Add ArchUnitTS architecture tests for hexagonal layering#354
Open
cteyton wants to merge 32 commits into
Open
Conversation
…arch target Add a dedicated Nx project that runs architecture rules via ArchUnitTS, isolated from the normal test suite: - add archunit dev dependency - packages/architecture-tests with project.json exposing a custom 'arch' target (not 'test', so nx run-many -t test never picks it up) - jest.arch.config.ts (non-default name avoids @nx/jest test-target inference) - scripts/build-arch-tsconfig.mjs generates a self-contained tsconfig.arch.json (inlined paths + include) since ArchUnitTS does not resolve tsconfig extends - src/architecture.ts: shared tsconfig path, domain list and layer globs - test:arch npm script; gitignore the generated config - broaden eslint jest-config override to cover jest.*.config.ts https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
Assert the forbidden import shortcuts/back-edges along the controller -> adapter -> use case -> service -> repository flow: infra/repositories must not depend on application; use cases, adapters and services must not import repository implementations; controllers must not reach persistence directly. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
Assert the innermost domain layer does not depend on the application or infrastructure layers. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
…ules Assert each domain package does not import another domain's source directly (cross-domain collaboration must go through @packmind/types ports). Add README describing every rule, how to run the suite, and the current known violations surfaced as tech debt. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
Run the ArchUnitTS architecture suite (npm run test:arch) in a dedicated workflow on push to main, pull requests and manual dispatch. The job uses continue-on-error so pre-existing violations are surfaced and monitored without blocking merges. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
tsconfig.base.effective.json is git-ignored, so on a fresh CI checkout Nx project-graph construction fails when the vite/vitest plugins parse project tsconfigs that extend it. Generate it via select-tsconfig.mjs as a dedicated step before invoking the arch target, mirroring the quality workflow. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
The pre-commit Prettier hook did not run on the initial commits; format the three flagged files to satisfy the quality workflow's prettier:check. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
Contributor
Greptile SummaryThis PR introduces executable hexagonal architecture enforcement via ArchUnitTS (
Confidence Score: 4/5Safe to merge after addressing the pre-push hook and the missing The pre-push hook runs arch tests as a hard blocking step while 7/15 rules are intentionally failing, which will abort every developer push until all violations are resolved. The reusable
Important Files Changed
Flowchart%%{init: {'theme': 'neutral'}}%%
flowchart TD
subgraph CI["CI Workflows"]
AY["architecture.yml - continue-on-error true"]
BY["build.yml arch job - missing continue-on-error"]
HP[".husky/pre-push - blocking step"]
end
subgraph ArchTests["packages/architecture-tests"]
AT["arch Nx target"]
L["layering.arch.spec.ts"]
DP["domain-purity.arch.spec.ts"]
CD["cross-domain.arch.spec.ts"]
B["boundaries.arch.spec.ts"]
AT --> L
AT --> DP
AT --> CD
AT --> B
end
subgraph CrossDomainFix["Cross-Domain Fix"]
UC["RenderPackageAsPluginUseCase"]
PORT["ICodingAgentPort in types"]
IMPL["CodingAgentRepositories.renderPackageAsClaudePlugin"]
UC -->|"delegates via port"| PORT
PORT -.->|"implemented by"| IMPL
end
subgraph PackageSvcFix["PackageRepository Cleanup"]
PS["PackageService.enrichWithArtefacts"]
PR["PackageRepository.findBySlugsAndSpaceIds returns IDs only"]
PS --> PR
PS --> RP["IRecipesPort / IStandardsPort / ISkillsPort / ISpacesPort"]
end
CI --> AT
Reviews (11): Last reviewed commit: "👷 ci(arch): use pnpm in architecture-te..." | Re-trigger Greptile |
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
- project.json: mark the arch target cache:false to guarantee the analysis always runs against current sources (Nx never replays a stale result). Note: Jest itself does not cache pass/fail results, only transformed source, so --no-cache is unnecessary. - build-arch-tsconfig.mjs: exclude packages/architecture-tests/** from the scanned graph so the test-infra package never enters analysis; clarify the select-tsconfig dynamic-import comment re: per-process ESM caching. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
- build-arch-tsconfig.mjs: abort with a clear error if the effective tsconfig has no compilerOptions.paths, since unresolved @packmind/* aliases would make cross-domain rules pass for the wrong reason. - layering.arch.spec.ts: scope the describe label to repository implementations, matching the rule (infra/repositories, not all infra). https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
Add `schemas`, `apiAll` and `types` layer globs plus `DOMAIN_SRC_REGEX` and `SHARED_BASE_REGEX` helpers, consumed by the new layering and boundary rules. The regex helpers mirror the inline pattern already used in cross-domain.arch.spec.ts. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
New layering rules, all green today: - application/services must not import use cases or the domain adapter (use cases orchestrate services, never the reverse). - the whole API app (not just controllers) must not import repository implementations, and must not import the application layer at all (it reaches domains only through @packmind/types ports). - infra/schemas must not import the application layer (schemas are pure ORM mapping; infra/jobs legitimately wires application jobs, schemas do not). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
New boundaries.arch.spec.ts asserting the inter-package layering (apps/api -> domains -> @packmind/types + node-utils/logger): - @packmind/types must not import any domain (keeps the contract package a leaf; a domain import would be a cycle). - node-utils/logger must not import any domain. - no domain may import the API app (reverse dependency). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add the application-flow, API-boundary, schema-purity and shared-package/reverse-dependency rules to the Rules tables, and update the pass count from 8/15 to 15/22 (the 7 known violations are unchanged). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The API layering rule now uses the broader apiAll glob, leaving LAYER_GLOBS.controllers unreferenced. Drop the dead entry. https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ
llm is a full hexagon domain (domain/application/infra, ILlmPort) that was absent from DOMAIN_PACKAGES, so cross-domain and reverse-dependency rules never covered it. Add it (verified: 0 new violations). The list stays hardcoded on purpose — a domain missing its hexagon layers is a problem to surface, not to auto-skip. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Replace the hardcoded DOMAIN_PACKAGES array with filesystem discovery:
every packages/* that owns a src/domain/ layer is a domain. The only
hardcoded list is now EXCLUDED_PACKAGES = { ui } (the Chakra frontend
library, not a backend hexagon). New domain packages are covered with no
list to maintain; shared/leaf packages (types, logger, node-utils, ...)
have no domain/ layer so importing them stays legal for everyone.
Derived domain set is identical today (9 domains incl. llm); suite stays
16/23 pass, 7 fail.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Packmind playbook regeneration of the use-case-architecture-patterns standard: add `alwaysApply: true` frontmatter, drop two redundant rules, and propagate across the agent rule formats (.claude, .cursor, .github, .gitlab) plus standards-index, AGENTS.md, packmind-lock.json and packmind.json. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…services RecipeService and RecipeVersionService imported concrete infra repositories solely to use them as constructor default values, which made the application layer depend on the infra layer and broke the layering.arch.spec rule "application/services must not depend on infra/repositories". All real construction sites (RecipesServices, unit tests) already inject the repository explicitly, so the defaults were dead weight. Removing the imports and defaults makes both services depend only on the domain port interfaces, matching the compliant StandardService. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
GithubAppMode lived in the infra file GithubTokenResolverFactory, so the application-layer GitAdapter and use cases imported it across the layer boundary. ArchUnitTS counts type-only imports, so this tripped the 'application layer reaches data only through repository interfaces' rule. Relocate the type to the shared contract package (@packmind/types/git) as the single source of truth and repoint all consumers. Also removes the two duplicate redefinitions in apps/api (edition.ts) and the frontend. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
LlmAdapter constructed AIProviderRepository directly in initialize(), making the application-layer adapter depend on an infra repository implementation and violating the layering arch rule. Add an ILlmRepositories interface (domain) and an LlmRepositories aggregator (infra) that owns the DataSource-to-repository wiring, mirroring the git package's GitRepositories pattern. LlmAdapter now receives ILlmRepositories instead of a DataSource; LlmHexa builds it. LlmHexa's public constructor signature is unchanged, so callers are unaffected. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Resolve every violation reported by `npm run test:arch` (now 23/23 green) by routing cross-domain access through @packmind/types ports and fixing intra-package layer leaks. No behavior change. Layering (infra ↛ application): - Move CommandsIndexService/StandardsIndexService (pure formatters) from coding-agent application/services to infra/repositories/packmind, beside their only consumer PackmindDeployer. Domain purity (domain ↛ application/infra): - Move the four I*DelayedJobs interfaces from domain/jobs to application/jobs (they hold application job-class instances). - Move DefaultSkillsDeployResult/DefaultSkillMetadata out of infra into the coding-agent deployer port, breaking a domain↔infra cycle. Cross-domain isolation (packages/<domain>/src ↛ packages/<other>/src): - Promote the ICodingAgentDeployer port and its DTOs into @packmind/types/coding-agent; drop the `ICodingAgentDeployer = unknown` stub. coding-agent re-exports them from types for its own use; deployments imports the port from @packmind/types. - Add ICodingAgentPort.renderPackageAsClaudePlugin (contract in @packmind/types) implemented inside coding-agent; RenderPackageAsPluginUseCase now calls the port instead of instantiating ClaudePluginDeployer directly. - PackageRepository no longer imports recipes/standards/skills/spaces schemas: it returns packages with artefact IDs only, and PackageService hydrates the full artefacts through IRecipesPort/IStandardsPort/ISkillsPort/ISpacesPort (lazy-wired by the adapter). Standard summary parity kept via listStandardVersions. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The arch target had cache:false, so test:arch always reran (~14s) even with no source changes. Set cache:true with explicit inputs covering the full scan scope — the arch suite analyzes the whole repo (packages/*/src + apps/api/src), not just its own package, so default projectRoot-only inputs would replay a stale PASS after a boundary violation introduced elsewhere. Inputs also include the tsconfig build scripts, jest preset/utils, the PACKMIND_EDITION env (it changes path aliases), and the archunit/jest versions. outputs:[] — cache just replays terminal output. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Symmetric to findById: a single In(ids) query that excludes soft-deleted rows by default. Gives every repository a batch primitive so cross-domain hydration can avoid per-id fan-out. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Exposes a batched, access-control-free read of recipes by IDs through IRecipesPort (service -> use case -> adapter), backed by the new AbstractRepository.findByIds. Lets cross-domain artefact hydration fetch all recipes in one query instead of per-id. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Adds StandardRepository.findByIds and a lean StandardVersionRepository.findByStandardIds, then exposes IStandardsPort.getStandardsByIds. The adapter resolves all standards and their versions in one query each and rebuilds the current-version summary map, matching the previous repository hydration behaviour without per-id fan-out. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Exposes ISkillsPort.getSkillsByIds backed by SkillRepository.findByIds (service -> adapter), mirroring getSkill for a set of IDs so cross-domain artefact hydration fetches all skills in one query instead of per-id. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
enrichWithArtefacts now resolves recipes/standards/skills through the new batched ports (getRecipesByIdsInternal / getStandardsByIds / getSkillsByIds) in one query apiece instead of one call per id, removing the O(N) cross-domain fan-out on package download/deploy. Drops loadStandardWithSummary (the summary join now lives in the standards domain) and documents the setArtefactPorts precondition on the public methods. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add a dedicated architecture-tests job to the build workflow so any architecture rule violation fails the build. Also wire the arch target into the pre-push hook to catch violations before pushing. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The architecture-tests jobs still used `cache: 'npm'` + `npm ci`, but the repo migrated to pnpm (pnpm-lock.yaml, packageManager: pnpm@11.5.0). setup-node's npm cache looks for package-lock.json/yarn.lock, which no longer exist, so the jobs failed with "Dependencies lock file is not found". Switch both jobs (architecture.yml and build.yml) to pnpm/action-setup, the pnpm cache, and `pnpm install --frozen-lockfile`, mirroring the build-cli job. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Explanation
Introduces executable enforcement of Packmind's hexagonal (ports & adapters) architecture using ArchUnitTS. The new
architecture-testspackage contains rules that validate import dependencies across the monorepo's domain packages and API layer, ensuring the documented workflow is followed in practice.The test suite is intentionally separate from the main test suite (
npm run test) and runs via a dedicatednpm run test:archcommand. It scans the entire monorepo's dependency graph (slower) and surfaces pre-existing violations as failures, allowing the team to track and gradually refactor architecture debt without blocking the main CI pipeline.Key additions:
packages/architecture-tests/— New package with three rule suites:layering.arch.spec.ts) — Enforce the request flow: controller → service → adapter → use case → application service → repository interface → repository implementationdomain-purity.arch.spec.ts) — Prevent domain layer from importing application or infrastructurecross-domain.arch.spec.ts) — Ensure domains collaborate only through@packmind/typesports, never by importing each other's sourcescripts/build-arch-tsconfig.mjs— Generates a self-containedtsconfig.arch.json(git-ignored) with inlined path aliases, required because ArchUnitTS does not resolveextendsin tsconfig.github/workflows/architecture.yml— Non-blocking CI job that reports violations without failing the workfloweslint.config.mjsto toleratejest.*.config.tsnaming variants.gitignoreto exclude the generatedtsconfig.arch.jsonCurrent status: 8 of 15 rules pass; 7 fail with real, documented violations (see README "Known violations" section). Failures are intentionally left visible to track architecture debt.
Type of Change
Affected Components
accounts,spaces,standards,recipes,skills,git,deployments,coding-agent)Testing
npm run test:archcontinue-on-error: true) so pre-existing violations don't block mergesTODO List
packages/architecture-tests/)Reviewer Notes
The 7 failing rules document real architecture debt (e.g.,
coding-agentimporting concrete repositories,gituse cases importingGithubTokenResolverFactory, domain interfaces importing concrete application classes). These are intentionally left failing to make the violations visible and trackable. Each failure references the specific standard it guards (e.g.,standard-use-case-architecture-patterns,standard-port-adapter-cross-domain-integration).The generated
tsconfig.arch.jsonis git-ignored and rebuilt by thearchNx target before each run, ensuring path aliases always match the current edition.https://claude.ai/code/session_01KaYguqCn23xyuPLqkj4UtQ