atlas-rules.yaml
# =============================================================================
# ATLAS Rules Definition
# =============================================================================
# このファイルはATLASフレームワークのルール定義です。
# プロジェクト固有ではなく、フレームワーク全体で共有されます。
#
# 配置場所: .atlas/atlas-rules.yaml または グローバル参照
# 更新頻度: ATLASバージョンアップ時
# =============================================================================
atlas_version: "1.0"
# -----------------------------------------------------------------------------
# Project Archetypes Definition(アーキタイプ定義)
# -----------------------------------------------------------------------------
archetypes:
A1_STATIC_PRESENCE:
name: "Static Presence"
description: "コーポレートサイト、IR、採用サイト等の情報発信型"
examples:
- "コーポレートサイト"
- "IRサイト"
- "採用サイト"
- "ドキュメントサイト"
essential_requirements:
- reliability
- seo
- content_management
- long_term_maintenance
primary_concerns:
- cdn_performance
- cms_experience
- availability
secondary_concerns:
- cost_efficiency
negligible_concerns:
- realtime
- heavy_compute
- scale_elasticity
A2_CAMPAIGN:
name: "Campaign"
description: "プロモーション、LP、イベントサイト等の期間限定型"
examples:
- "プロモーションサイト"
- "ランディングページ"
- "イベント特設サイト"
- "キャンペーンサイト"
essential_requirements:
- speed
- spike_resilience
- time_limited
- easy_teardown
primary_concerns:
- cdn_performance
- cost_predictability
- deployment_speed
secondary_concerns:
- analytics
negligible_concerns:
- long_term_maintenance
- complex_auth
- data_persistence
A3_CONSUMER_APP:
name: "Consumer App"
description: "toC向けWebサービス、SNS、メディア等"
examples:
- "SNSアプリ"
- "メディアサイト"
- "ユーティリティアプリ"
- "ゲーム"
essential_requirements:
- user_experience
- authentication
- scalability
- cost_efficiency
primary_concerns:
- auth_simplicity
- database_scale
- cdn_performance
secondary_concerns:
- background_jobs
- analytics
negligible_concerns:
- enterprise_sso
- audit_logging
- compliance
A4_BUSINESS_SAAS:
name: "Business SaaS"
description: "toB向け業務システム、管理画面等"
examples:
- "業務管理システム"
- "CRM"
- "プロジェクト管理ツール"
- "管理画面"
essential_requirements:
- multi_tenancy
- permission_management
- audit_trail
- sla_guarantee
primary_concerns:
- auth_enterprise
- data_isolation
- monitoring
secondary_concerns:
- integration_api
- reporting
negligible_concerns:
- viral_growth
- seo
A5_MARKETPLACE:
name: "Marketplace"
description: "EC、マッチングサービス、予約システム等"
examples:
- "ECサイト"
- "マッチングサービス"
- "予約システム"
- "オークション"
essential_requirements:
- payment_processing
- bidirectional_trust
- transaction_reliability
- search
primary_concerns:
- payment_integration
- database_consistency
- search_performance
secondary_concerns:
- recommendation
- notification
negligible_concerns:
- realtime_sync
A6_REALTIME:
name: "Real-time"
description: "チャット、コラボツール、ゲーム等"
examples:
- "チャットアプリ"
- "コラボレーションツール"
- "リアルタイムゲーム"
- "ライブ配信"
essential_requirements:
- low_latency
- persistent_connection
- state_synchronization
primary_concerns:
- websocket_support
- pubsub_infrastructure
- connection_management
secondary_concerns:
- offline_support
- conflict_resolution
negligible_concerns:
- seo
- heavy_compute
A7_AI_COMPUTE:
name: "AI/Compute"
description: "生成AI、データ分析、変換処理等"
examples:
- "AIアシスタント"
- "画像生成サービス"
- "データ分析ツール"
- "ファイル変換サービス"
essential_requirements:
- long_running_tasks
- gpu_access
- async_processing
- cost_management
primary_concerns:
- worker_infrastructure
- queue_management
- timeout_handling
secondary_concerns:
- result_caching
- progress_tracking
negligible_concerns:
- seo
- realtime_sync
# -----------------------------------------------------------------------------
# Technology Categories Definition(技術カテゴリ定義)
# -----------------------------------------------------------------------------
technology_categories:
compute:
SERVERLESS_EDGE:
description: "エッジで実行される軽量関数"
characteristics:
- ultra_low_latency
- lightweight_only
- global_distribution
constraints:
- no_db_connection
- limited_runtime
- no_persistent_state
suitable_for:
- redirects
- ab_testing
- feature_flags
- static_generation
SERVERLESS_REGIONAL:
description: "リージョン単位で実行されるサーバーレス関数"
characteristics:
- auto_scale
- pay_per_use
- zero_ops
constraints:
- timeout_limits
- cold_start
- no_websocket
- connection_limits
suitable_for:
- api_endpoints
- ssr
- light_background_jobs
CONTAINER_PAAS:
description: "永続的に実行されるコンテナ環境"
characteristics:
- persistent_process
- predictable_cost
- websocket_native
constraints:
- manual_scaling
- resource_limits
suitable_for:
- websocket_apps
- worker_processes
- general_purpose
SELF_HOSTED:
description: "VPS上に自前で構築する環境"
characteristics:
- full_control
- lowest_cost
- unlimited_bandwidth
constraints:
- ops_overhead
- manual_everything
suitable_for:
- high_bandwidth
- special_requirements
- cost_optimization
KUBERNETES:
description: "コンテナオーケストレーション"
characteristics:
- enterprise_scale
- multi_service
- full_control
constraints:
- high_complexity
- team_expertise_required
suitable_for:
- enterprise
- microservices
- multi_region
database:
SERVERLESS_POSTGRES:
description: "スケールtoゼロ可能なPostgreSQL"
characteristics:
- scale_to_zero
- branching
- http_driver
constraints:
- cold_start_latency
suitable_for:
- general_purpose
- development_efficiency
MANAGED_POSTGRES:
description: "フルマネージドPostgreSQL"
characteristics:
- high_availability
- enterprise_support
- predictable_performance
constraints:
- always_running_cost
suitable_for:
- production_critical
- sla_requirements
EDGE_SQLITE:
description: "エッジレプリケーション対応SQLite"
characteristics:
- ultra_low_read_latency
- global_replication
constraints:
- write_latency
- limited_features
suitable_for:
- read_heavy
- global_users
DOCUMENT_DB:
description: "スキーマレスドキュメントDB"
characteristics:
- flexible_schema
- horizontal_scale
constraints:
- no_joins
- eventual_consistency
suitable_for:
- prototyping
- unstructured_data
VECTOR_DB:
description: "ベクトル検索特化DB"
characteristics:
- similarity_search
- ai_integration
constraints:
- specialized_use
suitable_for:
- rag
- recommendations
- semantic_search
worker:
DURABLE_WORKFLOW:
description: "状態管理付きワークフローエンジン"
characteristics:
- state_persistence
- automatic_retry
- serverless_compatible
constraints:
- http_overhead
- platform_timeout
suitable_for:
- complex_flows
- serverless_environment
EXTERNAL_COMPUTE:
description: "外部実行環境付きワークフロー"
characteristics:
- no_timeout
- heavy_compute
constraints:
- additional_cost
suitable_for:
- ai_generation
- video_processing
- long_running
SELF_HOSTED_QUEUE:
description: "自前ホストのジョブキュー"
characteristics:
- zero_cost
- low_latency
- full_control
constraints:
- requires_container
suitable_for:
- container_environment
- high_throughput
SIMPLE_WEBHOOK:
description: "シンプルなWebhook/CRON"
characteristics:
- lightweight
- easy_setup
constraints:
- no_state
- simple_only
suitable_for:
- cron_jobs
- notifications
- simple_triggers
auth:
DX_FIRST_AUTH:
description: "開発者体験重視の認証SaaS"
characteristics:
- rapid_implementation
- ui_components
- session_management
constraints:
- mau_based_pricing
suitable_for:
- mvp
- development_speed
DB_INTEGRATED_AUTH:
description: "データベース統合型認証"
characteristics:
- rls_integration
- low_cost
constraints:
- platform_lock_in
suitable_for:
- supabase_ecosystem
- cost_optimization
ENTERPRISE_AUTH:
description: "エンタープライズ認証"
characteristics:
- saml_sso
- audit_logs
- compliance
constraints:
- high_cost
- complexity
suitable_for:
- b2b_enterprise
- compliance_required
SELF_HOSTED_AUTH:
description: "自前ホスト認証"
characteristics:
- full_control
- zero_cost
constraints:
- security_responsibility
- ops_overhead
suitable_for:
- special_requirements
- internal_expertise
payment:
PAYMENT_PROCESSOR:
description: "決済処理のみ"
characteristics:
- low_fees
- flexibility
constraints:
- tax_responsibility
suitable_for:
- domestic_focus
- tax_team_exists
MERCHANT_OF_RECORD:
description: "販売代行(税務含む)"
characteristics:
- tax_handling
- compliance
constraints:
- higher_fees
suitable_for:
- global_saas
- small_team
# -----------------------------------------------------------------------------
# Anti-Patterns Definition(アンチパターン定義)
# -----------------------------------------------------------------------------
antipatterns:
# Compute関連
AP-C1:
name: "Serverless + 常駐Worker"
category: compute
severity: critical
description: "サーバーレス環境で常駐プロセス(BullMQ等)を実行"
problem: "プロセス維持不可、リソース枯渇、コスト爆発"
detection:
stack_combination:
compute: [SERVERLESS_EDGE, SERVERLESS_REGIONAL]
worker: [SELF_HOSTED_QUEUE]
alternatives:
- "Durable Workflow (Inngest, Trigger.dev)"
- "Container PaaSへ移行"
references:
- "ATLAS Part 4.1"
AP-C2:
name: "Serverless + 長時間処理"
category: compute
severity: critical
description: "サーバーレス環境で60秒超の処理を直接実行"
problem: "タイムアウトによる強制終了"
detection:
conditions:
- compute_category: [SERVERLESS_EDGE, SERVERLESS_REGIONAL]
- job_timeout_seconds: ">60"
alternatives:
- "External Compute (Trigger.dev v3)"
- "Container PaaSへ移行"
references:
- "ATLAS Part 4.1"
AP-C3:
name: "Edge SSR + リージョナルDB"
category: compute
severity: high
description: "エッジSSRからリージョン限定DBへのアクセス"
problem: "Data Gravity問題、レイテンシ増大"
detection:
conditions:
- compute_category: [SERVERLESS_EDGE]
- database_global_replication: false
alternatives:
- "Regional SSRに変更"
- "Edge DB (Turso)使用"
references:
- "ATLAS Part 4.1"
AP-C4:
name: "高帯域アセット + Serverless配信"
category: compute
severity: high
description: "大容量ファイル(動画等)をサーバーレス経由で配信"
problem: "Denial of Wallet、帯域コスト爆発"
detection:
conditions:
- monthly_bandwidth_gb: ">500"
- asset_delivery: serverless
alternatives:
- "Object Storage + CDN (R2, S3+CloudFront)"
- "専用CDN"
references:
- "ATLAS Part 4.1"
# Database関連
AP-D1:
name: "Serverless + 標準DB接続"
category: database
severity: critical
description: "サーバーレス環境からコネクションプーラーなしでDB接続"
problem: "コネクション枯渇、DB過負荷"
detection:
conditions:
- compute_category: [SERVERLESS_EDGE, SERVERLESS_REGIONAL]
- connection_pooler: false
alternatives:
- "コネクションプーラー必須 (pgBouncer, Supavisor)"
- "HTTPドライバ使用 (Neon)"
- "Prisma Accelerate使用"
references:
- "ATLAS Part 4.2"
AP-D2:
name: "ORM + サーバーレス並列"
category: database
severity: high
description: "ORMのデフォルト接続設定でサーバーレス大量並列"
problem: "接続数爆発、パフォーマンス劣化"
detection:
conditions:
- compute_category: [SERVERLESS_REGIONAL]
- orm_used: true
- connection_pooler: false
alternatives:
- "Prisma Accelerate"
- "Drizzle + HTTPドライバ"
references:
- "ATLAS Part 4.2"
AP-D3:
name: "単一DBに全機能集約"
category: database
severity: medium
description: "OLTP, 検索, キャッシュ, キューを全て1つのDBで処理"
problem: "単一障害点、パフォーマンス競合"
detection:
conditions:
- database_count: 1
- feature_count: ">3"
alternatives:
- "用途別DB分離(Redis, Meilisearch等)"
references:
- "ATLAS Part 4.2"
# Security関連
AP-S1:
name: "公開API + レート制限なし"
category: security
severity: critical
description: "認証なし公開APIにレート制限がない"
problem: "DDoS、Bot被害、コスト爆発"
detection:
conditions:
- public_api: true
- rate_limiting: false
alternatives:
- "WAF導入 (Cloudflare, AWS WAF)"
- "API Rate Limiting実装"
references:
- "ATLAS Part 4.3"
AP-S2:
name: "直接ファイルアップロード"
category: security
severity: high
description: "API Route経由で大容量ファイルを受け取る"
problem: "タイムアウト、メモリ枯渇、セキュリティリスク"
detection:
conditions:
- file_upload: true
- upload_method: direct
alternatives:
- "Presigned URL (S3, R2)"
- "クライアント直接アップロード"
references:
- "ATLAS Part 4.3"
AP-S3:
name: "クライアントにシークレット露出"
category: security
severity: critical
description: "APIキー等をクライアントサイドで使用"
problem: "認証情報漏洩"
detection:
conditions:
- client_side_secrets: true
alternatives:
- "サーバーサイド処理"
- "環境変数管理"
references:
- "ATLAS Part 4.3"
# Cost関連
AP-$1:
name: "従量課金 + 上限なし"
category: cost
severity: high
description: "従量課金サービスにSpend Limitを設定していない"
problem: "予期せぬ請求額爆発"
detection:
conditions:
- pricing_model: usage_based
- spend_limit: false
alternatives:
- "Spend Limit設定"
- "アラート設定"
- "固定プランへ移行"
references:
- "ATLAS Part 4.4"
AP-$2:
name: "開発環境の常時起動"
category: cost
severity: medium
description: "開発/ステージング環境が24時間稼働"
problem: "無駄なコスト"
detection:
conditions:
- environment: [development, staging]
- scale_to_zero: false
alternatives:
- "Scale-to-Zero DB (Neon)"
- "スケジュール停止"
references:
- "ATLAS Part 4.4"
AP-$3:
name: "過剰なリアルタイム機能"
category: cost
severity: medium
description: "ポーリングで十分な機能にWebSocket使用"
problem: "接続コスト、複雑性増大"
detection:
conditions:
- realtime_feature: true
- update_frequency: ">10s"
alternatives:
- "ポーリング検討"
- "Server-Sent Events"
references:
- "ATLAS Part 4.4"
# -----------------------------------------------------------------------------
# Alignment Rules(適合ルール)
# -----------------------------------------------------------------------------
alignment_rules:
# アーキタイプ別推奨Compute
compute_recommendations:
A1_STATIC_PRESENCE:
recommended: [SERVERLESS_EDGE]
acceptable: [SERVERLESS_REGIONAL]
discouraged: [KUBERNETES]
A2_CAMPAIGN:
recommended: [SERVERLESS_EDGE]
acceptable: [SERVERLESS_REGIONAL]
discouraged: [SELF_HOSTED]
A3_CONSUMER_APP:
recommended: [SERVERLESS_REGIONAL, CONTAINER_PAAS]
acceptable: [SELF_HOSTED]
discouraged: []
A4_BUSINESS_SAAS:
recommended: [CONTAINER_PAAS, SELF_HOSTED]
acceptable: [KUBERNETES]
discouraged: [SERVERLESS_EDGE]
A5_MARKETPLACE:
recommended: [CONTAINER_PAAS]
acceptable: [SERVERLESS_REGIONAL, KUBERNETES]
discouraged: []
A6_REALTIME:
recommended: [CONTAINER_PAAS]
acceptable: [KUBERNETES]
discouraged: [SERVERLESS_EDGE, SERVERLESS_REGIONAL]
A7_AI_COMPUTE:
recommended: [CONTAINER_PAAS]
acceptable: [KUBERNETES]
discouraged: [SERVERLESS_EDGE]
# Tier別制約
tier_constraints:
T1_MVP:
max_complexity: low
self_hosting: discouraged
kubernetes: prohibited
T2_STARTUP:
max_complexity: medium
self_hosting: acceptable
kubernetes: discouraged
T3_GROWTH:
max_complexity: high
self_hosting: acceptable
kubernetes: acceptable
T4_ENTERPRISE:
max_complexity: unlimited
self_hosting: acceptable
kubernetes: recommended