A Kiroween Post-Mortem: How Spec-Driven AI Development cured my fear of the "Blank Repo".
Tags: #go #microservices #ai #nextjs #hackathon
The Nightmare of the Blank Repo
We all know the horror story. You have a brilliant idea for a SaaS. You open your IDE. You create a new folder. And then... the dread sets in.
Before you can write a single line of unique business logic, you have to build the "Skeleton":
💀 Authentication (and oh god, RBAC)
💀 Billing & Subscriptions (Stripe webhooks are scary)
💀 Feature Flags (so you don't break prod)
💀 Real-time Sockets (because REST is dead)
💀 AI Integration (because it's 2025)
This boilerplate graveyard is where side projects go to die.
For the Kiroween Hackathon, I decided to face this fear. I wanted to play Dr. Frankenstein and stitch together a "chimera" of the industry's most robust technologies—Go, gRPC, GraphQL, and Next.js—and breathe life into them using Kiro, an AI-powered IDE.
The result? The Haunted SaaS Skeleton. Here is how I built a 6-service distributed system without losing my mind.
The "Frankenstein" Tech Stack ⚡️
I didn't want a simple monolithic template. I wanted a stack that could scale from "Hello World" to IPO.
The Body (Backend): Go (Golang) 1.21
The Nerves (Communication): gRPC (Internal) & GraphQL (Public Gateway)
The Face (Frontend): Next.js 14 (App Router) + Tailwind + Glassmorphism UI
The Brain (AI): OpenAI (via a custom Gateway)
The Tools: Docker, Postgres, Redis, Stripe, Unleash.
Shutterstock
The Methodology: Spec-Driven Development (Not Just Vibe Coding)
Most people use AI to "write a function." I used Kiro to orchestrate an ecosystem.
I discovered that "Vibe Coding" (chatting with AI) works best when you give the AI a rigid structure to cling to. I used a Spec-Driven approach:
1. The Seance (Steering)
I started with a steering.md file. This acted as the "Laws of Physics" for the project. It enforced rules like: "All services must verify JWTs via the user-auth-service" and "Use the Dataloader pattern for GraphQL."
2. The Incantation (Specs)
Instead of writing code immediately, I wrote contracts in Markdown. I defined six core microservices in /.kiro/specs/. For example, for the Billing Service, I didn't write Go code; I wrote:
Requirement 3: The service must expose a public HTTP endpoint for Stripe Webhooks. It must handle the checkout.session.completed event idempotently by checking the event_id in Redis before provisioning access.
3. The Summoning
With the specs in place, I commanded Kiro to implement them. The result was startling. Kiro generated production-ready Go code, including GORM models, mutex-locked caches, and structured logging, because it had the context of the full architecture.
The Anatomy of the Skeleton 🦴
Here are the six organs I built, and the cool tech inside them:
1. The Gatekeeper (user-auth-service)
This isn't just "email/password." It's a full Role-Based Access Control (RBAC) system.
Cool Factor: It issues RS256-signed JWTs. The API Gateway validates these tokens via gRPC before any resolver even runs.
Tech: bcrypt, jwt-go, Redis sessions.
2. The Treasurer (billing-service)
This service handles the scary part: Money.
Cool Factor: Transactional Webhooks. I built a handler that saves the Stripe Event to the DB before processing it. This ensures we never double-provision a subscription, even if Stripe sends the webhook twice.
3. The Brain (llm-gateway-service) 🧠
This is my favorite part. Instead of hardcoding prompts in Go code, I built a "Prompt-as-Code" architecture.
How it works: Prompts are .yaml files in a /prompts directory.
The Magic: The service uses fsnotify to watch that directory. If I edit a prompt file, the service hot-reloads it into memory instantly. No redeploy required to change the AI's personality!
Go
// Snippet of the Hot-Reload Logic
func (l *PromptLoader) watchLoop() {
for {
select {
case event := <-l.watcher.Events:
if event.Op&fsnotify.Write == fsnotify.Write {
l.logger.Info("Prompt file modified, reloading...", zap.String("file", event.Name))
l.loadPrompt(event.Name) // Updates the thread-safe cache
}
}
}
}
4. The Nervous System (notifications-service)
A SaaS feels dead without real-time feedback.
Tech: Socket.IO. I chose this over raw WebSockets because of its automatic HTTP long-polling fallback, ensuring it works on restrictive corporate networks.
5. The Shapeshifter (feature-flags-service)
Tech: A proxy for Unleash. It caches flags in memory, allowing the rest of the app to check permissions in microseconds without network calls.
6. The Interface (graphql-api-gateway)
This stitches it all together.
The Win: End-to-end type safety.
Postgres Schema -> Go Structs
Go Structs -> GraphQL Schema
GraphQL Schema -> TypeScript React Hooks (via graphql-codegen)
My frontend code looks like this, and it's 100% type-safe:
TypeScript
const { login } = useLoginMutation();
// TypeScript knows exactly what 'login' accepts and returns!
Horror Stories: Challenges I Ran Into 😱
It wasn't all smooth sailing.
- Dependency Hell: Building a monorepo with 6 Go services inside Docker is tricky. I kept getting missing go.sum entry errors.
Fix: I learned that Docker build contexts matter. I had to configure docker-compose.yml to isolate each service's context so they didn't invalidate each other's build caches.
- The N+1 Nightmare: Stitching 6 microservices into one GraphQL graph is risky. If you request a list of 50 users, you don't want to make 50 gRPC calls to the Auth service.
Fix: I implemented Dataloaders in the Gateway. It batches those 50 IDs into a single ListUsers gRPC call.
Conclusion: The Skeleton is Alive
The Haunted SaaS Skeleton started as a hackathon entry, but it evolved into a genuine startup foundation.
What I learned from Kiroween is that AI coding tools aren't just for autocomplete. When you combine them with Systems Thinking and Detailed Specs, you can operate like a Senior Architect and a Dev Team simultaneously.
The blank repo isn't scary anymore. In fact, it's kind of exciting.
Check out the repo here: https://github.com/toluwagbemiga/kiroween
Happy Vibe Coding! 🎃
If you enjoyed this breakdown of Go microservices and AI architecture, drop a like or comment below!
Top comments (0)