dojo.md 0.2.1 → 0.2.2

package/courses/terraform-infrastructure-setup/scenarios/level-1/hcl-syntax-errors.yaml

@@ -0,0 +1,65 @@
+meta:
+  id: hcl-syntax-errors
+  level: 1
+  course: terraform-infrastructure-setup
+  type: output
+  description: "Fix HCL syntax errors — diagnose missing braces, incorrect attribute assignments, string interpolation issues, and block structure problems"
+  tags: [Terraform, HCL, syntax, validation, formatting, beginner]
+
+state: {}
+
+trigger: |
+  You run `terraform validate` and get multiple errors:
+
+  ```
+  Error: Missing closing brace
+
+    on main.tf line 12:
+    12:   tags = {
+    13:     Name = "web-server"
+    14:
+
+  Error: Unsupported argument
+
+    on main.tf line 8, in resource "aws_instance" "web":
+     8:   ami := "ami-0c55b159cbfafe1f0"
+
+  Error: Invalid reference
+
+    on main.tf line 15, in resource "aws_instance" "web":
+    15:   subnet_id = "${var.subnet_id}"
+  ```
+
+  Your main.tf:
+
+  ```hcl
+  resource "aws_instance" "web" {
+    ami := "ami-0c55b159cbfafe1f0"
+    instance_type = var.instance_type
+
+    tags = {
+      Name = "web-server"
+
+    vpc_security_group_ids = [aws_security_group.web.id]
+  }
+  ```
+
+  Task: Explain HCL syntax fundamentals, common syntax errors and
+  how to fix them, the difference between = and := (Terraform only
+  uses =), string interpolation rules, terraform fmt for auto-formatting,
+  terraform validate for catching errors before plan, and block structure
+  (resource, data, variable, output, locals).
+
+assertions:
+  - type: llm_judge
+    criteria: "HCL syntax fundamentals are explained — blocks: resource, data, variable, output, locals, terraform, provider. Attribute assignment uses = (not :=, that's Go syntax). String interpolation: use ${} inside quoted strings, but for simple references just use var.name directly (no interpolation needed since Terraform 0.12). Heredoc syntax: <<-EOT for multi-line strings. Comments: # for single line, /* */ for multi-line. Lists: [], maps: {}. The specific errors: (1) := should be =, (2) missing closing brace for tags block, (3) bare ${var.subnet_id} should be just var.subnet_id (interpolation-only expressions are deprecated)"
+    weight: 0.35
+    description: "HCL fundamentals"
+  - type: llm_judge
+    criteria: "terraform fmt and validate workflow is covered — terraform fmt: auto-formats HCL files to canonical style (consistent indentation, alignment). Run before committing. terraform fmt -check in CI to enforce formatting. terraform validate: checks configuration for internal consistency (syntax, attribute names, required arguments). Does NOT check against cloud APIs. Workflow order: fmt → validate → plan → apply. validate catches: missing required arguments, unknown attributes, type mismatches, invalid references"
+    weight: 0.35
+    description: "Formatting and validation"
+  - type: llm_judge
+    criteria: "Block structure is explained — resource 'type' 'name' {}: creates infrastructure. data 'type' 'name' {}: reads existing infrastructure. variable 'name' {}: input parameters (type, default, description, validation). output 'name' {}: export values. locals {}: computed local values (like constants). terraform {}: settings (required_version, required_providers, backend). provider 'name' {}: provider configuration. Each block type has specific allowed arguments. Meta-arguments available on resources: depends_on, count, for_each, provider, lifecycle"
+    weight: 0.30
+    description: "Block structure"

package/courses/terraform-infrastructure-setup/scenarios/level-1/provider-configuration.yaml

@@ -0,0 +1,62 @@
+meta:
+  id: provider-configuration
+  level: 1
+  course: terraform-infrastructure-setup
+  type: output
+  description: "Configure Terraform providers — set up AWS credentials, handle authentication errors, manage provider aliases for multi-region deployments"
+  tags: [Terraform, providers, AWS, authentication, credentials, beginner]
+
+state: {}
+
+trigger: |
+  You run `terraform plan` and get this error:
+
+  ```
+  Error: No valid credential sources found
+
+    with provider["registry.terraform.io/hashicorp/aws"],
+    on main.tf line 5, in provider "aws":
+     5: provider "aws" {
+
+  Please see https://registry.terraform.io/providers/hashicorp/aws
+  for more information about providing credentials.
+  ```
+
+  Your configuration:
+
+  ```hcl
+  provider "aws" {
+    region = "us-east-1"
+  }
+
+  resource "aws_s3_bucket" "data" {
+    bucket = "my-data-bucket-12345"
+  }
+
+  resource "aws_s3_bucket" "logs" {
+    provider = aws.west
+    bucket   = "my-logs-bucket-12345"
+  }
+  ```
+
+  You have AWS CLI installed with a profile named "dev" but haven't
+  configured any credentials for Terraform.
+
+  Task: Explain Terraform provider configuration, AWS credential
+  chain (how Terraform finds credentials), provider aliases for
+  multi-region, common authentication errors and fixes, and best
+  practices for credential management (never hardcode keys).
+
+assertions:
+  - type: llm_judge
+    criteria: "AWS credential chain is explained — Terraform AWS provider checks credentials in order: (1) provider block (access_key/secret_key — NEVER do this), (2) environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN), (3) shared credentials file (~/.aws/credentials), (4) shared config file (~/.aws/config with profile), (5) EC2 instance metadata / ECS task role / Lambda execution role. Fix: export AWS_PROFILE=dev or set profile in provider block. For CI/CD: use environment variables or OIDC federation (GitHub Actions → AWS IAM role)"
+    weight: 0.35
+    description: "Credential chain"
+  - type: llm_judge
+    criteria: "Provider aliases are explained — to use multiple regions, define provider aliases: provider 'aws' { region = 'us-east-1' } and provider 'aws' { alias = 'west', region = 'us-west-2' }. Reference alias: provider = aws.west in resource block. Without the alias provider block defined, the aws.west reference will fail. Default provider (no alias) is used when provider isn't specified. Each alias can have different credentials, regions, or assume_role configurations"
+    weight: 0.35
+    description: "Provider aliases"
+  - type: llm_judge
+    criteria: "Security best practices are covered — NEVER hardcode credentials in .tf files (they end up in version control and state files). Use: environment variables, AWS profiles, IAM roles (instance profiles, task roles), or OIDC federation. For assume_role: provider block supports assume_role {} for cross-account access. State files contain provider config — ensure state is encrypted and access-controlled. Use terraform plan output to verify no credentials are exposed. Add *.tfvars with secrets to .gitignore"
+    weight: 0.30
+    description: "Security practices"

package/courses/terraform-infrastructure-setup/scenarios/level-1/variable-and-output-errors.yaml

@@ -0,0 +1,78 @@
+meta:
+  id: variable-and-output-errors
+  level: 1
+  course: terraform-infrastructure-setup
+  type: output
+  description: "Debug variable and output errors — fix type mismatches, missing required variables, default values, and output reference issues"
+  tags: [Terraform, variables, outputs, types, validation, beginner]
+
+state: {}
+
+trigger: |
+  You run `terraform plan` and hit these errors:
+
+  ```
+  Error: No value for required variable
+
+    on variables.tf line 1:
+     1: variable "environment" {
+
+  The root module input variable "environment" is not set, and has
+  no default value.
+
+  Error: Invalid value for variable
+
+    on variables.tf line 7:
+     7: variable "instance_count" {
+
+  This variable does not accept the value "three". Expected type number.
+
+  Error: Unsupported attribute
+
+    on outputs.tf line 3:
+     3:   value = aws_instance.web.public_dns
+  ```
+
+  Your files:
+
+  variables.tf:
+  ```hcl
+  variable "environment" {
+    type        = string
+    description = "Deployment environment"
+  }
+
+  variable "instance_count" {
+    type    = number
+    default = 1
+  }
+
+  variable "allowed_cidrs" {
+    type    = list(string)
+    default = ["0.0.0.0/0"]
+  }
+  ```
+
+  terraform.tfvars:
+  ```hcl
+  instance_count = "three"
+  ```
+
+  Task: Explain Terraform variables (types, defaults, validation),
+  how to pass values (tfvars, CLI, env vars, auto.tfvars), output
+  values and their uses, type system (string, number, bool, list,
+  map, object, tuple), and common variable/output errors.
+
+assertions:
+  - type: llm_judge
+    criteria: "Variable system is explained — types: string, number, bool (primitives), list(type), set(type), map(type), object({key=type}), tuple([types]) (complex). Required vs optional: variables without default are required. Validation blocks: variable 'env' { validation { condition = contains(['dev','prod'], var.env), error_message = '...' } }. Sensitive = true: hides value in plan output. Nullable = false: disallows null values. The errors: (1) environment has no default and no value provided, (2) instance_count expects number but got string 'three', (3) public_dns might not exist if count = 0 or resource uses for_each"
+    weight: 0.35
+    description: "Variable system"
+  - type: llm_judge
+    criteria: "Value passing methods are covered in precedence order — (1) -var flag on CLI: terraform plan -var='environment=prod'. (2) -var-file flag: terraform plan -var-file=prod.tfvars. (3) terraform.tfvars or terraform.tfvars.json (auto-loaded). (4) *.auto.tfvars files (auto-loaded, alphabetical order). (5) TF_VAR_name environment variables: TF_VAR_environment=prod. Later sources override earlier ones. Best practice: use terraform.tfvars for defaults, environment-specific .tfvars files for overrides, never commit secrets in tfvars"
+    weight: 0.35
+    description: "Value passing"
+  - type: llm_judge
+    criteria: "Outputs are explained — output blocks export values after apply. Uses: display information, pass data between modules (module.vpc.vpc_id), feed into other tools. Attributes: value (required), description, sensitive, depends_on. terraform output command to retrieve values. terraform output -json for machine-readable format. Common errors: referencing attribute that doesn't exist on resource type, referencing resource with count/for_each without index (aws_instance.web[0].public_dns or aws_instance.web[*].public_dns)"
+    weight: 0.30
+    description: "Outputs"

package/package.json

@@ -1,10 +1,11 @@
 {
   "name": "dojo.md",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "description": "Training arena for AI agents — scenario-based evaluation with mock services, LLM-judged assertions, and automatic SKILL.md generation",
   "type": "module",
   "bin": {
-    "dojo": "./dist/cli/index.js"
+    "dojo": "./dist/cli/index.js",
+    "dojo.md": "./dist/cli/index.js"
   },
   "main": "./dist/engine/model-client.js",
   "exports": {