77 lines
1.6 KiB
Markdown
77 lines
1.6 KiB
Markdown
# Configuration Validation Rules
|
|
|
|
Comprehensive validation rules for config-generator skill.
|
|
|
|
## Critical Validation Rules
|
|
|
|
### 1. No Secrets in Config Files (CRITICAL)
|
|
|
|
**Rule**: Configuration files MUST NEVER contain secrets
|
|
|
|
**Patterns to detect**:
|
|
- PASSWORD, SECRET, KEY, TOKEN, API, AUTH, CREDENTIAL
|
|
- Long random strings (40+ chars)
|
|
- Base64-encoded values
|
|
- Private keys, certificates with keys
|
|
|
|
**Action**: If detected → Use secrets-manager skill immediately
|
|
|
|
---
|
|
|
|
### 2. .env and .env.example Synchronization (CRITICAL)
|
|
|
|
**Rule**: Files MUST have identical variable names
|
|
|
|
**Validation**:
|
|
```bash
|
|
diff <(grep -E "^[A-Z_]+" .env | cut -d'=' -f1 | sort) \
|
|
<(grep -E "^[A-Z_]+" .env.example | cut -d'=' -f1 | sort)
|
|
```
|
|
|
|
**Action**: If mismatch → Fix synchronization before completing
|
|
|
|
---
|
|
|
|
### 3. Path Existence
|
|
|
|
**Rule**: All referenced paths must exist
|
|
|
|
**Check**:
|
|
- Volume mounts in docker-compose.yml
|
|
- File references in configs
|
|
- Directory references
|
|
|
|
---
|
|
|
|
### 4. Docker Validation
|
|
|
|
**Rule**: Always validate Docker configs
|
|
|
|
**Action**: Use docker-validation skill on docker-compose.yml
|
|
|
|
---
|
|
|
|
### 5. CLAUDE.md Requirements
|
|
|
|
**Must contain**:
|
|
- Statement: "NEVER mention Claude in commit messages"
|
|
- Stack architecture overview
|
|
- Configuration patterns
|
|
- Secrets management rules
|
|
|
|
---
|
|
|
|
## Validation Checklist
|
|
|
|
- [ ] No secrets in config files
|
|
- [ ] .env and .env.example synced
|
|
- [ ] All paths exist
|
|
- [ ] Docker validation passed
|
|
- [ ] CLAUDE.md exists with commit rule
|
|
- [ ] .gitignore has secrets/* excluded
|
|
- [ ] .dockerignore exists
|
|
|
|
---
|
|
|
|
*Strict validation ensures stack security and consistency.*
|