# Blocking Conditions Configuration # Defines what MUST be true for each phase transition # Used by phase_gate.py for strict enforcement version: "1.0" # Phase execution order (cannot skip) phase_order: - INITIALIZING - DESIGNING - AWAITING_DESIGN_APPROVAL - IMPLEMENTING - REVIEWING - SECURITY_REVIEW - AWAITING_IMPL_APPROVAL - COMPLETING - COMPLETED # Phases that trigger fix loops on failure fix_loop_phases: - REVIEWING - SECURITY_REVIEW # Detailed phase requirements phases: INITIALIZING: description: "Workflow initialization" entry_requirements: [] checkpoints: manifest_exists: description: "project_manifest.json must exist" validator: file_exists args: path: project_manifest.json on_fail: "Run /guardrail:init or /guardrail:analyze first" version_created: description: "Workflow version directory created" validator: directory_exists args: path: ".workflow/versions/{version}" on_fail: "Version creation failed" exit_requirements: - all_checkpoints_passed DESIGNING: description: "Architecture and task design" entry_requirements: - phase_completed: INITIALIZING checkpoints: design_document_created: description: "Design document exists" validator: file_exists args: path: ".workflow/versions/{version}/design/design_document.yml" on_fail: "Architect agent must create design document" design_validated: description: "Design passes validation" validator: script_passes args: script: "python3 skills/guardrail-orchestrator/scripts/validate_design.py .workflow/versions/{version}/design/design_document.yml --output-dir .workflow/versions/{version}" on_fail: "Design validation failed - review errors" tasks_generated: description: "Task files generated from design" validator: min_file_count args: pattern: ".workflow/versions/{version}/tasks/*.yml" minimum: 1 on_fail: "No task files generated - validate_design.py must run" exit_requirements: - all_checkpoints_passed - min_task_count: 1 AWAITING_DESIGN_APPROVAL: description: "Gate 1 - Design approval required" entry_requirements: - phase_completed: DESIGNING checkpoints: design_approved: description: "Design approval granted" validator: approval_status args: gate: design required_status: approved on_fail: "Design approval required - run /workflow:approve or wait for auto-approval" exit_requirements: - all_checkpoints_passed auto_mode_behavior: auto_approve: true still_validates: false IMPLEMENTING: description: "Code implementation by layers" entry_requirements: - phase_completed: AWAITING_DESIGN_APPROVAL - approval_granted: design checkpoints: all_layers_complete: description: "All dependency layers implemented" validator: all_layers_implemented args: {} on_fail: "Not all layers complete - check dependency_graph.yml" build_passes: description: "npm run build succeeds" validator: script_passes args: script: "npm run build" timeout: 300 on_fail: "Build failed - fix compilation errors" type_check_passes: description: "npx tsc --noEmit succeeds" validator: script_passes args: script: "npx tsc --noEmit" timeout: 300 on_fail: "Type check failed - fix TypeScript errors" lint_passes: description: "npm run lint succeeds" validator: script_passes args: script: "npm run lint" timeout: 300 on_fail: "Lint failed - fix lint errors" exit_requirements: - all_checkpoints_passed - build_exit_code: 0 - type_check_exit_code: 0 - lint_exit_code: 0 REVIEWING: description: "Code review and verification" entry_requirements: - phase_completed: IMPLEMENTING - build_passes: true - type_check_passes: true - lint_passes: true checkpoints: review_script_run: description: "Review verification script executed" validator: script_passes args: script: "python3 skills/guardrail-orchestrator/scripts/verify_implementation.py --version {version}" on_fail: "Review script failed to run" all_files_verified: description: "All task files have implementations" validator: all_task_files_exist args: {} on_fail: "Some implementation files are missing" code_review_passed: description: "Code review agent found no CRITICAL issues" validator: code_review_result args: report_path: ".workflow/versions/{version}/review/code_review_report.yml" block_on_critical: true block_on_warnings: false on_fail: "Code review found CRITICAL issues that must be fixed" review_passed: description: "Review found no blocking issues (umbrella checkpoint)" validator: review_result args: allow_warnings: true block_on_errors: true on_fail: "Review found issues that must be fixed" exit_requirements: - all_checkpoints_passed fix_loop: enabled: true return_to: IMPLEMENTING trigger_on: - checkpoint_failed: review_passed - checkpoint_failed: all_files_verified - checkpoint_failed: code_review_passed max_iterations: 5 on_max_iterations: "Too many fix iterations - manual intervention required" auto_mode_behavior: auto_approve: false # Must pass review still_validates: true fix_loop_enabled: true SECURITY_REVIEW: description: "Security scanning and API validation" entry_requirements: - phase_completed: REVIEWING - checkpoint_passed: review_passed checkpoints: security_scan_run: description: "Security scanner executed" validator: script_passes args: script: "python3 skills/guardrail-orchestrator/scripts/security_scan.py --project-dir . --severity HIGH" on_fail: "Security scan failed to run" api_contract_validated: description: "API contracts match frontend calls" validator: script_passes args: script: "python3 skills/guardrail-orchestrator/scripts/validate_api_contract.py --project-dir ." on_fail: "API contract validation failed" security_passed: description: "No CRITICAL security issues" validator: security_result args: block_on_critical: true block_on_high: false # Warning only allow_medium: true allow_low: true on_fail: "CRITICAL security issues found - must fix before proceeding" exit_requirements: - all_checkpoints_passed - no_critical_security_issues: true fix_loop: enabled: true return_to: IMPLEMENTING trigger_on: - checkpoint_failed: security_passed - security_critical_found: true max_iterations: 5 on_max_iterations: "Security issues persist - manual security review required" auto_mode_behavior: auto_approve: false # Must pass security still_validates: true fix_loop_enabled: true AWAITING_IMPL_APPROVAL: description: "Gate 2 - Implementation approval required" entry_requirements: - phase_completed: SECURITY_REVIEW - checkpoint_passed: security_passed checkpoints: implementation_approved: description: "Implementation approval granted" validator: approval_status args: gate: implementation required_status: approved on_fail: "Implementation approval required" exit_requirements: - all_checkpoints_passed auto_mode_behavior: auto_approve: true # Auto if review + security passed still_validates: false COMPLETING: description: "Finalization and cleanup" entry_requirements: - phase_completed: AWAITING_IMPL_APPROVAL - approval_granted: implementation checkpoints: tasks_marked_complete: description: "All tasks marked as completed" validator: all_tasks_status args: required_status: completed on_fail: "Not all tasks marked complete" version_finalized: description: "Version marked as complete" validator: script_passes args: script: "python3 skills/guardrail-orchestrator/scripts/version_manager.py complete" on_fail: "Version finalization failed" exit_requirements: - all_checkpoints_passed COMPLETED: description: "Workflow finished" entry_requirements: - phase_completed: COMPLETING checkpoints: {} exit_requirements: [] # Global rules global_rules: # Cannot skip phases strict_phase_order: true # Must complete previous phase before entering next require_phase_completion: true # Fix loops are mandatory for REVIEWING and SECURITY_REVIEW mandatory_fix_loops: - REVIEWING - SECURITY_REVIEW # Maximum fix loop iterations before requiring manual intervention max_fix_iterations: 5 # Build must pass before REVIEWING build_required_before_review: true # Security must pass before AWAITING_IMPL_APPROVAL security_required_before_approval: true # Scripts referenced by validators scripts: validate_design: path: "skills/guardrail-orchestrator/scripts/validate_design.py" required_exit_code: 0 verify_implementation: path: "skills/guardrail-orchestrator/scripts/verify_implementation.py" required_exit_code: 0 security_scan: path: "skills/guardrail-orchestrator/scripts/security_scan.py" critical_exit_code: 2 high_exit_code: 1 pass_exit_code: 0 validate_api_contract: path: "skills/guardrail-orchestrator/scripts/validate_api_contract.py" required_exit_code: 0 version_manager: path: "skills/guardrail-orchestrator/scripts/version_manager.py" required_exit_code: 0