Files
ai-workflow-course/the-workflow-syllabus.md
T
claude 2684095e2f Build out all 27 modules + capstone (#1)
Co-authored-by: claude <claude@jpaul.io>
Co-committed-by: claude <claude@jpaul.io>
2026-06-22 12:19:01 -04:00

19 KiB
Raw Blame History

The Workflow

The Toolchain Around AI Coding

A living course for IT professionals who are comfortable in an AI chat window and starting to build real software with it — but are still copy-pasting between the chat and their files. The goal is to replace that loop with durable engineering workflows: version control, collaboration, CI/CD, runners, and the tools that extend AI into real systems.

Thesis: the model is the cheap, swappable part. The workflow around it is the skill that lasts. This course is deliberately model- and vendor-agnostic — whichever LLM you use, the scaffolding is the same.


How this syllabus is built

It's a dependency chain, not a topic list. Every module assumes only what the previous ones taught, and nothing references a tool before it's been introduced. The 27 modules group into five units:

  • Unit 1 (17) — Get out of the chat window. The local foundation: version control, committing the AI's config, and getting the AI editing real files safely.
  • Unit 2 (812) — Make it shareable, reviewable, recoverable. The team layer: hosting, issues, review, collaboration, and recovery.
  • Unit 3 (1319) — Automate the checking and shipping. The pipeline: tests, CI, security scanning, containers, secrets, delivery, and the compute behind it.
  • Unit 4 (2023) — Extend the AI into your systems. The frontier: MCP, skills, securing them, and working with existing codebases.
  • Unit 5 (2427) — AI in the loop. Agents operating inside the pipeline, from assistive to autonomous, plus the evals that make that trustworthy.
  • Capstone ties the whole motion together on one real feature.

Durable core vs. expansion zone. Modules 114 are the stable foundation — version control, review, testing, and CI aren't going anywhere and should rarely change. From Module 15 onward — security scanning, the extend-the-AI unit, and all of Unit 5 — is the expansion zone, where a fast-moving space will keep handing you new lessons. Keeping the volatile material toward the back lets the front stay stable as the course grows.

The backup-and-recovery thread. Version control as backup and recovery is woven across Module 8 (remotes give you the offsite, distributed copy — the backup half) and Module 12 (commits give you point-in-time restore — the recovery half), with an honest accounting of where the analogy holds and where it breaks.


Unit 1 — Get out of the chat window

Module 1 — The Copy-Paste Problem

Orientation, not content. Diagnose the current state honestly: why pasting between a chat tab and a file falls apart the moment a project has more than one file or more than one day of history. Establish the course thesis and get everyone set up with a real local project, an editor, and a terminal.

Module 2 — Version Control as a Safety Net

Git fundamentals framed for this audience as undo for the AI: init, commit, diff, log, restore. The reframe that lands: commits are checkpoints you can always return to when the AI confidently makes a mess — which is what makes everything riskier in later modules safe to attempt.

A second reframe that matters just as much: the repo is durable memory the AI can read. An AI session is ephemeral — disconnect and the agent's working context is gone — but the changes on disk aren't. A fresh session can answer "where were we?" entirely from ground truth by reading git: git status shows what's changed but uncommitted (including new untracked files), git diff shows the actual line-level edits, git log shows what's already committed and settled, and git log main..HEAD plus the ahead/behind report in git status show how the branch compares to main and to the remote — covering the untracked, uncommitted, and not-yet-pushed states in one pass. The one limit to teach honestly: git only sees what was written to disk; anything the agent only reasoned about in context but never wrote is gone with the session. That's also the practical argument for committing often — the more granular the history, the cleaner the reconstruction.

Module 3 — Version Control for Words, Not Just Code

The lowest-stakes place to practice Git, and a genuinely useful skill on its own. Editing a markdown doc with AI and committing it carries almost no risk, so it's the ideal first real application of branch / diff / commit / merge before the agent ever touches code. Covers why plain text wins: Git diffs are line-based, which is exactly why markdown and AsciiDoc version beautifully while .docx and .pptx version terribly (Git tracks them, but the diff is useless binary noise and merges are impossible). A real argument for moving runbooks, ADRs, and specs out of Word and into markdown. Doc types covered: READMEs, architecture decision records, runbooks, changelogs, specs/PRDs. The "aha": the wikis on most git hosts — GitHub, GitLab, Gitea, and others — are themselves just Git repos, so your wiki was version-controlled all along. AI angle: LLMs are native markdown writers, so "draft the ADR, branch it, review the diff, merge it" is adoptable tomorrow.

Module 4 — Getting the AI Out of the Browser

The literal answer to Module 1: agentic, editor-integrated AI tools that operate on your files directly (kept tool- and model-agnostic). This works because of Module 2 — you let the AI edit real files only because you can now see and revert exactly what it did.

Module 5 — Commit the AI's Config, Not Just the Code

The instructions you give the model are as worth versioning as the code it writes — and the thesis holds here too: the model is swappable, but your setup for it is a durable artifact. Most agentic coding tools read a committed, repo-level config or instructions file (kept tool-agnostic here — the principle outlives any one vendor's filename): project conventions, build and test commands, coding standards, "don't touch these files," and house style. Checking it into the repo means every teammate — and every automated agent that later operates on the repo — inherits the same setup instead of each person hand-tuning their own and quietly drifting apart. It also makes AI behavior reviewable: a change to how the AI works on this project arrives as a diff in a PR, like any other change. (Its full payoff lands once you have a shared remote in Module 8, but the habit starts now.) This is the lightweight foundation that Module 21, Skills, later builds into structured, reusable playbooks.

Module 6 — Branches: Sandboxes for Experiments

Branching, merging, and resolving conflicts, positioned as isolation for AI experiments: spin up a branch, let the agent try something wild, throw it away or keep it with zero risk to working code.

Module 7 — Worktrees: Running Agents in Parallel

Multiple working directories from one repo — genuinely powerful once you're running more than one AI session at a time and don't want them stepping on each other. The natural payoff of understanding branches.


Unit 2 — Make it shareable, reviewable, recoverable

Module 8 — Remotes and Hosting: GitHub, the Alternatives, and Owning Your Repo

Push, pull, and remotes — the mechanic that gets your history off your laptop and somewhere durable. A remote is just a remote, so this stays deliberately provider-neutral. GitHub is the titan and the default nearly everyone will encounter — the largest by far, and the one most AI tooling integrates with first — but it is one option among many. Hosted alternatives worth naming include GitLab, Bitbucket, Azure DevOps, Codeberg, and SourceHut. For teams that want control, on-prem, or air-gapped operation — a real concern for this audience — you can self-host an open-source forge instead: Forgejo, Gitea, GitLab CE, Gogs, and OneDev are all viable. (GitLab notably spans both camps — hosted SaaS and a self-hostable Community Edition.) Planned artifact: a side-by-side comparison — hosted vs. self-hosted, pricing, built-in CI/CD, AI-tooling integration, and ease of operation — to be built and verified when we develop this module, rather than baking in claims that age. Backup thesis, part one: a single local repo is not a backup — it's one disk away from total loss. Pushing to a remote gives you an offsite copy, and because every clone carries the full history, a working team accidentally implements something close to the 3-2-1 rule just by working normally. The recovery power comes from commits; the backup power comes from remotes and distribution.

Module 9 — Issues and the Task Layer

The "sharing dev tasks with others" layer. Issues describe the work; assignment routes it. The twist that keeps it on-thesis: your assignees are increasingly a mix of humans and agents — an issue can go to a person or be handed to an issue-to-PR agent. Sets up the coordination loop completed in Module 11.

Module 10 — Reviewing Code You Didn't Write

Pull/merge requests as a review gate, and the genuinely new skill of evaluating a diff the AI produced — reviewing for plausibility traps, not just correctness. One of the most important and least-taught skills in the whole space.

Module 11 — Collaboration: Humans and Agents on One Repo

The full coordination loop now that issues (Module 9) and PRs (Module 10) both exist: issue → branch → implementation → PR → review → merge → issue closed. Contributors, forks vs. branches, and who's allowed to push. The current-feeling angle: some of those "contributors" aren't human — a PR opened by an agent and reviewed by a human, or two agents in parallel who are just two contributors needing branches (which is why worktrees earned Module 7).

Module 12 — When It Goes Wrong: Revert, Reset, and Recovery

Recovery as its own discipline, placed here because "revert a bad PR" only makes sense once PRs exist. revert cleanly undoes a change by writing a new commit (safe on shared history); reset rewrites history (dangerous once others have pulled); the reflog recovers work you thought you'd destroyed; tags and releases act as named recovery points. Reverting a bad merge is the headline example. Backup thesis, part two — and its limits: Git gives excellent point-in-time logical recovery for versioned text, but it is not backup for your database, your secrets (which shouldn't be there anyway — Module 17), your uncommitted changes, or large binaries. Teaching where the analogy breaks is what earns this audience's trust.


Unit 3 — Automate the checking and shipping

Module 13 — Testing in the AI Era

What a test is, why AI output specifically needs verification, and the happy fact that AI is excellent at writing tests once you know how to direct it. Tests are the content that the next module automates.

Module 14 — Continuous Integration

Automated checks — lint, build, test — running on every push. The pitch writes itself: AI generates code that looks right, and CI is the tireless reviewer that catches when it isn't.

Module 15 — Security Scanning for AI-Generated Code

AI introduces failure modes a build check won't catch: vulnerable dependencies, hardcoded secrets, and hallucinated packages that don't exist (a real supply-chain risk — attackers register the plausible-but-fake package names LLMs invent). Covers dependency/SCA scanning, secret scanning, and static analysis (SAST) as automated gates in the pipeline. Sequenced after CI because it's another gate on the same pushes, and after the secrets problem is on the table.

Module 16 — Containers and Reproducible Environments

Docker and "works on my machine," solved — reproducibility so your code, your CI, and eventually your deployments run identically. Also the foundation for safely sandboxing agents you don't fully trust on your host.

Module 17 — Secrets, Config, and Environments

Managing secrets and configuration across environments. Earns its own module partly because AI loves to hardcode an API key straight into a file — a concrete, recurring, AI-specific failure to defend against.

Module 18 — Continuous Delivery and Deployment

Getting merged code to something running, automatically. Builds on containers (what you ship) and secrets (what it needs to run).

Module 19 — Runners: The Compute Behind the Automation

What's actually executing all this CI/CD — hosted vs. self-hosted runners, and why you'd run your own. The IT-pro payoff: you've been using someone else's compute; now you own the pipeline end to end.


Unit 4 — Extend the AI into your systems

Module 20 — MCP Servers: Giving the AI Hands

The Model Context Protocol — connecting the AI to your real tools, data, and systems instead of it working blind. Model-agnostic by design (it's a protocol, not a vendor feature), which reinforces the whole course thesis.

Module 21 — Skills: Teaching the AI Your Playbook

Codifying repeatable workflows so the AI performs them your way, consistently, without re-explaining every time. Turns one-off prompting into durable, reusable capability — and, fittingly, the skills themselves live in version control. The structured big sibling of the committed config from Module 5.

Module 22 — Securing Third-Party MCP Servers and Skills

Module 15 scans the code the AI writes; this secures the AI as an actor in your environment. Unit 4 just gave the model hands — MCP servers and skills — and installing a third-party MCP server or skill is installing untrusted code that runs with access to your systems and data. Covers the new attack surface: prompt injection (malicious instructions smuggled in through content the AI reads), tool and agent abuse, over-broad permissions, and the MCP-and-skills supply chain — vetting, version pinning, and least-privilege for anything you connect. The defense belongs here because Unit 4's own content is what creates the risk; sequenced immediately after Skills so the danger and its mitigation sit together.

Module 23 — Working with Existing Codebases

Everything so far has quietly assumed a greenfield project — you starting or growing something. The harder, more common reality for IT pros is pointing AI at a large codebase you didn't write: unfamiliar code, no mental model of it, and changes that have to be safe in a system nobody fully understands. This module is about giving the AI enough context to be useful there — orienting it across a big repo, having it map and explain unfamiliar areas before touching them, and making small, well-scoped, reviewable changes rather than sweeping rewrites. It leverages the full extend-the-AI toolkit: MCP (Module 20) for real access to the code and surrounding tools, and skills (Module 21) to codify navigation and safe-change playbooks. Placed deliberately late: it needs only the Module 4 tooling to attempt, but the basics — version control, review, testing, recovery — are exactly what make changing code you don't understand survivable, so it comes after them by design.


Unit 5 — AI in the Loop: Agents Inside Your Pipeline

Units 24 built the machinery — issues, PRs, CI, runners — and gave the AI hands. Unit 5 puts the AI inside that machinery, escalating from the AI assisting you to the AI acting on its own under supervision. The honest through-line: an agent can operate unattended only because the review, CI, and recovery muscles from earlier units are there to catch it.

Module 24 — Assistive Agents: AI Review and Issue Triage

The AI helps, a human still decides. AI reviewers that comment on PRs (Module 10), and agents that triage, label, and route incoming issues (Module 9). Low-risk because nothing merges or ships without a person — the on-ramp to trusting agents in the loop at all.

Module 25 — Autonomous Agents: Issue-to-PR and Self-Healing CI

The AI acts, supervised. Agents that take an assigned issue and open a PR, agents that respond to a failing pipeline by proposing a fix, and agents running as triggered or scheduled runner jobs (Module 19). Everything they produce still lands as a reviewable PR behind CI and security gates — the supervision is structural, not a matter of watching them work.

Module 26 — Orchestrating Multiple Agents

More than one agent working at once without stepping on each other — the payoff of worktrees (Module 7) at full scale. Coordination, isolation, splitting work cleanly, and keeping parallel output reviewable instead of a tangled mess.

Module 27 — Evals: Trusting an Agent That Acts Without You

The question Unit 5 forces: how do you know an unattended agent is doing good work? Evals as the answer — measuring agent output systematically, setting guardrails, and deciding what an agent is allowed to do without a human in the loop. The model-agnostic close to the whole course: evals are how you judge any model or agent, so when you swap the model — which you will — your evals are what tell you whether the swap was safe.


Capstone — The Full Loop

One feature taken end to end: prompt → branch → AI implementation → tests → PR → CI → security scan → review → merge → containerized deploy, with the committed AI config from Module 5 already in place from the first commit. Everything clicks into a single motion, and learners walk away with a workflow rather than a pile of tips. Stretch variant: run the same feature the Unit 5 way — an assistive agent reviewing, an issue-to-PR agent doing the first pass — so the workflow visibly starts running itself.


Notes for the course owner

  • One sequencing decision to make: Modules 2021 (MCP, skills) are somewhat orthogonal to the deploy pipeline and could move much earlier — right after the AI-out-of-the-browser module — if you'd rather front-load "extend the AI's reach" over "ship safely." They sit at the back here so later units can build on them, but your audience's priorities might pull the other way.
  • Working with Existing Codebases (Module 23) strictly needs only the Module 4 tooling and could move much earlier; it's placed late on purpose so the basics come first.
  • The capstone is a 28th unit by design (27 teaching modules + finale). If you'd rather it count as a numbered module, the easiest merge is folding Issues (Module 9) into Collaboration (Module 11).
  • Expansion candidates for future modules, all back-of-course: observability, cost/usage management, prompt-as-code, and dependency/license compliance. (Agent orchestration and evals graduated into Unit 5.)
  • Recommended future Unit 6 — Adoption, Governance, and Scale. Sits above Unit 5: agent permissions and least privilege, data governance and local/self-hosted models (the model-layer parallel to self-hosting a git forge), IP and licensing of AI-generated output, audit trails, and cost management. It's the unit that most differentiates a course aimed at IT professionals — parked here until you're ready to build it.