Skip to main content

Automated Documentation Pipeline with Control Zero

This guide shows how to build an automated documentation pipeline using CrewAI multi-agent orchestration with Control Zero policy enforcement. Multiple agents collaborate to analyze code, generate documentation, and review the output -- all under governance policies.

What You Will Build

A multi-agent documentation system with:

  • A Code Analyzer agent that reads source code
  • A Writer agent that generates documentation
  • A Reviewer agent that checks quality
  • Policy enforcement at every step, controlling which agents can access which resources

Architecture

Source Code Repository
    |
    v
[Code Analyzer Agent]
  - Reads source files (enforced: data.read)
  - Extracts functions, classes, patterns
    |
    v
Analysis Report
    |
    v
[Writer Agent]
  - Generates documentation (enforced: llm.generate)
  - Creates markdown files (enforced: data.write)
    |
    v
Draft Documentation
    |
    v
[Reviewer Agent]
  - Reviews for accuracy (enforced: llm.generate)
  - Suggests corrections
    |
    v
Final Documentation

Implementation

Setup

pip install controlzero crewai

Policy-Enforced Agents

import controlzero
from crewai import Agent, Task, Crew, Process

# Initialize Control Zero
cz = controlzero.ControlZero()
cz.initialize()


def enforce_step(step_output):
    """Enforce policies on every agent step."""
    if hasattr(step_output, "tool") and step_output.tool:
        cz.enforce(
            action="tool.call",
            resource=f"tool/{step_output.tool}",
            context={"agent_id": str(step_output.agent)},
        )


# -- Agents --
code_analyzer = Agent(
    role="Code Analyzer",
    goal="Read and analyze source code to extract documentation-relevant information",
    backstory=(
        "Expert software engineer who understands code structure, "
        "design patterns, and can identify key components for documentation."
    ),
    step_callback=enforce_step,
    verbose=True,
)

doc_writer = Agent(
    role="Documentation Writer",
    goal="Write clear, comprehensive technical documentation from analysis reports",
    backstory=(
        "Professional technical writer with deep experience in API documentation, "
        "tutorials, and developer guides."
    ),
    step_callback=enforce_step,
    verbose=True,
)

doc_reviewer = Agent(
    role="Documentation Reviewer",
    goal="Review documentation for accuracy, completeness, and clarity",
    backstory=(
        "Senior developer advocate who ensures documentation is accurate, "
        "follows best practices, and helps developers succeed."
    ),
    step_callback=enforce_step,
    verbose=True,
)

Define Tasks

analysis_task = Task(
    description=(
        "Analyze the source code in the provided files. "
        "Extract all public functions, classes, and their signatures. "
        "Identify the main architectural patterns and data flows. "
        "Output a structured analysis report."
    ),
    expected_output="A structured report of all public APIs, classes, and patterns",
    agent=code_analyzer,
)

writing_task = Task(
    description=(
        "Using the analysis report, write comprehensive API documentation. "
        "Include: overview, installation, quick start, API reference with "
        "all public functions and classes, and usage examples for each."
    ),
    expected_output="Complete API documentation in Markdown format",
    agent=doc_writer,
)

review_task = Task(
    description=(
        "Review the generated documentation for: "
        "1. Technical accuracy (do examples match the API?) "
        "2. Completeness (are all public APIs documented?) "
        "3. Clarity (can a new developer follow this?) "
        "4. Best practices (proper formatting, consistent style?) "
        "Output the final reviewed documentation with any corrections applied."
    ),
    expected_output="Final, reviewed documentation ready for publishing",
    agent=doc_reviewer,
)

Run the Pipeline

crew = Crew(
    agents=[code_analyzer, doc_writer, doc_reviewer],
    tasks=[analysis_task, writing_task, review_task],
    process=Process.sequential,
    verbose=True,
)

try:
    result = crew.kickoff()
    print("Documentation generated successfully:")
    print(result)
except controlzero.PolicyViolationError as e:
    print(f"Pipeline blocked by policy: {e.message}")

Example Policy

Restrict what each agent can do:

{
  "name": "doc-pipeline-policy",
  "rules": [
    {
      "effect": "allow",
      "action": "llm.generate",
      "resource": "model/*"
    },
    {
      "effect": "allow",
      "action": "tool.call",
      "resource": "tool/read_file"
    },
    {
      "effect": "allow",
      "action": "tool.call",
      "resource": "tool/list_directory"
    },
    {
      "effect": "deny",
      "action": "tool.call",
      "resource": "tool/write_file"
    },
    {
      "effect": "deny",
      "action": "tool.call",
      "resource": "tool/execute_code"
    },
    {
      "effect": "deny",
      "action": "tool.call",
      "resource": "tool/send_email"
    }
  ]
}

This policy allows the agents to read code and generate documentation, but blocks file writes (documentation output goes to stdout/return values), code execution, and email sending. This ensures the documentation pipeline is read-only and cannot modify the codebase.

Next Steps