From ring-dev-team
Implements database-per-tenant isolation in Go services using JWT tenantId routing through the lib-commons v5 dispatch layer. Handles config, middleware, repositories, metrics, and tests.
How this skill is triggered — by the user, by Claude, or both
Slash command
/ring-dev-team:adding-multi-tenancyThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
- User requests multi-tenant implementation for a Go service
You orchestrate. Agents implement. NEVER use Edit/Write/Bash on Go source files.
All code changes go through Task(subagent_type="ring:backend-go").
TDD mandatory for all implementation gates (RED → GREEN → REFACTOR).
Isolation: tenantId from JWT → dispatch layer middleware → database-per-tenant.
organization_id is NOT multi-tenant. tenantId from JWT is the ONLY mechanism.
Standards reference: https://raw.githubusercontent.com/LerianStudio/ring/main/dev-team/docs/standards/golang/multi-tenant.md
Sub-package import reference:
| Alias | Import Path | Purpose |
|---|---|---|
client | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/client | Tenant Manager HTTP client |
tmcore | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/core | Context helpers, resolvers |
tmmiddleware | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/middleware | TenantMiddleware (WithPG/WithMB) |
tmpostgres | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/postgres | PostgresManager |
tmmongo | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/mongo | MongoManager |
tmrabbitmq | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/rabbitmq | RabbitMQ Manager |
valkey | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/valkey | Redis key prefixing |
s3 | github.com/LerianStudio/lib-commons/v5/commons/dispatch layer/s3 | S3 key prefixing |
secretsmanager | github.com/LerianStudio/lib-commons/v5/commons/secretsmanager | M2M credentials |
Key mandatory requirements:
MULTI_TENANT_URL — correct env var name (NOT TENANT_MANAGER_ADDRESS)client.WithCircuitBreaker — MANDATORYclient.WithServiceAPIKey — MANDATORYWhenEnabled() — NOT global app.Usetmcore.GetPGContext(ctx) / tmcore.GetMBContext(ctx) — NEVER .GetDB() directlyMandatory agent instruction (include in EVERY dispatch):
WebFetch
https://raw.githubusercontent.com/LerianStudio/ring/main/dev-team/docs/standards/golang/multi-tenant.md. Use exact import paths from skill. Do NOT invent sub-package paths. TDD: RED → GREEN → REFACTOR for every gate.
| Gate | Name | Condition | Agent |
|---|---|---|---|
| 0 | Stack Detection + Compliance Audit | Always | Orchestrator |
| 1 | Codebase Analysis (multi-tenant focus) | Always | ring:codebase-explorer |
| 1.5 | Implementation Preview | Always | ring:visualizing |
| 2 | lib-commons v5 + lib-auth v2 Upgrade | Skip only if both already pinned in go.mod | ring:backend-go |
| 3 | Multi-Tenant Configuration | Always | ring:backend-go |
| 4 | Tenant Middleware (TenantMiddleware with WithPG/WithMB) | Always | ring:backend-go |
| 5 | Repository Adaptation | Always per detected DB | ring:backend-go |
| 5.5 | M2M Secret Manager | Skip if service has no targetServices | ring:backend-go |
| 6 | RabbitMQ Multi-Tenant | Skip if no RabbitMQ | ring:backend-go |
| 7 | Metrics & Backward Compat | Always | ring:backend-go |
| 8 | Tests | Always | ring:backend-go |
| 9 | Code Review | Always | 9 defaults + triggered specialists in parallel |
| 10 | User Validation | Always | User |
| 11 | Activation Guide | Always | Orchestrator |
Gates execute sequentially. Existing multi-tenant code ≠ compliance. Gate 0 audit is mandatory.
Orchestrator executes directly. Two phases:
Phase 1: Stack Detection
grep "lib-commons" go.mod
grep "lib-auth" go.mod
grep -rn "postgresql\|pgx" internal/ go.mod
grep -rn "mongodb\|mongo" internal/ go.mod
grep -rn "redis\|valkey" internal/ go.mod
grep -rn "rabbitmq\|amqp" internal/ go.mod
grep -rn "s3\|ObjectStorage" internal/
grep -rn "MULTI_TENANT_ENABLED\|dispatch layer" internal/
grep -rn "client_credentials\|M2M\|secretsmanager" internal/
Phase 2: Compliance Audit (if multi-tenant code detected)
Run A1-A8 checks (grep-based):
MULTI_TENANT_URL used (not TENANT_MANAGER_ADDRESS or variants)WithCircuitBreaker on TM clientWithServiceAPIKey on TM clienttmcore.GetPGContext / tmcore.GetMBContext used (not .GetDB() / .GetDatabase())WhenEnabled() (not global app.Use)valkey.GetKeyContexts3.GetS3KeyStorageContextvar db *sql.DB or var client *mongo.Client)Any NON-COMPLIANT → corresponding gate MUST execute.
| Severity | Criteria |
|---|---|
| CRITICAL | Cross-tenant data leak; wrong tenant identifier (organization_id) |
| HIGH | Missing TenantMiddleware; wrong env var names; no circuit breaker |
| MEDIUM | Missing circuit breaker; incomplete metrics |
| LOW | Missing env var comments; pool tuning notes |
npx claudepluginhub p/lerianstudio-ring-dev-team-dev-teamDesigns multi-tenant SaaS architectures with PostgreSQL RLS, tenant-scoped queries, shared-schema isolation, and safe cross-tenant admin patterns.
Migrates Lerian Go services from static .env/YAML config to lib-systemplane hot-reloadable runtime config client. Orchestrates an 11-gate migration cycle.
Designs multi-tenant SaaS architectures with tenant isolation, data partitioning strategies, and billing/metering systems covering pooled, siloed, and hybrid models.