chore: relocate ADRs from decisions/ to docs/decisions/ to consolidate documentation

Move the ADR folder under docs/ alongside the rest of the project
documentation. Convention (flat folder, globally-sequential 4-digit
numbering, tags-based categorization, MADR 4.0.0 format) is unchanged
- only the path moved.

- git mv decisions docs/decisions preserves history for all 18 ADRs +
  README + template (19 files renamed in this commit).
- ADR-0001 amended in-place with a dated note documenting the
  relocation. Status remains 'accepted' - the location detail
  changed, the decision did not.
- All cross-references updated:
  - CLAUDE.md (~17 ADR links + 3 mentions of decisions/ in the Project
    rules section)
  - docs/README.md (now references decisions/ as a sibling under docs/)
  - docs/setup/03-angular-nx-monorepo.md (paths shortened from
    ../../decisions/ to ../decisions/, since setup/ and decisions/ are
    now both inside docs/)
  - docs/decisions/0003 ../CLAUDE.md adjusted to ../../CLAUDE.md
    (one extra level of nesting)
  - docs/decisions/template.md mention of the README path
  - notes/asvs-level-decision-briefing-rssi.md mention of the index

Sanity verified: every ADR link in CLAUDE.md, docs/setup/03, and
docs/decisions/0001 resolves to an existing file. pnpm nx run-many
-t lint passes on 8 projects.
This commit is contained in:
Julien Gautier
2026-04-30 18:57:59 +02:00
parent bd8eefb44a
commit 0e58e32d29
27 changed files with 1653 additions and 1570 deletions
+23 -27
View File
@@ -1,6 +1,6 @@
# 🏗️ Bootstrap the Nx monorepo for apf-portal
> **Status.** Aligned with phase-1 ADRs ([0002](../../decisions/0002-adopt-nx-monorepo-apps-preset.md), [0003](../../decisions/0003-workspace-and-app-naming-convention.md), [0004](../../decisions/0004-frontend-stack-angular-csr-zoneless-signals.md), [0005](../../decisions/0005-backend-stack-nestjs.md), [0006](../../decisions/0006-persistence-postgresql-prisma.md)). Replaces the original placeholder-based draft.
> **Status.** Aligned with phase-1 ADRs ([0002](../decisions/0002-adopt-nx-monorepo-apps-preset.md), [0003](../decisions/0003-workspace-and-app-naming-convention.md), [0004](../decisions/0004-frontend-stack-angular-csr-zoneless-signals.md), [0005](../decisions/0005-backend-stack-nestjs.md), [0006](../decisions/0006-persistence-postgresql-prisma.md)). Replaces the original placeholder-based draft.
## Goal
@@ -25,7 +25,7 @@ Out of scope here (covered by later phases): authentication (Entra ID), sessions
## 1) Initialize the Nx workspace inside the existing repository
The repository already carries documentation, ADRs, `.vscode/`, and `.gitignore`. `create-nx-workspace` always generates into a *new* directory, so we generate next to the repo and copy the workspace files in.
The repository already carries documentation, ADRs, `.vscode/`, and `.gitignore`. `create-nx-workspace` always generates into a _new_ directory, so we generate next to the repo and copy the workspace files in.
```bash
# 1. Generate a clean Nx workspace next to the repo
@@ -47,7 +47,7 @@ cp -v package.json pnpm-workspace.yaml nx.json tsconfig.base.json \
cd ~ && rm -rf ~/dev/apf-portal-bootstrap
```
The `apps` preset is generic — it does not privilege a runtime ([ADR-0002](../../decisions/0002-adopt-nx-monorepo-apps-preset.md)). Plugins are added in step 2.
The `apps` preset is generic — it does not privilege a runtime ([ADR-0002](../decisions/0002-adopt-nx-monorepo-apps-preset.md)). Plugins are added in step 2.
Verify:
@@ -92,10 +92,7 @@ import { provideRouter } from '@angular/router';
import { routes } from './app.routes';
export const appConfig: ApplicationConfig = {
providers: [
provideZonelessChangeDetection(),
provideRouter(routes),
],
providers: [provideZonelessChangeDetection(), provideRouter(routes)],
};
```
@@ -122,8 +119,8 @@ In `tsconfig.base.json`:
"noUncheckedIndexedAccess": true,
"exactOptionalPropertyTypes": true,
"noImplicitOverride": true,
"noPropertyAccessFromIndexSignature": true
}
"noPropertyAccessFromIndexSignature": true,
},
}
```
@@ -189,9 +186,7 @@ import { Module } from '@nestjs/common';
import { PrismaModule } from 'nestjs-prisma';
@Module({
imports: [
PrismaModule.forRoot({ isGlobal: true }),
],
imports: [PrismaModule.forRoot({ isGlobal: true })],
})
export class AppModule {}
```
@@ -208,7 +203,8 @@ DATABASE_URL="postgresql://portal:portal@localhost:5432/portal_dev?schema=public
## 6) Generate the first libraries
Convention ([ADR-0003](../../decisions/0003-workspace-and-app-naming-convention.md)):
Convention ([ADR-0003](../decisions/0003-workspace-and-app-naming-convention.md)):
- `libs/feature/<name>` for vertical features;
- `libs/shared/<scope>` for cross-cutting concerns.
@@ -262,7 +258,7 @@ This prevents `portal-shell` from importing `portal-bff` code (and vice versa),
## 8) Prettier, git hooks, and Conventional Commits
See [ADR-0007](../../decisions/0007-pre-commit-hooks-and-conventional-commits.md) for the rationale (Husky + lint-staged + commitlint with Conventional Commits).
See [ADR-0007](../decisions/0007-pre-commit-hooks-and-conventional-commits.md) for the rationale (Husky + lint-staged + commitlint with Conventional Commits).
`.prettierrc` (project-wide):
@@ -344,17 +340,17 @@ pnpm nx g @nx/nest:resource <name> --project=portal-bff
---
## What this guide does *not* cover (yet)
## What this guide does _not_ cover (yet)
| Concern | Phase |
| --- | --- |
| Authentication (Entra ID workforce + External ID) | 2 |
| Sessions / cache (Redis self-hosted) | 2 |
| Downstream API access (existing apps) | 2 |
| Observability (Pino + OpenTelemetry + W3C) | 2 |
| Audit trail | 2 |
| Accessibility baseline (WCAG 2.2 AA + axe-core in CI) | 3 |
| Performance budgets (Lighthouse CI) | 3 |
| Security baseline (CSP, dep / secret scanning, OWASP ASVS) | 3 |
| CI/CD on Gitea | 3 |
| On-prem infrastructure stack (orchestration, Postgres HA, Redis HA, observability backend) | 3 |
| Concern | Phase |
| ------------------------------------------------------------------------------------------ | ----- |
| Authentication (Entra ID workforce + External ID) | 2 |
| Sessions / cache (Redis self-hosted) | 2 |
| Downstream API access (existing apps) | 2 |
| Observability (Pino + OpenTelemetry + W3C) | 2 |
| Audit trail | 2 |
| Accessibility baseline (WCAG 2.2 AA + axe-core in CI) | 3 |
| Performance budgets (Lighthouse CI) | 3 |
| Security baseline (CSP, dep / secret scanning, OWASP ASVS) | 3 |
| CI/CD on Gitea | 3 |
| On-prem infrastructure stack (orchestration, Postgres HA, Redis HA, observability backend) | 3 |