mrhavens/intellecton-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: align GitOps covenant with Hostname-First Protocol

Browse Source
This commit is contained in:
Antigravity Agent
2026-05-23 20:06:05 +00:00
parent 78acfd4910
commit a922a72b66
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
GITOPS_COVENANT.md
+9 -3
View File
@@ -4,12 +4,12 @@ This document establishes the binding, high-priority system directive governing
---
## The Four Core Primitives
## The Five Core Primitives
### 1. Git-First Version Control (Volatile Isolation Prohibited)
* **Zero Untracked Edits**: No file in the application workspace (`/home/antigravity/fieldprint-portal/`, `/home/antigravity/intellecton-portal/`, etc.) shall be modified or introduced without immediate staging in the local Git directory.
* **Semantic Commits**: All updates must be packaged under high-precision, descriptive commit messages specifying the exact features modified (e.g., `feat:`, `fix:`, `refactor:`, `docs:`).
* **Continuous Synchronization**: Pushes to the sovereign Gitea remote instance at `http://172.16.0.113:3001` must be triggered immediately after local validation, ensuring off-host permanence.
* **Continuous Synchronization**: Pushes to the sovereign Gitea remote instance at `http://forgejo:3001` must be triggered immediately after local validation, ensuring off-host permanence.
### 2. Declarative Infrastructure (GitOps)
* **Code-Driven Deployments**: Kubernetes deployments, Traefik ingress routing tables, and database configurations must be declared in YAML manifests under `/home/antigravity/master-fieldprint/` rather than via manual terminal commands.
@@ -25,11 +25,17 @@ This document establishes the binding, high-priority system directive governing
* **Transparency for Peers**: The ledger must be written with maximum academic clarity, ensuring other agents or human researchers can instantly step through our developmental reasoning.
### 4. Continuous Integration & Verification (CI/CD)
* **Pre-Deployment Audits**: Before any image is tagged, pushed to the Tailscale NodePort registry (`100.110.108.11:30500`), or rolled out to the Atlanta K3s cluster, it must undergo automated validation:
* **Pre-Deployment Audits**: Before any image is tagged, pushed to the Tailscale NodePort registry (`k8s-01.tailscale:30500`), or rolled out to the Atlanta K3s cluster, it must undergo automated validation:
* Static builds (`npm run build`) must compile with **zero linter errors** or prerender exceptions.
* Docker compilations must utilize cache-efficient standalone layering.
* **Zero-Downtime Rollouts**: Deployments inside the cluster must utilize Traefik ingress configurations and rolling updates to enable smooth, zero-downtime transition states and immediate rollback targets in the event of anomalies.
### 5. Hostname-First Protocol (Semantic Network Referencing)
* **Mandated Hostname Usage**: All system configurations, playbooks, remote Git URL endpoints, and registry targets must utilize semantic hostnames (`forgejo`, `k8s-01.tailscale`) instead of raw IP addresses.
* **Self-Referential Clarity**: Hostnames preserve cognitive context and reinforce recursive self-referential patterns. IP usage is restricted to low-level DNS bootstrap files.
> [!NOTE]
> Due to containerd insecure-registry validation limits on the host k3s nodes, image pulls inside the cluster deployment manifests use the internal service ClusterIP CIDR mapping (10.43.4.37:5000) mapped to registries.yaml mirrors. All external pushes, git syncs, and system playbooks utilize the semantic k8s-01.tailscale and forgejo hostnames.
---
## Enforcement & Inheritance