mateusz/portfolio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2c5e43c0ace7f18316d78540186a31cb6350911
portfolio/docs/codex/review-checklist.md
T
Mateusz Suski a527022518
lint / shell-yaml-ansible (push) Failing after 17s
Details
Add Codex repository guidance and validation
2026-05-10 11:11:03 +00:00

53 lines
2.2 KiB
Markdown
Raw Blame History

# Review Checklist
Use this checklist for repository reviews and pull requests.
## Safety
- Destructive actions default to dry-run or read-only.
- Real changes require explicit `--execute` and operator confirmation.
- Inputs are validated before use.
- Paths, service names, disks, volumes, and inventory targets are constrained.
- Rollback or recovery thinking is documented where the operation can change state.
## Bash
- Uses `#!/usr/bin/env bash`.
- Uses `set -o errexit`, `set -o nounset`, and `set -o pipefail`.
- Missing commands return a clear warning or invalid-input/dependency exit.
- Output uses `OK`, `WARNING`, and `CRITICAL` consistently.
- Exit codes follow repo convention: `0` OK, `1` operational issue, `2` invalid input or missing dependency.
- Help output exists for scripts that accept arguments.
## Ansible
- Target hosts are explicit and appropriate for the role.
- Modules are preferred over `shell` or `command`.
- Check mode and diff mode are considered.
- Tasks are idempotent or clearly documented when a check is inherently read-only or platform-specific.
- Handlers, tags, defaults, and validation tasks are used where useful.
- Inventory, vars, and role defaults do not contain secrets or real environment data.
## Documentation
- README files explain current state without overstating completeness.
- Runbooks include scope, pre-checks, execution controls, post-checks, and evidence.
- Docs avoid tutorial filler and fake enterprise complexity.
- Important limitations are linked or documented.
- `CHANGELOG.md` is updated for meaningful repo changes.
## Operational Realism
- The change reflects RHEL/Oracle Linux, Debian/Ubuntu, AIX, Veritas, GPFS, Zabbix, ELK, Docker, Kubernetes/K3s, Terraform, VMware, or Proxmox operations accurately.
- Examples remain sanitized.
- Placeholder projects are identified as placeholders.
- There is no unnecessary abstraction or invented complexity.
## Validation
- Changed Bash scripts pass `bash -n`.
- `shellcheck` was run if available, or its absence was reported.
- Ansible syntax/lint checks were run if available and relevant.
- YAML/Markdown sanity checks were run if available.
- Failures and skipped checks are visible in the final summary.
Reference in New Issue View Git Blame Copy Permalink