Cyberpilot is a pipeline-first AI-SDLC repository. The MVC web app now lives under web/ and exists as the portal for local, cloud, and SDK pipeline activity.
| Mode | Entry Point | State Labels | Guide |
|---|---|---|---|
| Local | VS Code Copilot Chat or Copilot CLI | local, local/* |
AI-SDLC.md#local-mode |
| Cloud | GitHub Agentic Workflows | cyberpilot, cloud/* |
AI-SDLC.md#cloud-mode |
| SDK | .NET console app in copilot-sdk-exe/ | sdk, sdk/* |
AI-SDLC.md#sdk-mode |
All modes share the same delivery vocabulary. The default flow remains:
Issue -> Triage -> Plan -> Implement -> Review -> Docs -> Deliver
SDK mode can also run focused definitions such as bugfix and docs-only, or JSON-backed definitions supplied at launch. The GitHub issue is the state file. Each stage writes structured comments and SDK runs also persist structured results, evidence, policy context, and approval state in the run-history database.
The ASP.NET Core MVC app is now a focused support surface for the pipeline:
- web/Controllers/HomeController.cs renders the pipeline portal.
- web/Controllers/PipelinesController.cs renders pipeline modes, stages, run history, issue launcher, run details, continuation, replay reset, and Markdown guides.
- ASP.NET health checks expose readiness at
/health/ready. - web/Views/Home/Index.cshtml links the canonical pipeline guide.
Removed demo-era concerns include achievement persistence, component showcase pages, security lab routes, weather APIs, demo admin UI, Swagger, Application Insights wiring, Redis/session state, and custom middleware.
| Path | Purpose |
|---|---|
| .github/agents/ | Local custom agents shared by local and SDK modes; web SDK runs can load these from AgentPromptRoot while editing another target repo |
| .github/skills/ | Reusable skills such as gh-aw compile and commit/PR workflow helpers |
| .github/workflows/ | GitHub Actions and gh-aw workflow sources/locks |
| architecture.md | High-level solution structure, web pipeline, and component relationships |
| copilot-sdk/ | Programmatic Cyberpilot SDK library and shared run-history persistence |
| copilot-sdk-exe/ | Console harness that references the SDK library |
| web/ | ASP.NET Core MVC pipeline portal, run launcher, and SignalR dashboard over SDK persistence |
| tests/Cyberpilot.Sdk.Tests/ | SDK runner tests |
| tests/Cyberpilot.Web.UnitTests/ | Focused MVC controller tests |
| tests/Cyberpilot.Web.IntegrationTests/ | Web smoke tests through WebApplicationFactory |
| docs/ | Pipeline and operational documentation |
Prerequisites:
- .NET 10 SDK or later
- GitHub CLI for local and SDK pipeline operations
gh awwhen compiling GitHub Agentic Workflow sources
Cloud pipeline workflows require two repository secrets in MSBart2/Cyberpilot:
COPILOT_GITHUB_TOKEN- Token type: Fine-grained personal access token (PAT)
- Resource owner: your personal user account (not an organization)
- Required permission: Account permissions -> Copilot Requests: Read
- Purpose: Authenticates the Copilot engine used by gh-aw workflows
CROSS_REPO_PAT- Token type: Fine-grained personal access token (PAT)
- Resource owner:
MSBart2(or the owner of the target repositories) - Repository access: include
MSBart2/Cyberpilotand each target repository (for exampleMSBart2/Aspire1) - Required repository permissions:
- Contents: Read and write
- Issues: Read and write
- Pull requests: Read and write
- Purpose: Enables cross-repo checkout, issue updates, agent assignment, and pull-request operations in target repos
Set/update secrets with GitHub CLI:
gh secret set COPILOT_GITHUB_TOKEN --repo MSBart2/Cyberpilot
gh secret set CROSS_REPO_PAT --repo MSBart2/CyberpilotBuild and run:
dotnet build
dotnet run --project web/Cyberpilot.Web.csprojLocal launch settings bind the app to http://localhost:5203 by default. The web app exposes the pipeline portal at /Pipelines and the issue launcher at /Pipelines/Issues. The Run Room for a web-triggered SDK run shows the GitHub issue title/body, live agent output, stage telemetry, and operational controls:
- Continue Run requeues a terminal run using the same run record.
- Cancel Run marks an active queued/running run as cancelled.
- Reset Mission prepares an issue for replay by clearing SDK stage labels, deleting recognizable Cyberpilot comments, deleting the SDK issue branch when present, and removing the local run/stage-log records. It is hidden and rejected after a delivered run, because the code has already been merged.
The web runner can process missions for different configured repository roots at the same time. Missions that use the same local checkout stay serialized so two agents do not fight over one working tree or branch. Run details surface definition/profile metadata, policy evidence, and pending approval decisions when a run pauses for human review.
SDK mode:
dotnet run --project .\copilot-sdk-exe\Cyberpilot.Sdk.Exe.csproj -- run issue 135 --repo rbmathis/Cyberpilot --approve-all --skip-deliverAdd --db "Data Source=<path>" to persist EXE runs into the SDK-owned run-history database.
Select a focused SDK definition or policy profile when needed:
dotnet run --project .\copilot-sdk-exe\Cyberpilot.Sdk.Exe.csproj -- run issue 135 --repo rbmathis/Cyberpilot --approve-all --pipeline-definition bugfix --policy-profile strict
dotnet run --project .\copilot-sdk-exe\Cyberpilot.Sdk.Exe.csproj -- run issue 135 --repo rbmathis/Cyberpilot --approve-all --pipeline-definition custom-docs --pipeline-definition-file .\pipelines\custom.jsonUseful SDK preflights:
dotnet run --project .\copilot-sdk-exe\Cyberpilot.Sdk.Exe.csproj -- --check-labels --repo rbmathis/Cyberpilot
dotnet run --project .\copilot-sdk-exe\Cyberpilot.Sdk.Exe.csproj -- --check-model --repo rbmathis/Cyberpilotdotnet test
dotnet test tests/Cyberpilot.Web.UnitTests
dotnet test tests/Cyberpilot.Web.IntegrationTests
dotnet test tests/Cyberpilot.Sdk.Tests/Cyberpilot.Sdk.Tests.csprojPlaywright smoke tests are kept for CI and skip locally unless CI environment variables are present.
When editing .github/workflows/cloud-*.md, delete the existing lockfiles before compiling:
Remove-Item .github/workflows/cloud-*.lock.yml -ErrorAction SilentlyContinue
gh aw compileCommit regenerated .lock.yml files with their .md sources. Do not edit lockfiles by hand.
- AI-SDLC.md for local, cloud, and SDK AI-SDLC modes.
- architecture.md for the current repository and web app architecture overview.
- docs/policies.md for SDK policy profiles, gates, evidence, and required actions.
- docs/approval-workflow.md for human approval pause, decision, and resume behavior.