Skip to main content
Jira progress: loading…

ZTS

ZAYAZ Technology Stack Specification

1. Purpose

This specification defines the approved technology stack for all ZAYAZ platform development.

The objective is to provide:

  • Architectural consistency
  • Agent-safe development
  • Reduced technical debt
  • Predictable operations
  • Security standardization
  • Compliance traceability
  • Long-term maintainability

ZTS is the authoritative source for technology selection within the ZAYAZ ecosystem.


2. Core Principles

Principle 1 — Strategic Standardization

Prefer platform-wide standards over local optimization.

Principle 2 — AI-First Development

All technologies must be suitable for agent-assisted development.

Principle 3 — Cloud Neutrality

Avoid unnecessary vendor lock-in.

Principle 4 — Governance by Design

Every technology decision must support:

  • Traceability
  • Security
  • Auditability
  • Compliance

Principle 5 — Registry Driven Architecture

Applications consume:

ZIR
ZCT
ZRR
ZAR
HNC

rather than hardcoded relationships.


3. Approved Languages

Strategic

languages:
primary:
- TypeScript
approved:
- SQL
- GraphQL
- YAML
- JSON
specialized:
- Python
prohibited:
- PHP
- Ruby
- Perl

Rationale:

TypeScript becomes the universal platform language.

Python is permitted for:

  • AI
  • Data science
  • Analytics
  • Modeling
  • Computation Hub

4. Frontend Stack

frontend:
framework:
technology: Next.js
language:
technology: TypeScript
ui:
technology: ShadCN
styling:
technology: Tailwind
forms:
technology: React Hook Form
visualization:
technology: Apache ECharts
state_management:
technology: Zustand
authentication:
technology: Keycloak

5. Backend Stack

backend:
runtime:
technology: Node.js
framework:
technology: NestJS
language:
technology: TypeScript
validation:
technology: Zod
api:
primary:
- GraphQL
secondary:
- REST
eventing:
pattern:
- Event Driven

6. Database Architecture

Transactional Store

transactional_store:
technology: PostgreSQL
purpose:
authoritative business data

Vector Store

vector_store:
technology: pgvector
purpose:
semantic retrieval
agent context
ontology search

Graph Store

graph_store:
technology: Neo4j
purpose:
dependency graph
blast radius analysis
ontology traversal
lineage analysis

Analytics Store

analytics_store:
technology: ClickHouse
purpose:
ESG analytics
KPI computation
reporting acceleration

Object Store

object_store:
technology: S3 Compatible
purpose:
reports
evidence
DAL artifacts
workflow outputs

7. Workflow Orchestration

Strategic Standard

workflow_engine:
technology: Temporal

Temporal SHALL orchestrate:

Hecate
ZARA
MICE
TrustGate workflows
Verification workflows
Report generation
Computation Hub jobs

No custom orchestration engines should be introduced without architecture approval.


8. Event Platform

event_platform:
technology: Kafka

Usage:

Domain Events
Workflow Events
Audit Events
Assurance Events
Agent Events

Mandatory patterns:

patterns:
- transactional_outbox
- schema_registry
- idempotent_consumers

9. Search Platform

search:
technology: OpenSearch

Usage:

Document Search
Ruleset Search
Schema Search
Component Search
Evidence Search

10. Identity & Access

iam:
technology: Keycloak

Capabilities:

SSO
OIDC
RBAC
ABAC
External Federation

Future:

TrustGate Integration
Verifier Federation

11. Agent Platform

Strategic Agents

agents:
intake:
- Hecate
architecture:
- ZARA
orchestration:
- ACP
coding:
- OpenAI Codex
- Claude Code
validation:
- Workflow Test Engine
governance:
- FAGF

12. Agent Development Policy

Agents MAY:

allowed:
- code generation
- unit tests
- integration tests
- workflow tests
- documentation

Agents SHALL NOT:

prohibited:
- approve contracts
- approve rulesets
- approve schemas
- bypass workflow tests
- deploy directly to production

13. CI/CD

cicd:
platform:
GitHub Actions
deployment:
GitOps
infrastructure:
Terraform

Mandatory gates:

required:
- lint
- unit tests
- contract tests
- workflow tests
- security scan
- blast radius validation

14. Observability

observability:
metrics:
Prometheus
dashboards:
Grafana
tracing:
OpenTelemetry
logging:
Loki

All services SHALL emit:

required:
- metrics
- traces
- structured_logs

15. Security Standards

Mandatory:

security:
secrets:
Vault
encryption:
AES256
transport:
TLS 1.3
dependency_scanning:
required
sbom:
required

16. Technology Maturity Model

Every technology SHALL be classified.

maturity:
strategic
approved
experimental
deprecated
prohibited

Example:

technologies:
PostgreSQL:
maturity: strategic
Neo4j:
maturity: strategic
MongoDB:
maturity: prohibited
Redis:
maturity: approved

17. Hecate Integration

Hecate SHALL use ZTS when generating implementation plans.

Example:

implementation_guidance:
language:
TypeScript
database:
PostgreSQL
workflow_engine:
Temporal
eventing:
Kafka

18. ACP Integration

Agent Control Plane SHALL validate generated code against ZTS.

Checks:

validation:
language_allowed
framework_allowed
database_allowed
workflow_engine_allowed
security_compliant

Non-compliant code SHALL be rejected.


19. Future Technologies

Candidate technologies:

evaluation_pool:
WASM
Rust Services
Lakehouse Analytics
Agent Swarms
Digital Twins
GraphRAG

These may not be used in production until promoted.


20. Normative Statement

ZTS is the authoritative implementation architecture specification for ZAYAZ.

All human developers, coding agents, CI/CD pipelines, Hecate, ACP, ZARA, and future automation systems SHALL treat this specification as the canonical source for approved technology selection and implementation governance.


APPENDIX A - Technology Decision Records (TDR)

  1. TDR-001 PostgreSQL
  2. TDR-002 Neo4j
  3. TDR-003 Temporal
  4. TDR-004 Kafka
  5. TDR-005 Next.js
  6. TDR-006 NestJS

Future TDRs: 7. TDR-007 ClickHouse 8. TDR-008 OpenSearch 9. TDR-009 Keycloak 10. TDR-010 Vault 11. TDR-011 pgvector 12. TDR-012 GitHub Actions 13. TDR-013 Terraform 14. TDR-014 Prometheus 15. TDR-015 Grafana 16. TDR-016 OpenTelemetry 17. TDR-017 Codex 18. TDR-018 Claude Code 19. TDR-019 ACP 20. TDR-020 Hecate

Link: Technology Decision Records (TDR).




GitHub RepoRequest for Change (RFC)