From 020d6ecb797415f32ebb6c561dc44f0e39900315 Mon Sep 17 00:00:00 2001 From: git Date: Tue, 21 Apr 2026 09:04:59 +1000 Subject: [PATCH] created AGENTS.md --- AGENTS.md | 74 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 74 insertions(+) create mode 100644 AGENTS.md diff --git a/AGENTS.md b/AGENTS.md new file mode 100644 index 0000000..2daefc8 --- /dev/null +++ b/AGENTS.md @@ -0,0 +1,74 @@ +# Codex instructions for this repository + +This repository contains: +- Docker Compose infrastructure +- Terraform configuration +- Ansible configuration + +## General rules + +Prefer validation and linting over execution. +Do not make assumptions about runtime access. +Do not run destructive commands. +Do not install repo changes unless explicitly requested. + +## Docker / Compose rules + +This environment does not have Docker daemon access. +Do not use commands that require `/var/run/docker.sock`. + +Allowed: +- `docker compose config` +- `docker compose -f config` +- `./services-up.sh --profile all config` + +Not allowed: +- `docker compose up` +- `docker compose down` +- `docker compose run` +- `docker compose exec` +- `docker build` +- `docker pull` + +When validating Docker changes: +1. Prefer `./services-up.sh --profile all config` if available. +2. If that does not fit the task, use `docker compose -f ... config`. +3. Only create temporary placeholder env files if validation requires them. +4. Do not commit placeholder env files unless explicitly requested. + +## Terraform rules + +Allowed: +- `terraform fmt -check -recursive` +- `terraform init -backend=false -input=false` +- `terraform validate` +- `tflint` + +Do not apply infrastructure changes unless explicitly requested. +Do not run: +- `terraform apply` +- `terraform destroy` + +## Ansible rules + +Allowed: +- `ansible-lint` +- `ansible-playbook --syntax-check ` + +Do not run playbooks against real hosts unless explicitly requested. + +## Shell / YAML rules + +Allowed: +- `shellcheck` +- `yamllint` +- `yq` +- `jq` + +## Expected workflow + +When making changes: +1. Edit the smallest necessary set of files. +2. Run the safest available validation commands. +3. Report validation results clearly. +4. If validation is blocked by missing secrets, env files, or remote/provider access, say so explicitly instead of guessing.