ADR-0001 Internal Documentation Scope
Status
Section titled “Status”Accepted
Context
Section titled “Context”The repository houses both a public marketing site (apps/site) and an internal documentation site (apps/docs). Architecture diagrams, security posture, and operational runbooks in apps/docs are sensitive and unsuitable for public audiences.
Decision
Section titled “Decision”apps/docsremains an internal-only knowledge base.- Public-facing AI/Ethics and governance material will be published through a separate, future documentation surface.
- Access controls (Cloudflare Access) will guard the docs before any deployment.
Rationale
Section titled “Rationale”- Protect confidential architectural decisions and security practices.
- Maintain a safe environment for candid retrospectives and risk discussions.
- Avoid accidental leakage of operational playbooks.
Consequences
Section titled “Consequences”- Documentation requires authentication for staging and production environments.
- Contributions must respect internal-only classification and label sensitive sections accordingly.
- Additional effort needed to maintain separate public documentation.
Deferred Considerations
Section titled “Deferred Considerations”- Future definition of the public documentation site and its content scope.
- Encryption and auditing requirements once Cloudflare Access is enabled.
- Automated checks preventing internal content from leaking into public repos.
Implementation Steps
Section titled “Implementation Steps”- Maintain internal docs under
apps/docsonly. - Plan Cloudflare Access policies for the docs project.
- Document the separation in onboarding materials and runbooks.
Verification Method
Section titled “Verification Method”- Cloudflare Pages project for docs enforces Access prior to go-live.
- Security reviews confirm no internal URLs are publicly linked.
- Onboarding checklists reference this ADR.