Skip to main content

Architecture and Decision Traceability

Purpose

This section defines the architecture of the portfolio web app (and associated demo ecosystem) with sufficient rigor to demonstrate:

  • clear system boundaries and responsibilities
  • explicit decision-making and tradeoffs (via ADRs)
  • data flow visibility and trust boundary clarity
  • a foundation for operations, security, and delivery pipelines

Scope

In scope

  • C4 views (context, container, component)
  • critical subsystems and interfaces
  • integration contracts and dependencies
  • data flows and trust boundaries
  • ADRs: why decisions were made and what alternatives were rejected

Out of scope

  • procedural operations steps (belongs in 50-operations/)
  • CI/CD implementation details (belongs in 30-devops-platform/)
  • security controls detail (belongs in 40-security/)

Architecture artifact standards

C4 documentation expectations

  • Context (L1): external actors, key system boundary, upstream/downstream dependencies
  • Container (L2): major deployable units and runtime environment
  • Component (L3): high-level internal subsystems and contracts

Keep diagrams minimal, readable, and consistent in notation.

ADR requirements (non-negotiable)

An ADR must exist when you:

  • introduce or change the core stack, hosting model, auth model, persistence model
  • adopt a new security control with architectural impact
  • materially alter observability or incident-handling approach

ADR must include:

  • context
  • decision
  • alternatives considered
  • consequences (positive and negative)
  • follow-up actions

Where to put things

  • “How the system works” → C4 and component design pages
  • “Why we chose X” → ADRs in 10-architecture/adr/
  • “How data moves / what we trust” → data flows and trust boundaries
  • “How to run it” → operations runbooks, not here

Validation and expected outcomes

Architecture content is correct when:

  • it enables implementers to build and operators to run without guessing
  • it supports threat modeling (assets, entry points, trust boundaries are clear)
  • it supports deployment and rollback planning (runtime dependencies are explicit)

Failure modes and troubleshooting

  • Architecture drift: implementation diverges from docs → update architecture and ADRs as part of the same PR.
  • Untracked decisions: a new pattern appears without an ADR → create an ADR retroactively and reference it from the relevant design page.
  • Diagram rot: diagrams no longer represent reality → treat diagrams as “code”: update them during implementation.

References

Planning dependency: meaningful architectural changes must trigger:

  • ADR updates (this section)
  • threat model updates (40-security/)
  • runbook or rollback updates (50-operations/)
  • pipeline or environment updates (30-devops-platform/)