Initial commit: breakpilot-compliance - Compliance SDK Platform

Services: Admin-Compliance, Backend-Compliance, AI-Compliance-SDK, Consent-SDK, Developer-Portal, PCA-Platform, DSMS Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-11 23:47:28 +01:00
commit 4435e7ea0a
734 changed files with 251369 additions and 0 deletions
--- a/admin-compliance/ai-compliance-sdk/internal/db/migrations/001_create_sdk_states.sql
+++ b/admin-compliance/ai-compliance-sdk/internal/db/migrations/001_create_sdk_states.sql
@@ -0,0 +1,60 @@
+-- Migration: Create SDK States Table
+-- Description: Initial schema for SDK state persistence
+
+-- Enable UUID extension if not already enabled
+CREATE EXTENSION IF NOT EXISTS "uuid-ossp";
+
+-- Create sdk_states table
+CREATE TABLE IF NOT EXISTS sdk_states (
+    id UUID PRIMARY KEY DEFAULT uuid_generate_v4(),
+    tenant_id VARCHAR(255) NOT NULL UNIQUE,
+    user_id VARCHAR(255),
+    state JSONB NOT NULL,
+    version INTEGER DEFAULT 1,
+    created_at TIMESTAMP WITH TIME ZONE DEFAULT NOW(),
+    updated_at TIMESTAMP WITH TIME ZONE DEFAULT NOW()
+);
+
+-- Create index on tenant_id for fast lookups
+CREATE INDEX IF NOT EXISTS idx_sdk_states_tenant ON sdk_states(tenant_id);
+
+-- Create index on updated_at for ordering
+CREATE INDEX IF NOT EXISTS idx_sdk_states_updated ON sdk_states(updated_at DESC);
+
+-- Create trigger to automatically update updated_at
+CREATE OR REPLACE FUNCTION update_sdk_states_updated_at()
+RETURNS TRIGGER AS $$
+BEGIN
+    NEW.updated_at = NOW();
+    RETURN NEW;
+END;
+$$ LANGUAGE plpgsql;
+
+DROP TRIGGER IF EXISTS trigger_sdk_states_updated_at ON sdk_states;
+CREATE TRIGGER trigger_sdk_states_updated_at
+    BEFORE UPDATE ON sdk_states
+    FOR EACH ROW
+    EXECUTE FUNCTION update_sdk_states_updated_at();
+
+-- Add comments
+COMMENT ON TABLE sdk_states IS 'Stores SDK state for each tenant';
+COMMENT ON COLUMN sdk_states.tenant_id IS 'Unique identifier for the tenant';
+COMMENT ON COLUMN sdk_states.user_id IS 'User who last modified the state';
+COMMENT ON COLUMN sdk_states.state IS 'JSON state object';
+COMMENT ON COLUMN sdk_states.version IS 'Version number for optimistic locking';
+
+-- Create cleanup function for old states (optional)
+CREATE OR REPLACE FUNCTION cleanup_old_sdk_states(days_old INTEGER DEFAULT 365)
+RETURNS INTEGER AS $$
+DECLARE
+    deleted_count INTEGER;
+BEGIN
+    DELETE FROM sdk_states
+    WHERE updated_at < NOW() - (days_old || ' days')::INTERVAL;
+
+    GET DIAGNOSTICS deleted_count = ROW_COUNT;
+    RETURN deleted_count;
+END;
+$$ LANGUAGE plpgsql;
+
+COMMENT ON FUNCTION cleanup_old_sdk_states IS 'Removes SDK states older than specified days';
--- a/admin-compliance/ai-compliance-sdk/internal/db/postgres.go
+++ b/admin-compliance/ai-compliance-sdk/internal/db/postgres.go
@@ -0,0 +1,173 @@
+package db
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"time"
+
+	"github.com/jackc/pgx/v5/pgxpool"
+)
+
+// Pool wraps a pgxpool.Pool with SDK-specific methods
+type Pool struct {
+	*pgxpool.Pool
+}
+
+// SDKState represents the state stored in the database
+type SDKState struct {
+	ID        string          `json:"id"`
+	TenantID  string          `json:"tenant_id"`
+	UserID    string          `json:"user_id,omitempty"`
+	State     json.RawMessage `json:"state"`
+	Version   int             `json:"version"`
+	CreatedAt time.Time       `json:"created_at"`
+	UpdatedAt time.Time       `json:"updated_at"`
+}
+
+// NewPostgresPool creates a new database connection pool
+func NewPostgresPool(connectionString string) (*Pool, error) {
+	config, err := pgxpool.ParseConfig(connectionString)
+	if err != nil {
+		return nil, fmt.Errorf("failed to parse connection string: %w", err)
+	}
+
+	config.MaxConns = 10
+	config.MinConns = 2
+	config.MaxConnLifetime = 1 * time.Hour
+	config.MaxConnIdleTime = 30 * time.Minute
+
+	pool, err := pgxpool.NewWithConfig(context.Background(), config)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create connection pool: %w", err)
+	}
+
+	// Test connection
+	if err := pool.Ping(context.Background()); err != nil {
+		return nil, fmt.Errorf("failed to ping database: %w", err)
+	}
+
+	return &Pool{Pool: pool}, nil
+}
+
+// GetState retrieves state for a tenant
+func (p *Pool) GetState(ctx context.Context, tenantID string) (*SDKState, error) {
+	query := `
+		SELECT id, tenant_id, user_id, state, version, created_at, updated_at
+		FROM sdk_states
+		WHERE tenant_id = $1
+	`
+
+	var state SDKState
+	err := p.QueryRow(ctx, query, tenantID).Scan(
+		&state.ID,
+		&state.TenantID,
+		&state.UserID,
+		&state.State,
+		&state.Version,
+		&state.CreatedAt,
+		&state.UpdatedAt,
+	)
+	if err != nil {
+		return nil, err
+	}
+
+	return &state, nil
+}
+
+// SaveState saves or updates state for a tenant with optimistic locking
+func (p *Pool) SaveState(ctx context.Context, tenantID string, userID string, state json.RawMessage, expectedVersion *int) (*SDKState, error) {
+	query := `
+		INSERT INTO sdk_states (tenant_id, user_id, state, version)
+		VALUES ($1, $2, $3, 1)
+		ON CONFLICT (tenant_id) DO UPDATE SET
+			state = $3,
+			user_id = COALESCE($2, sdk_states.user_id),
+			version = sdk_states.version + 1,
+			updated_at = NOW()
+		WHERE ($4::int IS NULL OR sdk_states.version = $4)
+		RETURNING id, tenant_id, user_id, state, version, created_at, updated_at
+	`
+
+	var result SDKState
+	err := p.QueryRow(ctx, query, tenantID, userID, state, expectedVersion).Scan(
+		&result.ID,
+		&result.TenantID,
+		&result.UserID,
+		&result.State,
+		&result.Version,
+		&result.CreatedAt,
+		&result.UpdatedAt,
+	)
+	if err != nil {
+		return nil, err
+	}
+
+	return &result, nil
+}
+
+// DeleteState deletes state for a tenant
+func (p *Pool) DeleteState(ctx context.Context, tenantID string) error {
+	query := `DELETE FROM sdk_states WHERE tenant_id = $1`
+	_, err := p.Exec(ctx, query, tenantID)
+	return err
+}
+
+// InMemoryStore provides an in-memory fallback when database is not available
+type InMemoryStore struct {
+	states map[string]*SDKState
+}
+
+// NewInMemoryStore creates a new in-memory store
+func NewInMemoryStore() *InMemoryStore {
+	return &InMemoryStore{
+		states: make(map[string]*SDKState),
+	}
+}
+
+// GetState retrieves state from memory
+func (s *InMemoryStore) GetState(tenantID string) (*SDKState, error) {
+	state, ok := s.states[tenantID]
+	if !ok {
+		return nil, fmt.Errorf("state not found")
+	}
+	return state, nil
+}
+
+// SaveState saves state to memory
+func (s *InMemoryStore) SaveState(tenantID string, userID string, state json.RawMessage, expectedVersion *int) (*SDKState, error) {
+	existing, exists := s.states[tenantID]
+
+	// Optimistic locking check
+	if expectedVersion != nil && exists && existing.Version != *expectedVersion {
+		return nil, fmt.Errorf("version conflict")
+	}
+
+	now := time.Now()
+	version := 1
+	createdAt := now
+
+	if exists {
+		version = existing.Version + 1
+		createdAt = existing.CreatedAt
+	}
+
+	newState := &SDKState{
+		ID:        fmt.Sprintf("%s-%d", tenantID, time.Now().UnixNano()),
+		TenantID:  tenantID,
+		UserID:    userID,
+		State:     state,
+		Version:   version,
+		CreatedAt: createdAt,
+		UpdatedAt: now,
+	}
+
+	s.states[tenantID] = newState
+	return newState, nil
+}
+
+// DeleteState deletes state from memory
+func (s *InMemoryStore) DeleteState(tenantID string) error {
+	delete(s.states, tenantID)
+	return nil
+}