* docs(adr): 0001 — Catalyst control-plane architecture
Captures the unified Catalyst architecture agreed in the architecture-review
session (#347 thread).
Eleven foundational rules including:
- GitOps + Flux as the only reconciler
- Crossplane = cloud APIs ONLY (no K8s-to-K8s composition)
- K8s itself is the database; in-process informer cache; no shadow store
- Event-driven via watch streams; SSE to UI; no polling
- Tenant = namespace + vCluster + Keycloak group (no SQL tenant table)
- Catalyst messaging = NATS JetStream (not Redpanda, not Kafka)
- Five backing stores: CNPG / FerretDB / Valkey / NATS / SeaweedFS
- Multi-region = N independent Sovereigns + data-layer replication
- Browser access via Guacamole
Records what stays unchanged, what's being reworked (UserAccess/CRUD/Bastion
briefs), and what new tickets need to be filed (SME consolidation epic,
Redpanda→NATS, multi-region tier scaffolding).
Status: Proposed — pending founder approval.
Related: #309, #320, #321, #322, #324, #325, #326, #347, #68
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* docs(adr): 0001 — add §9.4 demo-protection clause
Adds a hard rule preceding the cutover sequencing: the entire sme/
namespace runs untouched until founder explicitly authorises cutover.
Records the URL-to-backend split:
- console.openova.io/sovereign/* → catalyst-ui (NEW Catalyst-Zero)
- console.openova.io/nova/* → sme/console (LEGACY, demo)
- marketplace.openova.io → sme/marketplace (LEGACY, demo)
- admin.openova.io → sme/admin (LEGACY, demo)
The B6–B11 retirements are target-state, not immediate-action. C2 epic
sequences cutover with feature flags. Founder confirmed: "let the old
one keep working independently until we reach to perfect state, we'll
revamp it as well next week."
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---------
Co-authored-by: hatiyildiz <hati@openova.io>
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
250c1a8250