This commit is contained in:
zphinx
111
README.md
111
README.md
@@ -35,6 +35,7 @@ The tool may suggest remediation commands in output, but does not execute them.
|
||||
- Diagnostics collection mode
|
||||
- AI analysis mode
|
||||
- Optional analysis export via `--output-file <path>` (`--output-format markdown|json`)
|
||||
- Automatic host history persistence/read via database (`--history-db`, `--history/--no-history`)
|
||||
- Interactive loop with `/collect`, `/analyze`, `/help`, `/quit`
|
||||
|
||||
### AI and Prompting
|
||||
@@ -184,6 +185,106 @@ tai run "sshd authentication failed" \
|
||||
--output-format json
|
||||
```
|
||||
|
||||
JSON export includes host-specific run metadata:
|
||||
|
||||
- `schema` and `generated_at`
|
||||
- `issue`, `host`, `model`
|
||||
- `collection` summary (`total`, `failed`, `succeeded`)
|
||||
- `token_usage` (`prompt_tokens`, `completion_tokens`, `total_tokens`) when available from backend
|
||||
- `analysis` text
|
||||
|
||||
By default, each analyzed run is also written to the history database and prior
|
||||
sessions for the same host are read and injected as historical context.
|
||||
|
||||
Database targets supported by `--history-db`:
|
||||
|
||||
- SQLite file path (for example `~/.tai/history.db`)
|
||||
- SQLite URL (for example `sqlite:////tmp/tai-history.db`)
|
||||
- PostgreSQL DSN (for example `postgresql://user:pass@dbhost:5432/tai`)
|
||||
|
||||
Example using remote PostgreSQL history database:
|
||||
|
||||
```bash
|
||||
tai run "sshd authentication failed" \
|
||||
--host bastion01 \
|
||||
--collect --analyze \
|
||||
--history-db postgresql://tai_user:secret@db.internal:5432/tai
|
||||
```
|
||||
|
||||
Credential options for external history DB:
|
||||
|
||||
- `--history-db-user <user>`
|
||||
- `--history-db-password <password>`
|
||||
- `--env-file <path>` (loads dotenv values)
|
||||
|
||||
Dotenv keys for history DB credentials:
|
||||
|
||||
- `TAI_HISTORY_DB_USER`
|
||||
- `TAI_HISTORY_DB_PASSWORD`
|
||||
|
||||
Runbook store targets supported by `--runbooks` and `tai runbooks --store`:
|
||||
|
||||
- Local embedded ChromaDB path (default)
|
||||
- Remote ChromaDB URL (for example `http://chroma.internal:8000`)
|
||||
|
||||
Example using remote ChromaDB runbook store at analysis time:
|
||||
|
||||
```bash
|
||||
tai run "nginx failing after reboot" \
|
||||
--host web01 \
|
||||
--collect --analyze \
|
||||
--runbooks http://chroma.internal:8000
|
||||
```
|
||||
|
||||
Credential options for remote runbook store:
|
||||
|
||||
- `--runbooks-user <user>` / `--runbooks-password <password>` on `tai run`
|
||||
- `--store-user <user>` / `--store-password <password>` on `tai runbooks ...`
|
||||
- `--env-file <path>` (loads dotenv values)
|
||||
|
||||
Dotenv keys for runbook store credentials:
|
||||
|
||||
- `TAI_RUNBOOK_STORE_USER`
|
||||
- `TAI_RUNBOOK_STORE_PASSWORD`
|
||||
|
||||
Remote runbook (playbook) sources supported by `tai runbooks sync --path`:
|
||||
|
||||
- Local directory path (for example `./runbooks`)
|
||||
- SSH directory URI (for example `ssh://ops@ssh.archflux.net/opt/tai/runbooks`)
|
||||
- HTTP/HTTPS webroot URL that exposes `.md` links (for example `https://kb.example/runbooks/`)
|
||||
|
||||
Webroot hardening rules:
|
||||
|
||||
- Only `.md` links are considered for download.
|
||||
- Downloaded payload must look like real Markdown (HTML wrappers are ignored).
|
||||
- Non-markdown payloads are discarded.
|
||||
- Downloaded content is never executed. It is stored as plain text and only parsed for AI retrieval context.
|
||||
|
||||
Single runbook (playbook) sources supported by `tai runbooks add`:
|
||||
|
||||
- Local file path
|
||||
- SSH file URI (for example `ssh://ops@ssh.archflux.net/opt/tai/runbooks/nginx.md`)
|
||||
- HTTP/HTTPS URL to a Markdown file
|
||||
|
||||
For HTTP/HTTPS single-file add, the source URL must end in `.md` and resolve to Markdown content.
|
||||
|
||||
Examples:
|
||||
|
||||
```bash
|
||||
# Sync from SSH-hosted runbooks directory into remote ChromaDB
|
||||
tai runbooks sync \
|
||||
--path ssh://ops@ssh.archflux.net/opt/tai/runbooks \
|
||||
--store http://chroma.internal:8000
|
||||
|
||||
# Sync from HTTPS webroot listing Markdown runbooks
|
||||
tai runbooks sync \
|
||||
--path https://kb.example/runbooks/ \
|
||||
--store ~/.tai/runbooks
|
||||
|
||||
# Add one runbook directly from HTTPS
|
||||
tai runbooks add https://kb.example/runbooks/nginx.md --store ~/.tai/runbooks
|
||||
```
|
||||
|
||||
## Runbook Workflow
|
||||
|
||||
1. Write Markdown runbooks in `runbooks/` with frontmatter keys: `service`, `symptoms`, `tags`.
|
||||
@@ -209,6 +310,16 @@ Focused suites:
|
||||
pytest tests/test_plan.py tests/test_ai.py tests/test_cli.py
|
||||
```
|
||||
|
||||
## Man Page
|
||||
|
||||
A manual page is available at `docs/tai.1`.
|
||||
|
||||
Render it locally:
|
||||
|
||||
```bash
|
||||
man ./docs/tai.1
|
||||
```
|
||||
|
||||
## Known Limits
|
||||
|
||||
- Deep service-specific probes (known binary/config/package aliases) are richer for recognized services than generic service names.
|
||||
|
||||
Reference in New Issue
Block a user