From 539884b7a6d56dd4296dfd79351fb8d3541749e1 Mon Sep 17 00:00:00 2001 From: Joachim Hummel Date: Fri, 26 Jun 2026 17:45:02 +0200 Subject: [PATCH] add CLAUDE.md to gitignore and untrack it Co-Authored-By: Claude Sonnet 4.6 --- .gitignore | 2 ++ CLAUDE.md | 63 ------------------------------------------------------ 2 files changed, 2 insertions(+), 63 deletions(-) delete mode 100644 CLAUDE.md diff --git a/.gitignore b/.gitignore index b4d59cc..0d8ba47 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,5 @@ +CLAUDE.md + .env .env.* !.env.example diff --git a/CLAUDE.md b/CLAUDE.md deleted file mode 100644 index 86cb82e..0000000 --- a/CLAUDE.md +++ /dev/null @@ -1,63 +0,0 @@ -# CLAUDE.md - -This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository. - -## What this repo is - -A collection of Kestra workflow flows (YAML) and helper scripts (Python) for homelab automation. The flows run inside Kestra and use this Git repository as the source for versioned logic. - -**Core separation of concerns:** -- `*.yaml` — Kestra flows (orchestration, task sequencing, SSH commands) -- `*.py` — Python scripts called at runtime by Kestra (data processing, transformation) -- `.env` — Secrets and credentials, never committed (see `.env.example`) - -## Testing the Python script locally - -```bash -export OPTIONS_B64_JSON='["WyJkb2NrZXIxOzE5Mi4xNjguMTAwLjEwO21laW51c2VyOy9ob21lL21laW51c2VyL2RvY2tlci9uZXh0Y2xvdWQiXQ=="]' -python3 build_select_options.py -cat select_options.json -``` - -The script reads `OPTIONS_B64_JSON` (a JSON array of base64-encoded per-host results) and writes `select_options.json`. - -## Architecture: how flows use Python scripts - -The `docker_stack_inventory_scan` flow does **not** bundle the Python script inline. Instead, it clones this Git repo at runtime via `io.kestra.plugin.git.Clone` inside a `WorkingDirectory` task, then finds and runs `build_select_options.py` dynamically using `find`. This means: -- Changes to `.py` files take effect on the next flow run without redeploying the flow -- The flow variable `git_repo_url` and `git_branch` control which repo/branch is used - -## Kestra secrets - -Secrets are referenced in flows as `{{ secret('SECRET_NAME') }}`. For Kestra OSS, secrets must be stored base64-encoded in `.env` with the `SECRET_` prefix: - -```bash -# Encode a value -echo -n "my-secret-value" | base64 -w 0 - -# Encode an SSH private key -base64 -w 0 ~/.ssh/id_ed25519 -``` - -Then in `.env`: -```env -SECRET_SSH_PRIVATE_KEY=base64_encoded_value -``` - -## KV-Store data format - -The `docker_stack_inventory_scan` flow writes to the KV key `docker_stack_select_options`. Each entry is a semicolon-delimited string: - -``` -hostname;ip-address;ssh-user;/path/to/compose-dir -``` - -The `docker_hosts` variable in the flow uses the same `hostname;ip-address` format. - -## Flow namespaces - -All flows use the `homelab.docker` namespace. - -## Compose file discovery - -The SSH scan uses `find -maxdepth 2` under `base_dir`. Compose files must be named exactly `compose.yml`, `compose.yaml`, `docker-compose.yml`, or `docker-compose.yaml` and located at most 2 levels deep to be detected.