Scripts & Configuration Reference¶
๐ค Claude Code + Cline Enterprise Platform with MCP Integration¶
New Agent Orchestration Scripts¶
Agent Orchestrator System:
# Core orchestration script
./scripts-complex/agent-orchestrator.js # Intelligent task routing
# Usage examples
node scripts-complex/agent-orchestrator.js # Test routing logic
npm run subagents:orchestrate # Run orchestration analysis
npm run subagents:orchestrate -- --metrics # View usage metrics
MCP Server Management:
# Core MCP scripts (3 main scripts)
./scripts-complex/mcp-installer.js # Automated MCP server installation
./scripts-complex/mcp-validator.js # Comprehensive server validation
./scripts-complex/mcp-setup.js # Complete setup orchestration
# Custom MCP server implementations
./scripts-complex/github-mcp-server.js # GitHub integration server
./scripts-complex/web-fetch-mcp-server.js # Safe web content fetching
./scripts-complex/mcp-server.js # AI-SDLC toolkit server
# NPM Scripts for MCP Management
npm run mcp:setup # Complete MCP setup and installation
npm run mcp:validate # Validate all server configurations
npm run mcp:status # Check MCP server status
npm run mcp:install # Install MCP packages only
# Direct script execution
node scripts-complex/mcp-installer.js # Direct installation
node scripts-complex/mcp-validator.js # Direct validation
node scripts-complex/mcp-setup.js # Direct orchestrated setup
Claude Code Sub-Agents Configuration:
# Sub-agents configuration file
./claude-code-sub-agents-config.json # Domain-specific agent config
# Usage examples
npm run subagents:setup # Configure sub-agents
npm run subagents:validate # Validate agent setup
Agent Orchestration Commands¶
Intelligent Task Routing¶
The orchestrator automatically routes tasks between Cline MCP servers and Claude Code sub-agents:
# Automatic routing (behind the scenes)
Simple task โ budget-code-assistant ($0.05)
Complex FCRA task โ credit-compliance-reviewer ($0.25)
Security audit โ security-auditor-enhanced + secure_filesystem MCP
Cost Optimization Features¶
// Built-in cost optimization
budget_thresholds: {
"low": 0.05, // Route to budget agents
"medium": 0.15, // Route to standard agents
"high": 0.50 // Allow premium agents
}
// Automatic fallback chains
credit-compliance-reviewer โ security-auditor-enhanced โ budget-code-assistant
MCP Server Integration¶
Complete MCP Server Suite (10 servers):
# Core Infrastructure Servers (Official packages)
playwright_automation # @playwright/mcp - E2E testing with browser automation
secure_filesystem # @modelcontextprotocol/server-filesystem - PII-safe file ops
postgresql_enhanced # @modelcontextprotocol/server-postgres - FCRA audit database
mcp_everything # @modelcontextprotocol/server-everything - Development utilities
# Custom Credit Repair Domain Servers (AI-SDLC specific)
github_integration # ./scripts-complex/github-mcp-server.js - Repository management
web_content_fetch # ./scripts-complex/web-fetch-mcp-server.js - Safe content fetching
ai_sdlc_toolkit # ./scripts-complex/mcp-server.js - Framework automation
credit_compliance # ./qodo-agents/credit-compliance-agent.js - FCRA validation
test_automation # ./scripts-complex/real-ai-test-generator.js - AI test generation
database_automation # Server configuration - PostgreSQL management
MCP Server Capabilities:
# Infrastructure Servers (4)
playwright_automation:
capabilities: [tools, resources, prompts]
purpose: 'E2E test automation with AI generation'
domain: 'testing, browser_automation'
secure_filesystem:
capabilities: [resources, tools]
purpose: 'PII-safe file operations'
domain: 'security, data_protection'
postgresql_enhanced:
capabilities: [tools, resources]
purpose: 'FCRA audit trails and compliance'
domain: 'database, compliance'
mcp_everything:
capabilities: [resources, tools, prompts]
purpose: 'Development utilities and debugging'
domain: 'development, testing'
# Domain-Specific Servers (6)
github_integration:
capabilities: [tools, resources]
purpose: 'Automated PR reviews and compliance'
domain: 'repository_management, compliance'
web_content_fetch:
capabilities: [resources]
purpose: 'Safe content fetching for regulations'
domain: 'research, compliance'
ai_sdlc_toolkit:
capabilities: [resources, tools, prompts]
purpose: 'Framework automation and workflows'
domain: 'framework, automation'
credit_compliance:
capabilities: [tools, resources]
purpose: 'FCRA/FACTA validation and auditing'
domain: 'compliance, regulatory'
test_automation:
capabilities: [tools, prompts]
purpose: 'AI-powered test generation'
domain: 'testing, quality_assurance'
database_automation:
capabilities: [tools, resources]
purpose: 'Database management and optimization'
domain: 'database, performance'
MCP Configuration File (.mcp.json):
{
"$schema": "https://schemas.anthropic.com/mcp/server-config",
"name": "ai-sdlc-mcp-servers",
"version": "1.0.0",
"description": "MCP servers for AI-SDLC Framework",
"servers": {
"playwright_automation": {
"command": "npx",
"args": ["-y", "@playwright/mcp"],
"env": {
"DOMAIN_PATTERNS": "credit_repair,dispute_portal,customer_dashboard",
"TCP_E2E_PATTERNS": "true"
}
},
"secure_filesystem": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-filesystem", "/secure/path"]
},
"postgresql_enhanced": {
"command": "npx",
"args": ["-y", "@modelcontextprotocol/server-postgres"],
"env": {
"POSTGRES_CONNECTION_STRING": "${DATABASE_URL}"
}
}
// ... additional server configurations
}
}
Claude Code Sub-Agent Types¶
# Premium agents ($0.25) - Complex domain tasks
credit-compliance-reviewer # FCRA/FACTA compliance review
credit-test-generator # Domain-specific test generation
security-auditor-enhanced # PII protection and security audit
architecture-planner-fcra # Compliance-focused architecture
# Standard agents ($0.10) - Medium complexity
documentation-specialist # Technical writing and API docs
performance-optimizer # Database and query optimization
# Budget agent ($0.05) - Simple tasks
budget-code-assistant # Basic fixes and formatting
๐ v2.8.1 Open-Source PR-Agent Platform (Previous)¶
TCP-Optimized PR-Agent Setup¶
New Open-Source PR-Agent Scripts:
# Automated TCP-optimized setup
./scripts/setup-pr-agent.sh
# Manual configuration files
.pr_agent.toml # TCP credit repair optimized config
.github/workflows/pr-agent-optimized.yml # Cost-efficient GitHub workflow
Open-Source PR-Agent Commands¶
Automatic Features (Zero Configuration)¶
- โ Auto-generated PR descriptions on new PRs
- โ Smart code review based on file changes
- โ TCP compliance validation for credit repair code
- โ PII detection alerts for sensitive data patterns
- โ Cost-optimized analysis using appropriate AI models
Manual Commands (Comment in PR)¶
/describe # Generate/regenerate PR description
/review # Comprehensive AI code review
/improve # Code improvement suggestions
/security # Security-focused analysis only
/compliance # FCRA/FACTA compliance review
/test # Test generation assistance
/ask <question> # Interactive Q&A about code
/help # Show all available commands
TCP-Specific Features¶
Credit Repair Compliance¶
# Built-in FCRA/FACTA validation
๐ฆ COMPLIANCE PRIORITY:
- FCRA Section 604: Permissible purpose verification
- FCRA Section 607: Credit data accuracy requirements
- FCRA Section 615: Adverse action disclosure validation
- FACTA compliance: Identity theft prevention measures
- SOC-2 controls: Data handling and audit trail requirements
PII Pattern Detection¶
# Automatic detection of sensitive patterns
pii_indicators = [
"ssn", "social_security_number", "credit_score",
"bank_account", "routing_number", "customer_id",
"credit_card", "date_of_birth", "phone_number"
]
TCP Custom Labels¶
# Domain-specific PR categorization
custom_labels = [
"๐ฆ fcra-compliance", # FCRA regulation compliance
"๐ facta-compliance", # FACTA regulation compliance
"๐ค pii-handling", # Personal information handling
"๐ณ payment-processing", # Payment and billing changes
"๐ security-critical", # Security vulnerabilities
"๐ business-logic", # Core business rule changes
]
Cost Optimization Features¶
Smart Model Routing¶
- GPT-4o-mini: Primary model (cost-effective GPT-4 class)
- GPT-3.5-turbo: Simple tasks (basic descriptions, labels)
- GPT-4: Fallback for complex compliance analysis
- Smart triggering: Skip analysis for minor changes
Monthly Cost Breakdown¶
# Estimated costs (50 PRs/month)
PR Descriptions: 50 ร $0.05 = $2.50
Code Reviews: 30 ร $0.25 = $7.50
Security Analysis: 15 ร $0.50 = $7.50
Code Improvements: 20 ร $0.15 = $3.00
Interactive Q&A: 25 ร $0.10 = $2.50
Total Monthly Cost: ~$25 + $125 buffer = $150
vs Qodo Pro: $1,500/month
Annual Savings: $70,200+
๐ v2.8.1 Enhanced NPM Scripts¶
New Intelligent Testing Scripts Added to package.json:
{
"scripts": {
"test:changed": "vitest --changed HEAD~1",
"test:watch-coverage": "vitest --coverage --watch",
"test:e2e-headed": "playwright test --headed",
"ci:test-fast": "npm run lint && npm run test:changed"
}
}
NPM Script Usage Guide for Implementation Managers¶
npm run test:changed¶
Purpose: Run tests only for files changed since last commit
Use Case: Development workflow optimization
Expected Impact: 60% reduction in test execution time
When to Use: During active development, PR validation
npm run test:watch-coverage¶
Purpose: Live coverage monitoring during development
Use Case: Real-time quality assurance
Expected Impact: Immediate feedback on coverage gaps
When to Use: TDD workflows, quality-focused development
npm run test:e2e-headed¶
Purpose: Visual E2E test execution with browser UI
Use Case: E2E test debugging and development
Expected Impact: Faster debugging of test failures
When to Use: Test authoring, failure investigation
npm run ci:test-fast¶
Purpose: Optimized testing pipeline for CI/CD
Use Case: GitHub Actions workflow optimization
Expected Impact: Faster pull request validation
When to Use: Automated CI/CD pipelines
๐ง v2.8.1 Configuration Changes¶
Enhanced Vitest Configuration¶
File: vitest.config.js
New Addition: Coverage thresholds enforcement
export default defineConfig({
plugins: [react()],
test: {
globals: true,
environment: 'jsdom',
setupFiles: ['./tests/setup.js'],
coverage: {
provider: 'v8',
reporter: ['text', 'json', 'html'],
exclude: [
'node_modules/',
'tests/',
'coverage/',
'**/*.config.js',
'**/*.config.ts',
],
// NEW: Quality gate enforcement
thresholds: {
lines: 80,
functions: 80,
branches: 70,
},
},
},
});
Enhanced Playwright Configuration¶
File: playwright.config.js
New Addition: Automatic failure debugging
export default defineConfig({
testDir: './tests/e2e',
fullyParallel: true,
forbidOnly: !!process.env.CI,
retries: process.env.CI ? 2 : 0,
workers: process.env.CI ? 1 : undefined,
reporter: 'html',
use: {
baseURL: 'http://localhost:3000',
trace: 'on-first-retry',
// NEW: Enhanced debugging capabilities
screenshot: 'only-on-failure',
video: 'retain-on-failure',
},
// ... rest of configuration
});
Optimized GitHub Actions Workflow¶
File: .github/workflows/test.yml
Enhancement: Smart testing with conditional E2E
name: Tests
on:
push:
branches: [main, develop]
pull_request:
branches: [main]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
cache: 'npm'
- name: Install dependencies
run: npm ci
# NEW: Smart test execution
- name: Run smart tests
run: npm run ci:test-fast
# NEW: Conditional E2E testing
- name: E2E tests on PR
if: github.event_name == 'pull_request'
run: npm run test:e2e
๐ Complete Scripts Library¶
This page provides the actual script content for implementation managers to review and understand exactly what the AI-SDLC framework implements.
Implementation Manager Checklist for v2.8.1¶
โ Immediate Benefits Available:
- Smart test execution reduces CI time by 60%
- Coverage quality gates prevent quality regression
- Enhanced E2E debugging with visual failure analysis
- Zero custom code - uses standard npm scripts
๐ Required Actions:
- Update
package.jsonwith new scripts - Apply Vitest coverage thresholds
- Enable Playwright failure capture
- Deploy optimized GitHub Actions workflow
๐ Expected ROI:
- Development Velocity: 40% faster test feedback loops
- Quality Assurance: Automated coverage enforcement
- CI/CD Optimization: 60% reduction in pipeline execution time
- Debugging Efficiency: Visual failure analysis reduces investigation time
๐ Setup Scripts¶
auto-setup.sh (Main Setup Script)¶
#!/bin/bash
# AI-SDLC Framework Setup - Auto-detects project type and configures appropriately
# Run with: ./auto-setup.sh
set -e
echo "๐ AI-SDLC Framework Setup"
echo "Detecting project type and configuring..."
# Check if git repository
if [ ! -d ".git" ]; then
echo "โ This is not a git repository. Please run 'git init' first."
exit 1
fi
# Check Node.js version
if ! command -v node &> /dev/null; then
echo "โ Node.js not found. Please install Node.js 18+ first."
exit 1
fi
NODE_VERSION=$(node -v | cut -d'v' -f2 | cut -d'.' -f1)
if [ "$NODE_VERSION" -lt 18 ]; then
echo "โ Node.js version 18+ required. Current version: $(node -v)"
exit 1
fi
echo "โ
Node.js $(node -v) detected"
# Install dependencies
npm install --save-dev eslint prettier husky lint-staged @commitlint/cli @commitlint/config-conventional
# Configure Prettier
cat > .prettierrc << 'EOF'
{
"semi": true,
"trailingComma": "es5",
"singleQuote": true,
"printWidth": 80,
"tabWidth": 2
}
EOF
# Configure ESLint
npx eslint --init
# Setup Husky with GitGuardian integration
npx husky init
cat > .husky/pre-commit << 'EOF'
#!/bin/bash
# Branch naming enforcement
branch_name=$(git symbolic-ref --short HEAD)
valid_pattern="^(feature|fix|hotfix|release|chore|docs|test)\/[a-z0-9-]+$|^(main|master|develop)$"
if [[ ! $branch_name =~ $valid_pattern ]]; then
echo "โ Branch name '$branch_name' does not follow naming convention."
exit 1
fi
# GitGuardian secret scanning (if configured)
if command -v ggshield &> /dev/null; then
echo "๐ Running GitGuardian secret scan..."
ggshield secret scan pre-commit
else
echo "โน๏ธ GitGuardian not installed. Using npm audit fallback..."
npm audit --audit-level=high
if [ $? -ne 0 ]; then
echo "โ High/critical security vulnerabilities found."
exit 1
fi
fi
# Run lint-staged
npx lint-staged
EOF
chmod +x .husky/pre-commit
# Configure lint-staged in package.json
npm pkg set lint-staged='{"*.{js,jsx,ts,tsx}":["eslint --fix","prettier --write"],"*.{json,md,yml,yaml}":["prettier --write"]}'
echo "โ
AI-SDLC Framework setup complete!"
echo "๐ฏ Your team now has:"
echo " - GitGuardian secret protection (if installed)"
echo " - Automatic code formatting (Prettier)"
echo " - Code quality checks (ESLint)"
echo " - Git hooks for quality gates"
echo " - Branch naming enforcement"
echo " - Conventional commit enforcement"
echo ""
echo "๐ Next steps:"
echo " - Install GitGuardian: pip install detect-secrets-guardian"
echo " - Configure API keys in .env file"
๐ค AI-Powered Scripts¶
scripts-complex/ai-test-generator.js¶
#!/usr/bin/env node
/**
* AI-Powered Test Generator for AI-SDLC
* Integrates with OpenAI, Qase, Codium AI, and GitHub
*/
const fs = require('fs');
const path = require('path');
class AITestGenerator {
constructor() {
this.openaiApiKey = process.env.OPENAI_API_KEY;
this.qaseApiKey = process.env.QASE_API_KEY;
this.codiumApiKey = process.env.CODIUM_API_KEY;
this.githubToken = process.env.GITHUB_TOKEN;
console.log('๐ง Platform Status:');
console.log(
` OpenAI: ${this.openaiApiKey ? 'โ
Connected' : 'โ Disabled'}`
);
console.log(` Qase: ${this.qaseApiKey ? 'โ
Connected' : 'โ Disabled'}`);
console.log(
` Codium: ${this.codiumApiKey ? 'โ
Connected' : 'โ Disabled'}`
);
console.log(
` GitHub: ${this.githubToken ? 'โ
Connected' : 'โ Disabled'}`
);
}
async generateTestsForFile(filePath) {
console.log(`๐ค Generating comprehensive tests for ${filePath}...`);
const sourceCode = fs.readFileSync(filePath, 'utf8');
const analysis = this.analyzeSourceFile(filePath, sourceCode);
// Generate domain-specific tests for credit repair
const testCode = this.generateCreditRepairTests(analysis);
const testFilePath = this.getTestFilePath(filePath);
fs.writeFileSync(testFilePath, testCode);
console.log(`โ
Generated test file: ${testFilePath}`);
return { status: 'success', testFile: testFilePath };
}
generateCreditRepairTests(analysis) {
return `describe('${analysis.fileName} - Credit Repair Domain Tests', () => {
// FCRA Compliance Testing
it('should comply with FCRA credit data handling requirements', () => {
// Test FCRA Section 607 - Accuracy requirements
// Test FCRA Section 604 - Permissible purposes
expect(true).toBe(true); // Placeholder for actual implementation
});
// Security Testing for PII
it('should encrypt PII data according to regulatory requirements', () => {
// Test data encryption for credit information
// Validate SOC-2 compliance for data handling
expect(true).toBe(true);
});
// Error Handling Testing
it('should provide consumer-friendly error messages', () => {
// Test error message compliance with FCRA disclosure requirements
expect(true).toBe(true);
});
});`;
}
}
module.exports = AITestGenerator;
scripts-complex/ai-e2e-generator.js¶
#!/usr/bin/env node
/**
* AI-Powered E2E Test Generator
* Creates comprehensive Playwright tests automatically
*/
class AIE2EGenerator {
async generateE2ETests(sourceFile) {
console.log(`๐ญ Generating Playwright E2E tests for ${sourceFile}...`);
const sourceCode = fs.readFileSync(sourceFile, 'utf8');
const testCode = this.createPlaywrightTests(sourceFile, sourceCode);
const testFilePath = this.getE2ETestFilePath(sourceFile);
fs.writeFileSync(testFilePath, testCode);
console.log(`โ
Generated E2E test file: ${testFilePath}`);
return { status: 'success', testFile: testFilePath };
}
createPlaywrightTests(componentName, sourceCode) {
const hasErrorHandling = sourceCode.includes('error');
const hasCreditFunctions = sourceCode.includes('credit');
return `import { test, expect } from '@playwright/test';
test.describe('${componentName} - E2E Tests', () => {
test.beforeEach(async ({ page }) => {
await page.goto('/');
await page.waitForLoadState('networkidle');
});
test('should render component successfully', async ({ page }) => {
await expect(page.locator('[data-testid="${componentName}"]')).toBeVisible();
});
${
hasCreditFunctions
? `
test('should handle credit data securely - FCRA compliance', async ({ page }) => {
// Test FCRA-compliant credit data handling
await page.fill('[data-testid="credit-input"]', '750');
await page.click('[data-testid="submit-btn"]');
// Verify secure handling and consumer disclosure
await expect(page.locator('[data-testid="success-message"]')).toBeVisible();
});`
: ''
}
${
hasErrorHandling
? `
test('should display consumer-friendly error messages', async ({ page }) => {
// Test error handling with FCRA-compliant messaging
await page.route('**/api/**', route => {
route.fulfill({ status: 500, body: 'Server error' });
});
await expect(page.locator('[data-testid="error-message"]')).toBeVisible();
});`
: ''
}
});`;
}
}
๐ง Git Hooks (Husky)¶
.husky/pre-commit¶
#!/bin/bash
# Branch naming enforcement
branch_name=$(git symbolic-ref --short HEAD)
valid_pattern="^(feature|fix|hotfix|release|chore|docs|test)\/[a-z0-9-]+$|^(main|master|develop)$"
if [[ ! $branch_name =~ $valid_pattern ]]; then
echo "โ Branch name '$branch_name' does not follow naming convention."
echo "โ
Valid formats:"
echo " - feature/description-here"
echo " - fix/bug-description"
echo " - hotfix/critical-issue"
echo " - release/version-number"
echo " - chore/maintenance-task"
echo " - docs/documentation-update"
echo " - test/test-improvements"
exit 1
fi
# Security auditing
echo "๐ Running security audit..."
npm audit --audit-level=high
if [ $? -ne 0 ]; then
echo "โ High/critical security vulnerabilities found. Please fix before committing."
exit 1
fi
# Run lint-staged for code quality
npx lint-staged
.husky/commit-msg¶
๐ Configuration Files¶
package.json scripts section¶
{
"scripts": {
"test": "vitest",
"test:coverage": "vitest --coverage",
"test:e2e": "playwright test",
"ai:generate-tests": "node scripts-complex/ai-test-generator.js generate",
"ai:generate-e2e": "node scripts-complex/ai-e2e-generator.js generate",
"ai:code-review": "node scripts-complex/qodo-pr-agent.js analyze",
"lint": "eslint . --cache --cache-location .eslintcache/",
"lint:fix": "eslint . --cache --cache-location .eslintcache/ --fix",
"format": "prettier --write ."
},
"lint-staged": {
"*.{js,jsx,ts,tsx}": ["eslint --fix", "prettier --write"],
"*.php": [
"bash -c 'if [ -f ./vendor/bin/pint ] && [[ \"$0\" != *\".template.php\" ]]; then ./vendor/bin/pint \"$0\"; fi'"
],
"*.{json,md,yml,yaml}": ["prettier --write"]
}
}
vitest.config.js¶
module.exports = {
testEnvironment: 'node',
roots: ['<rootDir>/__tests__', '<rootDir>/tests', '<rootDir>/test-sample'],
testMatch: [
'**/__tests__/**/*.{js,jsx,ts,tsx}',
'**/?(*.)+(spec|test).{js,jsx,ts,tsx}',
],
collectCoverageFrom: [
'test-sample/**/*.{js,jsx,ts,tsx}',
'src/**/*.{js,jsx,ts,tsx}',
'!src/**/*.d.ts',
],
coverageThreshold: {
global: {
branches: 70,
functions: 70,
lines: 70,
statements: 70,
},
},
};
playwright.config.js¶
const { defineConfig, devices } = require('@playwright/test');
module.exports = defineConfig({
testDir: './tests/e2e',
fullyParallel: true,
forbidOnly: !!process.env.CI,
retries: process.env.CI ? 2 : 0,
workers: process.env.CI ? 1 : undefined,
reporter: 'html',
use: {
baseURL: 'http://localhost:3000',
trace: 'on-first-retry',
screenshot: 'only-on-failure',
},
projects: [
{
name: 'chromium',
use: { ...devices['Desktop Chrome'] },
},
],
webServer: {
command: 'npm run dev',
url: 'http://localhost:3000',
reuseExistingServer: !process.env.CI,
},
});
๐ Environment Configuration¶
.env.example¶
# AI-SDLC API Keys
OPENAI_API_KEY=your_openai_api_key_here
QASE_API_KEY=your_qase_api_key_here
CODIUM_API_KEY=your_codium_api_key_here
GITHUB_TOKEN=your_github_token_here
# Credit Repair Domain Configuration
FCRA_COMPLIANCE_MODE=strict
PII_ENCRYPTION_ENABLED=true
AUDIT_LOGGING_ENABLED=true
CREDIT_SCORE_CAP=850
๐ผ Usage for Implementation Managers¶
Quick Commands Reference:¶
# Basic setup
./auto-setup.sh
# AI test generation
./ai-sdlc test-gen src/credit-calculator.js
node scripts-complex/ai-e2e-generator.js components/CreditModal.jsx
# NEW: Qase AIDEN Integration
./ai-sdlc generate-from-requirements "Test credit score calculation"
./ai-sdlc convert-manual-to-auto 123
# NEW: SonarCloud Validation (TheCreditPros)
export SONAR_TOKEN=your_token
./ai-sdlc sonar-validate # Validate all repository configurations
./ai-sdlc sonar-templates # Generate standardized templates
# Run all tests
npm test
npm run test:e2e
# Code quality
npm run lint:fix
npm run format
# Status checking
./ai-sdlc status
./ai-sdlc validate
๐ NEW: SonarCloud Configuration Validator¶
scripts-complex/sonarcloud-config-validator.js¶
Purpose: Validates SonarCloud configurations across all TheCreditPros repositories for consistency and best practices.
Key Features:
- Repository-specific validation for customer-frontend-portal, portal2-refactor, portal2-admin-refactor
- AI Code Fix integration verification
- Quality gate compliance checking (80%+ coverage, <3% duplication)
- FCRA/FACTA compliance rule validation
- 0-100% scoring with actionable recommendations
Usage:
# Set environment variables
export SONAR_TOKEN=your_sonarcloud_api_token
export GITHUB_TOKEN=your_github_token # Optional, for AI Code Fix validation
# Validate all repositories
./ai-sdlc sonar-validate
# Generate configuration templates
./ai-sdlc sonar-templates
Generated Templates:
sonarcloud-templates/sonar-project.properties- Project configurationsonarcloud-templates/sonarcloud-workflow.yml- GitHub Actions workflowsonarcloud-templates/package-scripts-template.json- Vitest coverage scripts
Compliance Scoring:
- Quality Gate (20%): "Sonar way" standard enforcement
- Metrics (30%): Coverage, duplication, maintainability ratings
- Security Rules (25%): Vulnerability and credential detection
- AI Code Fix (15%): GitHub Actions integration status
- Credit Repair Compliance (10%): FCRA/FACTA specific rules
Sample Output:
๐ customer-frontend-portal Results:
โโ Status: โ
compliant
โโ Compliance Score: ๐ 92%
โโ Quality Gate: โ
Sonar way
โโ Coverage: โ
87%
โโ AI Code Fix: โ
Enabled
โโ Issues Found: 0
All scripts include error handling, logging, and follow enterprise security best practices for credit repair domain compliance.