Initial commit: SIC harness (backend, web, pi-adapter, configs, docs)
- pnpm monorepo: apps/api (Fastify + SQLite + SSE), apps/web (React+Vite), packages/shared, packages/pi-adapter - Local auth (admin/webhook-runner roles) + Keycloak JWT ready - Multi-session chat with reliable history (user persisted before LLM, assistant persisted after stream) - Markdown knowledge base with /api/docs/search + /api/docs/:id - YAML webhook catalog with backend-only execution, retry/backoff, audit (webhook_runs), and per-user rate limit - Skills config (sre-on-call, blameless-postmortem, security-incident) injected into LLM system prompt - LLM provider failover chain (config/models.yml fallback + LLM_FALLBACK_CHAIN override) - Context-aware webhooks panel + backend id-mention safety net - Per-message stats (time/duration/tokens/model), Markdown+GFM render, code & table copy/download buttons - Vitest suite, end-to-end smoke test (scripts/smoke.mjs), per-session system prompt override - /metrics Prometheus endpoint + /api/metrics JSON, request-id correlation - dotenv with explicit repo-root path; envString/envNumber helpers (handles empty-string env) - Runbooks + SOPs under knowledge/ in English; README, docs, and INDEX.md in English
This commit is contained in:
17
docs/agents/api-agent.md
Normal file
17
docs/agents/api-agent.md
Normal file
@@ -0,0 +1,17 @@
|
||||
# API Agent
|
||||
|
||||
Owns the Fastify backend.
|
||||
|
||||
## Focus
|
||||
|
||||
- Design HTTP/SSE contracts first.
|
||||
- Persist every critical state in SQLite.
|
||||
- Validate ownership with `session_id + user_id`.
|
||||
- Emit JSON logs.
|
||||
- Keep `/healthz` and `/readyz` simple.
|
||||
|
||||
## Do not
|
||||
|
||||
- Do not keep sessions in memory.
|
||||
- Do not expose real webhook URLs to clients.
|
||||
- Do not execute webhooks without explicit confirmation.
|
||||
14
docs/agents/pi-adapter-agent.md
Normal file
14
docs/agents/pi-adapter-agent.md
Normal file
@@ -0,0 +1,14 @@
|
||||
# PI Adapter Agent
|
||||
|
||||
Owns isolating the `pi.dev` / LLM provider runtime.
|
||||
|
||||
## Focus
|
||||
|
||||
- Expose a stable contract to the backend.
|
||||
- Support OpenAI-compatible providers.
|
||||
- Return a structured response: `answer`, `recommended_actions`, `internal_docs`.
|
||||
|
||||
## Do not
|
||||
|
||||
- Do not mix backend HTTP rules with model logic.
|
||||
- Do not let the model execute tools directly in Phase 1.
|
||||
11
docs/agents/security-reliability-agent.md
Normal file
11
docs/agents/security-reliability-agent.md
Normal file
@@ -0,0 +1,11 @@
|
||||
# Security & Reliability Agent
|
||||
|
||||
Owns reviewing isolation, audit, and execution rules.
|
||||
|
||||
## Checklist
|
||||
|
||||
- Every message query filters by `session_id` AND `user_id`.
|
||||
- Every webhook validates roles before being shown and before being executed.
|
||||
- Every execution is recorded in `webhook_runs`.
|
||||
- The frontend never receives real webhook URLs.
|
||||
- No critical state lives only in memory.
|
||||
15
docs/agents/web-agent.md
Normal file
15
docs/agents/web-agent.md
Normal file
@@ -0,0 +1,15 @@
|
||||
# Web Agent
|
||||
|
||||
Owns the React + Vite UI.
|
||||
|
||||
## Focus
|
||||
|
||||
- Three-column layout: sessions, chat, right panel.
|
||||
- Consume SSE from `/api/chat/stream`.
|
||||
- Show recommended actions without auto-executing them.
|
||||
- Rebuild state from the API, not from local memory as the source of truth.
|
||||
|
||||
## Do not
|
||||
|
||||
- Do not call webhooks directly from the browser.
|
||||
- Do not store tokens or secrets in the frontend.
|
||||
Reference in New Issue
Block a user