Mode C — Sync to a GitHub repo

Step 1 — Gather repo + branch + path

Ask three things (batch into one message; accept all three at once or walk through them):

1. Repo — accept any of:

• owner/name (e.g., myorg/azure-infra)
• Full URL (e.g., https://github.com/myorg/azure-infra)
• Local checkout path (e.g., ~/source/azure-infra) — skips clone

1. Branch — default: infra/vm-{vm-name}. Refuse to commit directly to main / master / default. Always a branch + PR.
2. Target path inside repo — default: infra/{vm-name}/. If the repo has a recognizable infra root (/terraform, /bicep, /infrastructure), suggest that.

Step 2 — Pre-flight

# 1. gh installed and authenticated
gh auth status        # must succeed; if not, fall back to Mode C-fallback below

# 2. user has push rights
gh repo view {owner/repo} --json viewerPermission --jq '.viewerPermission'
# Must be ADMIN, MAINTAIN, or WRITE; otherwise pivot to fork-and-PR

# 3. branch doesn't already exist
gh api repos/{owner/repo}/branches/{branch}  # 404 = good (new branch)

If gh is missing or unauthenticated, switch to Mode C-fallback — don't block.

Step 3 — Clone, write, commit, push, PR

Echo each command so the user can replay:

# 1. Working tree
TMP=$(mktemp -d) && cd "$TMP"
gh repo clone {owner/repo} .

# 2. Branch off the default branch
DEFAULT_BRANCH=$(gh repo view --json defaultBranchRef --jq '.defaultBranchRef.name')
git checkout -b {branch} "origin/$DEFAULT_BRANCH"

# 3. Write the artifact files (same layout as Mode B)
mkdir -p {targetPath}
# ... Write tool calls for each file ...

# 4. Stage, commit, push
git add {targetPath}
git commit -m "Add {vm-name} VM infrastructure (Bicep)" \
           -m "Generated by azure-compute vm-creator workflow."
git push -u origin {branch}

# 5. Open the PR
gh pr create \
  --title "Add {vm-name} VM infrastructure" \
  --body  "$(cat <<'EOF'
## Summary
Adds Bicep templates to provision \`{vm-name}\` in \`{location}\`.

## Plan Card
{paste-plan-card-markdown}

## Deploy
\`\`\`bash
cd {targetPath}
az deployment group create --resource-group {resourceGroup} \\
  --template-file main.bicep --parameters vmName={vm-name} ...
\`\`\`
EOF
)" \
  --base "$DEFAULT_BRANCH" --head {branch}

Echo the PR URL back:

✅ Opened PR: https://github.com/myorg/azure-infra/pull/42

Step 4 — Optional follow-ups

After the PR is open, offer (don't force):

• *"Want me to add a GitHub Action to validate this with az deployment group what-if on every PR?"* — generates .github/workflows/bicep-whatif.yml
• *"Want OIDC auth so CI can apply without a service principal secret?"* — points at the azure-prepare skill

Mode C-fallback (no gh / unauthenticated / no push rights)

Write the files to ~/Desktop/{vm-name}-infra/ (Mode B path) and print:

⚠ I can't push for you (gh auth status failed), so I wrote the files locally.

>

To open the PR yourself:

cd ~/Desktop/dev-vm-infra
git init && git add . && git commit -m "Add dev-vm infrastructure"
git remote add origin [email protected]:myorg/azure-infra.git
git checkout -b infra/vm-dev-vm
git push -u origin infra/vm-dev-vm
gh pr create --fill   # after `gh auth login`