Dhwani RIS · DevOps for AI-SDLC Full document →

AI-SDLC · Streams 3 + 4 · Ankit

DevOps support for
the AI-SDLC at Dhwani RIS

Aligned with Prody's Stage A pitch. DevOps owns two streams (Stage C Testing & Performance, plus always-on Operate), acts as one of three always-on verticals, and bridges the streams so artefacts don't fall on the floor.

Prepared by Dhwani RIS DevOps · Closing Session 2/2 · 14 May 2026

Press to start · F for fullscreen

01

The AI-SDLC runs as five parallel streams

Stream 1 SDLC RGPrody · pitched today Stream 2 Dev & TestingEngineering · TBD owner Stream 3 Testing & PerfAnkit · Stage C Stream 4 DevOps + ObsAnkit · always-on Stream 5 KMDeepak

Ankit owns Streams 3 + 4. Plus DevOps is one of three always-on verticals (KM · PG · DevOps) that check every phase of every stage.

02

Three personas · three always-on verticals

PB

Product Builder

Drives Steps 1–8 · drafts Tech Spec.

AR

Architect

Signs off Sol Doc · reviewer, not implementer.

AM

Account Manager

Owns client + intent · Kickoff to Go-Live handover.

KM

Knowledge Management

Stream 5 · Deepak. Files every artefact for reuse.

PG

Project Governance

SteerCo · sign-offs · escalation paths · version log.

DO

DevOps + Observability

Streams 3 + 4 · Ankit. Repo scaffolding · CI · Operate.

03

Stage A · 10 RG steps in 3 phases

Phase 1 · Intent

What does the client actually want?

  • 1 · Kickoff & Stakeholder Map
  • 2 · Discovery Interviews & MoM
  • 3 · Project Charter

Gate: Signed Project Charter

Phase 2 · Solutioning

What will we build to meet it?

  • 4 · Functional Requirements
  • 5 · User Roles & Auth Matrix
  • 6 · Process Workflows
  • 7 · Data Model & Interfaces
  • 8 · Wireframes & UX

Gate: Sol Doc §5.3–§5.9

Phase 3 · TRD Setup

How does engineering pick it up?

  • 9 · Solution Document Drafting
  • 10 · Sol Doc Review & Sign-off

Gate: §5.11 · §5.12 · §5.16 (TRD seeds)

Every step ships one Tool + one named Skill + one Owner. DevOps plugs in at every step as a vertical, and at Steps 4, 5, 7, 9 specifically as the data-flow owner.

04

Beyond Stage A · Streams 2, 3, 4 + the glue

Stream 2 · Stage B

SDLC Dev & Testing — Engineering-led. DevOps supports as vertical: AI-aware code guardrails · self-serve envs < 15 min · pre-commit baseline.

Stream 3 · Stage C Ankit

SDLC Testing & Performance — DevOps' second stream. Proposal: 3 phases, 8 steps (next slide). Kotwal-anchored security gate.

Stream 4 · always-on Ankit

Operate Layer — runtime, Mukhbir, default observability, status pages, weekly + monthly auto-reports, blameless retros.

Inter-stream glue

Skills that bridge handoffs: RG→Dev, Dev→Testing, Testing→Operate, Operate→KM. ~14 new *-author skills (slide 8).

05

Stage C · DevOps proposal — 3 phases, 8 steps

Phase C-1 · Functional

Does it do what the Sol Doc said?

  • C-1 · E2E test execution (Playwright)
  • C-2 · Client UAT sign-off

Gate: Critical journeys 100% · UAT signed

Phase C-2 · Non-Functional

Does it behave under load & attack?

  • C-3 · Performance baseline (k6)
  • C-4 · Load test at peak × 1.5
  • C-5 · Security scan (Kotwal + Semgrep + ZAP + Trivy)
  • C-6 · Compliance audit (govt projects)

Gate: p95 ≤ target · err < 1% · 0 crit/high

Phase C-3 · Readiness

Can we promote, defensibly?

  • C-7 · Evidence packet assembly
  • C-8 · Release Readiness Report sign-off

Gate: RRR signed by TL · QA · Sec · DevOps · AM

New skills to author (in central skills repo, Prody's *-author convention): e2e-from-workflow · load-profile-author · security-evidence-author · compliance-checklist-author · evidence-packet-author · rrr-author.

06

Inter-stream glue — skills that bridge handoffs

Stream 1 → Stream 2 (RG → Dev)

fr-to-ticket · rbac-to-fixtures · data-model-to-doctype · mock-server-generator · tech-stack-to-iac

Stream 2 → Stream 3 (Dev → Testing)

e2e-from-workflow · coverage-mapper · load-profile-author · GH Action: PR merge → trigger Stage C

Stream 3 → Operate (Testing → Run)

rrr-author · observability-bootstrap · runbook-author · status-page-bootstrap

Operate → Stream 5 (Run → KM)

incident-retro-author · monthly-report-author · learning-capturer · portfolio-review-author

Streams are parallel — but artefacts have to flow. Bridges are DevOps' job to build and maintain. All follow Prody's *-author naming.

07

Tools & Agents

Prody's 5 (Stage A) Today

GitHub · Claude CLI · Mermaid · Google Stitch · Fireflies.ai. All free or already-licensed.

Dhwani internal Dhwani

Kotwal — CERT · pen test · OSS vuln gate (Stage C-5).
Mukhbir — runtime health · client monthly reports.

Stage B/C additions Sprint

Semgrep + Frappe rules · Playwright (via e2e-runner) · k6 · OWASP ZAP · Trivy · pre-commit baseline · env portal MVP

Operate stack Sprint

Prometheus · Loki · Tempo · Grafana · Alertmanager → Slack/PagerDuty · Statping-ng or Better Uptime

AI agent governance (DevOps-owned)

Catalogue every agent · Vault-only access · No PII or prod secrets · Output passes the same gates as humans · 90-day audit trail · Prompt versioned in git · 90-day deprecation

08

Adopt — Day 1 is one command

gh repo create dhwani-{stack}-{client} \
  --template dhwani-ris/ai-sdlc-stage-a-starter \
  --private --clone

cd dhwani-{stack}-{client} && claude

Starter ships pre-wired: folders · Markdown schemas · CI seed · Pages → CloudFront · .claude/skills/ + agent catalogue · CODEOWNERS with Architect + AM as reviewers.

PB

Product Builder

Clone → claude /stakeholder-mapper → open Charter PR. Repeat for Steps 4–8.

AR

Architect

You're required-reviewer on §5.11/§5.12/§5.16 by default. Sign-off = signed git tag.

AM

Account Manager

Stakeholder + Charter are PR-driven. Your sign-off closes Phase 1.

09

Evolve — three loops keep the framework alive

Loop 1 · Skills

Repo: dhwani-ris/ai-sdlc-skills · semver · eval-gated.
Prody: "AI raises PRs into the skills repo when gaps appear." DevOps wires it up.

Loop 2 · Raises

Issue with Raise template → Champion triages in 48h (accept/clarify/decline). Sprint-sized: 2-week SLA · bigger: next framework version.

Loop 3 · Review + Champion

Bi-weekly · 30 min · DevOps chairs. Champion: 6-month rotating term across KM / PG / DevOps. DevOps offers to seed the first term.

Telemetry · monthly

% on latest version · Time-to-first-prompt · Gate pass rate · Skill-PR throughput · Stack split · Top 3 raises

10

Outcomes we measure

1 cmd

Day 1 — repo to first prompt

< 15min

env provision (Stage B)

0

critical / high vulns in prod (Kotwal)

End-to-end

requirement → commit → release traceability

100%

releases through readiness gate

100%

projects observed by default

Auto

weekly + monthly project reports

~₹0

Stage A tool spend (Prody's stack)

11

Roadmap · Asks · Lock today

Roadmap — 4 quarters

Q1 Day 1 starter + RG→Dev bridges
Q2 Dev guardrails + Dev→Testing bridges
Q3 Stage C end-to-end + RRR
Q4 Operate + KM bridges + Champion live

Asks

People: 2 dedicated DevOps engineers, four quarters.
Tooling: Stage A free. Stage B/C/Operate need licences (small).
Decisions: Front-end stack · CI/CD · cloud · build-vs-buy portal · tier classification.

Open questions to settle

  1. Stream 2 owner — Engineering broadly or named champion? Where does QA sit?
  2. Stage C phasing — accept the proposal in §05?
  3. Step 10 → first prompt — explicit Step 10½ for Planning, or no?
  4. Pilot project — exercises all 10 RG steps + Stage C, not client-critical?
  5. Champion seed — DevOps takes first term, or rotates to KM/PG?

Let's lock it.