@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (418) hide show
  1. package/00-governance/governance-capabilities.md +557 -0
  2. package/00-governance/knowledge-map.md +39 -0
  3. package/00-governance/maintenance-policy.md +76 -0
  4. package/00-governance/review-checklist.md +81 -0
  5. package/README.md +13 -0
  6. package/ai/01-standards/agent-development-complete.md +691 -0
  7. package/ai/01-standards/llm-application-complete.md +488 -0
  8. package/ai/01-standards/mlops-complete.md +798 -0
  9. package/ai/01-standards/prompt-engineering-complete.md +646 -0
  10. package/ai/01-standards/rag-architecture-complete.md +649 -0
  11. package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
  12. package/ai/03-checklists/ai-project-checklist.md +215 -0
  13. package/ai/04-antipatterns/ai-antipatterns.md +661 -0
  14. package/ai/05-cases/case-rag-production.md +147 -0
  15. package/ai/06-glossary/ai-glossary.md +162 -0
  16. package/ai/agent-evaluation-benchmark.md +53 -0
  17. package/ai/ai-agent-memory-context-management.md +41 -0
  18. package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
  19. package/ai/ai-data-security-and-compliance-playbook.md +37 -0
  20. package/ai/ai-domain-index-and-checklist.md +40 -0
  21. package/ai/ai-governance-maturity-model.md +50 -0
  22. package/ai/ai-model-selection-and-routing-strategy.md +47 -0
  23. package/ai/ai-observability-and-oncall-runbook.md +52 -0
  24. package/ai/ai-rag-engineering-playbook.md +42 -0
  25. package/ai/ai-red-team-and-safety-evaluation.md +42 -0
  26. package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
  27. package/ai/llm-agent-engineering-deep-dive.md +57 -0
  28. package/ai/prompt-and-tool-guardrails.md +52 -0
  29. package/api/01-standards/enterprise-api-standards.md +198 -0
  30. package/api/01-standards/rest-api-design-guide.md +63 -0
  31. package/api/02-playbooks/api-pagination-playbook.md +93 -0
  32. package/api/02-playbooks/graphql-production-playbook.md +176 -0
  33. package/api/03-checklists/api-review-checklist.md +55 -0
  34. package/api/04-antipatterns/api-antipatterns.md +112 -0
  35. package/architecture/01-standards/api-gateway-patterns.md +496 -0
  36. package/architecture/01-standards/cloud-native-patterns.md +644 -0
  37. package/architecture/01-standards/distributed-systems-patterns.md +591 -0
  38. package/architecture/01-standards/event-driven-architecture.md +595 -0
  39. package/architecture/01-standards/microservices-patterns-complete.md +968 -0
  40. package/architecture/01-standards/microservices-patterns.md +495 -0
  41. package/architecture/01-standards/system-design-interview.md +664 -0
  42. package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
  43. package/architecture/02-playbooks/migration-playbook.md +780 -0
  44. package/architecture/02-playbooks/system-design-playbook.md +779 -0
  45. package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
  46. package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
  47. package/architecture/05-cases/case-netflix-microservices.md +413 -0
  48. package/architecture/06-glossary/architecture-glossary.md +164 -0
  49. package/architecture/adr-template-and-examples.md +38 -0
  50. package/architecture/api-gateway-deep-dive.md +1291 -0
  51. package/architecture/configuration-management.md +1162 -0
  52. package/architecture/distributed-transactions.md +1220 -0
  53. package/architecture/microservices-complete.md +735 -0
  54. package/architecture/resilience-and-disaster-patterns.md +37 -0
  55. package/architecture/service-governance.md +1198 -0
  56. package/architecture/system-architecture-deep-dive.md +37 -0
  57. package/backend/01-standards/analytics-and-growth.md +65 -0
  58. package/backend/01-standards/api-and-error-conventions.md +120 -0
  59. package/backend/01-standards/application-layering-and-packaging.md +160 -0
  60. package/backend/01-standards/auth-implementation.md +104 -0
  61. package/backend/01-standards/backend-framework-idioms.md +74 -0
  62. package/backend/01-standards/background-jobs-and-async.md +66 -0
  63. package/backend/01-standards/caching-strategies-complete.md +390 -0
  64. package/backend/01-standards/config-and-observability.md +77 -0
  65. package/backend/01-standards/data-modeling-and-persistence.md +94 -0
  66. package/backend/01-standards/django-complete.md +1765 -0
  67. package/backend/01-standards/email-and-notifications.md +64 -0
  68. package/backend/01-standards/fastapi-complete.md +925 -0
  69. package/backend/01-standards/file-upload-and-storage.md +66 -0
  70. package/backend/01-standards/graphql-api-complete.md +416 -0
  71. package/backend/01-standards/llm-application-standard.md +78 -0
  72. package/backend/01-standards/message-queue-patterns.md +379 -0
  73. package/backend/01-standards/microservices-and-distributed.md +78 -0
  74. package/backend/01-standards/nestjs-complete.md +2167 -0
  75. package/backend/01-standards/payment-integration.md +80 -0
  76. package/backend/01-standards/rate-limiting-complete.md +451 -0
  77. package/backend/01-standards/realtime-and-websocket.md +65 -0
  78. package/backend/01-standards/search-and-filtering.md +64 -0
  79. package/backend/01-standards/spring-boot-complete.md +445 -0
  80. package/backend/02-playbooks/api-design-playbook.md +718 -0
  81. package/backend/02-playbooks/email-send-playbook.md +130 -0
  82. package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
  83. package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
  84. package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
  85. package/backend/03-checklists/api-launch-checklist.md +189 -0
  86. package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
  87. package/blockchain/01-standards/blockchain-basics.md +557 -0
  88. package/blockchain/01-standards/smart-contract-development.md +1315 -0
  89. package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
  90. package/cicd/01-standards/github-actions-complete.md +473 -0
  91. package/cicd/01-standards/release-and-store-submission.md +75 -0
  92. package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
  93. package/cicd/02-playbooks/release-management-playbook.md +605 -0
  94. package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
  95. package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
  96. package/cicd/05-cases/case-deployment-automation.md +221 -0
  97. package/cicd/05-cases/case-gitops-transformation.md +212 -0
  98. package/cicd/06-glossary/cicd-glossary.md +114 -0
  99. package/cicd/cicd-blueprint-deep-dive.md +38 -0
  100. package/cicd/release-readiness-gate.md +37 -0
  101. package/cloud-native/01-standards/container-security.md +741 -0
  102. package/cloud-native/01-standards/kubernetes-complete.md +812 -0
  103. package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
  104. package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
  105. package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
  106. package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
  107. package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
  108. package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
  109. package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
  110. package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
  111. package/cloud-native/03-checklists/container-security-checklist.md +431 -0
  112. package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
  113. package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
  114. package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
  115. package/cloud-native/05-cases/case-k8s-migration.md +478 -0
  116. package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
  117. package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
  118. package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
  119. package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
  120. package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
  121. package/data/01-standards/elasticsearch-complete.md +2098 -0
  122. package/data/01-standards/postgresql-complete.md +1613 -0
  123. package/data/01-standards/redis-complete.md +1527 -0
  124. package/data/02-playbooks/database-optimization-playbook.md +403 -0
  125. package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
  126. package/data/03-checklists/database-launch-checklist.md +187 -0
  127. package/data/04-antipatterns/database-antipatterns.md +873 -0
  128. package/data/05-cases/case-database-migration.md +310 -0
  129. package/data/06-glossary/database-glossary.md +440 -0
  130. package/data/data-governance-and-modeling-deep-dive.md +39 -0
  131. package/data-engineering/01-standards/airflow-complete.md +523 -0
  132. package/data-engineering/01-standards/kafka-complete.md +1521 -0
  133. package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
  134. package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
  135. package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
  136. package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
  137. package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
  138. package/database/01-standards/database-schema-standards.md +147 -0
  139. package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
  140. package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
  141. package/database/02-playbooks/postgresql-production-playbook.md +146 -0
  142. package/database/02-playbooks/redis-caching-playbook.md +117 -0
  143. package/database/03-checklists/database-review-checklist.md +50 -0
  144. package/database/04-antipatterns/database-antipatterns.md +112 -0
  145. package/design/01-standards/ui-design-system-complete.md +423 -0
  146. package/design/02-playbooks/design-handoff-playbook.md +254 -0
  147. package/design/02-playbooks/design-review-playbook.md +388 -0
  148. package/design/03-checklists/design-review-checklist.md +246 -0
  149. package/design/04-antipatterns/design-antipatterns.md +378 -0
  150. package/design/05-cases/case-design-system-adoption.md +328 -0
  151. package/design/06-glossary/design-glossary.md +329 -0
  152. package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
  153. package/design/ux-system-deep-dive.md +38 -0
  154. package/design-systems/00-craft-rules.md +71 -0
  155. package/design-systems/aesthetic-families.md +43 -0
  156. package/design-systems/anti-ai-slop.md +162 -0
  157. package/design-systems/bold-geometric.md +120 -0
  158. package/design-systems/brutalist-bold.md +103 -0
  159. package/design-systems/editorial-clean.md +109 -0
  160. package/design-systems/glass-aurora.md +108 -0
  161. package/design-systems/modern-minimal.md +145 -0
  162. package/design-systems/premium-luxury.md +106 -0
  163. package/design-systems/product-type-design-map.md +48 -0
  164. package/design-systems/soft-warm.md +123 -0
  165. package/design-systems/tech-utility.md +113 -0
  166. package/desktop/01-standards/desktop-app-standard.md +72 -0
  167. package/desktop/01-standards/desktop-design.md +71 -0
  168. package/development/00-governance/document-template.md +41 -0
  169. package/development/01-standards/api-versioning-strategies.md +432 -0
  170. package/development/01-standards/authentication-patterns-complete.md +479 -0
  171. package/development/01-standards/css-architecture-complete.md +550 -0
  172. package/development/01-standards/database-migration-strategies.md +484 -0
  173. package/development/01-standards/elasticsearch-complete.md +347 -0
  174. package/development/01-standards/git-complete.md +371 -0
  175. package/development/01-standards/golang-complete.md +1565 -0
  176. package/development/01-standards/graphql-complete.md +298 -0
  177. package/development/01-standards/javascript-bundlers-complete.md +469 -0
  178. package/development/01-standards/javascript-typescript-complete.md +528 -0
  179. package/development/01-standards/jest-complete.md +275 -0
  180. package/development/01-standards/linux-complete.md +234 -0
  181. package/development/01-standards/logging-observability-complete.md +526 -0
  182. package/development/01-standards/microservices-communication.md +502 -0
  183. package/development/01-standards/mongodb-complete.md +406 -0
  184. package/development/01-standards/oauth2-complete.md +285 -0
  185. package/development/01-standards/performance-optimization-complete.md +289 -0
  186. package/development/01-standards/playwright-complete.md +247 -0
  187. package/development/01-standards/postgresql-complete.md +456 -0
  188. package/development/01-standards/pytest-complete.md +340 -0
  189. package/development/01-standards/python-async-programming.md +902 -0
  190. package/development/01-standards/python-complete.md +956 -0
  191. package/development/01-standards/python-decorators-complete.md +799 -0
  192. package/development/01-standards/python-design-patterns.md +2854 -0
  193. package/development/01-standards/python-packaging-distribution.md +420 -0
  194. package/development/01-standards/python-testing-strategies.md +607 -0
  195. package/development/01-standards/python-web-frameworks-comparison.md +471 -0
  196. package/development/01-standards/redis-complete.md +317 -0
  197. package/development/01-standards/rest-api-complete.md +316 -0
  198. package/development/01-standards/rust-complete.md +578 -0
  199. package/development/01-standards/typescript-advanced-types.md +1513 -0
  200. package/development/01-standards/web-security-complete.md +292 -0
  201. package/development/02-playbooks/api-design-playbook.md +810 -0
  202. package/development/02-playbooks/database-migration-playbook.md +580 -0
  203. package/development/02-playbooks/debugging-playbook.md +692 -0
  204. package/development/02-playbooks/feature-delivery-playbook.md +430 -0
  205. package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
  206. package/development/02-playbooks/performance-optimization-playbook.md +531 -0
  207. package/development/02-playbooks/performance-tuning-playbook.md +652 -0
  208. package/development/02-playbooks/refactor-playbook.md +403 -0
  209. package/development/02-playbooks/release-playbook.md +469 -0
  210. package/development/03-checklists/architecture-review-checklist.md +168 -0
  211. package/development/03-checklists/data-migration-checklist.md +157 -0
  212. package/development/03-checklists/oncall-handover-checklist.md +173 -0
  213. package/development/03-checklists/pr-checklist.md +158 -0
  214. package/development/03-checklists/production-readiness-checklist.md +190 -0
  215. package/development/03-checklists/release-readiness-checklist.md +154 -0
  216. package/development/03-checklists/security-review-checklist.md +182 -0
  217. package/development/04-antipatterns/api-antipatterns.md +657 -0
  218. package/development/04-antipatterns/architecture-antipatterns.md +686 -0
  219. package/development/04-antipatterns/backend-antipatterns.md +648 -0
  220. package/development/04-antipatterns/cicd-antipatterns.md +540 -0
  221. package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
  222. package/development/04-antipatterns/data-antipatterns.md +658 -0
  223. package/development/04-antipatterns/database-antipatterns.md +578 -0
  224. package/development/04-antipatterns/frontend-antipatterns.md +635 -0
  225. package/development/04-antipatterns/reliability-antipatterns.md +700 -0
  226. package/development/04-antipatterns/security-antipatterns.md +747 -0
  227. package/development/05-cases/case-api-version-migration.md +428 -0
  228. package/development/05-cases/case-authorization-hardening.md +383 -0
  229. package/development/05-cases/case-bluegreen-rollback.md +466 -0
  230. package/development/05-cases/case-cache-snowball-protection.md +485 -0
  231. package/development/05-cases/case-ci-cd-pipeline.md +544 -0
  232. package/development/05-cases/case-database-scaling.md +500 -0
  233. package/development/05-cases/case-db-hotspot-optimization.md +487 -0
  234. package/development/05-cases/case-incident-mttr-reduction.md +563 -0
  235. package/development/05-cases/case-microservice-migration.md +375 -0
  236. package/development/05-cases/case-performance-optimization.md +406 -0
  237. package/development/05-cases/case-security-incident-response.md +345 -0
  238. package/development/06-glossary/full-stack-glossary.md +166 -0
  239. package/development/09-maturity/quarterly-audit-template.md +35 -0
  240. package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
  241. package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
  242. package/development/12-scenarios/development-scenarios-guide.md +565 -0
  243. package/development/13-implementation-assets/implementation-toolkit.md +282 -0
  244. package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
  245. package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
  246. package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
  247. package/development/api-contract-and-versioning-guide.md +36 -0
  248. package/development/api-governance-complete.md +43 -0
  249. package/development/backend-engineering-complete.md +43 -0
  250. package/development/code-review-quality-complete.md +43 -0
  251. package/development/concurrency-reliability-complete.md +43 -0
  252. package/development/database-engineering-complete.md +43 -0
  253. package/development/engineering-effectiveness-complete.md +43 -0
  254. package/development/engineering-standards-deep-dive.md +38 -0
  255. package/development/frontend-engineering-complete.md +43 -0
  256. package/development/performance-capacity-complete.md +43 -0
  257. package/development/refactor-migration-complete.md +42 -0
  258. package/development/refactoring-and-techdebt-playbook.md +37 -0
  259. package/development/security-in-development-complete.md +43 -0
  260. package/devops/01-standards/cicd-pipeline-complete.md +262 -0
  261. package/devops/01-standards/docker-complete.md +1490 -0
  262. package/devops/01-standards/github-actions-complete.md +337 -0
  263. package/devops/01-standards/kubernetes-complete.md +638 -0
  264. package/devops/01-standards/terraform-complete.md +2117 -0
  265. package/devops/02-playbooks/docker-compose-playbook.md +233 -0
  266. package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
  267. package/devops/02-playbooks/docker-production-playbook.md +952 -0
  268. package/edge-iot/01-standards/edge-iot-complete.md +473 -0
  269. package/experts/architect/api-design.md +178 -0
  270. package/experts/architect/methodology.md +124 -0
  271. package/experts/architect/security.md +75 -0
  272. package/experts/backend-lead/methodology.md +216 -0
  273. package/experts/devops/methodology.md +160 -0
  274. package/experts/frontend-lead/methodology.md +178 -0
  275. package/experts/product-manager/industry/ecommerce.md +43 -0
  276. package/experts/product-manager/industry/saas.md +40 -0
  277. package/experts/product-manager/methodology.md +97 -0
  278. package/experts/qa-lead/methodology.md +123 -0
  279. package/experts/qa-lead/test-strategy.md +128 -0
  280. package/experts/uiux-designer/methodology.md +125 -0
  281. package/frontend/01-standards/accessibility-complete.md +532 -0
  282. package/frontend/01-standards/accessibility-standard.md +74 -0
  283. package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
  284. package/frontend/01-standards/design-tokens-complete.md +444 -0
  285. package/frontend/01-standards/forms-and-validation.md +77 -0
  286. package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
  287. package/frontend/01-standards/i18n-and-localization.md +65 -0
  288. package/frontend/01-standards/nextjs-complete.md +451 -0
  289. package/frontend/01-standards/react-complete.md +713 -0
  290. package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
  291. package/frontend/01-standards/react-hooks-complete.md +1171 -0
  292. package/frontend/01-standards/seo-and-web-vitals.md +77 -0
  293. package/frontend/01-standards/state-management-complete.md +444 -0
  294. package/frontend/01-standards/vue-complete.md +499 -0
  295. package/frontend/01-standards/vue3-complete.md +2002 -0
  296. package/frontend/01-standards/web-framework-best-practices.md +64 -0
  297. package/frontend/01-standards/web-performance-complete.md +495 -0
  298. package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
  299. package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
  300. package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
  301. package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
  302. package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
  303. package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
  304. package/frontend/03-checklists/component-quality-checklist.md +166 -0
  305. package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
  306. package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
  307. package/frontend/05-cases/case-performance-optimization.md +274 -0
  308. package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
  309. package/harmony/01-standards/harmonyos-design.md +65 -0
  310. package/high-quality-engineering-playbook.md +54 -0
  311. package/incident/01-standards/incident-response-complete.md +303 -0
  312. package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
  313. package/incident/02-playbooks/postmortem-playbook.md +398 -0
  314. package/incident/03-checklists/incident-readiness-checklist.md +181 -0
  315. package/incident/04-antipatterns/incident-antipatterns.md +490 -0
  316. package/incident/05-cases/case-cascade-failure.md +176 -0
  317. package/incident/06-glossary/incident-glossary.md +114 -0
  318. package/incident/postmortem-and-response-deep-dive.md +39 -0
  319. package/industries/ecommerce/ecommerce-complete.md +631 -0
  320. package/industries/education/education-complete.md +555 -0
  321. package/industries/fintech/fintech-complete.md +501 -0
  322. package/industries/gaming/gaming-complete.md +587 -0
  323. package/industries/healthcare/healthcare-complete.md +452 -0
  324. package/low-code/01-standards/low-code-complete.md +944 -0
  325. package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
  326. package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
  327. package/miniprogram/01-standards/miniprogram-design.md +61 -0
  328. package/miniprogram/01-standards/miniprogram-standard.md +81 -0
  329. package/mobile/01-standards/android-material-design.md +70 -0
  330. package/mobile/01-standards/flutter-complete.md +384 -0
  331. package/mobile/01-standards/ios-design-hig.md +78 -0
  332. package/mobile/01-standards/mobile-app-standard.md +85 -0
  333. package/mobile/01-standards/react-native-complete.md +352 -0
  334. package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
  335. package/mobile/02-playbooks/mobile-performance.md +473 -0
  336. package/mobile/03-checklists/mobile-release-checklist.md +234 -0
  337. package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
  338. package/mobile/05-cases/case-app-performance.md +500 -0
  339. package/mobile/05-cases/case-app-startup-optimization.md +218 -0
  340. package/mobile/06-glossary/mobile-glossary.md +484 -0
  341. package/observability/01-standards/observability-standards.md +103 -0
  342. package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
  343. package/observability/02-playbooks/structured-logging-playbook.md +73 -0
  344. package/observability/03-checklists/observability-checklist.md +54 -0
  345. package/observability/04-antipatterns/observability-antipatterns.md +106 -0
  346. package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
  347. package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
  348. package/operations/03-checklists/production-launch-checklist.md +365 -0
  349. package/operations/04-antipatterns/operations-antipatterns.md +664 -0
  350. package/operations/05-cases/case-sre-practices.md +581 -0
  351. package/operations/06-glossary/operations-glossary.md +120 -0
  352. package/operations/aiops-anomaly-detection.md +758 -0
  353. package/operations/capacity-planning.md +1061 -0
  354. package/operations/chaos-engineering.md +659 -0
  355. package/operations/incident-command-system.md +38 -0
  356. package/operations/observability-complete.md +442 -0
  357. package/operations/slo-sli-playbook.md +517 -0
  358. package/operations/sre-operations-deep-dive.md +39 -0
  359. package/package.json +8 -0
  360. package/performance/01-standards/performance-and-scalability.md +80 -0
  361. package/performance/01-standards/performance-standards.md +156 -0
  362. package/performance/02-playbooks/query-optimization-playbook.md +103 -0
  363. package/performance/03-checklists/performance-checklist.md +56 -0
  364. package/performance/04-antipatterns/performance-antipatterns.md +146 -0
  365. package/product/01-standards/product-management-complete.md +285 -0
  366. package/product/02-playbooks/feature-launch-playbook.md +207 -0
  367. package/product/02-playbooks/user-research-playbook.md +532 -0
  368. package/product/03-checklists/feature-launch-checklist.md +275 -0
  369. package/product/04-antipatterns/product-antipatterns.md +355 -0
  370. package/product/05-cases/case-mvp-to-scale.md +384 -0
  371. package/product/06-glossary/product-glossary.md +462 -0
  372. package/product/feature-prioritization-framework.md +40 -0
  373. package/product/kpi-and-metric-tree.md +37 -0
  374. package/product/product-discovery-and-prd-deep-dive.md +41 -0
  375. package/quantum/01-standards/quantum-complete.md +1186 -0
  376. package/security/01-standards/api-security-complete.md +511 -0
  377. package/security/01-standards/container-runtime-security.md +574 -0
  378. package/security/01-standards/data-protection-gdpr.md +543 -0
  379. package/security/01-standards/owasp-top10-complete.md +1890 -0
  380. package/security/01-standards/secure-coding-baseline.md +90 -0
  381. package/security/01-standards/supply-chain-security.md +441 -0
  382. package/security/01-standards/web-security-checklist.md +108 -0
  383. package/security/01-standards/zero-trust-architecture.md +521 -0
  384. package/security/02-playbooks/auth-sso-playbook.md +166 -0
  385. package/security/02-playbooks/incident-response-security-playbook.md +588 -0
  386. package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
  387. package/security/02-playbooks/payment-integration-playbook.md +119 -0
  388. package/security/02-playbooks/penetration-testing-playbook.md +517 -0
  389. package/security/03-checklists/security-audit-checklist.md +356 -0
  390. package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
  391. package/security/05-cases/case-log4shell-incident.md +537 -0
  392. package/security/05-cases/case-major-breaches.md +468 -0
  393. package/security/06-glossary/security-glossary.md +212 -0
  394. package/security/compliance-automation.md +993 -0
  395. package/security/container-security.md +680 -0
  396. package/security/devsecops-complete.md +426 -0
  397. package/security/sast-dast-sca.md +775 -0
  398. package/security/secrets-management.md +594 -0
  399. package/security/security-architecture-deep-dive.md +37 -0
  400. package/security/threat-modeling-stride-playbook.md +40 -0
  401. package/seed-templates/auth-system.md +59 -0
  402. package/seed-templates/blog-content.md +94 -0
  403. package/seed-templates/dashboard.md +89 -0
  404. package/seed-templates/docs-site.md +73 -0
  405. package/seed-templates/e-commerce.md +50 -0
  406. package/seed-templates/saas-landing.md +92 -0
  407. package/seed-templates/settings-page.md +51 -0
  408. package/testing/01-standards/test-strategy-and-layering.md +83 -0
  409. package/testing/01-standards/testing-strategy-complete.md +422 -0
  410. package/testing/01-standards/unit-testing-best-practices.md +118 -0
  411. package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
  412. package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
  413. package/testing/03-checklists/test-strategy-checklist.md +208 -0
  414. package/testing/04-antipatterns/testing-antipatterns.md +718 -0
  415. package/testing/05-cases/case-testing-transformation.md +300 -0
  416. package/testing/06-glossary/testing-glossary.md +110 -0
  417. package/testing/risk-based-test-matrix.md +36 -0
  418. package/testing/testing-strategy-deep-dive.md +37 -0
package/development/04-antipatterns/cicd-antipatterns.md ADDED
@@ -0,0 +1,540 @@
1
+ ---
2
+ id: cicd-antipatterns
3
+ title: CI/CD 反模式指南
4
+ domain: development
5
+ category: 04-antipatterns
6
+ difficulty: intermediate
7
+ tags: [agent, antipatterns, artifacts, canary, checklist, cicd, development, drift]
8
+ quality_score: 70
9
+ last_updated: 2026-06-15
10
+ ---
11
+ # CI/CD 反模式指南
12
+
13
+ > 适用范围:GitHub Actions / GitLab CI / Jenkins / Azure Pipelines
14
+ > 约束级别:SHALL(必须在 Pipeline 配置审查阶段拦截)
15
+
16
+ ---
17
+
18
+ ## 1. 无质量门禁直接发布(Skipping Quality Gates)
19
+
20
+ ### 描述
21
+ CI 流水线只做构建(build),不做测试、Lint、安全扫描就直接进入部署阶段。或者质量检查存在但设置为 `allow_failure: true`,实际不阻断。等同于不设防,任何有缺陷的代码都能进入生产环境。
22
+
23
+ ### 错误示例
24
+ ```yaml
25
+ # GitHub Actions -- 构建成功就部署
26
+ name: Deploy
27
+ on:
28
+ push:
29
+ branches: [main]
30
+ jobs:
31
+ deploy:
32
+ runs-on: ubuntu-latest
33
+ steps:
34
+ - uses: actions/checkout@v4
35
+ - run: npm install
36
+ - run: npm run build
37
+ - run: ./deploy.sh production # 直接部署,无测试
38
+
39
+ # GitLab CI -- 安全扫描不阻断
40
+ security_scan:
41
+ script: trivy image myapp:latest
42
+ allow_failure: true # 扫出漏洞也不阻断
43
+
44
+ test:
45
+ script: pytest
46
+ allow_failure: true # 测试失败也不阻断
47
+ ```
48
+
49
+ ### 正确示例
50
+ ```yaml
51
+ name: CI/CD Pipeline
52
+ on:
53
+ push:
54
+ branches: [main]
55
+ pull_request:
56
+ branches: [main]
57
+
58
+ jobs:
59
+ lint:
60
+ runs-on: ubuntu-latest
61
+ steps:
62
+ - uses: actions/checkout@v4
63
+ - run: npm run lint
64
+ - run: npm run type-check
65
+
66
+ test:
67
+ runs-on: ubuntu-latest
68
+ needs: [lint]
69
+ steps:
70
+ - uses: actions/checkout@v4
71
+ - run: npm test -- --coverage
72
+ - name: Check coverage threshold
73
+ run: |
74
+ COVERAGE=$(jq '.total.lines.pct' coverage/coverage-summary.json)
75
+ if (( $(echo "$COVERAGE < 80" | bc -l) )); then
76
+ echo "Coverage $COVERAGE% is below 80% threshold"
77
+ exit 1
78
+ fi
79
+
80
+ security:
81
+ runs-on: ubuntu-latest
82
+ needs: [lint]
83
+ steps:
84
+ - uses: actions/checkout@v4
85
+ - name: Dependency audit
86
+ run: npm audit --audit-level=high
87
+ - name: SAST scan
88
+ run: semgrep --config auto --error # 发现问题则失败
89
+ - name: Secret scan
90
+ run: gitleaks detect --source . --verbose
91
+
92
+ deploy:
93
+ runs-on: ubuntu-latest
94
+ needs: [test, security] # 必须全部通过才能部署
95
+ if: github.ref == 'refs/heads/main'
96
+ steps:
97
+ - run: ./deploy.sh production
98
+ ```
99
+
100
+ ### 检测方法
101
+ - 部署 Job 无 `needs` 依赖测试和安全 Job。
102
+ - 存在 `allow_failure: true` 的关键检查步骤。
103
+ - CI 配置中无 `test` / `lint` / `security` 阶段。
104
+ - `git log` 中存在直接 push 到 main 分支(无 PR、无 CI)。
105
+
106
+ ### 修复步骤
107
+ 1. CI 流水线添加 lint -> test -> security -> deploy 四个阶段。
108
+ 2. deploy 阶段必须依赖前三个阶段全部通过。
109
+ 3. 删除所有 `allow_failure: true`,改为硬性阻断。
110
+ 4. 设置分支保护规则,禁止直接 push 到 main。
111
+ 5. 设置测试覆盖率阈值(>= 80%)和安全扫描零高危。
112
+
113
+ ### Agent Checklist
114
+ - [ ] 部署依赖 lint + test + security 全部通过
115
+ - [ ] 无 `allow_failure: true` 的关键检查
116
+ - [ ] main 分支有分支保护规则
117
+ - [ ] 测试覆盖率 >= 80%
118
+ - [ ] 安全扫描零高危漏洞
119
+
120
+ ---
121
+
122
+ ## 2. 无灰度发布与回滚机制(Missing Canary and Rollback)
123
+
124
+ ### 描述
125
+ 发布直接全量切换到新版本,没有灰度(Canary)或蓝绿部署策略。如果新版本存在 Bug,100% 的用户立即受影响。且没有自动化的回滚机制,需要人工操作恢复。
126
+
127
+ ### 错误示例
128
+ ```yaml
129
+ # 直接全量发布
130
+ deploy:
131
+ script:
132
+ - kubectl set image deployment/myapp myapp=myapp:$TAG
133
+ # 没有灰度
134
+ # 没有健康检查
135
+ # 没有回滚条件
136
+
137
+ # 手动回滚
138
+ # "发现问题了!快回滚!"
139
+ # "上一个版本号是什么来着?"
140
+ # kubectl set image deployment/myapp myapp=myapp:???
141
+ ```
142
+
143
+ ### 正确示例
144
+ ```yaml
145
+ # 灰度发布 + 自动回滚
146
+ deploy_canary:
147
+ script:
148
+ # 1. 灰度 10% 流量
149
+ - kubectl apply -f canary-deployment.yaml # 1 个 Pod
150
+ - echo "Canary deployed, monitoring for 5 minutes..."
151
+
152
+ # 2. 健康检查
153
+ - |
154
+ for i in $(seq 1 30); do
155
+ ERROR_RATE=$(curl -s "$METRICS_URL/error_rate?version=$TAG")
156
+ LATENCY_P99=$(curl -s "$METRICS_URL/latency_p99?version=$TAG")
157
+
158
+ if (( $(echo "$ERROR_RATE > 1.0" | bc -l) )); then
159
+ echo "Error rate $ERROR_RATE% exceeds 1% threshold"
160
+ kubectl rollout undo deployment/myapp-canary
161
+ exit 1
162
+ fi
163
+
164
+ if (( $(echo "$LATENCY_P99 > 500" | bc -l) )); then
165
+ echo "P99 latency ${LATENCY_P99}ms exceeds 500ms threshold"
166
+ kubectl rollout undo deployment/myapp-canary
167
+ exit 1
168
+ fi
169
+
170
+ sleep 10
171
+ done
172
+
173
+ # 3. 灰度通过,全量发布
174
+ - kubectl set image deployment/myapp myapp=myapp:$TAG
175
+ - kubectl rollout status deployment/myapp --timeout=300s
176
+
177
+ on_failure:
178
+ - kubectl rollout undo deployment/myapp
179
+ - slack-notify "Deployment $TAG rolled back due to failure"
180
+ ```
181
+
182
+ ```python
183
+ # 自动回滚脚本
184
+ import subprocess
185
+ import requests
186
+ import time
187
+
188
+ def deploy_with_canary(tag: str, metrics_url: str):
189
+ # 部署 Canary
190
+ subprocess.run(["kubectl", "set", "image", "deployment/myapp-canary", f"myapp=myapp:{tag}"])
191
+
192
+ # 监控 5 分钟
193
+ for _ in range(30):
194
+ metrics = requests.get(f"{metrics_url}/canary").json()
195
+ if metrics["error_rate"] > 1.0 or metrics["p99_latency_ms"] > 500:
196
+ print(f"Canary unhealthy: {metrics}")
197
+ subprocess.run(["kubectl", "rollout", "undo", "deployment/myapp-canary"])
198
+ raise DeploymentError("Canary check failed, rolled back")
199
+ time.sleep(10)
200
+
201
+ # 全量发布
202
+ subprocess.run(["kubectl", "set", "image", "deployment/myapp", f"myapp=myapp:{tag}"])
203
+ subprocess.run(["kubectl", "rollout", "status", "deployment/myapp", "--timeout=300s"])
204
+ ```
205
+
206
+ ### 检测方法
207
+ - 部署脚本中无灰度策略(Canary / 蓝绿 / Rolling)。
208
+ - 无部署后的健康检查(HTTP health endpoint / 错误率监控)。
209
+ - 无自动回滚条件和脚本。
210
+ - 回滚需要人工查找上一个版本号。
211
+
212
+ ### 修复步骤
213
+ 1. 实现灰度部署:先部署 1 个 Canary Pod(10% 流量)。
214
+ 2. 定义健康指标和阈值:错误率 < 1%、P99 延迟 < 500ms。
215
+ 3. 灰度期间持续监控,超过阈值自动回滚。
216
+ 4. 灰度通过后全量发布,并监控全量阶段。
217
+ 5. 记录每次部署的版本号和制品 SHA,支持一键回滚。
218
+
219
+ ### Agent Checklist
220
+ - [ ] 发布使用灰度策略(不直接全量)
221
+ - [ ] 部署后有健康检查(错误率 + 延迟)
222
+ - [ ] 超过阈值自动回滚
223
+ - [ ] 支持一键回滚到上一个版本
224
+ - [ ] 部署事件有通知(Slack / 钉钉)
225
+
226
+ ---
227
+
228
+ ## 3. 制品不可追溯(Untraceable Artifacts)
229
+
230
+ ### 描述
231
+ 构建产物(Docker 镜像、JAR 包、npm 包)无法追溯到对应的 Git commit、构建环境和依赖版本。出现线上问题时,无法确定当前运行的是哪个版本的代码。
232
+
233
+ ### 错误示例
234
+ ```dockerfile
235
+ # Docker 镜像无版本标签
236
+ FROM python:3.11
237
+ COPY . /app
238
+ # docker build -t myapp .
239
+ # docker push myapp:latest -- 永远是 latest,无法区分版本
240
+ ```
241
+
242
+ ```yaml
243
+ # CI 不记录构建信息
244
+ build:
245
+ script:
246
+ - docker build -t myapp .
247
+ - docker push myapp:latest
248
+ ```
249
+
250
+ ### 正确示例
251
+ ```dockerfile
252
+ # Dockerfile 嵌入构建信息
253
+ FROM python:3.11-slim
254
+
255
+ ARG GIT_COMMIT
256
+ ARG BUILD_DATE
257
+ ARG VERSION
258
+
259
+ LABEL org.opencontainers.image.revision=$GIT_COMMIT
260
+ LABEL org.opencontainers.image.created=$BUILD_DATE
261
+ LABEL org.opencontainers.image.version=$VERSION
262
+
263
+ COPY . /app
264
+ WORKDIR /app
265
+ RUN pip install --no-cache-dir -r requirements.txt
266
+
267
+ # 将版本信息写入文件,API 可返回
268
+ RUN echo "{\"version\": \"$VERSION\", \"commit\": \"$GIT_COMMIT\", \"built_at\": \"$BUILD_DATE\"}" > /app/build-info.json
269
+ ```
270
+
271
+ ```yaml
272
+ # CI 记录完整的构建溯源
273
+ build:
274
+ script:
275
+ - export GIT_COMMIT=$(git rev-parse HEAD)
276
+ - export GIT_SHORT=$(git rev-parse --short HEAD)
277
+ - export BUILD_DATE=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
278
+ - export VERSION="1.2.3-${GIT_SHORT}"
279
+
280
+ - docker build
281
+ --build-arg GIT_COMMIT=$GIT_COMMIT
282
+ --build-arg BUILD_DATE=$BUILD_DATE
283
+ --build-arg VERSION=$VERSION
284
+ -t myapp:$VERSION
285
+ -t myapp:$GIT_SHORT
286
+ -t myapp:latest
287
+ .
288
+
289
+ - docker push myapp:$VERSION
290
+ - docker push myapp:$GIT_SHORT
291
+
292
+ # 记录构建信息到部署追踪系统
293
+ - |
294
+ curl -X POST "$DEPLOY_TRACKER_URL/builds" -H "Content-Type: application/json" -d "{
295
+ \"service\": \"myapp\",
296
+ \"version\": \"$VERSION\",
297
+ \"commit\": \"$GIT_COMMIT\",
298
+ \"branch\": \"$CI_COMMIT_BRANCH\",
299
+ \"built_at\": \"$BUILD_DATE\",
300
+ \"pipeline_url\": \"$CI_PIPELINE_URL\"
301
+ }"
302
+ ```
303
+
304
+ ```python
305
+ # 应用暴露版本信息 API
306
+ @app.get("/health")
307
+ def health():
308
+ build_info = json.loads(open("build-info.json").read())
309
+ return {
310
+ "status": "healthy",
311
+ "version": build_info["version"],
312
+ "commit": build_info["commit"],
313
+ "built_at": build_info["built_at"],
314
+ }
315
+ ```
316
+
317
+ ### 检测方法
318
+ - Docker 镜像只有 `latest` 标签。
319
+ - 无 `/health` 或 `/version` API 返回版本信息。
320
+ - 线上出问题时无法确定运行的代码版本。
321
+ - 构建日志无 Git commit SHA。
322
+
323
+ ### 修复步骤
324
+ 1. Docker 镜像使用 `版本号-短 commit SHA` 作为标签。
325
+ 2. 在镜像中嵌入 `build-info.json`,包含 commit、版本、构建时间。
326
+ 3. 暴露 `/health` API 返回版本信息。
327
+ 4. CI 流水线记录构建元数据到追踪系统。
328
+ 5. 部署工具记录 "哪个版本部署到了哪个环境"。
329
+
330
+ ### Agent Checklist
331
+ - [ ] Docker 镜像有语义化版本标签
332
+ - [ ] 镜像不使用裸 `latest` 标签发布
333
+ - [ ] 应用有 `/health` API 返回版本信息
334
+ - [ ] 构建元数据包含 Git commit SHA
335
+ - [ ] 可追溯任意时刻各环境运行的版本
336
+
337
+ ---
338
+
339
+ ## 4. 环境不一致(Environment Drift)
340
+
341
+ ### 描述
342
+ 开发、测试、预发、生产环境的配置和基础设施不一致。"在我机器上能跑"但上线就出问题。常见原因:手动配置环境、不同环境使用不同的依赖版本、基础设施配置未版本化。
343
+
344
+ ### 错误示例
345
+ ```
346
+ # 各环境手动安装依赖,版本可能不同
347
+ # 开发:Node 18.17.0 + npm 9.6.7
348
+ # 测试:Node 18.19.0 + npm 10.2.3
349
+ # 生产:Node 20.10.0 + npm 10.1.0 -- 版本都不同
350
+
351
+ # 手动修改生产环境配置
352
+ ssh production-server
353
+ vi /etc/nginx/nginx.conf # 直接改,不入版本控制
354
+ systemctl restart nginx
355
+ ```
356
+
357
+ ### 正确示例
358
+ ```dockerfile
359
+ # 所有环境使用相同的 Docker 镜像
360
+ FROM node:18.19.0-slim AS base
361
+ WORKDIR /app
362
+
363
+ FROM base AS deps
364
+ COPY package.json package-lock.json ./
365
+ RUN npm ci --production # 确定性安装
366
+
367
+ FROM base AS build
368
+ COPY --from=deps /app/node_modules ./node_modules
369
+ COPY . .
370
+ RUN npm run build
371
+
372
+ FROM base AS runtime
373
+ COPY --from=build /app/dist ./dist
374
+ COPY --from=deps /app/node_modules ./node_modules
375
+ CMD ["node", "dist/main.js"]
376
+ ```
377
+
378
+ ```yaml
379
+ # 基础设施即代码 (IaC) -- Terraform
380
+ resource "aws_ecs_service" "myapp" {
381
+ name = "myapp-${var.environment}"
382
+ cluster = aws_ecs_cluster.main.id
383
+ task_definition = aws_ecs_task_definition.myapp.arn
384
+ desired_count = var.environment == "production" ? 3 : 1
385
+
386
+ # 所有环境使用相同的任务定义,只是副本数不同
387
+ }
388
+
389
+ # 差异只在环境变量,通过配置管理
390
+ resource "aws_ssm_parameter" "db_url" {
391
+ name = "/${var.environment}/myapp/database_url"
392
+ type = "SecureString"
393
+ value = var.database_url
394
+ }
395
+ ```
396
+
397
+ ### 检测方法
398
+ - 部署文档包含手动 SSH 操作步骤。
399
+ - 各环境的 Dockerfile 或基础设施配置不同。
400
+ - `package-lock.json` / `poetry.lock` 未提交到版本控制。
401
+ - 线上出现的 Bug 在开发环境无法复现。
402
+
403
+ ### 修复步骤
404
+ 1. 所有环境使用相同的 Docker 镜像(通过环境变量配置差异)。
405
+ 2. 基础设施使用 IaC(Terraform / Pulumi / CDK)管理,入版本控制。
406
+ 3. 依赖锁文件(`package-lock.json`、`poetry.lock`)必须提交。
407
+ 4. 使用 `npm ci`(而非 `npm install`)确保确定性安装。
408
+ 5. 禁止手动 SSH 修改生产环境配置。
409
+
410
+ ### Agent Checklist
411
+ - [ ] 所有环境使用相同的 Docker 镜像
412
+ - [ ] 基础设施配置使用 IaC 并入版本控制
413
+ - [ ] 依赖锁文件已提交
414
+ - [ ] 使用 `npm ci` / `pip install -r requirements.txt` 确定性安装
415
+ - [ ] 无手动 SSH 操作流程
416
+
417
+ ---
418
+
419
+ ## 5. 流水线过慢(Slow Pipeline)
420
+
421
+ ### 描述
422
+ CI 流水线执行时间过长(> 30 分钟),开发者不愿等待,开始绕过 CI 直接部署,或者批量合并变更导致问题难以定位。
423
+
424
+ ### 错误示例
425
+ ```yaml
426
+ # 串行执行所有步骤 -- 总耗时 40 分钟
427
+ pipeline:
428
+ steps:
429
+ - name: Install
430
+ run: npm install # 5 min(无缓存)
431
+ - name: Lint
432
+ run: npm run lint # 3 min
433
+ - name: Type check
434
+ run: npm run type-check # 3 min
435
+ - name: Unit tests
436
+ run: npm test # 10 min
437
+ - name: E2E tests
438
+ run: npm run e2e # 15 min(串行执行所有场景)
439
+ - name: Build
440
+ run: npm run build # 5 min
441
+ # 总计:41 分钟
442
+ ```
443
+
444
+ ### 正确示例
445
+ ```yaml
446
+ # 并行执行 + 缓存 + 分层 -- 总耗时 15 分钟
447
+ name: CI
448
+
449
+ on: [push, pull_request]
450
+
451
+ jobs:
452
+ # 第一层:快速检查(并行,3 分钟)
453
+ lint:
454
+ runs-on: ubuntu-latest
455
+ steps:
456
+ - uses: actions/checkout@v4
457
+ - uses: actions/setup-node@v4
458
+ with:
459
+ node-version: 18
460
+ cache: "npm" # 依赖缓存
461
+ - run: npm ci
462
+ - run: npm run lint
463
+
464
+ type-check:
465
+ runs-on: ubuntu-latest
466
+ steps:
467
+ - uses: actions/checkout@v4
468
+ - uses: actions/setup-node@v4
469
+ with: { node-version: 18, cache: "npm" }
470
+ - run: npm ci
471
+ - run: npm run type-check
472
+
473
+ # 第二层:测试(并行分片,10 分钟)
474
+ unit-test:
475
+ needs: [lint, type-check]
476
+ runs-on: ubuntu-latest
477
+ strategy:
478
+ matrix:
479
+ shard: [1, 2, 3, 4] # 4 个分片并行
480
+ steps:
481
+ - uses: actions/checkout@v4
482
+ - uses: actions/setup-node@v4
483
+ with: { node-version: 18, cache: "npm" }
484
+ - run: npm ci
485
+ - run: npm test -- --shard=${{ matrix.shard }}/4
486
+
487
+ e2e-test:
488
+ needs: [lint, type-check]
489
+ runs-on: ubuntu-latest
490
+ strategy:
491
+ matrix:
492
+ browser: [chromium, firefox] # 并行浏览器
493
+ steps:
494
+ - uses: actions/checkout@v4
495
+ - run: npm ci
496
+ - run: npx playwright test --project=${{ matrix.browser }}
497
+
498
+ # 第三层:构建 + 部署
499
+ deploy:
500
+ needs: [unit-test, e2e-test]
501
+ if: github.ref == 'refs/heads/main'
502
+ runs-on: ubuntu-latest
503
+ steps:
504
+ - run: npm run build
505
+ - run: ./deploy.sh
506
+ ```
507
+
508
+ ### 检测方法
509
+ - CI 流水线平均执行时间 > 15 分钟。
510
+ - 所有步骤串行执行(无并行 Job)。
511
+ - `npm install` 每次重新下载(无缓存)。
512
+ - 开发者频繁绕过 CI 直接 merge。
513
+
514
+ ### 修复步骤
515
+ 1. 将独立步骤并行化(lint / type-check / security 可同时执行)。
516
+ 2. 启用依赖缓存(`actions/cache` / `cache: npm`)。
517
+ 3. 测试分片执行(`--shard=1/4`)。
518
+ 4. 将 E2E 测试按场景分组并行。
519
+ 5. 目标:CI 总耗时 < 15 分钟。
520
+
521
+ ### Agent Checklist
522
+ - [ ] CI 总耗时 < 15 分钟
523
+ - [ ] 独立步骤并行执行
524
+ - [ ] 依赖安装有缓存
525
+ - [ ] 测试有分片策略
526
+ - [ ] 无开发者绕过 CI 的情况
527
+
528
+ ---
529
+
530
+ ## 全局 Agent Checklist
531
+
532
+ | 检查项 | 阈值 | 工具 |
533
+ |--------|------|------|
534
+ | 质量门禁覆盖 | lint + test + security | CI 配置审查 |
535
+ | `allow_failure` 滥用 | 0 处 | CI 配置审查 |
536
+ | 灰度发布 | 必须有 | 部署配置审查 |
537
+ | 自动回滚 | 必须有 | 部署配置审查 |
538
+ | 制品可追溯 | commit SHA + 版本号 | `/health` API |
539
+ | 环境一致性 | Docker + IaC | 架构审查 |
540
+ | CI 总耗时 | < 15 分钟 | CI 监控 |