MrSphay/codex-agent-repository-kit
Template
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 5 Wiki Activity

Enforce Ubuntu runner policy

Browse Source
This commit is contained in:
MrSphay
2026-05-16 05:02:42 +02:00
parent a4245a1563
commit 2534640e54
11 changed files with 88 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
README.md
View File

@@ -28,6 +28,24 @@ This README is for humans. Agent-facing rules live in `AGENTS.md`, `agent-quicks
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## Runner Policy
This kit assumes these are the only available build runners:
| Runner | Type | Allowed labels |
| --- | --- | --- |
| `global-runner-1` | Gitea global runner | `ubuntu-latest`, `ubuntu-24.04`, `ubuntu-22.04` |
| `global-runner-2` | Gitea global runner | `ubuntu-latest`, `ubuntu-24.04`, `ubuntu-22.04` |
| `global-runner-3` | Gitea global runner | `ubuntu-latest`, `ubuntu-24.04`, `ubuntu-22.04` |
Agents must run project builds, tests, audits, package jobs, installers, dependency setup, and releases on those Gitea Ubuntu runners. They must not run those heavy project commands on the user's local machine.
Do not add Windows or macOS runners. If a project appears to need platform-specific tooling, use an open-source Linux-compatible workaround that runs on the Ubuntu runners.
Lightweight local checks are still acceptable when they do not install dependencies or create build artifacts, for example `git status --short`, `rg`, JSON validation, manifest path checks, API status checks, and `git diff --check`.
<p align="center"><img src="https://raw.githubusercontent.com/andreasbm/readme/master/assets/lines/rainbow.png" alt="-----------------------------------------------------" width="100%"></p>
## SSH Setup
Generate a key if you do not already have one:
@@ -343,8 +361,8 @@ Before the first release of a target project:
3. Configure `REGISTRY_TOKEN` if packages are published.
4. Configure `GITEA_TOKEN` only if workflows need issue or release API access.
5. Verify SSH push access.
6. Run lint, test, build, and audit commands that exist.
7. Run `git diff --check`.
6. Run lint, test, build, and audit commands on Gitea Ubuntu runners only.
7. Run lightweight local validation such as `git diff --check`.
8. Confirm release artifacts do not include Codex kit metadata unless explicitly wanted.
9. Push and poll workflows to success or document the blocker.