Complete agentic workflow setup for production-ready Go backend development.
Read agentic-workflow.md for complete pipeline overview.
Describe your feature with execution mode:
**Feature**: Subscription with Invoice
**Execution Mode**: Full Autonomous
**Functional Requirements**:
- Users can subscribe to plans
- System generates invoices
- Invoice status tracked (pending, paid, overdue)
**Constraints**:
- Must support recurring billing (future)
- Must track payment historyThe system will automatically:
- Plan the implementation
- Architect the design
- Migrate the database
- Implement the backend
- Validate security
- Generate tests (92%+ coverage)
- Review code quality
- Self-correct any issues
.github/
βββ agentic-workflow.md β START HERE (phase definitions)
βββ copilot-instructions.md (core orchestration rules)
βββ workflows/
β βββ ci.yml (automated testing + security)
βββ aw/ (execution modes & workflows)
β βββ execution-mode.md (Plan/Generate/Autonomous)
β βββ full-autonomous.md (8-phase pipeline)
β βββ self-correction.md (validation loop)
β βββ ...
βββ instructions/ (technical standards)
β βββ architecture.md (clean architecture rules)
β βββ backend.md (implementation patterns)
β βββ database.md (schema standards)
β βββ security.md (auth/validation/secrets)
β βββ testing.md (test requirements)
β βββ go-standards.md (Go conventions)
β βββ ...
βββ agents/ (agent role definitions)
β βββ planner.md (planning agent)
β βββ architect.md (architecture review)
β βββ backend.md (implementation)
β βββ test.md (test generation)
β βββ security.md (security validation)
β βββ reviewer.md (code quality)
β βββ ...
βββ prompts/ (request templates)
βββ feature.md (new features)
βββ bugfix.md (bug fixes)
βββ ...
Scope definition without code generation.
- Use for: Requirements clarification, design decisions
- Output: Structured evolution plan
- Example: "What APIs needed for subscription?"
Design + full implementation (no tests/security review).
- Use for: Pre-approved features, low-risk additions
- Output: Ready-to-test code
- Example: "Add user profile endpoint"
Complete pipeline with security, tests, and review.
- Use for: Production features, critical systems
- Output: Production-ready implementation
- Guarantees: 92%+ test coverage, security validated, code reviewed
Automatically enforces all standards:
Lint & Format β Code Style Validation
β
Tests & Coverage β 92% Minimum Coverage Gate
β
Architecture β Clean Layer Validation
β
Build β Go Binary Compilation
β
Security Scanning β Gosec + SASTRun locally:
make lint # Run linters
make test # Run tests with coverage
make coverage # Generate coverage report
go build ./cmd/api-server # Build binaryMandatory dependency flow:
Handler (HTTP) β Service (Logic) β Repository (Data) β Database
Violations detected in:
- Code review phase
- CI validation
- Self-correction loop
Handler:
- HTTP parsing only
- User authentication extraction
- Call service layer
- Return JSON responses
Service:
- Business logic & validation
- Orchestrate repositories
- Handle transactions
- Return structured responses
Repository:
- Database queries only
- Use parameterized statements
- Return domain models
- Handle not-found as nil
Domain:
- Pure data structures
- No framework imports
- Proper type tags (db, json)
All implementations must pass:
- Authentication: Proper JWT handling, context usage
- Authorization: RBAC middleware, ownership validation
- Input Validation: Service layer validation, no SQL injection
- Sensitive Data: No logs of passwords/tokens
- Error Handling: No internal details leaked to client
Enforced in Phase 5 (Security Agent).
Minimum coverage: 92% (CI gate)
| Layer | Coverage | Type |
|---|---|---|
| Service | β₯95% | Unit (mock repos) |
| Handler | β₯90% | Integration (mock service) |
| Repository | β₯80% | Unit (SQL validation) |
| Overall | β₯92% | CI Gate |
internal/service/xyz_service_test.go (unit tests)
internal/api/xyz_handler_test.go (integration tests)
# Start with feature request
# Include execution mode and requirements
# Implement according to plan
# Follow clean architecture
# Write tests as you code
make test # Verify tests pass locally
make coverage # Check coverage
make lint # Check code style
go build ./cmd/api-server # Ensure buildsgit add .
git commit -m "feat|fix|refactor: description"Pre-commit hooks validate:
- Code formatting
- Basic linting
git push origin feature-branchCI automatically runs:
- Full linting & formatting
- Complete test suite (92% gate)
- Architecture validation
- Security scanning
- Build verification
Human review validates:
- Architecture compliance
- Security review
- Performance assessment
- Test adequacy
- Documentation completeness
Merge to main only after:
- All CI checks pass
- Code review approved
- Coverage β₯92%
- No security issues
- Use
int64for IDs - Use
float64for money - Use
time.Timefor timestamps - Use pointers for optional fields
- Accept
context.Contextas first parameter in service/repo
- BIGSERIAL for PKs
- BIGINT with ON DELETE CASCADE for FKs
- Indexes on foreign keys and filters
- created_at / updated_at timestamps
- NOT NULL constraints where needed
- RESTful (POST create, GET read, PUT update, DELETE remove)
- Proper HTTP status codes (201, 400, 401, 403, 404, 500)
- Structured error responses
- Consistent request/response format
Use error package for domain errors:
return nil, errors.NewAppError("CODE", "message", 400)Never:
- Return bare error strings
- Use http.StatusInternalServerError for validation
- Leak stack traces to client
Code is production-ready when:
β All 8 phases complete (Full Autonomous)
β 92%+ test coverage
β 0 critical security issues
β Code review approved
β All CI checks passing
Then merge to main.
- agentic-workflow.md - Complete phase definitions
- instructions/architecture.md - Clean architecture rules
- instructions/backend.md - Implementation patterns
- instructions/testing.md - Test standards
- instructions/security.md - Security requirements
- aw/execution-mode.md - Execution modes explained
- aw/self-correction.md - Validation loop details
Q: What if my PR fails CI?
A: Check the CI output. Usually: code formatting, test coverage, or lint issues. Fix and push again.
Q: How do I write tests first?
A: Good practice (TDD). Write test in xyz_test.go, implement service/handler to pass test, run make coverage.
Q: Can I skip security review?
A: Only in Plan + Generate mode. Full Autonomous always includes Phase 5 (Security Agent).
Q: What's the coverage gate?
A: 92% minimum. Check with make coverage. If below, add missing test cases.
Q: How do I run the full agentic pipeline?
A: Submit feature request with "Full Autonomous" mode. The system executes all 8 phases automatically.
Setup Date: February 18, 2026
Version: 1.0
Status: Production-Ready