Stats
Actions
Tags
Validate generated Terraform code against design requirements and quality standards. Dispatches spec compliance review and code quality review as parallel subagents. Remote syntax validation is owned by alibabacloud-terraform-codegen Step 6 and is NOT re-run here. WHEN: validate terraform, check code quality, review infrastructure code, run preflight checks, validate before deploy.
How this skill is triggered — by the user, by Claude, or both
Slash command
/alibabacloud-spec-ops:alibabacloud-validateThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
> **AUTHORITATIVE GUIDANCE — MANDATORY COMPLIANCE**
AUTHORITATIVE GUIDANCE — MANDATORY COMPLIANCE
This skill performs dual review: requirement compliance AND code quality. Both reviews MUST be dispatched as independent subagents running in parallel.
Remote Terraform syntax validation (
aliyun iacservice validate-module) is owned byalibabacloud-terraform-codegenStep 6 — by the time control reaches this skill, syntax has already passed remotely. Do NOT re-invokeiacservice validate-modulehere.
PREREQUISITE CHECK (internal — do not expose these checks to user)
Before proceeding, verify:
tasks/status.jsonexists withstatus: "plans-written"designs/terraform/contains generated .tf filesIf missing, STOP and inform the user that code generation needs to complete first.
Activate when:
tasks/status.json for "mode" field to determine validation depthAgent tool in parallelRead tasks/status.json and check the "mode" field:
| Mode | Validation Depth | Stages |
|---|---|---|
"fast-track" | None — trust codegen | Skip both reviews; transition straight to validated |
"full" or absent | Spec compliance + code quality | Stage 1 + Stage 2 (parallel subagents) |
If mode is "fast-track", skip both Stage 1 and Stage 2. Syntax has
already been validated remotely by terraform-codegen Step 6, and the
simplified design opts out of deeper review. The action sequence is:
tasks/status.json to status: "validated"No iacservice call is required here — the validation contract was satisfied in code generation.
CRITICAL: You MUST dispatch BOTH reviewers as independent subagents using the Agent tool in a SINGLE message (parallel execution). Do NOT perform the reviews yourself — delegate to specialized agents.
Use the Agent tool with subagent_type to dispatch both reviews simultaneously:
# In a SINGLE message, make TWO Agent tool calls:
Agent call 1 - Spec Compliance Review:
subagent_type: "alibabacloud-spec-ops:spec-reviewer"
description: "Spec compliance review"
prompt: |
Review the following Terraform code against the design specification.
## Design Document (design.md):
{paste full content of .aliyun-ai-ops-spec/{name}/designs/design.md}
## Terraform Files:
{paste full content of each .tf file}
Follow your review checklist and produce the structured output format.
Return PASS or FAIL with the coverage matrix and issues list.
Agent call 2 - Code Quality Review:
subagent_type: "alibabacloud-spec-ops:code-quality-reviewer"
description: "Code quality review"
prompt: |
Review the following Terraform code for quality, security, and best practices.
## Terraform Files:
{paste full content of each .tf file}
Follow your review checklist and produce the structured output format.
Return PASS or FAIL with categorized issues list.
Key points:
After both subagents complete:
Do NOT call
aliyun iacservice validate-modulehere. Remote syntax was validated byalibabacloud-terraform-codegenStep 6 before this skill ran. Re-running it would be duplicate work and waste an IaC Service quota slot.
Write to .aliyun-ai-ops-spec/{name}/tasks/validation-report.md:
# Validation Report - {Requirement Name}
## Timestamp
{ISO timestamp}
## Stage 1: Spec Compliance (Subagent: spec-reviewer)
- Status: PASS/FAIL
- Issues found: {count}
- Details: {full output from spec-reviewer subagent}
## Stage 2: Code Quality (Subagent: code-quality-reviewer)
- Status: PASS/FAIL
- Issues found: {count}
- Details: {full output from code-quality-reviewer subagent}
## Remote Syntax (handled upstream)
- Validated by: alibabacloud-terraform-codegen Step 6 (iacservice validate-module)
- Status at codegen: PASS (precondition — code generation does not hand
off to this skill unless validate-module succeeded)
## Final Result
- Overall: PASS/FAIL
- Both review stages must PASS to proceed to execution
tasks/status.json to status: "validated" — do NOT mention this to the userTodoWrite: mark "双轨评审:spec compliance + code quality" → completed. (Leave "部署执行" as pending — only the user can promote it to in_progress by confirming.)"Validation complete — all checks passed.
- Spec compliance: ✅
- Code quality: ✅
- Remote syntax: ✅ (validated upstream by terraform-codegen)
下一步:要现在进入部署吗?
部署会通过 IaC Service 远程自动执行
terraform plan与apply——回复一次 "部署" 即授权整条链路完成,真正在云上创建资源并产生费用。我会把 plan 结果展示给你,但不会再停下来二次确认;如果 plan 出现非预期的破坏性变更(例如 Day-2 中要 destroy 资源),我会主动停下来询问。回复 "部署" / "yes" → 进入
alibabacloud-spec-ops:alibabacloud-executing-plans,自动完成 plan + apply。 想再调整代码或暂停?直接告诉我,或随时打断我(Esc / 中止当前消息)。"
TodoWrite: mark "部署执行:terraform plan/apply via IaC Service" → in_progressalibabacloud-spec-ops:alibabacloud-executing-plansIMPORTANT: Do NOT automatically invoke executing-plans without explicit user confirmation. The previous step in the workflow (writing-plans → validate) is read-only and auto-chains; this step is where the workflow stops to ask, by design.
Using independent subagents for review provides:
terraform-codegen Step 6 result; do NOT re-call iacservice validate-modulenpx claudepluginhub acloudlabs-unofficial/alibabacloud-agent-toolkit --plugin alibabacloud-spec-opsGuides creation, editing, and verification of skills for AI coding agents using test-driven development with subagent scenarios. Use when authoring or debugging skills.