kosmos/chef
8
3
Fork 0
Code Issues 33 Pull Requests 1 Projects 2 Activity
Files
41e6b29b970bcbbedc1ed3b8b081a34c5c83334d
chef/AGENTS.md
Râu Cao 41e6b29b97 Add AGENTS.md
2026-04-11 15:36:54 +04:00

3.0 KiB
Raw Blame History

AGENTS.md

Welcome, AI Agent! This file contains essential context and rules for interacting with the Kosmos Chef repository. Read this carefully before planning or executing any changes.

🏢 Project Overview

This repository contains the infrastructure automation code used by Kosmos to provision and configure bare metal servers (KVM hosts) and Ubuntu virtual machines (KVM guests).

We use Chef Infra, managed locally via Knife Zero (agentless Chef), and Berkshelf for dependency management.

📂 Directory Structure & Rules

  • site-cookbooks/: 🟢 EDITABLE. This directory contains all custom, internal cookbooks written specifically for Kosmos services (e.g., kosmos-postgresql, kosmos_gitea, kosmos-mastodon). Active development happens here.
  • cookbooks/: 🔴 DO NOT EDIT. This directory contains third-party/community cookbooks that are vendored. These are managed by Berkshelf. Modifying them directly will result in lost changes.
  • roles/: 🟢 EDITABLE. Contains Chef roles written in Ruby (e.g., base.rb, kvm_guest.rb, postgresql_primary.rb). These define run-lists and role-specific default attributes for servers.
  • environments/: Contains Chef environment definitions (like production.rb).
  • data_bags/: Contains data bag configurations, often encrypted. Be cautious and do not expose secrets. (Note: Agents should not manage data bag secrets directly unless provided the .chef/encrypted_data_bag_secret).
  • nodes/: Contains JSON state files for bootstrapped nodes. Agents typically do not edit these directly unless cleaning up a deleted node.
  • Berksfile: Defines community cookbook dependencies.
  • Vagrantfile / .kitchen/: Used for local virtualization and integration testing.

🛠️ Tooling & Workflows

  1. Dependency Management (Berkshelf) If a new community cookbook is required:

    • Add it to the Berksfile at the root.
    • Instruct the user to run berks install and berks vendor cookbooks/ --delete (or run it via the bash tool if permitted).

  2. Provisioning (Knife Zero)

    • Bootstrapping and converging nodes is done using knife zero.
    • Example: knife zero converge name:server-name.kosmos.org

  3. Code Style & Conventions

    • Chef recipes, resources, and roles are written in Ruby.
    • Follow standard Chef and Ruby (RuboCop) idioms. Look at neighboring files in site-cookbooks/ or roles/ to match formatting and naming conventions.

🚨 Core Directives for AI Agents

  1. Infrastructure as Code: Manual server configurations are highly discouraged. All changes must be codified in a cookbook or role.
  2. Test Safety Nets: Look for .kitchen.yml within specific site-cookbooks/<name> to understand if local integration tests are available.
  3. No Assumptions: Do not assume standard test commands. Check README.md and repository config files first.
  4. Secret Handling: Avoid hardcoding passwords or API keys in recipes or roles. Assume sensitive information is managed via Chef data_bags.
Reference in New Issue View Git Blame Copy Permalink