Go to file

Shaun Arman 91b6bf3d90 Some checks failed PR Review Automation / review (pull_request) Has been cancelled Details Test / rust-tests (pull_request) Has been cancelled Details Test / frontend-typecheck (pull_request) Has been cancelled Details Test / frontend-tests (pull_request) Has been cancelled Details Test / rust-clippy (pull_request) Has been cancelled Details Test / rust-fmt-check (pull_request) Has been cancelled Details ci(pr-review): fetch existing PR comments before LLM analysis Add a new 'Fetch PR comment history' step that pulls both review posts and issue comments from the Gitea API before the LLM is called. The full comment history is injected into the prompt with an explicit instruction to silently discard any finding already marked as invalid, acknowledged as intentional, or confirmed fixed in a prior round. This prevents the reviewer from repeatedly raising refuted findings across successive push events on the same PR.		2026-06-07 11:47:28 -05:00
.cargo	fix: resolve clippy format-args failures and OpenSSL vendoring issue	2026-04-04 15:05:13 -05:00
.docker	fix: revert incorrect sanitization - use 172.0.0.29 for CI runners	2026-06-05 14:52:00 -05:00
.gitea/workflows	ci(pr-review): fetch existing PR comments before LLM analysis	2026-06-07 11:47:28 -05:00
.idea	feat: initial implementation of TFTSR IT Triage & RCA application	2026-03-14 22:36:25 -05:00
cli	feat: full copy from apollo_nxt-trcaa with complete sanitization	2026-06-05 14:12:43 -05:00
docs	docs: update documentation for Kubernetes Management UI	2026-06-07 11:09:22 -05:00
scripts	feat: add kubectl binary bundling for cross-platform support	2026-06-05 08:22:54 -05:00
src	fix(kubernetes): remove redundant TS cast and fix cargo fmt failures	2026-06-07 11:37:17 -05:00
src-tauri	fix(kubernetes): remove redundant TS cast and fix cargo fmt failures	2026-06-07 11:37:17 -05:00
tests	feat(kubernetes): implement Phase 1 & 2: resource discovery UIs and advanced features	2026-06-07 10:24:26 -05:00
tickets	fix: comprehensive trcaa→tftsr conversion and URL corrections	2026-06-05 15:38:29 -05:00
.eslintrc.json	fix: lint fixes and formatting cleanup	2026-04-09 20:42:40 -05:00
.gitignore	feat: full copy from apollo_nxt-trcaa with complete sanitization	2026-06-05 14:12:43 -05:00
.renovatebot	chore: create .renovatebot directory	2026-06-05 19:10:49 +00:00
AGENTS.md	feat(k8s): implement clean-room Kubernetes management GUI	2026-06-06 20:27:39 -05:00
CHANGELOG.md	docs: update documentation for Kubernetes Management UI	2026-06-07 11:09:22 -05:00
CLAUDE.md	fix: comprehensive trcaa→tftsr conversion and URL corrections	2026-06-05 15:38:29 -05:00
cliff.toml	chore: update assets and version to 1.0.8	2026-06-05 08:36:57 -05:00
eslint.config.js	fix(kube): resolve automated PR review blockers and warnings	2026-06-06 23:55:44 -05:00
FIX_PLAN.md	feat(k8s): implement clean-room Kubernetes management GUI	2026-06-06 20:27:39 -05:00
icon.png	chore: update assets and version to 1.0.8	2026-06-05 08:36:57 -05:00
index.html	feat: add custom_rest provider mode and rebrand application name	2026-04-04 15:35:58 -05:00
KUBERNETES_V1.1.0_ASSESSMENT.md	fix(changelog): use tag range for release notes	2026-06-06 15:36:35 -05:00
lens-desktop-v5x-features.md	feat: add Kubernetes Management Implementation Plan	2026-06-07 00:44:01 -05:00
LICENSE	chore: add MIT license, security hardening, and repo hygiene	2026-04-07 12:50:13 -05:00
Makefile	fix: remove remaining proprietary references and fix branding	2026-06-05 16:00:33 -05:00
MCP_SERVER_SUPPORT.md	feat(mcp): add MCP Server Support with TDD implementation	2026-05-23 16:23:48 -05:00
new_banner.png	chore: add new branding assets	2026-06-06 14:08:47 -05:00
package-lock.json	docs: update documentation for Kubernetes Management UI	2026-06-07 11:09:22 -05:00
package.json	docs: update documentation for Kubernetes Management UI	2026-06-07 11:09:22 -05:00
postcss.config.js	feat: initial implementation of TFTSR IT Triage & RCA application	2026-03-14 22:36:25 -05:00
README.md	docs: update documentation for Kubernetes Management UI	2026-06-07 11:09:22 -05:00
tailwind.config.ts	feat: initial implementation of TFTSR IT Triage & RCA application	2026-03-14 22:36:25 -05:00
TICKET-attachment-db-storage-recall.md	feat: attachment DB storage and cross-incident recall	2026-05-31 17:55:47 -05:00
ticket-git-cliff-changelog.md	feat(ci): add automated changelog generation via git-cliff	2026-04-12 21:56:16 -05:00
TICKET-kube-pr-review-fixes.md	fix(kube): resolve automated PR review blockers and warnings	2026-06-06 23:55:44 -05:00
TICKET-pii-bypass-chat-attachments.md	fix: audit PII redaction metadata, safe bubble update, update ticket	2026-05-31 20:14:23 -05:00
tsconfig.json	docs: update documentation for Kubernetes Management UI	2026-06-07 11:09:22 -05:00
tsconfig.node.json	feat: initial implementation of TFTSR IT Triage & RCA application	2026-03-14 22:36:25 -05:00
vite.config.ts	feat: initial implementation of TFTSR IT Triage & RCA application	2026-03-14 22:36:25 -05:00
vitest.config.ts	feat: full copy from apollo_nxt-trcaa with complete sanitization	2026-06-05 14:12:43 -05:00

README.md

Troubleshooting and RCA Assistant

A structured, AI-backed desktop tool for IT incident triage, 5-Whys root cause analysis, RCA document generation, and blameless post-mortems. Runs fully offline via Ollama local models, or connects to cloud AI providers.

Built with Tauri 2 (Rust + WebView), React 18, TypeScript, and SQLCipher AES-256 encrypted storage.

CI status: — all checks green (rustfmt · clippy · 64 Rust tests · tsc · vitest)

Features

5-Whys AI Triage — Guided root cause analysis via AI chat, with auto-detection of why levels 1–5
PII Sanitization — Automatic detection and redaction of IPv4/IPv6, emails, tokens, passwords, SSNs, and more before any data leaves the machine
Multi-Provider AI — OpenAI, Anthropic Claude, Google Gemini, Mistral, and local Ollama (offline)
Encrypted Database — SQLCipher AES-256 encrypted SQLite; all issue history stays local
RCA + Post-Mortem Generation — Auto-populated Markdown templates, exportable to .md and .pdf
Ollama Management — Hardware detection, model recommendations, pull/delete models in-app
Audit Trail — Every external data send logged with SHA-256 hash
Domain System Prompts — Pre-built expert context for 8 IT domains (Linux, Windows, Network, Kubernetes, Databases, Virtualization, Hardware, Observability)
Image Attachments — Upload and manage image files with PII detection and mandatory user approval
Integrations (v0.2, coming soon) — Confluence, ServiceNow, Azure DevOps

Supported Domains

Domain	Coverage
Linux	RHEL/OEL, systemd, journald, SELinux, kernel panics
Windows	Event IDs, WinRM, BSOD codes, Server 2019/2022
Network	Fortigate, Cisco IOS, Aruba AOS-CX, Nokia SR-OS, VoIP SIP/RTP
Kubernetes	k3s, OpenShift, CrashLoopBackOff, OOMKill, etcd, Rancher
Databases	PostgreSQL WAL, Redis AOF/RDB, RabbitMQ, MSSQL
Virtualization	Proxmox VE/PBS, VDI sessions
Hardware	HPE Synergy 12000, DL-20/320/360/380, iLO event logs
Observability	Kibana/ECK, Elasticsearch shard failures

Architecture

Component	Technology
App framework	Tauri 2.x (Rust + WebView)
Frontend	React 18 + TypeScript + Vite
UI	Tailwind CSS (custom shadcn-style components)
Database	rusqlite + `bundled-sqlcipher` (AES-256)
Secret storage	`tauri-plugin-stronghold`
State management	Zustand (persisted settings store with API key redaction)
AI providers	reqwest (async HTTP)
PII detection	regex + aho-corasick multi-pattern engine

Prerequisites

System Libraries (Linux — Fedora/RHEL)

sudo dnf install -y \
  glib2-devel gtk3-devel webkit2gtk4.1-devel \
  libsoup3-devel openssl-devel librsvg2-devel

System Libraries (Linux — Debian/Ubuntu)

sudo apt-get install -y \
  libwebkit2gtk-4.1-dev libssl-dev libgtk-3-dev \
  libayatana-appindicator3-dev librsvg2-dev patchelf pkg-config

Toolchain

# Rust (minimum 1.88 — required by cookie_store, time, darling)
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh
source ~/.cargo/env

# Node.js 22+ (via your package manager)
# Verify:
rustc --version   # 1.88+
node --version    # 22+

Getting Started

# Clone
git clone https://gogs.tftsr.com/sarman/tftsr-devops_investigation.git
cd tftsr-devops_investigation
npm install --legacy-peer-deps

# Development mode (hot reload)
source ~/.cargo/env
cargo tauri dev

# Production build
cargo tauri build
# Output: src-tauri/target/release/bundle/

Releases

Pre-built installers are attached to each tagged release:

Platform	Format	Notes
Linux amd64	`.deb`, `.rpm`, `.AppImage`	Standard package or universal AppImage
Windows amd64	`.exe` (NSIS), `.msi`	From cross-compile via mingw-w64
Linux arm64	`.deb`, `.rpm`, `.AppImage`	Built natively on arm64 runner
macOS	—	Requires macOS runner — build locally

AI Provider Setup

Launch the app and go to Settings → AI Providers to add a provider:

Provider	API URL	Notes
OpenAI	`https://api.openai.com/v1`	Requires API key
Anthropic	`https://api.anthropic.com`	Requires API key
Google Gemini	`https://generativelanguage.googleapis.com`	Requires API key
Mistral	`https://api.mistral.ai/v1`	Requires API key
Ollama (local)	`http://localhost:11434`	No key needed — fully offline
Azure OpenAI	`https://<resource>.openai.azure.com/openai/deployments/<deployment>`	Requires API key
AWS Bedrock (via LiteLLM)	`http://localhost:8000/v1`	See LiteLLM + AWS Bedrock below

For offline use, install Ollama and pull a model:

ollama pull llama3.2:3b   # Good for most hardware (≥8 GB RAM)
ollama pull llama3.1:8b   # Better quality (≥16 GB RAM)

Or use Settings → Ollama to pull models directly from within the app.

LiteLLM + AWS Bedrock Setup

To use Claude via AWS Bedrock (ideal for enterprise environments with existing AWS contracts):

Install LiteLLM:
```
pip install litellm[proxy]
```

Create config file at ~/.litellm/config.yaml:

model_list:
  - model_name: bedrock-claude
    litellm_params:
      model: bedrock/us.anthropic.claude-sonnet-4-6
      aws_region_name: us-east-1
      # Optionally specify aws_profile_name if not using default

general_settings:
  master_key: sk-your-secure-key  # Any value for API auth

Start LiteLLM proxy:

nohup litellm --config ~/.litellm/config.yaml --port 8000 > ~/.litellm/litellm.log 2>&1 &

Configure in Troubleshooting and RCA Assistant:
- Provider: OpenAI (OpenAI-compatible)
- Base URL: http://localhost:8000/v1
- API Key: sk-your-secure-key (from config)
- Model: bedrock-claude

For detailed setup including multiple AWS accounts and Claude Code integration, see the LiteLLM + Bedrock wiki page.

Triage Workflow

1. New Issue      → Select domain, enter title and severity
2. Log Upload     → Drag-and-drop log files, review PII redactions
3. Triage         → 5-Whys AI conversation, auto-tracked why levels 1–5
4. Resolution     → Review and confirm each root cause and action
5. RCA            → Auto-generated RCA document, export as MD or PDF
6. Post-Mortem    → Blameless post-mortem document with action items

Project Structure

tftsr/
├── src-tauri/src/
│   ├── ai/           # AI provider clients (OpenAI, Anthropic, Gemini, Mistral, Ollama)
│   ├── pii/          # PII detection + redaction engine
│   ├── db/           # SQLCipher connection, migrations, models
│   ├── ollama/       # Hardware detection, model recommendations, download manager
│   ├── docs/         # RCA + post-mortem generators, PDF/MD exporters
│   ├── integrations/ # Confluence, ServiceNow, Azure DevOps (v0.2 stubs)
│   ├── audit/        # Audit log writer
│   ├── commands/     # Tauri IPC command handlers
│   ├── lib.rs        # App builder, plugin registration, command handler registration
│   └── state.rs      # AppState (DB connection, settings)
├── src/
│   ├── pages/        # Dashboard, NewIssue, LogUpload, Triage, Resolution, RCA, Postmortem, History, Settings, Kubernetes
│   ├── components/   # ChatWindow, TriageProgress, PiiDiffViewer, DocEditor, HardwareReport, ModelSelector, UI, Kubernetes (26 components)
│   ├── stores/       # sessionStore, settingsStore (persisted), historyStore, kubernetesStore
│   ├── lib/          # tauriCommands.ts (typed IPC wrappers), domainPrompts.ts, eventBus.ts
│   └── styles/       # Tailwind + CSS custom properties
├── tests/
│   ├── unit/         # Vitest unit tests (PII, session store, settings store)
│   └── e2e/          # WebdriverIO + tauri-driver E2E skeletons
├── docs/wiki/        # Source of truth for Gitea wiki
└── .gitea/
    └── workflows/
        ├── test.yml     # CI: rustfmt · clippy · cargo test · tsc · vitest (every push/PR)
        └── auto-tag.yml # Auto tag + release: linux/amd64 + windows/amd64 + linux/arm64 + macOS

Testing

# Unit tests (Vitest) — 13/13 passing
npm run test:run

# Frontend coverage
npm run test:coverage

# TypeScript type check
npx tsc --noEmit

# Rust checks — 64/64 tests passing
cargo check --manifest-path src-tauri/Cargo.toml
cargo test --manifest-path src-tauri/Cargo.toml

# E2E tests (requires compiled app binary)
TAURI_BINARY_PATH=./src-tauri/target/release/tftsr npm run test:e2e

CI/CD — Gitea Actions

The project uses Gitea Actions (act_runner v0.3.1) connected to the Gitea instance at gogs.tftsr.com.

Workflow	Trigger	Jobs
`.gitea/workflows/test.yml`	Every push / PR	rustfmt · clippy · cargo test (64) · tsc · vitest (13)
`.gitea/workflows/auto-tag.yml`	Push to `master`	Auto-tag, then build linux/amd64 + windows/amd64 + linux/arm64 + macOS and upload assets

Runners:

Runner	Platform	Host	Purpose
`amd64-docker-runner`	linux/amd64	gitea.tftsr.com (Docker)	Test pipeline + amd64/windows release builds
`arm64-native-runner`	linux/arm64	Local arm64 machine	Native arm64 release builds

Branch protection: master requires a PR approved by sarman, with all 5 CI checks passing before merge.

See CI/CD Pipeline wiki for full infrastructure docs.

Security

Concern	Implementation
API keys / tokens	AES-256-GCM encrypted at rest (backend), not persisted in browser storage
Database at rest	SQLCipher AES-256; key derived via PBKDF2
PII before AI send	Rust-side detection + mandatory user approval in UI
Audit trail	Hash-chained audit entries (`prev_hash` + `entry_hash`) for tamper evidence
Network	`reqwest` with TLS; HTTP blocked by Tauri capability config
Capabilities	Least-privilege: scoped fs access, no arbitrary shell by default
CSP	Strict CSP in `tauri.conf.json`; no inline scripts
Telemetry	None — zero analytics, crash reporting, or usage tracking

Database

All data is stored locally in a SQLCipher-encrypted database at:

OS	Path
Linux	`~/.local/share/tftsr/tftsr.db`
macOS	`~/Library/Application Support/tftsr/tftsr.db`
Windows	`%APPDATA%\tftsr\tftsr.db`

Override with the TRCAA_DATA_DIR (or legacy TRCAA_DATA_DIR) environment variable.

Environment Variables

Variable	Default	Purpose
`TRCAA_DATA_DIR` (or legacy `TRCAA_DATA_DIR`)	Platform data dir	Override database location
`TRCAA_DB_KEY` (or legacy `TRCAA_DB_KEY`)	(none)	Database encryption key (required in release builds)
`TRCAA_ENCRYPTION_KEY` (or legacy `TRCAA_ENCRYPTION_KEY`)	(none)	Credential encryption key (required in release builds)
`RUST_LOG`	`info`	Tracing log level (`debug`, `info`, `warn`, `error`)

Implementation Status

Phase	Description	Status
1	Scaffold & Foundation	✅ Complete
2	Security & Database Layer	✅ Complete
3	PII Sanitization Engine	✅ Complete
4	AI Provider Layer	✅ Complete
5	Ollama Integration	✅ Complete
6	Log Upload & Analysis	✅ Complete
7	5-Whys Triage Engine	✅ Complete
8	RCA & Post-Mortem Generation	✅ Complete
9	History & Search	🔲 Pending
10	Integrations (Confluence, ServiceNow, ADO)	🔲 v0.2
11	CI/CD Pipeline	✅ Complete — Gitea Actions, all checks green
12	Release Packaging	✅ linux/amd64 · linux/arm64 (native) · windows/amd64

Support the Project

If you find this project helpful, consider buying me a coffee:

License

MIT License — see LICENSE for details.

README.md Unescape Escape