Initial commit: SIC harness (backend, web, pi-adapter, configs, docs)

- pnpm monorepo: apps/api (Fastify + SQLite + SSE), apps/web (React+Vite), packages/shared, packages/pi-adapter
- Local auth (admin/webhook-runner roles) + Keycloak JWT ready
- Multi-session chat with reliable history (user persisted before LLM, assistant persisted after stream)
- Markdown knowledge base with /api/docs/search + /api/docs/:id
- YAML webhook catalog with backend-only execution, retry/backoff, audit (webhook_runs), and per-user rate limit
- Skills config (sre-on-call, blameless-postmortem, security-incident) injected into LLM system prompt
- LLM provider failover chain (config/models.yml fallback + LLM_FALLBACK_CHAIN override)
- Context-aware webhooks panel + backend id-mention safety net
- Per-message stats (time/duration/tokens/model), Markdown+GFM render, code & table copy/download buttons
- Vitest suite, end-to-end smoke test (scripts/smoke.mjs), per-session system prompt override
- /metrics Prometheus endpoint + /api/metrics JSON, request-id correlation
- dotenv with explicit repo-root path; envString/envNumber helpers (handles empty-string env)
- Runbooks + SOPs under knowledge/ in English; README, docs, and INDEX.md in English
This commit is contained in:
2026-06-29 16:20:53 +02:00
commit 62728b2200
89 changed files with 11992 additions and 0 deletions

42
config/rag.yml Normal file
View File

@@ -0,0 +1,42 @@
# Retrieval-Augmented Generation (RAG) configuration.
#
# SIC treats the knowledge base as an external service. The RAG service is
# expected to expose:
# POST {endpoint}/search
# body: { query, limit, min_relevance, include_tags, exclude_tags }
# returns: { items: [{ id, title, source, tags, relevance, excerpt, content? }] }
# GET {endpoint}/docs/:id
# returns: { id, title, source, tags, owner?, updated?, headings, content }
#
# For local dev (or when no endpoint is configured) the docs repository
# falls back to reading Markdown files from `knowledge/` and applying the
# token-overlap scoring in apps/api/src/docs/repository.ts.
#
# Fields:
# endpoint external RAG service base URL (no trailing slash).
# Leave empty to use the local fallback.
# auth_token optional bearer token sent in the Authorization header.
# timeout_ms HTTP request timeout. Default: 10000.
# fallback_to_local when true (default), use the local knowledge/ directory
# if the external endpoint fails. Set to false to fail
# closed.
# chunk_strategy how to split a Markdown doc into chunks (local mode only)
# - "heading" : split on H1/H2/H3, each chunk is a section
# - "paragraph": split on blank lines, each chunk is a paragraph block
# - "fixed" : split on a fixed character length (chunk_size_chars)
# chunk_size_chars only used by "fixed" strategy (local mode only)
# top_k max chunks returned per query
# min_relevance chunks with relevance below this are dropped
# include_tags optional global include filter
# exclude_tags optional global exclude filter
rag:
endpoint: ${RAG_ENDPOINT_URL:}
auth_token: ${RAG_AUTH_TOKEN:}
timeout_ms: 10000
fallback_to_local: true
chunk_strategy: heading
chunk_size_chars: 1500
top_k: 5
min_relevance: 0.0
include_tags: []
exclude_tags: []