Premise Check — tibco-apigee-migration-workbench
2-min readUpdated Apr 28, 2026
Front Matter
skill
tech-feasibility
codename
tibco-apigee-migration-workbench
stage
premise
status
complete
Copied Raw Markdown!
This system migrates APIs from Tibco BusinessWorks and Apigee/Apigee Edge to Mulesoft using an AI pipeline: RAG over platform docs, policy mapping layer, model routing, migration execution, and validation. Target: 20-30 APIs with human-in-loop review. At scale, completed migrations and flagged-for-review migrations are tracked separately.
Assumption Table
| Assumption | Status | Why |
|---|---|---|
| Tibco/Apigee APIs have parseable structure (XML, config files) | Solid | Apigee policies are XML; Tibco BW has documented project formats |
| Policy-to-policy mapping is finite and enumerable | Solid | Both platforms have bounded policy sets |
| LLM can translate policy logic with good prompts + RAG | Questionable | Simple 1:1 mappings yes; chained policies with custom scripts risk hallucination |
| RAG over Mulesoft/Apigee docs gives sufficient context | Questionable | Doc quality varies; undocumented runtime behavior won't be in docs |
| Validation layer can catch migration errors reliably | Questionable | Genuine risk. Automated equivalence validation is hard without real test traffic or contract tests |
| pydantic-ai + OpenRouter is production-ready for this pipeline | Solid | Both stable and widely used |
| Postgres + pgvector is adequate for policy RAG at this scale | Solid | Single-store approach; pgvector handles vector search alongside relational migration state |
| OpenAI embeddings are sufficient for policy semantic matching | Solid | text-embedding-3-small is well-tested for RAG retrieval tasks |
Verdict
Core idea is sound. Two assumptions (LLM accuracy on complex policies, RAG coverage gaps) are known risks, not blockers — they inform the human-in-loop design. The validation layer risk is genuine and must drive the validation architecture decisions.
Open Questions (Risks to carry forward)
- Validation gap: No automated strategy yet for proving behavioral equivalence between source and migrated API. Needs contract testing or traffic replay approach.
- LLM accuracy on complex policies: Chained policies, custom scripts, and edge cases will need human review flagging, not silent migration.
- RAG coverage: Undocumented platform behavior (quirks, runtime defaults) will not be in the doc corpus — need a supplemental known-issues / edge-cases knowledge base over time.
Scope Clarifications (user confirmed)
- Token efficiency claims: internal bookkeeping, out of scope for this doc
- 600 API target: internal metric, out of scope
- Confirmed approach: 20-30 APIs, human-in-loop, progress tracker (done / needs-review) at scale