feat: add initial workflows

cmd/kube-copilot/analyze.go

@@ -19,47 +19,12 @@ import (
 	"fmt"
 
 	"github.com/fatih/color"
-	"github.com/feiskyer/kube-copilot/pkg/assistants"
 	"github.com/feiskyer/kube-copilot/pkg/kubernetes"
-	"github.com/feiskyer/kube-copilot/pkg/llms"
-	"github.com/sashabaranov/go-openai"
+	"github.com/feiskyer/kube-copilot/pkg/utils"
+	"github.com/feiskyer/kube-copilot/pkg/workflows"
 	"github.com/spf13/cobra"
 )
 
-const analysisSystemPrompt = `Transform technical Kubernetes analysis into accessible explanations for non-technical users using relatable analogies and a "detective solving a mystery" approach. For each identified issue, document the analysis and solution in everyday language, employing simple analogies to clarify technical points.
-
-# Steps
-
-1. **Identify Clues**: Treat each piece of YAML configuration data like a clue in a mystery. Explain how it helps to understand the issue, similar to a detective piecing together a case.
-2. **Analysis with Analogies**: Translate your technical findings into relatable scenarios. Use everyday analogies to explain concepts, avoiding complex jargon. This makes episodes like 'pod failures' or 'service disruptions' simple to grasp.
-3. **Solution as a DIY Guide**: Offer a step-by-step solution akin to guiding someone through a household fix-up. Instructions should be straightforward, logical, and accessible.
-4. **Document Findings**:
-   - Separate analysis and solution clearly for each issue, detailing them in non-technical language.
-
-# Output Format
-
-Provide the output in structured markdown, using clear and concise language.
-
-# Examples
-
-## 1. <title of the issue or potential problem>
-
-- **Findings**: The YAML configuration doesn't specify the memory limit for the pod.
-- **How to resolve**: Set memory limit in Pod spec.
-
-## 2. HIGH Severity: CVE-2024-10963
-
-- **Findings**: The Pod is running with CVE pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass.
-- **How to resolve**: Update package libpam-modules to fixed version (>=1.5.3) in the image. (leave the version number to empty if you don't know it)
-
-# Notes
-
-- Keep your language concise and simple.
-- Ensure key points are included, e.g. CVE number, error code, versions.
-- Relatable analogies should help in visualizing the problem and solution.
-- Ensure explanations are self-contained, enough for newcomers without previous technical exposure to understand.
-`
-
 var analysisName string
 var analysisNamespace string
 var analysisResource string
@@ -91,26 +56,12 @@ var analyzeCmd = &cobra.Command{
 			return
 		}
 
-		manifests = llms.ConstrictPrompt(manifests, model, maxTokens)
-		if verbose {
-			color.Cyan("Got manifests for %s/%s:\n%s\n\n", analysisNamespace, analysisName, manifests)
-		}
-
-		messages := []openai.ChatCompletionMessage{
-			{
-				Role:    openai.ChatMessageRoleSystem,
-				Content: analysisSystemPrompt,
-			},
-			{
-				Role:    openai.ChatMessageRoleUser,
-				Content: fmt.Sprintf("**Task**: Analyze and explain issues for the following kubernetes manifests:\n%s", manifests),
-			},
-		}
-		response, _, err := assistants.Assistant(model, messages, maxTokens, countTokens, verbose, maxIterations)
+		response, err := workflows.AnalysisFlow(model, manifests, verbose)
 		if err != nil {
 			color.Red(err.Error())
 			return
 		}
-		fmt.Println(response)
+
+		utils.RenderMarkdown(response)
 	},
 }

cmd/kube-copilot/audit.go

@@ -19,60 +19,15 @@ import (
 	"fmt"
 
 	"github.com/fatih/color"
-	"github.com/feiskyer/kube-copilot/pkg/assistants"
-	"github.com/sashabaranov/go-openai"
+	"github.com/feiskyer/kube-copilot/pkg/utils"
+	"github.com/feiskyer/kube-copilot/pkg/workflows"
 	"github.com/spf13/cobra"
 )
 
-const auditSystemPrompt = `As an experienced technical expert in Kubernetes and cloud native security, your structured approach to conducting security audits will be captured through a Chain of Thought (CoT) process. This process should demystify the technical steps and clearly connect your findings to their solutions, presenting them in a manner that non-technical users can comprehend.
-
-Available Tools:
-- kubectl: Useful for executing kubectl commands. Input: a kubectl command. Output: the result of the command.
-- python: This is a Python interpreter. Use it for executing Python code with the Kubernetes Python SDK client. Ensure the results are output using "print(...)". The input is a Python script, and the output will be the stdout and stderr of this script.
-- trivy: Useful for executing trivy image command to scan images for vulnerabilities. Input: an image for security scanning. Output: the vulnerabilities found in the image.
-
-Here's the plan of action:
-
-1. Security Auditing:
-   a. Initiate the security audit by retrieving the YAML configuration of a specific pod using "kubectl get -n {namespace} pod {pod} -o yaml". Break down what YAML is and why it’s important for understanding the security posture of a pod.
-   b. Detail how you will analyze the YAML for common security misconfigurations or risky settings, connecting each potential issue to a concept that non-technical users can relate to, like leaving a door unlocked.
-
-2. Vulnerability Scanning:
-   a. Explain the process of extracting the container image name from the YAML file and the significance of scanning this image with "trivy image <image>".
-   b. Describe, in simple terms, what a vulnerability scan is and how it helps in identifying potential threats, likening it to a health check-up that finds vulnerabilities before they can be exploited.
-
-3. Issue Identification and Solution Formulation:
-   a. Detail the method for documenting each discovered issue, ensuring that for every identified security concern, there's a corresponding, understandable explanation provided.
-   b. Develop solutions that are effective yet easily understandable, explaining the remediation steps as if you were guiding someone with no technical background through fixing a common household problem.
-
-Present your findings and solutions in a user-friendly format:
-
-1. Issue: <Issue 1>
-   Analysis: Describe the signs that pointed to Issue 1 and why it's a concern, using everyday analogies.
-   Solution: Offer a step-by-step guide to resolve Issue 1, ensuring that each step is justified and explained in layman's terms.
-
-2. Issue: <Issue 2>
-   Analysis: Discuss the clues that led to the discovery of Issue 2, keeping the language simple.
-   Solution: Propose a straightforward, step-by-step solution for Issue 2, detailing why these actions will address the problem effectively.
-
-Throughout your security assessment, emphasize adherence to standards like the CIS benchmarks, mitigation of Common Vulnerabilities and Exposures (CVE), and the NSA & CISA Kubernetes Hardening Guidance. It's vital that your descriptions of issues and solutions not only clarify the technical concepts but also help non-technical users understand how the solutions contribute to overcoming their security challenges without any need for installations or tools beyond 'kubectl' or 'trivy image'.
-
-Use this JSON format for responses:
-
-{
-	"question": "<input question>",
-	"thought": "<your thought process>",
-	"action": {
-		"name": "<action to take, choose from tools [kubectl, python, trivy]. Do not set final_answer when an action is required>",
-		"input": "<input for the action. ensure all contexts are added as input if required, e.g. raw YAML or image name.>"
-	},
-	"observation": "<result of the action, set by external tools>",
-	"final_answer": "<your final findings, only set after completed all processes and no action is required>"
-}
-`
-
-var auditName string
-var auditNamespace string
+var (
+	auditName      string
+	auditNamespace string
+)
 
 func init() {
 	auditCmd.PersistentFlags().StringVarP(&auditName, "name", "", "", "Pod name")
@@ -93,21 +48,12 @@ var auditCmd = &cobra.Command{
 		}
 
 		fmt.Printf("Auditing Pod %s/%s\n", auditNamespace, auditName)
-		messages := []openai.ChatCompletionMessage{
-			{
-				Role:    openai.ChatMessageRoleSystem,
-				Content: auditSystemPrompt,
-			},
-			{
-				Role:    openai.ChatMessageRoleUser,
-				Content: fmt.Sprintf("Your goal is to ensure that both the issues and their solutions are communicated effectively and understandably. As you audit security issues for Pod %s in namespace %s, remember to avoid using any delete or edit commands.", auditName, auditNamespace),
-			},
-		}
-		response, _, err := assistants.Assistant(model, messages, maxTokens, countTokens, verbose, maxIterations)
+		response, err := workflows.AuditFlow(model, auditNamespace, auditName, verbose)
 		if err != nil {
 			color.Red(err.Error())
 			return
 		}
-		fmt.Println(response)
+
+		utils.RenderMarkdown(response)
 	},
 }

cmd/kube-copilot/diagnose.go

@@ -20,6 +20,7 @@ import (
 
 	"github.com/fatih/color"
 	"github.com/feiskyer/kube-copilot/pkg/assistants"
+	"github.com/feiskyer/kube-copilot/pkg/utils"
 	"github.com/sashabaranov/go-openai"
 	"github.com/spf13/cobra"
 )
@@ -109,6 +110,6 @@ var diagnoseCmd = &cobra.Command{
 			color.Red(err.Error())
 			return
 		}
-		fmt.Println(response)
+		utils.RenderMarkdown(response)
 	},
 }

cmd/kube-copilot/execute.go

@@ -23,6 +23,7 @@ import (
 	"github.com/feiskyer/kube-copilot/pkg/assistants"
 	"github.com/feiskyer/kube-copilot/pkg/tools"
 	kubetools "github.com/feiskyer/kube-copilot/pkg/tools"
+	"github.com/feiskyer/kube-copilot/pkg/utils"
 	"github.com/sashabaranov/go-openai"
 	"github.com/spf13/cobra"
 )
@@ -94,6 +95,6 @@ var executeCmd = &cobra.Command{
 			color.Red(err.Error())
 			return
 		}
-		fmt.Println(response)
+		utils.RenderMarkdown(response)
 	},
 }

cmd/kube-copilot/generate.go

@@ -22,30 +22,12 @@ import (
 	"strings"
 
 	"github.com/fatih/color"
-	"github.com/feiskyer/kube-copilot/pkg/assistants"
 	"github.com/feiskyer/kube-copilot/pkg/kubernetes"
 	"github.com/feiskyer/kube-copilot/pkg/utils"
-	"github.com/sashabaranov/go-openai"
+	"github.com/feiskyer/kube-copilot/pkg/workflows"
 	"github.com/spf13/cobra"
 )
 
-const generateSystemPrompt = `As a skilled technical specialist in Kubernetes and cloud-native technologies, your task is to create Kubernetes YAML manifests following these steps:
-
-1. Review the provided instructions to generate the Kubernetes YAML manifests. Ensure these manifests adhere to current security protocols and best practices. If an instruction lacks a specific image, choose the most commonly used one from reputable sources.
-2. Utilize your expertise to scrutinize the YAML manifests. Conduct a thorough step-by-step analysis to identify any issues. Resolve these issues, ensuring the YAML manifests are accurate and secure.
-3. After fixing and verifying the manifests, compile them in their raw form. For multiple YAML files, use '---' as a separator.
-
-While refining the YAML manifests, adopt this Chain of Thought:
-
-- Understand the intended use and environment for each manifest as per instructions.
-- Assess the security aspects of each component, aligning with standards and best practices.
-- Document and justify any discrepancies or issues you find, sequentially.
-- Implement solutions that enhance the manifests' performance and security, using best practices and recommended images.
-- Ensure the final manifests are syntactically correct, properly formatted, and deployment-ready.
-
-Present **only the final YAML manifests** in raw format, without additional comments or annotations.
-`
-
 var generatePrompt string
 
 func init() {
@@ -62,20 +44,7 @@ var generateCmd = &cobra.Command{
 			return
 		}
 
-		var err error
-		var response string
-		messages := []openai.ChatCompletionMessage{
-			{
-				Role:    openai.ChatMessageRoleSystem,
-				Content: generateSystemPrompt,
-			},
-			{
-				Role:    openai.ChatMessageRoleUser,
-				Content: fmt.Sprintf("Task: Generate a Kubernetes manifest for %s", generatePrompt),
-			},
-		}
-
-		response, _, err = assistants.Assistant(model, messages, maxTokens, countTokens, verbose, maxIterations)
+		response, err := workflows.GeneratorFlow(model, generatePrompt, verbose)
 		if err != nil {
 			color.Red(err.Error())
 			return

go.mod

@@ -5,20 +5,29 @@ go 1.23
 toolchain go1.23.4
 
 require (
+	github.com/charmbracelet/glamour v0.8.0
 	github.com/fatih/color v1.18.0
+	github.com/feiskyer/swarm-go v0.1.3
 	github.com/pkoukk/tiktoken-go v0.1.7
 	github.com/sashabaranov/go-openai v1.36.0
 	github.com/spf13/cobra v1.8.1
-	google.golang.org/api v0.210.0
+	google.golang.org/api v0.211.0
 	gopkg.in/yaml.v2 v2.4.0
-	k8s.io/apimachinery v0.31.3
-	k8s.io/client-go v0.31.3
+	k8s.io/apimachinery v0.31.4
+	k8s.io/client-go v0.31.4
 )
 
 require (
-	cloud.google.com/go/auth v0.12.0 // indirect
+	cloud.google.com/go/auth v0.12.1 // indirect
 	cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect
 	cloud.google.com/go/compute/metadata v0.5.2 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/azcore v1.16.0 // indirect
+	github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
+	github.com/alecthomas/chroma/v2 v2.14.0 // indirect
+	github.com/aymanbagabas/go-osc52/v2 v2.0.1 // indirect
+	github.com/aymerick/douceur v0.2.0 // indirect
+	github.com/charmbracelet/lipgloss v0.12.1 // indirect
+	github.com/charmbracelet/x/ansi v0.1.4 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/dlclark/regexp2 v1.11.4 // indirect
 	github.com/emicklei/go-restful/v3 v3.12.1 // indirect
@@ -30,7 +39,6 @@ require (
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/google/gnostic-models v0.6.9 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
@@ -39,19 +47,32 @@ require (
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
 	github.com/googleapis/gax-go/v2 v2.14.0 // indirect
+	github.com/gorilla/css v1.0.1 // indirect
 	github.com/imdario/mergo v0.3.16 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
+	github.com/lucasb-eyer/go-colorful v1.2.0 // indirect
 	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
+	github.com/mattn/go-runewidth v0.0.15 // indirect
+	github.com/microcosm-cc/bluemonday v1.0.27 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/muesli/reflow v0.3.0 // indirect
+	github.com/muesli/termenv v0.15.3-0.20240618155329-98d742f6907a // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+	github.com/openai/openai-go v0.1.0-alpha.39 // indirect
+	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/tidwall/gjson v1.18.0 // indirect
+	github.com/tidwall/match v1.1.1 // indirect
+	github.com/tidwall/pretty v1.2.1 // indirect
+	github.com/tidwall/sjson v1.2.5 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
-	go.opencensus.io v0.24.0 // indirect
+	github.com/yuin/goldmark v1.7.4 // indirect
+	github.com/yuin/goldmark-emoji v1.0.3 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0 // indirect
 	go.opentelemetry.io/otel v1.32.0 // indirect
 	go.opentelemetry.io/otel/metric v1.32.0 // indirect
@@ -63,12 +84,13 @@ require (
 	golang.org/x/term v0.27.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
 	golang.org/x/time v0.8.0 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20241206012308-a4fef0638583 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20241206012308-a4fef0638583 // indirect
 	google.golang.org/grpc v1.68.1 // indirect
 	google.golang.org/protobuf v1.35.2 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.31.3 // indirect
+	k8s.io/api v0.31.4 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
 	k8s.io/kube-openapi v0.0.0-20241127205056-99599406b04f // indirect
 	k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect