/silver:devops

SB-orchestrated infrastructure, CI/CD, and IaC workflow — blast-radius assessment mandatory, 7 IaC-adapted quality dimensions, TDD explicitly skipped.

Overview

/silver:devops is the Silver Bullet orchestrator for infrastructure, CI/CD, pipelines, Terraform, IaC, Kubernetes, containers, cloud, and ops work.

/silver:devops maps to WF-SILVER-DEVOPS in the v0.48.3 APO catalog. Standard composition chain:

WF-SILVER-DEVOPS → AF-BLAST-RADIUS → AF-DEVOPS-ROUTE → AF-QUALITY-GATE → AF-SECURE → AF-ORIENT → AF-PLAN → AF-VALIDATE → AF-EXECUTE → WF-POST-EXEC-GATES

It does not include AF-DESIGN-CONTRACT or AF-UI-QUALITY unless runtime evidence shows the infrastructure task also has UI deliverables. See Workflow catalog and Composable Flows.

Key design principles:

  • Blast-radius firstAF-BLAST-RADIUS via /silver:blast-radius and AF-DEVOPS-ROUTE before AF-PLAN
  • 7 IaC quality dimensions instead of the product 8 core dimensions plus conditional gates — at both pre-plan and pre-ship gates. Usability and AI/LLM safety are excluded when they do not apply; infrastructure-specific concerns such as observability and change-safety are emphasized.
  • TDD explicitly skipped — infrastructure and configuration work is declarative; there is no red-green-refactor cycle that applies to IaC resources.

When to Use

Entry trigger signals for /silver:devops:

  • "infra" / "CI/CD" / "deploy" / "pipeline"
  • "terraform" / "IaC" / "kubernetes" / "container"
  • "cloud" / "ops" / "infrastructure" / "GitHub Actions"

7 IaC quality dimensions

These replace the standard product/software quality gate for all infra work. Applied at AF-QUALITY-GATE pre-plan and pre-ship gates:

  • Reliability — failure modes, retry logic, health checks
  • Security — secrets handling, IAM boundaries, network exposure
  • Scalability — resource limits, auto-scaling, capacity planning
  • Modularity — reusable modules, clear boundaries, minimal coupling
  • Testability — infrastructure can be validated without production deployment
  • Observability — logging, metrics, alerting, tracing integration
  • Change-safety — idempotency, drift prevention, rollback plan

Flow execution

Pre-execution chain

  • Pre-flight — load silver-bullet.md §10 preferences
  • AF-ORIENT/silver:scan / /silver:context for infra topology
  • AF-BLAST-RADIUS/silver:blast-radius; LOW/MEDIUM/HIGH/CRITICAL rating
  • AF-DEVOPS-ROUTE — IaC/cloud toolchain routing
  • AF-QUALITY-GATE pre-plan/devops-quality-gates (7 IaC dimensions); security dimension mandatory before planning
  • AF-VALIDATE/silver:validate when plans exist
  • AF-PLAN/silver:context, /silver:plan
  • AF-EXECUTE/silver:execute; TDD skipped for declarative IaC

Post-Execution Chain (canonical)

WF-POST-EXEC-GATES: review triad → AF-VERIFYAF-SECUREAF-VALIDATEAF-QUALITY-GATE pre-ship → branch finish → completion audit → AF-SHIP. Optional /silver:deploy / /silver:canary run through ship-readiness when live rollout is in scope.

Blast radius levels

The blast radius assessment produces one of four ratings. The rating informs the scope of change-safety review and approval requirements:

LevelDescriptionTypical examples
LOW Change is isolated, no downstream impact, easy rollback Adding a new CI job, updating a single env var, adding a monitoring alert
MEDIUM Change affects 2–3 systems, rollback requires coordination New IAM role, updating deployment pipeline, adding a new service
HIGH Change affects production paths or cross-cutting infra, significant blast if rolled back Database migration, network topology change, certificate rotation
CRITICAL Core infra, affects all systems, rollback may cause outage Cloud account-level changes, DNS/CDN changes, VPC or subnet modifications

Non-Skippable Gates

🔒
These steps cannot be skipped regardless of §10 preferences or user request:
  • Security dimension inside /devops-quality-gates (AF-QUALITY-GATE pre-plan)
  • /devops-quality-gates pre-ship (AF-QUALITY-GATE)
  • /silver:verify (AF-VERIFY)

Example Invocation

/silver:devops Add GitHub Actions CI pipeline for automated testing

Silver Bullet routes to WF-SILVER-DEVOPS: AF-BLAST-RADIUS (likely LOW/MEDIUM) → AF-DEVOPS-ROUTEAF-QUALITY-GATEAF-PLANAF-EXECUTE (no TDD) → WF-POST-EXEC-GATES.