-
Notifications
You must be signed in to change notification settings - Fork 3
Governance Standards Principles Coding
Code quality standards for generated application and infrastructure code.
Domain: principles
| Check | Description |
|---|---|
| STAN-CODE-001 | Meaningful Names: Use descriptive, intention-revealing names for variables, functions, resources, and modules. Avoid abbreviations unless they are universally understood (e.g., HTTP, URL, ID). |
| STAN-CODE-002 | Small Functions: Functions should be short and focused. If a function exceeds roughly 30 lines, it likely does too much and should be split. |
| STAN-CODE-003 | Error Handling at Boundaries: Handle errors at system boundaries (user input, external APIs, file I/O). Internal code should trust its contracts. |
| STAN-CODE-004 | Consistent Module Structure: Terraform modules should follow a consistent file layout: main.tf, variables.tf, outputs.tf, locals.tf, providers.tf. Bicep modules should separate parameters, resources, and outputs. |
| STAN-CODE-005 | Parameterize, Don't Hard-Code: All environment-specific values (names, regions, SKUs, IP ranges) must be parameterized via variables or parameters. Never embed environment-specific values in resource definitions. |
Meaningful Names: Use descriptive, intention-revealing names for variables, functions, resources, and modules. Avoid abbreviations unless they are universally understood (e.g., HTTP, URL, ID).
Rationale: Parameterized configurations allow reuse across environments and prevent hardcoded values.
Agents: terraform-agent, bicep-agent, app-developer, csharp-developer, python-developer, react-developer
- Use 'storage_account' not 'sa'; 'container_registry' not 'cr'
- Use 'get_user_by_email()' not 'get_u()'
Small Functions: Functions should be short and focused. If a function exceeds roughly 30 lines, it likely does too much and should be split.
Rationale: The isolated worker model provides better dependency isolation and .NET version flexibility.
Agents: app-developer, csharp-developer, python-developer, react-developer
- Split 'process_order()' into 'validate_order()', 'calculate_total()', 'save_order()'
Error Handling at Boundaries: Handle errors at system boundaries (user input, external APIs, file I/O). Internal code should trust its contracts.
Rationale: Parameterized configurations allow reuse across environments and prevent hardcoded values.
Agents: app-developer, csharp-developer, python-developer, react-developer
- Validate API request payloads at the controller layer, not in every function
- Wrap external HTTP calls in try/except, not internal method calls
Consistent Module Structure: Terraform modules should follow a consistent file layout: main.tf, variables.tf, outputs.tf, locals.tf, providers.tf. Bicep modules should separate parameters, resources, and outputs.
Rationale: Consistent file organization makes code reviewable and prevents merge conflicts across stages.
Agents: terraform-agent, bicep-agent
- Terraform: variables.tf for inputs, main.tf for resources, outputs.tf for outputs
- Bicep: param block at top, resource declarations, output block at bottom
Parameterize, Don't Hard-Code: All environment-specific values (names, regions, SKUs, IP ranges) must be parameterized via variables or parameters. Never embed environment-specific values in resource definitions.
Rationale: Parameterized configurations allow reuse across environments and prevent hardcoded values.
Agents: terraform-agent, bicep-agent, app-developer, csharp-developer, python-developer, react-developer
- Terraform: use var.location not 'eastus' in resource blocks
- Bicep: use param location string not 'eastus'
- Application: use environment variables or config files, not inline strings
Getting Started
Stages
Interfaces
Configuration
Agent System
Features
- Backlog Generation
- Cost Analysis
- Error Analysis
- Docs & Spec Kit
- MCP Integration
- Knowledge System
- Escalation
Quality
Help
Policies — Azure
AI Services
Compute
Data Services
- Azure SQL
- Backup Vault
- Cosmos Db
- Data Factory
- Databricks
- Event Grid
- Event Hubs
- Fabric
- IoT Hub
- Mysql Flexible
- Postgresql Flexible
- Recovery Services
- Redis Cache
- Service Bus
- Stream Analytics
- Synapse Workspace
Identity
Management
Messaging
Monitoring
Networking
- Application Gateway
- Bastion
- CDN
- DDoS Protection
- DNS Zones
- Expressroute
- Firewall
- Load Balancer
- Nat Gateway
- Network Interface
- Private Endpoints
- Public Ip
- Route Tables
- Traffic Manager
- Virtual Network
- Vpn Gateway
- WAF Policy
Security
Storage
Web & App
Policies — Well-Architected
Reliability
Security
Cost Optimization
Operational Excellence
Performance Efficiency
Integration