Skip to content

docs: purge OpenShift-era framing from AGENTS #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
xnoto merged 1 commit into from
Apr 30, 2026
Merged

docs: purge OpenShift-era framing from AGENTS #5

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 9 additions & 10 deletions AGENTS.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,8 +14,8 @@ Agents are authorized to push directly to `main` in this repository.

Reusable workflow for OpenTofu/Terraform root module repositories (`tfroot-*`). It:

1. Fetches canonical pre-commit config from `makeitworkcloud/images` repo
2. Runs pre-commit tests using the `tfroot-runner` container image
1. Fetches the canonical pre-commit config from `makeitworkcloud/images`
2. Runs pre-commit on the `arc-tf` runner pod (which is itself the `tfroot-runner` image — no nested `container:` block)
3. Posts plan output as PR comments
4. Applies on merge to main

Expand All @@ -25,20 +25,19 @@ Reusable workflow for OpenTofu/Terraform root module repositories (`tfroot-*`).

| Input | Default | Description |
|-------|---------|-------------|
| `runs-on` | `ubuntu-latest` | Runner label |
| `container` | `ghcr.io/makeitworkcloud/tfroot-runner:latest` | Container image |
| `setup-ssh` | `false` | Whether to setup SSH keys |
| `environment` | `production` | Environment for apply job |
| `runs-on` | `arc-tf` | Runner label — the in-cluster ARC scale set whose pods run the tfroot-runner image |
| `setup-ssh` | `false` | Provision an SSH key + known_hosts for libvirt-style root modules |
| `environment` | `production` | Environment for the apply job |

**Note:** `tfroot-libvirt` overrides `container` to use the internal OpenShift registry because it requires SSH access to libvirt hosts from a self-hosted runner.
There is no `container` input. The `arc-tf` runner pod IS the image, so adding `container:` on top would nest a container inside a container — don't do it.

## Failure Modes

### "manifest unknown" or image pull failures

The `tfroot-runner` image doesn't exist yet. Check:
1. Did the `images` repo Build workflow succeed?
2. Did the `images` repo Pull workflow import to OpenShift? (check logs for actual metadata, not "Unable to connect" errors)
The `tfroot-runner` image is missing or the tag is wrong. Check:
1. Did the `images` repo `buildah` workflow succeed for the latest commit?
2. Is the runner template image tag in `kustomize-cluster/workloads/arc/arc-tf-application.yaml` resolvable on GHCR (`ghcr.io/makeitworkcloud/tfroot-runner:latest`)?

### Pre-commit hook failures

Expand Down
Loading