pandoras-box/monkey
8
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages 1 Wiki Activity Actions

chore: bring repo up to governance spec #11

Merged
David merged 1 commit from chore/governance-up-to-spec into main 2026-05-14 00:13:43 +02:00
Conversation 0 Commits 1 Files changed 7 +160 -46
David commented 2026-05-14 00:12:34 +02:00
Owner
Copy link

Brings the repo up to a8n-run/governance spec. CLI-only items from the checklist that genuinely do not apply to this repo (compose.yml, compose.dev.yml, .env.example, .devcontainer/, HOST_IP / HOST_PORT, port assignment, HOST_UID / HOST_GID bind-mount pattern) are intentionally skipped; PRE_COMMIT.md Template B already covers the no-dev-compose case.

Root files

  • Add CLAUDE.md describing the repo shape for AI agents and noting which checklist items do not apply.
  • Add .dockerignore so the build context excludes target/, .git, docs, tests, and other host-only files.
  • Rename LICENSE to LICENSE.md (CHECKLIST.md spelling).
  • Add repository = "https://dev.a8n.run/pandoras-box/monkey" to Cargo.toml. FORGEJO_ORGS.md mechanics step 2 assumes this field exists.

Justfile

  • Restructure the check umbrella to match the spec: check = check-fmt + check-clippy + check-build + check-docker.
  • Add typecheck (cargo check --all-targets).
  • Add build-docker-export that drives oci-build/Dockerfile's binary scratch stage out to ./output/monkey.
  • Keep fmt, lint, test as single-step shortcuts; lint now aliases check-clippy.

Dockerfile

  • Rename ARG MONKEY_GIT_HASH to ARG GIT_SHA (the org-wide standard build-arg name) and map it to ENV MONKEY_GIT_HASH so build.rs is unchanged.
  • Add ARG CARGO_BUILD_JOBS=2 + ENV CARGO_BUILD_JOBS. Default 2 keeps ad-hoc local builds from oversubscribing a small host; CI overrides via --build-arg.
  • Add BuildKit cache mounts on /usr/local/cargo/registry and /usr/local/cargo/git for both the dependency-priming build and the final build. This catches what the layer cache misses on minor Cargo.toml tweaks per CI.md.
  • Add # syntax=docker/dockerfile:1.6 so cache mounts are honored on hosts with older BuildKit defaults.

Forgejo workflow (build-oci-image.yml)

  • Add a docker buildx create --driver docker-container --use step. The default docker driver does not support cache-to type=registry.
  • Replace --cache-to type=inline with a dedicated :buildcache registry tag in mode=max per CI.md. inline only carries the final layer's metadata; mode=max captures every intermediate layer (notably the slow dep-build layer).
  • Pass CARGO_BUILD_JOBS = nproc through to both the push build and the binary export build.
  • Use the new GIT_SHA build-arg name.

Out of scope

  • Em-dash sweep in source comments and design docs. Many pre-existing instances in src/**, docs/superpowers/**, oci-build/get-tags.nu. A governance-compliance PR should not also bulk-rewrite source comments; tracked for a separate change.
  • The host-side cargo fmt --check disagrees with the rustfmt baked into rust-builder-musl:v1.0.0-rust1.94-alpine. Pre-existing; the just pre-commit recipe runs through Docker so it matches CI exactly.

Test plan

  • just --list shows the new umbrella + recipes.
  • just check-docker builds the builder stage end-to-end.
  • just build-docker-export writes ./output/monkey.
  • just pre-commit (Docker-based) passes fmt + clippy + build + tests.
  • Forgejo Check workflow stays green on this PR.
  • Forgejo Build OCI container workflow on merge to main: buildx builder is created, :buildcache tag is published, image and generic package are pushed under the new GIT_SHA build-arg.
Brings the repo up to a8n-run/governance spec. CLI-only items from the checklist that genuinely do not apply to this repo (`compose.yml`, `compose.dev.yml`, `.env.example`, `.devcontainer/`, HOST_IP / HOST_PORT, port assignment, HOST_UID / HOST_GID bind-mount pattern) are intentionally skipped; PRE_COMMIT.md Template B already covers the no-dev-compose case. ## Root files - Add `CLAUDE.md` describing the repo shape for AI agents and noting which checklist items do not apply. - Add `.dockerignore` so the build context excludes `target/`, `.git`, docs, tests, and other host-only files. - Rename `LICENSE` to `LICENSE.md` (CHECKLIST.md spelling). - Add `repository = "https://dev.a8n.run/pandoras-box/monkey"` to `Cargo.toml`. FORGEJO_ORGS.md mechanics step 2 assumes this field exists. ## Justfile - Restructure the `check` umbrella to match the spec: `check = check-fmt + check-clippy + check-build + check-docker`. - Add `typecheck` (`cargo check --all-targets`). - Add `build-docker-export` that drives `oci-build/Dockerfile`'s `binary` scratch stage out to `./output/monkey`. - Keep `fmt`, `lint`, `test` as single-step shortcuts; `lint` now aliases `check-clippy`. ## Dockerfile - Rename `ARG MONKEY_GIT_HASH` to `ARG GIT_SHA` (the org-wide standard build-arg name) and map it to `ENV MONKEY_GIT_HASH` so `build.rs` is unchanged. - Add `ARG CARGO_BUILD_JOBS=2` + `ENV CARGO_BUILD_JOBS`. Default `2` keeps ad-hoc local builds from oversubscribing a small host; CI overrides via `--build-arg`. - Add BuildKit cache mounts on `/usr/local/cargo/registry` and `/usr/local/cargo/git` for both the dependency-priming build and the final build. This catches what the layer cache misses on minor `Cargo.toml` tweaks per CI.md. - Add `# syntax=docker/dockerfile:1.6` so cache mounts are honored on hosts with older BuildKit defaults. ## Forgejo workflow (`build-oci-image.yml`) - Add a `docker buildx create --driver docker-container --use` step. The default `docker` driver does not support `cache-to type=registry`. - Replace `--cache-to type=inline` with a dedicated `:buildcache` registry tag in `mode=max` per CI.md. `inline` only carries the final layer's metadata; `mode=max` captures every intermediate layer (notably the slow dep-build layer). - Pass `CARGO_BUILD_JOBS = nproc` through to both the push build and the `binary` export build. - Use the new `GIT_SHA` build-arg name. ## Out of scope - Em-dash sweep in source comments and design docs. Many pre-existing instances in `src/**`, `docs/superpowers/**`, `oci-build/get-tags.nu`. A governance-compliance PR should not also bulk-rewrite source comments; tracked for a separate change. - The host-side `cargo fmt --check` disagrees with the rustfmt baked into `rust-builder-musl:v1.0.0-rust1.94-alpine`. Pre-existing; the `just pre-commit` recipe runs through Docker so it matches CI exactly. ## Test plan - [ ] `just --list` shows the new umbrella + recipes. - [ ] `just check-docker` builds the builder stage end-to-end. - [ ] `just build-docker-export` writes `./output/monkey`. - [ ] `just pre-commit` (Docker-based) passes fmt + clippy + build + tests. - [ ] Forgejo `Check` workflow stays green on this PR. - [ ] Forgejo `Build OCI container` workflow on merge to main: buildx builder is created, `:buildcache` tag is published, image and generic package are pushed under the new `GIT_SHA` build-arg.
chore: bring repo up to governance spec
Some checks failed
Check / fmt + clippy + build + tests (pull_request) Failing after 2s
Details
Create release / Create release from merged PR (pull_request) Has been skipped
Details
6fe1f872ff 
Add CLAUDE.md, .dockerignore, and Cargo.toml::repository. Rename LICENSE to LICENSE.md per a8n-run/governance CHECKLIST.md.

Restructure justfile around the governance check umbrella: check = check-fmt + check-clippy + check-build + check-docker. Add typecheck and build-docker-export recipes.

Harden the OCI build per a8n-run/governance CI.md: rename the project-specific MONKEY_GIT_HASH build-arg to the org-standard GIT_SHA (mapped to ENV MONKEY_GIT_HASH inside the Dockerfile so build.rs is unchanged), add BuildKit cache mounts on /usr/local/cargo/{registry,git} for both the dependency and final build layers, and accept a CARGO_BUILD_JOBS ARG/ENV with a sane default of 2 for ad-hoc local builds.

In .forgejo/workflows/build-oci-image.yml: set up a docker-container buildx builder (required for cache-to type=registry), switch the cache from inline to a dedicated :buildcache registry tag with mode=max, and pass CARGO_BUILD_JOBS = nproc through to both the push build and the binary-export build.

CLI-only items from the checklist that do not apply to this repo are intentionally skipped: compose.yml / compose.dev.yml, .env.example, .devcontainer/, HOST_IP / HOST_PORT, port assignment, HOST_UID / HOST_GID bind-mount pattern. Governance PRE_COMMIT.md Template B already covers the no-dev-compose case.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
David merged commit 91b5170e0b into main 2026-05-14 00:13:43 +02:00
David deleted branch chore/governance-up-to-spec 2026-05-14 00:13:43 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
pandoras-box/monkey!11
No description provided.