mirror of
https://github.com/fleetdm/fleet
synced 2026-04-21 13:37:30 +00:00
86d4162f1d
## Summary
- Adds a comprehensive `.claude/` configuration that gives every
engineer Fleet-aware AI assistance out of the box — no MCP servers,
plugins, or external dependencies required
- Converts legacy `.claude/commands/` to skills with YAML frontmatter,
adds new skills, agents, rules, and hooks
- Adds ~2,500 tokens at startup; rules, skill bodies, and agent bodies
load on demand
## What's included
**6 rules** (auto-apply by file path):
- Go backend, frontend, database, API endpoints, and Orbit agent
conventions
- Covers: ctxerr errors, banned imports, `fleethttp.NewClient()`,
`new(expression)` over legacy `server/ptr`, bounded contexts
(`server/activity/`, `server/mdm/`), transaction safety (no
`ds.reader`/`ds.writer` inside tx), terminology (fleets/reports), React
Query, BEM, permissions utilities, and more
**12 skills** (invoke with `/`):
- `/review-pr`, `/fix-ci`, `/test`, `/find-related-tests`, `/lint` —
review and testing workflows
- `/new-endpoint`, `/new-migration`, `/update-data-dictionary` —
scaffolding and maintenance
- `/fleet-gitops`, `/spec-story`, `/project` — planning and
configuration workflows.
- `/project` includes a minimal self-improvement mechanism. Claude adds
discoveries and gotchas to the workstream context as you work, so each
session starts with slightly richer context than the last.
**3 agents** (specialized reviewers):
- `go-reviewer` (sonnet, proactive) — Go conventions, ctxerr, auth,
testing
- `frontend-reviewer` (sonnet, proactive) — TypeScript, React Query,
BEM, accessibility
- `fleet-security-auditor` (opus, on-demand) — MDM, auth gaps,
injection, PII exposure
**4 hooks** (automated):
- PreToolUse guard blocking dangerous commands (`rm -rf`, `force push`,
`pipe-to-shell`)
- PostToolUse goimports on Go files (`**/*.go`)
- PostToolUse prettier on frontend files (`frontend/**`)
- PostToolUse `lint-on-save`: auto-fixes with `golangci-lint --fix` /
`eslint --fix`, then runs `make lint-go-incremental` and feeds remaining
violations back to Claude as context for self-correction
**Permissions** — pre-approves safe operations (`test`, `lint`, `build`,
`make`, `git` read, `gh` CLI) and blocks dangerous ones (`force push`,
`rm -rf`)
**README** — includes a Claude Code primer for engineers new to the
tool, full reference for all skills/agents/hooks/rules, customization
guide (how to override skills, agents, model, effort), and contributing
instructions
**DATA-DICTIONARY.md** — updated with 13 recent migrations (March 2026)
that were missing
## Not covered (future iterations)
- `android/` (Android app)
- `website/` (Sails.js marketing site)
- `ee/fleetd-chrome/` (Chrome extension)
- `ee/vulnerability-dashboard/` (legacy Sails dashboard)
- `third_party/` (forked external code)
- Documentation workflows (guides, API docs, handbook)
- Fleet-maintained apps (FMA catalog, packaging, `ee/maintained-apps/`)
- MDM-specific conventions beyond the Go backend rule
## How to test
Pull the `.claude/` folder into your working branch without switching:
```bash
git checkout origin/cc-setup-teamwide -- .claude/
claude --debug # start a session and work normally
git checkout -- .claude/ # revert when done
git clean -fd .claude/ # remove new files that weren't on your branch
```
Check the debug log at `~/.claude/debug/` for detailed hook and tool
execution traces.
Try `/test` on a recent change, `/lint` go to lint Go files, or ask
Claude to review your code and watch the `go-reviewer` agent kick in.
### Test plan
- [x] Start a new Claude Code session in the Fleet project and run
`/context` to verify loading
- [x] Type `/` and confirm all 12 skills appear
- [x] Run `/test` on a small package
- [x] Edit a `.go` file and verify goimports runs automatically
- [x] Edit a `.go` file with a lint violation and verify `lint-on-save`
auto-fixes it
- [x] Edit a `.tsx` file and verify prettier runs automatically
- [x] Run a command like `echo test` and verify no permission prompt
(allowed by settings)
- [x] Verify `git diff` runs without prompt
- [x] Ask Claude to review code and check that the `go-reviewer` agent
is invoked
- [x] Verify skills
- [x] `/update-data-dictionary` correctly updates `DATA-DICTIONARY.md`
- [x] `/spec-story` fetches issue and follows the process defined in the
skill
- [x] `/project` detects memory directory and runs in a fork
- [x] `/review-pr` runs in fork, produces detailed review
- [x] `/lint go` detects changes and runs appropriate linters
- [x] `/lint frontend` detects changes and runs appropriate linters
- [x] `/lint full` runs all linters
- [x] `/test` detects changed packages and runs with correct env vars
- [x] `/test` runs frontend tests when frontend files changed
- [x] `/find-related-tests` outputs correct test files and go test
commands
- [x] `/fix-ci` with a real failing CI run URL
- [x] `/fleet-gitops` provides GitOps context and references
- [x] `/new-endpoint` scaffolds with correct Fleet patterns
- [x] `/new-migration` creates timestamped file + test file with correct
structure
- [x] Verify hooks
- [x] Verify agents
- [x] Verify rules
### Hooks test results
<img width="792" height="502" alt="Screenshot 2026-04-04 at 10 16 14 AM"
src="https://github.com/user-attachments/assets/ed066f65-1b79-4faa-a06f-3ce50837f055"
/>
<img width="811" height="693" alt="Screenshot 2026-04-06 at 8 49 28 AM"
src="https://github.com/user-attachments/assets/4513423e-d16c-40c1-a8d8-27f38a87acfd"
/>
<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit
* **Chores**
* Updated internal developer documentation and Claude Code configuration
for improved development workflows, including coding standards, security
guidelines, testing procedures, and automated code review/formatting
setup.
<!-- end of auto-generated comment: release notes by coderabbit.ai -->
|
||
|---|---|---|
| .. | ||
| fleet-security-auditor.md | ||
| frontend-reviewer.md | ||
| go-reviewer.md | ||