VectorInstitute
diff --git a/‎.github/workflows/code_checks.yml‎
Lines changed: 59 additions & 0 deletions b/‎.github/workflows/code_checks.yml‎
Lines changed: 59 additions & 0 deletions
diff --git a/‎.github/workflows/docs.yml‎
Lines changed: 100 additions & 0 deletions b/‎.github/workflows/docs.yml‎
Lines changed: 100 additions & 0 deletions
diff --git a/‎.pre-commit-config.yaml‎
Lines changed: 1 addition & 1 deletion b/‎.pre-commit-config.yaml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎README.md‎
Lines changed: 76 additions & 14 deletions b/‎README.md‎
Lines changed: 76 additions & 14 deletions
diff --git a/‎docs/assets/favicon-48x48.svg‎
Lines changed: 9 additions & 0 deletions b/‎docs/assets/favicon-48x48.svg‎
Lines changed: 9 additions & 0 deletions
diff --git a/‎docs/assets/favicon.ico‎
14.7 KB b/‎docs/assets/favicon.ico‎
14.7 KB
@@ -0,0 +1,59 @@
+name: code checks
+permissions:
+  contents: read
+  pull-requests: write
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - .pre-commit-config.yaml
+      - .github/workflows/code_checks.yml
+      - '**.py'
+      - uv.lock
+      - pyproject.toml
+      - '**.ipynb'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - .pre-commit-config.yaml
+      - .github/workflows/code_checks.yml
+      - '**.py'
+      - uv.lock
+      - pyproject.toml
+      - '**.ipynb'
+
+jobs:
+  run-code-check:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@b75a909f75acd358c2196fb9a5f1299a9a8868a4
+        with:
+          # Install a specific version of uv.
+          version: "0.9.7"
+          enable-cache: true
+
+      - name: "Set up Python"
+        uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c
+        with:
+          python-version-file: ".python-version"
+
+      - name: Install the project
+        run: uv sync --all-extras --dev
+
+      - name: Install dependencies and check code
+        run: |
+          source .venv/bin/activate
+          pre-commit run --all-files
+
+      - name: pip-audit (gh-action-pip-audit)
+        uses: pypa/[email protected]
+        with:
+          virtual-environment: .venv/
+          ignore-vulns: |
+            GHSA-4xh5-x5gv-qwph
@@ -0,0 +1,100 @@
+name: docs
+permissions:
+  contents: write
+  pull-requests: write
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - .pre-commit-config.yaml
+      - .github/workflows/docs.yml
+      - '**.py'
+      - '**.ipynb'
+      - '**.html'
+      - '**.js'
+      - '**.md'
+      - uv.lock
+      - pyproject.toml
+      - mkdocs.yml
+      - '**.png'
+      - '**.svg'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - .pre-commit-config.yaml
+      - .github/workflows/docs.yml
+      - '**.py'
+      - '**.ipynb'
+      - '**.js'
+      - '**.html'
+      - uv.lock
+      - pyproject.toml
+      - '**.md'
+      - mkdocs.yml
+      - '**.png'
+      - '**.svg'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/[email protected]
+
+      - name: Install uv
+        uses: astral-sh/[email protected]
+        with:
+          version: "0.9.7"
+          enable-cache: true
+
+      - name: Set up Python
+        uses: actions/setup-python@v6
+        with:
+          python-version-file: ".python-version"
+
+      - name: Install the project
+        run: uv sync --all-extras --group docs
+
+      - name: Build docs
+        run: uv run mkdocs build
+
+      - name: Create .nojekyll file
+        run: touch site/.nojekyll
+
+      - name: Upload artifact
+        uses: actions/upload-artifact@v4
+        with:
+          name: docs-site
+          path: site/
+          retention-days: 1
+
+  deploy:
+    needs: build
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/[email protected]
+
+      - name: Configure Git Credentials
+        run: |
+          git config user.name github-actions[bot]
+          git config user.email 41898282+github-actions[bot]@users.noreply.github.com
+
+      - name: Download artifact
+        uses: actions/download-artifact@v5
+        with:
+          name: docs-site
+          path: site
+
+      - name: Ensure .nojekyll exists
+        run: touch site/.nojekyll
+
+      - name: Deploy to Github pages
+        uses: JamesIves/[email protected]
+        with:
+          branch: gh-pages
+          folder: site
@@ -25,7 +25,7 @@ repos:
       - id: uv-lock
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: 'v0.13.3'
+    rev: 'v0.14.3'
     hooks:
     - id: ruff-check
       args: [--fix, --exit-non-zero-on-fix]
 
@@ -1,27 +1,89 @@
 # AI Engineering Platform
 
+Infrastructure and tooling for AI Engineering bootcamps, providing secure, isolated development environments and automated participant onboarding.
+
+## Overview
+
+This platform consists of two main components:
+
+1. **Coder Deployment** - Containerized development environments on GCP
+2. **Participant Onboarding System** - Secure, automated participant onboarding
+
+---
+
 ## 1. Coder Deployment for GCP
 
-The folder `coder` contains all resources needed to deploy a [Coder](https://coder.com) instance on Google Cloud Platform (GCP), along with reusable workspace templates and Docker images for the workspace environment.
+The `coder` folder contains all resources needed to deploy a [Coder](https://coder.com) instance on Google Cloud Platform (GCP), along with reusable workspace templates and Docker images for the workspace environment.
 
 ### Structure
 
-- **deploy/**
-  Terraform scripts and startup automation for provisioning the Coder server on a GCP VM.
+- **deploy/** - Terraform scripts and startup automation for provisioning the Coder server on a GCP VM
+- **docker/** - Dockerfiles and guides for building custom images used by Coder workspace templates
+- **templates/** - Coder workspace templates for reproducible, containerized development environments on GCP
+
+### Usage
+
+1. **Provision Coder on GCP** - Follow the steps in [`coder/deploy/README.md`](coder/deploy/README.md)
+2. **Build and Push Docker Images** - See [`coder/docker/README.md`](coder/docker/README.md)
+3. **Push Workspace Templates** - See [`coder/templates/README.md`](coder/templates/README.md)
+
+---
+
+## 2. Participant Onboarding System
+
+Automated system for securely distributing team-specific API keys to bootcamp participants using Firebase Authentication and Firestore.
+
+### Features
+
+**Secure Authentication** - Firebase custom tokens with per-participant access
+**Team Isolation** - Firestore security rules enforce team-level data separation
+**Automated Onboarding** - One-command setup for participants
+**API Key Management** - Automated generation and distribution of:
+
+### Architecture
+
+```
+┌─────────────────────────────────────────────────────────────────┐
+│                          Admin Phase                            │
+├─────────────────────────────────────────────────────────────────┤
+│  1. Setup participants and teams in Firestore                   │
+│  2. Generate team-specific API keys                             │
+│  3. Setup shared keys                                           │
+│  4. Generate Firebase authentication tokens                     │
+│  5. Deploy Firestore security rules                             │
+└─────────────────────────────────────────────────────────────────┘
+                              ↓
+┌─────────────────────────────────────────────────────────────────┐
+│                       Participant Phase                         │
+├─────────────────────────────────────────────────────────────────┤
+│  1. Run onboarding script in Coder workspace                    │
+│  2. Script authenticates using Firebase custom token            │
+│  3. Fetch team-specific API keys (security rules enforced)      │
+│  4. Create .env file with all credentials                       │
+│  5. Run integration tests to verify keys                        │
+└─────────────────────────────────────────────────────────────────┘
+```
+
+## Requirements
 
-- **docker/**
-  Dockerfiles and guides for building custom images used by Coder workspace templates.
+- Python 3.12+
+- `uv` package manager
+- GCP project with Firestore and Secret Manager enabled
+- Firebase project with Authentication enabled
+- Appropriate GCP permissions (see admin guide)
 
-- **templates/**
-  Coder workspace templates for reproducible, containerized development environments on GCP.
+## Installation
 
-## Usage
+```bash
+# Clone repository
+git clone <repository-url>
+cd aieng-platform
 
-1. **Provision Coder on GCP**
-   Follow the steps in [`deploy/README.md`](coder/deploy/README.md) to set up your GCP environment and deploy the Coder server using Terraform.
+# Install dependencies
+uv sync
 
-2. **Build and Push Docker Images**
-   Use [`docker/README.md`](coder/docker/README.md) to build and upload Docker images required by your templates.
+# Authenticate with GCP
+gcloud auth application-default login
+```
 
-3. **Push Workspace Templates**
-   See [`templates/README.md`](coder/templates/README.md) for instructions on uploading workspace templates to your Coder instance.
+---