Skip to content

nravada/nr-smash

Repository files navigation

nr-smash

SMASH — Semantic Multi-source Autonomous SRE Hub. An always-on agent that triages bugs from team-owned repos, the team's Jira board, and the team's Slack help channels, then drives each one to a draft PR end-to-end.

Hackathon project, designed for company-wide adoption. Built on top of the existing /smash Phase-1 Bug Smasher pattern, extended for autonomous operation.

What's in the box

Five components, three named queues, one YAML config per team. Adoption is a config change, not a code change.

collector  ──► /push?queue=manual    ──┐
                                       │
triage     ──► /push?queue=auto      ──┼──► scheduler ──► /pop ──► resolver ──► draft PR
                                       │                                            │
                  /push?queue=review-required ──► human review                     ▼
                                                                              feedback ──► guidelines
                                                                                       (evolves resolver prompt)
Component Entrypoint What it does Owner
Bug collector cmd/collector Polls Slack help channels + Jira boards; classifies via Haiku; pushes to manual queue Teammate
Triage agent cmd/triage Scans team-owned repos for machine-discoverable bugs; pushes to auto queue Teammate
Scheduler cmd/scheduler Hosts 3 named queues; HTTP API; coordinates ticks Teammate
Resolver cmd/resolver Pops priority-merged from manual+auto; clones, fixes via LLM, tests, scans, opens draft PR Rahul
Feedback cmd/feedback Polls GitHub for PR state; categorises review comments; writes Guidelines that evolve the resolver's prompt Rahul

Why this design

  • Two intake queues by source (manual = human-reported, auto = machine-discovered). Architectural-impact bugs route to a third review-required queue the resolver never pops — those need team-wide approval.
  • Bi-dimensional priorityImpact / DevEffort. The resolver picks bugs that maximise shipped impact per unit of work, not just impact alone.
  • Closed-loop feedback — outcome signals become rules in the resolver's system prompt. SMASH evolves; it isn't a fixed workflow.
  • Security as a functional requirement — AIDefence + secret redaction + repo allowlist + audit log + LLM gateway pinning + rate limiting, all enforced in code.
  • Drop-in cross-team adoption — one YAML file per team. See config/example-data-ingest.yaml and config/example-platform-team.yaml for two ready-to-use configurations.

For the full design rationale see openspec/changes/resolver-cross-team-build/proposal.md.

Adoption guide for other NR teams

  1. Clone the repo:

    git clone https://github.com/nravada/nr-smash.git
    cd nr-smash
  2. Build:

    go build ./cmd/...
  3. Write your team config (start from config/example-data-ingest.yaml):

    cp config/example-data-ingest.yaml config/my-team.yaml
    $EDITOR config/my-team.yaml

    You must change:

    • team — your team name
    • sources.slack.channel_ids, sources.jira.projects, sources.repos
    • security.repo_write_allowlist — explicit list of repos the resolver may push to (autonomous PRs require explicit allowlist; empty list refuses startup)
    • memory.namespace, memory.outcomes_namespace, memory.guidelines_namespace — team-scoped
    • security.audit_file — path for the local audit log
    • review_surface.slack_channel, review_surface.dashboard_url
  4. Set required env vars:

    export ANTHROPIC_API_KEY=...               # if llm_gateway = anthropic-direct
    export SMASH_QUEUE_TOKEN=<random-secret>   # bearer token for the queue API
  5. Start the components:

    ./scheduler --config config/my-team.yaml &
    ./resolver  --config config/my-team.yaml &
    ./feedback  --config config/my-team.yaml &
    ./collector --config config/my-team.yaml &  # or scheduler invokes via --collector-bin
  6. Verify:

    curl http://localhost:7777/health

Quick smoke test (no real PRs opened)

# Build
go build ./cmd/...

# Start scheduler with the example config
export SMASH_QUEUE_TOKEN=demo-token
./scheduler --config config/example-data-ingest.yaml &

# Push a synthetic bug into the manual queue
curl -X POST -H "Authorization: Bearer $SMASH_QUEUE_TOKEN" \
     -H "Content-Type: application/json" \
     -d '{"id":"test:1","title":"fake nil deref","body":"panic on empty input","repo":"newrelic/nri-mssql","tier":"standard","labels":["sev2"],"discovered_at":"2026-06-14T00:00:00Z","priority":2.5}' \
     http://localhost:7777/push?queue=manual

# Run resolver in dry-run, one-shot mode
export ANTHROPIC_API_KEY=...
./resolver --config config/example-data-ingest.yaml --dry-run --one-shot

# Inspect the audit log
cat .smash/audit-data-ingest.jsonl

Shared contracts

If you change one of these, open a PR with [contract] in the title and ping the team — every component depends on them.

Architecture detail

See ARCHITECTURE.md for the full component diagram, data model, security functional requirements, failure modes, and the adoption flow.

The build proposal that drove this implementation is at openspec/changes/resolver-cross-team-build/.

Common dev

go test ./...        # all tests
go vet ./...         # static analysis
gofmt -l -s .        # formatting check

Contributing

See CONTRIBUTING.md. Short version: branch off main, prefix PR title with the component name (resolver:, feedback:, etc.), at least one approving review per PR, never --no-verify.

License

Apache-2.0 — see LICENSE.

About

No description, website, or topics provided.

Resources

License

Contributing

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors