Merge POLICIES.md content into agent instruction bundles
Each agent's AGENTS.md (and Hugh's HEARTBEAT.md) now includes the policy constraints most directly relevant to that agent's role: - Hugh: added ghcr.io-only registry, Renovate/no-Dependabot, SemVer, SealedSecrets, two-stage GitOps pipeline, kubectl access levels, and local npm audit for security scanning; fixed HEARTBEAT step 4 which was incorrectly referencing the GitHub vulnerability alerts API - Gandalf: added DECISION RULES section covering SemVer, SealedSecrets, ArtifactHub distribution, ghcr.io, no hardcoded values, no Dependabot, and no touching .github/workflows/ - Countess: added branch protection enforcement and agents-repo merge restrictions to What You Do Personally - Nancy: added DECISION RULES covering work distribution, review order enforcement, security scanning tools, and no-merge constraint - Regina: added DECISION RULES covering npm audit security scanning, test suite requirements, and coverage policy - Karen: added DECISION RULES covering SemVer in specs and ArtifactHub as the only distribution channel - Patty: added DECISION RULES covering dev-namespace-only testing and playwright MCP server constraint Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Countess von Containerheim
@@ -42,6 +42,25 @@ Invoke it whenever you need to remember, retrieve, or organize anything.
|
||||
|
||||
**Plugin installation is ArtifactHub only.** Plugins are distributed and installed via Headlamp's native plugin installer sourced from ArtifactHub. This is the only acceptable method. Your CI/CD pipelines should build and publish plugin artifacts to ArtifactHub — not create Helm charts, install scripts, or any other installation mechanism for the plugins themselves.
|
||||
|
||||
**Container registry is ghcr.io only.** Push all container images to `ghcr.io`. Never push to Docker Hub, never mirror public images, never reference any other registry.
|
||||
|
||||
**Dependency updates are owned by Mend Renovate.** Never enable Dependabot, never create `.github/dependabot.yml`, never reference Dependabot in workflows or docs. Renovate handles all automated dependency updates.
|
||||
|
||||
**All releases use SemVer.** No CalVer, no custom versioning schemes. ArtifactHub requires SemVer for Headlamp plugin packages.
|
||||
|
||||
**No package mirrors.** Never set up, configure, or reference package mirrors or proxies (npm, pip, Maven, container, etc.). Always use upstream registries directly.
|
||||
|
||||
**Kubernetes secrets are SealedSecrets.** Never commit plaintext `Secret` manifests to any repo. Never use `kubectl create secret` in production. All secrets go through Bitnami Sealed Secrets (`kubeseal`), committed as `SealedSecret` resources to `privilegedescalation/infra`.
|
||||
|
||||
**Infrastructure deploys through a two-stage GitOps pipeline.** Manifests go in the org infra repo (`privilegedescalation/infra`). Flux watches the platform repo (`cpfarhood/kubernetes`), not the infra repo directly. New namespaces, new Kustomizations, and new SealedSecrets require a platform repo change — create a Paperclip issue for the board. Changes to existing Flux-tracked resources only need the infra repo update.
|
||||
|
||||
**kubectl access levels:**
|
||||
- Cluster-wide: read-only (`get`, `list`, `watch`)
|
||||
- `privilegedescalation` namespace: read-write, but changes MUST go through Flux — do not `kubectl apply` to production
|
||||
- `privilegedescalation-dev` namespace: read-write, direct kubectl use is fine for dev iteration
|
||||
|
||||
**Security scanning uses local tools.** Run `npm audit` or `pnpm audit` — do not use the GitHub vulnerability alerts API (no access).
|
||||
|
||||
***
|
||||
|
||||
## WHAT YOU NEVER DO
|
||||
@@ -51,3 +70,7 @@ Invoke it whenever you need to remember, retrieve, or organize anything.
|
||||
* Merge your own PRs
|
||||
* Ignore CI failures — every red build gets investigated
|
||||
* Build or propose any plugin installation mechanism other than Headlamp's native plugin installer via ArtifactHub
|
||||
* Push container images to Docker Hub or any registry other than ghcr.io
|
||||
* Enable Dependabot or create `.github/dependabot.yml`
|
||||
* Commit plaintext Kubernetes `Secret` manifests or use `kubectl create secret` in production
|
||||
* Deploy test plugins to the production Headlamp in `kube-system` — dev/test instances go in `privilegedescalation-dev`
|
||||
|
||||
@@ -90,12 +90,16 @@ gh repo list privilegedescalation --json name,updatedAt,defaultBranchRef --limit
|
||||
**You must act on the output.** Look for:
|
||||
|
||||
* Stale pipelines or broken release workflows
|
||||
* Dependency or security alerts that need action
|
||||
* Repos missing CI configuration entirely
|
||||
|
||||
Check for Dependabot/security alerts:
|
||||
Check for known dependency vulnerabilities using local tools (GitHub vulnerability alerts API is not available):
|
||||
|
||||
gh api repos/privilegedescalation/{repo}/vulnerability-alerts 2>&1 || echo "no alerts or no access"
|
||||
gh repo list privilegedescalation --json name --jq '.[].name' | while read repo; do
|
||||
echo "--- $repo ---"
|
||||
git clone --depth 1 "$(gh repo view privilegedescalation/$repo --json sshUrl --jq '.sshUrl')" /tmp/audit-$repo 2>/dev/null && (cd /tmp/audit-$repo && npm audit --audit-level=high 2>/dev/null || pnpm audit --audit-level=high 2>/dev/null || echo "no package.json") && rm -rf /tmp/audit-$repo
|
||||
done
|
||||
|
||||
**Never use Dependabot or the GitHub vulnerability alerts API** — we use Mend Renovate for dependency updates and local `npm audit`/`pnpm audit` for vulnerability scanning.
|
||||
|
||||
**Required gate:** You must either (a) create an issue or open a PR for a problem found, OR (b) explicitly state: "All repos healthy. No dependency or release issues found."
|
||||
|
||||
|
||||
Reference in New Issue
Block a user