66caa0bf7f
Completes v0.1: documentation, build/install path, and version stamping. - cli/VERSION (v0.1.0) stamped into the binary via ldflags. - cli/README.md rewritten as the homelab overview (verbs + tiers, manifest, build, the preserved legacy webhook use-cases). - docs/adr/0004-0006: why homelab exists (grown in place from infra/cli, not a separate repo), v0.1 scope + everything-allowed/tiers-recorded, and the work/tf behaviour (native worktree entry, verification-gated auto-land, presence-coupled apply). - setup-devvm.sh builds cli/ -> /usr/local/bin/homelab each provisioning run (t3-dispatch pattern), so every devvm user gets the current binary. - AGENTS.md: discovery pointer under Common Operations. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
1.2 KiB
homelab v0.1 scope: the infra inner-loop; everything allowed, tiers recorded
v0.1 ships only the highest-volume surface — the infra inner-loop: work
(worktree lifecycle), tf (terragrunt via scripts/tg + fmt/validate/
force-unlock), and claim/release (presence) — because it is ~29% of all mined
commands and where agents lose the most time and leak the most presence claims.
v0.1 enforces no homelab-level permission gating: everything is allowed,
relying on existing gates (harness permission mode, presence claims, plan
approval). But every verb records a read|write tier (visible in manifest), so
a PreToolUse classifier hook (auto-allow reads / prompt writes) can be added
later with zero restructuring.
Considered options
- Reads-first vertical slice (top read verb per domain) — lower risk, broad value, but defers the toil that motivated the project.
- One domain deep (k8s) — cleanest template, narrow day-one value.
We chose the highest-volume-but-write-heavy infra loop deliberately, accepting the extra complexity (worktree lifecycle, git-crypt flag injection, presence coupling, branch-protection PR fallback) for the biggest immediate toil reduction. k8s/node/secret/net/ci verb-groups are deferred to later versions.