# First Live Run: Cloudflare-Ops Reconnaissance Mission This guide walks you through testing the OpenCode MCP stack with a real cloudflare-ops mission. ## Step 1: Prep Your Shell (Outside OpenCode) ```bash cd /Users/sovereign/Desktop/CLOUDFLARE # Essential - GitHub integration (REQUIRED) # Get real token from: https://github.com/settings/tokens export GITHUB_TOKEN="ghp_your_real_token_here" # Optional - Documentation search (nice to have) # export CONTEXT7_API_KEY="your_context7_key" ``` ✅ Verify environment is set: ```bash echo $GITHUB_TOKEN ``` Should output: `ghp_...` (your token prefix) --- ## Step 2: Launch OpenCode ```bash opencode ``` Wait for the OpenCode TUI to load. Inside OpenCode, initialize project: ``` /init ``` This will: - Load project context - Initialize MCP servers - Prepare all agents --- ## Step 3: Sanity-Check MCP Wiring Inside OpenCode, verify MCPs are loaded: ``` /mcp list ``` You should see output like: ``` ✅ filesystem - loaded ✅ git - loaded ✅ github - loaded ✅ gh_grep - loaded ⚠️ postgres - disabled ... ``` Check individual MCPs: ``` /mcp status filesystem /mcp status git /mcp status github /mcp status gh_grep ``` Each should report "ready" or "healthy". **If any fail:** Copy-paste error message and share. --- ## Step 4: First Cloudflare-Ops Mission Inside OpenCode, invoke the agent: ``` /agent cloudflare-ops ``` Now give it this prompt: ``` I want to do a quick infrastructure reconnaissance: 1. Use the filesystem MCP to list the terraform/ directory tree. 2. Use the git MCP to show the last 5 commits touching terraform/. 3. Summarize what parts of the Cloudflare setup (DNS/WAF/SSL/etc.) are already defined in code vs likely still manual. Only PLAN first, then show me the actions you'd take. ``` OpenCode will respond with: - Analysis of your Terraform structure - Recent git changes - Assessment of what's codified vs manual - A plan for next steps **Important:** When OpenCode asks to apply/edit, respond: ``` That plan looks good. Proceed with the non-destructive steps only (listing, reading, summarizing). Do not modify any files yet. ``` --- ## Step 5: GitHub Pattern Search Still in cloudflare-ops mode, ask: ``` Use the gh_grep MCP to search for public examples of: - Cloudflare Terraform modules for WAF and rate limiting - Best-practice HTTPS/redirect patterns Summarize 3–5 good patterns and map each one to where it would fit in this repo (filenames or new files). ``` OpenCode will: - Search GitHub for Cloudflare patterns - Return real code examples - Suggest where they fit in your repo --- ## Step 6: Exit & Commit Exit OpenCode: ``` ``` Check git status (in normal shell): ```bash cd /Users/sovereign/Desktop/CLOUDFLARE git status ``` Should show no unexpected changes (only the config files we added). Commit if ready: ```bash git add opencode.jsonc AGENTS.md MCP_GUIDE.md OPENCODE_SETUP.txt .opencode_checklist.txt FIRST_RUN.md git commit -m "Wire up OpenCode MCP stack and agents for Cloudflare infra" ``` --- ## What You Should See ### After /init: - Project context loaded - 14 MCPs initialized - 3 agents available ### After cloudflare-ops reconnaissance: - Directory tree of terraform/ - Last 5 commits to terraform/ - Assessment of what's codified - Suggestions for next steps ### After gh_grep search: - 3-5 Terraform patterns - Code snippets - Mapping to your repo structure --- ## Troubleshooting ### MCP Not Loading ``` /mcp list /mcp status ``` If error: Share the full error message. ### GitHub MCP Complains ``` export GITHUB_TOKEN="ghp_your_real_token" ``` Then restart OpenCode. ### Context Limit Hit Some MCPs add many tokens. If you get context warnings: 1. Disable heavy MCPs in AGENTS.md 2. Restart OpenCode 3. Try again with lighter set --- ## Next Steps (I'll Drive) Once you've completed steps 1-5, I'll: ✅ Turn cloudflare-ops into a repeatable "DNS/WAF change playbook" ✅ Add security-audit flow that checks PCI-DSS compliance ✅ Design data-engineer queries once DATABASE_URL is live For now, just run steps 1-5 and paste the output here. --- **Ready?** Start at Step 1.