enterprise
$
npx mdskill add popup-studio-ai/bkit-claude-code/enterpriseEnables enterprise-grade system design with microservices, Kubernetes, and AI Native methodology
- Solves complex multi-feature project planning and infrastructure orchestration
- Uses Kubernetes, Terraform, and monorepo tools for deployment and management
- Groups features into 8-phase sprints with auto-pause triggers for quality and budget control
- Delivers structured task templates and architecture guidance via agent collaboration
SKILL.md
.github/skills/enterpriseView on GitHub ↗
---
name: enterprise
classification: capability
classification-reason: Specialized domain knowledge with limited model overlap
deprecation-risk: low
effort: high
description: |
Enterprise-grade systems with microservices, Kubernetes, Terraform, and AI Native methodology. For multi-feature initiatives spanning a release timeline, combine with /sprint master-plan (v2.1.13) to group features into a single 8-phase sprint container with shared scope/budget and 4 auto-pause triggers (QUALITY_GATE_FAIL / ITERATION_EXHAUSTED / BUDGET_EXCEEDED / PHASE_TIMEOUT).
Triggers: microservices, k8s, terraform, monorepo, AI native, 마이크로서비스, init enterprise.
argument-hint: "[init|guide|help]"
agents:
default: bkit:enterprise-expert
infra: bkit:infra-architect
architecture: bkit:enterprise-expert
security: bkit:security-architect
team: bkit:cto-lead
allowed-tools:
- Read
- Write
- Edit
- Glob
- Grep
- Bash
- Task
- WebSearch
user-invocable: true
imports:
- ${PLUGIN_ROOT}/templates/design-enterprise.template.md
next-skill: phase-1-schema
pdca-phase: plan
task-template: "[Init-Enterprise] {feature}"
---
# Advanced (Enterprise) Skill
## Actions
| Action | Description | Example |
|--------|-------------|---------|
| `init` | Project initialization (/init-enterprise feature) | `/enterprise init my-platform` |
| `guide` | Display development guide | `/enterprise guide` |
| `help` | MSA/Infrastructure help | `/enterprise help` |
### init (Project Initialization)
1. Create Turborepo monorepo structure
2. apps/, packages/, services/, infra/ folder structure
3. Create CLAUDE.md (Level: Enterprise specified)
4. docs/ 5-category structure
5. infra/terraform/, infra/k8s/ base templates
6. Initialize .bkit-memory.json
### guide (Development Guide)
- AI Native 10-Day development cycle
- Microservices architecture patterns
- Phase 1-9 full Pipeline (Enterprise version)
### help (Infrastructure Help)
- Kubernetes basic concepts
- Terraform IaC patterns
- AWS EKS, RDS configuration guide
## Target Audience
- Senior developers
- CTOs / Architects
- Large-scale system operators
## Tech Stack
```
Frontend:
- Next.js 14+ (Turborepo monorepo)
- TypeScript
- Tailwind CSS
- TanStack Query
- Zustand
- Sentry Browser SDK (@sentry/nextjs) — Error tracking + Session Replay
Backend:
- Python FastAPI (microservices) — default
- PostgreSQL (schema separation)
- Redis (cache, Pub/Sub)
- RabbitMQ / SQS (message queue)
- Sentry Server SDK (sentry-sdk[fastapi]) — Error tracking + APM
Infrastructure:
- AWS (EKS, RDS, S3, CloudFront)
- Kubernetes (Kustomize)
- Terraform (IaC)
- ArgoCD (GitOps)
- ALB + NGINX Ingress Controller (L7 load balancing)
- CORS: Ingress annotation으로 처리
nginx.ingress.kubernetes.io/enable-cors: "true"
- NLB(L4)는 gRPC/WebSocket 전용 서비스에만 사용
CI/CD:
- GitHub Actions
- Docker
- Semgrep (SAST) + Trivy (Container Scan)
Monitoring & Error Tracking:
- Sentry — Error tracking, grouping, regression detection
- Prometheus + Grafana — Metrics & dashboards
- Loki + Promtail — Log aggregation
- Tempo + OpenTelemetry — Distributed tracing
- Alertmanager → PagerDuty (critical) / Slack (warning)
Self-Healing Pipeline:
- Sentry Webhook → Self-Healing Agent trigger
- 4-Layer Living Context (Scenarios, Invariants, Impact, Incidents)
- Auto-fix (max 5 iterations) → Auto PR → Canary Deploy
- Auto-Rollback on error rate spike
```
### Language Tier Guidance (v1.3.0)
> **Supported**: All Tiers
>
> Enterprise level handles complex requirements including legacy system integration.
| Tier | Usage | Guidance |
|------|-------|----------|
| Tier 1 | Primary services | New development, core features |
| Tier 2 | System/Cloud | Go (K8s), Rust (performance critical) |
| Tier 3 | Platform native | iOS (Swift), Android (Kotlin), legacy Java |
| Tier 4 | Legacy integration | Migration plan required |
**Migration Path**:
- PHP → TypeScript (Next.js API routes)
- Ruby → Python (FastAPI)
- Java → Kotlin or Go
## Project Structure
```
project/
├── apps/ # Frontend apps (Turborepo)
│ ├── web/ # Main web app
│ ├── admin/ # Admin
│ └── docs/ # Documentation site
│
├── packages/ # Shared packages
│ ├── ui/ # UI components
│ ├── api-client/ # API client
│ └── config/ # Shared config
│
├── services/ # Backend microservices
│ ├── auth/ # Auth service
│ ├── user/ # User service
│ ├── {domain}/ # Domain-specific services
│ └── shared/ # Shared modules
│
├── infra/ # Infrastructure code
│ ├── terraform/
│ │ ├── modules/ # Reusable modules
│ │ └── environments/ # Environment-specific config
│ └── k8s/
│ ├── base/ # Common manifests
│ └── overlays/ # Environment-specific patches
│
├── docs/ # PDCA documents
│ ├── 00-requirement/
│ ├── 01-development/ # Design documents (multiple)
│ ├── 02-scenario/
│ ├── 03-refactoring/
│ └── 04-operation/
│
├── scripts/ # Utility scripts
├── .github/workflows/ # CI/CD
├── docker-compose.yml
├── turbo.json
└── pnpm-workspace.yaml
```
## Clean Architecture (4-Layer)
```
┌─────────────────────────────────────────────────────────┐
│ API Layer │
│ - FastAPI routers │
│ - Request/Response DTOs │
│ - Auth/authz middleware │
├─────────────────────────────────────────────────────────┤
│ Application Layer │
│ - Service classes │
│ - Use Case implementation │
│ - Transaction management │
├─────────────────────────────────────────────────────────┤
│ Domain Layer │
│ - Entity classes (pure Python) │
│ - Repository interfaces (ABC) │
│ - Business rules │
├─────────────────────────────────────────────────────────┤
│ Infrastructure Layer │
│ - Repository implementations (SQLAlchemy) │
│ - External API clients │
│ - Cache, messaging │
│ - Sentry SDK integration (error capture) │
└─────────────────────────────────────────────────────────┘
Dependency direction: Top → Bottom
Domain Layer depends on nothing
```
## Error Handling & Self-Healing Pipeline
```
Exception 발생 (Frontend/Backend)
↓
Sentry SDK 자동 캡처 (stack trace + breadcrumbs + user context)
↓
Sentry Alert Rule (new issue / regression / spike)
↓
Webhook → Self-Healing Agent trigger
↓
Living Context 4-Layer 로딩
├── Scenario Matrix: 테스트 시나리오
├── Invariants: 불변 조건 (critical = 수정 차단)
├── Impact Map: blast radius 계산
└── Incident Memory: 과거 장애 교훈
↓
Claude Code Fix (max 5 iterations)
↓
4중 검증 (scenarios + invariants + impact + anti-patterns)
↓
Pass → Auto PR → Human Review → Canary Deploy (10%→25%→50%→100%)
Fail → Escalation → PagerDuty + Slack + Auto-Rollback
↓
Post-deploy: Sentry에서 issue resolved 확인 + error_rate 모니터링
```
### Load Balancer Strategy
```
ALB + NGINX Ingress Controller (기본, 권장)
─────────────────────────────────────
- L7 로드밸런싱 (HTTP/HTTPS/gRPC)
- CORS: Ingress annotation으로 처리 (앱 코드 불필요)
- Path-based routing (/api/auth/*, /api/users/*)
- AWS Certificate Manager (ACM) TLS 연동
- WAF 연동 가능
NLB (특수 케이스만)
─────────────────────────────────────
- L4 로드밸런싱 (TCP/UDP)
- 극도의 저지연 필요 시 (< 1ms)
- WebSocket/gRPC 전용 서비스
- CORS 처리 불가 → 앱단에서 직접 처리 필요
```
## Core Patterns
### Repository Pattern
```python
# domain/repositories/user_repository.py (interface)
from abc import ABC, abstractmethod
class UserRepository(ABC):
@abstractmethod
async def find_by_id(self, id: str) -> User | None:
pass
@abstractmethod
async def save(self, user: User) -> User:
pass
# infrastructure/repositories/user_repository_impl.py (implementation)
class UserRepositoryImpl(UserRepository):
def __init__(self, db: AsyncSession):
self.db = db
async def find_by_id(self, id: str) -> User | None:
result = await self.db.execute(
select(UserModel).where(UserModel.id == id)
)
return result.scalar_one_or_none()
```
### Inter-service Communication
```python
# Synchronous (Internal API)
async def get_user_info(user_id: str) -> dict:
async with httpx.AsyncClient() as client:
response = await client.get(
f"{USER_SERVICE_URL}/internal/users/{user_id}",
headers={"X-Internal-Token": INTERNAL_TOKEN}
)
return response.json()
# Asynchronous (message queue)
await message_queue.publish(
topic="user.created",
message={"user_id": user.id, "email": user.email}
)
```
### Terraform Module
```hcl
# modules/eks/main.tf
resource "aws_eks_cluster" "this" {
name = "${var.environment}-${var.project_name}-eks"
role_arn = aws_iam_role.cluster.arn
version = var.kubernetes_version
vpc_config {
subnet_ids = var.subnet_ids
}
tags = merge(var.tags, {
Environment = var.environment
})
}
```
### Kubernetes Deployment
```yaml
# k8s/base/backend/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: user-service
spec:
replicas: 2
template:
spec:
containers:
- name: user-service
image: ${ECR_REGISTRY}/user-service:${TAG}
resources:
requests:
cpu: "100m"
memory: "256Mi"
limits:
cpu: "500m"
memory: "512Mi"
livenessProbe:
httpGet:
path: /health
port: 8000
```
## Environment Configuration
| Environment | Infrastructure | Deployment Method |
|-------------|---------------|-------------------|
| Local | Docker Compose | Manual |
| Staging | EKS | ArgoCD Auto Sync |
| Production | EKS | ArgoCD Manual Sync |
## Security Rules
```
✅ Allowed
- Retrieve secrets from Secrets Manager
- IAM role-based access
- VPC internal communication
- mTLS (inter-service)
❌ Prohibited
- Hardcoded secrets
- DB in public subnet
- Using root account
- Excessive IAM permissions
```
## CI/CD Pipeline
```
Push to feature/*
↓
GitHub Actions (CI)
- Lint
- Test
- Build Docker image
- Push to ECR
↓
PR to staging
↓
ArgoCD Auto Sync (Staging)
↓
PR to main
↓
ArgoCD Manual Sync (Production)
```
## SoR Priority
```
1st Priority: Codebase
- scripts/init-db.sql (source of truth for DB schema)
- services/{service}/app/ (each service implementation)
2nd Priority: CLAUDE.md / Convention docs
- services/CLAUDE.md
- frontend/CLAUDE.md
- infra/CLAUDE.md
3rd Priority: docs/ design documents
- For understanding design intent
- If different from code, code is correct
```
---
## AI Native Development
### 3 Core Principles
1. **Document-First Design**: Write design docs BEFORE code
2. **Monorepo Context Control**: All code in one repo for AI context
3. **PR-Based Collaboration**: Every change through PR
### 10-Day Development Pattern
| Day | Focus | Output |
|-----|-------|--------|
| 1 | Architecture | Market analysis + System architecture |
| 2-3 | Core | Auth, User + Business services |
| 4-5 | UX | PO feedback → Documentation → Implementation |
| 6-7 | QA | Zero Script QA + bug fixes |
| 8 | Infra | Terraform + GitOps |
| 9-10 | Production | Security review + Deployment |
---
## Monorepo Benefits for AI
```
Mono-repo:
└─ project/
├─ frontend/ ──────┐
├─ services/ ──────┤ AI reads completely
├─ infra/ ─────────┤ Context unified
└─ packages/ ──────┘
✅ AI understands full context
✅ Single source of truth for types
✅ Atomic commits across layers
✅ Consistent patterns enforced
```
### CLAUDE.md Hierarchy
```
project/
├── CLAUDE.md # Project-wide context
├── frontend/CLAUDE.md # Frontend conventions
├── services/CLAUDE.md # Backend conventions
└── infra/CLAUDE.md # Infra conventions
```
Rule: Area-specific CLAUDE.md overrides project-level rules
---
## bkit Features for Enterprise Level (v1.5.1)
### Output Style: bkit-enterprise (Recommended)
For CTO-level architecture perspectives, activate the enterprise style:
```
/output-style bkit-enterprise
```
This provides:
- Architecture tradeoff analysis tables (Option/Pros/Cons/Recommendation)
- Performance, security, and scalability perspectives for every decision
- Cost impact estimates for infrastructure changes
- Deployment strategy recommendations (Blue/Green, Canary, Rolling)
- SOLID principles and Clean Architecture compliance checks
### Agent Teams (4 Teammates)
Enterprise projects support full Agent Teams for parallel PDCA execution:
| Role | Agents | PDCA Phases |
|------|--------|-------------|
| architect | enterprise-expert, infra-architect | Design |
| developer | bkend-expert | Do, Act |
| qa | qa-monitor, gap-detector | Check |
| reviewer | code-analyzer, design-validator | Check, Act |
**To enable:**
1. Set environment: `CLAUDE_CODE_EXPERIMENTAL_AGENT_TEAMS=1`
2. Start team mode: `/pdca team {feature}`
3. Monitor progress: `/pdca team status`
### Agent Memory (Auto-Active)
All bkit agents automatically remember project context across sessions.
Enterprise agents use `project` scope memory, ensuring architecture decisions
and infrastructure patterns persist across development sessions.
More from popup-studio-ai/bkit-claude-code