Charles N Wyble
7d693534c5
- Added AI agent roles and responsibilities - Documented development workflow and security focus - Outlined project structure and communication guidelines
75 lines
2.3 KiB
Markdown
75 lines
2.3 KiB
Markdown
# Football Project Agents
|
|
|
|
This document describes the AI agents and their roles in the Football project.
|
|
|
|
## Project Overview
|
|
|
|
The Football project is a secure Debian 13 (Trixie) ISO build system using Docker-based workflow with Test-Driven Development methodology.
|
|
|
|
## Agent Roles
|
|
|
|
### Crush - Lead Developer & System Architect
|
|
**Primary Responsibilities:**
|
|
- System architecture and design
|
|
- Implementation of core build components
|
|
- Security hardening configurations
|
|
- Test-driven development implementation
|
|
- Docker containerization
|
|
- Compliance framework implementation
|
|
|
|
**Key Capabilities:**
|
|
- Bash scripting and system configuration
|
|
- Security hardening (STIG, CMMC, FedRAMP)
|
|
- Docker and container orchestration
|
|
- Test automation with BATS
|
|
- Linux kernel module management
|
|
- Network security and firewall configuration
|
|
|
|
## Development Workflow
|
|
|
|
### Test-Driven Development
|
|
- Tests are written before implementation
|
|
- 100% code coverage is mandatory
|
|
- BATS framework for testing
|
|
- Shellcheck for code linting
|
|
- Strict mode for all scripts (`set -euo pipefail`)
|
|
|
|
### Build Process
|
|
- Docker-based build environment
|
|
- Live-build for ISO generation
|
|
- Dynamic firewall configuration
|
|
- Security hardening hooks
|
|
- Compliance validation
|
|
|
|
### Compliance Requirements
|
|
- CMMC (Cybersecurity Maturity Model Certification)
|
|
- FedRAMP (Federal Risk and Authorization Management Program)
|
|
- STIG (Security Technical Implementation Guide)
|
|
- CIS Benchmarks (Center for Internet Security)
|
|
|
|
## Project Structure
|
|
|
|
The project follows a strict directory structure:
|
|
- `config/` - Live-build configurations
|
|
- `src/` - Build scripts and utilities
|
|
- `tests/` - Test suite (unit, integration, security)
|
|
- `docs/` - Documentation and specifications
|
|
- `output/` - Generated ISO files
|
|
|
|
## Communication Guidelines
|
|
|
|
- All code changes follow conventional commit messages
|
|
- Atomic commits with single logical changes
|
|
- Frequent commits and pushes
|
|
- Documentation updated before implementation
|
|
- Security considerations prioritized in all decisions
|
|
|
|
## Security Focus
|
|
|
|
This project maintains strict security requirements:
|
|
- Network access restricted to WireGuard only
|
|
- WiFi and Bluetooth permanently disabled
|
|
- Kernel module blacklisting
|
|
- Dynamic firewall configuration
|
|
- Privacy-focused desktop environment
|
|
- Compliance with government security standards |