GREACT/KIS-TOiR
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

use only TOiR.domain.dsl like single source of truth for generation, update context for pinned .gitignore

Browse Source
This commit is contained in:
MaKarin
2026-03-21 17:14:37 +03:00
parent 8d6875f4b0
commit 7e6b76cef2
18 changed files with 394 additions and 1759 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
generation/update-strategy.md
View File

@@ -2,6 +2,9 @@
When the DSL changes, regeneration must preserve the default auth-enabled runtime rather than falling back to CRUD-only output.
`domain/*.dsl` remains the single required source of truth for regeneration. DTOs, API contracts, and React Admin resources must be re-derived from it on every run. Optional overrides in `overrides/api-overrides.dsl` and `overrides/ui-overrides.dsl` may be applied after derivation, but they must never duplicate or redefine the domain model.
Regeneration must not resurrect or depend on supplemental DTO/API/UI DSL inputs. Every derived layer must be recalculated from `domain/*.dsl` plus optional non-duplicating overrides only.
## Required regeneration sequence
1. Regenerate `prisma/schema.prisma`.
@@ -23,13 +26,17 @@ When the DSL changes, regeneration must preserve the default auth-enabled runtim
- `App.tsx` auth wiring
- `main.tsx` init-before-render flow
7. Regenerate backend and frontend `.env.example` files so the auth env contract stays in sync.
8. Regenerate the root-level Keycloak realm import artifact. The repository default example filename is `toir-realm.json`, but the generator must allow a project-specific equivalent.
9. Re-run post-generation validation, including:
8. Regenerate root/package `.gitignore` files so local-only artifacts remain out of git after regeneration.
9. Regenerate the root-level Keycloak realm import artifact. The repository default example filename is `toir-realm.json`, but the generator must allow a project-specific equivalent.
10. Re-run post-generation validation, including:
- gitignore coverage for dependency, build, env, coverage, and tsbuildinfo artifacts
- auth dependency checks
- fail-fast env checks
- token-claim based identity with no `loadUserProfile()` / `/account` dependency
- `/health` public check
- unauthenticated protected route -> `401`
- insufficient role -> `403`
- natural-key `_sort=id` mapping checks
- realm-template validation
## Guardrails