claude-autopm 2.8.1 → 2.8.2

package/autopm/.claude/rules/docker-first-development.md

@@ -1,404 +0,0 @@
-# Docker-First Development Rule
-
-> **STATUS**: Can be enabled/disabled via `.claude/config.json` → `features.docker_first_development`
-
-## WHEN ENABLED
-
-### 1. MANDATORY DOCKER USAGE
-
-**ALL development MUST happen inside Docker containers:**
-
-```bash
-# ❌ FORBIDDEN - Local execution
-npm install
-npm test
-python app.py
-pytest
-
-# ✅ REQUIRED - Docker execution
-docker compose run app npm install
-docker compose run app npm test
-docker compose run app python app.py
-docker compose run test pytest
-```
-
-### 2. PROJECT STRUCTURE REQUIREMENTS
-
-Every project MUST have:
-
-```
-project/
-├── Dockerfile                 # Production image
-├── Dockerfile.dev            # Development image with dev tools
-├── docker compose.yml        # Production-like setup
-├── docker compose.dev.yml    # Development overrides
-├── docker compose.test.yml   # Test environment
-└── .dockerignore            # Exclude unnecessary files
-```
-
-### 3. DEVELOPMENT WORKFLOW
-
-#### Initial Setup
-
-```bash
-# 1. Check if Docker files exist
-if [ ! -f "Dockerfile" ]; then
-  Use docker-containerization-expert agent to create Dockerfile
-fi
-
-# 2. Build development image
-docker compose -f docker compose.yml -f docker compose.dev.yml build
-
-# 3. Start development environment
-docker compose -f docker compose.yml -f docker compose.dev.yml up
-```
-
-#### Code Changes
-
-```yaml
-# docker compose.dev.yml
-services:
-  app:
-    volumes:
-      - .:/app                    # Mount source code
-      - /app/node_modules         # Preserve container node_modules
-      - /app/.venv               # Preserve Python venv
-    command: npm run dev          # Hot reload
-```
-
-#### Running Tests
-
-```bash
-# Always in container
-docker compose run --rm test pytest
-docker compose run --rm test npm test
-
-# CI/CD uses same image
-docker build -t app:test .
-docker run app:test pytest
-```
-
-### 4. ENFORCEMENT PIPELINE
-
-When docker_first_development is **enabled**:
-
-```
-1. Hook intercepts local commands (npm, pip, python, etc.)
-2. Checks if Docker alternative exists
-3. Blocks execution with Docker alternative suggestion
-4. Auto-creates Docker files if missing
-```
-
-### 5. DOCKERFILE STANDARDS
-
-#### Python Projects
-
-```dockerfile
-# Dockerfile.dev
-FROM python:3.11-slim AS development
-WORKDIR /app
-COPY requirements.txt .
-RUN pip install -r requirements.txt
-COPY . .
-CMD ["python", "-m", "flask", "run", "--host=0.0.0.0", "--reload"]
-
-# Dockerfile (production)
-FROM python:3.11-slim AS production
-WORKDIR /app
-COPY requirements.txt .
-RUN pip install --no-cache-dir -r requirements.txt
-COPY . .
-CMD ["gunicorn", "app:app"]
-```
-
-#### Node.js Projects
-
-```dockerfile
-# Dockerfile.dev
-FROM node:20-alpine AS development
-WORKDIR /app
-COPY package*.json ./
-RUN npm ci
-COPY . .
-CMD ["npm", "run", "dev"]
-
-# Dockerfile (production)
-FROM node:20-alpine AS production
-WORKDIR /app
-COPY package*.json ./
-RUN npm ci --only=production
-COPY . .
-CMD ["node", "server.js"]
-```
-
-### 6. docker compose TEMPLATES
-
-#### Base docker compose.yml
-
-```yaml
-version: '3.9'
-services:
-  app:
-    build: .
-    ports:
-      - "3000:3000"
-    environment:
-      - NODE_ENV=production
-    networks:
-      - app-network
-
-networks:
-  app-network:
-    driver: bridge
-```
-
-#### Development Override (docker compose.dev.yml)
-
-```yaml
-version: '3.9'
-services:
-  app:
-    build:
-      context: .
-      dockerfile: Dockerfile.dev
-    volumes:
-      - .:/app
-      - /app/node_modules  # Preserve dependencies
-    environment:
-      - NODE_ENV=development
-      - DEBUG=true
-    ports:
-      - "3000:3000"
-      - "9229:9229"  # Debug port
-```
-
-#### Test Override (docker compose.test.yml)
-
-```yaml
-version: '3.9'
-services:
-  test:
-    build:
-      context: .
-      dockerfile: Dockerfile.dev
-    command: npm test
-    environment:
-      - NODE_ENV=test
-      - CI=true
-```
-
-### 7. GITHUB ACTIONS INTEGRATION
-
-```yaml
-# .github/workflows/test.yml
-name: Test
-on: [push, pull_request]
-
-jobs:
-  test:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-      
-      - name: Build Test Image
-        run: docker build -f Dockerfile.dev -t app:test .
-      
-      - name: Run Tests in Container
-        run: docker run --rm app:test npm test
-      
-      - name: Run Linting in Container
-        run: docker run --rm app:test npm run lint
-```
-
-### 8. VOLUME MOUNTING STRATEGY
-
-```yaml
-# Development volumes for hot reload
-volumes:
-  # Source code - always mounted
-  - ./src:/app/src
-  - ./tests:/app/tests
-  
-  # Config files - mounted read-only
-  - ./package.json:/app/package.json:ro
-  - ./tsconfig.json:/app/tsconfig.json:ro
-  
-  # Dependencies - NOT mounted (use container's)
-  # - ./node_modules:/app/node_modules  ❌
-  # - ./.venv:/app/.venv                ❌
-```
-
-### 9. DATABASE IN DOCKER
-
-```yaml
-# docker compose.dev.yml
-services:
-  app:
-    depends_on:
-      - db
-      - redis
-  
-  db:
-    image: postgres:15-alpine
-    environment:
-      POSTGRES_DB: appdb
-      POSTGRES_USER: appuser
-      POSTGRES_PASSWORD: devpassword
-    volumes:
-      - postgres_data:/var/lib/postgresql/data
-    ports:
-      - "5432:5432"
-  
-  redis:
-    image: redis:7-alpine
-    ports:
-      - "6379:6379"
-
-volumes:
-  postgres_data:
-```
-
-### 10. HELPER COMMANDS
-
-Create a Makefile for common operations:
-
-```makefile
-# Makefile
-.PHONY: dev test build clean
-
-# Development
-dev:
- docker compose -f docker compose.yml -f docker compose.dev.yml up
-
-dev-build:
- docker compose -f docker compose.yml -f docker compose.dev.yml build
-
-# Testing
-test:
- docker compose -f docker compose.yml -f docker compose.test.yml run --rm test
-
-test-watch:
- docker compose -f docker compose.yml -f docker compose.test.yml run --rm test npm run test:watch
-
-# Production
-build:
- docker build -t app:latest .
-
-run:
- docker run -p 3000:3000 app:latest
-
-# Utilities
-shell:
- docker compose -f docker compose.yml -f docker compose.dev.yml exec app sh
-
-logs:
- docker compose logs -f app
-
-clean:
- docker compose down -v
- docker system prune -f
-```
-
-## WHEN DISABLED
-
-When `docker_first_development: false` in config:
-
-- Local development is allowed
-- Docker files are optional
-- No enforcement of container usage
-- Traditional development workflow permitted
-
-## PR VALIDATION REQUIREMENTS
-
-When `docker_first_development` is enabled, ALL PRs MUST:
-
-### 1. PASS DOCKER TESTS BEFORE PUSH
-
-```bash
-# Manual validation before creating PR
-./.claude/scripts/pr-validation.sh
-
-# Install Git hooks for automatic validation
-./.claude/scripts/install-hooks.sh
-```
-
-### 2. GITHUB ACTIONS VALIDATION
-
-PR will automatically run:
-
-- Multi-platform Docker builds (linux/amd64, linux/arm64)  
-- Tests in Docker containers using same images as local dev
-- Security scanning with Trivy
-- Docker-first compliance validation
-- Startup testing
-
-### 3. REQUIRED FILES FOR PR
-
-- `Dockerfile` - Production image
-- `Dockerfile.dev` - Development image  
-- `docker compose.yml` - Base configuration
-- `docker compose.test.yml` - Test configuration
-- `.dockerignore` - Build optimization
-
-### 4. AUTOMATED BLOCKING
-
-**Pre-push hook blocks push if:**
-
-- Docker tests fail
-- Docker images don't build
-- Required Docker files missing
-- Docker daemon not running
-
-**GitHub Actions blocks PR if:**
-
-- Any Docker tests fail
-- Security vulnerabilities found (HIGH/CRITICAL)
-- Multi-platform builds fail
-- Container startup fails
-
-### 5. PR VALIDATION WORKFLOW
-
-```bash
-# Full validation (recommended)
-./.claude/scripts/pr-validation.sh
-
-# Quick validation (skip some tests)
-./.claude/scripts/pr-validation.sh --force
-
-# Skip tests entirely (not recommended)  
-./.claude/scripts/pr-validation.sh --skip-tests
-```
-
-### 6. CI/CD REQUIREMENTS
-
-GitHub Actions workflow (`.github/workflows/docker-tests.yml`) runs:
-
-1. **Change Detection** - Only runs Docker tests when needed
-2. **Multi-Environment Testing** - Tests dev and production configs
-3. **Security Scanning** - Trivy vulnerability scan
-4. **Multi-Platform Builds** - AMD64 and ARM64 architectures
-5. **Compliance Validation** - Checks Docker-first requirements
-
-## BYPASS PROCEDURES (EMERGENCY ONLY)
-
-```bash
-# Bypass git hooks temporarily
-git push --no-verify
-
-# Disable Docker-first for urgent fixes
-./.claude/scripts/docker-toggle.sh disable
-# Don't forget to re-enable after fix!
-```
-
-## CHECKING STATUS
-
-```bash
-# Check Docker-first status with detailed info
-./.claude/scripts/docker-toggle.sh status
-
-# Quick check
-cat .claude/config.json | jq '.features.docker_first_development'
-
-# Manual toggle
-./.claude/scripts/docker-toggle.sh enable   # or disable
-```

package/autopm/.claude/rules/infrastructure-pipeline.md

@@ -1,128 +0,0 @@
-# Infrastructure Operations Pipeline
-
-> **CRITICAL**: Infrastructure changes require strict validation and rollback capabilities.
-
-## 1. TERRAFORM DEPLOYMENT PIPELINE
-
-**Trigger**: Infrastructure as Code changes
-**Sequence**:
-
-```
-1. terraform-infrastructure-expert → Validate configuration
-2. Run terraform plan and review changes
-3. Write infrastructure tests (Terratest)
-4. Apply to staging environment first
-5. test-runner → Verify infrastructure health
-6. Document changes in CHANGELOG
-7. Apply to production with approval
-```
-
-## 2. CONTAINER BUILD PIPELINE
-
-**Trigger**: Dockerfile or container changes
-**Sequence**:
-
-```
-1. docker-containerization-expert → Optimize Dockerfile
-2. Security scan with Trivy/Snyk
-3. Build multi-stage image
-4. test-runner → Test container functionality
-5. Push to registry with proper tags
-6. Never push unscanned images
-```
-
-## 3. KUBERNETES DEPLOYMENT PIPELINE
-
-**Trigger**: K8s manifest or Helm chart changes
-**Sequence**:
-
-```
-1. kubernetes-orchestrator → Validate manifests
-2. Dry-run deployment
-3. Apply to dev/staging cluster
-4. test-runner → Verify pod health
-5. Monitor resource usage
-6. Rollout to production with canary
-```
-
-## 4. CLOUD FUNCTION PIPELINE
-
-**Trigger**: Serverless function deployment
-**Sequence**:
-
-```
-1. gcp-cloud-functions-engineer → Optimize function
-2. Set memory/timeout limits
-3. Configure triggers and IAM
-4. test-runner → Integration tests
-5. Deploy with gradual rollout
-6. Monitor cold starts and errors
-```
-
-## 5. CI/CD PIPELINE SETUP
-
-**Trigger**: GitHub Actions or Azure DevOps setup
-**Sequence**:
-
-```
-1. github-operations-specialist → Design pipeline
-2. Implement security scanning
-3. Add quality gates
-4. test-runner → Test pipeline stages
-5. Document pipeline flow
-6. Set up notifications
-```
-
-## 6. MESSAGING SYSTEM PIPELINE
-
-**Trigger**: NATS implementation
-**Sequence**:
-
-```
-1. nats-messaging-expert → Design topology
-2. Configure JetStream persistence
-3. Implement pub/sub patterns
-4. test-runner → Test message delivery
-5. Monitor throughput and latency
-6. Document message contracts
-```
-
-## 7. DATA PIPELINE ORCHESTRATION
-
-**Trigger**: Airflow/Kedro workflow setup
-**Sequence**:
-
-```
-1. airflow-orchestration-expert/kedro-pipeline-expert → Design DAG/pipeline
-2. Implement idempotent tasks
-3. Add monitoring and alerts
-4. test-runner → Test pipeline execution
-5. Verify data quality checks
-6. Document dependencies
-```
-
-## Pipeline Requirements
-
-### NEVER ALLOWED
-
-- ❌ Deploying without staging validation
-- ❌ Pushing unscanned container images
-- ❌ Applying Terraform without plan review
-- ❌ Skipping rollback procedures
-- ❌ Ignoring security vulnerabilities
-
-### ALWAYS REQUIRED
-
-- ✅ Infrastructure as Code for everything
-- ✅ Security scanning at every stage
-- ✅ Staging environment validation
-- ✅ Automated rollback capability
-- ✅ Comprehensive monitoring
-
-## Success Metrics
-
-- Zero unplanned downtime
-- All images pass security scan
-- Terraform drift detection active
-- Rollback time < 5 minutes
-- 100% infrastructure test coverage