diff --git a/TODO.md b/TODO.md new file mode 100644 index 0000000..240df8a --- /dev/null +++ b/TODO.md @@ -0,0 +1,32 @@ +TODO + +- Git workflow + - [x] Questions gathered and answered + - [x] Proposal iteration 2 drafted + - [ ] Finalize approval and capture in instructions/git-workflow.md + +- Branches + - [x] Create integration, release, bootstrap from main + - [x] Push bootstrap to origin + - [ ] Decide whether to maintain a fast-forwarded release branch to the latest tag + +- CI/CD bootstrap + - [x] Create branch bootstrap-cicd from main + - [x] Add questions at questions/bootstrap-cicd.md + - [ ] Draft proposal based on answers + - [ ] Implement parity tooling: scripts/ci, ci.Dockerfile, docker/ci.compose.yml + - [ ] Add .gitea/workflows: ci.yml, release.yml, nightly.yml + - [ ] Add commitlint.config.cjs, .pre-commit-config.yaml, Makefile, CODEOWNERS + +- Protections & settings (in Gitea UI) + - [ ] Protect main and integration with required checks + - [ ] Enable auto-merge on green for feature→integration + - [ ] Require 1 approval for integration→main + +- Releases + - [ ] Tag format vYYYY.MM.DD-HHMM (UTC) in release workflow + - [ ] Optional: fast-forward release branch to latest tag + +- Docs + - [ ] Write docs/engineering/git-workflow.md with diagrams and examples + diff --git a/questions/bootstrap-cicd.md b/questions/bootstrap-cicd.md new file mode 100644 index 0000000..d2599e9 --- /dev/null +++ b/questions/bootstrap-cicd.md @@ -0,0 +1,87 @@ +Bootstrap CI/CD – Questions + +Goal: define initial CI/CD checks and local Docker-parity hooks for this repo (docs/site, scripts, docker-compose), and a template usable by other repos. + +Answer style: short codes + notes, e.g. `1:a,c 2:b 3:docker`. + +1) Stacks present now (select all): + - a) Shell scripts + - b) Dockerfiles/Compose + - c) Markdown/Docs + - d) YAML (workflows/config) + - e) Python + - f) Node/JS + - g) Other (specify) + +2) Formatters/linters per stack: + - shell: a) shfmt b) shellcheck c) both + - docker: a) hadolint + - markdown: a) markdownlint b) prettier c) both + - yaml: a) yamllint b) actionlint (for workflows) c) both + - python (if used): a) black b) ruff c) pytest (tests) + - node (if used): a) eslint b) prettier c) jest (tests) + +3) Testing scope now: + - a) none (docs/scripts only) + - b) smoke tests for scripts (bats/pytest-sh) + - c) unit tests for scripts (specify framework) + +4) Security scanning: + - a) trivy fs + - b) grype + - c) bandit (python) + - d) npm audit (node) + - e) skip for this repo + +5) Execution environment for CI: + - a) run inside repo’s `ci.Dockerfile` + - b) run on runner host with packages + - c) mix (specify) + +6) Matrix needs (now): + - a) none (single Linux image) + - b) multiple language versions (specify) + - c) OS matrix (Linux only for now?) + +7) Caching: + - a) enable tool caches (pip/npm) in CI + - b) enable Docker layer cache + - c) none + +8) Check names to protect on branches (final labels): + - a) ci / lint + - b) ci / test + - c) ci / build + - d) ci / security + - e) ci / commitlint + +9) Hooks parity: + - pre-commit: run format+lint+commitlint? (y/n) + - pre-push: run test+build+security (fast profile)? (y/n) + +10) Concurrency & timeouts: + - cancel in-progress on new commits to same PR? (y/n) + - default job timeout (minutes)? + +11) Release flow details: + - generate release notes from merged PRs since last tag? (y/n) + - attach built artifacts (site tarball, etc)? (y/n) + +12) Coverage gates (if tests exist): + - threshold % to require? (number or skip) + +13) Auto-merge bot to `integration`: + - bot account/name (or use Gitea built-in)? + - automerge conditions beyond green checks? (labels, size) + +14) Notifications: + - a) none + - b) email + - c) webhook/Chat (specify) + +15) Future extensibility: + - template these workflows for other repos? (y/n) + - segregate language-specific jobs behind conditions? (y/n) + +Notes: add any constraints about runners, container registry, or build tools. +