Overview
/silver:devops is the Silver Bullet orchestrator for infrastructure, CI/CD, pipelines, Terraform, IaC, Kubernetes, containers, cloud, and ops work.
/silver:devops maps to WF-SILVER-DEVOPS in the v0.48.3 APO catalog. Standard composition chain:
It does not include AF-DESIGN-CONTRACT or AF-UI-QUALITY unless runtime evidence shows the infrastructure task also has UI deliverables. See Workflow catalog and Composable Flows.
Key design principles:
- Blast-radius first —
AF-BLAST-RADIUSvia/silver:blast-radiusandAF-DEVOPS-ROUTEbeforeAF-PLAN - 7 IaC quality dimensions instead of the product 8 core dimensions plus conditional gates — at both pre-plan and pre-ship gates. Usability and AI/LLM safety are excluded when they do not apply; infrastructure-specific concerns such as observability and change-safety are emphasized.
- TDD explicitly skipped — infrastructure and configuration work is declarative; there is no red-green-refactor cycle that applies to IaC resources.
When to Use
Entry trigger signals for /silver:devops:
- "infra" / "CI/CD" / "deploy" / "pipeline"
- "terraform" / "IaC" / "kubernetes" / "container"
- "cloud" / "ops" / "infrastructure" / "GitHub Actions"
7 IaC quality dimensions
These replace the standard product/software quality gate for all infra work. Applied at AF-QUALITY-GATE pre-plan and pre-ship gates:
- Reliability — failure modes, retry logic, health checks
- Security — secrets handling, IAM boundaries, network exposure
- Scalability — resource limits, auto-scaling, capacity planning
- Modularity — reusable modules, clear boundaries, minimal coupling
- Testability — infrastructure can be validated without production deployment
- Observability — logging, metrics, alerting, tracing integration
- Change-safety — idempotency, drift prevention, rollback plan
Flow execution
Pre-execution chain
- Pre-flight — load
silver-bullet.md §10preferences AF-ORIENT—/silver:scan//silver:contextfor infra topologyAF-BLAST-RADIUS—/silver:blast-radius; LOW/MEDIUM/HIGH/CRITICAL ratingAF-DEVOPS-ROUTE— IaC/cloud toolchain routingAF-QUALITY-GATEpre-plan —/devops-quality-gates(7 IaC dimensions); security dimension mandatory before planningAF-VALIDATE—/silver:validatewhen plans existAF-PLAN—/silver:context,/silver:planAF-EXECUTE—/silver:execute; TDD skipped for declarative IaC
Post-Execution Chain (canonical)
WF-POST-EXEC-GATES: review triad → AF-VERIFY → AF-SECURE → AF-VALIDATE → AF-QUALITY-GATE pre-ship → branch finish → completion audit → AF-SHIP. Optional /silver:deploy / /silver:canary run through ship-readiness when live rollout is in scope.
Blast radius levels
The blast radius assessment produces one of four ratings. The rating informs the scope of change-safety review and approval requirements:
| Level | Description | Typical examples |
|---|---|---|
| LOW | Change is isolated, no downstream impact, easy rollback | Adding a new CI job, updating a single env var, adding a monitoring alert |
| MEDIUM | Change affects 2–3 systems, rollback requires coordination | New IAM role, updating deployment pipeline, adding a new service |
| HIGH | Change affects production paths or cross-cutting infra, significant blast if rolled back | Database migration, network topology change, certificate rotation |
| CRITICAL | Core infra, affects all systems, rollback may cause outage | Cloud account-level changes, DNS/CDN changes, VPC or subnet modifications |
Non-Skippable Gates
- Security dimension inside
/devops-quality-gates(AF-QUALITY-GATEpre-plan) /devops-quality-gatespre-ship (AF-QUALITY-GATE)/silver:verify(AF-VERIFY)
Example Invocation
Silver Bullet routes to WF-SILVER-DEVOPS: AF-BLAST-RADIUS (likely LOW/MEDIUM) → AF-DEVOPS-ROUTE → AF-QUALITY-GATE → AF-PLAN → AF-EXECUTE (no TDD) → WF-POST-EXEC-GATES.