p24-infra Docs

README

2 min read

18 — Workbooks

The audit-engine uses workbooks — AI-generated specifications stored in the audit.workbooks Supabase table — to define what each audit run checks, what data it collects, and what it delivers. One active workbook exists per audit.actions row.

How the Workbook System Works

  1. A row in audit.actions has a schedule (cron string), action_type, and status
  2. When status = 'new', the audit-engine designer.py calls Claude to auto-generate a WorkbookSpec JSON
  3. The spec defines: sections, data connectors to use, thresholds, delivery (email + Drive)
  4. On each scheduled run, scheduler.py dispatches to the appropriate action handler
  5. Results are written to audit.runs; PDF reports go via Mailgun to radieu@gmail.com

Key Documents

DocumentDescription
audit-engine.mdFull specification — WorkbookSpec model, connectors, scheduler, delivery
audit-engine-operations.mdDeployment, health check, manual trigger, log access
workbook-template.mdTemplate for creating new workbook specs manually

Action Types

action_typeDescription
ai_workbookAI-generated multi-section audit report; uses all connectors
ping_checkSimple availability ping to registered service URLs
infra_docs_checkChecks dev_r_services for compliance_workbook != 'yes'; fails if gaps found
eu_ai_act_checkChecks dev_r_ai_systems for compliance gaps; runs weekly Monday 08:00 UTC

Connector Inventory

ConnectorModuleWhat it fetches
GitHubconnectors/github_connOpen issues, PR status, CI run results
Prometheusconnectors/prometheus_connPromQL queries against Thanos Query
Wasabi S3connectors/wasabi_connBackup status JSON, bucket size
Google Driveconnectors/gdrive_connReport upload destination
HTTPconnectors/http_connGeneric HTTP health checks
n8nconnectors/n8n_connn8n workflow execution status

Workbook Perspective Map

Each of the 18 perspectives in this documentation hub has a corresponding audit focus:

PerspectiveAudit coverage
04 — MonitoringPrometheus target up, Alertmanager firing, exporter health
05 — Backups DRWasabi backup status JSON freshness, restore drill flag
06 — SecretsCredential age via credential-exporter metrics
11 — Automationsn8n workflow last-run status, audit-engine run history
14 — Complianceinfra_docs_check (daily), eu_ai_act_check (weekly)
12 — Costscost-exporter Prometheus metrics vs budget thresholds

Cross-references

  • README — audit-engine service operations
  • README — compliance checks driven by infra_docs_check and eu_ai_act_check
  • README — workbook template for new workbook creation

Graph View

Backlinks