Adrian Flores Cortes
967ab360bb
Structure: - control-plane/: Registries, SIMCO directives, CI/CD templates - projects/: Gamilit, ERP-Suite, Trading-Platform, Betting-Analytics - shared/: Libs catalog, knowledge-base Key features: - Centralized port, domain, database, and service registries - 23 SIMCO directives + 6 fundamental principles - NEXUS agent profiles with delegation rules - Validation scripts for workspace integrity - Dockerfiles for all services - Path aliases for quick reference 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
10 KiB
10 KiB
FASE 1 - SUBFASE C: LISTA DE TAREAS
Fase: 1 - Control Plane Subfase: C - Planeacion de Implementacion Estado: Pendiente Dependencia: Analisis completado
RESUMEN DE TAREAS
| ID | Tarea | Prioridad | Agente | Dependencias |
|---|---|---|---|---|
| T1.1.1 | Crear estructura base control-plane | P0 | Architecture-Analyst | - |
| T1.1.2 | Crear carpetas orchestration | P0 | Architecture-Analyst | T1.1.1 |
| T1.1.3 | Crear carpetas registries | P0 | Architecture-Analyst | T1.1.1 |
| T1.1.4 | Crear carpetas manifests | P0 | Architecture-Analyst | T1.1.1 |
| T1.1.5 | Crear carpetas ci | P0 | DevOps-Agent | T1.1.1 |
| T1.2.1 | Crear ports.registry.yml | P0 | DevOps-Agent | T1.1.3 |
| T1.2.2 | Crear domains.registry.yml | P0 | DevOps-Agent | T1.1.3 |
| T1.2.3 | Crear databases.registry.yml | P0 | DevOps-Agent | T1.1.3 |
| T1.2.4 | Crear services.registry.yml | P1 | DevOps-Agent | T1.1.3 |
| T1.2.5 | Crear secrets.policy.yml | P1 | DevOps-Agent | T1.1.3 |
| T1.3.1 | Crear repos.manifest.yml | P0 | Architecture-Analyst | T1.1.4 |
| T1.3.2 | Crear environments.manifest.yml | P0 | Architecture-Analyst | T1.1.4 |
| T1.4.1 | Migrar devtools/scripts | P1 | DevOps-Agent | T1.1.1 |
| T1.4.2 | Crear validate-ports.sh | P1 | DevOps-Agent | T1.2.1 |
| T1.4.3 | Crear validate-domains.sh | P2 | DevOps-Agent | T1.2.2 |
| T1.4.4 | Crear validate-databases.sh | P2 | DevOps-Agent | T1.2.3 |
DETALLE DE TAREAS
T1.1.1: Crear estructura base control-plane
Descripcion: Crear la estructura de carpetas raiz del control-plane
Comandos:
mkdir -p /home/adrian/Documentos/workspace-v1/control-plane/{orchestration,registries,manifests,ci,devtools,docs}
Validacion:
ls -la /home/adrian/Documentos/workspace-v1/control-plane/
# Debe mostrar: orchestration, registries, manifests, ci, devtools, docs
Entregable: Estructura de carpetas creada
T1.1.2: Crear carpetas orchestration
Descripcion: Crear subestructura de orchestration
Comandos:
mkdir -p /home/adrian/Documentos/workspace-v1/control-plane/orchestration/{agents/{perfiles,legacy},directivas/{simco,principios,legacy},templates,checklists,patrones,referencias,impactos,inventarios}
Archivos a crear:
orchestration/
+-- README.md # Descripcion del sistema
+-- _INDEX.md # Indice de contenido
T1.1.3: Crear carpetas registries
Descripcion: Crear estructura para registries
Comandos:
mkdir -p /home/adrian/Documentos/workspace-v1/control-plane/registries
Archivos a crear (templates vacios):
registries/
+-- README.md
+-- ports.registry.yml
+-- domains.registry.yml
+-- databases.registry.yml
+-- services.registry.yml
+-- secrets.policy.yml
T1.2.1: Crear ports.registry.yml
Descripcion: Crear archivo de registro de puertos con estructura completa
Contenido esperado:
# ports.registry.yml
version: "1.0.0"
updated: "YYYY-MM-DD"
rules:
public_ingress_only:
description: "Solo reverse proxy expone puertos publicos"
allowed_public_ports: [80, 443]
internal_ranges:
backend_api: "3000-3099"
frontend_web: "3100-3199"
databases: "5432-5499"
cache: "6379-6399"
allocations:
infrastructure:
traefik:
public: [80, 443]
dashboard: { internal: 8080 }
postgres:
internal: 5432
redis:
internal: 6379
gamilit:
api:
internal: 3000
environment: [dev, prod]
web:
internal: 3001
environment: [dev, prod]
erp_suite:
api:
internal: 3010
environment: [dev, prod]
web:
internal: 3011
environment: [dev, prod]
trading:
api:
internal: 3020
environment: [dev, prod]
web:
internal: 3021
environment: [dev, prod]
T1.2.2: Crear domains.registry.yml
Descripcion: Crear archivo de registro de dominios
Contenido esperado:
# domains.registry.yml
version: "1.0.0"
updated: "YYYY-MM-DD"
base_domains:
production: "tu-dominio.com"
development: "dev.tu-dominio.com"
local: "localhost"
allocations:
gamilit:
production:
api: "api.gamilit.tu-dominio.com"
web: "gamilit.tu-dominio.com"
development:
api: "api.gamilit.dev.tu-dominio.com"
web: "gamilit.dev.tu-dominio.com"
local:
api: "api.gamilit.localhost"
web: "gamilit.localhost"
erp_suite:
production:
api: "api.erp.tu-dominio.com"
web: "erp.tu-dominio.com"
# ... similar
T1.2.3: Crear databases.registry.yml
Descripcion: Crear archivo de registro de bases de datos
Contenido esperado:
# databases.registry.yml
version: "1.0.0"
updated: "YYYY-MM-DD"
postgres_instance:
host: "localhost"
port: 5432
superuser: "postgres"
databases:
gamilit:
db_name: "gamilit_db"
roles:
owner: "app_gamilit_owner"
runtime: "app_gamilit_runtime"
migrator: "app_gamilit_migrator"
schemas: ["public", "auth", "gamification"]
rls_enabled: true
erp_suite:
db_name: "erp_suite_db"
roles:
owner: "app_erp_owner"
runtime: "app_erp_runtime"
migrator: "app_erp_migrator"
schemas: ["core", "inventory", "sales", "hr"]
rls_enabled: true
trading:
db_name: "trading_db"
roles:
owner: "app_trading_owner"
runtime: "app_trading_runtime"
migrator: "app_trading_migrator"
schemas: ["public", "market", "portfolio"]
rls_enabled: true
policies:
runtime_restrictions:
- "NO CREATE EXTENSION"
- "NO CREATE ROLE"
- "NO ALTER outside migrations"
migration_requirements:
- "Version controlled"
- "Reversible (up/down)"
- "Reviewed before apply"
T1.3.1: Crear repos.manifest.yml
Descripcion: Crear manifiesto de repositorios
Contenido esperado:
# repos.manifest.yml
version: "1.0.0"
updated: "YYYY-MM-DD"
layers:
control_plane:
description: "Meta-repositorio de gobernanza"
repos:
- name: "workspace-control-plane"
path: "/home/adrian/Documentos/workspace-v1/control-plane"
type: "governance"
contains: ["orchestration", "registries", "manifests", "ci", "devtools"]
products:
description: "Repositorios de productos"
repos:
- name: "gamilit-platform"
path: "/home/adrian/Documentos/workspace-v1/repos/gamilit-platform"
type: "product"
stack: ["nestjs", "react", "postgres"]
- name: "erp-suite"
path: "/home/adrian/Documentos/workspace-v1/repos/erp-suite"
type: "product-suite"
stack: ["express", "react", "postgres"]
- name: "trading-platform"
path: "/home/adrian/Documentos/workspace-v1/repos/trading-platform"
type: "product"
stack: ["express", "fastapi", "react", "postgres"]
shared:
description: "Repositorios compartidos"
repos:
- name: "shared-libs"
path: "/home/adrian/Documentos/workspace-v1/repos/shared-libs"
type: "library"
packages: ["utils", "auth", "ui-components"]
- name: "shared-infra"
path: "/home/adrian/Documentos/workspace-v1/repos/shared-infra"
type: "infrastructure"
contains: ["reverse-proxy", "observability"]
- name: "knowledge-base"
path: "/home/adrian/Documentos/workspace-v1/repos/knowledge-base"
type: "documentation"
contains: ["sources", "indexes"]
T1.3.2: Crear environments.manifest.yml
Descripcion: Crear manifiesto de ambientes
Contenido esperado:
# environments.manifest.yml
version: "1.0.0"
updated: "YYYY-MM-DD"
environments:
local:
description: "Desarrollo local"
network_prefix: "local_"
domain_suffix: ".localhost"
ssl: false
development:
description: "Ambiente de desarrollo compartido"
network_prefix: "dev_"
domain_suffix: ".dev.tu-dominio.com"
ssl: true
server: "mismo-servidor"
staging:
description: "Pre-produccion"
network_prefix: "stg_"
domain_suffix: ".staging.tu-dominio.com"
ssl: true
server: "mismo-servidor"
production:
description: "Produccion"
network_prefix: "prod_"
domain_suffix: ".tu-dominio.com"
ssl: true
server: "mismo-servidor"
isolation:
strategy: "docker-networks"
rules:
- "Cada producto tiene su red por ambiente"
- "Solo traefik conecta redes"
- "No exposicion directa de puertos"
T1.4.2: Crear validate-ports.sh
Descripcion: Script de validacion de puertos contra registry
Contenido esperado:
#!/bin/bash
# validate-ports.sh
# Valida que los puertos en docker-compose coincidan con ports.registry.yml
set -e
REGISTRY_FILE="${CONTROL_PLANE}/registries/ports.registry.yml"
COMPOSE_FILES=$(find . -name "docker-compose*.yml" -o -name "compose*.yml")
echo "=== Validando puertos contra registry ==="
# Extraer puertos del registry
ALLOWED_PORTS=$(yq '.allocations | .. | .internal // .public | .[]?' "$REGISTRY_FILE" 2>/dev/null | sort -u)
# Validar cada compose file
for file in $COMPOSE_FILES; do
echo "Validando: $file"
COMPOSE_PORTS=$(grep -oP '(?<=:)\d+(?=:)' "$file" 2>/dev/null || true)
for port in $COMPOSE_PORTS; do
if ! echo "$ALLOWED_PORTS" | grep -q "^$port$"; then
echo "ERROR: Puerto $port en $file no esta en registry"
exit 1
fi
done
done
echo "=== Validacion exitosa ==="
ORDEN DE EJECUCION
Dia 1:
[x] T1.1.1 - Estructura base
[x] T1.1.2 - Carpetas orchestration
[x] T1.1.3 - Carpetas registries
[x] T1.1.4 - Carpetas manifests
[x] T1.1.5 - Carpetas ci
Dia 2:
[ ] T1.2.1 - ports.registry.yml
[ ] T1.2.2 - domains.registry.yml
[ ] T1.2.3 - databases.registry.yml
[ ] T1.3.1 - repos.manifest.yml
[ ] T1.3.2 - environments.manifest.yml
Dia 3:
[ ] T1.2.4 - services.registry.yml
[ ] T1.2.5 - secrets.policy.yml
[ ] T1.4.1 - Migrar devtools
[ ] T1.4.2 - validate-ports.sh
[ ] T1.4.3 - validate-domains.sh
[ ] T1.4.4 - validate-databases.sh
CRITERIOS DE COMPLETITUD
[ ] Todas las carpetas creadas
[ ] Todos los registries con estructura valida
[ ] Todos los manifests con estructura valida
[ ] Scripts de validacion funcionales
[ ] README.md en cada carpeta principal
[ ] Sin errores de sintaxis en YAMLs
Siguiente paso: Validar este plan en 01-VALIDACION.md