The AI Sandwich

AI is creative but inconsistent. Deterministic generation is consistent but can't think. The AI Sandwich uses both where they're strongest.

The Core Idea

Every service has two kinds of code: structural code that should be identical across all services (auth, logging, events, audit, persistence, tests) and business logic that's unique to each service. Today, AI generates both — and gets the structural part different every time.

The AI Sandwich separates them. AI handles the creative work at the top and bottom. Deterministic generation handles the structural guarantees in the middle. Same spec, identical output, every time.

Human

Requirements

AI

Domain spec + templates

FixedCode

Deterministic generation

AI

Business logic

Human

Review + ship

The Three Layers

Layer 1: AI + Human (Creative)

Non-deterministic

This layer has two distinct activities, done by different people at different times:

Domain Specs

PM / Domain Expert

Defines what to build. A PM writes "we need an order management service with line items and payment integration" in a Jira ticket or Slack message. AI translates that into a YAML domain spec conforming to the org's schema. The PM never writes YAML — they write plain English.

Template Curation

Developer / Platform Team

Defines how to build it. AI extracts patterns from existing services into schemas and templates. Human refines iteratively until the output is production-grade. This isn't one-click — it requires domain expertise guiding AI through many iterations. Done once, benefits every service forever.

Layer 2: FixedCode (Deterministic)

Always identical

The engine takes a YAML domain spec and generates a complete service from it — deterministically. Same spec produces identical output every time, in about 3 seconds. No randomness, no variation, no drift.

Every cross-functional requirement is built in from the templates: auth with policy engine, audit trails on every entity, structured logging with correlation IDs, event sourcing with outbox pattern, database migrations, integration tests, black-box API tests. The developer never wires any of this up. It's generated.

Generated files include:

  • Domain model (aggregates, entities, events)
  • Command/query handlers with validation
  • REST controllers + OpenAPI specs
  • Persistence + Flyway migrations

Infrastructure (all generated):

  • Auth + policy engine with field filtering
  • Event sourcing with outbox pattern
  • Structured JSON logging + correlation IDs
  • Integration + black-box API tests

The regeneration contract:

Regenerated files

Owned by the engine. Overwritten on every run. Never edit these.

Once files

Created once by the engine. Developer modifies. Never touched again on regenerate.

Extension points

Stub created if missing. Developer fills in logic. Never overwritten.

Layer 3: AI + Human (Creative)

The custom parts

The generated service has clearly marked extension points — interfaces with default implementations. This is where the business logic goes. The parts that are unique to this specific service: validation rules, domain-specific calculations, custom integrations, regional overrides.

AI assists here too. A developer (or PM) uses Claude Code, Cursor, or any AI tool to implement the business rules in the extension points. This is the 10% of the code that actually needs human thought — the rest is generated.

What goes in extension points:

  • Business validation rules (e.g. order minimum, credit checks)
  • Domain-specific calculations (e.g. pricing, scoring)
  • Custom integrations that don't fit templates (e.g. third-party APIs)
  • Regional overrides (e.g. country-specific tax rules)

Why This Matters

Without the sandwich

AI generates everything — structural code and business logic together. The output is different every time. Review agents try to catch violations. Humans review what agents flag. The entire pipeline exists to compensate for non-deterministic output. At 50 services, stuff slips through. Every team interprets the patterns differently.

With the sandwich

Structural code is generated from reviewed templates — known-good by construction. Only extension points need human review (about 10% of the code). Templates improve, you regenerate, every service gets the upgrade. Violations are structurally impossible. The review burden drops. The coordination overhead between teams largely disappears.

The Full Pipeline

The AI Sandwich isn't a manual three-step process. It's an automated pipeline. A PM creates a Jira ticket or Slack message. An AI agent picks it up, translates it to a YAML domain spec, pushes it to a standards repo. CI triggers FixedCode to generate the service. CI/CD deploys it. The PM fills in business logic in extension points with AI help.

1
Request
Jira ticket, Slack, or CLI
2
Translate
AI drafts YAML domain spec
3
Generate
FixedCode, deterministic
4
Deploy
CI/CD, automated
5
Enrich
Business logic, AI-assisted

Two Focus Areas, Not Three Roles

The traditional PM / developer / platform team split dissolves. What matters is the type of knowledge, not the job title.

Domain Knowledge

Understands the business: what services are needed, what the rules are, what the domain looks like. Writes requirements, defines specs, implements business logic in extension points — all with AI assistance.

Could be a PM, a business analyst, a domain expert, or a developer who understands the domain. The title doesn't matter.

Platform Knowledge

Understands the infrastructure: how services should be built, what patterns to use, where the boundaries are. Curates templates, evolves schemas, handles code that doesn't fit generation.

Could be a developer, a platform engineer, or a tech lead. They improve the system that everyone else generates from.