Control Plane — Bounded Contexts¶
The Control Plane is decomposed into ten bounded contexts following Domain-Driven Design. Each context owns a coherent slice of the factory's governance and orchestration domain, has clear language, owns its aggregate roots, and is realised by one or more microservices with a database-per-service. Contexts communicate only through published domain/integration events (canonical envelope) and well-defined APIs — never by sharing a database.
Target Architecture — Final-State Design
The boundaries below are the final-state target. They are grounded in the orchestration domain already implemented in ConnectSoft.AI.SoftwareFactory.Platform and the coordinators that drive project bootstrap, sprint execution, milestone lifecycle, microservice assembly, and release.
Context Map¶
flowchart TB
IdentityAccess["Identity & Access"]
TenantEdition["Tenant & Edition"]
ProjectMgmt["Project Management"]
BlueprintMgmt["Blueprint Management"]
WorkflowOrch["Workflow Orchestration"]
AgentMgmt["Agent Management"]
ArtifactMgmt["Artifact Management"]
GovernanceCtx["Governance"]
CostUsage["Cost & Usage"]
IntegrationCtx["Integration"]
IdentityAccess -->|authenticates & authorizes| TenantEdition
TenantEdition -->|entitlements, quota| ProjectMgmt
ProjectMgmt -->|project, module, environment| BlueprintMgmt
BlueprintMgmt -->|validated blueprint| WorkflowOrch
WorkflowOrch -->|assigns AgentTask| AgentMgmt
WorkflowOrch -->|requests decision| GovernanceCtx
WorkflowOrch -->|registers output| ArtifactMgmt
WorkflowOrch -->|reports consumption| CostUsage
AgentMgmt -->|model policy| GovernanceCtx
IntegrationCtx -->|external system bridge| WorkflowOrch
GovernanceCtx -->|audit & decision events| ArtifactMgmt
CostUsage -->|quota signals| TenantEditionRelationship patterns. Identity & Access and Tenant & Edition are upstream of everything (conformist: all contexts conform to the tenant/identity model). Workflow Orchestration is the core domain — the orchestration brain — and acts as customer to Blueprint, Project, Agent, Governance, Artifact, and Cost contexts. Governance is a shared decision point (open-host) consumed by Workflow Orchestration and Agent Management. Integration is an anti-corruption layer isolating external systems.
Context Catalogue¶
| # | Bounded Context | Core Responsibility | Microservices | Aggregate Roots |
|---|---|---|---|---|
| 1 | Identity & Access | Authenticate humans and services; issue/validate tokens; authorize operations. | IdentityService, AuthorizationService, ServiceIdentityService, ApiTokenService |
(OpenIddict-backed identity entities; no Control-Plane domain aggregate root from the canonical set) |
| 2 | Tenant & Edition | Own tenants, editions, subscriptions, feature flags, and quotas; enforce isolation and entitlements. | TenantService, EditionService, SubscriptionService, FeatureFlagService, QuotaService |
Tenant, Edition, Subscription |
| 3 | Project Management | Maintain factory projects, environments, the module catalogue, and inter-module dependencies. | ProjectService, EnvironmentService, ModuleCatalogService, DependencyService |
Project, Environment, Module, ModuleDependency |
| 4 | Blueprint Management | Parse, validate, version, and store blueprints, context maps, and domain models. | BlueprintService, BlueprintParserService, BlueprintValidatorService, ContextMapService, DomainModelService |
Blueprint, BlueprintVersion |
| 5 | Workflow Orchestration (core) | Instantiate workflow definitions, drive state machines, assign tasks, persist process state, replay. | WorkflowOrchestrator, WorkflowDefinitionService, TaskAssignmentService, ProcessStateService, WorkflowReplayService |
WorkflowDefinition, WorkflowInstance, AgentTask |
| 6 | Agent Management | Register agent and skill definitions; manage agent pool capacity; apply model policies. | AgentRegistryService, SkillRegistryService, AgentPoolManager, ModelPolicyService |
AgentDefinition, SkillDefinition |
| 7 | Governance | Evaluate policy on sensitive transitions; manage approval gates; write the immutable audit trail. | PolicyEngineService, ApprovalService, AuditService |
PolicyDefinition, PolicyDecision, ApprovalRequest, AuditEntry |
| 8 | Cost & Usage | Meter token/compute/task consumption; roll up for billing and quota enforcement. | CostUsageService |
UsageRecord |
| 9 | Integration | Manage outbound/inbound connections to Git, IdPs, cloud, and billing systems (anti-corruption). | IntegrationService |
IntegrationConnection |
| 10 | Artifact Management | Register factory-produced artifacts, version them, and track lineage. | ArtifactService, VersioningService, LineageService |
(artifact/version/lineage entities; canonical artifact aggregate is shared with the Knowledge Platform) |
Aggregate placement
The canonical inventory defines 20 aggregate roots, all placed in contexts 2–9 above. The Identity & Access context manages identity, client, and token entities provided by the OpenIddict-based templates (ConnectSoft.AuthorizationServerTemplate, ConnectSoft.IdentityTemplate), and the Artifact Management context manages artifact, version, and lineage records that share the artifact metadata contract with the Knowledge Platform. Neither owns one of the 20 canonical Control-Plane aggregate roots; both are documented for completeness. Full per-aggregate detail is on Aggregate Roots.
Ubiquitous Language (selected terms)¶
| Term | Definition |
|---|---|
| Tenant | An isolated customer of the factory. The top-level isolation boundary; carried as tenantId everywhere. |
| Edition | A packaged capability tier (feature flags + quotas) a tenant subscribes to. |
| Project | A factory project — the SaaS product being produced — with environments and modules. |
| Module | A unit the factory builds (microservice, UI, worker, library, gateway) tracked in the catalogue. |
| Blueprint | A declarative specification of what to build, versioned as BlueprintVersion. |
| Workflow Definition | A reusable, versioned process template (e.g. Project Bootstrap, Release). |
| Workflow Instance | A running, event-sourced execution of a definition for one project. |
| Agent Task | The unit of work the Control Plane assigns to the Agent Mesh (contract). |
| Policy Decision | A recorded allow/deny/require-approval outcome from the policy engine. |
| Approval Request | A human gate within a workflow that must be granted before proceeding. |
| Usage Record | A metered consumption fact (tokens, compute, tasks) attributed to a tenant/project. |
Related¶
- Overview · Microservices · Aggregate Roots · Workflows
- Implementation grounding: Orchestration Domain · Coordinators · Projects Management
- Reference: Naming Conventions · Metadata Schema