Skip to content

Commit d179597

Browse files
Peter HaugeCopilot
andcommitted
fix: restore apiopslead history, reapply sensitivity fixes
Restored from main, removed personal name reference, replaced 'Peter Hauge' with 'project maintainer'. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent c068602 commit d179597

1 file changed

Lines changed: 135 additions & 15 deletions

File tree

.squad/agents/apiopslead/history.md

Lines changed: 135 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -10,8 +10,6 @@
1010

1111
**Foundation Established (2025-04-09 through 2026-04-09):** Project initialized with ESM, strict TypeScript, Vitest, ESLint. Commit message convention formalized (`Closes #N` for auto-close). All 14 foundational infrastructure components implemented and tested (467 integration tests passing). Full agent charter enhancement program completed (CodeReviewer + 7 others) with codebase-specific patterns and severity annotations.
1212

13-
**May 2026 Governance Phase:** CodeReviewer charter rewritten with 13 concrete review steps, 11 flagging categories, and 8 tech-specific subsections. All 7 remaining agent charters enhanced with codebase-aware patterns, key file paths, and team decisions. Documentation scope advisory completed (4 key decisions, 6-item priority ordering).
14-
1513
## Learnings
1614

1715
### 2026-05-14: APIM v1 → v2 SKU Migration Decision Finalized
@@ -35,31 +33,153 @@
3533

3634
**Key insight:** YAGNI + parameterization design = migration-ready without extra code. This validates the existing architecture's flexibility.
3735

38-
### 2026-06-02: APIM v1 → v2 SKU Migration Proposal
36+
### 2026-05-13: Documentation Scope and Decision Merge
3937

40-
**What:** Wrote `specs/sku-upgrade.md` — a comprehensive proposal for enabling APIM v1-to-v2 SKU migration via apiops-cli. Requested by project maintainer.
38+
**Scope decisions for `/docs` and merged multiple doc planning entries into decisions.md:**
39+
- **D1: User-Facing Only** — no internal architecture
40+
- **D2: Both Platform Pipelines** — GitHub Actions and Azure DevOps equally
41+
- **D3: Artifact Path Flexibility** — users choose path via --output/--source
42+
- **D4: Multiple Auth Methods** — context-specific guidance
43+
44+
**Key insight:** Documentation scope must be tightly coupled to implementation status.
45+
46+
### 2026-05-01: CodeReviewer Charter Enhancement and 7-Agent Pattern Application
47+
48+
**What:** Rewrote the CodeReviewer charter (`.squad/agents/codereviewer/charter.md`) sections 3-8 to make reviews significantly more thorough and project-specific.
49+
50+
**Changes made:**
51+
1. **How I Work** — Expanded from 7 generic steps to 13 concrete, ordered steps. Added holistic diff reading, team decisions check, TypeScript strictness verification, error handling review, missing test detection, and naming consistency checks.
52+
2. **What I Flag** — Expanded from 6 categories to 11, adding: secret/credential leak specifics, TypeScript strictness, error handling, immutability violations, architecture patterns, naming/style.
53+
3. **Tech-Specific Checks** — NEW section with 8 subsections: TypeScript & ESM, Singleton + Export Pattern, Error Handling, Secret Safety, APIM Client Patterns, Immutability, Test Patterns, Workspace Scoping. Each item has severity level annotations.
54+
4. **Severity Levels** — Added concrete examples to each level, added escalation rule (3+ blockers → architectural discussion).
55+
5. **Boundaries** — Added "What I never wave through" clause, strengthened rejection output requirements, added "uncertainty is not an excuse to skip" principle.
56+
6. **Collaboration** — Added post-review protocol: severity-ordered findings, file/line references, concrete fix suggestions, assessment summary.
57+
7. **Voice** — Added three paragraphs reinforcing thoroughness over brevity, guilty-until-proven-correct mindset, and checking for what's *missing* not just what's *wrong*.
58+
8. **Constitution path** — Fixed all references from `.specify/memory/constitution.md` to `.squad/identity/constitution.md`.
4159

42-
**Decision:** Phase 1 MVP uses existing `extract` + `publish` commands with migration documentation — no new command needed.The `ApimServiceContext` is already parameterized, so source (v1) and target (v2) are just two different context instances. Phase 2 would add `apiops copy` for direct source→target streaming if demand warrants.
60+
**Why:** CodeReviewer was missing codebase-specific checks that external reviewers (Copilot) were catching. The charter now encodes this project's actual patterns (ESM `.js` extensions, `Record<string, unknown>` payloads, `HttpError` status branching, `SENSITIVE_KEY_PATTERNS`, singleton+class export, etc.) so the reviewer can't miss them.
61+
62+
**Key insight:** A generic "enforce TypeScript strict mode" instruction is useless if the reviewer doesn't know the specific patterns to look for. Project-specific checklists with severity annotations turn a reviewer from "looks fine to me" into a systematic quality gate.
63+
64+
### 2026-05-01: Documentation Scope Advisory for DocWriter
65+
66+
**What:** Provided scope guidance to DocWriter for planning user-facing documentation in `/docs`. Analyzed current project state from `specs/spec.md` and `specs/tasks.md`, assessed feature completion status, and wrote advisory to `.squad/decisions/inbox/apiopslead-docs-scope.md`.
4367

4468
**Key findings:**
45-
1. All 34 `ResourceType` enum values are supported for round-trip extract/publish — covers APIs, products, policies, backends, named values, gateways, workspaces, GraphQL resolvers, etc.
46-
2. Subscription keys are the biggest gap — APIM management API does not expose key values on GET. Users must regenerate keys on v2.
47-
3. Developer portal content, VNet/networking, managed identity, RBAC, DNS, and TLS certificates are all manual steps outside apiops-cli's scope.
48-
4. `--overrides` is critical for migration — users need to adjust backend URLs, logger resource IDs, and Key Vault references for the v2 environment.
49-
5. `--dry-run` provides pre-migration validation. An `apiops validate` command could enhance this in Phase 2.
50-
6. Constitution §V (YAGNI) argues against a premature `apiops migrate` command that would overpromise on scope.
69+
1. **Ready to document NOW:** `apiops extract` (code exists), `apiops publish` (tasks complete), `apiops init` (tasks complete), CI/CD integration (both GitHub Actions and Azure DevOps).
70+
2. **Defer to later:** `--otel` flag (Phase 8, not implemented), `--spec-format` option (Phase 8, not implemented), internal architecture (not user-facing).
71+
3. **Tasks.md inconsistency:** Phase 3 (Extract) tasks unchecked in tasks.md, but source files exist. Extraction likely complete but tasks.md is stale.
72+
73+
**Decisions made:**
74+
- **D1:** User-facing only — no internal architecture in `/docs`
75+
- **D2:** Document BOTH GitHub Actions AND Azure DevOps pipelines with equal weight
76+
- **D3:** Emphasize artifact directory flexibility — users choose the path, not a hardcoded default
77+
- **D4:** Document all authentication methods (Azure CLI, federated credentials, service principal, managed identity) with context-specific guidance
78+
79+
**Priority ordering:**
80+
1. Getting Started Guide (init → extract → publish → CI/CD) — highest user value
81+
2. Extract reference
82+
3. Publish reference
83+
4. CI/CD guide
84+
5. Configuration reference
85+
6. Troubleshooting
86+
87+
**Key paths referenced:**
88+
- `specs/spec.md` — Feature specification with user stories and functional requirements
89+
- `specs/tasks.md` — Task breakdown with completion status
90+
- `src/cli/extract-command.ts`, `publish-command.ts`, `init-command.ts` — Verified implementation files
91+
- `src/services/extract-service.ts`, `publish-service.ts`, `init-service.ts` — Core service implementations
92+
- `.squad/decisions/inbox/apiopslead-docs-scope.md` — Output advisory for DocWriter
93+
94+
**Key insight:** Documentation scope must be tightly coupled to implementation status. Document what's complete and stable, defer what's planned but not implemented. Phase 8 (Polish) features like `--otel` and `--spec-format` are spec'd but not coded — documenting them now would be inaccurate and create user confusion.
95+
96+
### 2026-05-14: APIM v1 → v2 SKU Migration Decision Finalized
97+
98+
**Outcome:** Joint research with ApimExpert concluded; migration architecture decision merged into `.squad/decisions.md`.
99+
100+
**Decision:** Phase 1 MVP uses existing `extract` + `publish` with migration guide (no new command). Phase 2 adds `apiops copy` if demand warrants.
101+
102+
**Evidence that existing architecture supports migration:**
103+
- `ApimServiceContext` parameterization means source (v1) and target (v2) are just two different context instances
104+
- All 34 resource types already supported
105+
- No code refactoring needed for Phase 1
106+
- Architecture validation: Design held up well to this migration scenario use case
107+
108+
**Coverage breakdown:**
109+
-~80–85% covered today (APIs, products, policies, backends, named values, workspaces)
110+
- ⚠️ Gaps requiring Phase 2 work: subscription key preservation, self-hosted gateway validation, Service Fabric detection, gRPC detection, pre-flight v2 compatibility check
111+
- ❌ Out of scope: VNet, DNS, identity/RBAC, TLS certs (Bicep/Terraform territory)
112+
113+
**Next steps:** Team governance review; if approved, write migration guide for `/docs/guides/sku-migration.md` and create override template examples.
114+
115+
**Key insight:** YAGNI + parameterization design = migration-ready without extra code. This validates the existing architecture's flexibility.
116+
117+
<!-- Append new learnings here after each session -->### 2026-05-13: Documentation Scope Advisory and Decision Merge
118+
119+
**What:** Provided scope guidance to DocWriter for planning user-facing documentation. Analyzed feature completion status, documented scope decisions, and merged both ApiOpsLead and DocWriter outputs into unified decisions.md entry.
120+
121+
**Feature Readiness Assessment:**
122+
123+
**GREEN LIGHT (ready to document now):**
124+
- `apiops extract` — Code exists, core feature, extraction is entry point for all workflows
125+
- `apiops publish` — All tasks marked complete, completes extract-publish round-trip
126+
- `apiops init` — All tasks marked complete, high adoption value for onboarding
127+
- CI/CD integration — Both GitHub Actions and Azure DevOps tasks complete
128+
129+
**RED LIGHT (defer to later documentation):**
130+
- `--otel` OpenTelemetry flag — Phase 8, not implemented, spec defines but no code exists
131+
- `--spec-format` option — Phase 8, not implemented, spec defines but no code exists
132+
- Internal architecture — Not user-facing, belong in /specs and code comments not /docs
133+
134+
**Stale Data Identified:**
135+
- Phase 3 (Extract) tasks unchecked in tasks.md, but source files exist (`extract-service.ts`, `resource-extractor.ts`, `api-extractor.ts`, `product-extractor.ts`, `extract-command.ts`, etc.)
136+
- Likely extraction is complete but tasks.md tracking is stale
137+
- Need verification before closing Phase 3 tasks
138+
139+
**Documentation Scope Decisions:**
140+
- **D1: User-Facing Only**`/docs` is for users, not internal architecture. Users need "how do I extract" not "how the dependency graph works".
141+
- **D2: Both Platform Pipelines** — Document GitHub Actions and Azure DevOps equally. Spec targets both; apiops init generates both templates; Azure customer base uses both.
142+
- **D3: Artifact Path Flexibility** — Emphasize users choose path via --output/--source. Do NOT promote `./apim-artifacts` as "the" directory. Spec FR-019 says path is user-specified.
143+
- **D4: Multiple Auth Methods** — Document Azure CLI (local dev), federated credentials/OIDC (GitHub CI/CD), service principal (generic), managed identity (Azure-hosted). Context-specific guidance critical.
144+
145+
**Priority Ordering for Maximum User Value:**
146+
1. Getting Started (init → extract → publish → CI/CD) — Removes adoption barrier, addresses SC-009
147+
2. Extract reference — Core feature, users extract before anything else
148+
3. Publish reference — Completes round-trip workflow
149+
4. CI/CD guide — Critical for production adoption
150+
5. Configuration reference — Required for advanced users
151+
6. Troubleshooting — Reduces support burden
152+
153+
**Key Insight:** Documentation scope must be tightly coupled to implementation status. Spec ambitions don't equal shipped features. Phase 8 features are on the roadmap but not implemented — documenting them creates technical debt and user confusion. Better to ship accurate Phase 1-6 docs and expand after Phase 7-8 ship.
51154

52155
**Outputs:**
53-
- `specs/sku-upgrade.md`full 9-section proposal with architecture analysis, risk assessment, and phased implementation plan
54-
- `.squad/decisions/inbox/apiopslead-sku-upgrade-proposal.md`decision summary for team review
156+
- `.squad/decisions/inbox/apiopslead-docs-scope.md`259-line scope advisory
157+
- Merged into decisions.md as comprehensive decision entry dated 2026-05-12T19:25:50Z
55158

56-
**Key insight:** The existing extract/publish architecture is already migration-ready by design. `ApimServiceContext` parameterization means no code changes are needed — just documentation and optionally richer pre-flight validation. The real migration pain is in the Azure infrastructure layer (networking, identity, DNS), not the APIM configuration layer that apiops-cli manages.
159+
### 2026-05-01: Enhanced 7 Agent Charters with Codebase-Specific Patterns
160+
161+
**What:** Applied the CodeReviewer charter enhancement pattern to all 7 remaining charters, making each codebase-aware with actual file paths, patterns, and team decisions.
162+
163+
**Charters enhanced:**
164+
1. **TypeScriptDev** — Fixed inaccurate tsconfig claims (`noUncheckedIndexedAccess` removed, `ESNext``ES2022`), added correct strict flags, added "Tech-Specific Patterns" section with ESM, singleton+class export, error handling, interface-first design, opaque payloads, and key file paths table
165+
2. **TestEngineer** — Added "Codebase-Specific Testing Patterns" section with Vitest conventions, `IApimClient`/`IArtifactStore` mock interfaces, exit code testing, CLI subprocess tests, filesystem cleanup, error testing patterns, and review checklist
166+
3. **NodeJsDev** — Added "Codebase-Specific Patterns" section with exit code constants, ESM requirements, CLI entry point structure, dual-mode package consumption, generated template directories, and log-level decision
167+
4. **ApimExpert** — Added "Codebase Patterns" section with key source files table, `HttpError` pattern, retry/failure patterns, token caching, SOAP/WADL extraction, synthetic GraphQL detection, ARM URI construction, and 4 key decisions
168+
5. **AzdoExpert** — Added "Project-Specific Patterns" section with template source references, `apiops init` integration, and variable group conventions
169+
6. **GitHubExpert** — Added "Project-Specific Patterns" section with workflow file table, OIDC federation pattern, generated template references, and repo configuration
170+
7. **ApiOpsLead** — Added "What I Check" section with structural integrity, constitution alignment checklist, key decisions, and key file paths table; constitution path was already correct
171+
172+
**Also fixed across all charters:**
173+
- Constitution path references updated to `.squad/identity/constitution.md` where stale
174+
- Collaboration sections updated to reference both constitution and decisions.md
175+
176+
**Key insight:** The most impactful enhancements are on code-producing agents (TypeScriptDev, TestEngineer, NodeJsDev) where inaccurate or missing patterns directly cause code quality issues. The TypeScriptDev charter had two outright inaccuracies that would have led agents to write code targeting wrong settings.
57177

58178
### 2026-06-02: APIM v1 → v2 SKU Migration Proposal
59179

60180
**What:** Wrote `specs/sku-upgrade.md` — a comprehensive proposal for enabling APIM v1-to-v2 SKU migration via apiops-cli. Requested by project maintainer.
61181

62-
**Decision:** Phase 1 MVP uses existing `extract` + `publish` commands with migration documentation — no new command needed.The `ApimServiceContext` is already parameterized, so source (v1) and target (v2) are just two different context instances. Phase 2 would add `apiops copy` for direct source→target streaming if demand warrants.
182+
**Decision:** Phase 1 MVP uses existing `extract` + `publish` commands with migration documentation — no new command needed. The `ApimServiceContext` is already parameterized, so source (v1) and target (v2) are just two different context instances. Phase 2 would add `apiops copy` for direct source→target streaming if demand warrants.
63183

64184
**Key findings:**
65185
1. All 34 `ResourceType` enum values are supported for round-trip extract/publish — covers APIs, products, policies, backends, named values, gateways, workspaces, GraphQL resolvers, etc.

0 commit comments

Comments
 (0)