iamcoolvivek007/new-project
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
new-project/AGENTS.md
Hermes Agent 3dcc8e4c5b
Some checks are pending
CI/CD Pipeline / build-and-test (push) Waiting to run
Details
CI/CD Pipeline / deploy (push) Blocked by required conditions
Details
Infra update: Add Dockerfiles, .env template, and Coolify config
2026-06-11 03:28:58 +00:00

3.3 KiB
Raw Blame History

Collaboration Playbook (AGENTS.md)

1. Roles & Responsibilities

  • Frontend Lead (@frontend-lead): Owns the Next.js/TanStack PWA, UI consistency, and Supabase integration.
  • Backend Lead (@backend-lead): Maintains the FastAPI service, data models, audit logging, and security hardening.
  • DevOps / CICD Engineer (@devops-engineer): Manages GitHub Actions pipelines, Docker images, Coolify deployments, and monitoring.
  • Quality Assurance (@qa-engineer): Writes and reviews automated tests, conducts code reviews, and verifies security compliance.
  • Product Owner (@product-owner): Prioritises backlog items, defines acceptance criteria, and ensures alignment with freightforwarding usecases.

2. PullRequest Workflow

  1. Branch Naming feature/<shortdescription> or bugfix/<issueid>.
  2. Commit Conventions Use conventional commits (e.g., feat: add softdelete endpoint, fix: correct audit timestamp).
  3. PR Title Clear, prefixed with type (feat:, fix:, chore:).
  4. PR Description Include:
    • What problem it solves.
    • How it aligns with the freightforwarding roadmap (tracking, bidding, payments).
    • Any required migrations or DB changes.
    • Screenshots or API examples if UI changes.
  5. Review Process At least one reviewer from a different role must approve.
    • Frontend PR → reviewed by Backend Lead (or QA).
    • Backend PR → reviewed by Frontend Lead (or QA).
  6. Merging Squash and merge; delete the branch after merge.
  7. Postmerge CI runs automatically; if successful, the DevOps Engineer triggers the Coolify deployment via the webhook.

3. Backlog & Issue Tagging

  • Labels (GitHub):
    • enhancement new feature (e.g., inapp bidding).
    • bug defect or security issue.
    • techdebt refactoring, performance, or security improvements.
    • apichange breaking change to the FastAPI contract.
    • frontend UI/PWA related work.
    • backend backend service changes.
  • Milestones Align with release cycles (e.g., v1.0beta, v1.0release).
  • Sprint Planning Use the kanban-worker skill to break down highlevel epics into actionable tickets.

4. Commit & Release Cadence

  • Daily Small, incremental commits; push to main after CI passes.
  • Weekly Dedicated “integration” day to test endtoend flows (API ↔ PWA ↔ Supabase).
  • Release Tag a new version (vX.Y.Z) after a successful deployment to Coolify and verification of critical paths (auth, softdelete, audit log).

5. Security & Compliance

  • All API endpoints must validate input and return proper HTTP status codes.
  • Sensitive data (DB passwords, Supabase keys) are stored in GitHub Secrets and injected at runtime.
  • Audit logs are immutable; they are shipped to a separate log store (e.g., CloudWatch) via a background worker.
  • Run npm audit and pip audit in CI; fail the job on highseverity findings.

6. Communication Channels

  • Slack/Discord #freightdev for quick questions; #announcements for release notes.
  • GitHub Discussions For design proposals and longterm roadmap discussions.
  • Weekly Sync 30minute video call to review progress, blockers, and upcoming priorities.

Document last updated: 20260610