infrastructure-documenter

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

Infrastructure Documenter Skill

Overview

概述

This skill helps you create clear, maintainable infrastructure documentation. Covers architecture diagrams, runbooks, system documentation, operational procedures, and documentation-as-code practices.

本Skill可帮助你创建清晰、易维护的基础设施文档，涵盖架构图、运行手册、系统文档、操作流程以及文档即代码实践。

Documentation Philosophy

文档理念

Principles

原则

Living documentation: Keep it in sync with reality
Audience-aware: Different docs for different readers
Actionable: Every doc should help someone do something
Version-controlled: Documentation changes tracked with code

活文档：与实际系统保持同步
受众导向：为不同读者定制不同文档
可落地执行：每份文档都要能帮助读者完成具体操作
版本可控：文档变更与代码一同被追踪

Document Types

文档类型

Type	Audience	Purpose
Architecture	Engineers	Understand system design
Runbooks	Ops/SRE	Handle incidents
API Docs	Developers	Integrate with system
Onboarding	New hires	Get up to speed
Decision Records	Future you	Understand why

文档类型	受众	用途
架构文档	工程师	理解系统设计
运行手册	运维/SRE	处理事件
API文档	开发者	与系统集成
入职文档	新员工	快速上手
决策记录	未来的自己	理解决策缘由

Architecture Documentation

架构文档

System Architecture Overview

系统架构概述

markdown

undefined

markdown

undefined

System Architecture

系统架构

Overview

概述

[Project Name] is a [type] application that [purpose].

[项目名称]是一款[类型]应用，主要用于[用途]。

High-Level Architecture

高层架构

┌─────────────────────────────────────────────────────────────┐
│                        Users                                 │
└─────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────┐
│                      Vercel Edge                             │
│  ┌─────────────────┐  ┌─────────────────┐                   │
│  │   Next.js App   │  │  Edge Functions │                   │
│  └─────────────────┘  └─────────────────┘                   │
└─────────────────────────────────────────────────────────────┘
                              │
              ┌───────────────┼───────────────┐
              ▼               ▼               ▼
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│    Supabase     │ │      Redis      │ │    Stripe       │
│  - PostgreSQL   │ │  - Session      │ │  - Payments     │
│  - Auth         │ │  - Cache        │ │  - Webhooks     │
│  - Realtime     │ │                 │ │                 │
│  - Storage      │ │                 │ │                 │
└─────────────────┘ └─────────────────┘ └─────────────────┘

┌─────────────────────────────────────────────────────────────┐
│                        Users                                 │
└─────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────┐
│                      Vercel Edge                             │
│  ┌─────────────────┐  ┌─────────────────┐                   │
│  │   Next.js App   │  │  Edge Functions │                   │
│  └─────────────────┘  └─────────────────┘                   │
└─────────────────────────────────────────────────────────────┘
                              │
              ┌───────────────┼───────────────┐
              ▼               ▼               ▼
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│    Supabase     │ │      Redis      │ │    Stripe       │
│  - PostgreSQL   │ │  - Session      │ │  - Payments     │
│  - Auth         │ │  - Cache        │ │  - Webhooks     │
│  - Realtime     │ │                 │ │                 │
│  - Storage      │ │                 │ │                 │
└─────────────────┘ └─────────────────┘ └─────────────────┘

Components

组件说明

Frontend (Next.js App)

前端（Next.js App）

Location: Vercel Edge Network
Framework: Next.js 14 (App Router)
Styling: Tailwind CSS + shadcn/ui
State: Zustand + React Query

部署位置：Vercel Edge Network
框架：Next.js 14（App Router）
样式方案：Tailwind CSS + shadcn/ui
状态管理：Zustand + React Query

Backend Services

后端服务

Service	Provider	Purpose
Database	Supabase	PostgreSQL with RLS
Auth	Supabase Auth	User authentication
Storage	Supabase Storage	File uploads
Cache	Upstash Redis	Session & API cache
Payments	Stripe	Subscriptions
Email	Resend	Transactional emails

服务	提供商	用途
数据库	Supabase	带有RLS的PostgreSQL
认证	Supabase Auth	用户认证
存储	Supabase Storage	文件上传
缓存	Upstash Redis	会话与API缓存
支付	Stripe	订阅服务
邮件	Resend	事务性邮件

Data Flow

数据流

User request → Vercel Edge
SSR/API Route processes request
Database queries via Supabase client
Response cached at edge (when applicable)
Response returned to user

用户请求 → Vercel Edge
SSR/API路由处理请求
通过Supabase客户端查询数据库
边缘节点缓存响应（如适用）
向用户返回响应

Security

安全机制

Authentication Flow

认证流程

User signs in via Supabase Auth
JWT token issued and stored in cookie
Server validates token on each request
RLS policies enforce data access

用户通过Supabase Auth登录
系统颁发JWT令牌并存储在Cookie中
服务器在每次请求时验证令牌
RLS策略强制数据访问权限

Data Protection

数据保护

All data encrypted at rest (AES-256)
TLS 1.3 for data in transit
Secrets stored in Vercel environment
PII fields encrypted in database

undefined

所有静态数据采用AES-256加密
传输数据使用TLS 1.3协议
密钥存储在Vercel环境变量中
数据库中的PII字段被加密

undefined

Mermaid Diagrams

Mermaid图表

markdown

undefined

markdown

undefined

Request Flow

请求流程

mermaid

sequenceDiagram
    participant U as User
    participant V as Vercel
    participant N as Next.js
    participant S as Supabase
    participant R as Redis

    U->>V: HTTPS Request
    V->>N: Route to App

    alt Cached Response
        N->>R: Check Cache
        R-->>N: Cache Hit
        N-->>U: Return Cached
    else Cache Miss
        N->>S: Query Database
        S-->>N: Data
        N->>R: Store in Cache
        N-->>U: Return Response
    end

mermaid

sequenceDiagram
    participant U as User
    participant V as Vercel
    participant N as Next.js
    participant S as Supabase
    participant R as Redis

    U->>V: HTTPS Request
    V->>N: Route to App

    alt Cached Response
        N->>R: Check Cache
        R-->>N: Cache Hit
        N-->>U: Return Cached
    else Cache Miss
        N->>S: Query Database
        S-->>N: Data
        N->>R: Store in Cache
        N-->>U: Return Response
    end

Database Schema

数据库Schema

mermaid

erDiagram
    users ||--o{ projects : owns
    users {
        uuid id PK
        text email
        text name
        timestamp created_at
    }
    projects ||--o{ tasks : contains
    projects {
        uuid id PK
        uuid user_id FK
        text name
        text status
    }
    tasks {
        uuid id PK
        uuid project_id FK
        text title
        boolean completed
    }

undefined

mermaid

erDiagram
    users ||--o{ projects : owns
    users {
        uuid id PK
        text email
        text name
        timestamp created_at
    }
    projects ||--o{ tasks : contains
    projects {
        uuid id PK
        uuid user_id FK
        text name
        text status
    }
    tasks {
        uuid id PK
        uuid project_id FK
        text title
        boolean completed
    }

undefined

Runbooks

运行手册

Runbook Template

运行手册模板

markdown

undefined

markdown

undefined

Runbook: [Service Name] - [Issue Type]

运行手册：[服务名称] - 【问题类型】

Overview

概述

Brief description of the issue and when this runbook applies.

简要描述问题内容及本手册的适用场景。

Severity

严重等级

P1 (Critical): Complete outage
P2 (High): Degraded service
P3 (Medium): Minor impact
P4 (Low): No user impact

P1（Critical，紧急）：服务完全中断
P2（High，高）：服务性能降级
P3（Medium，中）：影响较小
P4（Low，低）：无用户影响

Detection

检测方式

How this issue is typically detected:

Alert from [monitoring system]
User report
Automated check failure

该问题的典型检测途径：

来自[监控系统]的告警
用户反馈
自动化检查失败

Impact Assessment

影响评估

Users affected: All / Segment / None
Data at risk: Yes / No
Revenue impact: High / Medium / Low / None

受影响用户：全部/部分/无
数据风险：是/否
收入影响：高/中/低/无

Prerequisites

前置条件

Access to [system/dashboard]
Credentials for [service]
Contact info for [team/person]

拥有[系统/仪表盘]的访问权限
持有[服务]的凭证
掌握[团队/人员]的联系方式

Resolution Steps

解决步骤

Step 1: Verify the Issue

步骤1：验证问题

bash

undefined

bash

undefined

Check service status

检查服务状态

curl -I https://api.example.com/health

Check logs

查看日志

vercel logs --follow

undefined

vercel logs --follow

undefined

Step 2: Identify Root Cause

步骤2：定位根因

Step 3: Apply Fix

步骤3：实施修复

If Database Issue:

若为数据库问题：

bash

undefined

bash

undefined

Check connection count

检查连接数

SELECT count(*) FROM pg_stat_activity;

Kill idle connections

终止空闲连接

SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE state = 'idle' AND query_start < now() - interval '1 hour';

undefined

SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE state = 'idle' AND query_start < now() - interval '1 hour';

undefined

If Bad Deployment:

若为部署失败：

bash

undefined

bash

undefined

Rollback to previous deployment

回滚到上一个版本

vercel rollback

undefined

vercel rollback

undefined

Step 4: Verify Fix

步骤4：验证修复效果

bash

undefined

bash

undefined

Check service health

检查服务健康状态

curl https://api.example.com/health

Monitor error rates for 15 minutes

监控错误率15分钟

undefined

undefined

Escalation

升级流程

If unable to resolve within 30 minutes:

Page on-call engineer: [contact]
Notify stakeholders in #incidents
Update status page

若30分钟内无法解决：

呼叫值班工程师：[联系方式]
在#incidents频道通知相关人员
更新状态页面

Post-Incident

事件后处理

Create incident report
Schedule post-mortem (P1/P2 only)
Update this runbook if needed

创建事件报告
安排事后复盘（仅P1/P2事件）
如有需要，更新本运行手册

Runbook: Database Performance Issues

运行手册：数据库性能问题

Symptoms

症状

Slow API responses (>1s)
Timeout errors in logs
High database CPU in dashboard

API响应缓慢（超过1秒）
日志中出现超时错误
仪表盘显示数据库CPU使用率过高

Quick Checks

快速检查

1. Check Active Connections

1. 检查活跃连接

sql

SELECT
  state,
  count(*),
  max(now() - query_start) as max_duration
FROM pg_stat_activity
GROUP BY state;

sql

SELECT
  state,
  count(*),
  max(now() - query_start) as max_duration
FROM pg_stat_activity
GROUP BY state;

2. Find Long-Running Queries

2. 查找长时运行的查询

sql

SELECT
  pid,
  now() - query_start AS duration,
  query
FROM pg_stat_activity
WHERE state = 'active'
  AND now() - query_start > interval '30 seconds'
ORDER BY duration DESC;

sql

SELECT
  pid,
  now() - query_start AS duration,
  query
FROM pg_stat_activity
WHERE state = 'active'
  AND now() - query_start > interval '30 seconds'
ORDER BY duration DESC;

3. Check Table Sizes

3. 检查表大小

sql

SELECT
  schemaname,
  tablename,
  pg_size_pretty(pg_total_relation_size(schemaname || '.' || tablename)) as size
FROM pg_tables
WHERE schemaname = 'public'
ORDER BY pg_total_relation_size(schemaname || '.' || tablename) DESC
LIMIT 10;

sql

SELECT
  schemaname,
  tablename,
  pg_size_pretty(pg_total_relation_size(schemaname || '.' || tablename)) as size
FROM pg_tables
WHERE schemaname = 'public'
ORDER BY pg_total_relation_size(schemaname || '.' || tablename) DESC
LIMIT 10;

4. Check Missing Indexes

4. 检查缺失的索引

sql

SELECT
  relname,
  seq_scan,
  idx_scan,
  seq_scan - idx_scan AS difference
FROM pg_stat_user_tables
WHERE seq_scan > idx_scan
ORDER BY difference DESC;

sql

SELECT
  relname,
  seq_scan,
  idx_scan,
  seq_scan - idx_scan AS difference
FROM pg_stat_user_tables
WHERE seq_scan > idx_scan
ORDER BY difference DESC;

Resolution

解决方法

Kill Problematic Queries

终止有问题的查询

sql

SELECT pg_terminate_backend(pid)
FROM pg_stat_activity
WHERE pid = [PID_FROM_ABOVE];

sql

SELECT pg_terminate_backend(pid)
FROM pg_stat_activity
WHERE pid = [PID_FROM_ABOVE];

Add Missing Index

添加缺失的索引

sql

CREATE INDEX CONCURRENTLY idx_table_column
ON table_name (column_name);

undefined

sql

CREATE INDEX CONCURRENTLY idx_table_column
ON table_name (column_name);

undefined

Decision Records (ADRs)

决策记录（ADRs）

ADR Template

ADR模板

markdown

undefined

markdown

undefined

ADR-001: Choose Supabase for Database

ADR-001：选择Supabase作为数据库

Status

状态

Accepted

已接受

Context

背景

We need a database solution for [Project Name] that supports:

PostgreSQL compatibility
Real-time subscriptions
Built-in authentication
Easy local development
Generous free tier

我们需要为[项目名称]选择一款数据库解决方案，需支持：

PostgreSQL兼容性
实时订阅
内置认证
便捷的本地开发
免费额度充足

Decision

决策

We will use Supabase as our primary database and auth provider.

我们将使用Supabase作为主要数据库和认证提供商。

Alternatives Considered

备选方案评估

PlanetScale

Pros:

Excellent scaling
Branching for schema changes
MySQL compatible

Cons:

No built-in auth
No real-time subscriptions
Additional services needed

优点：

出色的扩展性
支持分支式Schema变更
兼容MySQL

缺点：

无内置认证
无实时订阅功能
需要额外服务支持

Firebase

Pros:

Real-time built-in
Mature platform
Good mobile SDKs

Cons:

NoSQL (not ideal for our use case)
Vendor lock-in concerns
Complex security rules

优点：

内置实时功能
成熟的平台
优秀的移动SDK

缺点：

NoSQL（不符合我们的使用场景）
存在供应商锁定风险
安全规则复杂

Consequences

后果

Positive

积极影响

Single provider for DB + Auth + Storage
Great developer experience
Row Level Security for data protection
Local development with supabase CLI

单一提供商即可满足数据库+认证+存储需求
优秀的开发者体验
行级安全策略保障数据安全
可通过Supabase CLI进行本地开发

Negative

负面影响

PostgreSQL-specific features tie us to provider
Supabase still maturing (some rough edges)
Limited to their managed offering

PostgreSQL特定功能会让我们依赖该提供商
Supabase仍在发展中（存在一些不完善的地方）
仅限于其托管服务

Risks

风险

Supabase scaling limitations at high traffic
Migration cost if we need to move

高流量场景下Supabase的扩展性限制
若需迁移，成本较高

References

参考资料

undefined

undefined

API Documentation

API文档

Endpoint Documentation

端点文档

markdown

undefined

markdown

undefined

API Reference

API参考

Base URL

基础URL

Production: https://api.example.com/v1
Staging: https://staging-api.example.com/v1

生产环境：https://api.example.com/v1
预发布环境：https://staging-api.example.com/v1

Authentication

认证

All API requests require authentication via Bearer token.

bash

curl -H "Authorization: Bearer YOUR_TOKEN" \
  https://api.example.com/v1/users

所有API请求都需要通过Bearer令牌进行认证。

bash

curl -H "Authorization: Bearer YOUR_TOKEN" \
  https://api.example.com/v1/users

Endpoints

端点

Users

用户

Get Current User

获取当前用户

GET /users/me

Response:

json

{
  "id": "usr_123",
  "email": "user@example.com",
  "name": "John Doe",
  "created_at": "2024-01-01T00:00:00Z"
}

GET /users/me

响应：

json

{
  "id": "usr_123",
  "email": "user@example.com",
  "name": "John Doe",
  "created_at": "2024-01-01T00:00:00Z"
}

Update User

更新用户信息

PATCH /users/me

Request Body:

Field	Type	Required	Description
name	string	No	Display name
avatar_url	string	No	Profile image URL

Example:

bash

curl -X PATCH \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "Jane Doe"}' \
  https://api.example.com/v1/users/me

PATCH /users/me

请求体：

字段	类型	是否必填	描述
name	string	否	显示名称
avatar_url	string	否	头像URL

示例：

bash

curl -X PATCH \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"name": "Jane Doe"}' \
  https://api.example.com/v1/users/me

Error Responses

错误响应

Status	Code	Description
400	BAD_REQUEST	Invalid request body
401	UNAUTHORIZED	Missing or invalid token
403	FORBIDDEN	Insufficient permissions
404	NOT_FOUND	Resource not found
429	RATE_LIMITED	Too many requests
500	INTERNAL_ERROR	Server error

Error Response Format:

json

{
  "error": {
    "code": "NOT_FOUND",
    "message": "User not found"
  }
}

undefined

状态码	错误码	描述
400	BAD_REQUEST	请求体无效
401	UNAUTHORIZED	令牌缺失或无效
403	FORBIDDEN	权限不足
404	NOT_FOUND	资源不存在
429	RATE_LIMITED	请求过于频繁
500	INTERNAL_ERROR	服务器错误

错误响应格式：

json

{
  "error": {
    "code": "NOT_FOUND",
    "message": "User not found"
  }
}

undefined

Environment Documentation

环境文档

Environment Matrix

环境矩阵

markdown

undefined

markdown

undefined

Environments

环境

Overview

概述

Environment	URL	Purpose	Deploy
Production	https://myapp.com	Live users	Manual (main)
Staging	https://staging.myapp.com	Pre-release testing	Auto (main)
Preview	https://pr-*.vercel.app	PR review	Auto (PR)
Development	http://localhost:3000	Local dev	Manual

环境	URL	用途	部署方式
生产环境	https://myapp.com	面向真实用户	手动（main分支）
预发布环境	https://staging.myapp.com	发布前测试	自动（main分支）
预览环境	https://pr-*.vercel.app	PR评审	自动（PR分支）
开发环境	http://localhost:3000	本地开发	手动

Configuration

配置

Production

生产环境

env

NODE_ENV=production
DATABASE_URL=[Supabase Production]
NEXT_PUBLIC_APP_URL=https://myapp.com

env

NODE_ENV=production
DATABASE_URL=[Supabase Production]
NEXT_PUBLIC_APP_URL=https://myapp.com

Staging

预发布环境

env

NODE_ENV=production
DATABASE_URL=[Supabase Staging Branch]
NEXT_PUBLIC_APP_URL=https://staging.myapp.com

env

NODE_ENV=production
DATABASE_URL=[Supabase Staging Branch]
NEXT_PUBLIC_APP_URL=https://staging.myapp.com

Development

开发环境

env

NODE_ENV=development
DATABASE_URL=[Local Supabase]
NEXT_PUBLIC_APP_URL=http://localhost:3000

env

NODE_ENV=development
DATABASE_URL=[Local Supabase]
NEXT_PUBLIC_APP_URL=http://localhost:3000

Access

访问权限

Production

生产环境

Vercel: Admin only
Database: Read-only for devs, write for admin
Logs: All engineers

Vercel：仅管理员可访问
数据库：开发者只读，管理员可写
日志：所有工程师均可访问

Staging

预发布环境

Vercel: All engineers
Database: All engineers
Logs: All engineers

Vercel：所有工程师均可访问
数据库：所有工程师均可访问
日志：所有工程师均可访问

Secrets Rotation

密钥轮换

Secret	Rotation	Last Rotated
Database password	90 days	2024-01-15
API keys	90 days	2024-01-15
JWT secret	Never	Initial setup

undefined

密钥	轮换周期	上次轮换时间
数据库密码	90天	2024-01-15
API密钥	90天	2024-01-15
JWT密钥	从不	初始设置时

undefined

Documentation-as-Code

文档即代码

Documentation Structure

文档结构

docs/
├── README.md                 # Documentation index
├── architecture/
│   ├── overview.md           # System architecture
│   ├── data-flow.md          # Data flow diagrams
│   └── decisions/            # ADRs
│       ├── 001-database.md
│       └── 002-hosting.md
├── runbooks/
│   ├── README.md             # Runbook index
│   ├── database.md           # Database issues
│   ├── deployment.md         # Deployment issues
│   └── outage.md             # Service outage
├── api/
│   └── reference.md          # API documentation
└── onboarding/
    ├── setup.md              # Local setup
    └── contributing.md       # How to contribute

docs/
├── README.md                 # 文档索引
├── architecture/
│   ├── overview.md           # 系统架构
│   ├── data-flow.md          # 数据流图
│   └── decisions/            # ADRs
│       ├── 001-database.md
│       └── 002-hosting.md
├── runbooks/
│   ├── README.md             # 运行手册索引
│   ├── database.md           # 数据库问题
│   ├── deployment.md         # 部署问题
│   └── outage.md             # 服务中断
├── api/
│   └── reference.md          # API文档
└── onboarding/
    ├── setup.md              # 本地搭建
    └── contributing.md       # 贡献指南

Auto-Generated Documentation

自动生成文档

yaml

undefined

yaml

undefined

.github/workflows/docs.yml

name: Generate Docs

on: push: branches: [main] paths: - 'src/' - 'docs/'

jobs: generate-docs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4

  - name: Generate API docs from OpenAPI
    run: |
      npx @redocly/cli build-docs openapi.yaml \
        --output docs/api/index.html

  - name: Generate TypeDoc
    run: npx typedoc --out docs/api/typescript

  - name: Deploy to GitHub Pages
    uses: peaceiris/actions-gh-pages@v3
    with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      publish_dir: ./docs

undefined

name: Generate Docs

on: push: branches: [main] paths: - 'src/' - 'docs/'

jobs: generate-docs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4

  - name: Generate API docs from OpenAPI
    run: |
      npx @redocly/cli build-docs openapi.yaml \
        --output docs/api/index.html

  - name: Generate TypeDoc
    run: npx typedoc --out docs/api/typescript

  - name: Deploy to GitHub Pages
    uses: peaceiris/actions-gh-pages@v3
    with:
      github_token: ${{ secrets.GITHUB_TOKEN }}
      publish_dir: ./docs

undefined

Documentation Checklist

文档检查清单

Architecture Docs

架构文档

Operational Docs

运维文档

Developer Docs

开发者文档

Maintenance

维护

When to Use This Skill

何时使用本Skill

Invoke this skill when:

Creating architecture documentation
Writing runbooks for operations
Documenting decision rationale (ADRs)
Setting up documentation structure
Creating onboarding materials
Building automated documentation
Planning incident response procedures

在以下场景中调用本Skill：

创建架构文档
编写运维运行手册
记录决策依据（ADRs）
搭建文档结构
创建入职材料
构建自动化文档
规划事件响应流程