3b6a5c6737
Viktor asked that every feature task be developed in its own git worktree and merged into master when done, enabling multiple agents to work the same project concurrently. Encode the org rule in the managed claudeMd (self-deploys to /etc via the hourly reconcile), add the worktree-first paragraph to the AGENTS.md non-admin landing recipe, and gitignore .worktrees/ so per-feature worktrees can live at the repo root. Full lifecycle: ~/.claude/rules/execution.md §3. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
108 lines
2.3 KiB
Text
Executable file
108 lines
2.3 KiB
Text
Executable file
|
|
# Created by https://www.toptal.com/developers/gitignore/api/terraform
|
|
# Edit at https://www.toptal.com/developers/gitignore?templates=terraform
|
|
|
|
### Terraform ###
|
|
# Local .terraform directories
|
|
**/.terraform/*
|
|
|
|
# .tfstate files
|
|
*.tfstate
|
|
*.tfstate.backup
|
|
|
|
# Crash log files
|
|
crash.log
|
|
|
|
# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
|
|
# .tfvars files are managed as part of configuration and so should be included in
|
|
# version control.
|
|
#
|
|
# example.tfvars
|
|
#*.tfvars
|
|
|
|
# Ignore override files as they are usually used to override resources locally and so
|
|
# are not checked in
|
|
override.tf
|
|
override.tf.json
|
|
*_override.tf
|
|
*_override.tf.json
|
|
|
|
# Include override files you do wish to add to version control using negated pattern
|
|
# !example_override.tf
|
|
|
|
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
|
|
# example: *tfplan*
|
|
|
|
git_crypt.key
|
|
|
|
# SOPS — decrypted secrets (temporary, never commit)
|
|
/secrets.auto.tfvars.json
|
|
/secrets.auto.tfvars.json.*
|
|
|
|
# Claude Code - temporary/sensitive files
|
|
.claude/cmd_input.txt
|
|
.claude/cmd_output.txt
|
|
.claude/cmd_status.txt
|
|
.claude/settings.local.json
|
|
.claude/._*
|
|
|
|
._*
|
|
|
|
# Terragrunt
|
|
.terragrunt-cache/
|
|
|
|
# Terraform state — plaintext is ignored, encrypted is committed
|
|
state/stacks/*/terraform.tfstate
|
|
state/stacks/*/terraform.tfstate.backup
|
|
state/stacks/*/*.backup
|
|
state/backups/
|
|
state/terraform.tfstate
|
|
state/infra/
|
|
# Allow encrypted state
|
|
!state/stacks/*/terraform.tfstate.enc
|
|
|
|
# Terragrunt-generated files (providers, backend config)
|
|
backend.tf
|
|
providers.tf
|
|
.terraform.lock.hcl
|
|
cloudflare_provider.tf
|
|
tiers.tf
|
|
stacks/*/cloudflare_provider.tf
|
|
stacks/*/tiers.tf
|
|
stacks/*/terragrunt_rendered.json
|
|
|
|
# Kubernetes config (sensitive)
|
|
config
|
|
|
|
# Node.js (not part of infra)
|
|
node_modules/
|
|
package-lock.json
|
|
package.json
|
|
|
|
# Archived - secrets now in SOPS (secrets.auto.tfvars.json)
|
|
terraform.tfvars
|
|
|
|
# Beads / Dolt files (added by bd init)
|
|
.dolt/
|
|
*.db
|
|
.beads-credential-key
|
|
|
|
# Build artifacts — binaries should be built by CI, not committed
|
|
cli/cli
|
|
cli/infra_cli
|
|
stacks/terminal/clipboard-upload/clipboard-upload
|
|
*.zip
|
|
*.tar.gz
|
|
*.tgz
|
|
*.iso
|
|
*.img
|
|
*.bin
|
|
*.exe
|
|
*.dmg
|
|
|
|
# Plaintext terraform state — NEVER commit (use SOPS-encrypted .tfstate.enc only)
|
|
terraform.tfstate
|
|
terraform.tfstate.backup
|
|
|
|
# Per-feature git worktrees (worktree-first workflow — execution.md §3)
|
|
.worktrees/
|