OCDP/ocdp-workload-manifests
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

first commit

Browse Source
This commit is contained in:
jackyliu
2026-05-28 07:21:15 +00:00
commit 6465520041
57 changed files with 942 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
AGENTS.md Normal file
View File

@ -0,0 +1,44 @@
# AGENTS.md
This file is the execution guide for `ocdp-workload-manifests`.
## Working Boundary
- Treat this project as a plain app manifests repository.
- Do not store OCDP WorkloadTemplate records here; they belong in `ocdp-server`
PostgreSQL.
- Do not store user WorkloadClaim instances here; they belong in target-cluster
CRs created through `ocdp-server`.
- Keep reusable Kubernetes resources under `apps/*/base`.
- Keep optional Kustomize components under `apps/*/components`.
- Keep per-deployment runtime values out of this repository. They belong in
temporary source files or runtime specs generated by `ocdp-server`.
- Use `tests/kustomize/*` only for generic validation overlays, never for real
user instances.
- Do not commit real passwords, tokens, customer hostnames, private NFS paths, or
private registry credentials.
## Runtime Rules
- Do not add a global catalog index unless the server explicitly needs one later.
- `ocdp-server` WorkloadTemplate records should reference apps with
`repositoryUrl`, `ref`, and `path`.
- Runtime source generation may create Secret, ConfigMap, and patch files, then
run Kustomize.
- Bases should stay template-free YAML.
- App bases should keep Services as `ClusterIP`; expose apps from
WorkloadTemplate values such as `exposure=nodeport` or `exposure=loadbalancer`.
Components such as `service-nodeport`, `service-loadbalancer`, or `ingress`
are implementation building blocks, not the user-facing contract.
- Environment overlays are platform/admin choices for cluster- or site-level
differences such as StorageClass, IngressClass, GPU runtime, registry prefix,
pull secrets, node selectors, tolerations, and site labels.
- NodePort numbers belong in per-claim values handled by `ocdp-server`, not in
reusable app bases or components.
## Validation
- Run `make validate` after changing workload bases, components, or test
overlays.
- If a change intentionally affects generated resource names, check references
such as Secret refs, PVC claim names, Service backends, and ConfigMap mounts.