railiance-infra/.claude/rules/stack-and-commands.md

23 lines
880 B
Markdown
Raw Normal View History

2026-05-18 16:55:51 +02:00
## Stack
- **Language:** Terraform (HCL), cloud-init, Ansible, Bash
- **Key deps:** Hetzner/HostEurope provisioning, SOPS + age for secrets, repo-local git hooks (`.githooks`)
2026-05-18 16:55:51 +02:00
## Dev Commands
```bash
make help # list all targets
make hooks # configure repo-local git hooks (secrets guard)
make check-secrets # fail if anything in secrets/ is not SOPS-encrypted
make sops-edit # edit global secrets with SOPS
make sops-encrypt FILE=secrets/foo.yaml
make tf-fmt # terraform fmt
make tf-init && make tf-plan # plan (needs decrypted HCLOUD_TOKEN)
make tf-apply # provision — production-touching
make tf-destroy # tear down — destructive, operator only
2026-05-18 16:55:51 +02:00
```
`tf-apply`/`tf-destroy` change production infrastructure — operator approval
required. No unit test suite; validation is `tf-plan` + the server test suite
workplans.