OR
OpenRemedy

Recipes

Remediation playbook catalog.

Catalog of remediation playbooks. Recipes are the atomic units the agent (or a policy) can execute on a server.

RBAC. Read and execute are open to all roles. Create, update, and delete are superadmin only. The catalog is global across tenants; tenant admins must not be able to inject playbook_paths that other tenants will execute.

Catalog

Route: /recipes Role gating: read for all; write for superadmin.

Card grid with name, description, incident type, risk level (drives the approval gate), category (diagnostic / remediation), proactive flag, and tags.

Filters

  • Category dropdown.
  • Proactive-only checkbox.
  • Free-text search on name and description.

Actions

  • New recipe (top button) → /recipes/new (superadmin).
  • Click a card → recipe detail.
  • Hover reveals a delete button (superadmin).

Create

Route: /recipes/new Role gating: superadmin.

Form fields:

  • Name (auto-slugifies on entry).
  • Slug — editable while creating, immutable after.
  • Description.
  • Incident type.
  • Category (diagnostic / remediation).
  • Risk level (low / medium / high) — drives the approval gate.
  • Playbook path, relative to backend/playbooks/.
  • Tags (comma-separated).
  • is_proactive checkbox.
  • Variables — dynamic key / value list.

Submit creates the recipe and routes to its detail page.

Detail

Route: /recipes/{slug} Role gating: read for all; edit / delete buttons hidden for non-superadmin.

Read-only view: name, version, risk level, trust level, category, proactive badge, description, incident type, playbook path, prerequisites, pre / post-checks, rollback path, variables JSON.

The page does not run recipes directly. Recipes are executed via:

  • a Policy wired to a trigger,
  • the Approve button on an incident's pending execution,
  • the maintenance scheduler.

Edit

Route: /recipes/{slug}/edit Role gating: superadmin.

Same fields as the create form. Slug is locked; everything else is mutable. Submit returns to the recipe detail.

Related routes

  • policies — policies wire triggers to recipes
  • incidents — recipes are executed against incidents
  • maintenances — maintenance plans may invoke recipes