KooshaPari · KooshaPari · Apr 4, 2026 · Apr 4, 2026 · Apr 6, 2026 · kilo-code-bot
diff --git a/.github/workflows/legacy-tooling-gate.yml b/.github/workflows/legacy-tooling-gate.yml
@@ -0,0 +1,102 @@
+name: Legacy Tooling Gate (WARN Mode)
+
+on:
+  push:
+    branches: [main, master, develop]
+  pull_request:
+    branches: [main, master]
+  workflow_dispatch:
+
+jobs:
+  legacy-tooling-scan:
+    name: Legacy Tooling Anti-Pattern Scan
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      security-events: write
+      pull-requests: write
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Checkout phenotype/repos for shared tools
+        uses: actions/checkout@v4
+        with:
+          repository: kooshapari/phenotype
+          path: phenotype-repos
+          sparse-checkout: tooling/legacy-enforcement
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+
+      - name: Install dependencies
+        run: pip install pyyaml
+
+      - name: Run Legacy Tooling Scanner (WARN Mode)
+        run: |
+          python3 phenotype-repos/tooling/legacy-enforcement/scanner/legacy_tooling_scanner.py \
+            --repo-root . \
+            --policy phenotype-repos/tooling/legacy-enforcement/policy/rules.yaml \
+            --output-json legacy_tooling_report.json \
+            --output-md legacy_tooling_report.md \
+            --report-only
+        continue-on-error: true
+
+      - name: Upload scan report (JSON)
+        uses: actions/upload-artifact@v4
+        with:
+          name: legacy-tooling-report-json
+          path: legacy_tooling_report.json
+          retention-days: 30
+
+      - name: Upload scan report (Markdown)
+        uses: actions/upload-artifact@v4
+        with:
+          name: legacy-tooling-report-md
+          path: legacy_tooling_report.md
+          retention-days: 30
+
+      - name: Comment PR with findings
+        if: github.event_name == 'pull_request'
+        uses: actions/github-script@v7
+        with:
+          script: |
+            const fs = require('fs');
+            let report = '**Legacy Tooling Scan Report**\n\n';
+
+            try {
+              const data = JSON.parse(fs.readFileSync('legacy_tooling_report.json', 'utf8'));
+              const totals = data.totals || {};
+
+              report += `| Severity | Count |\n|----------|-------|\n`;
+              report += `| Critical | ${totals.critical || 0} |\n`;
+              report += `| High | ${totals.high || 0} |\n`;
+              report += `| Medium | ${totals.medium || 0} |\n`;
+              report += `| Low | ${totals.low || 0} |\n\n`;
+
+              const findings = data.findings || [];
+              if (findings.length > 0) {
+                report += '**Top Violations:**\n';
+                findings.slice(0, 5).forEach(f => {
+                  report += `- [${f.severity.toUpperCase()}] ${f.rule_id}: ${f.file}:${f.line}\n`;
+                });
+                if (findings.length > 5) {
+                  report += `- ... and ${findings.length - 5} more\n`;
+                }
+              } else {
+                report += 'No violations detected.\n';
+              }
+
+              report += '\n*This is a WARN-mode scan. Fix before strict enforcement begins.*';
+            } catch (e) {
+              report += 'Could not parse scan results.';
+            }
+
+            github.rest.issues.createComment({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              body: report
+            });
diff --git a/PLAN.md b/PLAN.md
@@ -0,0 +1,68 @@
+# BytePort — PLAN.md
+
+## Implementation Roadmap
+
+### Phase 1: Foundation (Weeks 1-2)
+
+| Task | Description | Deliverable |
+|------|-------------|-------------|
+| P1.1 | Go project setup | Module structure, build scripts |
+| P1.2 | NVMS parser | Manifest validation, transformation |
+| P1.3 | AWS SDK setup | Credentials, base client |
+| P1.4 | Frontend shell | UI framework, routing |
+
+### Phase 2: NanoVMS Core (Weeks 3-4)
+
+| Task | Description | Deliverable |
+|------|-------------|-------------|
+| P2.1 | SpinCLI integration | VM creation, management |
+| P2.2 | MicroVM images | Build pipeline, base images |
+| P2.3 | Networking | VPC, security groups |
+| P2.4 | VM lifecycle | Start, stop, health checks |
+
+### Phase 3: Deploy Engine (Weeks 5-6)
+
+| Task | Description | Deliverable |
+|------|-------------|-------------|
+| P3.1 | Git integration | Repo clone, branch checkout |
+| P3.2 | Service discovery | Multi-service apps |
+| P3.3 | Environment config | Env var injection |
+| P3.4 | Deploy pipeline | End-to-end flow |
+
+### Phase 4: Portfolio Generation (Weeks 7-8)
+
+| Task | Description | Deliverable |
+|------|-------------|-------------|
+| P4.1 | LLM integration | OpenAI + LLaMA backends |
+| P4.2 | Screenshot capture | Puppeteer/Playwright |
+| P4.3 | Template system | Page generation |
+| P4.4 | Portfolio hosting | S3 + CloudFront |
+
+### Phase 5: Polish (Weeks 9-10)
+
+| Task | Description | Deliverable |
+|------|-------------|-------------|
+| P5.1 | UI completion | Dashboard, deploy wizard |
+| P5.2 | Error handling | Retry, rollback, alerts |
+| P5.3 | Testing | Unit, integration tests |
+| P5.4 | Documentation | User guide, API docs |
+
+---
+
+## Resources
+
+| Role | Allocation |
+|------|------------|
+| Backend Engineer | 2 FTE |
+| Frontend Engineer | 1 FTE |
+| DevOps Engineer | 0.5 FTE |
+
+---
+
+## Success Criteria
+
+- [ ] Deploy from GitHub in <5 minutes
+- [ ] Multi-service app support
+- [ ] Auto-generated portfolio pages
+- [ ] 99.9% deployed app uptime
+- [ ] Zero-downtime redeploys