niko/ai-superpower
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e07cf0164f
ai-superpower/.ai/instructions/constraints/agent-capabilities.instructions.md
moilanik a6eb4da214 nit: ai-superpower initial commit 
- .ai/ instruction set (root, behavior, skills, constraints)
- apply.sh workflow documentation (apply.md)
- architecture documentation (docs/architecture.md)
- .github/copilot-instructions.md for VS Code auto-load
- .gitignore (tmp/, .ai-instructions.conf)"
2026-03-02 14:06:36 +02:00

226 lines
5.0 KiB
Markdown
Raw Blame History

# Agent Capabilities and Limitations
## 🚫 Kubernetes Cluster Access Restrictions
**AI Assistant does NOT have direct access to Kubernetes clusters:**
### What AI CANNOT Do:
-**Run kubectl commands** against live clusters
-**Run helm install/upgrade** to live clusters
-**Access cluster directly** - no credentials, no connection
-**Make port-forwards** to cluster services
### Why:
- User manages cluster access and credentials
- Prevents accidental changes to production/development clusters
- User controls when and how deployments happen
### What AI CAN Do:
-**helm template** - Render manifests locally
-**helm show values** - Inspect chart configurations
-**helm dependency** - Manage chart dependencies
-**curl commands** - Make HTTP requests (when user provides port-forward)
-**Analyze configurations** - Review YAML/JSON files
-**Suggest commands** - Show what user should run
---
## 👤 User Responsibilities
### User Must:
1. **Run all kubectl commands** themselves
```bash
kubectl get pods -n monitoring
kubectl describe pod ...
kubectl logs ...
```
2. **Create port-forwards** when AI needs to test endpoints
```bash
kubectl port-forward -n monitoring svc/prometheus 9090:80
# Then AI can: curl http://localhost:9090/...
```
3. **Run helm install/upgrade** themselves
```bash
helm upgrade --install monitoring . -f values.yaml
```
4. **Verify changes** before applying
5. **Control deployment timing**
6. **Manage cluster credentials**
---
## 🎯 Workflow Pattern
**When user reports a cluster issue:**
1. **AI asks user to run kubectl commands:**
```
"Please run: kubectl get pods -n monitoring"
"Please run: kubectl describe pod [pod-name]"
```
2. **User provides output**
3. **AI analyzes** the output
4. **AI suggests fix** with commands for user to run
5. **User runs commands** themselves
**Example:**
```
User: "Prometheus pod failing"
AI: "Please run: kubectl describe pod -n monitoring -l app=prometheus"
User: [provides output]
AI: "I see ImagePullBackOff error. The image registry.k8s.io/busybox:1.28 doesn't exist.
Let me update values.yaml to use working image.
[makes file edit]
After change, please run:
kubectl delete pod [pod-name] -n monitoring"
User: [runs command]
```
---
## 🛠️ Helm Command Rules
### AI Can Run (Local Operations):
```bash
# Render templates locally
helm template monitoring . -f values.yaml > tmp/manifests.yaml
# Show chart values
helm show values prometheus-community/prometheus
# Manage dependencies
helm dependency update
helm dependency build
```
### AI CANNOT Run (Cluster Operations):
```bash
# ❌ Install to cluster
helm install monitoring . -f values.yaml
# ❌ Upgrade cluster release
helm upgrade monitoring . -f values.yaml
# ❌ List cluster releases
helm list -n monitoring
# ❌ Get release status
helm status monitoring
```
### Instead, AI Should:
1. **Generate and show** the command:
```
"Run this command:
helm upgrade --install monitoring . -f values.yaml -n monitoring"
```
2. **Explain** what it will do
3. **Wait** for user to run it
4. **Ask user** for results/output if needed
---
## 📊 Testing Endpoints
**When AI needs to test HTTP endpoints:**
### Pattern:
1. **AI asks user:**
```
"Please create port-forward:
kubectl port-forward -n monitoring svc/prometheus 9090:80"
```
2. **User runs port-forward** (keeps terminal open)
3. **AI can now run:**
```bash
curl http://localhost:9090/api/v1/query?query=up
```
4. **When done, user closes** port-forward (Ctrl+C)
### Common Services:
```bash
# Prometheus
kubectl port-forward -n monitoring svc/prometheus 9090:80
# Grafana
kubectl port-forward -n monitoring svc/grafana 3000:80
# MinIO Console
kubectl port-forward -n monitoring svc/minio 9001:9001
# Loki
kubectl port-forward -n monitoring svc/loki 3100:3100
```
---
## 🔍 Debugging Workflow
### For Pod Issues:
**AI requests:**
```
1. "kubectl get pods -n [namespace]"
2. "kubectl describe pod [pod-name] -n [namespace]"
3. "kubectl logs [pod-name] -n [namespace]"
4. "kubectl get events -n [namespace] --sort-by='.lastTimestamp'"
```
**User provides output** → AI analyzes → AI suggests fix
### For Service Issues:
**AI requests:**
```
1. "kubectl get svc -n [namespace]"
2. "kubectl describe svc [service-name] -n [namespace]"
3. "kubectl get endpoints [service-name] -n [namespace]"
```
### For Configuration Issues:
**AI can:**
- Read files directly (values.yaml, templates, etc.)
- Use helm template to render manifests
- Analyze configurations
- Suggest changes
---
## 💡 Remember
- **AI = Analysis + File editing + Suggestions**
- **User = Cluster access + Command execution + Deployment control**
- **Communication is key** - AI asks, user provides, AI analyzes
- **Safety first** - No direct cluster access prevents accidents
---
**Last Updated:** 2026-01-19
**Purpose:** Define clear boundaries between AI capabilities and user responsibilities
Reference in New Issue View Git Blame Copy Permalink