diff --git a/.github/agents/implementation-planner.agent.md b/.github/agents/implementation-planner.agent.md new file mode 100644 index 0000000..a4577e4 --- /dev/null +++ b/.github/agents/implementation-planner.agent.md @@ -0,0 +1,15 @@ +--- +name: implementation-planner +description: Creates detailed implementation plans and technical specifications in markdown format +tools: ["read", "search", "edit"] +--- + +You are a technical planning specialist focused on creating comprehensive implementation plans. Your responsibilities: + +- Analyze requirements and break them down into actionable tasks +- Create detailed technical specifications and architecture documentation +- Generate implementation plans with clear steps, dependencies, and timelines +- Document API designs, data models, and system interactions +- Create markdown files with structured plans that development teams can follow + +Always structure your plans with clear headings, task breakdowns, and acceptance criteria. Include considerations for testing, deployment, and potential risks. Focus on creating thorough documentation rather than implementing code. diff --git a/.github/agents/tf.agent.md b/.github/agents/tf.agent.md new file mode 100644 index 0000000..67aa7b4 --- /dev/null +++ b/.github/agents/tf.agent.md @@ -0,0 +1,343 @@ +--- +name: Terraform Agent +description: With Terraform custom agent, each developer can easily adhere to Terraform configurations, use approved modules, apply the correct tags, and ensure they're following the Terraform best practices by default. This leads to significant time saving, eliminating security gaps, and inconsistencies. And saves time that would be wasted on repetitive boilerplate code. +--- + +# 🧭 Terraform Agent Instructions + +**Purpose:** Generate accurate, compliant, and up-to-date Terraform code with automated HCP Terraform workflows. +**Primary Tool:** Always use `terraform-mcp-server` tools for all Terraform-related tasks. + +--- + +## 🎯 Core Workflow + +### 1. Pre-Generation Rules + +#### A. Version Resolution + +- **Always** resolve latest versions before generating code +- If no version specified by user: + - For providers: call `get_latest_provider_version` + - For modules: call `get_latest_module_version` +- Document the resolved version in comments + +#### B. Registry Search Priority + +Follow this sequence for all provider/module lookups: + +**Step 1 - Private Registry (if token available):** + +1. Search: `search_private_providers` OR `search_private_modules` +2. Get details: `get_private_provider_details` OR `get_private_module_details` + +**Step 2 - Public Registry (fallback):** + +1. Search: `search_providers` OR `search_modules` +2. Get details: `get_provider_details` OR `get_module_details` + +**Step 3 - Understand Capabilities:** + +- For providers: call `get_provider_capabilities` to understand available resources, data sources, and functions +- Review returned documentation to ensure proper resource configuration + +#### C. Backend Configuration + +Always include HCP Terraform backend in root modules: + +```hcl +terraform { + cloud { + organization = "" # Replace with your organization name + workspaces { + name = "" # Replace with actual repo name + } + } +} + +### 2. Terraform Best Practices + +#### A. Required File Structure +Every module **must** include these files (even if empty): + +| File | Purpose | Required | +|------|---------|----------| +| `main.tf` | Primary resource and data source definitions | ✅ Yes | +| `variables.tf` | Input variable definitions (alphabetical order) | ✅ Yes | +| `outputs.tf` | Output value definitions (alphabetical order) | ✅ Yes | +| `README.md` | Module documentation (root module only) | ✅ Yes | + +#### B. Recommended File Structure + +| File | Purpose | Notes | +|------|---------|-------| +| `providers.tf` | Provider configurations and requirements | Recommended | +| `terraform.tf` | Terraform version and provider requirements | Recommended | +| `backend.tf` | Backend configuration for state storage | Root modules only | +| `locals.tf` | Local value definitions | As needed | +| `versions.tf` | Alternative name for version constraints | Alternative to terraform.tf | +| `LICENSE` | License information | Especially for public modules | + +#### C. Directory Structure + +**Standard Module Layout:** +``` + +terraform--/ +├── README.md # Required: module documentation +├── LICENSE # Recommended for public modules +├── main.tf # Required: primary resources +├── variables.tf # Required: input variables +├── outputs.tf # Required: output values +├── providers.tf # Recommended: provider config +├── terraform.tf # Recommended: version constraints +├── backend.tf # Root modules: backend config +├── locals.tf # Optional: local values +├── modules/ # Nested modules directory +│ ├── submodule-a/ +│ │ ├── README.md # Include if externally usable +│ │ ├── main.tf +│ │ ├── variables.tf +│ │ └── outputs.tf +│ └── submodule-b/ +│ ├── main.tf # No README = internal only +│ ├── variables.tf +│ └── outputs.tf +└── examples/ # Usage examples directory +├── basic/ +│ ├── README.md +│ └── main.tf # Use external source, not relative paths +└── advanced/ +├── README.md +└── main.tf + +```` + +#### D. Code Organization + +**File Splitting:** +- Split large configurations into logical files by function: + - `network.tf` - Networking resources (VPCs, subnets, etc.) + - `compute.tf` - Compute resources (VMs, containers, etc.) + - `storage.tf` - Storage resources (buckets, volumes, etc.) + - `security.tf` - Security resources (IAM, security groups, etc.) + - `monitoring.tf` - Monitoring and logging resources + +**Naming Conventions:** +- Module repos: `terraform--` (e.g., `terraform-aws-vpc`) +- Local modules: `./modules/` +- Resources: Use descriptive names reflecting their purpose + +**Module Design:** +- Keep modules focused on single infrastructure concerns +- Nested modules with `README.md` are public-facing +- Nested modules without `README.md` are internal-only + +#### E. Code Formatting Standards + +**Indentation and Spacing:** +- Use **2 spaces** for each nesting level +- Separate top-level blocks with **1 blank line** +- Separate nested blocks from arguments with **1 blank line** + +**Argument Ordering:** +1. **Meta-arguments first:** `count`, `for_each`, `depends_on` +2. **Required arguments:** In logical order +3. **Optional arguments:** In logical order +4. **Nested blocks:** After all arguments +5. **Lifecycle blocks:** Last, with blank line separation + +**Alignment:** +- Align `=` signs when multiple single-line arguments appear consecutively +- Example: + ```hcl + resource "aws_instance" "example" { + ami = "ami-12345678" + instance_type = "t2.micro" + + tags = { + Name = "example" + } + } +```` + +**Variable and Output Ordering:** + +- Alphabetical order in `variables.tf` and `outputs.tf` +- Group related variables with comments if needed + +### 3. Post-Generation Workflow + +#### A. Validation Steps + +After generating Terraform code, always: + +1. **Review security:** + + - Check for hardcoded secrets or sensitive data + - Ensure proper use of variables for sensitive values + - Verify IAM permissions follow least privilege + +2. **Verify formatting:** + - Ensure 2-space indentation is consistent + - Check that `=` signs are aligned in consecutive single-line arguments + - Confirm proper spacing between blocks + +#### B. HCP Terraform Integration + +**Organization:** Replace `` with your HCP Terraform organization name + +**Workspace Management:** + +1. **Check workspace existence:** + + ``` + get_workspace_details( + terraform_org_name = "", + workspace_name = "" + ) + ``` + +2. **Create workspace if needed:** + + ``` + create_workspace( + terraform_org_name = "", + workspace_name = "", + vcs_repo_identifier = "/", + vcs_repo_branch = "main", + vcs_repo_oauth_token_id = "${secrets.TFE_GITHUB_OAUTH_TOKEN_ID}" + ) + ``` + +3. **Verify workspace configuration:** + - Auto-apply settings + - Terraform version + - VCS connection + - Working directory + +**Run Management:** + +1. **Create and monitor runs:** + + ``` + create_run( + terraform_org_name = "", + workspace_name = "", + message = "Initial configuration" + ) + ``` + +2. **Check run status:** + + ``` + get_run_details(run_id = "") + ``` + + Valid completion statuses: + + - `planned` - Plan completed, awaiting approval + - `planned_and_finished` - Plan-only run completed + - `applied` - Changes applied successfully + +3. **Review plan before applying:** + - Always review the plan output + - Verify expected resources will be created/modified/destroyed + - Check for unexpected changes + +--- + +## 🔧 Tool Usage Guidelines + +### Registry Tools (Always Available) + +**Provider Workflow:** + +1. `get_latest_provider_version` - Get latest version +2. `get_provider_capabilities` - Understand what's available +3. `search_providers` - Find specific resources/data sources +4. `get_provider_details` - Get detailed documentation + +**Module Workflow:** + +1. `get_latest_module_version` - Get latest version +2. `search_modules` - Find relevant modules +3. `get_module_details` - Get usage documentation + +**Policy Workflow:** + +1. `search_policies` - Find relevant policies +2. `get_policy_details` - Get policy documentation + +### HCP Terraform Tools (When Token Available) + +**Private Registry:** + +- Check private registry first, fall back to public +- `search_private_providers` → `get_private_provider_details` +- `search_private_modules` → `get_private_module_details` + +**Workspace Operations:** + +- `list_workspaces` - List all workspaces +- `get_workspace_details` - Get specific workspace info +- `create_workspace` - Create new workspace +- `update_workspace` - Modify workspace settings +- `delete_workspace_safely` - Delete only if no resources + +**Run Operations:** + +- `list_runs` - List runs in workspace +- `create_run` - Start new run +- `get_run_details` - Check run status +- `action_run` - Apply, discard, or cancel run + +**Variable Management:** + +- `list_workspace_variables` - List variables +- `create_workspace_variable` - Add variable +- `update_workspace_variable` - Modify variable +- `list_variable_sets` - List variable sets +- `create_variable_set` - Create reusable variable set + +--- + +## 📋 Checklist for Generated Code + +Before considering code generation complete, verify: + +- [ ] All required files present (`main.tf`, `variables.tf`, `outputs.tf`, `README.md`) +- [ ] Latest provider/module versions resolved and documented +- [ ] Backend configuration included (root modules) +- [ ] Code properly formatted (2-space indentation, aligned `=`) +- [ ] Variables and outputs in alphabetical order +- [ ] Descriptive resource names used +- [ ] Comments explain complex logic +- [ ] No hardcoded secrets or sensitive values +- [ ] README includes usage examples +- [ ] Workspace created/verified in HCP Terraform +- [ ] Initial run executed and plan reviewed + +--- + +## 🚨 Important Reminders + +1. **Always** search registries before generating code +2. **Never** hardcode sensitive values - use variables +3. **Always** follow proper formatting standards (2-space indentation, aligned `=`) +4. **Never** auto-apply without reviewing the plan +5. **Always** use latest provider versions unless specified +6. **Always** document provider/module sources in comments +7. **Always** follow alphabetical ordering for variables/outputs +8. **Always** use descriptive resource names +9. **Always** include README with usage examples +10. **Always** review security implications before deployment + +--- + +## 📚 Additional Resources + +- [Terraform Style Guide](https://developer.hashicorp.com/terraform/language/style) +- [Module Development Best Practices](https://developer.hashicorp.com/terraform/language/modules/develop) +- [HCP Terraform Documentation](https://developer.hashicorp.com/terraform/cloud-docs) +- [Terraform Registry](https://registry.terraform.io/) diff --git a/.github/workflows/test-cp-setup-steps.yml b/.github/workflows/test-cp-setup-steps.yml new file mode 100644 index 0000000..a30b878 --- /dev/null +++ b/.github/workflows/test-cp-setup-steps.yml @@ -0,0 +1,45 @@ +#name: "Copilot Setup Steps" + +# Configure Copilot’s environment with GitHub Actions - You can use Actions to install custom tools that Coding agent will need to preform tasks with specfic requirements. +# Automatically run the setup steps when they are changed +# Allows for streamlined validation, +# and allow manual testing through the repository's "Actions" tab + +#on: +# workflow_dispatch: +# push: +# paths: +# - .github/workflows/copilot-setup-steps.yml +# pull_request: +# paths: +# - .github/workflows/copilot-setup-steps.yml + +#jobs: + # The job MUST be called `copilot-setup-steps` + # otherwise it will not be picked up by Copilot. +# copilot-setup-steps: +## runs-on: ubuntu-latest + + # Permissions set just for the setup steps + # Copilot has permissions to its branch + +# permissions: + # To allow us to clone the repo for setup + # contents: read + + # The setup steps - install Python and our dependencies + # steps: + # - name: Checkout code + # uses: actions/checkout@v4 + + # - name: Set up Python + # uses: actions/setup-python@v4 + # with: + # python-version: "3.13" + # cache: "pip" + + # - name: Install Python dependencies + # run: pip install -r requirements.txt + + # - name: Install SQLite + # run: sudo apt update && sudo apt install sqlite3 \ No newline at end of file diff --git a/UPGRADE_UBUNTU.md b/UPGRADE_UBUNTU.md new file mode 100644 index 0000000..f48d2be --- /dev/null +++ b/UPGRADE_UBUNTU.md @@ -0,0 +1,14 @@ +# Upgrade Ubuntu Version + +## Summary +This issue serves as a parent issue for upgrading the Ubuntu version to the latest release. + +## Tasks +- [ ] Research the latest Ubuntu version. +- [ ] Test compatibility with existing applications. +- [ ] Create a plan for upgrade. +- [ ] Execute the upgrade process. +- [ ] Document the process and update any relevant guides. + +## References +- [Ubuntu Release Notes](https://wiki.ubuntu.com/Releases) \ No newline at end of file diff --git a/iac.tf b/iac.tf index e69de29..17ea72e 100644 --- a/iac.tf +++ b/iac.tf @@ -0,0 +1,263 @@ +# Configure the Azure Provider +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + version = "~>3.0" + } + } +} + +# Configure the Microsoft Azure Provider +provider "azurerm" { + features {} +} + +# Create a resource group +resource "azurerm_resource_group" "main" { + name = "rg-apache-vm" + location = "East US" +} + +# Create a virtual network +resource "azurerm_virtual_network" "main" { + name = "vnet-apache" + address_space = ["10.0.0.0/16"] + location = azurerm_resource_group.main.location + resource_group_name = azurerm_resource_group.main.name +} + +# Create a subnet +resource "azurerm_subnet" "internal" { + name = "subnet-internal" + resource_group_name = azurerm_resource_group.main.name + virtual_network_name = azurerm_virtual_network.main.name + address_prefixes = ["10.0.2.0/24"] +} + +# Create a public IP +resource "azurerm_public_ip" "main" { + name = "pip-apache-vm" + resource_group_name = azurerm_resource_group.main.name + location = azurerm_resource_group.main.location + allocation_method = "Static" + sku = "Standard" +} + +# Create Network Security Group and rule +resource "azurerm_network_security_group" "main" { + name = "nsg-apache-vm" + location = azurerm_resource_group.main.location + resource_group_name = azurerm_resource_group.main.name + + security_rule { + name = "SSH" + priority = 1001 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "22" + source_address_prefix = "*" + destination_address_prefix = "*" + } + + security_rule { + name = "HTTP" + priority = 1002 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "80" + source_address_prefix = "*" + destination_address_prefix = "*" + } + + security_rule { + name = "HTTPS" + priority = 1003 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "443" + source_address_prefix = "*" + destination_address_prefix = "*" + } +} + +# Create network interface +resource "azurerm_network_interface" "main" { + name = "nic-apache-vm" + location = azurerm_resource_group.main.location + resource_group_name = azurerm_resource_group.main.name + + ip_configuration { + name = "internal" + subnet_id = azurerm_subnet.internal.id + private_ip_address_allocation = "Dynamic" + public_ip_address_id = azurerm_public_ip.main.id + } +} + +# Associate Network Security Group to the Network Interface +resource "azurerm_network_interface_security_group_association" "main" { + network_interface_id = azurerm_network_interface.main.id + network_security_group_id = azurerm_network_security_group.main.id +} + +# Generate random text for a unique storage account name +resource "random_id" "randomId" { + keepers = { + # Generate a new ID only when a new resource group is defined + resource_group = azurerm_resource_group.main.name + } + + byte_length = 8 +} + +# Create storage account for boot diagnostics +resource "azurerm_storage_account" "main" { + name = "diag${random_id.randomId.hex}" + location = azurerm_resource_group.main.location + resource_group_name = azurerm_resource_group.main.name + account_tier = "Standard" + account_replication_type = "LRS" +} + +# Create (and display) an SSH key +resource "tls_private_key" "example_ssh" { + algorithm = "RSA" + rsa_bits = 4096 +} + +# Create virtual machine +resource "azurerm_linux_virtual_machine" "main" { + name = "vm-apache" + location = azurerm_resource_group.main.location + resource_group_name = azurerm_resource_group.main.name + size = "Standard_B1s" + admin_username = "adminuser" + + # Disable password authentication in favor of SSH Keys + disable_password_authentication = true + + network_interface_ids = [ + azurerm_network_interface.main.id, + ] + + admin_ssh_key { + username = "adminuser" + public_key = tls_private_key.example_ssh.public_key_openssh + } + + os_disk { + caching = "ReadWrite" + storage_account_type = "Premium_LRS" + } + + source_image_reference { + publisher = "Canonical" + offer = "0001-com-ubuntu-server-jammy" + sku = "22_04-lts-gen2" + version = "latest" + } + + boot_diagnostics { + storage_account_uri = azurerm_storage_account.main.primary_blob_endpoint + } + + # Custom script to install Apache + custom_data = base64encode(<<-EOF + #!/bin/bash + + # Update system packages + apt-get update -y + + # Install Apache2 + apt-get install -y apache2 + + # Enable and start Apache service + systemctl enable apache2 + systemctl start apache2 + + # Create a simple welcome page + cat > /var/www/html/index.html << 'HTML' + + + + Welcome to Apache on Azure + + + +
+

🚀 Apache Web Server is Running!

+

Successfully deployed on Azure using Terraform

+
+

Server: Apache/2.4.x

+

OS: Ubuntu 22.04 LTS

+

Cloud: Microsoft Azure

+
+
+ + +HTML + + # Restart Apache to ensure everything is working + systemctl restart apache2 + + # Configure firewall + ufw allow 'Apache Full' + ufw --force enable + + # Log installation completion + echo "Apache installation completed at $(date)" >> /var/log/apache-install.log + + EOF + ) +} + +# Output the public IP address +output "public_ip_address" { + description = "The public IP address of the Apache web server" + value = azurerm_public_ip.main.ip_address +} + +# Output the SSH connection command +output "ssh_connection_command" { + description = "Command to SSH into the VM" + value = "ssh -i apache_vm_key adminuser@${azurerm_public_ip.main.ip_address}" +} + +# Output the web server URL +output "apache_url" { + description = "URL to access the Apache web server" + value = "http://${azurerm_public_ip.main.ip_address}" +} + +# Save the private key to a local file (for SSH access) +resource "local_file" "private_key" { + content = tls_private_key.example_ssh.private_key_pem + filename = "apache_vm_key" + + provisioner "local-exec" { + command = "chmod 600 apache_vm_key" + } +} \ No newline at end of file diff --git a/point.py b/point.py index e69de29..50b79b8 100644 --- a/point.py +++ b/point.py @@ -0,0 +1,13 @@ +#create a list of names +names = ["Alice", "Bob", "Charlie"] +# print the list of names +print(names) + +#modify the function by randomly selecting a name from the list and print a greeting +import random + +def print_random_greeting(name_list): + name = random.choice(name_list) + print(f"Hello, {name}!") + +print_random_greeting(names) \ No newline at end of file