AutoInfra-CoPilot

AutoInfra CoPilot turns Terraform pull requests into autonomous reviews scanning for risks, estimating cost impact, and even proposing and self-testing fixes before you merge.

Comment

I built AutoInfra CoPilot to solve a recurring pain point: infrastructure pull requests often get delayed because reviewers must manually check policy compliance, security risks, and cost impact. Teams want faster feedback loops and safer merges, but engineers spend hours doing repetitive review work. We wanted a system that could act like an autonomous reviewer catching issues early, surfacing risks clearly, and even suggesting patches so human reviewers can focus on higher-level decisions.

What I learned:

  • How to design a fast backend pipeline that connects multiple moving parts: API, ClickHouse storage, Datadog metrics, and Terraform scanning.
  • How to stream LLM-driven comments back to a developer experience that feels natural (PR-style annotations).
  • The importance of observability: we wired in Datadog so every run is visible in metrics and dashboards.
  • How to structure a project so backend and frontend evolve independently but align on shared types and APIs.

How I Built It

  • Backend: A FastAPI service that exposes /run, /status, and /history endpoints. It orchestrates Terraform plan checks, policies, cost diffing, and LLM summarization.
  • Storage: ClickHouse tracks recent runs, findings, and deltas, enabling historical queries and fast analytics.
  • Ops: Docker Compose brings up ClickHouse and the API quickly; Datadog integration emits metrics for each run.
  • Testing: We verified the backend end-to-end with smoke tests (run → status → ClickHouse queries) to ensure data flows were reliable.
  • Frontend (in progress): A Next.js/Tailwind UI is scaffolded with components like RunButton, StatusCard, and FindingsTable. Once complete, it will provide a clean dashboard for engineers to trigger runs and inspect results.

Challenges

  • Getting ClickHouse to integrate smoothly with the API, especially ensuring results were correctly tracked per run.
  • Debugging Datadog metrics emission, since misconfigured keys initially caused silent failures.
  • Managing time pressure: we prioritized backend correctness and API contracts first, leaving UI polish for later.
  • Coordinating multiple layers (infra, LLM, observability) into a single coherent pipeline.

Built With

  • bash
  • clickhouse
  • datadog
  • docker
  • docker-compose
  • httpx)
  • llm-apis-(for-automated-review-comments)
  • powershell
  • pytest
  • python-(fastapi
  • react
  • tailwind-css)
  • terraform-cli
  • typescript-(next.js
  • uvicorn
Share this project:

Updates