ArchRails verifies PRs against your CALM architecture graph — checking node boundaries, allowed connections, and interface contracts deterministically. Every violation is traceable to a CALM node or relationship. No generic "best practices" guesses.
ArchRails doesn't invent standards. It enforces what your team defines in a CALM document, and cites every node it used.
If a node, relationship, or interface constraint isn't in your calm.json, ArchRails won't enforce it. Full stop.
Feedback cites the exact CALM node ID, relationship ID, or interface that triggered it — so teams align faster and argue less.
Reviews resolve only the CALM nodes touched by the PR diff. Less noise, fewer false positives, no cross-service contamination.
GitHub App permissions are scoped to PR comment write access only. Your source code is never copied or stored.
This is the architecture graph ArchRails renders for every pull request. Drag nodes. Hover for details. Click any node to see how violations trace back to your CALM definition.
ArchRails
OrderService calls PaymentService directly — must route via service-api-gatewayOrderDatabase accessed via HTTP — node declares JDBC:5432 onlyInventoryService changes scoped to service-inventory — no leakagePaste your calm.json to instantly check for interface violations, missing controls, and structural issues — then render your architecture graph interactively. No account required.
Connect your repo, define your architecture in CALM, and ArchRails enforces it on every PR. Contact us to get provisioned.
ArchRails installs as a GitHub App and triggers on pull request events — no CI changes needed.
Get GitHub Access View Setup GuideGitLab integration runs via CI pipeline. Add the job below to your .gitlab-ci.yml and set three CI/CD variables.
stages:
- review
archrails_review:
stage: review
image: alpine:3.20
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
before_script:
- apk add --no-cache curl
script:
- |
curl --silent --fail -X POST "${ARCHRAILS_ENDPOINT}" \
-H "X-Gitlab-Token: ${GITLAB_WEBHOOK_SECRET}" \
-H "X-Gitlab-Event: Merge Request Hook" \
-H "Content-Type: application/json" \
-d "{
\"archrails_tenant_id\": \"${ARCHRAILS_TENANT_ID}\",
\"object_kind\": \"merge_request\",
\"project\": {
\"id\": ${CI_PROJECT_ID},
\"path_with_namespace\": \"${CI_PROJECT_PATH}\"
},
\"object_attributes\": {
\"iid\": ${CI_MERGE_REQUEST_IID},
\"action\": \"update\",
\"last_commit\": { \"id\": \"${CI_COMMIT_SHA}\" }
}
}"calm.json. Every comment is traceable to a CALM node ID.calm.json at the repo root describes your full system graph. The mapping section in config.yaml ties each service directory to its CALM node. ArchRails resolves only the nodes touched by the PR diff — a payment service change won't trigger inventory rules.calm.json, and get you to your first enforced PR review. The CALM Visualizer is free to use immediately — no account needed.
Founder & Engineer
ArchRails started as a practical system: keep architecture consistent as teams scale — without relying on tribal knowledge. By grounding reviews in a CALM architecture graph rather than generic training data, every violation is provable and every comment is traceable.
Start with one repo and one CALM document. ArchRails will enforce it on every pull request.
🏗️ CALM Architecture Review
OrderServicecallsPaymentServicedirectly. CALM noderel-connects-order-paymentrequires routing viaservice-api-gateway.OrderDatabaseaccessed via HTTP. Nodedb-ordersdeclaresJDBC:5432only.InventoryServicechanges scoped toservice-inventory— no cross-node leakage detected.