Architecture Decision Records (ADRs)
"Each tool to its purpose" β No one-size-fits-all
This directory contains important architectural decisions for STOA Platform.
ADR Indexβ
Core Architectureβ
| # | Title | Status |
|---|---|---|
| 003 | Monorepo Architecture β Multi-Service Polyglot | β |
| 004 | Gateway Adapter Pattern β Multi-Gateway Orchestration | β |
| 005 | Event-Driven Architecture β Kafka Topics Design | β |
| 006 | Tool Registry Architecture β 7-Module Design | β |
| 035 | Gateway Adapter Pattern β Multi-Gateway Orchestration | β |
| 045 | stoa.yaml Declarative API Specification | β |
Platform & Infrastructureβ
| # | Title | Status |
|---|---|---|
| 001 | Third-Party API Exposure Strategy β Public API Facade | β |
| 002 | stoactl CLI Design | π |
| 007 | GitOps with Argo CD | β |
| 025 | Gateway Resilience β Anti-Zombie Node Pattern | π |
| 031 | CI/CD Reusable Workflow Architecture | β |
| 040 | Born GitOps β Multi-Environment Promotion Architecture | β |
| 043 | Kafka β MCP Event Bridge Architecture | π |
Security & Complianceβ
| # | Title | Status |
|---|---|---|
| 011 | API Security Mode Selection β mTLS / OAuth2 / Hybrid | β |
| 015 | Token Optimization Architecture | π |
| 018 | Security Hardening P0 β Team Coca Pentest | β |
| 026 | Multi-IAM Federation Pattern β Zero User Storage | β |
| 027 | X.509 Header Authentication | β |
| 028 | RFC 8705 Certificate Binding | β |
| 029 | mTLS Certificate Lifecycle | β |
| 039 | Rust Gateway mTLS Cert-Bound Tokens | β |
| 044 | MCP OAuth 2.1 Gateway Proxy Architecture | β |
| 054 | RBAC Taxonomy v2 β Persona Roles & Display Names | β |
| 056 | FAPI 2.0 Security Architecture | β |
MCP & AI Gatewayβ
| # | Title | Status |
|---|---|---|
| 012 | MCP Tools Architecture β RBAC & Multi-Tenant Governance | β |
| 020 | Runtime Data Governance | β |
| 021 | UAC-Driven Observability | π |
| 022 | UAC Tenant Architecture | β |
| 023 | Zero Blind Spot Observability | β |
| 024 | Unified Gateway Architecture β 4 Deployment Modes | β |
| 046 | MCP Federation Architecture | π |
| 047 | MCP Skills System β Context Injection | π |
| 048 | Integrated Chat Agent Architecture | π |
| 051 | Lazy MCP Discovery with Cache-First Pattern | β |
Performance & Observabilityβ
| # | Title | Status |
|---|---|---|
| 008 | Semantic Response Caching β pgvector Strategy | β |
| 009 | Error Snapshots β Time-Travel Debugging | β |
| 049 | Enterprise AI-Native Gateway Benchmark | β |
| 050 | Guardrails V2 β Token Budget State Management | β |
| 052 | Benchmark OpenSearch Persistence & LLM Routing | β |
| 053 | LLM Cost-Aware Routing | β |
Gateway & Deploymentβ
| # | Title | Status |
|---|---|---|
| 034 | Python to Rust Migration Strategy | β |
| 036 | Gateway Auto-Registration β Zero-Config Onboarding | β |
| 037 | Deployment Modes β Sovereign First Strategy | β |
| 038 | Sidecar Deployment on VM Infrastructure | π |
| 057 | Product Lineup β STOA Gateway, STOA Link, STOA Connect | β |
| 058 | Pingora Integration β Embedded Connection Pool | β |
Frontend & UXβ
| # | Title | Status |
|---|---|---|
| 032 | Response Transformation β Pluggable Adapters | β |
| 033 | Shared UI Components β Theme Abstraction | β |
| 055 | Portal/Console Governance β Clear Separation of Concerns | β |
Business & Strategyβ
| # | Title | Status |
|---|---|---|
| 019 | Business Model & Moat Strategy | β |
| 041 | Plugin Architecture β Community Core vs Enterprise Extensions | β |
Developer Experience & AI Workflowβ
| # | Title | Status |
|---|---|---|
| 030 | AI-Native Context Management Architecture | β |
| 065 | STOA PR Guardian β Advisory AI Review on GitHub Actions | β |
Planned ADRsβ
| # | Title | Priority |
|---|---|---|
| 010 | Blockchain Decision β Digital Euro 2027+ | Low |
| 013 | Idempotency & Saga Patterns β Exactly-Once for B2B | Medium |
| 014 | Delivery Guardrails β Canary & SLO Auto-Freeze | Medium |
| 016 | Release Engineering β Git Workflow & Versioning | High |
| 017 | Kafka/Redpanda Internal-Only β Zero External Exposure | Medium |
Legend: β Accepted Β· π Draft/Proposed
Technology Choices Overviewβ
| Category | STOA Choice | Alternatives | Rationale |
|---|---|---|---|
| Messaging | Kafka (Redpanda) | RabbitMQ, NATS | Event sourcing, replay, scale |
| Database | PostgreSQL | MySQL, MongoDB | ACID, JSON, extensions |
| Auth | Keycloak | Auth0, Okta | Self-hosted, full OIDC |
| Observability | Prometheus + Grafana + Loki | Datadog, ELK | Open source, K8s-native |
| GitOps | ArgoCD | Flux, Jenkins | UI, multi-cluster |
| Automation | ArgoCD + Gateway Adapters | Terraform | Idempotent, auditable |
| Gateway v1 | webMethods | Kong, APISIX | Legacy expertise |
| Gateway v2 | Rust (Pingora) | Go, C++ | Performance, safety |
| Search | OpenSearch | Elasticsearch | Apache 2.0, AWS-free |
Guiding Principlesβ
| Principle | Application |
|---|---|
| Open Source first | Avoid lock-in, contribute upstream |
| K8s-native | Operators, CRDs, GitOps |
| Right tool for the job | Kafka for events, PostgreSQL for ACID |
| Self-hosted possible | No mandatory SaaS dependency |
| Permissive license | Apache 2.0, MIT β avoid GPL, SSPL |
| Cloud-agnostic | No mandatory managed service |
ADR Templateβ
Use the template below to create new ADRs.
# ADR-XXX: [Title]
## Metadata
| Field | Value |
|-------|-------|
| **Status** | π Draft / β
Accepted / β Rejected / π Superseded |
| **Date** | YYYY-MM-DD |
| **Linear** | [CAB-XXX](link) |
## Context
[Why is this decision needed?]
## Decision
[What was decided?]
## Consequences
### Positive
### Negative
### Mitigations
## References