In [1]:
import requests
import json
import boto3
from botocore.exceptions import NoCredentialsError
from datetime import datetime
import os
import sys
import re
import yaml

In [2]:
# MinIO Storage Settings
MINIO_ENDPOINT = os.getenv("AWS_S3_ENDPOINT")
MINIO_ACCESS_KEY = os.getenv("AWS_ACCESS_KEY_ID")
MINIO_SECRET_KEY = os.getenv("AWS_SECRET_ACCESS_KEY")
LOGS_BUCKET = "logs"
REPORTS_BUCKET = "report"
PLAYBOOKS_BUCKET = "playbook"
LOG_FILE = "service_error_down.txt" # This variable will be used throughout the script

# LLM Info
INFERENCE_ENDPOINT = "https://granite-aiops.apps.cluster-hdmxf.hdmxf.sandbox689.opentlc.com"
MODEL_API_URL = f"{INFERENCE_ENDPOINT}/v1/completions"
MODEL_NAME = "granite"

In [34]:

def extract_and_save_keywords(report_filename="incident_report.txt", output_filename="extracted_keywords.json"):
    """Reads the full report, extracts keywords, and saves them to a new file."""
    print(f"\n--> Step 1: Extracting and saving keywords...")
    details = {}
    try:
        with open(report_filename, 'r', encoding='utf-8') as f:
            report_text = f.read()
            
        host_pattern = re.search(r"AFFECTED HOST:\s*(.*)", report_text, re.IGNORECASE)
        service_pattern = re.search(r"AFFECTED SERVICE:\s*(.*)", report_text, re.IGNORECASE)
        port_pattern = re.search(r"port (\d+)", report_text, re.IGNORECASE)

        if host_pattern:
            details["host"] = host_pattern.group(1).strip().strip('*').strip()
        if service_pattern:
            raw_service = service_pattern.group(1).strip().strip('*').strip()
            details["service"] = raw_service.replace('.service', '') if raw_service.endswith('.service') else raw_service
            
        details["port"] = 80
        if port_pattern:
            details["port"] = int(port_pattern.group(1))
            
        if "host" in details and "service" in details:
            print(f"    ✅ Extracted Host: '{details['host']}', Service: '{details['service']}', Port: {details['port']}")
            with open(output_filename, 'w') as out_f:
                json.dump(details, out_f, indent=4)
            print(f"    ✅ Successfully saved keywords to '{output_filename}'.")
            return details
            
        print("    ❌ Failed to extract keywords.")
        return None
    except FileNotFoundError:
        print(f"    ❌ Error: The file '{report_filename}' was not found. Please ensure the first pipeline stage has run.")
    except Exception as e:
        print(f"    ❌ An error occurred during keyword extraction: {e}")
    return None

def query_model_for_playbook_steps(incident_report_filename="incident_report.txt"):
    """Queries the AI model to generate a JSON object describing the playbook tasks."""
    print(f"\n--> Step 2: Querying AI model for playbook steps (JSON)...")
    try:
        with open(incident_report_filename, 'r', encoding='utf-8') as f:
            report_content = f.read()
    except Exception as e:
        print(f"    ❌ Error reading report file '{incident_report_filename}': {e}")
        return None
        
    prompt = f"""
Based on the full incident report below, generate a JSON object containing a list of Ansible tasks for remediation.
Each task in the JSON list should be an object with three keys: "name" (a string for the task description), "module" (a string for the Ansible module, e.g., "ansible.builtin.service"), and "args" (an object of key-value pairs for the module's arguments).

**Full Incident Report for Context:**
---
{report_content}
---

**Example of a valid JSON response format:**
{{
  "tasks": [
    {{
      "name": "Ensure httpd is installed",
      "module": "ansible.builtin.dnf",
      "args": {{
        "name": "httpd",
        "state": "present"
      }}
    }},
    {{
      "name": "Start and enable httpd service",
      "module": "ansible.builtin.service",
      "args": {{
        "name": "httpd",
        "state": "started",
        "enabled": true
      }}
    }}
  ]
}}
"""
    headers = {"Content-Type": "application/json"}
    payload = {"model": MODEL_NAME, "prompt": prompt, "max_tokens": 2048}
    
    try:
        response = requests.post(MODEL_API_URL, headers=headers, json=payload, verify=False)
        response.raise_for_status()
        result = response.json()
        if 'choices' in result and result['choices']:
            response_text = result['choices'][0].get('text', '').strip()
            
            # Find the JSON object within the response text
            json_match = re.search(r'\{.*\}', response_text, re.DOTALL)
            if json_match:
                json_string = json_match.group(0)
                # **FIX**: Use `strict=False` to allow unescaped control characters within the JSON strings.
                task_data = json.loads(json_string, strict=False)
                print("    ✅ AI-generated task data received and parsed successfully.")
                return task_data.get("tasks", [])
            else:
                print("    ❌ No valid JSON object found in AI response.")
                return None
    except Exception as e:
        print(f"    ❌ Error generating or parsing playbook tasks from AI model: {e}")
    return None

def construct_final_playbook(tasks_list, keywords):
    """Constructs the final playbook by combining the static header and the AI-generated tasks."""
    print("\n--> Step 3: Constructing final playbook from structured data...")
    
    header = {
        'name': f"Restore {keywords.get('service', 'service').upper()} Service",
        'hosts': keywords.get('host'),
        'become': True,
        'vars': {
            'max_retries': 3,
            'retry_delay': 10,
            'service': keywords.get('service'),
            'port': keywords.get('port')
        }
    }
    
    # Reconstruct the tasks in the correct Ansible format from the JSON data
    ansible_tasks = []
    for task in tasks_list:
        # The module name becomes the key, and its args become the value
        ansible_tasks.append({
            'name': task.get('name'),
            task.get('module'): task.get('args', {})
        })

    try:
        # Combine the header and the reconstructed tasks
        final_playbook_data = [{**header, 'tasks': ansible_tasks}]
        final_playbook_yaml = yaml.dump(final_playbook_data, sort_keys=False, indent=2)
        print("    ✅ Final playbook constructed successfully.")
        return final_playbook_yaml
    except Exception as e:
        print(f"    ❌ Error constructing final playbook from AI response: {e}")
    return None

def upload_to_minio(s3_client, bucket, object_name, content):
    """Uploads content to a specified MinIO bucket."""
    print(f"\n--> Uploading '{object_name}' to bucket '{bucket}'...")
    try:
        s3_client.put_object(Body=content.encode('utf-8'), Bucket=bucket, Key=object_name)
        print(f"    ✅ Successfully uploaded '{object_name}'.")
        return True
    except Exception as e:
        print(f"    ❌ Error uploading to MinIO: {e}")
    return False

def main():
    """Main function to run the AIOps workflow."""
    clean_endpoint = MINIO_ENDPOINT.replace("http://", "").replace("https://", "")
    endpoint_url_with_protocol = f"http://{clean_endpoint}"
    
    s3_client = boto3.client(
    's3', 
    endpoint_url=endpoint_url_with_protocol, 
    aws_access_key_id=MINIO_ACCESS_KEY, 
    aws_secret_access_key=MINIO_SECRET_KEY
    )
    
    keywords = extract_and_save_keywords()
    if not keywords:
        sys.exit("Pipeline stopped: Failed to extract keywords.")
        
    playbook_steps = query_model_for_playbook_steps()
    print(playbook_steps)
    if not playbook_steps: sys.exit("Pipeline stopped: Could not generate playbook steps.")

    final_playbook = construct_final_playbook(playbook_steps, keywords)
    if not final_playbook: sys.exit("Pipeline stopped: Could not construct final playbook.")

        
    if not upload_to_minio(s3_client, PLAYBOOKS_BUCKET, f"remediation_playbook_{datetime.now().strftime('%Y%m%d_%H%M%S')}.yml", final_playbook):
        sys.exit("Pipeline stopped: Failed to upload playbook.")

    print("\n--- FINAL ACTIONABLE PLAYBOOK ---")
    print(final_playbook)

if __name__ == "__main__":
    print("==============================================")
    print("AIOps PIPELINE STAGE: Generate Remediation Playbook")
    print("==============================================")
    main()
    print("\n==============================================")
    print("                   STAGE COMPLETE")
    print("==============================================")

AIOps PIPELINE STAGE: Generate Remediation Playbook

--> Step 1: Extracting and saving keywords...
    ✅ Extracted Host: 'aiops', Service: 'httpd', Port: 80
    ✅ Successfully saved keywords to 'extracted_keywords.json'.

--> Step 2: Querying AI model for playbook steps (JSON)...




    ✅ AI-generated task data received and parsed successfully.

--> Step 3: Constructing final playbook from structured data...
    ✅ Final playbook constructed successfully.

--> Uploading 'remediation_playbook_20250617_130407.yml' to bucket 'playbook'...
    ✅ Successfully uploaded 'remediation_playbook_20250617_130407.yml'.

--- FINAL ACTIONABLE PLAYBOOK ---
- name: Restore HTTPD Service
  hosts: aiops
  become: true
  vars:
    max_retries: 3
    retry_delay: 10
    service: httpd
    port: 80
  tasks:
  - name: Start the HTTP server service
    ansible.builtin.service:
      name: httpd
      state: started
      enabled: true
  - name: Check the status of the HTTP server service
    ansible.builtin.service:
      name: httpd
      state: status
  - name: Verify that the HTTP server is listening on Port 80
    ansible.builtin.command:
      cmd: ss -tln | grep 80


                   STAGE COMPLETE


## Problems solved 

1. invalid control character


   a. a very specific and common issue when working with AI-generated JSON. It happens because the AI model sometimes includes invisible characters, like newlines or tabs, inside the JSON strings it creates, which causes the standard Python JSON parser to fail.

   b. Updated version will tell the JSON parser to be less strict and to allow these control characters


2. incomplete generation ("ansible.builtin.servi")

    a. The AI is outputting this:

              ansible.builtin.
            
            service:
            
            
        But valid YAML requires this:
        
              ansible.builtin.service:


    b. Updated prompt will now include a very explicit instruction not to break module names across multiple lines. 

3.  * characters : error constructing final playbook... expected alphabetic or numeric character, but found '*' confirms this. The YAML parser sees the * from the markdown bolding and stops because it's not valid YAML.
  

