "type": "string",
703
+ "title": "Measurement window",
704
+ "description": "Rolling window or period over which this SLO is measured. Example: 'rolling 30 days', 'calendar month'."
705
+ },
706
+ "error_budget": {
707
+ "type": "string",
708
+ "title": "Error budget",
709
+ "description": "The allowed failure budget derived from this SLO. Required for RA-OPS-01 score 4. Example: '43.8 minutes/month at 99.95% availability'."
710
+ }
711
+ }
712
+ }
713
+ },
714
+ "monitoring": {
715
+ "type": "object",
716
+ "title": "Monitoring strategy",
717
+ "description": "How the architecture is observed in production. Required evidence for RA-OPS-01.",
718
+ "properties": {
719
+ "strategy": {
720
+ "type": "string",
721
+ "title": "Strategy",
722
+ "description": "Overview of the observability approach: signal types covered (metrics, logs, traces), tooling, and integration with on-call processes."
723
+ },
724
+ "metrics": {
725
+ "type": "array",
726
+ "title": "Key metrics",
727
+ "description": "The most important metrics to monitor for this architecture. Example: 'HTTP request rate', 'P99 latency', 'Kafka consumer lag', 'Database connection pool utilisation'.",
728
+ "items": { "type": "string" }
729
+ },
730
+ "dashboards": {
731
+ "type": "string",
732
+ "title": "Dashboard reference",
733
+ "description": "Reference to dashboard templates or existing dashboards. Example: 'Grafana dashboard template at /ops/dashboards/payments-platform.json'."
734
+ },
735
+ "alerting_rules": {
736
+ "type": "string",
737
+ "title": "Alerting rules",
738
+ "description": "Alerting thresholds and escalation policy. Reference alert configuration files if available. Required for RA-OPS-01 score 4."
739
+ }
740
+ }
741
+ },
742
+ "scaling": {
743
+ "type": "object",
744
+ "title": "Scaling policies",
745
+ "description": "How the architecture scales under load. Required evidence for RA-OPS-01.",
746
+ "properties": {
747
+ "policies": {
748
+ "type": "array",
749
+ "title": "Scaling policies",
750
+ "description": "Specific scaling rules and triggers. Example: 'HPA targeting 70% CPU, min 3 / max 20 pods per service', 'Database read replicas added when primary CPU > 80%'.",
751
+ "items": { "type": "string" }
752
+ },
753
+ "capacity_planning_notes": {
754
+ "type": "string",
755
+ "title": "Capacity planning notes",
756
+ "description": "Current load profile, known capacity limits, and headroom before the next scaling tier is needed."
757
+ }
758
+ }
759
+ },
760
+ "disaster_recovery": {
761
+ "type": "object",
762
+ "title": "Disaster recovery",
763
+ "description": "Recovery objectives and procedures. Required evidence for RA-OPS-01.",
764
+ "properties": {
765
+ "rto": {
766
+ "type": "string",
767
+ "title": "Recovery Time Objective (RTO)",
768
+ "description": "Maximum acceptable time to restore service after an incident. Example: '4 hours'."
769
+ },
770
+ "rpo": {
771
+ "type": "string",
772
+ "title": "Recovery Point Objective (RPO)",
773
+ "description": "Maximum acceptable data loss measured in time. Example: '15 minutes'."
774
+ },
775
+ "failover_procedures": {
776
+ "type": "string",
777
+ "title": "Failover procedures",
778
+ "description": "High-level description of the failover process. Reference runbook if available."
779
+ },
780
+ "runbook_ref": {
781
+ "type": "string",
782
+ "title": "Runbook reference",
783
+ "description": "Location of the DR runbook (e.g. Confluence page URL, ops/ directory path). Tested DR runbooks referenced here are evidence for RA-OPS-01 score 4."
784
+ }
785
+ }
786
+ }
787
+ }
788
+ },
789
+ "implementation_artifacts": {
790
+ "type": "object",
791
+ "title": "Implementation artifacts",
792
+ "description": "Runnable and deployable artifacts that teams use to instantiate this reference architecture. Evidence for profile criterion RA-IMP-01. Score 2: some IaC or API specs. Score 3: complete set of IaC, API specs, and CI/CD. Score 4: full golden path including scaffold template and working sample application.",
793
+ "properties": {
794
+ "iac_templates": {
795
+ "type": "array",
796
+ "title": "Infrastructure-as-code templates",
797
+ "description": "Terraform, CDK, Bicep, CloudFormation, or equivalent templates that deploy the architecture. Required evidence for RA-IMP-01.",
798
+ "items": {
799
+ "type": "object",
800
+ "title": "IaC template",
801
+ "required": ["name", "location"],
802
+ "properties": {
803
+ "name": { "type": "string", "title": "Name" },
804
+ "type": {
805
+ "type": "string",
806
+ "title": "IaC type",
807
+ "enum": ["terraform", "cdk", "bicep", "cloudformation", "pulumi", "ansible", "helm", "other"]
808
+ },
809
+ "location": {
810
+ "type": "string",
811
+ "title": "Location",
812
+ "description": "Repository path or URL to the template."
813
+ },
814
+ "description": { "type": "string", "title": "Description" }
815
+ }
816
+ }
817
+ },
818
+ "api_specifications": {
819
+ "type": "array",
820
+ "title": "API specifications",
821
+ "description": "OpenAPI, AsyncAPI, or equivalent service interface specifications. Required evidence for RA-IMP-01.",
822
+ "items": {
823
+ "type": "object",
824
+ "title": "API specification",
825
+ "required": ["name", "location"],
826
+ "properties": {
827
+ "name": { "type": "string", "title": "Name" },
828
+ "spec_type": {
829
+ "type": "string",
830
+ "title": "Specification type",
831
+ "enum": ["openapi", "asyncapi", "graphql", "grpc", "other"]
832
+ },
833
+ "location": { "type": "string", "title": "Location" }
834
+ }
835
+ }
836
+ },
837
+ "cicd_templates": {
838
+ "type": "array",
839
+ "title": "CI/CD pipeline templates",
840
+ "description": "Pipeline workflow files for building and deploying the architecture. Required evidence for RA-IMP-01.",
841
+ "items": {
842
+ "type": "object",
843
+ "title": "CI/CD template",
844
+ "required": ["name", "location"],
845
+ "properties": {
846
+ "name": { "type": "string", "title": "Name" },
847
+ "platform": {
848
+ "type": "string",
849
+ "title": "Platform",
850
+ "enum": ["github_actions", "gitlab_ci", "jenkins", "azure_devops", "circleci", "other"]
851
+ },
852
+ "location": { "type": "string", "title": "Location" }
853
+ }
854
+ }
855
+ },
856
+ "scaffold_template": {
857
+ "type": "object",
858
+ "title": "Scaffold template",
859
+ "description": "A template (e.g. Backstage Software Template, Cookiecutter, Copier) for bootstrapping a new service from this reference architecture. Required for RA-IMP-01 score 4 — the golden path must be automatable.",
860
+ "properties": {
861
+ "name": { "type": "string", "title": "Name" },
862
+ "type": {
863
+ "type": "string",
864
+ "title": "Type",
865
+ "enum": ["backstage", "cookiecutter", "copier", "yeoman", "other"]
866
+ },
867
+ "location": { "type": "string", "title": "Location" },
868
+ "description": { "type": "string", "title": "Description" }
869
+ }
870
+ },
871
+ "sample_application": {
872
+ "type": "object",
873
+ "title": "Sample application",
874
+ "description": "A working reference implementation demonstrating the architecture in practice. Required for RA-IMP-01 score 4.",
875
+ "properties": {
876
+ "name": { "type": "string", "title": "Name" },
877
+ "location": { "type": "string", "title": "Location" },
878
+ "description": { "type": "string", "title": "Description" }
879
+ }
880
+ }
881
+ }
882
+ },
883
+ "getting_started": {
884
+ "type": "object",
885
+ "title": "Getting started guide",
886
+ "description": "A tested, step-by-step guide for new teams adopting this reference architecture. Evidence for profile criterion RA-IMP-02. Score 3: tested guide with prerequisites and time estimate. Score 4: fully automated onboarding achieving < 1 hour to first deployment.",
887
+ "properties": {
888
+ "estimated_time_to_first_deployment": {
889
+ "type": "string",
890
+ "title": "Estimated time to first deployment",
891
+ "description": "How long a new team takes from zero to a running deployed service following this guide. Required evidence for RA-IMP-02. Example: '4 hours', '< 1 hour with Backstage template'."
892
+ },
893
+ "prerequisites": {
894
+ "type": "array",
895
+ "title": "Prerequisites",
896
+ "description": "Tools, access permissions, and knowledge required before starting. Required evidence for RA-IMP-02 score ≥ 3.",
897
+ "items": { "type": "string" }
898
+ },
899
+ "steps": {
900
+ "type": "array",
901
+ "title": "Steps",
902
+ "description": "Numbered steps for getting started, tested against a real environment. Required evidence for RA-IMP-02.",
903
+ "items": {
904
+ "type": "object",
905
+ "title": "Step",
906
+ "required": ["step", "title", "description"],
907
+ "properties": {
908
+ "step": { "type": "integer", "title": "Step number" },
909
+ "title": { "type": "string", "title": "Step title" },
910
+ "description": {
911
+ "type": "string",
912
+ "title": "What to do",
913
+ "description": "Clear instructions for this step, including expected outcome."
914
+ },
915
+ "command": {
916
+ "type": "string",
917
+ "title": "Command (if applicable)",
918
+ "description": "Shell command or code snippet to run at this step."
919
+ }
920
+ }
921
+ }
922
+ },
923
+ "troubleshooting": {
924
+ "type": "array",
925
+ "title": "Troubleshooting",
926
+ "description": "Common problems encountered when following this guide and their resolutions. Required evidence for RA-IMP-02 score ≥ 3.",
927
+ "items": {
928
+ "type": "object",
929
+ "title": "Troubleshooting entry",
930
+ "required": ["symptom", "resolution"],
931
+ "properties": {
932
+ "symptom": {
933
+ "type": "string",
934
+ "title": "Symptom",
935
+ "description": "What the problem looks like to a new adopter."
936
+ },
937
+ "cause": {
938
+ "type": "string",
939
+ "title": "Cause",
940
+ "description": "Root cause of the problem."
941
+ },
942
+ "resolution": {
943
+ "type": "string",
944
+ "title": "Resolution",
945
+ "description": "How to fix it."
946
+ }
947
+ }
948
+ }
949
+ }
950
+ }
951
+ },
952
+ "raid": {
953
+ "type": "object",
954
+ "title": "RAID log (Risks, Assumptions, Issues, Dependencies)",
955
+ "description": "Risks, design assumptions, constraints, and trade-offs. Evidence for core criterion RAT-01. Score 2: risks listed without mitigations. Score 3: risks with mitigations and owners; assumptions and constraints documented. Score 4: evidence-based trade-off analysis with accepted consequences explicit.",
956
+ "properties": {
957
+ "risks": {
958
+ "type": "array",
959
+ "title": "Risks",
960
+ "description": "Known risks with mitigations and named owners. Required evidence for RAT-01. Generic statements such as 'there are risks that will need to be addressed' score 1.",
961
+ "items": {
962
+ "type": "object",
963
+ "title": "Risk",
964
+ "required": ["description"],
965
+ "properties": {
966
+ "id": {
967
+ "type": "string",
968
+ "title": "Risk ID",
969
+ "description": "Short reference identifier. Example: 'RISK-01'."
970
+ },
971
+ "description": {
972
+ "type": "string",
973
+ "title": "Description",
974
+ "description": "Specific risk in concrete terms — what could go wrong and the consequence if it materialises."
975
+ },
976
+ "likelihood": {
977
+ "type": "string",
978
+ "title": "Likelihood",
979
+ "enum": ["high", "medium", "low"]
980
+ },
981
+ "impact": {
982
+ "type": "string",
983
+ "title": "Impact",
984
+ "enum": ["high", "medium", "low"]
985
+ },
986
+ "mitigation": {
987
+ "type": "string",
988
+ "title": "Mitigation",
989
+ "description": "Specific action taken or planned to reduce this risk. Required for RAT-01 score ≥ 3."
990
+ },
991
+ "owner": {
992
+ "type": "string",
993
+ "title": "Owner",
994
+ "description": "Named individual or role responsible for monitoring and mitigating this risk. Required for RAT-01 score ≥ 3."
995
+ },
996
+ "residual_risk": {
997
+ "type": "string",
998
+ "title": "Residual risk",
999
+ "description": "Risk level remaining after mitigation (high/medium/low) and acceptance decision."
1000
+ }
1001
+ }
1002
+ }
1003
+ },
1004
+ "assumptions": {
1005
+ "type": "array",
1006
+ "title": "Design assumptions",
1007
+ "description": "Assumptions made during design that could affect the architecture if they prove false. Distinct from scope assumptions — these are design-time assumptions about technical or organisational behaviour.",
1008
+ "items": {
1009
+ "type": "object",
1010
+ "title": "Design assumption",
1011
+ "required": ["assumption"],
1012
+ "properties": {
1013
+ "assumption": { "type": "string", "title": "Assumption" },
1014
+ "consequence_if_violated": {
1015
+ "type": "string",
1016
+ "title": "Consequence if violated"
1017
+ }
1018
+ }
1019
+ }
1020
+ },
1021
+ "constraints": {
1022
+ "type": "array",
1023
+ "title": "Constraints",
1024
+ "description": "Technical, legal, or organisational constraints that limit design choices. Required evidence for RAT-01.",
1025
+ "items": {
1026
+ "type": "object",
1027
+ "title": "Constraint",
1028
+ "required": ["description"],
1029
+ "properties": {
1030
+ "type": {
1031
+ "type": "string",
1032
+ "title": "Type",
1033
+ "enum": ["technical", "legal", "organisational", "financial", "regulatory"]
1034
+ },
1035
+ "description": { "type": "string", "title": "Description" },
1036
+ "implication": {
1037
+ "type": "string",
1038
+ "title": "Implication for the architecture"
1039
+ }
1040
+ }
1041
+ }
1042
+ },
1043
+ "tradeoffs": {
1044
+ "type": "array",
1045
+ "title": "Trade-offs",
1046
+ "description": "Explicit trade-offs accepted in this design. Required for RAT-01 score ≥ 3. Each entry must state what was sacrificed and what was gained — not just that a trade-off exists.",
1047
+ "items": {
1048
+ "type": "object",
1049
+ "title": "Trade-off",
1050
+ "required": ["description"],
1051
+ "properties": {
1052
+ "decision_ref": {
1053
+ "type": "string",
1054
+ "title": "Decision reference",
1055
+ "description": "ADR ID where this trade-off was formalised."
1056
+ },
1057
+ "description": {
1058
+ "type": "string",
1059
+ "title": "Trade-off description"
1060
+ },
1061
+ "what_was_sacrificed": {
1062
+ "type": "string",
1063
+ "title": "What was sacrificed"
1064
+ },
1065
+ "what_was_gained": {
1066
+ "type": "string",
1067
+ "title": "What was gained"
1068
+ }
1069
+ }
1070
+ }
1071
+ }
1072
+ }
1073
+ },
1074
+ "governance": {
1075
+ "type": "object",
1076
+ "title": "Governance and compliance",
1077
+ "description": "Alignment with applicable architecture standards, policies, and mandatory controls. Evidence for core criterion CMP-01 (critical gate — score < 1 triggers Reject regardless of other scores). Compliance by assertion ('we comply with all standards') scores 1 at most — explicit control-to-design mappings are required.",
1078
+ "properties": {
1079
+ "applicable_standards": {
1080
+ "type": "array",
1081
+ "title": "Applicable standards",
1082
+ "description": "Standards, policies, and regulations relevant to this architecture. Required to move beyond score 0 for CMP-01.",
1083
+ "items": {
1084
+ "type": "object",
1085
+ "title": "Standard or policy",
1086
+ "required": ["name"],
1087
+ "properties": {
1088
+ "id": {
1089
+ "type": "string",
1090
+ "title": "ID",
1091
+ "description": "Reference ID. Example: 'ESS-01', 'GDPR', 'ISO 27001', 'PCI-DSS'."
1092
+ },
1093
+ "name": {
1094
+ "type": "string",
1095
+ "title": "Name",
1096
+ "description": "Full name of the standard or policy."
1097
+ },
1098
+ "relevance": {
1099
+ "type": "string",
1100
+ "title": "Relevance",
1101
+ "description": "Why this standard applies to this architecture."
1102
+ }
1103
+ }
1104
+ }
1105
+ },
1106
+ "compliance_mapping": {
1107
+ "type": "array",
1108
+ "title": "Compliance mapping",
1109
+ "description": "Explicit mapping from each applicable control to the design element that satisfies it. Required for CMP-01 score ≥ 3. Each entry links a specific control to the specific design component or decision that addresses it.",
1110
+ "items": {
1111
+ "type": "object",
1112
+ "title": "Compliance mapping entry",
1113
+ "required": ["control", "design_element"],
1114
+ "properties": {
1115
+ "control": {
1116
+ "type": "string",
1117
+ "title": "Control",
1118
+ "description": "Specific control reference. Example: 'ESS-01: mutual TLS for service-to-service calls'."
1119
+ },
1120
+ "design_element": {
1121
+ "type": "string",
1122
+ "title": "Design element",
1123
+ "description": "The component, decision, or design pattern that satisfies this control."
1124
+ },
1125
+ "evidence": {
1126
+ "type": "string",
1127
+ "title": "Evidence location",
1128
+ "description": "Where in this document the supporting evidence can be found."
1129
+ },
1130
+ "owner": {
1131
+ "type": "string",
1132
+ "title": "Owner",
1133
+ "description": "Who is accountable for maintaining this compliance."
1134
+ }
1135
+ }
1136
+ }
1137
+ },
1138
+ "exceptions": {
1139
+ "type": "array",
1140
+ "title": "Compliance exceptions",
1141
+ "description": "Approved exceptions to mandatory controls. Each exception must have an approver, approval date, and either an expiry date or a remediation plan. Required for CMP-01 score 4.",
1142
+ "items": {
1143
+ "type": "object",
1144
+ "title": "Exception",
1145
+ "required": ["standard", "control", "justification"],
1146
+ "properties": {
1147
+ "standard": { "type": "string", "title": "Standard or policy" },
1148
+ "control": { "type": "string", "title": "Specific control" },
1149
+ "justification": { "type": "string", "title": "Justification" },
1150
+ "approver": { "type": "string", "title": "Approver" },
1151
+ "approval_date": {
1152
+ "type": "string",
1153
+ "format": "date",
1154
+ "title": "Approval date"
1155
+ },
1156
+ "expiry_date": {
1157
+ "type": "string",
1158
+ "format": "date",
1159
+ "title": "Expiry date"
1160
+ },
1161
+ "remediation_plan": {
1162
+ "type": "string",
1163
+ "title": "Remediation plan",
1164
+ "description": "Plan to achieve full compliance, if expiry date is not set."
1165
+ }
1166
+ }
1167
+ }
1168
+ }
1169
+ }
1170
+ },
1171
+ "decisions_and_actions": {
1172
+ "type": "object",
1173
+ "title": "Decisions and next actions",
1174
+ "description": "The governance outcome and follow-on actions. Evidence for core criterion ACT-01. Score 2: some decisions stated. Score 3: key decisions made with owned actions. Score 4: all decisions explicit with owned, dated actions and clear governance path.",
1175
+ "properties": {
1176
+ "governance_outcome": {
1177
+ "type": "string",
1178
+ "title": "Governance outcome",
1179
+ "description": "The formal governance outcome for this architecture. Must be explicit — leaving this implicit is an anti-pattern for ACT-01.",
1180
+ "enum": ["approved", "conditionally_approved", "pending_review", "rework_required", "rejected"]
1181
+ },
1182
+ "decision_statement": {
1183
+ "type": "string",
1184
+ "title": "Decision statement",
1185
+ "description": "A concise statement of what is approved or proposed. Example: 'Approve this reference architecture as the mandatory pattern for all event-driven microservices in the Payments domain, effective Q2 2026'."
1186
+ },
1187
+ "conditions": {
1188
+ "type": "array",
1189
+ "title": "Conditions (for conditional approval)",
1190
+ "description": "Named conditions that must be met for conditional approval to convert to full approval.",
1191
+ "items": { "type": "string" }
1192
+ },
1193
+ "next_actions": {
1194
+ "type": "array",
1195
+ "title": "Next actions",
1196
+ "description": "Specific follow-on tasks with named owners and target dates. Required for ACT-01 score ≥ 3. Every action must have an owner.",
1197
+ "items": {
1198
+ "type": "object",
1199
+ "title": "Action",
1200
+ "required": ["description"],
1201
+ "properties": {
1202
+ "id": { "type": "string", "title": "Action ID" },
1203
+ "description": { "type": "string", "title": "Action" },
1204
+ "owner": {
1205
+ "type": "string",
1206
+ "title": "Owner",
1207
+ "description": "Named individual or team responsible. No unowned actions."
1208
+ },
1209
+ "target_date": {
1210
+ "type": "string",
1211
+ "format": "date",
1212
+ "title": "Target date"
1213
+ }
1214
+ }
1215
+ }
1216
+ },
1217
+ "review_triggers": {
1218
+ "type": "string",
1219
+ "title": "Review triggers",
1220
+ "description": "Conditions that trigger a mandatory re-review of this architecture. Example: 'Architecture Board checkpoint 2026-04-10; post-migration assessment when migration completes'."
1221
+ }
1222
+ }
1223
+ },
1224
+ "glossary": {
1225
+ "type": "array",
1226
+ "title": "Glossary",
1227
+ "description": "Canonical definitions for key terms, component names, and abbreviations used in this document. Evidence for core criterion CON-01 (internal consistency). A glossary that is consistently used throughout the document is required for CON-01 score 4.",
1228
+ "items": {
1229
+ "type": "object",
1230
+ "title": "Glossary entry",
1231
+ "required": ["term", "definition"],
1232
+ "properties": {
1233
+ "term": { "type": "string", "title": "Term" },
1234
+ "definition": { "type": "string", "title": "Definition" },
1235
+ "aliases": {
1236
+ "type": "array",
1237
+ "title": "Aliases",
1238
+ "description": "Alternative names that refer to the same thing. Listing aliases here flags them as potential inconsistencies if found used differently elsewhere.",
1239
+ "items": { "type": "string" }
1240
+ }
1241
+ }
1242
+ }
1243
+ },
1244
+ "evolution": {
1245
+ "type": "object",
1246
+ "title": "Evolution and lifecycle",
1247
+ "description": "How this reference architecture evolves over time. Evidence for profile criterion RA-REU-01. Score 2: versioned with change log. Score 3: known limitations, evolution plan, and feedback channel. Score 4: full lifecycle management with deprecation strategy and migration guidance.",
1248
+ "properties": {
1249
+ "known_limitations": {
1250
+ "type": "array",
1251
+ "title": "Known limitations",
1252
+ "description": "Documented gaps or areas where this architecture does not yet meet its intended standard. Required for RA-REU-01 score ≥ 3.",
1253
+ "items": { "type": "string" }
1254
+ },
1255
+ "evolution_roadmap": {
1256
+ "type": "array",
1257
+ "title": "Evolution roadmap",
1258
+ "description": "Planned improvements to this reference architecture, prioritised by value. Required for RA-REU-01 score ≥ 3.",
1259
+ "items": {
1260
+ "type": "object",
1261
+ "title": "Roadmap item",
1262
+ "required": ["description"],
1263
+ "properties": {
1264
+ "item": { "type": "string", "title": "Item title" },
1265
+ "description": { "type": "string", "title": "Description" },
1266
+ "priority": {
1267
+ "type": "string",
1268
+ "title": "Priority",
1269
+ "enum": ["high", "medium", "low"]
1270
+ },
1271
+ "target_version": { "type": "string", "title": "Target version" }
1272
+ }
1273
+ }
1274
+ },
1275
+ "deprecation_strategy": {
1276
+ "type": "string",
1277
+ "title": "Deprecation strategy",
1278
+ "description": "How this version will be deprecated when a successor is published, including migration guidance and transition timeline. Required for RA-REU-01 score 4."
1279
+ },
1280
+ "feedback_channel": {
1281
+ "type": "string",
1282
+ "title": "Feedback channel",
1283
+ "description": "Where adopting teams report issues or request changes. Example: 'GitHub Issues on ThomasRohde/EAROS', 'Slack #platform-architecture channel'. Required for RA-REU-01 score ≥ 3."
1284
+ },
1285
+ "migration_guidance": {
1286
+ "type": "string",
1287
+ "title": "Migration guidance",
1288
+ "description": "Guidance for teams migrating from a previous version of this reference architecture. Required for RA-REU-01 score 4 when breaking changes exist between versions."
1289
+ }
1290
+ }
1291
+ }
1292
+ }
1293
+ }
1294
+ }
1295
+ }