1.6 KiB
1.6 KiB
Configuration Validation Rules
Comprehensive validation rules for config-generator skill.
Critical Validation Rules
1. No Secrets in Config Files (CRITICAL)
Rule: Configuration files MUST NEVER contain secrets
Patterns to detect:
- PASSWORD, SECRET, KEY, TOKEN, API, AUTH, CREDENTIAL
- Long random strings (40+ chars)
- Base64-encoded values
- Private keys, certificates with keys
Action: If detected → Use secrets-manager skill immediately
2. .env and .env.example Synchronization (CRITICAL)
Rule: Files MUST have identical variable names
Validation:
diff <(grep -E "^[A-Z_]+" .env | cut -d'=' -f1 | sort) \
<(grep -E "^[A-Z_]+" .env.example | cut -d'=' -f1 | sort)
Action: If mismatch → Fix synchronization before completing
3. Path Existence
Rule: All referenced paths must exist
Check:
- Volume mounts in docker-compose.yml
- File references in configs
- Directory references
4. Docker Validation
Rule: Always validate Docker configs
Action: Use docker-validation skill on docker-compose.yml
5. CLAUDE.md Requirements
Must contain:
- Statement: "NEVER mention Claude in commit messages"
- Stack architecture overview
- Configuration patterns
- Secrets management rules
Validation Checklist
- No secrets in config files
- .env and .env.example synced
- All paths exist
- Docker validation passed
- CLAUDE.md exists with commit rule
- .gitignore has secrets/* excluded
- .dockerignore exists
Strict validation ensures stack security and consistency.