Skip to content

VectorOps77/vectorops-mission-impact-copilot

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CI - Quality and Security

VectorOps Mission Impact Copilot

VectorOps Mission Impact Copilot is an AI-powered project management assistant built with Python, Streamlit, and the OpenAI API. The application helps technical project managers convert raw project notes into structured, leadership-ready content such as project stories, KPI summaries, monthly updates, quality reviews, and downloadable Word documents.

This project is part of my DevSecOps and LLM portfolio. It demonstrates practical use of AI, secure API key handling, document generation, GitHub version control, and the foundation for future Azure deployment.


Problem Statement

Project managers often collect updates from emails, meetings, spreadsheets, dashboards, and stakeholder conversations. These updates are usually unstructured and require manual rewriting before they are ready for leadership reports, monthly status reports, or client-facing communication.

This creates several challenges:

  • Inconsistent reporting language
  • Manual rework
  • Weak connection between work performed and business outcomes
  • Limited visibility into risks, blockers, and measurable impact
  • Time-consuming document preparation

Solution

VectorOps Mission Impact Copilot uses AI to convert raw project notes into structured, outcome-focused content. The application helps users generate:

  • Project stories
  • KPI summaries
  • Monthly status updates
  • Risk and issue summaries
  • Quality and alignment reviews
  • Downloadable Word documents

The goal is to reduce manual reporting effort while improving clarity, consistency, and executive readiness.


Key Features

Story Creation Assistant

Generates an outcome-based project story from raw project ideas or problem statements.

Output includes:

  • Story title
  • Problem statement
  • Intended outcome
  • Suggested KPIs
  • Quality notes

KPI Builder

Helps convert KPI ideas into measurable performance indicators.

Output includes:

  • KPI name
  • Reference category
  • Baseline
  • Target
  • Unit of measure
  • Calculation
  • Client benefit

Monthly Update Assistant

Converts raw monthly notes into structured MSR-style content.

Output includes:

  • Solution delivered
  • Outcome achieved
  • Customer feedback
  • Risks/issues
  • Action items
  • Suggested KPI updates

Quality & Alignment Checker

Reviews draft content for quality, clarity, and measurable outcomes.

Output includes:

  • Alignment score
  • Activity-focused issues
  • Missing metrics
  • Recommended rewrite
  • Final readiness decision

Document Generator

Creates downloadable Word documents from generated AI content using python-docx.

Supported outputs include:

  • MSR drafts
  • Project stories
  • KPI reports
  • Quality reviews
  • Executive briefs
  • Status reports
  • Meeting summaries

Tech Stack

  • Python
  • Streamlit
  • OpenAI API
  • python-dotenv
  • python-docx
  • Pydantic
  • Git/GitHub

Planned DevSecOps tools:

  • GitHub Actions
  • Ruff
  • Pytest
  • Bandit
  • pip-audit
  • Docker
  • Trivy
  • Azure App Service or Azure Container Apps
  • Azure Key Vault
  • Terraform

Security Practices

This project uses secure environment variable handling.

The real OpenAI API key is stored in a local .env file:

OPENAI_API_KEY=your_real_api_key_here
MODEL_NAME=gpt-4.1-mini

The .env file is excluded from GitHub using .gitignore.

The repository includes a safe .env.example file:

OPENAI_API_KEY=your_api_key_here
MODEL_NAME=gpt-4.1-mini

Security controls planned for the pipeline:

  • Secret scanning
  • Dependency vulnerability scanning
  • Static code analysis
  • Container vulnerability scanning
  • Secure deployment using Azure Key Vault

Project Structure

vectorops-mission-impact-copilot/
├── app.py
├── requirements.txt
├── README.md
├── .env.example
├── .gitignore
├── src/
│   ├── llm/
│   │   └── client.py
│   ├── services/
│   │   ├── prompts.py
│   │   └── document_service.py
│   ├── models/
│   └── utils/
├── sample_data/
├── tests/
└── docs/

How to Run Locally

1. Clone the repository

git clone https://github.com/VectorOps77/vectorops-mission-impact-copilot.git
cd vectorops-mission-impact-copilot

2. Create a virtual environment

python3 -m venv venv
source venv/bin/activate

3. Install dependencies

python3 -m pip install -r requirements.txt

4. Create a .env file

touch .env

Add your OpenAI API key:

OPENAI_API_KEY=your_real_api_key_here
MODEL_NAME=gpt-4.1-mini

5. Run the app

python3 -m streamlit run app.py

Sample Use Case

Input:

Project reporting is currently manual and inconsistent. Team members submit updates in different formats, making it difficult for leadership to understand project health, risks, and measurable outcomes.

Generated output may include:

  • Executive summary
  • Project health assessment
  • Risks and issues
  • Action items
  • Suggested KPIs
  • Downloadable Word document

DevSecOps Roadmap

Phase 1: CI/CD Foundation

  • Add GitHub Actions workflow
  • Run linting with Ruff
  • Run tests with Pytest
  • Run security scan with Bandit
  • Run dependency scan with pip-audit

Phase 2: Containerization

  • Add Dockerfile
  • Build container image
  • Scan image with Trivy
  • Prepare for Azure deployment

Phase 3: Azure Deployment

  • Deploy app to Azure App Service or Azure Container Apps
  • Store secrets in Azure Key Vault
  • Configure environment variables securely

Phase 4: Infrastructure as Code

  • Create Terraform configuration
  • Provision Azure resources
  • Add Terraform validation and security scanning

Phase 5: Expanded AI Studio

Future versions will include:

  • Prompt library
  • Schema library
  • Multiple document templates
  • GitHub portfolio artifact generator
  • Azure architecture summary generator
  • DevSecOps pipeline report generator

Portfolio Goals

This project demonstrates:

  • LLM application development
  • Streamlit app development
  • OpenAI API integration
  • Secure API key management
  • Word document generation
  • GitHub version control
  • DevSecOps pipeline planning
  • Technical project management automation
  • Azure deployment readiness

DevSecOps Milestones Completed

  • Built Streamlit AI application
  • Integrated OpenAI API
  • Secured secrets using .env
  • Added Word document generation
  • Added unit tests with Pytest
  • Added Ruff code quality checks
  • Added Bandit Python security scanning
  • Added pip-audit dependency scanning
  • Added Docker container support
  • Added Trivy container vulnerability scanning
  • Fixed HIGH container vulnerabilities found by Trivy

Azure Deployment Milestone

The application has been containerized with Docker, pushed to Azure Container Registry, and deployed to Azure Container Apps.

Current Azure resources:

  • Resource Group: rg-vectorops-copilot-dev
  • Azure Container Registry: vectoropscopilotacr
  • Azure Container Apps Environment: vectorops-copilot-env
  • Azure Container App: vectorops-mission-impact-copilot
  • Runtime Port: 8501
  • Ingress: External
  • Secret Handling: OPENAI_API_KEY stored as an Azure Container App secret
  • Model Configuration: MODEL_NAME=gpt-4.1-mini

Deployment capabilities demonstrated:

  • Docker containerization
  • Azure Container Registry image storage
  • Azure Container Apps deployment
  • Runtime environment variable configuration
  • Secret reference usage
  • Cloud-hosted Streamlit application

CI/CD Deployment Milestone

This project includes an automated GitHub Actions workflow that validates, scans, builds, and deploys the application to Azure Container Apps.

Pipeline Stages

  1. Python quality and security checks

    • Ruff linting
    • Bandit security scan
    • pip-audit dependency scan
    • Pytest unit tests
  2. Container security

    • Docker image build
    • Trivy vulnerability scan
    • HIGH and CRITICAL vulnerability blocking
  3. Azure deployment

    • Azure login using GitHub repository secret
    • Docker image build for linux/amd64
    • Push to Azure Container Registry
    • Update Azure Container App with latest image

DevSecOps Capabilities Demonstrated

  • CI/CD automation
  • Secure GitHub secrets usage
  • Containerized application delivery
  • Azure Container Registry integration
  • Azure Container Apps deployment
  • Automated security gates
  • Infrastructure-aware deployment workflow

Disclaimer

This project uses fictional and sanitized sample data only. It does not include proprietary, client-sensitive, government-sensitive, or employer-owned data.

All AI-generated content should be reviewed by a human before being used in any official report or client-facing document.


Author

Aaron Thomas VectorOps LLC

About

No description, website, or topics provided.

Resources

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors