Skip to content

Commit cfe35ed

Browse files
authored
Merge pull request redhat-appstudio#398 from redhat-appstudio/add-agents-md
Add AGENTS.md and CI lint workflow
2 parents 5660e65 + d70a546 commit cfe35ed

3 files changed

Lines changed: 104 additions & 0 deletions

File tree

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
name: Lint AGENTS.md
2+
3+
on:
4+
pull_request:
5+
paths:
6+
- AGENTS.md
7+
push:
8+
branches: [main]
9+
paths:
10+
- AGENTS.md
11+
12+
permissions:
13+
contents: read
14+
15+
jobs:
16+
agents-md-lint:
17+
name: Check AGENTS.md line limit
18+
runs-on: ubuntu-latest
19+
steps:
20+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
21+
22+
- name: Validate AGENTS.md
23+
run: |
24+
if [ ! -f AGENTS.md ]; then
25+
echo "ERROR: AGENTS.md not found"
26+
exit 1
27+
fi
28+
lines=$(wc -l < AGENTS.md)
29+
echo "AGENTS.md has $lines lines (limit: 300)"
30+
if [ "$lines" -gt 300 ]; then
31+
echo "ERROR: AGENTS.md exceeds 300-line limit"
32+
exit 1
33+
fi

AGENTS.md

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
# infra-common-deployments
2+
3+
GitOps repository for shared infrastructure components across Konflux
4+
common clusters using ArgoCD (app-of-apps pattern) and Kustomize.
5+
6+
## Quick Commands
7+
8+
| Action | Command |
9+
|----------------|---------------------------------------------------------|
10+
| Build overlay | `kustomize build argo-cd-apps/overlays/<env>/` |
11+
| Lint YAML | `yamllint .` |
12+
| Chainsaw tests | `chainsaw test --config .chainsaw.yaml <test-dir>` |
13+
14+
Kube-lint (requires building kustomize output first):
15+
16+
```sh
17+
mkdir -p kustomizedfiles
18+
kustomize build argo-cd-apps/overlays/<env>/ -o kustomizedfiles/<env>.yaml
19+
kube-linter lint --config .kube-linter.yaml kustomizedfiles/
20+
```
21+
22+
Dry-run apply:
23+
24+
```sh
25+
kustomize build <path> | kubectl apply --dry-run=client -f -
26+
```
27+
28+
## Project Layout
29+
30+
- `argo-cd-apps/base/{all-clusters,external,internal}/` — ApplicationSet
31+
definitions scoped by cluster type.
32+
- `argo-cd-apps/overlays/` — four environments: `internal-staging`,
33+
`internal-production`, `external-staging`, `external-production`.
34+
- `components/<name>/` — Kustomize components with `base/`, per-env overlays,
35+
and optional `k-components/` for shared patches (Component kind `v1alpha1`).
36+
- `.yamllint.yaml` — relaxed profile, ignores Helm charts/templates.
37+
- `.kube-linter.yaml` — excludes probe port checks.
38+
39+
## Key Conventions
40+
41+
- App-of-apps pattern: root ArgoCD Application manages ApplicationSets.
42+
- Kubernetes resource files named after their Kind.
43+
- Always `kustomize build` all four overlays before submitting changes.
44+
- yamllint ignores `**/charts/` and `**/templates/` (Helm content).
45+
- All changes via PR; OWNERS approval required.
46+
47+
## Testing
48+
49+
- Chainsaw tests validate Kyverno policies in `components/kyverno/` and
50+
`components/policies/`. Tests live in `.chainsaw-test/` directories.
51+
- CI creates a Kind cluster, installs Kyverno, then runs chainsaw.
52+
- kube-linter scans all kustomized output for Kubernetes best practices.
53+
- yamllint validates all YAML files (relaxed profile, Helm excluded).
54+
55+
## CI Pipeline (GitHub Actions)
56+
57+
- `yamllint` — lints all YAML on PRs and pushes to main.
58+
- `kube-linter` — builds kustomize overlays, scans with kube-linter,
59+
uploads SARIF to GitHub Security tab.
60+
- `chainsaw-tests` — Kyverno policy tests in Kind. Only triggers on
61+
kyverno/policy file changes.
62+
- `dep-triage` — auto-triages Renovate/Konflux bot dependency PRs.
63+
- `auto-merge` — merges approved dependency PRs when all checks pass.
64+
65+
## Gotchas
66+
67+
- kube-linter excludes `kargo/` and `konflux-devlake/` (Helm-based).
68+
- Chainsaw tests require Kyverno fully rolled out (300s timeout).
69+
- Environment patches target ApplicationSets by group/version/kind —
70+
changing ApplicationSet structure may silently break patches.

CLAUDE.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
@AGENTS.md

0 commit comments

Comments
 (0)