34 lines
1.1 KiB
Markdown
34 lines
1.1 KiB
Markdown
# Agent Instructions
|
|
|
|
## Project
|
|
|
|
dockge-image-update-checker: Companion service that checks Dockge stack images for newer registry digests.
|
|
|
|
## Repository Rules
|
|
|
|
- Prefer small, dependency-light changes. The service intentionally uses Node built-ins for Docker Engine and registry access.
|
|
- Keep stack scanning read-only. Updating or redeploying stacks is out of scope unless explicitly requested.
|
|
- Do not commit secrets, `.env` files, private keys, certificates, registry tokens, or Gitea tokens.
|
|
- Check `git status --short` before editing and before finishing. Preserve unrelated user changes.
|
|
- Keep `.codex/project.md` aligned with command and architecture changes.
|
|
|
|
## Commands
|
|
|
|
```bash
|
|
npm test
|
|
npm run build
|
|
npm run check
|
|
```
|
|
|
|
## Security Notes
|
|
|
|
- The service needs read access to the Dockge stacks directory and the Docker socket.
|
|
- Registry credentials are not stored by the service. Public registry checks use anonymous token flows.
|
|
- Mounting `/var/run/docker.sock` is powerful. Run this only on hosts where that operational tradeoff is acceptable.
|
|
|
|
## Finish Checklist
|
|
|
|
- `git diff --check` passes.
|
|
- `npm test` passes.
|
|
- `npm run build` passes.
|