Add AGENTS.md file

[yashvardhannanavati]

Refers to CLOUDDST-32523

Summary by Sourcery

Add a concise AGENTS.md guide describing the IIB service architecture, workflows, and pitfalls, and enforce a CI check that limits the file to 60 lines.

CI:

• Add a GitHub Actions workflow that verifies AGENTS.md does not exceed 60 lines on pull requests.

Documentation:

• Introduce AGENTS.md outlining IIB purpose, components, key modules, testing instructions, and common pitfalls for contributors.

[sourcery-ai]

Reviewer's Guide

Adds an AGENTS.md architecture/usage guide for the IIB service and introduces a GitHub Actions check to enforce that the file stays within 60 lines.

Sequence diagram for IIB build request lifecycle from AGENTS.md

sequenceDiagram
  actor User
  participant IIB_API
  participant Postgres
  participant RabbitMQ
  participant Worker
  participant Quay
  participant ImageStream
  participant GitRepo
  participant KonfluxPipeline
  participant S3
  participant LocalFS

  User->>IIB_API: POST /builds/<type>
  IIB_API->>Postgres: Insert Request row
  IIB_API->>RabbitMQ: Enqueue Celery task
  IIB_API-->>User: 202 Accepted with Request id

  RabbitMQ-->>Worker: Deliver task
  Worker->>IIB_API: Update Request state via api_utils

  Worker->>ImageStream: Check cached index.db digest
  alt cache_miss_or_digest_changed
    Worker->>Quay: Pull index.db via ORAS
    Worker->>ImageStream: Store index.db at /var/index_db
  end

  Worker->>GitRepo: Commit FBC config changes
  Worker->>KonfluxPipeline: Trigger build pipeline
  Worker->>KonfluxPipeline: wait_for_pipeline_completion

  alt pipeline_success
    Worker->>Quay: Optional push updated index.db (overwrite_from_index_token)
    Worker->>IIB_API: Mark Request complete
  else pipeline_or_push_failure
    Worker->>GitRepo: Revert commit
    Worker->>IIB_API: Mark Request failed
  end

  Worker->>LocalFS: Write request log file
  Worker->>S3: Upload log if configured

Loading

Flow diagram for AGENTS.md line count GitHub Action

flowchart TD
  PR[Pull_request opened or updated] --> CheckPaths{AGENTS.md modified?}

  CheckPaths -- No --> End[Skip workflow]
  CheckPaths -- Yes --> Job[check-line-count job]

  Job --> Checkout[Step: actions/checkout@v6]
  Checkout --> CountLines[Step: shell script wc -l AGENTS.md]
  CountLines --> Decision{line_count <= 60?}

  Decision -- Yes --> Pass[Job succeeds]
  Decision -- No --> Fail[Job fails with error]

Loading

File-Level Changes

Change	Details	Files
Introduce AGENTS.md as a concise engineering guide for the IIB (Index Image Builder) service, covering purpose, architecture, workflows, testing, and pitfalls.	Describe IIB’s API/worker architecture, main request types, and how they map to Flask endpoints and Celery tasks. Document build and local development setup, including Docker/Konflux entry points and environment-based Flask configuration. Summarize testing strategy with tox targets, directory layout, and expectations for adding tests and validating changes locally. Highlight key design choices such as atomic requests, Konflux-based image builds, S3/logging behavior, index.db caching, typing strategy, and unprivileged containers. Call out common pitfalls and invariants around Konflux/git behavior, index.db location, idempotency, migrations, API/worker signatures, and legacy worker handlers.	AGENTS.md
Add CI enforcement to keep AGENTS.md small and focused.	Create a GitHub Actions workflow that runs on pull requests touching AGENTS.md. Check AGENTS.md line count during CI and fail the job if it exceeds 60 lines, emitting a clear error message.	.github/workflows/check_agents_md.yml

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[qodo-code-review]

Review Summary by Qodo

Add AGENTS.md documentation and CI validation workflow

📝 Documentation ✨ Enhancement

Walkthroughs

Description

• Add comprehensive AGENTS.md documentation for IIB project
• Document architecture, build process, testing, and design choices
• Add CI workflow to enforce 60-line limit on AGENTS.md file

Diagram

flowchart LR
  A["New AGENTS.md<br/>Documentation"] -->|"Describes"| B["IIB Architecture<br/>& Components"]
  A -->|"Guides"| C["Build, Test,<br/>& Deployment"]
  A -->|"Highlights"| D["Design Choices<br/>& Pitfalls"]
  E["CI Workflow<br/>check_agents_md.yml"] -->|"Validates"| A
  E -->|"Enforces"| F["60-line Limit"]

Loading

File Changes

1. AGENTS.md 📝 Documentation +58/-0

Comprehensive IIB project documentation and context

• Create comprehensive agent context documentation for IIB project
• Document REST API service purpose, architecture, and components
• Include build instructions, testing procedures, and development setup
• List key design choices, pitfalls, and important modules

AGENTS.md

---

2. .github/workflows/check_agents_md.yml ⚙️ Configuration changes +21/-0

CI workflow for AGENTS.md line count validation

• Create GitHub Actions workflow to validate AGENTS.md line count
• Enforce 60-line maximum limit on AGENTS.md file
• Trigger validation on pull requests modifying AGENTS.md
• Fail CI with error message if limit is exceeded

.github/workflows/check_agents_md.yml

---

[qodo-code-review]

Code Review by Qodo

🐞 Bugs (2) 📘 Rule violations (1)

1. Check bypassed on push 🐞 Bug ☼ Reliability

Description

The new workflow only triggers on pull_request events, so the 60-line limit is not enforced for
direct pushes/merge commits to main/master. This makes the intended guardrail incomplete and
allows AGENTS.md to exceed 60 lines without CI failure on the branch tip.

Code

.github/workflows/check_agents_md.yml[R4-8]

+on:
+  pull_request:
+    paths:
+      - "AGENTS.md"
+

Evidence

The new workflow is limited to PR events only, while the repo already runs CI on pushes to
main/master (so push-based enforcement is expected/used). Without a push trigger, the constraint can
be bypassed outside the PR event path.

.github/workflows/check_agents_md.yml[4-8]
.github/workflows/run_tox.yml[4-11]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
The `check_agents_md.yml` workflow only runs on `pull_request`, so the 60-line constraint is not enforced on `push` to protected branches (e.g., via direct pushes or merge commits).

### Issue Context
This repository already runs workflows on `push` to `main`/`master` (e.g., `run_tox.yml`). To enforce the AGENTS.md governance consistently, this workflow should also run on pushes to those branches (optionally with the same `paths` filter).

### Fix Focus Areas
- .github/workflows/check_agents_md.yml[4-8]
- .github/workflows/run_tox.yml[4-11]

### Suggested change
Add:
- `push:` trigger for `main` and `master` (and keep the `paths: [AGENTS.md]` filter).
Optionally also include `workflow_dispatch:` for manual validation.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. actions/checkout@v6 may break 📘 Rule violation ☼ Reliability

Description

The new GitHub Actions workflow references actions/checkout@v6, which may not be a valid/supported
major version and can cause the PR check to fail at runtime. If this job fails, it undermines the
requirement that repo checks remain passing.

Code

.github/workflows/check_agents_md.yml[13]

+      - uses: actions/checkout@v6

Evidence

PR Compliance ID 2 requires changes not introduce failing checks; the added workflow step uses
actions/checkout@v6, which is likely invalid and would fail the new workflow when it runs on PRs
touching AGENTS.md.

AGENTS.md
.github/workflows/check_agents_md.yml[13-13]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The workflow references `actions/checkout@v6`, which may not exist/supported and can cause the workflow to fail.

## Issue Context
This workflow runs on PRs that modify `AGENTS.md`, so a broken checkout step can break required PR checks and violate the expectation that checks remain passing.

## Fix Focus Areas
- .github/workflows/check_agents_md.yml[13-13]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. Missing file unclear failure 🐞 Bug ⚙ Maintainability

Description

If a PR deletes AGENTS.md, the workflow will run but wc -l < AGENTS.md fails with a generic
shell error rather than a clear ::error:: annotation. This makes the failure mode harder to
understand and debug for contributors.

Code

.github/workflows/check_agents_md.yml[R15-20]

+        run: |
+          line_count=$(wc -l < AGENTS.md)
+          echo "AGENTS.md has ${line_count} lines"
+          if [ "${line_count}" -gt 60 ]; then
+            echo "::error::AGENTS.md has ${line_count} lines, which exceeds the 60-line limit"
+            exit 1

Evidence

The script reads AGENTS.md unconditionally; when the file is absent, bash input redirection fails
before the custom ::error:: path is reached, resulting in a non-actionable error message in CI
logs.

.github/workflows/check_agents_md.yml[15-20]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

### Issue description
`wc -l < AGENTS.md` will fail with a generic shell error if `AGENTS.md` is deleted or missing in a PR, producing a less actionable CI failure.

### Issue Context
The workflow already uses `::error::` for the line-count violation, but not for the missing-file case.

### Fix Focus Areas
- .github/workflows/check_agents_md.yml[15-20]

### Suggested change
Before computing `line_count`, add an explicit existence check, e.g.:
```bash
if [ ! -f AGENTS.md ]; then
 echo "::error::AGENTS.md not found (file was deleted or missing)"
 exit 1
fi
```
Then proceed with the line-count logic.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• The workflow references actions/checkout@v6, but the latest published major version is v4; update this to a valid, pinned major (e.g. actions/checkout@v4) to avoid workflow failures.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- The workflow references `actions/checkout@v6`, but the latest published major version is `v4`; update this to a valid, pinned major (e.g. `actions/checkout@v4`) to avoid workflow failures.

## Individual Comments

### Comment 1
<location path=".github/workflows/check_agents_md.yml" line_range="13" />
<code_context>
+  check-line-count:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v6
+      - name: Verify AGENTS.md is at most 60 lines
+        run: |
</code_context>
<issue_to_address>
**🚨 suggestion (security):** Pin the checkout action to a specific commit SHA for better supply-chain security.

Using a floating tag like `@v6` means the workflow will automatically pull future changes to `actions/checkout`, which is a supply-chain risk. Please pin to a specific commit SHA (optionally with a comment indicating the version) to keep builds deterministic and harden security.

```suggestion
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.1.7
```
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}