npm - @umacloud/knowledge - Versions diffs - 1.0.1 - Mend

@umacloud/knowledge 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (418) hide show

package/00-governance/governance-capabilities.md +557 -0
package/00-governance/knowledge-map.md +39 -0
package/00-governance/maintenance-policy.md +76 -0
package/00-governance/review-checklist.md +81 -0
package/README.md +13 -0
package/ai/01-standards/agent-development-complete.md +691 -0
package/ai/01-standards/llm-application-complete.md +488 -0
package/ai/01-standards/mlops-complete.md +798 -0
package/ai/01-standards/prompt-engineering-complete.md +646 -0
package/ai/01-standards/rag-architecture-complete.md +649 -0
package/ai/02-playbooks/llm-evaluation-playbook.md +847 -0
package/ai/03-checklists/ai-project-checklist.md +215 -0
package/ai/04-antipatterns/ai-antipatterns.md +661 -0
package/ai/05-cases/case-rag-production.md +147 -0
package/ai/06-glossary/ai-glossary.md +162 -0
package/ai/agent-evaluation-benchmark.md +53 -0
package/ai/ai-agent-memory-context-management.md +41 -0
package/ai/ai-cost-capacity-optimization-playbook.md +42 -0
package/ai/ai-data-security-and-compliance-playbook.md +37 -0
package/ai/ai-domain-index-and-checklist.md +40 -0
package/ai/ai-governance-maturity-model.md +50 -0
package/ai/ai-model-selection-and-routing-strategy.md +47 -0
package/ai/ai-observability-and-oncall-runbook.md +52 -0
package/ai/ai-rag-engineering-playbook.md +42 -0
package/ai/ai-red-team-and-safety-evaluation.md +42 -0
package/ai/ai-release-readiness-and-rollback-gate.md +42 -0
package/ai/llm-agent-engineering-deep-dive.md +57 -0
package/ai/prompt-and-tool-guardrails.md +52 -0
package/api/01-standards/enterprise-api-standards.md +198 -0
package/api/01-standards/rest-api-design-guide.md +63 -0
package/api/02-playbooks/api-pagination-playbook.md +93 -0
package/api/02-playbooks/graphql-production-playbook.md +176 -0
package/api/03-checklists/api-review-checklist.md +55 -0
package/api/04-antipatterns/api-antipatterns.md +112 -0
package/architecture/01-standards/api-gateway-patterns.md +496 -0
package/architecture/01-standards/cloud-native-patterns.md +644 -0
package/architecture/01-standards/distributed-systems-patterns.md +591 -0
package/architecture/01-standards/event-driven-architecture.md +595 -0
package/architecture/01-standards/microservices-patterns-complete.md +968 -0
package/architecture/01-standards/microservices-patterns.md +495 -0
package/architecture/01-standards/system-design-interview.md +664 -0
package/architecture/02-playbooks/microservices-patterns-playbook.md +137 -0
package/architecture/02-playbooks/migration-playbook.md +780 -0
package/architecture/02-playbooks/system-design-playbook.md +779 -0
package/architecture/03-checklists/architecture-decision-checklist.md +297 -0
package/architecture/04-antipatterns/architecture-antipatterns.md +417 -0
package/architecture/05-cases/case-netflix-microservices.md +413 -0
package/architecture/06-glossary/architecture-glossary.md +164 -0
package/architecture/adr-template-and-examples.md +38 -0
package/architecture/api-gateway-deep-dive.md +1291 -0
package/architecture/configuration-management.md +1162 -0
package/architecture/distributed-transactions.md +1220 -0
package/architecture/microservices-complete.md +735 -0
package/architecture/resilience-and-disaster-patterns.md +37 -0
package/architecture/service-governance.md +1198 -0
package/architecture/system-architecture-deep-dive.md +37 -0
package/backend/01-standards/analytics-and-growth.md +65 -0
package/backend/01-standards/api-and-error-conventions.md +120 -0
package/backend/01-standards/application-layering-and-packaging.md +160 -0
package/backend/01-standards/auth-implementation.md +104 -0
package/backend/01-standards/backend-framework-idioms.md +74 -0
package/backend/01-standards/background-jobs-and-async.md +66 -0
package/backend/01-standards/caching-strategies-complete.md +390 -0
package/backend/01-standards/config-and-observability.md +77 -0
package/backend/01-standards/data-modeling-and-persistence.md +94 -0
package/backend/01-standards/django-complete.md +1765 -0
package/backend/01-standards/email-and-notifications.md +64 -0
package/backend/01-standards/fastapi-complete.md +925 -0
package/backend/01-standards/file-upload-and-storage.md +66 -0
package/backend/01-standards/graphql-api-complete.md +416 -0
package/backend/01-standards/llm-application-standard.md +78 -0
package/backend/01-standards/message-queue-patterns.md +379 -0
package/backend/01-standards/microservices-and-distributed.md +78 -0
package/backend/01-standards/nestjs-complete.md +2167 -0
package/backend/01-standards/payment-integration.md +80 -0
package/backend/01-standards/rate-limiting-complete.md +451 -0
package/backend/01-standards/realtime-and-websocket.md +65 -0
package/backend/01-standards/search-and-filtering.md +64 -0
package/backend/01-standards/spring-boot-complete.md +445 -0
package/backend/02-playbooks/api-design-playbook.md +718 -0
package/backend/02-playbooks/email-send-playbook.md +130 -0
package/backend/02-playbooks/file-upload-s3-playbook.md +153 -0
package/backend/02-playbooks/typescript-enterprise-playbook.md +133 -0
package/backend/02-playbooks/websocket-realtime-playbook.md +154 -0
package/backend/03-checklists/api-launch-checklist.md +189 -0
package/backend/04-antipatterns/backend-antipatterns.md +1051 -0
package/blockchain/01-standards/blockchain-basics.md +557 -0
package/blockchain/01-standards/smart-contract-development.md +1315 -0
package/cicd/01-standards/deployment-and-delivery-standard.md +96 -0
package/cicd/01-standards/github-actions-complete.md +473 -0
package/cicd/01-standards/release-and-store-submission.md +75 -0
package/cicd/02-playbooks/cicd-pipeline-playbook.md +144 -0
package/cicd/02-playbooks/release-management-playbook.md +605 -0
package/cicd/03-checklists/pipeline-security-checklist.md +168 -0
package/cicd/04-antipatterns/cicd-antipatterns.md +589 -0
package/cicd/05-cases/case-deployment-automation.md +221 -0
package/cicd/05-cases/case-gitops-transformation.md +212 -0
package/cicd/06-glossary/cicd-glossary.md +114 -0
package/cicd/cicd-blueprint-deep-dive.md +38 -0
package/cicd/release-readiness-gate.md +37 -0
package/cloud-native/01-standards/container-security.md +741 -0
package/cloud-native/01-standards/kubernetes-complete.md +812 -0
package/cloud-native/02-playbooks/api-gateway-playbook.md +155 -0
package/cloud-native/02-playbooks/gitops-with-argocd.md +760 -0
package/cloud-native/02-playbooks/k8s-troubleshooting-playbook.md +1942 -0
package/cloud-native/02-playbooks/message-queue-playbook.md +129 -0
package/cloud-native/02-playbooks/multicloud-governance.md +726 -0
package/cloud-native/02-playbooks/serverless-patterns.md +788 -0
package/cloud-native/02-playbooks/service-mesh-playbook.md +612 -0
package/cloud-native/02-playbooks/terraform-iac-playbook.md +143 -0
package/cloud-native/03-checklists/container-security-checklist.md +431 -0
package/cloud-native/03-checklists/k8s-production-readiness-checklist.md +460 -0
package/cloud-native/04-antipatterns/container-antipatterns.md +660 -0
package/cloud-native/04-antipatterns/k8s-antipatterns.md +743 -0
package/cloud-native/05-cases/case-k8s-migration.md +478 -0
package/cloud-native/05-cases/case-k8s-scaling.md +642 -0
package/cloud-native/05-cases/case-k8s-security-incident.md +397 -0
package/cloud-native/06-glossary/cloud-native-glossary.md +337 -0
package/cross-platform/01-standards/cross-platform-frameworks.md +83 -0
package/cross-platform/01-standards/platform-selection-and-architecture.md +77 -0
package/data/01-standards/elasticsearch-complete.md +2098 -0
package/data/01-standards/postgresql-complete.md +1613 -0
package/data/01-standards/redis-complete.md +1527 -0
package/data/02-playbooks/database-optimization-playbook.md +403 -0
package/data/02-playbooks/elasticsearch-production-playbook.md +132 -0
package/data/03-checklists/database-launch-checklist.md +187 -0
package/data/04-antipatterns/database-antipatterns.md +873 -0
package/data/05-cases/case-database-migration.md +310 -0
package/data/06-glossary/database-glossary.md +440 -0
package/data/data-governance-and-modeling-deep-dive.md +39 -0
package/data-engineering/01-standards/airflow-complete.md +523 -0
package/data-engineering/01-standards/kafka-complete.md +1521 -0
package/data-engineering/02-playbooks/spark-etl-playbook.md +496 -0
package/data-engineering/03-checklists/pipeline-launch-checklist.md +194 -0
package/data-engineering/04-antipatterns/data-pipeline-antipatterns.md +684 -0
package/data-engineering/05-cases/case-real-time-pipeline.md +355 -0
package/data-engineering/06-glossary/data-engineering-glossary.md +429 -0
package/database/01-standards/database-schema-standards.md +147 -0
package/database/02-playbooks/postgresql-optimization-quick.md +52 -0
package/database/02-playbooks/postgresql-performance-optimization.md +58 -0
package/database/02-playbooks/postgresql-production-playbook.md +146 -0
package/database/02-playbooks/redis-caching-playbook.md +117 -0
package/database/03-checklists/database-review-checklist.md +50 -0
package/database/04-antipatterns/database-antipatterns.md +112 -0
package/design/01-standards/ui-design-system-complete.md +423 -0
package/design/02-playbooks/design-handoff-playbook.md +254 -0
package/design/02-playbooks/design-review-playbook.md +388 -0
package/design/03-checklists/design-review-checklist.md +246 -0
package/design/04-antipatterns/design-antipatterns.md +378 -0
package/design/05-cases/case-design-system-adoption.md +328 -0
package/design/06-glossary/design-glossary.md +329 -0
package/design/ui-full-lifecycle-cross-platform-playbook.md +571 -0
package/design/ux-system-deep-dive.md +38 -0
package/design-systems/00-craft-rules.md +71 -0
package/design-systems/aesthetic-families.md +43 -0
package/design-systems/anti-ai-slop.md +162 -0
package/design-systems/bold-geometric.md +120 -0
package/design-systems/brutalist-bold.md +103 -0
package/design-systems/editorial-clean.md +109 -0
package/design-systems/glass-aurora.md +108 -0
package/design-systems/modern-minimal.md +145 -0
package/design-systems/premium-luxury.md +106 -0
package/design-systems/product-type-design-map.md +48 -0
package/design-systems/soft-warm.md +123 -0
package/design-systems/tech-utility.md +113 -0
package/desktop/01-standards/desktop-app-standard.md +72 -0
package/desktop/01-standards/desktop-design.md +71 -0
package/development/00-governance/document-template.md +41 -0
package/development/01-standards/api-versioning-strategies.md +432 -0
package/development/01-standards/authentication-patterns-complete.md +479 -0
package/development/01-standards/css-architecture-complete.md +550 -0
package/development/01-standards/database-migration-strategies.md +484 -0
package/development/01-standards/elasticsearch-complete.md +347 -0
package/development/01-standards/git-complete.md +371 -0
package/development/01-standards/golang-complete.md +1565 -0
package/development/01-standards/graphql-complete.md +298 -0
package/development/01-standards/javascript-bundlers-complete.md +469 -0
package/development/01-standards/javascript-typescript-complete.md +528 -0
package/development/01-standards/jest-complete.md +275 -0
package/development/01-standards/linux-complete.md +234 -0
package/development/01-standards/logging-observability-complete.md +526 -0
package/development/01-standards/microservices-communication.md +502 -0
package/development/01-standards/mongodb-complete.md +406 -0
package/development/01-standards/oauth2-complete.md +285 -0
package/development/01-standards/performance-optimization-complete.md +289 -0
package/development/01-standards/playwright-complete.md +247 -0
package/development/01-standards/postgresql-complete.md +456 -0
package/development/01-standards/pytest-complete.md +340 -0
package/development/01-standards/python-async-programming.md +902 -0
package/development/01-standards/python-complete.md +956 -0
package/development/01-standards/python-decorators-complete.md +799 -0
package/development/01-standards/python-design-patterns.md +2854 -0
package/development/01-standards/python-packaging-distribution.md +420 -0
package/development/01-standards/python-testing-strategies.md +607 -0
package/development/01-standards/python-web-frameworks-comparison.md +471 -0
package/development/01-standards/redis-complete.md +317 -0
package/development/01-standards/rest-api-complete.md +316 -0
package/development/01-standards/rust-complete.md +578 -0
package/development/01-standards/typescript-advanced-types.md +1513 -0
package/development/01-standards/web-security-complete.md +292 -0
package/development/02-playbooks/api-design-playbook.md +810 -0
package/development/02-playbooks/database-migration-playbook.md +580 -0
package/development/02-playbooks/debugging-playbook.md +692 -0
package/development/02-playbooks/feature-delivery-playbook.md +430 -0
package/development/02-playbooks/incident-hotfix-playbook.md +387 -0
package/development/02-playbooks/performance-optimization-playbook.md +531 -0
package/development/02-playbooks/performance-tuning-playbook.md +652 -0
package/development/02-playbooks/refactor-playbook.md +403 -0
package/development/02-playbooks/release-playbook.md +469 -0
package/development/03-checklists/architecture-review-checklist.md +168 -0
package/development/03-checklists/data-migration-checklist.md +157 -0
package/development/03-checklists/oncall-handover-checklist.md +173 -0
package/development/03-checklists/pr-checklist.md +158 -0
package/development/03-checklists/production-readiness-checklist.md +190 -0
package/development/03-checklists/release-readiness-checklist.md +154 -0
package/development/03-checklists/security-review-checklist.md +182 -0
package/development/04-antipatterns/api-antipatterns.md +657 -0
package/development/04-antipatterns/architecture-antipatterns.md +686 -0
package/development/04-antipatterns/backend-antipatterns.md +648 -0
package/development/04-antipatterns/cicd-antipatterns.md +540 -0
package/development/04-antipatterns/code-smell-antipatterns.md +571 -0
package/development/04-antipatterns/data-antipatterns.md +658 -0
package/development/04-antipatterns/database-antipatterns.md +578 -0
package/development/04-antipatterns/frontend-antipatterns.md +635 -0
package/development/04-antipatterns/reliability-antipatterns.md +700 -0
package/development/04-antipatterns/security-antipatterns.md +747 -0
package/development/05-cases/case-api-version-migration.md +428 -0
package/development/05-cases/case-authorization-hardening.md +383 -0
package/development/05-cases/case-bluegreen-rollback.md +466 -0
package/development/05-cases/case-cache-snowball-protection.md +485 -0
package/development/05-cases/case-ci-cd-pipeline.md +544 -0
package/development/05-cases/case-database-scaling.md +500 -0
package/development/05-cases/case-db-hotspot-optimization.md +487 -0
package/development/05-cases/case-incident-mttr-reduction.md +563 -0
package/development/05-cases/case-microservice-migration.md +375 -0
package/development/05-cases/case-performance-optimization.md +406 -0
package/development/05-cases/case-security-incident-response.md +345 -0
package/development/06-glossary/full-stack-glossary.md +166 -0
package/development/09-maturity/quarterly-audit-template.md +35 -0
package/development/11-ui-excellence/ui-aesthetic-system.md +41 -0
package/development/11-ui-excellence/ui-engineering-excellence.md +435 -0
package/development/12-scenarios/development-scenarios-guide.md +565 -0
package/development/13-implementation-assets/implementation-toolkit.md +282 -0
package/development/13-implementation-assets/knowledge-gates-execution.md +43 -0
package/development/14-full-lifecycle/software-lifecycle-gates.md +511 -0
package/development/15-lifecycle-templates/project-templates-collection.md +791 -0
package/development/api-contract-and-versioning-guide.md +36 -0
package/development/api-governance-complete.md +43 -0
package/development/backend-engineering-complete.md +43 -0
package/development/code-review-quality-complete.md +43 -0
package/development/concurrency-reliability-complete.md +43 -0
package/development/database-engineering-complete.md +43 -0
package/development/engineering-effectiveness-complete.md +43 -0
package/development/engineering-standards-deep-dive.md +38 -0
package/development/frontend-engineering-complete.md +43 -0
package/development/performance-capacity-complete.md +43 -0
package/development/refactor-migration-complete.md +42 -0
package/development/refactoring-and-techdebt-playbook.md +37 -0
package/development/security-in-development-complete.md +43 -0
package/devops/01-standards/cicd-pipeline-complete.md +262 -0
package/devops/01-standards/docker-complete.md +1490 -0
package/devops/01-standards/github-actions-complete.md +337 -0
package/devops/01-standards/kubernetes-complete.md +638 -0
package/devops/01-standards/terraform-complete.md +2117 -0
package/devops/02-playbooks/docker-compose-playbook.md +233 -0
package/devops/02-playbooks/docker-k8s-production-playbook.md +186 -0
package/devops/02-playbooks/docker-production-playbook.md +952 -0
package/edge-iot/01-standards/edge-iot-complete.md +473 -0
package/experts/architect/api-design.md +178 -0
package/experts/architect/methodology.md +124 -0
package/experts/architect/security.md +75 -0
package/experts/backend-lead/methodology.md +216 -0
package/experts/devops/methodology.md +160 -0
package/experts/frontend-lead/methodology.md +178 -0
package/experts/product-manager/industry/ecommerce.md +43 -0
package/experts/product-manager/industry/saas.md +40 -0
package/experts/product-manager/methodology.md +97 -0
package/experts/qa-lead/methodology.md +123 -0
package/experts/qa-lead/test-strategy.md +128 -0
package/experts/uiux-designer/methodology.md +125 -0
package/frontend/01-standards/accessibility-complete.md +532 -0
package/frontend/01-standards/accessibility-standard.md +74 -0
package/frontend/01-standards/admin-dashboard-and-crud.md +72 -0
package/frontend/01-standards/design-tokens-complete.md +444 -0
package/frontend/01-standards/forms-and-validation.md +77 -0
package/frontend/01-standards/frontend-architecture-and-layering.md +119 -0
package/frontend/01-standards/i18n-and-localization.md +65 -0
package/frontend/01-standards/nextjs-complete.md +451 -0
package/frontend/01-standards/react-complete.md +713 -0
package/frontend/01-standards/react-hooks-complete-guide.md +1100 -0
package/frontend/01-standards/react-hooks-complete.md +1171 -0
package/frontend/01-standards/seo-and-web-vitals.md +77 -0
package/frontend/01-standards/state-management-complete.md +444 -0
package/frontend/01-standards/vue-complete.md +499 -0
package/frontend/01-standards/vue3-complete.md +2002 -0
package/frontend/01-standards/web-framework-best-practices.md +64 -0
package/frontend/01-standards/web-performance-complete.md +495 -0
package/frontend/02-playbooks/accessibility-a11y-playbook.md +161 -0
package/frontend/02-playbooks/frontend-performance-playbook.md +707 -0
package/frontend/02-playbooks/i18n-internationalization-playbook.md +120 -0
package/frontend/02-playbooks/performance-optimization-playbook.md +163 -0
package/frontend/02-playbooks/react-nextjs-production-playbook.md +167 -0
package/frontend/02-playbooks/react-state-management-playbook.md +173 -0
package/frontend/03-checklists/component-quality-checklist.md +166 -0
package/frontend/03-checklists/frontend-launch-checklist.md +299 -0
package/frontend/04-antipatterns/frontend-antipatterns.md +886 -0
package/frontend/05-cases/case-performance-optimization.md +274 -0
package/harmony/01-standards/harmonyos-arkts-standard.md +75 -0
package/harmony/01-standards/harmonyos-design.md +65 -0
package/high-quality-engineering-playbook.md +54 -0
package/incident/01-standards/incident-response-complete.md +303 -0
package/incident/02-playbooks/chaos-engineering-playbook.md +883 -0
package/incident/02-playbooks/postmortem-playbook.md +398 -0
package/incident/03-checklists/incident-readiness-checklist.md +181 -0
package/incident/04-antipatterns/incident-antipatterns.md +490 -0
package/incident/05-cases/case-cascade-failure.md +176 -0
package/incident/06-glossary/incident-glossary.md +114 -0
package/incident/postmortem-and-response-deep-dive.md +39 -0
package/industries/ecommerce/ecommerce-complete.md +631 -0
package/industries/education/education-complete.md +555 -0
package/industries/fintech/fintech-complete.md +501 -0
package/industries/gaming/gaming-complete.md +587 -0
package/industries/healthcare/healthcare-complete.md +452 -0
package/low-code/01-standards/low-code-complete.md +944 -0
package/miniprogram/01-standards/ai-common-mistakes.md +61 -0
package/miniprogram/01-standards/miniprogram-custom-navbar-capsule.md +77 -0
package/miniprogram/01-standards/miniprogram-design.md +61 -0
package/miniprogram/01-standards/miniprogram-standard.md +81 -0
package/mobile/01-standards/android-material-design.md +70 -0
package/mobile/01-standards/flutter-complete.md +384 -0
package/mobile/01-standards/ios-design-hig.md +78 -0
package/mobile/01-standards/mobile-app-standard.md +85 -0
package/mobile/01-standards/react-native-complete.md +352 -0
package/mobile/02-playbooks/mobile-cross-platform-playbook.md +175 -0
package/mobile/02-playbooks/mobile-performance.md +473 -0
package/mobile/03-checklists/mobile-release-checklist.md +234 -0
package/mobile/04-antipatterns/mobile-antipatterns.md +798 -0
package/mobile/05-cases/case-app-performance.md +500 -0
package/mobile/05-cases/case-app-startup-optimization.md +218 -0
package/mobile/06-glossary/mobile-glossary.md +484 -0
package/observability/01-standards/observability-standards.md +103 -0
package/observability/02-playbooks/prometheus-grafana-playbook.md +135 -0
package/observability/02-playbooks/structured-logging-playbook.md +73 -0
package/observability/03-checklists/observability-checklist.md +54 -0
package/observability/04-antipatterns/observability-antipatterns.md +106 -0
package/operations/01-standards/prometheus-monitoring-complete.md +1578 -0
package/operations/02-playbooks/capacity-planning-playbook.md +620 -0
package/operations/03-checklists/production-launch-checklist.md +365 -0
package/operations/04-antipatterns/operations-antipatterns.md +664 -0
package/operations/05-cases/case-sre-practices.md +581 -0
package/operations/06-glossary/operations-glossary.md +120 -0
package/operations/aiops-anomaly-detection.md +758 -0
package/operations/capacity-planning.md +1061 -0
package/operations/chaos-engineering.md +659 -0
package/operations/incident-command-system.md +38 -0
package/operations/observability-complete.md +442 -0
package/operations/slo-sli-playbook.md +517 -0
package/operations/sre-operations-deep-dive.md +39 -0
package/package.json +8 -0
package/performance/01-standards/performance-and-scalability.md +80 -0
package/performance/01-standards/performance-standards.md +156 -0
package/performance/02-playbooks/query-optimization-playbook.md +103 -0
package/performance/03-checklists/performance-checklist.md +56 -0
package/performance/04-antipatterns/performance-antipatterns.md +146 -0
package/product/01-standards/product-management-complete.md +285 -0
package/product/02-playbooks/feature-launch-playbook.md +207 -0
package/product/02-playbooks/user-research-playbook.md +532 -0
package/product/03-checklists/feature-launch-checklist.md +275 -0
package/product/04-antipatterns/product-antipatterns.md +355 -0
package/product/05-cases/case-mvp-to-scale.md +384 -0
package/product/06-glossary/product-glossary.md +462 -0
package/product/feature-prioritization-framework.md +40 -0
package/product/kpi-and-metric-tree.md +37 -0
package/product/product-discovery-and-prd-deep-dive.md +41 -0
package/quantum/01-standards/quantum-complete.md +1186 -0
package/security/01-standards/api-security-complete.md +511 -0
package/security/01-standards/container-runtime-security.md +574 -0
package/security/01-standards/data-protection-gdpr.md +543 -0
package/security/01-standards/owasp-top10-complete.md +1890 -0
package/security/01-standards/secure-coding-baseline.md +90 -0
package/security/01-standards/supply-chain-security.md +441 -0
package/security/01-standards/web-security-checklist.md +108 -0
package/security/01-standards/zero-trust-architecture.md +521 -0
package/security/02-playbooks/auth-sso-playbook.md +166 -0
package/security/02-playbooks/incident-response-security-playbook.md +588 -0
package/security/02-playbooks/owasp-api-security-playbook.md +129 -0
package/security/02-playbooks/payment-integration-playbook.md +119 -0
package/security/02-playbooks/penetration-testing-playbook.md +517 -0
package/security/03-checklists/security-audit-checklist.md +356 -0
package/security/04-antipatterns/security-coding-antipatterns.md +580 -0
package/security/05-cases/case-log4shell-incident.md +537 -0
package/security/05-cases/case-major-breaches.md +468 -0
package/security/06-glossary/security-glossary.md +212 -0
package/security/compliance-automation.md +993 -0
package/security/container-security.md +680 -0
package/security/devsecops-complete.md +426 -0
package/security/sast-dast-sca.md +775 -0
package/security/secrets-management.md +594 -0
package/security/security-architecture-deep-dive.md +37 -0
package/security/threat-modeling-stride-playbook.md +40 -0
package/seed-templates/auth-system.md +59 -0
package/seed-templates/blog-content.md +94 -0
package/seed-templates/dashboard.md +89 -0
package/seed-templates/docs-site.md +73 -0
package/seed-templates/e-commerce.md +50 -0
package/seed-templates/saas-landing.md +92 -0
package/seed-templates/settings-page.md +51 -0
package/testing/01-standards/test-strategy-and-layering.md +83 -0
package/testing/01-standards/testing-strategy-complete.md +422 -0
package/testing/01-standards/unit-testing-best-practices.md +118 -0
package/testing/02-playbooks/e2e-testing-playbook.md +988 -0
package/testing/02-playbooks/testing-strategy-playbook.md +126 -0
package/testing/03-checklists/test-strategy-checklist.md +208 -0
package/testing/04-antipatterns/testing-antipatterns.md +718 -0
package/testing/05-cases/case-testing-transformation.md +300 -0
package/testing/06-glossary/testing-glossary.md +110 -0
package/testing/risk-based-test-matrix.md +36 -0
package/testing/testing-strategy-deep-dive.md +37 -0

package/architecture/01-standards/cloud-native-patterns.md ADDED Viewed

@@ -0,0 +1,644 @@
+---
+id: cloud-native-patterns
+title: 云原生模式
+domain: architecture
+category: 01-standards
+difficulty: intermediate
+tags: [agent, architecture, checklist, cloud, native, patterns, 实战代码示例, 常见陷阱]
+quality_score: 70
+last_updated: 2026-06-15
+---
+# 云原生模式
+## 概述
+云原生(Cloud Native)是一种充分利用云计算优势的软件设计方法论。本指南覆盖12-Factor App、Sidecar、Ambassador、Init Container、CRD等核心模式,帮助团队构建可扩展、弹性、可观测的云原生应用。
+## 核心概念
+### 1. 12-Factor App原则
+| 因素 | 原则 | 说明 |
+|------|------|------|
+| 1. Codebase | 一份代码,多份部署 | Git仓库与环境无关 |
+| 2. Dependencies | 显式声明依赖 | requirements.txt/package.json |
+| 3. Config | 配置存储在环境变量 | 不硬编码配置 |
+| 4. Backing Services | 后端服务作为附加资源 | DB/Cache/MQ通过URL连接 |
+| 5. Build/Release/Run | 严格分离构建和运行 | CI/CD流水线 |
+| 6. Processes | 无状态进程 | 状态存储在外部服务 |
+| 7. Port Binding | 通过端口绑定提供服务 | 自包含HTTP服务器 |
+| 8. Concurrency | 通过进程模型扩展 | 水平扩展而非垂直 |
+| 9. Disposability | 快速启动,优雅停止 | 信号处理/连接排空 |
+| 10. Dev/Prod Parity | 环境一致性 | Docker/容器化 |
+| 11. Logs | 日志作为事件流 | 输出到stdout |
+| 12. Admin Processes | 管理任务作为一次性进程 | Job/CronJob |
+### 2. Kubernetes设计模式
+| 模式 | 描述 | 用例 |
+|------|------|------|
+| Sidecar | 辅助容器扩展主容器功能 | 日志收集/代理/监控 |
+| Ambassador | 代理容器处理外部通信 | 负载均衡/mTLS/限流 |
+| Adapter | 适配容器标准化输出 | 日志格式转换/指标适配 |
+| Init Container | 初始化容器在主容器前运行 | 数据迁移/配置下载/等待依赖 |
+| Leader Election | 选举主节点处理单例任务 | 定时任务/全局调度 |
+### 3. 云原生技术栈
+- **容器运行时**: Docker/containerd/CRI-O
+- **编排**: Kubernetes
+- **服务网格**: Istio/Linkerd/Cilium
+- **CI/CD**: ArgoCD/Flux/Tekton
+- **可观测性**: Prometheus/Grafana/Jaeger/OpenTelemetry
+- **密钥管理**: Vault/Sealed Secrets/External Secrets
+## 实战代码示例
+### 12-Factor配置管理
+```python
+# 基于环境变量的配置(Factor 3)
+from pydantic_settings import BaseSettings
+from functools import lru_cache
+class Settings(BaseSettings):
+    """应用配置(从环境变量读取)"""
+    # 基础
+    app_name: str = "my-service"
+    environment: str = "development"
+    debug: bool = False
+    log_level: str = "INFO"
+    # 服务端口(Factor 7)
+    port: int = 8000
+    host: str = "0.0.0.0"
+    # 后端服务URL(Factor 4)
+    database_url: str = "postgresql://localhost:5432/mydb"
+    redis_url: str = "redis://localhost:6379/0"
+    rabbitmq_url: str = "amqp://guest:guest@localhost:5672/"
+    # 外部服务
+    auth_service_url: str = "http://auth-service:8080"
+    payment_gateway_url: str = "https://api.stripe.com"
+    payment_gateway_key: str = ""
+    # 安全
+    secret_key: str = "change-me-in-production"
+    cors_origins: list[str] = ["http://localhost:3000"]
+    model_config = {
+        "env_file": ".env",
+        "env_file_encoding": "utf-8",
+        "case_sensitive": False,
+    }
+@lru_cache()
+def get_settings() -> Settings:
+    return Settings()
+```
+```yaml
+# Kubernetes ConfigMap和Secret
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: app-config
+data:
+  APP_NAME: "my-service"
+  ENVIRONMENT: "production"
+  LOG_LEVEL: "INFO"
+  AUTH_SERVICE_URL: "http://auth-service:8080"
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: app-secrets
+type: Opaque
+stringData:
+  DATABASE_URL: "postgresql://user:pass@postgres:5432/mydb"
+  SECRET_KEY: "super-secret-production-key"
+  PAYMENT_GATEWAY_KEY: "sk_live_..."
+```
+### 优雅停止(Factor 9)
+```python
+# 优雅停止和健康检查
+import signal
+import asyncio
+from contextlib import asynccontextmanager
+class GracefulShutdown:
+    """优雅停止管理器"""
+    def __init__(self):
+        self.is_shutting_down = False
+        self._tasks: set[asyncio.Task] = set()
+    def setup_signals(self):
+        """注册信号处理"""
+        loop = asyncio.get_event_loop()
+        for sig in (signal.SIGTERM, signal.SIGINT):
+            loop.add_signal_handler(sig, self._handle_signal)
+    def _handle_signal(self):
+        self.is_shutting_down = True
+        logger.info("Shutdown signal received, draining connections...")
+shutdown = GracefulShutdown()
+@asynccontextmanager
+async def lifespan(app):
+    """应用生命周期管理"""
+    # 启动
+    logger.info("Starting application...")
+    shutdown.setup_signals()
+    # 初始化资源
+    await db_pool.connect()
+    await redis_pool.connect()
+    await consumer.start()
+    logger.info("Application started", port=settings.port)
+    yield
+    # 停止
+    logger.info("Shutting down...")
+    # 1. 停止接收新请求(K8s已通过readiness探针处理)
+    # 2. 等待进行中的请求完成
+    await asyncio.sleep(5)  # 给K8s时间更新endpoint
+    # 3. 关闭消费者(停止消费新消息)
+    await consumer.stop()
+    # 4. 等待进行中的任务完成
+    if shutdown._tasks:
+        await asyncio.gather(*shutdown._tasks, return_exceptions=True)
+    # 5. 关闭连接池
+    await db_pool.disconnect()
+    await redis_pool.disconnect()
+    logger.info("Shutdown complete")
+app = FastAPI(lifespan=lifespan)
+# 健康检查端点
+@app.get("/health/live")
+async def liveness():
+    """存活探针:进程是否运行"""
+    return {"status": "alive"}
+@app.get("/health/ready")
+async def readiness():
+    """就绪探针:是否可以接收流量"""
+    if shutdown.is_shutting_down:
+        return JSONResponse(status_code=503, content={"status": "shutting_down"})
+    # 检查依赖服务
+    checks = {}
+    try:
+        await db_pool.execute("SELECT 1")
+        checks["database"] = "ok"
+    except Exception:
+        checks["database"] = "error"
+        return JSONResponse(status_code=503, content=checks)
+    try:
+        await redis_pool.ping()
+        checks["redis"] = "ok"
+    except Exception:
+        checks["redis"] = "error"
+        return JSONResponse(status_code=503, content=checks)
+    return {"status": "ready", "checks": checks}
+@app.get("/health/startup")
+async def startup():
+    """启动探针:应用是否完成初始化"""
+    if not db_pool.is_connected:
+        return JSONResponse(status_code=503, content={"status": "initializing"})
+    return {"status": "started"}
+```
+### Sidecar模式
+```yaml
+# Sidecar模式 — 日志收集 + 代理
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: web-app
+spec:
+  template:
+    spec:
+      containers:
+        # 主应用容器
+        - name: app
+          image: myapp:v1.2.0
+          ports:
+            - containerPort: 8000
+          volumeMounts:
+            - name: log-volume
+              mountPath: /var/log/app
+            - name: tmp
+              mountPath: /tmp
+        # Sidecar 1: Fluent Bit日志收集
+        - name: log-collector
+          image: fluent/fluent-bit:2.2
+          volumeMounts:
+            - name: log-volume
+              mountPath: /var/log/app
+              readOnly: true
+            - name: fluent-config
+              mountPath: /fluent-bit/etc/
+          resources:
+            requests:
+              cpu: 50m
+              memory: 64Mi
+            limits:
+              cpu: 100m
+              memory: 128Mi
+        # Sidecar 2: Envoy代理(Service Mesh)
+        - name: envoy-proxy
+          image: envoyproxy/envoy:v1.28
+          ports:
+            - containerPort: 9901  # Envoy admin
+          volumeMounts:
+            - name: envoy-config
+              mountPath: /etc/envoy
+          resources:
+            requests:
+              cpu: 100m
+              memory: 128Mi
+      volumes:
+        - name: log-volume
+          emptyDir: {}
+        - name: tmp
+          emptyDir:
+            sizeLimit: 100Mi
+        - name: fluent-config
+          configMap:
+            name: fluent-bit-config
+        - name: envoy-config
+          configMap:
+            name: envoy-config
+```
+### Init Container模式
+```yaml
+# Init Container — 初始化和依赖等待
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: api-server
+spec:
+  template:
+    spec:
+      initContainers:
+        # Init 1: 等待数据库就绪
+        - name: wait-for-db
+          image: busybox:1.36
+          command:
+            - sh
+            - -c
+            - |
+              until nc -z postgres 5432; do
+                echo "Waiting for postgres..."
+                sleep 2
+              done
+              echo "Postgres is ready"
+        # Init 2: 运行数据库迁移
+        - name: db-migrate
+          image: myapp:v1.2.0
+          command: ["alembic", "upgrade", "head"]
+          envFrom:
+            - secretRef:
+                name: db-credentials
+          resources:
+            limits:
+              cpu: 500m
+              memory: 256Mi
+        # Init 3: 下载配置文件
+        - name: fetch-config
+          image: curlimages/curl:8.5.0
+          command:
+            - sh
+            - -c
+            - |
+              curl -s -o /config/app.yaml \
+                http://config-server:8080/api/config/production
+          volumeMounts:
+            - name: config-volume
+              mountPath: /config
+      containers:
+        - name: app
+          image: myapp:v1.2.0
+          volumeMounts:
+            - name: config-volume
+              mountPath: /app/config
+              readOnly: true
+      volumes:
+        - name: config-volume
+          emptyDir: {}
+```
+### CRD自定义资源
+```yaml
+# CRD定义
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  name: microservices.platform.example.com
+spec:
+  group: platform.example.com
+  versions:
+    - name: v1
+      served: true
+      storage: true
+      schema:
+        openAPIV3Schema:
+          type: object
+          properties:
+            spec:
+              type: object
+              required: ["image", "port"]
+              properties:
+                image:
+                  type: string
+                port:
+                  type: integer
+                replicas:
+                  type: integer
+                  default: 2
+                autoscaling:
+                  type: object
+                  properties:
+                    minReplicas:
+                      type: integer
+                      default: 2
+                    maxReplicas:
+                      type: integer
+                      default: 10
+                    targetCPU:
+                      type: integer
+                      default: 70
+                database:
+                  type: object
+                  properties:
+                    type:
+                      type: string
+                      enum: ["postgresql", "mysql", "none"]
+                    size:
+                      type: string
+                      default: "1Gi"
+            status:
+              type: object
+              properties:
+                phase:
+                  type: string
+                readyReplicas:
+                  type: integer
+                endpoint:
+                  type: string
+      subresources:
+        status: {}
+  scope: Namespaced
+  names:
+    plural: microservices
+    singular: microservice
+    kind: Microservice
+    shortNames:
+      - ms
+---
+# 使用CRD
+apiVersion: platform.example.com/v1
+kind: Microservice
+metadata:
+  name: order-service
+  namespace: production
+spec:
+  image: myregistry.com/order-service:v1.2.0
+  port: 8080
+  replicas: 3
+  autoscaling:
+    minReplicas: 3
+    maxReplicas: 20
+    targetCPU: 60
+  database:
+    type: postgresql
+    size: 10Gi
+```
+### HPA自动扩缩容
+```yaml
+# 基于CPU和自定义指标的自动扩缩
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: api-server
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: api-server
+  minReplicas: 3
+  maxReplicas: 50
+  behavior:
+    scaleUp:
+      stabilizationWindowSeconds: 60
+      policies:
+        - type: Percent
+          value: 100         # 每次最多翻倍
+          periodSeconds: 60
+    scaleDown:
+      stabilizationWindowSeconds: 300
+      policies:
+        - type: Percent
+          value: 10          # 每5分钟最多缩10%
+          periodSeconds: 300
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: 70
+    - type: Resource
+      resource:
+        name: memory
+        target:
+          type: Utilization
+          averageUtilization: 80
+    - type: Pods
+      pods:
+        metric:
+          name: http_requests_per_second
+        target:
+          type: AverageValue
+          averageValue: "1000"
+```
+### GitOps部署(ArgoCD)
+```yaml
+# ArgoCD Application
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: order-service
+  namespace: argocd
+spec:
+  project: production
+  source:
+    repoURL: https://github.com/org/k8s-manifests.git
+    targetRevision: main
+    path: services/order-service/overlays/production
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: production
+  syncPolicy:
+    automated:
+      prune: true
+      selfHeal: true
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true
+    retry:
+      limit: 3
+      backoff:
+        duration: 5s
+        factor: 2
+        maxDuration: 3m
+```
+## 最佳实践
+### 1. 无状态设计(Factor 6)
+- 应用进程不持有本地状态
+- 会话状态存储在Redis/数据库
+- 文件上传直接到对象存储(S3)
+- 任何实例都可以处理任何请求
+### 2. 配置外部化(Factor 3)
+- 通过环境变量或ConfigMap注入配置
+- 密钥使用Secret/Vault管理
+- 不同环境用不同ConfigMap,同一镜像
+- 配置变更不需要重新构建镜像
+### 3. 健康检查三件套
+- **Liveness**: 进程是否存活(死了就重启)
+- **Readiness**: 是否可以接收流量(没准备好就不转发)
+- **Startup**: 是否完成初始化(慢启动不被杀)
+### 4. 资源管理
+- 所有容器设置requests和limits
+- CPU limits可选(可能导致throttling)
+- 内存limits必须设置(防OOM影响节点)
+- 使用LimitRange设置命名空间默认值
+### 5. 可观测性
+- 日志输出到stdout(Factor 11)
+- 暴露Prometheus指标(/metrics)
+- 集成分布式追踪(OpenTelemetry)
+- 标准化健康检查端点
+## 常见陷阱
+### 陷阱1: 容器内存储状态
+```python
+# 错误: 文件存在容器内,Pod重启就丢失
+with open("/app/data/upload.pdf", "wb") as f:
+    f.write(data)
+# 正确: 使用对象存储
+await s3_client.upload_fileobj(data, "uploads", "upload.pdf")
+```
+### 陷阱2: 优雅停止时间不足
+```yaml
+# 错误: terminationGracePeriodSeconds太短
+# Pod收到SIGTERM后只有30秒(默认)完成清理
+# 正确: 根据业务需要设置
+spec:
+  terminationGracePeriodSeconds: 60
+  containers:
+    - name: app
+      lifecycle:
+        preStop:
+          exec:
+            command: ["sh", "-c", "sleep 5"]  # 等K8s更新endpoint
+```
+### 陷阱3: 健康检查配置错误
+```yaml
+# 错误: 存活探针检查数据库
+# 数据库短暂不可用就重启Pod,加重数据库压力
+livenessProbe:
+  httpGet:
+    path: /health  # 如果这里检查了DB连接...
+# 正确: 存活探针只检查进程健康
+livenessProbe:
+  httpGet:
+    path: /health/live  # 只检查进程是否存活
+readinessProbe:
+  httpGet:
+    path: /health/ready  # 这里检查依赖服务
+```
+### 陷阱4: 不设置资源限制
+```yaml
+# 错误: 无限制,可能影响同节点其他Pod
+# 正确: 合理设置
+resources:
+  requests:
+    cpu: 100m      # 调度基准
+    memory: 128Mi
+  limits:
+    cpu: 500m      # 上限(可选,有争议)
+    memory: 512Mi  # 必须设置,防OOM
+```
+## Agent Checklist
+### 12-Factor合规
+- [ ] 配置通过环境变量注入
+- [ ] 无状态进程设计
+- [ ] 日志输出到stdout
+- [ ] 依赖显式声明
+- [ ] 端口绑定暴露服务
+### Kubernetes部署
+- [ ] 健康检查三件套配置
+- [ ] 资源requests和limits设置
+- [ ] 优雅停止处理
+- [ ] 非root容器运行
+- [ ] 安全上下文配置
+### 可扩展性
+- [ ] HPA已配置
+- [ ] 无状态可水平扩展
+- [ ] Pod反亲和性配置(高可用)
+- [ ] PDB(Pod Disruption Budget)已设置
+### 运维就绪
+- [ ] GitOps部署流程
+- [ ] 金丝雀/蓝绿发布策略
+- [ ] 回滚机制可用
+- [ ] 监控和告警覆盖