|
| 1 | +# Agent Instructions for confkit |
| 2 | + |
| 3 | +confkit is a Go library for **typed, validated configuration loading** from multiple sources (YAML, JSON, TOML, environment variables, Kubernetes, Vault, Consul, etcd, AWS SSM, AWS Secrets Manager). |
| 4 | + |
| 5 | +## Project Intent |
| 6 | + |
| 7 | +Use confkit when Go services need: |
| 8 | + |
| 9 | +- **Type-safe config** via `Load[T]` generics (no `GetString()` accessors) |
| 10 | +- **Validation at startup** (fail fast with clear error messages) |
| 11 | +- **Automatic secret redaction** (fields tagged `secret:"true"` are never exposed in errors or logs) |
| 12 | +- **Multiple sources** with explicit precedence (YAML → env vars → CLI flags) |
| 13 | +- **Optional enterprise integrations** (Vault, Consul, etcd, AWS) without bloating the core package |
| 14 | +- **Hot reload** support for config changes without restart |
| 15 | + |
| 16 | +## Project Structure |
| 17 | + |
| 18 | +``` |
| 19 | +confkit/ |
| 20 | +├── load.go # Load[T], LoadWithOptions[T], LoadWithWatcher[T] |
| 21 | +├── field_info.go # FieldInfo type and struct tag scanning |
| 22 | +├── parser.go # Type parsing (int, float, bool, duration, etc.) |
| 23 | +├── sources.go # Source interface |
| 24 | +├── env_source.go # FromEnv() |
| 25 | +├── yaml_source.go # FromYAML(path) |
| 26 | +├── json_source.go # FromJSON(path) |
| 27 | +├── toml_source.go # FromTOML(path) |
| 28 | +├── flags_source.go # FromFlags() |
| 29 | +├── validation.go # Built-in validators (required, min, max, oneof) |
| 30 | +├── errors.go # ErrorReport with field-level errors and redaction |
| 31 | +├── options.go # Functional options (WithSource, WithValidator, etc.) |
| 32 | +├── interpolation.go # String interpolation ${VAR} |
| 33 | +├── watcher.go # Hot reload / file watching |
| 34 | +├── observability.go # Config dump, metrics |
| 35 | +├── k8s_source.go # Kubernetes ConfigMap/Secret |
| 36 | +├── vault/ # HashiCorp Vault (separate module) |
| 37 | +├── consul/ # HashiCorp Consul KV (separate module) |
| 38 | +├── etcd/ # etcd v3 (separate module) |
| 39 | +├── aws/ # AWS SSM + Secrets Manager (separate module) |
| 40 | +└── examples/ # Runnable examples for each feature |
| 41 | +``` |
| 42 | + |
| 43 | +## Important Commands |
| 44 | + |
| 45 | +**Run tests:** |
| 46 | +```bash |
| 47 | +go test ./... |
| 48 | +go test -cover ./... |
| 49 | +``` |
| 50 | + |
| 51 | +**Format code:** |
| 52 | +```bash |
| 53 | +gofmt -w . |
| 54 | +``` |
| 55 | + |
| 56 | +**Check module health:** |
| 57 | +```bash |
| 58 | +go mod tidy |
| 59 | +go test ./... |
| 60 | +``` |
| 61 | + |
| 62 | +**Run linter:** |
| 63 | +```bash |
| 64 | +golangci-lint run |
| 65 | +``` |
| 66 | + |
| 67 | +## Code Style & Principles |
| 68 | + |
| 69 | +- **Core is iron:** The five core pieces (loading, defaulting, validation, errors, types) must be rock solid. Don't add experimental features to core. |
| 70 | +- **Keep core lightweight:** Only depend on `gopkg.in/yaml.v3` and `github.com/pelletier/go-toml/v2` in the main package. |
| 71 | +- **Cloud SDKs belong in submodules:** Vault, Consul, etcd, AWS, Kubernetes integrations go in optional `confkit/vault`, `confkit/consul`, etc. |
| 72 | +- **Preserve clear error messages:** This is the killer feature. Error messages must identify: field name, rule that failed, actual value (redacted if secret), and source. |
| 73 | +- **Never expose secret-tagged fields:** Any field with `secret:"true"` must be redacted in errors, dumps, logs, and anywhere else. |
| 74 | +- **No global state:** Validators and middleware are registered per Load[T] call, never globally. |
| 75 | + |
| 76 | +## Public API Stability |
| 77 | + |
| 78 | +Be very careful when modifying these (breaking changes require major version bump): |
| 79 | + |
| 80 | +- `Load[T](...Source) (T, error)` |
| 81 | +- `LoadWithOptions[T](...Option) (T, error)` |
| 82 | +- `LoadWithWatcher[T](filePath string, ...Source) (T, *ConfigWatcher, error)` |
| 83 | +- `Explain(err error) string` |
| 84 | +- `Source` interface (`Name()`, `Lookup(*FieldInfo)`) |
| 85 | +- `FieldInfo` type |
| 86 | +- Validation tag semantics (`required`, `min`, `max`, `oneof`) |
| 87 | +- Secret redaction behavior (fields tagged `secret:"true"` must always be redacted) |
| 88 | + |
| 89 | +Internal types like `ErrorReport`, `FieldError` can be modified with better backwards-compat. |
| 90 | + |
| 91 | +## Documentation Updates |
| 92 | + |
| 93 | +When changing public behavior: |
| 94 | + |
| 95 | +1. Update `README.md` with examples and explanations |
| 96 | +2. Update `docs/` (on GitHub Pages) with guides and tutorials |
| 97 | +3. Update `llms.txt` with new API functions or tag semantics |
| 98 | +4. Add/update examples in `examples/` folder |
| 99 | +5. Update relevant iteration doc in `Docs/` (e.g., `Docs/03-iteration-v03.md`) |
| 100 | + |
| 101 | +## Testing Guidelines |
| 102 | + |
| 103 | +- **Unit tests:** Each source, parser, and validator tested independently |
| 104 | +- **Integration tests:** Multiple sources, precedence, nested structs, full workflows |
| 105 | +- **Example tests:** Every documented example must run and produce expected output |
| 106 | +- **Coverage target:** 80%+ on core logic |
| 107 | + |
| 108 | +Write table-driven tests for validators and type parsing. |
| 109 | + |
| 110 | +## Release Process |
| 111 | + |
| 112 | +1. Bump version in `go.mod` (follows semantic versioning) |
| 113 | +2. Update `CHANGELOG.md` with summary of changes |
| 114 | +3. Create git tag: `git tag v0.X.Y` |
| 115 | +4. Push tag: `git push origin v0.X.Y` |
| 116 | +5. GitHub Actions builds and publishes release notes automatically |
| 117 | + |
| 118 | +## LLM & AI Agent Patterns |
| 119 | + |
| 120 | +confkit is well-suited for Go services that use LLMs: |
| 121 | + |
| 122 | +**Pattern 1: LLM API client config** |
| 123 | +```go |
| 124 | +type LLMConfig struct { |
| 125 | + Provider string `env:"LLM_PROVIDER" validate:"oneof=claude,openai,anthropic"` |
| 126 | + APIKey string `env:"LLM_API_KEY" secret:"true" validate:"required"` |
| 127 | + Model string `env:"LLM_MODEL" default:"claude-3-5-sonnet"` |
| 128 | + Temperature float64 `env:"LLM_TEMPERATURE" default:"0.7" validate:"min=0,max=1"` |
| 129 | + MaxTokens int `env:"LLM_MAX_TOKENS" default:"4096"` |
| 130 | +} |
| 131 | + |
| 132 | +cfg, err := confkit.Load[LLMConfig](confkit.FromEnv()) |
| 133 | +``` |
| 134 | + |
| 135 | +**Pattern 2: Multi-model configuration** |
| 136 | +```go |
| 137 | +type Config struct { |
| 138 | + Primary LLMConfig |
| 139 | + Fallback LLMConfig |
| 140 | + CacheTTL time.Duration `env:"CACHE_TTL" default:"1h"` |
| 141 | +} |
| 142 | + |
| 143 | +cfg, err := confkit.Load[Config]( |
| 144 | + confkit.FromYAML("llm-config.yaml"), |
| 145 | + confkit.FromEnv(), |
| 146 | +) |
| 147 | +``` |
| 148 | + |
| 149 | +**Pattern 3: Hot reload for prompt templates or LLM parameters** |
| 150 | +```go |
| 151 | +cfg, watcher, err := confkit.LoadWithWatcher[Config]( |
| 152 | + "llm-config.yaml", |
| 153 | + confkit.FromYAML("llm-config.yaml"), |
| 154 | +) |
| 155 | + |
| 156 | +go func() { |
| 157 | + for newCfg := range watcher.Changes() { |
| 158 | + // Update LLM client with new parameters |
| 159 | + updateLLMClient(newCfg) |
| 160 | + } |
| 161 | +}() |
| 162 | +``` |
| 163 | + |
| 164 | +## Questions for Agent Implementation? |
| 165 | + |
| 166 | +- How to add a new source type? → Implement `Source` interface, look at `env_source.go` as reference |
| 167 | +- How to add custom validation? → Use `confkit.WithValidator("name", func(v reflect.Value) error { ... })` |
| 168 | +- How to handle secrets safely? → Tag with `secret:"true"` and use `confkit.Explain()` for errors |
| 169 | +- How to support nested config? → Use nested struct fields; optional `prefix` tag for env prefix |
| 170 | +- How to debug config loading? → Call `confkit.Explain(err)` for human-readable errors |
| 171 | + |
| 172 | +## Key Files to Reference |
| 173 | + |
| 174 | +- `llms.txt` — LLM-readable API summary (this file is served at `https://mimojanra.github.io/confkit/llms.txt`) |
| 175 | +- `README.md` — Project overview, quick start, examples |
| 176 | +- `SECURITY.md` — Vulnerability reporting, security best practices |
| 177 | +- `docs/` — Full documentation (Getting Started, API Reference, Examples) |
| 178 | +- `Docs/01-iteration-v01-mvp.md` — v0.1 specification and design decisions |
| 179 | +- `CONTRIBUTING.md` — Contribution guidelines |
0 commit comments