stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity
Files
9b58589ba01342d5df7ab3bbfd7370cc970cdd21
git.stella-ops.org/docs/features/dropped/playbook-learning.md

2.8 KiB
Raw Blame History

Playbook Learning (Run-to-Patch Pipeline)

Module

AdvisoryAI

Status

PARTIALLY_IMPLEMENTED

Description

Run artifacts and evidence bundles support playbook-related data, but dedicated playbook learning, patch proposal generation, and versioned playbook management are not fully distinct modules yet.

What's Implemented

  • Run tracking infrastructure: RunService (src/AdvisoryAi/StellaOps.AdvisoryAI/Runs/RunService.cs) tracks runs with artifacts and events
  • Run models: Run, RunArtifact, RunEvent (src/AdvisoryAi/StellaOps.AdvisoryAI/Runs/Models/) capture run outcomes
  • Run storage: InMemoryRunStore (src/AdvisoryAi/StellaOps.AdvisoryAI/Runs/InMemoryRunStore.cs) persists run data
  • Evidence bundle assembly: EvidenceBundleAssembler (src/AdvisoryAi/StellaOps.AdvisoryAI/Chat/Assembly/EvidenceBundleAssembler.cs) assembles evidence packs from data providers
  • Remediation planning: AiRemediationPlanner (src/AdvisoryAi/StellaOps.AdvisoryAI/Remediation/AiRemediationPlanner.cs) generates fix plans
  • PR generation: GitHubPullRequestGenerator, GitLabMergeRequestGenerator, AzureDevOpsPullRequestGenerator create PRs from remediation plans
  • Run API endpoints: RunEndpoints (src/AdvisoryAi/StellaOps.AdvisoryAI.WebService/Endpoints/RunEndpoints.cs) exposes run data
  • Advisory output persistence: AdvisoryOutputStore (src/AdvisoryAi/StellaOps.AdvisoryAI/Outputs/AdvisoryOutputStore.cs), FileSystemAdvisoryOutputStore (src/AdvisoryAi/StellaOps.AdvisoryAI.Hosting/FileSystemAdvisoryOutputStore.cs)

What's Missing

  • Playbook learning engine: No dedicated module that analyzes past run outcomes to learn optimal remediation patterns and build reusable playbooks
  • Versioned playbook management: No playbook versioning, publishing, or catalog system for sharing learned remediation workflows
  • Patch proposal generation: No automated system that generates patch proposals by combining learned patterns from successful past remediations
  • Feedback loop learning: No mechanism to feed PR merge/reject outcomes back into the learning engine to improve future recommendations
  • Playbook template library: No library of reusable playbook templates (e.g., "upgrade-npm-dependency", "patch-container-base-image") with parameterization

Implementation Plan

  • Build a playbook learning engine that analyzes successful Run outcomes from RunService/InMemoryRunStore
  • Add versioned playbook model with CRUD operations and a catalog API
  • Implement patch proposal generation by matching current vulnerabilities against learned playbook patterns
  • Add feedback loop from SCM connectors (PR merge/reject events) back to the learning engine
  • Create a playbook template library with parameterized remediation workflows

Related Documentation

  • Source: Feature matrix scan