issue #97: Move wiki docs to GitHub - Ibrahim

Naming-Conventions/NAMING-RESOURCES.md

@@ -2,7 +2,9 @@
 
 ## Introduction
 
-This document outlines the standard naming conventions for resources that are susceptible to be accessed or manipulated via the command-line interface (CLI). The aim is to improve code readability, ease of use, and collaborative work.
+This document outlines the standard naming conventions for resources that are
+susceptible to be accessed or manipulated via the command-line interface (CLI).
+The aim is to improve code readability, ease of use, and collaborative work.
 
 ## Naming guidelines
 
@@ -23,25 +25,32 @@ This document outlines the standard naming conventions for resources that are su
 
 ### Environment variables
 
-- **Convention**: Start with the uppercase repository name, followed by the actual variable name, separating words with underscores.
+- **Convention**: Start with the uppercase repository name, followed by the
+  actual variable name, separating words with underscores.
 - **Example**: `PROJECT_NAME_MY_ENV_VAR`
 
 ### Azure resource groups
 
-- **Convention**: Start with `rg-` followed by the name in lowercase, separating words with dashes.
+- **Convention**: Start with `rg-` followed by the name in lowercase, separating
+  words with dashes.
 - **Example**: `rg-resource-group`
 
 ### Azure resources
 
-- **Convention**: Use lowercase and separate words with dashes. Include the project name and type of resource.
-- **Example**: `$(PROJECT_NAME)-storage-account`. So for `PROJECT_NAME=nachet`, use `nachet-storage-account`.
+- **Convention**: Use lowercase and separate words with dashes. Include the
+  project name and type of resource.
+- **Example**: `$(PROJECT_NAME)-storage-account`. So for `PROJECT_NAME=nachet`,
+  use `nachet-storage-account`.
 
 ### SQL Files
 
-- **Convention**: Use prefix with date format YYYY-mm-dd followed by a description of the script.
+- **Convention**: Use prefix with date format YYYY-mm-dd followed by a
+  description of the script.
 - **Example**: `2023-09-24-description-of-script.sql`
 
 ## Notes
 
-- These naming conventions should be followed for all new resources that can be accessed or manipulated via CLI.
-- Existing resources that do not conform to these conventions should be refactored to match them.
+- These naming conventions should be followed for all new resources that can be
+  accessed or manipulated via CLI.
+- Existing resources that do not conform to these conventions should be
+  refactored to match them.

README.md

@@ -11,10 +11,6 @@ developers closely associated with our projects.
 
 * [Architecture Decision Records](./adr/index.md)** - A list of all our ADRs.
 
-* [Development Environment Setup
-  Guide](./Development-Environment-Setup-Guide/DEV-ENV-SETUP.md)** - A guide to
-  setting up a development environment with Dev Containers.
-
 * [Development Environment Setup
   Guide](./Development-Environment-Setup-Guide/DEV-ENV-SETUP.md)** - A guide to
   setting up a development environment with Dev Containers.
@@ -43,9 +39,20 @@ developers closely associated with our projects.
   approach to seamlessly integrate environment variables into your development
   workflow.
 
----
+* [Tools and guide for developers](./Tooling/Tooling.md) - List of documentation
+  and guides for utilizing applications in accordance with the AI Lab standards.
+
+* [Why Open Source
+  development](./Technology-and-the-government-of-Canada/Why-Open-Source-development.md)
+\- A document explaining why AI Lab uses open-source technology.
+
+* [Using Generative AI: High-Level
+  Guidance](./Technology-and-the-government-of-Canada/Generative-AI-Guidance.md)
+\- A document guiding the use of generative AI in government operations.
+
+  ---
 
 We hope you find the Developer Relative Documentation helpful and engaging. If
-you have any questions or need assistance, please reach out to the Ai-CFIA team.
+you have any questions or need assistance, please reach out to the AI-CFIA team.
 
 Happy developing!

TRAINING.md

@@ -96,6 +96,8 @@
   * [GoC IT security risk management
     ITSG-33](https://www.cyber.gc.ca/en/guidance/it-security-risk-management-lifecycle-approach-itsg-33)
     (~15 min)
+  * [DevOps roadmap](https://roadmap.sh/devops)
+
 * Backend
   * [Build an AI web app by using Python and
     Flask](https://learn.microsoft.com/en-us/training/modules/python-flask-build-ai-web-app/)

Technology-and-the-government-of-Canada/Generative-AI-Guidance.md

@@ -0,0 +1,48 @@
+# Using Generative AI: High-Level Guidance
+
+## Overview
+
+Generative AI, such as ChatGPT and DALL-E, utilizes advanced algorithms to
+autonomously create content. It offers vast potential for enhancing government
+operations. However, its use is not universally applicable and should be
+restricted to instances where risks can be effectively managed, balancing
+potential benefits with responsible use. Generative AI encompasses technologies
+that can:
+
+* Write and edit documents and emails
+* Assist with coding tasks, such as debugging and generating templates
+* Summarize information
+* Aid in brainstorming sessions
+* Conduct research and translation
+* Facilitate learning
+* Provide support to clients by answering questions and troubleshooting
+
+## Challenges and Concerns
+
+* Ethical, legal, and security considerations are paramount when deploying
+  generative AI. Issues range from biased or inaccurate outputs to breaches of
+  privacy and security protocols.
+* Vigilance against potential misuse by threat actors is necessary to safeguard
+  institutional integrity, with adherence to the Canadian Center for
+  Cybersecurity’s guidelines.
+* Generative AI must be used in compliance with strict privacy, security,
+  intellectual property, and human rights regulations.
+* Overreliance on AI can impede critical human judgment and skills, alongside
+  environmental implications.
+* Utmost caution is essential when integrating generative AI into
+  decision-making processes to avoid undermining procedural fairness and
+  accountability.
+
+## Recommended Approach
+
+* Begin with a Privacy Impact Assessment to gauge privacy concerns. Ensure
+  protection of sensitive data and comprehension of the legal ramifications of
+  AI outputs.
+* Follow "FASTER" principles for responsible AI usage, and consult the ethical
+  decision-making guide when evaluating AI tools, emphasizing their role as
+  aides rather than replacements for employees.
+* Tackle risks related to privacy, bias, and intellectual property diligently.
+* Engage with legal, privacy, and security experts to address these issues and
+  validate AI's alignment with user and organizational requirements.
+* Use AI as a support mechanism; avoid delegating tasks to AI in areas lacking
+  in-house expertise to maintain skill integrity within the organization.

Technology-and-the-government-of-Canada/Why-Open-Source-development.md

@@ -0,0 +1,119 @@
+# Why Open Source development at the CFIA AI Lab
+
+## Summary
+
+There are several reasons why a government agency artificial intelligence lab
+should develop their projects openly as open-source development:
+
+1. Transparency: Open-source development provides transparency and
+   accountability, allowing citizens to understand how their tax dollars are
+   being spent.
+1. Collaboration: Open-source development encourages collaboration and
+   knowledge-sharing, which can lead to faster and more efficient development.
+1. Innovation: By making their projects open-source, government agencies can
+   leverage the collective intelligence of the community to identify and address
+   potential issues, resulting in more innovative and effective solutions.
+1. Security: Open-source development allows for peer review and auditing, which
+   can improve the security and quality of the software.
+1. Cost-effectiveness: By leveraging the open-source community, government
+   agencies can reduce the cost of development and maintenance, as well as avoid
+   vendor lock-in.
+
+Overall, open-source development can help government agencies create better,
+more secure, and more cost-effective AI solutions that benefit both the
+government and the public.
+
+## What are the reasons not to?
+
+There are some potential reasons why a government agency artificial intelligence
+lab may choose not to develop their projects openly as open-source development:
+
+1. Security concerns: If the project involves sensitive information or national
+   security, making it open-source could potentially expose vulnerabilities to
+   bad actors.
+1. Resource constraints: Developing a project openly as open-source development
+   requires significant time and resources to manage the community
+   contributions, which may not be feasible for government agencies with limited
+   resources.
+1. Lack of expertise: Government agencies may not have the necessary expertise
+   to manage an open-source development community, which could lead to quality
+   control issues and delays in development.
+1. Political considerations: There may be political considerations that make it
+   difficult for a government agency to release a project as open-source, such
+   as concerns about government overreach or criticism from industry
+   stakeholders.
+
+Overall, whether or not a government agency chooses to develop their projects
+openly as open-source development depends on a variety of factors, including the
+nature of the project, the agency's resources and capabilities, and the
+political climate.
+
+## How do we mitigate risks while keeping the benefits
+
+1. Security concerns: The agency can make the project publicly available, but
+   limit access to sensitive information to authorized personnel. Additionally,
+   the agency can conduct internal security audits and testing to identify and
+   mitigate potential vulnerabilities.
+1. Resource constraints: The agency can leverage existing open-source
+   communities or partner with other organizations to help manage the
+   development community.
+1. Lack of expertise: The agency can hire or contract with experts in
+   open-source development to help manage the community contributions and ensure
+   quality control.
+1. Political considerations: The agency can engage in public outreach and
+   education to build support for the project and address any concerns or
+   criticisms.
+
+Overall, by addressing these concerns and taking appropriate measures, a
+government agency can still benefit from the advantages of open-source
+development while mitigating any potential risks.
+
+## Specifics to our situation
+
+### Dependency to Open Source
+
+We already depend heavily on open source tools with open development and
+user-contributed work, whether it is [Visual Studio
+Code](https://github.com/microsoft/vscode), [Bicep configuration
+files](https://github.com/Azure/bicep), [Jupyter
+notebooks](https://github.com/jupyter),
+[OpenSSL](https://github.com/openssl/openssl),
+[Git](https://github.com/git/git).
+
+### Tooling
+
+GitHub, the Open Source platform of choice, is owned by Microsoft, our technology
+partner and is the premier platform for open source development.
+
+### Alpha deployment: [alpha.canada.ca](https://alpha.canada.ca/en/index.html)
+
+As part of the Government of Canada’s commitment to experimentation, this web
+domain hosts experimental and prototype websites and services. These websites
+and services are continually evolving “alpha” products that are still in
+development and are not ready for full public use. This domain collects ongoing
+experiments in one place, to make it easier for the government to collaborate
+and share its experiments. They are publicly available in the spirit of working
+in the open.
+
+To be deployed on [alpha.canada.ca](https://alpha.canada.ca/en/index.html), a
+web application or service needs to meet the following criteria:
+
+* hosted on public cloud infrastructure
+* open source on a publicly-visible repository
+* automatically deployable via git operations
+* use HTTPS
+* actively developed within the past four months
+
+### Complying with Government of Canada Digital Standards
+
+[Digital
+Standards](https://www.canada.ca/en/government/system/digital-government/government-canada-digital-standards.html)
+require us to do development in the open.
+
+* "Share evidence, research and decision-making openly. Make all non-sensitive
+  data, information, and new code developed in delivery of services open to the
+  outside world for sharing and reuse under an open license."
+* "Collaborating widely allows us to learn lessons from others to minimize
+  mistakes and reduce rework by identifying and sharing existing solutions. The
+  problems that government solves are often unique, though they are not unique
+  among governments."

Tooling/Apps/GitHub/GitHub-Copilot.md

@@ -0,0 +1,68 @@
+# GitHub Copilot
+
+## Full-time employees - Requesting GitHub Copilot Access
+
+Email <ricky.ng-adam@inspection.gc.ca> to get a license.
+
+## Interns - Requesting GitHub Copilot Access
+
+1. Log in to your GitHub account.
+
+1. Ensure that your university email is linked to your account
+   [here](https://github.com/settings/emails). If not, add it and follow the
+   steps to verify it.
+
+1. Then, visit the [GitHub Education](https://education.github.com/pack) student
+pack page and click on "Sign up for Student Developer Pack" if you don't already
+have it. Get student benefits as Individuals.
+![alt text](images/developer.png)
+![alt text](images/individuals.png)
+1. Fill out the request form with the required information. Make sure to use
+your student email address and have a valid document or a picture of your student
+card to send in the verification section.
+![alt text](images/proof.png)
+
+1. Submit your request. Once your request is submitted, you will need to wait
+   for confirmation from GitHub to access GitHub Copilot. Time may vary, so be
+   patient.
+
+---
+
+## Installing GitHub Copilot in VS Code
+
+Once you get the confirmation that your request has been approved, follow these
+steps :
+
+1. Open VS Code on your computer or a Codespace in GitHub.
+
+1. Go to the "Extensions". Shortcut is `Ctrl+Shift+X`.
+
+1. Search for "GitHub Copilot" in the search bar.
+![alt text](images/extensions.png)
+
+1. Install the extension by clicking the "Install" button.
+
+1. Restart VS Code to activate GitHub Copilot. You may need to log in with your
+   GitHub account if not already done. Follow the instructions to set up GitHub
+   Copilot.
+
+---
+
+## Using GitHub Copilot
+
+If you start typing code in your file, GitHub Copilot will automatically
+generate code suggestions as you type. Use suggestions by pressing `Tab` to
+accept them. If a suggestion is not accurate, you can modify it before
+accepting.
+
+There is also a chat section that is similar to ChatGPT.
+
+![alt text](images/chat.png)
+
+## Tips for Effective Use
+
+- **Code Review:** Always check the code generated by GitHub Copilot to ensure
+  its accuracy and security.
+
+- **Continuous Learning:** Use GitHub Copilot as a learning tool by examining
+  generated suggestions to understand new concepts and best practices.