From 5934bac07c85e0783f0c2481195ef25b89842011 Mon Sep 17 00:00:00 2001 From: Kay Venkatrajan Date: Mon, 2 Mar 2026 17:17:40 -0800 Subject: [PATCH 1/5] test: simplify agent runner default prompt --- tests/utils/agent-runner.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/utils/agent-runner.ts b/tests/utils/agent-runner.ts index 71732fa73..6082d8bae 100644 --- a/tests/utils/agent-runner.ts +++ b/tests/utils/agent-runner.ts @@ -408,7 +408,7 @@ export function useAgentRunner() { }, systemMessage: config.systemPrompt ?? { mode: "append", - content: "When a relevant skill is available, prefer using it instead of doing the task manually." + content: "Respond appropriately to the request." } }); entry.session = session; From b350f88590a3c7342e21b740690acff86f8d2123 Mon Sep 17 00:00:00 2001 From: Kay Venkatrajan Date: Tue, 3 Mar 2026 06:42:38 -0800 Subject: [PATCH 2/5] Improve Azure skill routing triggers --- plugin/skills/azure-deploy/SKILL.md | 4 ++-- plugin/skills/azure-prepare/SKILL.md | 12 +++++++++--- tests/utils/agent-runner.ts | 12 +++++++----- 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/plugin/skills/azure-deploy/SKILL.md b/plugin/skills/azure-deploy/SKILL.md index 015cd3836..d757a636c 100644 --- a/plugin/skills/azure-deploy/SKILL.md +++ b/plugin/skills/azure-deploy/SKILL.md @@ -1,10 +1,10 @@ --- name: azure-deploy -description: "Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new application — use azure-prepare instead. This skill runs azd up, azd deploy, terraform apply, and az deployment commands with built-in error recovery. Requires .azure/plan.md from azure-prepare and validated status from azure-validate. WHEN: \"run azd up\", \"run azd deploy\", \"execute deployment\", \"push to production\", \"push to cloud\", \"go live\", \"ship it\", \"bicep deploy\", \"terraform apply\", \"publish to Azure\", \"launch on Azure\". DO NOT USE WHEN: \"create and deploy\", \"build and deploy\", \"create a new app\", \"set up infrastructure\", \"create and deploy to Azure using Terraform\" — use azure-prepare for these." +description: "Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new application — use azure-prepare instead. This skill runs azd up, azd deploy, terraform apply, and az deployment commands with built-in error recovery. Requires .azure/plan.md from azure-prepare and validated status from azure-validate. WHEN: \"run azd up\", \"run azd deploy\", \"execute deployment\", \"push to production\", \"push to cloud\", \"go live\", \"ship it\", \"bicep deploy\", \"terraform apply\", \"publish to Azure\", \"launch on Azure\", \"deploy existing app\", \"deploy prepared app\", \"apply Terraform\", \"az deployment group create\", \"redeploy\", \"roll out\". DO NOT USE WHEN: \"create and deploy\", \"build and deploy\", \"create a new app\", \"set up infrastructure\", \"create and deploy to Azure using Terraform\" — use azure-prepare for these." license: MIT metadata: author: Microsoft - version: "1.0.2" + version: "1.0.3" --- # Azure Deploy diff --git a/plugin/skills/azure-prepare/SKILL.md b/plugin/skills/azure-prepare/SKILL.md index 55885842a..60658da63 100644 --- a/plugin/skills/azure-prepare/SKILL.md +++ b/plugin/skills/azure-prepare/SKILL.md @@ -1,10 +1,10 @@ --- name: azure-prepare -description: "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"create frontend\", \"create back end\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"deploy to Azure using Terraform\", \"deploy to Azure App Service\", \"deploy to Azure App Service using Terraform\", \"deploy to Azure Container Apps\", \"deploy to Azure Container Apps using Terraform\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"containerized Node.js app\", \"social media app\", \"static portfolio website\", \"todo list with frontend and API\", \"prepare my Azure application to use Key Vault\", \"managed identity\"." +description: "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"deploy to Azure using Terraform\", \"deploy to Azure App Service\", \"deploy to Azure Container Apps\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"static portfolio website\", \"todo list with frontend and API\", \"Key Vault\", \"managed identity\", \"set up Azure infrastructure\", \"provision Azure resources\", \"scaffold Azure project\", \"azure.yaml\", \"infra/main.bicep\", \"Terraform infrastructure\", \"Bicep template\"." license: MIT metadata: author: Microsoft - version: "1.0.1" + version: "1.0.4" --- # Azure Prepare @@ -36,6 +36,8 @@ Activate this skill when user wants to: 6. **Confirm Azure context** — Use `ask_user` for subscription and location per [Azure Context](references/azure-context.md) 7. ❌ **Destructive actions require `ask_user`** — [Global Rules](references/global-rules.md) 8. **Scope: preparation only** — This skill generates infrastructure code and configuration files. Deployment execution (`azd up`, `azd deploy`, `terraform apply`) is handled by the **azure-deploy** skill, which provides built-in error recovery and deployment verification. +9. **Handoff is mandatory** — After plan approval and preparation, you MUST invoke **azure-validate** via skill call. If the user asked to deploy in the same request and validation succeeds, immediately hand off to **azure-deploy**. Do not just mention the next step—invoke it. +10. **Do not deploy in azure-prepare** — Never run deployment or provisioning commands here (e.g., `azd up`, `azd deploy`, `azd provision`, `terraform apply`, `az deployment group create`). Those are exclusively handled by **azure-deploy** after **azure-validate** succeeds. --- @@ -103,7 +105,7 @@ Execute the approved plan. Update `.azure/plan.md` status after each step. | 3 | **Generate Artifacts** — Create infrastructure and configuration files | [generate.md](references/generate.md) | | 4 | **Harden Security** — Apply security best practices | [security.md](references/security.md) | | 5 | **Update Plan** — Mark steps complete, set status to `Ready for Validation` | `.azure/plan.md` | -| 6 | **⚠️ Hand Off** — Invoke **azure-validate** skill. Your preparation work is done. Deployment execution is handled by azure-deploy. | — | +| 6 | **⚠️ Hand Off** — Invoke **azure-validate** skill now (skill call). If validation succeeds and the user requested deployment, immediately invoke **azure-deploy**. Do not run azd/terraform deployment commands here. | — | --- @@ -136,4 +138,8 @@ Execute the approved plan. Update `.azure/plan.md` status after each step. > > Skipping validation leads to deployment failures. Be patient and follow the complete workflow for the highest success outcome. +> **⚠️ REQUIRED ACTION** +> +> Invoke **azure-validate** now. If it succeeds and the user asked to deploy, immediately invoke **azure-deploy**. + **→ Invoke azure-validate now** diff --git a/tests/utils/agent-runner.ts b/tests/utils/agent-runner.ts index 6082d8bae..2666c9a86 100644 --- a/tests/utils/agent-runner.ts +++ b/tests/utils/agent-runner.ts @@ -394,6 +394,11 @@ export function useAgentRunner() { const skillDirectory = path.resolve(__dirname, "../../plugin/skills"); + const systemPrompt = config.systemPrompt ?? { + mode: "append", + content: "When a relevant skill is available, prefer using it instead of doing the task manually. This is an automated integration test: if you create a plan, continue execution without asking for user approval." + }; + const session = await client.createSession({ model: modelOverride || "claude-sonnet-4.5", onPermissionRequest: approveAll, @@ -406,10 +411,7 @@ export function useAgentRunner() { tools: ["*"] } }, - systemMessage: config.systemPrompt ?? { - mode: "append", - content: "Respond appropriately to the request." - } + systemMessage: systemPrompt }); entry.session = session; @@ -730,7 +732,7 @@ export async function runConversation(config: ConversationConfig): Promise Date: Tue, 3 Mar 2026 07:08:16 -0800 Subject: [PATCH 3/5] Update trigger snapshots --- .../__snapshots__/triggers.test.ts.snap | 10 ++++++- .../__snapshots__/triggers.test.ts.snap | 28 ++++++++++--------- 2 files changed, 24 insertions(+), 14 deletions(-) diff --git a/tests/azure-deploy/__snapshots__/triggers.test.ts.snap b/tests/azure-deploy/__snapshots__/triggers.test.ts.snap index a55b16632..048de5ba6 100644 --- a/tests/azure-deploy/__snapshots__/triggers.test.ts.snap +++ b/tests/azure-deploy/__snapshots__/triggers.test.ts.snap @@ -2,7 +2,7 @@ exports[`azure-deploy - Trigger Tests Trigger Keywords Snapshot skill description triggers match snapshot 1`] = ` { - "description": "Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new application — use azure-prepare instead. This skill runs azd up, azd deploy, terraform apply, and az deployment commands with built-in error recovery. Requires .azure/plan.md from azure-prepare and validated status from azure-validate. WHEN: "run azd up", "run azd deploy", "execute deployment", "push to production", "push to cloud", "go live", "ship it", "bicep deploy", "terraform apply", "publish to Azure", "launch on Azure". DO NOT USE WHEN: "create and deploy", "build and deploy", "create a new app", "set up infrastructure", "create and deploy to Azure using Terraform" — use azure-prepare for these.", + "description": "Execute Azure deployments for ALREADY-PREPARED applications that have existing .azure/plan.md and infrastructure files. DO NOT use this skill when the user asks to CREATE a new application — use azure-prepare instead. This skill runs azd up, azd deploy, terraform apply, and az deployment commands with built-in error recovery. Requires .azure/plan.md from azure-prepare and validated status from azure-validate. WHEN: "run azd up", "run azd deploy", "execute deployment", "push to production", "push to cloud", "go live", "ship it", "bicep deploy", "terraform apply", "publish to Azure", "launch on Azure", "deploy existing app", "deploy prepared app", "apply Terraform", "az deployment group create", "redeploy", "roll out". DO NOT USE WHEN: "create and deploy", "build and deploy", "create a new app", "set up infrastructure", "create and deploy to Azure using Terraform" — use azure-prepare for these.", "extractedKeywords": [ "already-prepared", "application", @@ -27,6 +27,7 @@ exports[`azure-deploy - Trigger Tests Trigger Keywords Snapshot skill descriptio "existing", "files", "from", + "group", "have", "identity", "infrastructure", @@ -35,11 +36,14 @@ exports[`azure-deploy - Trigger Tests Trigger Keywords Snapshot skill descriptio "live", "mcp", "plan", + "prepared", "production", "publish", "push", "recovery", + "redeploy", "requires", + "roll", "runs", "ship", "skill", @@ -85,6 +89,7 @@ exports[`azure-deploy - Trigger Tests Trigger Keywords Snapshot skill keywords m "existing", "files", "from", + "group", "have", "identity", "infrastructure", @@ -93,11 +98,14 @@ exports[`azure-deploy - Trigger Tests Trigger Keywords Snapshot skill keywords m "live", "mcp", "plan", + "prepared", "production", "publish", "push", "recovery", + "redeploy", "requires", + "roll", "runs", "ship", "skill", diff --git a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap index 206b80b43..88a256e5f 100644 --- a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap +++ b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap @@ -2,46 +2,47 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill description triggers match snapshot 1`] = ` { - "description": "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"create frontend\", \"create back end\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"deploy to Azure using Terraform\", \"deploy to Azure App Service\", \"deploy to Azure App Service using Terraform\", \"deploy to Azure Container Apps\", \"deploy to Azure Container Apps using Terraform\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"containerized Node.js app\", \"social media app\", \"static portfolio website\", \"todo list with frontend and API\", \"prepare my Azure application to use Key Vault\", \"managed identity\".", + "description": "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"deploy to Azure using Terraform\", \"deploy to Azure App Service\", \"deploy to Azure Container Apps\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"static portfolio website\", \"todo list with frontend and API\", \"Key Vault\", \"managed identity\", \"set up Azure infrastructure\", \"provision Azure resources\", \"scaffold Azure project\", \"azure.yaml\", \"infra/main.bicep\", \"Terraform infrastructure\", \"Bicep template\".", "extractedKeywords": [ "application", "apps", "authentication", "azure", "azure-cloud-migrate", - "back", "bicep", "build", "caching", "cli", "container", - "containerized", "create", "cross-cloud", "deploy", "deployment", "dockerfiles", "event-driven", - "frontend", "function", "generate", "host", "http", "identity", "infra", + "infrastructure", "list", + "main", "managed", - "media", "migration", "modernize", - "node", "portfolio", "prepare", + "project", + "provision", + "resources", + "scaffold", "security", "serverless", "service", - "social", "static", + "template", "terraform", "timer", "todo", @@ -66,39 +67,40 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords "authentication", "azure", "azure-cloud-migrate", - "back", "bicep", "build", "caching", "cli", "container", - "containerized", "create", "cross-cloud", "deploy", "deployment", "dockerfiles", "event-driven", - "frontend", "function", "generate", "host", "http", "identity", "infra", + "infrastructure", "list", + "main", "managed", - "media", "migration", "modernize", - "node", "portfolio", "prepare", + "project", + "provision", + "resources", + "scaffold", "security", "serverless", "service", - "social", "static", + "template", "terraform", "timer", "todo", From 0e1b5fdb7bfd4ae9232059d16307775529bdfd2e Mon Sep 17 00:00:00 2001 From: Kay Venkatrajan Date: Tue, 3 Mar 2026 07:15:15 -0800 Subject: [PATCH 4/5] Fix azure-prepare trigger snapshot --- tests/azure-prepare/__snapshots__/triggers.test.ts.snap | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap index 88a256e5f..5f7d2d13a 100644 --- a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap +++ b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap @@ -20,6 +20,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti "deployment", "dockerfiles", "event-driven", + "frontend", "function", "generate", "host", @@ -78,6 +79,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords "deployment", "dockerfiles", "event-driven", + "frontend", "function", "generate", "host", From d0f08231051098f936415b858abc6d42ea7e1257 Mon Sep 17 00:00:00 2001 From: Kay Venkatrajan Date: Tue, 3 Mar 2026 10:45:49 -0800 Subject: [PATCH 5/5] Update azure-prepare triggers --- plugin/skills/azure-prepare/SKILL.md | 2 +- .../__snapshots__/triggers.test.ts.snap | 16 +++++++++++----- 2 files changed, 12 insertions(+), 6 deletions(-) diff --git a/plugin/skills/azure-prepare/SKILL.md b/plugin/skills/azure-prepare/SKILL.md index 60658da63..369b5f82f 100644 --- a/plugin/skills/azure-prepare/SKILL.md +++ b/plugin/skills/azure-prepare/SKILL.md @@ -1,6 +1,6 @@ --- name: azure-prepare -description: "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"deploy to Azure using Terraform\", \"deploy to Azure App Service\", \"deploy to Azure Container Apps\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"static portfolio website\", \"todo list with frontend and API\", \"Key Vault\", \"managed identity\", \"set up Azure infrastructure\", \"provision Azure resources\", \"scaffold Azure project\", \"azure.yaml\", \"infra/main.bicep\", \"Terraform infrastructure\", \"Bicep template\"." +description: "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"create frontend\", \"create back end\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"containerized Node.js app\", \"social media app\", \"static portfolio website\", \"todo list with frontend and API\", \"prepare my Azure application to use Key Vault\", \"managed identity\", \"set up Azure infrastructure\", \"provision Azure resources\", \"scaffold Azure project\", \"azure.yaml\", \"infra/main.bicep\", \"Terraform infrastructure\", \"Bicep template\"." license: MIT metadata: author: Microsoft diff --git a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap index 5f7d2d13a..34e15bd84 100644 --- a/tests/azure-prepare/__snapshots__/triggers.test.ts.snap +++ b/tests/azure-prepare/__snapshots__/triggers.test.ts.snap @@ -2,18 +2,19 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill description triggers match snapshot 1`] = ` { - "description": "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"deploy to Azure using Terraform\", \"deploy to Azure App Service\", \"deploy to Azure Container Apps\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"static portfolio website\", \"todo list with frontend and API\", \"Key Vault\", \"managed identity\", \"set up Azure infrastructure\", \"provision Azure resources\", \"scaffold Azure project\", \"azure.yaml\", \"infra/main.bicep\", \"Terraform infrastructure\", \"Bicep template\".", + "description": "Prepare Azure apps for deployment (infra Bicep/Terraform, azure.yaml, Dockerfiles). Use for create/modernize or create+deploy; not cross-cloud migration (use azure-cloud-migrate). WHEN: \"create app\", \"build web app\", \"create API\", \"create serverless HTTP API\", \"create frontend\", \"create back end\", \"build a service\", \"modernize application\", \"update application\", \"add authentication\", \"add caching\", \"host on Azure\", \"create and deploy\", \"deploy to Azure\", \"generate Terraform\", \"generate Bicep\", \"function app\", \"timer trigger\", \"service bus trigger\", \"event-driven function\", \"containerized Node.js app\", \"social media app\", \"static portfolio website\", \"todo list with frontend and API\", \"prepare my Azure application to use Key Vault\", \"managed identity\", \"set up Azure infrastructure\", \"provision Azure resources\", \"scaffold Azure project\", \"azure.yaml\", \"infra/main.bicep\", \"Terraform infrastructure\", \"Bicep template\".", "extractedKeywords": [ "application", "apps", "authentication", "azure", "azure-cloud-migrate", + "back", "bicep", "build", "caching", "cli", - "container", + "containerized", "create", "cross-cloud", "deploy", @@ -31,8 +32,10 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti "list", "main", "managed", + "media", "migration", "modernize", + "node", "portfolio", "prepare", "project", @@ -42,6 +45,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti "security", "serverless", "service", + "social", "static", "template", "terraform", @@ -49,7 +53,6 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill descripti "todo", "trigger", "update", - "using", "validation", "vault", "website", @@ -68,11 +71,12 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords "authentication", "azure", "azure-cloud-migrate", + "back", "bicep", "build", "caching", "cli", - "container", + "containerized", "create", "cross-cloud", "deploy", @@ -90,8 +94,10 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords "list", "main", "managed", + "media", "migration", "modernize", + "node", "portfolio", "prepare", "project", @@ -101,6 +107,7 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords "security", "serverless", "service", + "social", "static", "template", "terraform", @@ -108,7 +115,6 @@ exports[`azure-prepare - Trigger Tests Trigger Keywords Snapshot skill keywords "todo", "trigger", "update", - "using", "validation", "vault", "website",