Skip to content

chore: post-go-live hardening (CODEOWNERS, release checklist) #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ASGCompute merged 1 commit into from
Feb 1, 2026
Merged

chore: post-go-live hardening (CODEOWNERS, release checklist) #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 26 additions & 0 deletions .github/CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,26 @@
# Public Documentation Ownership
# Changes to these paths require review from designated owners

# OpenAPI specification - security-sensitive
/openapi/* @ASGCompute/security @ASGCompute/cto

# Security documentation
/security/* @ASGCompute/security

# Billing and payments documentation
/billing/* @ASGCompute/cto @ASGCompute/billing

# Authentication documentation
/auth/* @ASGCompute/security @ASGCompute/cto

# API reference pages
/api/* @ASGCompute/cto

# CI/CD workflows
/.github/ @ASGCompute/cto @ASGCompute/security

# Mintlify configuration
mint.json @ASGCompute/cto

# Leak banlist - critical for white-label compliance
.leak-banlist.txt @ASGCompute/security @ASGCompute/cto
Comment on lines +4 to +26
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Feb 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

# Check top-level directory structure
ls -la

# Find all directories matching the patterns mentioned in CODEOWNERS
fd -t d '(openapi|security|auth|billing|api|docs)' -x echo {} \;

# Check if mint.json exists at root
test -f mint.json && echo "mint.json exists at root" || echo "mint.json not found at root"

# Check if .leak-banlist.txt exists
test -f .leak-banlist.txt && echo ".leak-banlist.txt exists at root" || echo ".leak-banlist.txt not found at root"

Repository: ASGCompute/asg-docs-public

Length of output: 1385

Remove or create the /auth/* CODEOWNERS rule to match actual directory structure.

The paths in CODEOWNERS are already correctly positioned at the repository root—/openapi/, /security/, /billing/, and /api/ all exist and don't need a docs/ prefix. However, the rule /auth/* @ASGCompute/security @ASGCompute/cto`` references a non-existent directory. Either remove this rule or create the missing /auth/ directory.

🤖 Prompt for AI Agents 
In @.github/CODEOWNERS around lines 4 - 26, The CODEOWNERS file contains a rule
"/auth/*" that points to a non-existent directory; either delete the "/auth/*   
`@ASGCompute/security` `@ASGCompute/cto`" entry from the CODEOWNERS file (ensuring
other entries like /openapi/*, /security/*, /billing/*, /api/* remain unchanged)
or create the missing "/auth/" directory with the intended files so the rule
points to actual paths; after making the change, run a quick repo check (e.g.,
git status) and commit the update to ensure CODEOWNERS reflects the real
repository structure.

67 changes: 67 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
# ASG Agent Cloud - Public Documentation

> **Live Site:** <https://docs.asgcompute.com>

## Quick Start

```bash
# Install dependencies
npm install

# Start local dev server
npm run dev

# Run all CI checks locally
npm run lint && npm run check:links && npm run check:leaks
```

## Making Changes

1. Create a branch from `main`
2. Make your changes
3. Run local checks: `npm run lint && npm run check:links && npm run check:leaks`
4. Open a PR
5. Wait for CI to pass + required reviews
6. Merge to `main` → auto-deploys to Mintlify

## Required Reviews

See [CODEOWNERS](.github/CODEOWNERS) for path-specific requirements.

**Always required for:**

- OpenAPI spec changes
- Security documentation
- Billing documentation
- CI/CD workflow changes

## Release Checklist

Before merging, complete the [Release Checklist](RELEASE_CHECKLIST.md).

## Structure

```
docs/
├── mint.json # Mintlify configuration
├── openapi/ # OpenAPI specifications
│ └── public.openapi.yaml
├── quickstart/ # Getting started guides
├── concepts/ # Core concepts
├── auth/ # Authentication docs
├── billing/ # Payments & receipts
├── api/ # API reference
├── errors/ # Error handling
├── security/ # Security best practices
└── .github/
├── CODEOWNERS
└── workflows/
├── docs-ci.yml
├── white-label-scan.yml
└── secret-scan.yml
```

## Support

- **Internal:** #docs-eng Slack channel
- **Issues:** Open a GitHub issue in this repo
Comment on lines +66 to +67
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Feb 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Capitalize “GitHub” consistently.
If this line uses “Github” elsewhere in the README, please standardize to “GitHub” for correctness.

🤖 Prompt for AI Agents 
In `@README.md` around lines 66 - 67, Update the README to use the correct
capitalization "GitHub" everywhere instead of any occurrences of "Github"
(search for the literal string "Github" and replace with "GitHub"), including
the line that currently reads "- **Issues:** Open a GitHub issue in this repo"
to ensure consistent spelling across the document.

68 changes: 68 additions & 0 deletions RELEASE_CHECKLIST.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
# Docs Release Checklist

Use this checklist before merging any documentation changes to `main`.

## Pre-Merge Checklist

### Content Quality

- [ ] Spelling and grammar checked
- [ ] Code examples tested and working
- [ ] Links validated (internal and external)
- [ ] Screenshots up-to-date (if applicable)

### API Changes

- [ ] OpenAPI spec (`openapi/public.openapi.yaml`) updated if API changed
- [ ] Error codes documented in `/errors` section
- [ ] Breaking changes clearly marked with warnings
Comment on lines +16 to +18
Copy link
Copy Markdown

@coderabbitai coderabbitai bot Feb 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟡 Minor

Align OpenAPI path with repo structure.
Checklist points to openapi/public.openapi.yaml, but the README structure shows docs/openapi/public.openapi.yaml. Please align the path to avoid review-time confusion.

🤖 Prompt for AI Agents 
In `@RELEASE_CHECKLIST.md` around lines 16 - 18, Update the OpenAPI path in the
release checklist by replacing the incorrect reference
"openapi/public.openapi.yaml" with the repository's actual path
"docs/openapi/public.openapi.yaml" so the checklist entry matches the README and
repo layout; edit the RELEASE_CHECKLIST.md line containing the checklist item to
use the corrected path.


### Security & Compliance

- [ ] White-label scan passed (no vendor leaks)
- [ ] Secret scan passed (no keys, tokens, internal URLs)
- [ ] No internal architecture details exposed
- [ ] No internal URLs or IP addresses

### Navigation & Discovery

- [ ] New pages added to `mint.json` navigation
- [ ] Page has appropriate frontmatter (title, description)
- [ ] Canonical URLs correct

### Changelog

- [ ] `CHANGELOG.md` updated for user-facing changes
- [ ] Version bump if significant changes

## Post-Merge Verification

- [ ] Mintlify build succeeded
- [ ] Pages render correctly on production
- [ ] No 404s on new/moved pages
- [ ] Search index includes new content (~5 min delay)

---

## Quick Commands

```bash
# Run all checks locally
npm run lint && npm run check:links && npm run check:leaks

# Preview locally
npm run dev

# Validate OpenAPI
npm run lint:openapi
```

---

## Escalation

If a security issue is found in production docs:

1. **Immediately** remove sensitive content via direct push (bypass PR)
2. Notify security team in #security-incidents
3. Create post-mortem issue