Flea Flicker
e9a77895d6
Point at the authoritative groombook/org skills (sdlc, coding-standards, safety) and document the phase-by-phase PR flow + uat->main merge-gate policy summary. Whitelist reminder for main branch protection: engineer team only. cc @cpfarhood Co-Authored-By: Paperclip <noreply@paperclip.ing>
2.7 KiB
AGENTS.md
This repository (groombook/api) is part of the GroomBook application stack. The
authoritative process, quality bar, and safety rules live in the shared
groombook/org skills repository. Read
those first; this file is only a pointer.
Authoritative skills
- SDLC (branching, PRs, phases, handoffs):
groombook/org/skills/sdlc/SKILL.md - Coding standards (priority ordering, PR discipline, tests, no-hardcoded-values, CalVer):
groombook/org/skills/coding-standards/SKILL.md - Safety (no plaintext secrets, no direct
kubectl applytogroombook, no self-merge, board approval for destructive actions):groombook/org/skills/safety/SKILL.md
For human contributors and humans reviewing agent work, see
CONTRIBUTING.md in this repo for the phase-by-phase PR
flow and the uat→main merge-gate policy summary.
Non-negotiable operational rules
These mirror the org skills; they are restated here so any agent landing in this repo sees them without a cross-repo fetch.
- All changes go through a PR. Never push directly to
dev,uat, ormain. - Branch strategy:
feature/<name>→dev→uat→main. Engineers always targetdevfirst. - No self-merge contract. The engineer who opened a PR clicks merge only
after the named reviewer (CI / QA / UAT / Security / CTO per phase)
approves. Issue-thread QA / UAT / security approvals do not clear the
Gitea
required_approvalsgate onuat→main— only a Gitea Approve click from a member of theapprovals_whitelist_usernamedoes. On this repo that whitelist is["gb_flea", "gb_dogfather"](engineer team). Board-level accounts cannot give the Approve click by policy. - Always include
cc @cpfarhoodat the bottom of every PR body for board visibility (not as a reviewer). - Secrets in code are forbidden. Use Bitnami Sealed Secrets; never commit
plaintext. See the
safetyskill. - Production (
groombooknamespace) is Flux-managed. Neverkubectl applydirectly. Infrastructure changes go through PRs ingroombook/infra.
Local development
See the repo's own README, package scripts, and CI workflow. The
authoritative pipeline (Gitea Actions, image build, deploy hooks) is the
shared groombook/infra overlay; do not reimplement it here.
When uncertain
If a task conflicts with the org skills, the org skills win. Open an
issue in groombook/org to propose a change rather than encoding a local
exception.