Actions & Governance
Kobi proposes and executes cluster changes with RBAC enforcement, dry-run previews, a master/destructive governance switch, and a full before/after audit trail.
The AI Copilot doesn’t only diagnose — it can act. Kobi proposes concrete fixes and, with your approval, executes them against the cluster. Every action is RBAC-enforced, can be previewed before it runs, and is recorded with a before/after snapshot. This page covers the action surface and the controls that keep it safe.
Native actions
| Action | What it does |
|---|---|
restart_workload | Rollout-restart a Deployment, StatefulSet, or DaemonSet |
scale_workload | Change replica count |
rollback_deployment | Roll a Deployment back to a previous revision |
set_image | Update a container image |
set_resources | Adjust CPU/memory requests and limits |
set_env | Set or update environment variables |
patch_hpa | Change HorizontalPodAutoscaler min/max/target |
attach-debug-container | Attach an ephemeral debug container to a running pod |
delete_resource | Delete a resource (destructive) |
Actions are triggered two ways, and the origin is stamped on every record: a
Kobi proposal (copilot_proposal) that you approve in chat, or a direct
UI action from a resource page. When an action originates from an insight,
the originatingInsightId threads through so the audit trail links the symptom
to the fix.
Dry-run preview
scale_workload, set_resources, set_image, and patch_hpa render a preview of
exactly what will change before anything is applied — so you approve a concrete
diff, not a vague intent.
Governance switch
Actions are gated by a two-level toggle, on by default:
- Master switch — turn all write actions off entirely. Kobi still diagnoses and proposes; it just can’t execute.
- Destructive sub-switch — keep everyday actions (restart, scale, set image) available while disabling destructive ones like
delete_resource.
This lets you match the blast radius to your environment — full automation in dev, proposal-only in production, for example.
Audit trail
Every mutation is persisted with a before/after snapshot, the operator’s
identity, the action source, and the result. The admin history at
/admin/actions shows a before/after YAML diff for each action and filters by
user, action type, and result.
Actions always run under the detected RBAC permissions — Kobi can never do more than the cluster grants. See RBAC for how KubeBolt detects and adapts to your kubeconfig’s permissions.