Initial commit: SIC harness (backend, web, pi-adapter, configs, docs)

- pnpm monorepo: apps/api (Fastify + SQLite + SSE), apps/web (React+Vite), packages/shared, packages/pi-adapter
- Local auth (admin/webhook-runner roles) + Keycloak JWT ready
- Multi-session chat with reliable history (user persisted before LLM, assistant persisted after stream)
- Markdown knowledge base with /api/docs/search + /api/docs/:id
- YAML webhook catalog with backend-only execution, retry/backoff, audit (webhook_runs), and per-user rate limit
- Skills config (sre-on-call, blameless-postmortem, security-incident) injected into LLM system prompt
- LLM provider failover chain (config/models.yml fallback + LLM_FALLBACK_CHAIN override)
- Context-aware webhooks panel + backend id-mention safety net
- Per-message stats (time/duration/tokens/model), Markdown+GFM render, code & table copy/download buttons
- Vitest suite, end-to-end smoke test (scripts/smoke.mjs), per-session system prompt override
- /metrics Prometheus endpoint + /api/metrics JSON, request-id correlation
- dotenv with explicit repo-root path; envString/envNumber helpers (handles empty-string env)
- Runbooks + SOPs under knowledge/ in English; README, docs, and INDEX.md in English
This commit is contained in:
2026-06-29 16:20:53 +02:00
commit 62728b2200
89 changed files with 11992 additions and 0 deletions

35
config/n8n-workflows.yml Normal file
View File

@@ -0,0 +1,35 @@
# n8n-style external workflow links.
#
# These are NOT executed by the SIC backend. Each entry is a deep link into
# an n8n (or similar) workflow runner that the user can open in a new tab.
# The LLM can recommend them as "external" suggestions; the right panel
# renders them with a distinct icon and the action only opens a new tab.
#
# Fields:
# id stable identifier (kebab-case recommended)
# label human-readable label
# description what the workflow does
# url absolute external URL (env vars supported)
# required_roles user roles allowed to see this link (optional, [] = any)
# tags free-form tags to help retrieval / filtering
n8n_workflows:
- id: n8n-vpn-restart
label: Restart VPN tunnel (n8n)
description: Opens the n8n workflow that restarts the VPN tunnel after credential rotation.
url: ${N8N_BASE_URL:?set N8N_BASE_URL}/workflow/vpn-restart
required_roles:
- webhook-runner
- sre
tags: [vpn, network, automation]
- id: n8n-incident-summary
label: Generate incident summary (n8n)
description: Opens the n8n workflow that drafts an incident summary from the current session.
url: ${N8N_BASE_URL:?set N8N_BASE_URL}/workflow/incident-summary
required_roles: []
tags: [incident, automation, reporting]
- id: n8n-postmortem
label: Open postmortem workflow (n8n)
description: Opens the postmortem workflow in n8n with the current session context.
url: ${N8N_BASE_URL:?set N8N_BASE_URL}/workflow/postmortem
required_roles: []
tags: [postmortem, automation]