Aggregate Roots

The DevOps / GitOps Platform owns 15 aggregate roots distributed across its six bounded contexts. Each aggregate is the consistency boundary for its data, owns its invariants, and emits domain events in the canonical envelope. Names follow the naming conventions. Persistence is via NHibernate (ConnectSoft.Extensions.PersistenceModel.NHibernate) onto Azure SQL/PostgreSQL unless noted.

Target Architecture — Final-State Design

Field lists are representative of the final-state model; every aggregate carries the cross-cutting tenantId, projectId, and audit fields from the shared kernel.

---

Repository

• Purpose — Represents an Azure DevOps Git repository provisioned for a project/module; the durable handle to source.
• Fields — repositoryId, tenantId, projectId, moduleId, name, provider, remoteUrl, defaultBranch, visibility, status, createdAt.
• Entities — RepositorySetting (policy/config entries), WebhookRegistration.
• Value Objects — RepositoryProvider (AzureDevOps | GitHub), Visibility, RemoteUrl.
• Invariants — name unique per (tenantId, projectId); default branch must exist before commits are accepted; provider is immutable after provisioning.
• Domain Events — RepositoryProvisioned.
• Repository — RepositoryRepository.
• Persistence — Azure SQL; the Git tree itself lives in Azure DevOps (source of truth).

Branch

• Purpose — A named branch within a repository, with its base commit and policy bindings.
• Fields — branchId, repositoryId, tenantId, name, fromCommitSha, isProtected, status, createdAt.
• Entities — BranchPolicyBinding.
• Value Objects — BranchName, CommitSha.
• Invariants — name unique per repository; protected branches require PR + passing checks to update; base commit must exist.
• Domain Events — BranchCreated.
• Repository — BranchRepository.
• Persistence — Azure SQL; branch refs reconciled with Azure DevOps.

Commit

• Purpose — A commit authored from generated artifacts, with lineage back to the source artifact.
• Fields — commitId, repositoryId, tenantId, branch, sha, message, artifactId, authoredBy, treeHash, createdAt.
• Entities — FileChange (path + operation).
• Value Objects — CommitSha, TreeHash, ArtifactReference.
• Invariants — message non-empty; at least one file change; sha immutable once committed; artifactId required for lineage.
• Domain Events — CommitCreated.
• Repository — CommitRepository.
• Persistence — Azure SQL metadata; content in Azure DevOps Git.

PullRequest

• Purpose — A review and merge workflow between a source and target branch, gated by checks and policy.
• Fields — pullRequestId, repositoryId, tenantId, number, sourceBranch, targetBranch, title, description, status, policyEvaluation, mergeCommitSha, createdAt, mergedAt.
• Entities — PullRequestCheck, PullRequestReview, PullRequestComment.
• Value Objects — BranchName, PullRequestStatus (Open | Merged | Abandoned), PolicyEvaluation.
• Invariants — source ≠ target; cannot merge while required checks are pending/failed; merge requires passing policy; status transitions are monotonic.
• Domain Events — PullRequestOpened, PullRequestMerged.
• Repository — PullRequestRepository.
• Persistence — Azure SQL; merge state reconciled with Azure DevOps.

PipelineDefinition

• Purpose — A generated YAML CI/CD definition for a module, aligned to ConnectSoft.AzurePipelines templates.
• Fields — pipelineId, repositoryId, tenantId, moduleId, moduleType, definitionPath, templateVersion, targetFeed, status, generatedAt.
• Entities — PipelineStage, PipelineVariable.
• Value Objects — ModuleType, FeedReference, TemplateVersion.
• Invariants — definition path unique per repository; template version must be a known published version; regeneration supersedes prior definition.
• Domain Events — PipelineGenerated.
• Repository — PipelineDefinitionRepository.
• Persistence — Azure SQL; YAML committed to the repository.

PipelineRun

• Purpose — A single execution of a pipeline definition on Azure DevOps.
• Fields — pipelineRunId, pipelineId, tenantId, branch, buildNumber, reason, status, startedAt, finishedAt.
• Entities — StageRun, JobRun.
• Value Objects — RunReason (ci | manual | release), RunStatus.
• Invariants — must reference an existing pipeline definition; finishedAt only set in terminal status; status transitions follow Started → InProgress → (Succeeded | Failed | Canceled).
• Domain Events — PipelineRunStarted.
• Repository — PipelineRunRepository.
• Persistence — Azure SQL; logs streamed to Blob.

BuildResult

• Purpose — The normalized outcome of a pipeline run — status, test results, coverage, and produced artifacts.
• Fields — buildResultId, pipelineRunId, tenantId, moduleId, status, testsPassed, testsFailed, coverage, artifacts, logsUri, completedAt.
• Entities — ArtifactItem, TestSummary.
• Value Objects — BuildStatus, CoveragePercentage, BlobReference.
• Invariants — one build result per pipeline run; status derived from underlying jobs; artifacts immutable once recorded.
• Domain Events — BuildCompleted.
• Repository — BuildResultRepository.
• Persistence — Azure SQL metadata; logs/artifacts in Blob.

ReleasePlan

• Purpose — The plan to ship a specific build to a target environment with a deployment strategy.
• Fields — releaseId, tenantId, projectId, moduleId, buildResultId, version, targetEnvironment, strategy, requiredApprovals, status, plannedAt.
• Entities — ReleaseArtifact, ReleaseStep.
• Value Objects — SemanticVersion, EnvironmentName, DeploymentStrategy (RollingUpdate | BlueGreen | Canary).
• Invariants — references a successful build; version unique per (moduleId, environment); cannot promote until approvals satisfied; strategy valid for target environment.
• Domain Events — ReleasePlanned.
• Repository — ReleasePlanRepository.
• Persistence — Azure SQL.

ReleaseApproval

• Purpose — A recorded approval decision gating a release, enforcing governance and segregation of duties.
• Fields — approvalId, releaseId, tenantId, approver, decision, comment, policyResult, decidedAt.
• Entities — PolicyCheckResult.
• Value Objects — ApprovalDecision (Approved | Rejected), ApproverIdentity.
• Invariants — approver must differ from the planning identity (segregation of duties); decision immutable once recorded; policy must have been evaluated before decision.
• Domain Events — ReleaseApproved.
• Repository — ReleaseApprovalRepository.
• Persistence — Azure SQL; surfaced to the Governance Platform audit log.

DeploymentManifest

• Purpose — The rendered, versioned manifest describing what to deploy and how (Helm/Kustomize values or Pulumi deployment outputs).
• Fields — manifestId, releaseId, tenantId, environment, manifestType, contentUri, checksum, version, renderedAt.
• Entities — ManifestResource.
• Value Objects — ManifestType (Helm | Kustomize | PulumiOutput), Checksum, BlobReference.
• Invariants — checksum matches stored content; manifest is immutable once rendered; tied to exactly one release.
• Domain Events — DeploymentManifestRendered.
• Repository — DeploymentManifestRepository.
• Persistence — Azure SQL metadata; manifest content in Blob and committed to the GitOps repository.

EnvironmentPromotion

• Purpose — The act of promoting a release from one environment to the next in the path.
• Fields — promotionId, releaseId, tenantId, fromEnvironment, toEnvironment, strategy, status, promotedBy, promotedAt.
• Entities — PromotionStep, HealthGateResult.
• Value Objects — EnvironmentName, PromotionStatus.
• Invariants — environments must follow the configured path (dev → test → staging → prod); promotion requires ReleaseApproved; health gates must pass before completion.
• Domain Events — DeploymentPromoted.
• Repository — EnvironmentPromotionRepository.
• Persistence — Azure SQL.

PackagePublication

• Purpose — A NuGet package version published to an Azure Artifacts feed.
• Fields — publicationId, tenantId, buildResultId, packageId, version, feed, status, publishedAt.
• Entities — PackageDependency.
• Value Objects — SemanticVersion, FeedReference, PackageId.
• Invariants — (packageId, version, feed) unique; published versions are immutable; references a successful build.
• Domain Events — PackagePublished.
• Repository — PackagePublicationRepository.
• Persistence — Azure SQL metadata; binaries in Azure Artifacts.

ContainerImage

• Purpose — A container image built from a module and pushed to Azure Container Registry.
• Fields — imageId, tenantId, buildResultId, repositoryName, tag, digest, registry, status, builtAt.
• Entities — ImageLayer, ImageScanResult.
• Value Objects — ImageDigest, ImageTag, RegistryReference.
• Invariants — digest unique per registry; tag maps to exactly one digest at publish time; image must pass vulnerability scan before promotion.
• Domain Events — ContainerImageBuilt.
• Repository — ContainerImageRepository.
• Persistence — Azure SQL metadata; image layers in ACR.

InfrastructurePlan

• Purpose — A Pulumi (.NET/C#) infrastructure program and its preview/apply state for an environment stack.
• Fields — infrastructurePlanId, tenantId, projectId, environment, engine, stack, program, previewSummary, status, appliedAt.
• Entities — ResourceChange, StackOutput.
• Value Objects — IaCEngine (Pulumi; Bicep legacy), StackName, ChangeSummary.
• Invariants — engine defaults to Pulumi; apply requires a successful preview; one active apply per stack at a time (lock); drift detection runs before re-apply.
• Domain Events — InfrastructureProvisioned.
• Repository — InfrastructurePlanRepository.
• Persistence — Azure SQL metadata; Pulumi state in the Pulumi backend (managed/self-hosted) referenced by the plan.

Implementation Notes

IaC is Pulumi authored as .NET/C# programs. Bicep is supported only as a legacy alternative for pre-existing stacks (ConnectSoft.AzureInfrastructure); new infrastructure is authored in Pulumi.

GitOpsSyncState

• Purpose — The reconciliation state between Git desired state and the running environment.
• Fields — syncStateId, tenantId, projectId, environment, desiredCommitSha, appliedCommitSha, syncStatus, driftDetected, lastSyncedAt.
• Entities — ReconciledResource, DriftRecord.
• Value Objects — CommitSha, SyncStatus (Synced | OutOfSync | Reconciling | Degraded).
• Invariants — sync is convergent (repeatable to the same result); appliedCommitSha advances only toward desiredCommitSha; drift triggers reconciliation.
• Domain Events — GitOpsSynced.
• Repository — GitOpsSyncStateRepository.
• Persistence — Azure SQL; desired state in the GitOps repository.

Pillar Alignment

• Traceability — every aggregate carries artifactId/buildResultId/releaseId links forming an unbroken chain.
• Governance — ReleaseApproval and EnvironmentPromotion encode policy and segregation of duties.
• Multi-tenant scale — tenantId + projectId partition every aggregate's store.

Related

• Data Model
• Events
• Storage