niko/ai-superpower
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a2dac46d5e
ai-superpower/.ai/skills/iac/SKILL.md

2.3 KiB
Raw Blame History

name description category impact
iac Best practices for Infrastructure as Code, GitOps, minimizing configuration drift, and avoiding imperative infrastructure operations. infra high

Infrastructure as Code (IaC)

🎯 Purpose

Ensures that all infrastructure modifications are handled strictly through code (.tf, .bicep, .yaml, charts, kustomize) and never via imperative command-line actions or UI clicks.

🚨 CRITICAL: Before discussing infrastructure changes or trying to manage cloud resources / Kubernetes state, YOU MUST use the read_file tool to read .ai/skills/iac/REFERENCE.md.

🚨 Prohibitions (Thou Shalt Not)

  • NEVER mutate state via imperative CLI commands. No az resource create, aws ec2 run-instances, kubectl create/edit/apply, gcloud compute.
  • NEVER resolve a bug "temporarily" in production by patching live infrastructure. Every fix must be tracked in version control.
  • NEVER use generic variables (e.g., latest tags). IaC depends on deterministic state and immutable tags.

Workflows (IaC Lifecycle)

  1. State Inspection (Read-Only OK):
    • You may use CLI tools (aws, az, kubectl) to read the current state (e.g., az network vnet show) to debug issues.
  2. Developing Fixes:
    • Locate the source truth (e.g., Terraform module, Helm values.yaml).
    • Write the fix directly in the IaC configuration file.
    • Explain why the configuration change resolves the live issue.
  3. Validation:
    • Use linting and planning commands (terraform plan, helm template, bicep build) to validate changes before committing.
    • Do NOT run apply unless the user explicitly commands it in a throwaway/development environment.

🔗 Related Skills

Depending on the specific IaC tool you are interacting with, you MUST also activate and follow these skills:

  • Clean Code (.ai/skills/clean-code/SKILL.md): Infrastructure as Code is still CODE. Apply clean architecture, DRY principles, and proper naming conventions to IaC files.
  • Helm (.ai/skills/helm/SKILL.md): If the IaC involves Kubernetes Helm charts, strictly adhere to the Helm specific structure and templating rules.
  • Kubernetes Access (.ai/skills/kubernetes-access/SKILL.md): Governs how you interact with the live cluster to inspect the state before/after IaC changes.