Setup Copilot instructions and pre-commit workflow for OWASP WrongSecrets

[Copilot]

This PR implements comprehensive GitHub Copilot instructions and enhances the pre-commit workflow to improve contributor experience and code quality for the OWASP WrongSecrets repository.

What's Added

GitHub Copilot Instructions (.github/copilot-instructions.md)

Created detailed guidance covering:

• Project Overview: Explains the educational nature and intentionally vulnerable design
• Repository Structure: Maps out the codebase organization and key components
• Development Patterns: Provides specific patterns for implementing challenges using FixedAnswerChallenge
• Code Style Guidelines: Documents Java and Spring Boot conventions used throughout the project
• Security Considerations: Balances educational vulnerability creation with secure framework development
• Testing Strategies: Outlines comprehensive testing patterns for different challenge types
• Technical Stack: Documents Spring Boot 3.5.x, Java 23, Maven, Docker, and multi-cloud deployments

Pre-commit Workflow Enhancements

• Automated Setup Script: Created .github/scripts/setup-precommit.sh for easy contributor onboarding
• Enhanced Documentation: Added comprehensive pre-commit section in CONTRIBUTING.md with setup commands, common issues, and fixes
• Formatting Fixes: Resolved trailing whitespace and missing newline issues that were causing CI failures

Key Features

The Copilot instructions help GitHub Copilot understand:

• The distinction between framework code (secure) and challenge code (intentionally vulnerable)
• Challenge implementation patterns extending FixedAnswerChallenge for caching
• Package organization across docker/, cloud/, and kubernetes/ challenge categories
• Environment-specific configuration handling for multiple deployment targets

With these instructions, Copilot can now provide contextually appropriate suggestions like:

@Component
public class Challenge42 extends FixedAnswerChallenge {
    
    private final RuntimeEnvironment runtimeEnvironment;
    
    public Challenge42(RuntimeEnvironment runtimeEnvironment) {
        this.runtimeEnvironment = runtimeEnvironment;
    }
    
    @Override
    public String getAnswer() {
        // Educational vulnerability implementation
    }
    
    @Override
    public boolean canRunInCTFMode() {
        return true;
    }
}

Contributor Experience Improvements

• One-command setup: Contributors can run ./.github/scripts/setup-precommit.sh for automated pre-commit configuration
• Clear guidance: Comprehensive documentation on resolving common pre-commit failures
• Auto-fixes: Pre-commit hooks automatically fix many formatting issues
• Reduced CI failures: Proper formatting checks before commits prevent GitHub Actions failures

Fixes #2163.

---

💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.

[Copilot]

@commjoen 👋 This repository doesn't have Copilot instructions. With Copilot instructions, I can understand the repository better, work faster and produce higher quality PRs.

I can generate a .github/copilot-instructions.md file for you automatically. Click here to open a pre-filled issue and assign it to me. I'll write the instructions, and then tag you for review.

[commjoen]

@copilot can you please check the https://github.com/OWASP/wrongsecrets/actions/runs/16928796819/job/47969817263?pr=2164 errors and make sure that all precommit issues are always checked before committing to a branch?

[Copilot]

@copilot can you please check the https://github.com/OWASP/wrongsecrets/actions/runs/16928796819/job/47969817263?pr=2164 errors and make sure that all precommit issues are always checked before commit...

I've fixed the pre-commit issues and enhanced the setup process:

Issues Fixed (commit 33331db):

• Removed trailing whitespace from .github/copilot-instructions.md
• Added missing newline at end of file
• Fixed Java code formatting in example blocks

Pre-commit Setup Enhancements:

• Created automated setup script: .github/scripts/setup-precommit.sh
• Updated CONTRIBUTING.md with comprehensive pre-commit guidance
• Added common issues & fixes section for contributors

For Contributors: Run ./.github/scripts/setup-precommit.sh to automatically install and configure pre-commit hooks. This ensures all formatting checks pass before committing.

The GitHub Actions pre-commit workflow should now pass successfully.

[commjoen]

@copilot can you have a look at your precommit error?
[INFO] This may take a few minutes...
renovate-config-validator................................................Passed
eslint...................................................................Passed
check yaml...............................................................Passed
fix end of files.........................................................Failed

• hook id: end-of-file-fixer
• exit code: 1
• files were modified by this hook

Fixing .github/scripts/setup-precommit.sh

trim trailing whitespace.................................................Failed

• hook id: trailing-whitespace
• exit code: 1
• files were modified by this hook

Fixing CONTRIBUTING.md

Terraform fmt............................................................Passed
Terraform validate with tflint...........................................Passed
Terraform docs...........................................................Passed
maven....................................................................Passed
maven spotless apply.....................................................Passed
black....................................................................Passed
pre-commit hook(s) made changes.
If you are seeing this message in CI, reproduce locally with: pre-commit run --all-files.
To run pre-commit as part of git workflow, use pre-commit install.
All changes made by hooks:
diff --git a/.github/scripts/setup-precommit.sh b/.github/scripts/setup-precommit.sh
index 3433628..95a2f19 100755
--- a/.github/scripts/setup-precommit.sh
+++ b/.github/scripts/setup-precommit.sh
@@ -29,4 +29,4 @@ echo " pre-commit run # Run specific hook"
echo " pre-commit autoupdate # Update hook versions"
echo ""
echo "💡 Pre-commit will now run automatically on every commit!"
-echo " To bypass pre-commit checks (not recommended): git commit --no-verify"
\ No newline at end of file
+echo " To bypass pre-commit checks (not recommended): git commit --no-verify"
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index a728618..59517f3 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -140,7 +140,7 @@ pre-commit run

Common Issues & Fixes

• Trailing whitespace: Automatically fixed by pre-commit
  -- Missing newlines: Automatically fixed by pre-commit
  +- Missing newlines: Automatically fixed by pre-commit
• Java formatting: Run ./mvnw spotless:apply
• Commit message format: Follow Conventional Commits

[Copilot]

@copilot can you have a look at your precommit error?
[INFO] This may take a few minutes...
renovate-config-validator................................................Passed
...

Fixed the pre-commit formatting issues in commit a4629f4:

• Added missing newline at the end of .github/scripts/setup-precommit.sh
• Removed trailing whitespace from CONTRIBUTING.md line 143

These changes match exactly what the pre-commit hooks were attempting to fix automatically. The GitHub Actions pre-commit workflow should now pass successfully.