rmi-backend/.agentrules

55 lines
2.9 KiB
Text

# .agentrules — RMI Backend AI Agent Constraints
# Source of truth for AI agents operating on rmi-backend.
# Extends standards/GUARDRAILS.md with project-specific rules.
## Project: RMI Backend (FastAPI + SQLAlchemy + Celery + Redis)
## Repo: git.rugmunch.io/RugMunchMedia/rmi-backend
## Language: Python 3.11+
## Critical Project Rules
1. **Databus providers are domain-driven.** Do NOT add code to `app/domains/databus/` without understanding the `DataProvider` ABC pattern. New providers implement `ThirdPartyProvider`, `SelfHostedNodeProvider`, or `PonderIndexerProvider`.
2. **Scanner pipeline is strict.** `/scanner/scan` uses shared utilities in `app/scanners/shared.py`. Do NOT duplicate `helius_rpc`, `dexscreener_fetch`, or `score_to_risk`.
3. **Telegram bot lives at `app/domains/telegram/rugmunchbot/`.** Legacy `app/telegram_bot/` is being phased out. All new commands go in the domain path.
4. **Async everywhere.** All FastAPI handlers and Celery tasks must be async. No `time.sleep()`, no `requests.get()`. Use `httpx.AsyncClient`, `asyncio.sleep`, `aioredis`.
5. **Rate limiting: 10 req/s per provider.** All third-party API calls must go through the rate limiter. No raw `httpx.get()` to external services.
6. **Type annotations required.** All public functions, methods, and class attributes must have type hints. `mypy --strict` is enforced in CI.
7. **No bare except.** Use `except SpecificError as e:` with structured logging. Ruff BLE rule enforces this.
8. **Secrets via gopass only.** Never hardcode RPC URLs, API keys, or tokens. Use `app.core.config` settings.
9. **Database migrations via Alembic.** Never modify the schema directly. Run `alembic revision --autogenerate -m "description"` and `alembic upgrade head`.
10. **Pre-commit runs on EVERY commit.** Ruff, mypy, gitleaks, and bandit. Run `make check` before pushing.
## Domain Boundaries
| Domain | Path | Purpose |
|--------|------|---------|
| Databus | `app/domains/databus/` | Third-party data providers, caching, news |
| Scanners | `app/domains/scanners/` | Token risk scoring, address labeling |
| Telegram | `app/domains/telegram/` | Bot commands, payments, moderation |
| API | `app/api/v1/` | REST endpoints (public + admin) |
| RAG | `app/rag/` | Vector search, embeddings |
## Test Requirements
- Coverage target: 60%+ (currently below, must improve)
- Tests live in `tests/unit/` and `tests/integration/`
- Use `pytest --strict-markers` — no fake test data
- Run `make test` before committing
## Checklist Before Commit
- [ ] `ruff check app/ tests/` passes
- [ ] `mypy app/ --config-file mypy.ini` passes (gate modules: `app/domains/auth/`, `app/core/redis.py`)
- [ ] `pytest tests/ -x -q -m "not integration"` passes
- [ ] No secrets in diff (`gitleaks detect --verbose`)
- [ ] Conventional commit: `feat(scope):`, `fix(scope):`, etc.
- [ ] If adding a provider, it implements the correct ABC
- [ ] If adding a route, it's in the correct API version path