Skip to content

resultakak/argos

BranchesTags

Repository files navigation

argos — Full-Stack Dev & Platform Plugin

Claude Code plugin'i. Full-stack ve platform geliştiricileri için tasarlandı: Docker, Kubernetes, Nginx, PostgreSQL, Python, Node.js, React, Vite, WebSocket, TypeScript/JavaScript, Go stack'ine özel rules, slash commands, skills, hooks, MCP server önerileri ve runbook template'leri içerir. Ortak code style + dil-bazlı style rule'ları (Python, React, TS/JS, Go) review akışına entegre.

Plugin Amacı

  • Hangi geliştirici problemlerini çözer?
    • Dockerfile/compose review (boyut, güvenlik, cache)
    • K8s pod debug (CrashLoop, OOM, Pending, probe fail)
    • Nginx reverse proxy + WebSocket konfig hataları
    • Postgres yavaş query / index önerisi
    • Python (FastAPI + Django/DRF/Celery/Channels) / Node / React kod review (async, type, ORM, perf, güvenlik)
    • Vite dev/prod build sorunları
    • WS bağlantı / idle disconnect
    • Production incident triage + runbook üretimi
    • docker-compose -> Kubernetes migrasyonu
    • Multi-layer security audit
  • Ne zaman kullanılır?
    • Lokal dev, staging deploy, prod incident, code review, on-call hazırlık.

Uyumluluk

  • Claude Code: >= 2.0, test edilen sürüm: 2.1.118
  • Manifest: metadata.requirements.claudeCode alanından programatik okunabilir.
  • Eski sürümlerde SessionStart hook'u veya manifest field'ları yok sayılabilir; çalışırlık etkilenmez.

Hızlı Kurulum

📦 Kurulum + private repo + npx skills add: docs/INSTALL.md 🚀 İlk 30 dakika onboarding: docs/GETTING-STARTED.md 🏗 Plugin iç tasarımı + katman akışı + decision tree: docs/ARCHITECTURE.md 🛠 Yeni component (command/skill/agent/rule/hook/template) ekleme: docs/CONTRIBUTING-COMPONENTS.mdTroubleshooting (hook, MCP, helm, CI): docs/FAQ.md 📚 Sözlük (terim disambiguation): docs/GLOSSARY.md 🌐 Tek-dosya HTML doküman: site/index.html (browser'da aç). Yeniden build: pip install --user markdown pygments && python3 scripts/build-html.py.

1) Repo'yu Klonla

git clone https://github.com/resultakak/argos.git ~/.claude/plugins/argos

2) Plugin'i Aktive Et

Claude Code yapılandırmanda (kullanıcı ~/.claude/settings.json veya proje .claude/settings.json):

{
  "plugins": [
    "~/.claude/plugins/argos"
  ]
}

3) MCP Server'ları (opsiyonel)

.mcp.json (root) referans config içerir. Kullanmak istediklerini kendi ~/.claude/mcp.json'una taşı, ENV'leri set et. Bkz: mcp/README.md.

4) Hooks için Yardımcı Araçlar (opsiyonel)

brew install jq gitleaks hadolint kubeconform
# trivy, kubesec, polaris, py-spy, clinic gerektiğinde

Komut Listesi

Komut Amaç
/docker-review Dockerfile + compose review
/k8s-debug Pod/deployment teşhis (CrashLoop, OOM, Pending)
/nginx-check Nginx konfig + WS + TLS review
/postgres-optimize Yavaş query EXPLAIN + index/rewrite önerisi
/python-review Python backend kod review
/node-review Node.js API review
/go-review Go backend (net/http, gRPC, CLI) review
/react-review React component review
/vite-debug Vite dev/build sorunları
/websocket-debug WS bağlantı/lifecycle teşhisi
/fullstack-healthcheck DB+cache+API+WS+frontend+ingress smoke
/production-incident Triage -> stabilize -> forensics yönlendirici
/generate-runbook Servis/alert için runbook üret
/security-audit Multi-layer security audit
/compose-to-k8s docker-compose -> idiomatic K8s manifests
/api-contract-review OpenAPI/GraphQL contract review
/scaffold Plugin template'ini projeye uygula (helm/docker/k8s/nginx/runbook…)
/refactor Smell tespit + Fowler pattern + küçük-adım plan (davranış invarianti)
/cicd-review Pipeline review — hız+determinizm+güvenlik, SBOM/sign, DORA
/release-plan Semver+CHANGELOG+readiness+sunset+rollback, multi-service koordinasyon
/postmortem Blameless RCA — timeline, 5-why, contributing factor, action item
/observe-bootstrap Servis observability — SLI/SLO + burn rate + trace + 3-tier dashboard
/threat-model STRIDE — asset+DFD+abuse case+CVSS+mitigation issue (proaktif security)
/iac-review Terraform/Pulumi/CFN — state+module+plan+drift+security+cost diff
/gitops-review ArgoCD/Flux + Argo Rollouts — sync+secret+canary+drift+RBAC+DR
/capacity-plan Yük testi + capacity — k6 baseline+stress+spike+soak+HPA+cost+forecast
/discovery Lifecycle "A" — INVEST story + Gherkin AC + NFR + non-goal + DoD + estimate
/qa-plan Test piramidi + coverage + mutation + flaky + UAT + bug bash + quality gate
/cost-review FinOps — right-sizing + RI/SP + idle + egress + tag + anomaly + maturity
/onboard Repo tour 30dk — decision tree + C4 + glossary + common task + archaeology
/data-migration Expand-Contract — dual-write + backfill + shadow read + cutover + rollback drill
/compliance-review SOC 2/GDPR/PCI/HIPAA/ISO control map + automated evidence + DSR + vendor risk
/epic-plan Epic-level multi-agent orkestrasyon — slice + dependency + critical path + burndown
/ddd-model DDD — bounded context + ubiquitous language + context map + event storming + aggregate
/chaos-drill Chaos engineering — hypothesis + steady state + fault injection + abort + drill log + learning loop
/experiment-design A/B experiment — hypothesis + MDE + power + sample size + SRM + guardrail + decision rubric + flag lifecycle
/perf-budget Performance budget — Web Vitals + bundle + API/DB latency + cost; PR-time CI gate (size-limit + Lighthouse CI + k6) + RUM + trend regression
/mesh-review Service mesh review (Istio/Linkerd) — mTLS strict + zero-trust authz + retry idempotency + trace propagation + sidecar drift + migration
/privacy-review Privacy engineering — PII inventory + DSR + consent + pseudonym + retention + DPIA + sub-processor SCC
/catalog-audit Service catalog & IDP (Backstage/Port/Cortex) — orphan + ownership + lifecycle + tier + scorecard + tech radar + self-service
/extract-service Monolith → microservice extraction — bounded context + strangler fig + ACL + DB split + contract test + readiness gate + 90g rollback
/data-contract Producer-consumer data contract — REST/GraphQL/gRPC/AsyncAPI + Schema Registry + versioning + idempotent + DLQ + CI gate + Backstage API
/cdn-review CDN (CloudFront/Cloudflare/Fastly) — cache key + TTL + origin shield + purge + signed URL + image opt + multi-CDN + TLS + WAF
/property-test-review Property-based testing (Hypothesis / fast-check / gopter / Schemathesis) — generator + shrinking + stateful + regression seed + CI gate
/redis-review Redis review — cache (eviction + TTL + stampede) + pub-sub backplane + rate limit (Lua atomic) + ops (memory + slow log + persistence) + Sentinel HA
/llm-review LLM Ops review — prompt (versionlu + structured + cache) + eval (golden set + cross-model judge + CI gate) + cost (token budget + PR-time delta) + RAG (chunking + embedding + vector DB + reranker + RAGAS) + provider abstraction
/aws-review AWS fundamentals review — S3 (BPA + bucket policy + lifecycle + SSE) + RDS (multi-AZ + encryption + IAM auth) + Lambda (cold start + VPC) + IAM (least privilege + Access Analyzer + CloudTrail-driven)

Ayrıntı: commands/.

Skill Listesi

Skill Konu
docker-diagnosis Container/build/healthcheck/network teşhis
kubernetes-troubleshooting Pod state, probe, scheduling, RBAC
nginx-reverse-proxy Proxy/WS/TLS/security header
postgres-performance EXPLAIN, index, lock, migration
python-backend-review Async, type, ORM, test
node-api-review Async, validation, memory, security
go-backend-review Concurrency, error wrap, interface, perf
react-vite-frontend Re-render, state, bundle, HMR, a11y
websocket-realtime-systems Heartbeat, reconnect, scale, proxy
fullstack-architecture-review Topoloji, SPOF, cross-cutting concerns
incident-response Triage, stabilize, forensics, postmortem
secure-deployment-review Image, K8s, CI/CD, runtime hardening
api-contract-review REST/OpenAPI/GraphQL/WS contract + breaking diff
template-scaffolding Plugin template'lerini projeye uygulama prosedürü
clean-code-refactor SOLID/DRY + smell + Fowler pattern + complexity
cicd-pipeline-design GHA/GitLab/Jenkins, cache+matrix+SBOM+DORA
release-management Semver+CHANGELOG+readiness+sunset+feature flag
postmortem-rca Blameless RCA + 5-why + action item + follow-up
observability-setup SLI/SLO + structured log + OTel + RED/USE + dashboard
threat-modeling STRIDE + DFD + abuse case + CVSS + compliance map
iac-review Terraform/Pulumi/CFN — state+module+plan+drift+scan
gitops-review ArgoCD/Flux + sync policy + sealed-secrets + canary
capacity-planning k6/Locust + baseline + bottleneck + HPA + cost
discovery-requirements INVEST story + Gherkin AC + NFR + non-goal + DoD
qa-strategy Pyramid + coverage + mutation + flaky + UAT + gate
finops-review Right-sizing + RI/SP + idle + egress + maturity
code-archaeology Repo onboarding — C4+glossary+common task+archaeology
data-migration Expand-Contract + dual-write + backfill + shadow + drill
compliance-controls SOC 2/GDPR/PCI control map + evidence + DSR + vendor
epic-orchestration Slice + dependency + critical path + multi-agent + burndown
ddd-modeling Bounded context + ubiquitous language + aggregate + event storming
chaos-engineering Hypothesis-driven fault injection + steady state + abort + drill log + learning loop
experimentation A/B hypothesis + power + SRM + guardrail + decision rubric + flag lifecycle
performance-budget Web Vitals + bundle + API/DB latency + cost budget; CI gate + RUM + regression detector
service-mesh Istio/Linkerd mTLS + traffic shift + retry/timeout/CB + zero-trust authz + observability
privacy-engineering PII inventory + DSR + consent + pseudonym + retention + DPIA + sub-processor SCC
service-catalog IDP (Backstage/Port/Cortex) ownership + lifecycle + tier + scorecard + tech radar + paved road
microservice-extraction Bounded context + strangler fig + ACL + DB split + Pact + readiness gate + rollback
data-contracts AsyncAPI/OpenAPI/Schema Registry + versioning + idempotent + DLQ + CI gate + Backstage API entity
semantic-versioning SemVer 2.0.0 disipline — surface tanım + breaking taxonomy + bump tree + deprecation workflow + tooling
http-protocol HTTP/1.1//2//3 — method/status semantic + cache + CORS + TLS + HSTS + compression + webhook HMAC + pool sizing
grpc-protocol gRPC proto3 + buf + deadline propagation + status code + interceptor + mTLS + grpc-gateway + Connect + streaming backpressure
api-paradigm-selection REST/GraphQL/gRPC/AsyncAPI/WS/SSE seçim — use case matrix + hybrid BFF + Apollo Federation + grpc-gateway + Connect
cdn-engineering CDN cache strategy + origin shield + purge + signed URL + image opt + multi-CDN + edge compute + WAF
digitalocean-doks DOKS — HA CP + VPC + surge upgrade + node pool + DO LB annotation + Cilium NetworkPolicy + DOCR + Velero + cost
digitalocean-app-platform DOAP PaaS — App Spec Git-tracked + multi-stage build + autoscale + managed DB trusted source + SECRET scope + blue/green via dual-app DNS
digitalocean-spaces DOS S3-compat — private default + pre-signed URL 15dk + lifecycle MPU abort + CDN edge cache + rclone DR + Velero target
cloudflare Cloudflare ekosistem — Full(strict) SSL + WAF Managed + Workers wrangler + R2 (egress FREE) + Pages Access + Zero Trust Tunnel + Logpush
owasp-top10 OWASP Top 10 (2021) review — A01..A10 audit + CI gate (gitleaks/semgrep/trivy/OSV/ZAP) + findings format
property-based-testing PBT — Python Hypothesis + TS fast-check + Go gopter + Schemathesis (OpenAPI). Property hierarchy + generator + shrinking + stateful + regression seed corpus + CI gate
redis-engineering Redis — cache (eviction policy + TTL jitter + stampede mitigation) + pub-sub backplane (multi-replica WS fanout, subscriber leak) + rate limit (token bucket Lua atomic) + ops (memory audit + slow log + persistence) + Sentinel HA
llm-ops Production LLM application — prompt engineering (versionlu, structured output, Anthropic prompt cache) + eval harness (golden set + LLM-as-judge cross-model + CI gate) + cost budget (token + cache hit + PR-time delta) + RAG architecture + provider abstraction
aws-fundamentals AWS fundamentals — S3 (Block Public Access + DenyInsecureTransport) + RDS (multi-AZ + IAM auth) + Lambda (init pattern + provisioned concurrency) + IAM (CloudTrail-driven least privilege + Access Analyzer + permissions boundary + SCP); EKS scope dışı

Ayrıntı: skills/.

Agents

agents/ altında 51 uzman alt-agent var:

  • 28 stack-uzmanı (kök) — Docker/K8s/Postgres/Python/Node/React/Vite/WS/LLM dilini bilen
  • 23 süreç-uzmanı (kategori subdir'lerinde) — strategy/review/implementation/testing/delivery

Birlikte uçtan uca production-grade yazılım geliştirme sürecini yürütürler: problem framing → domain → system design → ADR → vertical slice → TDD (Red/Green/Refactor) → review → security/performance → deploy → observability → incident.

Detay: agents/README.md, agents/coordination.md, agents/workflows/tdd-vertical-slice.md.

Süreç-Uzmanı Kategorileri

Kategori Agent'lar
🧠 Strategy (5) product-domain-analyst, system-design-architect, architecture-decision-writer, vertical-slice-planner, epic-orchestrator
🔍 Review (3 yeni) architecture-reviewer, code-reviewer, performance-reviewer
🛠 Implementation (7) backend-implementer, frontend-implementer, database-implementer, infrastructure-implementer, realtime-implementer, refactor-specialist, iac-engineer
🧪 Testing (7) tdd-driver, unit-test-writer, integration-test-writer, e2e-test-writer, contract-test-writer, load-test-engineer, regression-test-runner
🚚 Delivery (1 yeni + 6 mevcut) deployment-planner, deployment-strategist, release-manager, migration-planner, observability-engineer, runbook-author, incident-commander

Slash command'lar bir akış başlatır; agent'lar o akışın disiplinini sahiplenir. Komut ne, agent kim.

Çekirdek Agent'lar (9)

Agent Sahiplendiği
platform-engineer Container/K8s/ingress topolojisi, manifest, migration
backend-reviewer Python (FastAPI/Django/Celery) / Node backend kod review
frontend-reviewer React + Vite UI review
devops-debugger Runtime arıza teşhisi (CrashLoop, OOM, 5xx)
database-optimizer Postgres query plan, index, lock, migration
security-reviewer Secret/CVE/posture/auth/input audit
incident-commander Incident triage + multi-agent koordinasyon
realtime-systems-reviewer WebSocket protocol, lifecycle, scale, proxy
test-engineer Test piramidi, integration, fixture, flake yönetimi

Uzmanlaştırılmış Agent'lar (19)

Agent Sahiplendiği
deployment-strategist Rollout stratejisi (rolling/canary/blue-green), abort eşik, rollback
observability-engineer Logs/metrics/traces, dashboard, alert, SLO/SLI
performance-profiler Backend/frontend/DB/network performans uçtan uca
ci-cd-engineer Pipeline, cache, paralelizm, secret hijyeni
api-contract-guardian REST/GraphQL/WS contract, backward compat, versioning
release-manager Release notes, readiness, rollback planı
migration-planner Schema, infra, monolith->service migrasyon faz planı
infrastructure-reviewer Dockerfile/compose/K8s manifest statik review
frontend-performance-auditor Bundle, code split, hydration, web-vitals
websocket-protocol-auditor WS protokol detayı (heartbeat, reconnect, backpressure, scale)
dependency-risk-auditor CVE, lisans, abandoned, supply-chain
local-dev-environment-doctor Lokal Docker/Node/Python/Postgres/env teşhisi
production-readiness-reviewer Servis go-live gate (security/obs/scale/data/cost)
runbook-author Incident/deploy/DB recovery runbook
architecture-cartographer Repo/servis/data flow haritası, tech debt
chaos-engineer Hipotez-driven fault injection + game day + drill log + learning loop
experiment-designer A/B hypothesis + power + SRM + guardrail + sequential + flag lifecycle
privacy-engineer PII inventory + DSR + pseudonym + retention + DPIA + sub-processor
llm-engineer LLM Ops — prompt + eval + cost + RAG + prompt cache + provider abstraction

Hangi agent ne zaman + agent seçme matrisi + 15 multi-agent workflow + güvenlik sınırları + MVP ilk-5 önerisi: agents/README.md.

Komut/skill akışında ilgili agent otomatik delege edilebilir veya kullanıcı Use the @<agent> ile manuel çağırabilir.

Rules

rules/ altında 47 doküman; her komut/skill ilgili rules'ı agent context'ine yükler:

  • engineering.md (genel)
  • code-style.md — ortak okunabilirlik / isim / hata / yorum / review prensipleri
  • docker.md, kubernetes.md, nginx.md, postgres.md
  • python.md, nodejs.md, react.md, vite.md, websocket.md
  • typescript-javascript.md — TS-first, strict, Prettier+ESLint, ESM
  • go.md — gofmt/goimports, küçük interface, explicit error, context-first
  • security.md, testing.md, observability.md, production-debugging.md
  • domain-driven-design.md — bounded context + aggregate + invariant + event storming
  • chaos-engineering.md — hypothesis-driven + steady state + blast radius + abort + drill log
  • experimentation.md — A/B + MDE + power + SRM + guardrail + flag lifecycle
  • performance-budget.md — Web Vitals + bundle + API/DB latency + cost; PR-time CI gate
  • service-mesh.md — Istio/Linkerd mTLS + retry idempotency + zero-trust authz + trace
  • privacy-engineering.md — PII inventory + DSR + pseudonym + retention + DPIA
  • service-catalog.md — IDP catalog + ownership + lifecycle + tier + scorecard + tech radar
  • microservice-extraction.md — bounded context + strangler fig + ACL + Pact + rollback window
  • data-contracts.md — AsyncAPI/OpenAPI/Schema Registry + versioning + idempotent + DLQ
  • semantic-versioning.md — SemVer 2.0.0; public surface; breaking taxonomy; deprecation
  • http-protocol.md — HTTP/1.1//2//3; method/status; cache/CORS/TLS; webhook HMAC
  • grpc-protocol.md — gRPC proto3 + deadline propagation + status code + mTLS + grpc-gateway
  • api-paradigm-selection.md — REST/GraphQL/gRPC/AsyncAPI seçim + hybrid mimari
  • cdn.md — cache key + TTL + origin shield + signed URL + image opt + multi-CDN + WAF
  • digitalocean-doks.md — DOKS provisioning + node pool + LB annotation + Cilium + storage + DR + cost
  • digitalocean-app-platform.md — DOAP PaaS App Spec + sizing + managed DB + SECRET + blue/green
  • digitalocean-spaces.md — DOS S3-compat private + pre-signed + lifecycle + CDN + DR
  • cloudflare.md — DNS/SSL/WAF + Workers + R2 + Pages + Zero Trust + Logpush + cost tier
  • owasp-top10.md — A01..A10 (2021) audit listesi + CI gate önerisi
  • git-commit.md — Conventional Commits + AI tool imzası yasağı
  • property-based-testing.md — PBT discipline; property hierarchy (invariant/round-trip/idempotency/oracle/metamorphic); generator hijyeni; Schemathesis
  • redis.md — Redis discipline; eviction policy matrisi + TTL/jitter + cache stampede + pub-sub vs Streams + rate limit Lua + Sentinel HA
  • llm-ops.md — LLM Ops discipline; prompt versionlama + Anthropic cache + eval golden set + cost budget + RAG architecture + provider abstraction
  • aws.md — AWS fundamentals (S3 + RDS + Lambda + IAM derinleşme); BPA + DenyInsecureTransport + multi-AZ + IAM auth + init pattern + permissions boundary + SCP guardrails

Hooks

Manifest tek truth: .claude-plugin/plugin.json. Detay tablo + git-side hook kurulumu: hooks/README.md.

Aktif harness hook'ları:

  • PreToolUse:Bashpre-command.sh — destructive komutları blokla, prod context uyar
  • PreToolUse:Edit|Writepre-edit.sh — protected path / lockfile / secret koruması
  • PostToolUse:Bashpost-command.sh — non-zero exit'i agent'a flagle
  • PostToolUse:Edit|Write zinciri (path-bazlı early-exit):
    • post-edit.sh — hızlı lint/typecheck
    • security-scan.sh — gitleaks + dep audit incremental
    • test-after-edit.sh — etkilenen test'leri koş
    • dockerfile-change.sh — hadolint (Dockerfile path'inde)
    • k8s-manifest-change.sh — kubeconform + kubesec (K8s manifest'inde)

Git-side: hooks/scripts/git/pre-commit.sh — Conventional Commits + AI imza yasağı + secret + lint. core.hooksPath ile bağlanır.

MCP Yapılandırması

.mcp.json örnektir. Önerilen MCP server'lar:

  • github — PR review, issue
  • filesystem — proje dosyaları (root path explicit)
  • docker — container/image inspect
  • kubernetes — read-only pod/deploy/event (MCP_K8S_READONLY=true)
  • postgres — read-only replica connection (EXPLAIN, schema)
  • redis — read-only inspect (INFO, CLIENT LIST, SLOWLOG, MEMORY USAGE, PUBSUB)
  • browser-devtools — frontend smoke + screenshot
  • logs-observability — Loki query, incident forensics

Detay + güvenlik notları: mcp/README.md.

Güvenlik Uyarıları

  • Bu plugin agent'ın read-only çalışmasını teşvik eder. Yazıcı/destructive komutlar (kubectl delete, git push --force, DROP TABLE) hook ile flag'lenir ve kullanıcı onayı ister.
  • Prod context tespit edilirse (kubectl context prod) yazıcı komutlar ek koruma altındadır.
  • Secret commit / push: pre-edit ve pre-commit hook'ları engeller. Yine de secret rotate prosedürünüz olsun.
  • MCP token'ları minimum scope ile. Prod kubeconfig staging'den ayrı dosyada.
  • examples/'taki komutlar şablon — kendi env'inizdeki gerçek değerlerle çalıştırın.

Örnek Workflow'lar

Sabah Stand-up Healthcheck

/fullstack-healthcheck staging

PR Review (Python backend — FastAPI veya Django/DRF)

/python-review services/api/app/routes/orders.py     # FastAPI
/python-review apps/orders/views.py                  # Django/DRF
/python-review apps/orders/tasks.py                  # Celery
/security-audit

Production Incident

/production-incident "checkout 5xx %22 14:05'ten beri"
# triage + stabilize öner
/generate-runbook checkout-svc

Yeni Servis Onboarding

/compose-to-k8s docker-compose.yml --namespace staging
/security-audit deploy
/generate-runbook new-svc

Senaryolar

# Konu Stack
01 Docker image boyut & layer cache Docker
02 Pod CrashLoopBackOff teşhis K8s
03 Nginx WS proxy upgrade Nginx, WS
04 Yavaş query EXPLAIN + index Postgres
05 FastAPI handler performans Python, FastAPI
06 Node.js memory leak teşhisi Node.js
07 React+Vite prod build sorunu React, Vite
08 WS staging disconnect storm WebSocket
09 docker-compose → K8s migrasyon Docker, K8s
10 Incident runbook üretimi Observability
11 Django/DRF perf review Python, Django
12 Go goroutine leak + timeout Go
13 Helm chart staging deploy Helm, K8s
14 PgBouncer transaction pooling Postgres
15 /scaffold helm chart üret Helm, scaffold
16 /refactor — CC 38 → 6, OrderTypeStrategy Clean code, refactor
17 /cicd-review — 28 dk → 10 dk + permission/SBOM CI/CD, GHA
18 /release-plan — v1.3.2 → v2.0.0 major bump Release, semver
19 /postmortem — ConfigMap drift, 14 dk 5xx Postmortem, RCA
20 /observe-bootstrap — SLO + burn rate + dashboard Observability, SLO
21 /threat-model — STRIDE + 4 Critical + 11 mitigation Security, threat model
22 /iac-review — Terraform prod, 3 Critical, +$340/ay IaC, Terraform
23 /gitops-review — ArgoCD + Argo Rollouts, 3 Critical GitOps, ArgoCD
24 /capacity-plan — Black Friday 1500 RPS hedef Capacity, load test
25 /discovery — admin 90-day order history Discovery, INVEST, Gherkin
26 /qa-plan — checkout-svc hourglass + flaky storm QA, test pyramid
27 /cost-review — SaaS account, $5,260/ay tasarruf FinOps, AWS
28 /onboard — mono-repo 30dk tour + 10 action item Onboarding, archaeology
29 /data-migration — Postgres→CockroachDB zero-downtime Data migration, multi-region
30 /compliance-review soc2-type2 — 23 kontrol + 4 partial fix Compliance, SOC 2
31 /epic-plan — password reset 7-slice 12-agent Epic, multi-agent
32 /ddd-model — payments bounded context + 4 aggregate + event storming DDD, domain modelling
33 /chaos-drill — api-svc pod kill, HPA tuning + PDB bulgusu Chaos, K8s, SLO
34 /experiment-design — checkout button color, power + SRM + guardrail + decision Experimentation, A/B, flags
35 /perf-budget — checkout sayfası: LCP/INP/bundle/API/DB/N+1 budget + CI gate Performance, CWV, RUM
36 /mesh-review — Istio production: 8 PERMISSIVE → STRICT, idempotency bulgusu, sidecar CVE Service mesh, mTLS, zero-trust
37 /privacy-review — signup: PII catalog drift, backup purge eksik, marketing scope ihlal Privacy, GDPR, DSR
38 /catalog-audit — Backstage rollout: 21 orphan + 16 owner non-existent + refund-svc F IDP, Backstage, scorecard
39 /extract-service — notifications monolith → svc, ADR + strangler 5-phase + outbox Microservice, strangler, ACL
40 /data-contract — events.order.created: schema + DLQ + idempotency + pseudo + 7 consumer Data contract, AsyncAPI, Kafka
41 DOKS K8s upgrade 1.28→1.30 — surge + PDB audit + 9 deployment fix DOKS, K8s upgrade
42 DOKS shared s-* → dedicated c-* migration — CPU steal %18, p99 850→95ms DOKS, node pool, perf
43 DOKS NetworkPolicy zero→deny-default + Cilium FQDN egress DOKS, NetworkPolicy, zero-trust
44 DOKS Velero + Spaces target + DR drill RTO 2h47dk RPO 14h DOKS, Velero, DR, SOC 2
45 Heroku → DOAP migration — App Spec + managed pg + dump-replay cutover DOAP, migration, cost
46 DOAP managed Postgres trusted source 0.0.0.0/0 → app-only + pgbouncer pool DOAP, security, DB pool
47 DOAP blue/green dual-app + CF DNS swap — v2.0.0 breaking schema DOAP, blue/green, expand-contract
48 DOS lifecycle MPU abort — 832GB ghost cost cleanup, $187→$20/ay DOS, FinOps, lifecycle
49 DOS pre-signed URL — client-direct upload + Content-Length condition + verify DOS, secure upload, OWASP A05
50 DOS + CDN edge cache — cdn.acme.com cert + immutable + LCP 3.4→1.7s DOS, CDN, perf budget
51 Cloudflare SSL Flexible → Full (strict) + Origin Pulls mTLS + HSTS preload Cloudflare, SSL, OWASP A02
52 Cloudflare Workers gradual deploy 1→10→50→100% + Logpush R2 + PII audit Cloudflare, Workers, release
53 AWS S3 → R2 migration — egress $378/ay → $0, dual-write + rclone + DNS Cloudflare R2, migration, FinOps
54 Cloudflare Tunnel + Access SSO — VPN retirement, 4 internal tool MFA + WARP Cloudflare, Zero Trust, OWASP A07
55 Cloudflare Pages preview Access SSO — Google index leak fix + strict CSP Cloudflare Pages, security
56 OWASP A01 IDOR — /orders/{id} owner check + repository pattern + semgrep gate Security, IDOR, A01
57 OWASP A02 password SHA-256 → argon2id lazy migration + force reset Security, password, A02
58 OWASP A05 strict CSP nonce + HSTS preload + cookie hardening — Observatory F→A+ Security, CSP, A05
59 OWASP A06 Critical CVE patch + SBOM CI gate + Renovate + distroless Security, CVE, A06, SBOM
60 OWASP A07 JWT 24h → 15dk + refresh token rotation + theft detection Security, JWT, A07
61 PBT Hypothesis JSON encode/decode round-trip — Unicode NFC↔NFD bug + regression seed + CI profile PBT, Hypothesis, unicode
62 PBT Schemathesis OpenAPI — 31 endpoint × 8 bulgu (validation/format/injection/spec drift) + CI gate PBT, Schemathesis, contract
63 Redis cache stampede + eviction noevictionallkeys-lru; TTL jitter + lock; hit rate %63 → %91 Redis, cache, perf
64 Redis pub-sub backplane — WS 1 → 4 replica; Channels-Redis; subscriber leak 1204 → 4; p99 1.4s → 180ms Redis, WS, Channels
65 Redis rate limit GETSET race → Lua atomic token bucket; brute-force attempt 38 → 10 (capacity-respect) Redis, security, OWASP A04
66 LLM eval harness — golden set 80; Claude 4.6 → 4.7 adversarial regresyon %50 → %92 (system prompt v3 + tool-use) LLM Ops, eval, model bump
67 LLM RAG — pgvector → Qdrant migration (9.2M chunk); context_precision %58 → %84; p99 4.2s → 1.34s; ADR-0014 LLM Ops, RAG, vector DB
68 LLM token budget — cost spike $1.2K → $2.9K/ay; cache markerları + max_tokens dial + CI gate; öngörü $1.2K LLM Ops, FinOps, CI
69 AWS S3 public read leak — 3 bucket (DB dump + PII + Stripe key); BPA account+per-bucket + DenyInsecureTransport + AWS Config rule preventive; 5840 customer KVKK notify AWS, S3, security, incident
70 AWS Lambda cold start p99 4.2s → 0.21s — init pattern (module-level boto3) + 10 provisioned concurrency + VPC endpoint S3 (NAT GW -$51/ay) AWS, Lambda, perf
71 AWS IAM *:* → 8 dedicated role + permissions boundary + 3 SCP; CloudTrail-driven (47 unique action) + Access Analyzer; SOC 2 CC6.1 evidence AWS, IAM, OWASP A01, SOC 2

Tümü gerçek diff + komut + beklenen metric ile.

Önerilen Repo Yapısı (plugin tarafı)

argos/
├── .claude-plugin/
│   └── plugin.json
├── commands/
│   └── *.md                 # 47 slash command
├── skills/
│   └── <skill>/SKILL.md     # 53 skill
├── rules/
│   └── *.md                 # 47 rule doc
├── hooks/
│   ├── README.md
│   └── scripts/             # harness + git-side hook script'leri
│       ├── *.sh             # 9 harness script
│       └── git/pre-commit.sh
├── mcp/
│   ├── .mcp.json
│   └── README.md
├── examples/
│   └── 01-..71-*.md         # 71 senaryo
├── templates/
│   ├── docker/              # python/node/vite/django Dockerfile
│   ├── k8s/                 # deployment, networkpolicy
│   ├── helm/app/            # production-aware chart skeleton
│   ├── nginx/               # reverse-proxy + WS
│   ├── compose/             # docker-compose
│   ├── pgbouncer/           # transaction pooling config
│   ├── redis/               # cache/store config
│   ├── github-actions/      # reusable build workflow (sbom + provenance)
│   ├── postmortem/          # blameless RCA template
│   ├── threat-model/        # STRIDE template
│   ├── terraform/           # IaC modules + envs skeleton
│   ├── discovery/           # feature spec template
│   ├── onboarding/          # repo tour template
│   ├── data-migration/      # Expand-Contract migration plan
│   ├── compliance/          # control map template (SOC 2/GDPR/PCI)
│   └── runbook/             # runbook template
├── README.md
└── INTRO.md

MVP — İlk Uygulanabilir Minimum Versiyon

Plugin'i adım adım benimsemek istiyorsan, aşağıdaki MVP dosya listesi çekirdek değer için yeterlidir:

.claude-plugin/plugin.json
rules/
  ├── engineering.md
  ├── docker.md
  ├── kubernetes.md
  ├── postgres.md
  ├── security.md
  └── production-debugging.md
commands/
  ├── docker-review.md
  ├── k8s-debug.md
  ├── postgres-optimize.md
  ├── fullstack-healthcheck.md
  └── production-incident.md
skills/
  ├── docker-diagnosis/SKILL.md
  ├── kubernetes-troubleshooting/SKILL.md
  ├── postgres-performance/SKILL.md
  └── incident-response/SKILL.md
hooks/
  └── scripts/
      ├── pre-command.sh        # PreToolUse:Bash
      └── git/pre-commit.sh     # core.hooksPath ile bağla
.mcp.json (filesystem + kubernetes read-only)
README.md

Bu set 1 mühendis için yarım günde kullanılabilir hale gelir; geri kalanı zaman içinde eklenebilir.

Katkı Rehberi

  1. Issue aç, problemi/eklenecek skill'i tarif et.
  2. Branch: feat/<scope> veya fix/<scope>.
  3. Yeni kural/komut/skill için ilgili dosya yapısını koru (frontmatter dahil).
  4. Örnek senaryo eklemen şiddetle önerilir (examples/ altında).
  5. PR'da:
    • Etkilenen rules/skills/commands listesi
    • Test edilen ortam (lokal/staging)
    • Riskler ve geri alma planı
  6. CI'da markdownlint, shellcheck (hooks/scripts), kubeconform (templates/k8s) yeşil olmalı.
  7. pre-commit hook'unu bypass etme (--no-verify yasak).

Lisans

MIT — bkz: .claude-plugin/plugin.json.

About

Full-stack ve platform mühendisleri için Claude Code plugin

Topics

skills claude-code claude-code-plugin

Resources

Readme

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages