quicue.ca
Model it in CUE. Validate by unification. Export to whatever the world expects.
What this is
You declare resources — nodes in a graph — with types and dependencies. CUE computes the rest: dependency layers, transitive closure, blast radius, deployment plans, linked data exports. The gap between your constraints and your data IS the remaining work. When cue vet passes, you're done.
dns: #Resource & {
"@type": {LXCContainer: true, DNSServer: true}
depends_on: {router: true}
host: "node-1"
container_id: 101
}
No runtime. No state file. No plugins. CUE validates everything simultaneously, and the output is plain JSON.
Overview
| Metric | Count |
|---|---|
| Modules | 12 |
| Decisions (ADRs) | 14 |
| KB Patterns | 16 |
| Insights | 14 |
| Semantic Types | 57 |
| Downstream Consumers | 3 |
| Deployed Sites | 7 |
Modules
| Module | Layer | Description |
|---|---|---|
| vocab | definition |
Core schemas: #Resource, #Action, #TypeRegistry, #ActionDef |
| patterns | definition |
Algorithms: graph, bind, deploy, health, SPOF, viz, TOON, OpenAPI, validation |
| templates | template |
29 platform-specific providers, each a self-contained CUE module |
| orche | orchestration |
Orchestration schemas: execution steps, federation, drift detection, Docker site bootstrap |
| boot | orchestration |
Bootstrap schemas: #BootstrapResource, #BootstrapPlan, credential collectors |
| wiki | projection |
#WikiProjection — MkDocs site generation from resource graphs |
| cab | reporting |
Change Advisory Board reports: impact, blast radius, runbooks |
| ou | interaction |
Role-scoped views: #InteractionCtx narrows #ExecutionPlan by role, type, name, layer. Hydra W3C JSON-LD export. |
| ci | ci |
Reusable GitLab CI templates for CUE validation, export, topology, impact |
| server | operations |
FastAPI execution gateway for running infrastructure commands |
| charter | constraint |
Constraint-first project planning: declare scope, evaluate gaps, track gates. SHACL gap report projection. |
| examples | value |
17 working examples from minimal 3-layer to full 30-resource datacenter |
Not just infrastructure
The graph patterns are domain-agnostic. #BlastRadius, #ImpactQuery, #SinglePointsOfFailure, and #DeploymentPlan don't know what domain they're in. "What breaks if X goes down?" works whether X is a DNS server, a construction phase, or a research gene.
| Domain | What the graph models | Live |
|---|---|---|
| IT infrastructure | 30 servers, containers, and services across 7 dependency layers | datacenter example |
| Construction management | Deep retrofit work packages for 270-unit community housing program | CMHC Retrofit |
| Energy efficiency | 17-service processing platform for Ontario Greener Homes | Greener Homes |
| Real estate operations | Transaction pipelines, referral networks, compliance workflows | maison-613 |
What it computes
| Pattern | What it answers |
|---|---|
#InfraGraph |
Dependency layers, transitive closure, topology |
#BindCluster |
Which providers match which resources, resolved commands |
#ImpactQuery |
"What breaks if X goes down?" |
#BlastRadius |
Change impact with rollback order |
#SinglePointsOfFailure |
Resources with no redundancy |
#HealthStatus |
Simulated failure propagation |
#DeploymentPlan |
Ordered layers with gates |
#ExecutionPlan |
All of the above, unified |
#Charter |
What "done" looks like — scope, gates, completion |
#GapAnalysis |
What's missing, what's next, which gates are satisfied |
See the Pattern Catalog for the full list and Charter for project planning.
Downstream Consumers
| Project | Domain | Patterns Used |
|---|---|---|
| homelab | Production infrastructure graph — multi-node cluster with ZFS storage, networking, and container orchestration | 14 |
| cmhc-retrofit | Construction program management (NHCF deep retrofit, Greener Homes processing platform) | 15 |
| maison-613 | Real estate operations — 7 graphs (transaction, referral, compliance, listing, operations, onboarding, client) | 14 |
Ecosystem Sites
| Site | Description |
|---|---|
| docs | MkDocs Material documentation site |
| demo | Operator dashboard — D3 graph, planner, resource browser |
| api | Static API showcase — 727 pre-computed JSON endpoints |
| cat | DCAT 3 data catalogue |
| kg | Knowledge graph framework spec |
| cmhc-retrofit | Construction program management showcase |
| maison613 | Real estate operations showcase |
Contract-via-unification
Verification IS unification. You write CUE constraints that must merge with the computed graph. If they can't unify, cue vet rejects everything:
// This must merge with the computed graph output.
// If docker isn't the root, or validation fails, cue vet rejects.
validate: valid: true
infra: roots: {"docker": true}
deployment: layers: [{layer: 0, resources: ["docker"]}, ...]
No assertion framework. No test runner. The contract IS CUE values. Unification IS the enforcement.
Quick Start
git clone https://github.com/quicue/quicue.ca.git
cd quicue.ca
# Validate schemas
cue vet ./vocab/ ./patterns/
# Run the datacenter example
cue eval ./examples/datacenter/ -e output.summary
# What breaks if the router goes down?
cue eval ./examples/datacenter/ -e output.impact."router-core"
# Export as JSON-LD
cue export ./examples/datacenter/ -e jsonld --out json
License
Apache 2.0