triagent 0.1.0-alpha13 → 0.1.0-alpha18

package/src/mastra/tools/remediation.ts

@@ -0,0 +1,365 @@
+import { createTool } from "@mastra/core/tools";
+import { z } from "zod";
+import { exec } from "child_process";
+import { promisify } from "util";
+import { randomBytes } from "crypto";
+
+const execAsync = promisify(exec);
+
+// Store pending approvals with expiration
+const pendingApprovals = new Map<string, {
+  action: RemediationAction;
+  token: string;
+  expiresAt: Date;
+  createdAt: Date;
+}>();
+
+interface RemediationAction {
+  type: "restart_pod" | "scale_deployment" | "rollback_deployment" | "delete_resource" | "apply_config";
+  target: {
+    kind: string;
+    name: string;
+    namespace: string;
+  };
+  parameters?: Record<string, unknown>;
+}
+
+function generateApprovalToken(): string {
+  return randomBytes(16).toString("hex");
+}
+
+function getRiskLevel(action: RemediationAction): "low" | "medium" | "high" | "critical" {
+  switch (action.type) {
+    case "restart_pod":
+      return "low";
+    case "scale_deployment":
+      return "medium";
+    case "rollback_deployment":
+      return "medium";
+    case "delete_resource":
+      return action.target.kind.toLowerCase() === "pod" ? "medium" : "high";
+    case "apply_config":
+      return "high";
+    default:
+      return "critical";
+  }
+}
+
+function getActionDescription(action: RemediationAction): string {
+  const target = `${action.target.kind}/${action.target.name} in ${action.target.namespace}`;
+
+  switch (action.type) {
+    case "restart_pod":
+      return `Restart pod ${target}`;
+    case "scale_deployment":
+      const replicas = action.parameters?.replicas || "?";
+      return `Scale ${target} to ${replicas} replicas`;
+    case "rollback_deployment":
+      const revision = action.parameters?.revision || "previous";
+      return `Rollback ${target} to ${revision} revision`;
+    case "delete_resource":
+      return `Delete ${target}`;
+    case "apply_config":
+      return `Apply configuration to ${target}`;
+    default:
+      return `Unknown action on ${target}`;
+  }
+}
+
+async function executeAction(action: RemediationAction): Promise<{ success: boolean; output: string }> {
+  const { type, target, parameters } = action;
+  const { kind, name, namespace } = target;
+
+  let command: string;
+
+  switch (type) {
+    case "restart_pod":
+      if (kind.toLowerCase() === "pod") {
+        command = `kubectl delete pod ${name} -n ${namespace}`;
+      } else if (kind.toLowerCase() === "deployment") {
+        command = `kubectl rollout restart deployment/${name} -n ${namespace}`;
+      } else {
+        command = `kubectl rollout restart ${kind.toLowerCase()}/${name} -n ${namespace}`;
+      }
+      break;
+
+    case "scale_deployment":
+      const replicas = parameters?.replicas || 1;
+      command = `kubectl scale ${kind.toLowerCase()}/${name} -n ${namespace} --replicas=${replicas}`;
+      break;
+
+    case "rollback_deployment":
+      if (parameters?.revision) {
+        command = `kubectl rollout undo ${kind.toLowerCase()}/${name} -n ${namespace} --to-revision=${parameters.revision}`;
+      } else {
+        command = `kubectl rollout undo ${kind.toLowerCase()}/${name} -n ${namespace}`;
+      }
+      break;
+
+    case "delete_resource":
+      command = `kubectl delete ${kind.toLowerCase()} ${name} -n ${namespace}`;
+      break;
+
+    case "apply_config":
+      // For apply, the config should be provided in parameters
+      if (!parameters?.config) {
+        return { success: false, output: "No config provided for apply action" };
+      }
+      // This would need to write to a temp file and apply
+      return { success: false, output: "Apply config not yet implemented" };
+
+    default:
+      return { success: false, output: `Unknown action type: ${type}` };
+  }
+
+  try {
+    const { stdout, stderr } = await execAsync(command, { timeout: 60000 });
+    return {
+      success: true,
+      output: stdout + (stderr ? `\nWarnings: ${stderr}` : ""),
+    };
+  } catch (error) {
+    return {
+      success: false,
+      output: error instanceof Error ? error.message : String(error),
+    };
+  }
+}
+
+export const remediationTool = createTool({
+  id: "remediation",
+  description: `Execute remediation actions on Kubernetes resources with approval workflow.
+Use this tool to:
+- Suggest fixes based on diagnosis
+- Execute approved remediation actions
+- Rollback changes if needed
+
+IMPORTANT: All destructive actions require user approval. The workflow is:
+1. Call with operation="suggest" to propose an action
+2. User reviews and approves (generates approval token)
+3. Call with operation="execute" and the approval token
+
+Available action types:
+- restart_pod: Restart a pod (or rollout restart for deployments)
+- scale_deployment: Change replica count
+- rollback_deployment: Rollback to previous or specific revision
+- delete_resource: Delete a resource (use with caution)`,
+  inputSchema: z.object({
+    operation: z.enum(["suggest", "execute", "rollback", "status"]).describe(
+      "Operation: suggest (propose action), execute (run with approval), rollback (undo last action), status (check pending approvals)"
+    ),
+    action: z.object({
+      type: z.enum(["restart_pod", "scale_deployment", "rollback_deployment", "delete_resource", "apply_config"]).describe("Type of remediation action"),
+      target: z.object({
+        kind: z.string().describe("Kubernetes resource kind (Pod, Deployment, etc.)"),
+        name: z.string().describe("Resource name"),
+        namespace: z.string().describe("Resource namespace"),
+      }),
+      parameters: z.record(z.unknown()).optional().describe("Action-specific parameters (e.g., replicas, revision)"),
+    }).optional().describe("The remediation action to perform"),
+    approvalToken: z.string().optional().describe("Approval token for executing actions"),
+  }),
+  outputSchema: z.object({
+    success: z.boolean(),
+    data: z.string(),
+    requiresApproval: z.boolean().optional(),
+    approvalId: z.string().optional(),
+    riskLevel: z.enum(["low", "medium", "high", "critical"]).optional(),
+    error: z.string().optional(),
+  }),
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  execute: (async ({ operation, action, approvalToken }: any) => {
+
+    try {
+      switch (operation) {
+        case "suggest": {
+          if (!action) {
+            return {
+              success: false,
+              data: "",
+              error: "Action is required for suggest operation",
+            };
+          }
+
+          const riskLevel = getRiskLevel(action);
+          const description = getActionDescription(action);
+          const token = generateApprovalToken();
+          const approvalId = randomBytes(8).toString("hex");
+
+          // Store pending approval (expires in 10 minutes)
+          pendingApprovals.set(approvalId, {
+            action,
+            token,
+            expiresAt: new Date(Date.now() + 10 * 60 * 1000),
+            createdAt: new Date(),
+          });
+
+          const riskEmoji = {
+            low: "🟢",
+            medium: "🟡",
+            high: "🟠",
+            critical: "🔴",
+          }[riskLevel];
+
+          return {
+            success: true,
+            data: `Suggested remediation action:
+
+${riskEmoji} Risk Level: ${riskLevel.toUpperCase()}
+
+Action: ${description}
+Target: ${action.target.kind}/${action.target.name} in namespace ${action.target.namespace}
+${action.parameters ? `Parameters: ${JSON.stringify(action.parameters)}` : ""}
+
+To execute this action, approve it and call remediation with:
+- operation: "execute"
+- approvalToken: "${token}"
+
+Approval ID: ${approvalId}
+Expires: 10 minutes`,
+            requiresApproval: true,
+            approvalId,
+            riskLevel,
+          };
+        }
+
+        case "execute": {
+          if (!approvalToken) {
+            return {
+              success: false,
+              data: "",
+              error: "Approval token is required to execute actions",
+            };
+          }
+
+          // Find the pending approval with this token
+          let foundApproval: { action: RemediationAction; approvalId: string } | null = null;
+
+          for (const [approvalId, approval] of pendingApprovals) {
+            if (approval.token === approvalToken) {
+              if (new Date() > approval.expiresAt) {
+                pendingApprovals.delete(approvalId);
+                return {
+                  success: false,
+                  data: "",
+                  error: "Approval token has expired. Please suggest the action again.",
+                };
+              }
+              foundApproval = { action: approval.action, approvalId };
+              break;
+            }
+          }
+
+          if (!foundApproval) {
+            return {
+              success: false,
+              data: "",
+              error: "Invalid approval token. Please suggest the action first.",
+            };
+          }
+
+          // Execute the action
+          const result = await executeAction(foundApproval.action);
+
+          // Remove the used approval
+          pendingApprovals.delete(foundApproval.approvalId);
+
+          if (result.success) {
+            return {
+              success: true,
+              data: `✅ Action executed successfully:
+
+${getActionDescription(foundApproval.action)}
+
+Output:
+${result.output}`,
+            };
+          } else {
+            return {
+              success: false,
+              data: "",
+              error: `Action failed: ${result.output}`,
+            };
+          }
+        }
+
+        case "rollback": {
+          if (!action) {
+            return {
+              success: false,
+              data: "",
+              error: "Action with target is required for rollback",
+            };
+          }
+
+          // For rollback, we create a rollback action
+          const rollbackAction: RemediationAction = {
+            type: "rollback_deployment",
+            target: action.target,
+            parameters: action.parameters,
+          };
+
+          const result = await executeAction(rollbackAction);
+
+          if (result.success) {
+            return {
+              success: true,
+              data: `✅ Rollback executed:
+
+${getActionDescription(rollbackAction)}
+
+Output:
+${result.output}`,
+            };
+          } else {
+            return {
+              success: false,
+              data: "",
+              error: `Rollback failed: ${result.output}`,
+            };
+          }
+        }
+
+        case "status": {
+          const pending = Array.from(pendingApprovals.entries())
+            .filter(([, a]) => new Date() < a.expiresAt)
+            .map(([id, a]) => ({
+              id,
+              action: getActionDescription(a.action),
+              risk: getRiskLevel(a.action),
+              expiresIn: Math.round((a.expiresAt.getTime() - Date.now()) / 1000 / 60),
+            }));
+
+          if (pending.length === 0) {
+            return {
+              success: true,
+              data: "No pending approval requests",
+            };
+          }
+
+          const lines = ["Pending approval requests:\n"];
+          for (const p of pending) {
+            lines.push(`ID: ${p.id}`);
+            lines.push(`  Action: ${p.action}`);
+            lines.push(`  Risk: ${p.risk}`);
+            lines.push(`  Expires in: ${p.expiresIn} minutes\n`);
+          }
+
+          return {
+            success: true,
+            data: lines.join("\n"),
+          };
+        }
+
+        default:
+          return { success: false, data: "", error: `Unknown operation: ${operation}` };
+      }
+    } catch (error) {
+      return {
+        success: false,
+        data: "",
+        error: error instanceof Error ? error.message : String(error),
+      };
+    }
+  }) as any,
+});

package/src/mastra/tools/runbook.ts

@@ -0,0 +1,186 @@
+import { createTool } from "@mastra/core/tools";
+import { z } from "zod";
+import { getRunbookIndexer } from "../../storage/runbook-index.js";
+import { readFile } from "fs/promises";
+
+export const runbookTool = createTool({
+  id: "runbook",
+  description: `Search and retrieve runbooks and SOPs (Standard Operating Procedures).
+Use this tool to:
+- Find relevant runbooks by symptoms or keywords
+- Look up established procedures for common issues
+- Get step-by-step remediation guides
+
+Runbooks are indexed from configured paths and searched using TF-IDF similarity.
+Configure runbook paths in triagent config.`,
+  inputSchema: z.object({
+    operation: z.enum(["search", "get", "list", "index"]).describe(
+      "Operation: search (find by query), get (read specific runbook), list (show all), index (re-index runbooks)"
+    ),
+    query: z.string().optional().describe("Search query for finding runbooks"),
+    symptoms: z.array(z.string()).optional().describe("List of symptoms to match against runbooks"),
+    tags: z.array(z.string()).optional().describe("Filter runbooks by tags"),
+    runbookId: z.string().optional().describe("Specific runbook ID to retrieve"),
+    limit: z.number().default(5).describe("Maximum number of results to return"),
+  }),
+  outputSchema: z.object({
+    success: z.boolean(),
+    data: z.string(),
+    runbooks: z.array(z.object({
+      id: z.string(),
+      title: z.string(),
+      path: z.string(),
+      tags: z.array(z.string()),
+      excerpt: z.string().optional(),
+    })).optional(),
+    error: z.string().optional(),
+  }),
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  execute: (async ({ operation, query, symptoms, tags, runbookId, limit }: any) => {
+
+    try {
+      const indexer = getRunbookIndexer();
+
+      switch (operation) {
+        case "search": {
+          let results;
+
+          if (symptoms && symptoms.length > 0) {
+            results = indexer.searchBySymptoms(symptoms, limit);
+          } else if (query) {
+            results = indexer.search(query, limit);
+          } else if (tags && tags.length > 0) {
+            results = indexer.getByTags(tags).slice(0, limit);
+          } else {
+            return {
+              success: false,
+              data: "",
+              error: "Query, symptoms, or tags required for search",
+            };
+          }
+
+          if (results.length === 0) {
+            return {
+              success: true,
+              data: "No matching runbooks found",
+              runbooks: [],
+            };
+          }
+
+          const lines: string[] = [`Found ${results.length} runbook(s):\n`];
+          const runbooks = results.map((r) => {
+            const excerpt = r.content.slice(0, 200).replace(/\n/g, " ") + "...";
+            lines.push(`📖 ${r.title}`);
+            lines.push(`   Path: ${r.path}`);
+            lines.push(`   Tags: ${r.tags.join(", ") || "none"}`);
+            lines.push(`   ${excerpt}\n`);
+
+            return {
+              id: r.id,
+              title: r.title,
+              path: r.path,
+              tags: r.tags,
+              excerpt,
+            };
+          });
+
+          return {
+            success: true,
+            data: lines.join("\n"),
+            runbooks,
+          };
+        }
+
+        case "get": {
+          if (!runbookId) {
+            return {
+              success: false,
+              data: "",
+              error: "runbookId is required for get operation",
+            };
+          }
+
+          // Decode the runbook ID to get the path
+          const path = Buffer.from(runbookId, "base64").toString("utf-8");
+
+          try {
+            const content = await readFile(path, "utf-8");
+            return {
+              success: true,
+              data: content,
+            };
+          } catch {
+            return {
+              success: false,
+              data: "",
+              error: `Runbook not found at path: ${path}`,
+            };
+          }
+        }
+
+        case "list": {
+          const stats = indexer.getStats();
+
+          if (stats.totalRunbooks === 0) {
+            return {
+              success: true,
+              data: "No runbooks indexed. Configure runbook paths and run 'index' operation.",
+              runbooks: [],
+            };
+          }
+
+          // Get all runbooks (with optional tag filter)
+          let allRunbooks = tags && tags.length > 0
+            ? indexer.getByTags(tags)
+            : indexer.search("*", 100); // Get all via broad search
+
+          // If broad search returns nothing, the index might be empty or need different approach
+          if (allRunbooks.length === 0) {
+            allRunbooks = indexer.searchBySymptoms(["error", "issue", "problem"], 100);
+          }
+
+          const lines: string[] = [
+            `Runbook Index Stats:`,
+            `  Total runbooks: ${stats.totalRunbooks}`,
+            `  Last indexed: ${stats.lastIndexed.toISOString()}`,
+            `\nRunbooks:\n`,
+          ];
+
+          const runbooks = allRunbooks.slice(0, limit).map((r) => {
+            lines.push(`📖 ${r.title}`);
+            lines.push(`   Tags: ${r.tags.join(", ") || "none"}`);
+
+            return {
+              id: r.id,
+              title: r.title,
+              path: r.path,
+              tags: r.tags,
+            };
+          });
+
+          return {
+            success: true,
+            data: lines.join("\n"),
+            runbooks,
+          };
+        }
+
+        case "index": {
+          return {
+            success: true,
+            data: "Runbook indexing should be triggered via CLI or startup. Use 'triagent config' to set runbook paths.",
+          };
+        }
+
+        default:
+          return { success: false, data: "", error: `Unknown operation: ${operation}` };
+      }
+    } catch (error) {
+      return {
+        success: false,
+        data: "",
+        error: error instanceof Error ? error.message : String(error),
+      };
+    }
+  }) as any,
+});