What is this?
The FabricBloc Developer Hub is the single entry point for engineering context. It replaces scattered Notion pages, Confluence wikis, and bookmarked GitHub links with one dashboard that answers three questions:
1. Is the platform healthy?
2. Am I set up correctly?
3. Where do I find what I need?
How to use it
- Overview
- Platform health, quick start, architecture, all repositories
- Map
- Interactive architecture visualization (pan, zoom, click to drill down)
- APIs
- Service API documentation grouped by layer (Product, Platform, Infrastructure)
- Contracts
- Solidity smart contract ABIs and deployment data
- Events
- CloudEvents schema catalog across all services
- Tools
- Claude Code plugins, MCP server, AI agent access, getting started guides
- Infrastructure
- Local development infrastructure (Docker, PostgreSQL, Redis, Grafana, Jaeger)
- Team
- Contributor profiles and activity from GitHub
Key principle: No hardcoded data
Everything on this dashboard comes from generated JSON files produced by the docs
pipeline (make generate).
Service catalogs, event schemas, contract ABIs, and compliance scores are all derived
from the actual codebase -- not manually maintained lists.
The MCP advantage
The FabricBloc MCP server gives Claude access to ALL platform APIs, events, and contracts without cloning every repo. A developer working on one service can ask Claude about any other service's endpoints, events, or contracts through the MCP connection. This eliminates the need to pull 15+ repos on a weak machine.
Phase 2 (shipped)
- GitHub API integration -- deploy triggers, CI status, PR activity, contributor profiles
- Activity feed -- recent commits, who's working on what
Phase 3 roadmap
- Grafana metrics -- service health, error rates, latency pulled from dashboards
- Real-time updates -- WebSocket for live health dots (currently snapshot-based)
Configuration:
docs.config.yamlGeneration:
make generateLocal preview:
make serve
FabricBloc — Internal Developer Hub
Product Readiness
Engineering Quality (compliance scan)
- Overall
- Weighted average of all categories across every scanned service.
- Security
- HMAC validation, JWT handling, secret leakage, auth middleware (SOC2 CC6).
- Arch
- DDD layer boundaries (api→app→business→foundation), bounded contexts, import direction.
- Ops
- Health checks, deploy status, observability (tracing, metrics, logs), runbooks.
- Data
- Data integrity, migrations, audit trails, encryption at rest (SOC2 C1/P1).
- Conv
- Makefile targets, CLAUDE.md compliance, naming conventions, service scaffolding.
compliance-scanner.sh. Scores are 0–100, higher is better.No map data
Run this command, then refresh the page:
make generate
Contracts
Events
Glossary
Platform and business terminology. Use these terms consistently across code, docs, issues, and conversations.
Quick Jump
For AI agents
<link rel="alternate"> tags in <head>. The list below mirrors that catalog for humans + crawlers.
sitemap.json for the full inventory.
MCP server available for tool-style access (bun run mcp/server.ts, stdio) — no hosting cost, but requires .mcp.json setup. The links above need neither.
- Platform-wide activity
- Weekly commits across every scanned repo, stacked by service category (products, platform, infra, other). Shows whether the team is trending toward product work, platform work, or infra work over time.
- Quality × Productivity quadrant
- Each dot is a contributor. X axis is raw output (commits + PRs merged + reviews given). Y axis is a quality composite: conventional-commit % + merge rate + cycle time. Dot color is their dominant architecture layer, dot size is lines changed. The dashed lines are the team medians.
- Engineering excellence (DORA)
- Four canonical metrics from the DORA research program. Deploy frequency — how often you ship (elite teams: multiple/day; high: weekly; medium: monthly; low: < monthly). Lead time for changes — time from first commit to production (elite: <1d; high: <1w; medium: <1m; low: >1m). MTTR — time to recover from a failed deploy (elite: <1h; high: <1d; medium: <1w; low: >1w). Change failure rate — % of deploys that required a hotfix or rollback (elite: 0–15%; medium: 16–30%; low: >30%). These are platform-level signals, never attributed to individuals.
- Security posture
- Dependabot alerts flag vulnerable dependencies in each service. Severity is reported upstream (critical / high / medium / low). Oldest open is the age in days of the longest-unresolved alert for that service — a freshness signal that catches backlogs growing stale. Patched (7d) is the count of alerts resolved in the last week — a throughput signal. Critical and high open counts at the platform level are the riskiest to fix first. This data comes from the same API the drift-finder uses; this view is visibility-only — it does not file issues.
- Growth quadrants
- Crushing it = high quality + high output. Precision over volume = high quality, small batches. Volume over precision = lots of output, room to polish. Growth opportunity = room to grow on both axes. All framing is growth-oriented — this is a coaching tool, not a scoreboard.
- Leaderboards
- Three angles on "who's doing the work": total commits, foundation touches (architecture depth), and reviews given (the invisible work that keeps quality high).
- Service bus factor
- The number of distinct contributors who touched a service in the window. Bus factor 1 means one person owns the whole service — if they take PTO or move on, the service is orphaned. It's a risk metric: the higher, the healthier.
- Layer colors
- Platform-wide chart (service categories):
■ products ■ platform ■ infra ■ other
Quadrant dots + per-person donuts (DDD layers):
■ api ■ app ■ business ■ foundation ■ other
make analytics refreshes the data.Platform-wide activity
Quality × Productivity
Engineering excellence
Security posture
Service bus factor
Prerequisites
Three tools required before you can run any FabricBloc service locally.
- Install:
brew install --cask 1password - Install CLI:
brew install --cask 1password/tap/1password-cli - Enable: Settings → Developer → "Integrate with 1Password CLI"
- Verify:
op vault list
- Install:
brew install --cask tailscale - Connect to FabricBloc network
- Split DNS:
10.50.0.2forrds.amazonaws.com(exit node ON)
- Install:
brew install --cask docker - Clone:
git clone BloclabsHQ/fabric-dev-stack - Setup:
make setup && make pull - Start:
make up
Port Allocation
All services listen on 8094 internally. Docker maps external ports for local dev.
Traffic Routing
Two paths into services. External traffic goes through Kong (JWT, rate limits, HMAC). Internal service-to-service uses the ALB (no JWT, HMAC only).
api.dev.fabricbloc.com→ JWT validated · Rate limited · HMAC signed
→ Service
internal-api:8000→ VPC only · No JWT · HMAC required
→ Service B
Stack Components
▶ Architecture Reference Principles · networking · secrets
op run only. Never on disk.fabric-events:8094 → Service BDev/Prod: Service A →
internal-api.dev.fabricbloc.com:8000 → Service B
.env.op.testnet (op:// URIs)↓
op runProcess memory
AWS Secrets Manager ↓ Terraform
ECS env vars
.env files with real secrets. 1Password and process memory only.
Team
Contributor profiles from GitHub — repos, PRs, recent activity per person. Data from platform-state.json.
Network Access
Every URL falls into one of three zones. If you're unsure whether something should be public, it probably shouldn't be.
Route Exposure
Kong routes on api.dev.fabricbloc.com. Host-restricted routes only respond on listed hosts.
Service Status
CI Health
Workflow status across services. Deep analysis in Grafana CI Dashboard.
▶ Operations Guide Secrets · credentials · redeploy
Secrets flow from 1Password → AWS Secrets Manager → ECS via GitHub Actions in fabric-iac.
Credential management and deployment workflows. Secrets flow from 1Password → AWS Secrets Manager → ECS via GitHub Actions in fabric-iac.
- 1Password → vault
01-fabricbloc→ itemFabric-{Service}-Env-Dev - Add field (name = ENV_VAR, value = secret)
- Update
fabric-iac/dev/fabric/terragrunt.hcl— add tosecretsblock
Open in GitHub →
↓ sync-dev.yaml (GitHub Actions)
AWS Secrets Manager fabric-dev/1password/fabric-{service}
↓ fabric-dev-apply.yml (Terraform)
ECS Task Definition → container env vars
Item naming:
Fabric-{ServiceName}-Env-{Dev|Prod}AWS path:
fabric-{stage}/1password/fabric-{service}