Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1ac716261cb6d62576688200eeeb2ccd7fa45428
breakpilot-compliance/ai-compliance-sdk/internal/app/app.go
Benjamin Admin 1ac716261c
Some checks failed
Build + Deploy / build-admin-compliance (push) Successful in 1m45s
Details
Build + Deploy / build-backend-compliance (push) Successful in 4m42s
Details
Build + Deploy / build-ai-sdk (push) Successful in 46s
Details
Build + Deploy / build-developer-portal (push) Successful in 1m6s
Details
Build + Deploy / build-tts (push) Successful in 1m14s
Details
Build + Deploy / build-document-crawler (push) Successful in 31s
Details
Build + Deploy / build-dsms-gateway (push) Successful in 24s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / loc-budget (push) Failing after 15s
Details
CI / secret-scan (push) Has been skipped
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Successful in 2m27s
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / test-go (push) Failing after 37s
Details
CI / test-python-backend (push) Successful in 42s
Details
CI / test-python-document-crawler (push) Successful in 25s
Details
CI / test-python-dsms-gateway (push) Successful in 23s
Details
CI / validate-canonical-controls (push) Successful in 18s
Details
Build + Deploy / trigger-orca (push) Successful in 4m35s
Details
feat: Compliance Maximizer — Regulatory Optimization Engine 
Neues Modul das den regulatorischen Spielraum fuer KI-Use-Cases
deterministisch berechnet und optimale Konfigurationen vorschlaegt.

Kernfeatures:
- 13-Dimensionen Constraint-Space (DSGVO + AI Act)
- 3-Zonen-Analyse: Verboten / Eingeschraenkt / Erlaubt
- Deterministische Optimizer-Engine (kein LLM im Kern)
- 28 Constraint-Regeln aus DSGVO, AI Act, EDPB Guidelines
- 28 Tests (Golden Suite + Meta-Tests)
- REST API: /sdk/v1/maximizer/* (9 Endpoints)
- Frontend: 3-Zonen-Visualisierung, Dimension-Form, Score-Gauges

[migration-approved]

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-23 09:10:20 +02:00

175 lines
6.6 KiB
Go
Raw Blame History

package app
import (
"context"
"log"
"net/http"
"os"
"os/signal"
"syscall"
"time"
"github.com/breakpilot/ai-compliance-sdk/internal/academy"
"github.com/breakpilot/ai-compliance-sdk/internal/api/handlers"
"github.com/breakpilot/ai-compliance-sdk/internal/audit"
"github.com/breakpilot/ai-compliance-sdk/internal/config"
"github.com/breakpilot/ai-compliance-sdk/internal/iace"
"github.com/breakpilot/ai-compliance-sdk/internal/llm"
"github.com/breakpilot/ai-compliance-sdk/internal/maximizer"
"github.com/breakpilot/ai-compliance-sdk/internal/portfolio"
"github.com/breakpilot/ai-compliance-sdk/internal/rbac"
"github.com/breakpilot/ai-compliance-sdk/internal/roadmap"
"github.com/breakpilot/ai-compliance-sdk/internal/training"
"github.com/breakpilot/ai-compliance-sdk/internal/ucca"
"github.com/breakpilot/ai-compliance-sdk/internal/whistleblower"
"github.com/breakpilot/ai-compliance-sdk/internal/workshop"
"github.com/gin-contrib/cors"
"github.com/gin-gonic/gin"
"github.com/jackc/pgx/v5/pgxpool"
)
// Run initializes and starts the AI Compliance SDK server.
func Run() {
cfg, err := config.Load()
if err != nil {
log.Fatalf("Failed to load configuration: %v", err)
}
if cfg.IsProduction() {
gin.SetMode(gin.ReleaseMode)
}
ctx := context.Background()
pool, err := pgxpool.New(ctx, cfg.DatabaseURL)
if err != nil {
log.Fatalf("Failed to connect to database: %v", err)
}
defer pool.Close()
if err := pool.Ping(ctx); err != nil {
log.Fatalf("Failed to ping database: %v", err)
}
log.Println("Connected to database")
router := buildRouter(cfg, pool)
srv := &http.Server{
Addr: ":" + cfg.Port,
Handler: router,
ReadTimeout: 30 * time.Second,
WriteTimeout: 5 * time.Minute,
IdleTimeout: 60 * time.Second,
}
go func() {
log.Printf("AI Compliance SDK starting on port %s", cfg.Port)
log.Printf("Environment: %s", cfg.Environment)
log.Printf("Primary LLM Provider: %s", cfg.LLMProvider)
log.Printf("Fallback LLM Provider: %s", cfg.LLMFallbackProvider)
if err := srv.ListenAndServe(); err != nil && err != http.ErrServerClosed {
log.Fatalf("Server failed: %v", err)
}
}()
quit := make(chan os.Signal, 1)
signal.Notify(quit, syscall.SIGINT, syscall.SIGTERM)
<-quit
log.Println("Shutting down server...")
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
defer cancel()
if err := srv.Shutdown(ctx); err != nil {
log.Fatalf("Server forced to shutdown: %v", err)
}
log.Println("Server exited")
}
// buildRouter wires all stores, services, and handlers onto a new Gin engine.
func buildRouter(cfg *config.Config, pool *pgxpool.Pool) *gin.Engine {
// Stores
rbacStore := rbac.NewStore(pool)
auditStore := audit.NewStore(pool)
uccaStore := ucca.NewStore(pool)
escalationStore := ucca.NewEscalationStore(pool)
corpusVersionStore := ucca.NewCorpusVersionStore(pool)
roadmapStore := roadmap.NewStore(pool)
workshopStore := workshop.NewStore(pool)
portfolioStore := portfolio.NewStore(pool)
academyStore := academy.NewStore(pool)
whistleblowerStore := whistleblower.NewStore(pool)
iaceStore := iace.NewStore(pool)
trainingStore := training.NewStore(pool)
obligationsStore := ucca.NewObligationsStore(pool)
// Services
rbacService := rbac.NewService(rbacStore)
policyEngine := rbac.NewPolicyEngine(rbacService, rbacStore)
// LLM providers
providerRegistry := llm.NewProviderRegistry(cfg.LLMProvider, cfg.LLMFallbackProvider)
providerRegistry.Register(llm.NewOllamaAdapter(cfg.OllamaURL, cfg.OllamaDefaultModel))
if cfg.AnthropicAPIKey != "" {
providerRegistry.Register(llm.NewAnthropicAdapter(cfg.AnthropicAPIKey, cfg.AnthropicDefaultModel))
}
piiDetector := llm.NewPIIDetectorWithPatterns(llm.AllPIIPatterns())
ttsClient := training.NewTTSClient(cfg.TTSServiceURL)
contentGenerator := training.NewContentGenerator(providerRegistry, piiDetector, trainingStore, ttsClient)
accessGate := llm.NewAccessGate(policyEngine, piiDetector, providerRegistry)
trailBuilder := audit.NewTrailBuilder(auditStore)
exporter := audit.NewExporter(auditStore)
blockGenerator := training.NewBlockGenerator(trainingStore, contentGenerator)
// Handlers
rbacHandlers := handlers.NewRBACHandlers(rbacStore, rbacService, policyEngine)
llmHandlers := handlers.NewLLMHandlers(accessGate, providerRegistry, piiDetector, auditStore, trailBuilder)
auditHandlers := handlers.NewAuditHandlers(auditStore, exporter)
uccaHandlers := handlers.NewUCCAHandlers(uccaStore, escalationStore, providerRegistry)
escalationHandlers := handlers.NewEscalationHandlers(escalationStore, uccaStore)
roadmapHandlers := handlers.NewRoadmapHandlers(roadmapStore)
workshopHandlers := handlers.NewWorkshopHandlers(workshopStore)
portfolioHandlers := handlers.NewPortfolioHandlers(portfolioStore)
academyHandlers := handlers.NewAcademyHandlers(academyStore, trainingStore)
whistleblowerHandlers := handlers.NewWhistleblowerHandlers(whistleblowerStore)
iaceHandler := handlers.NewIACEHandler(iaceStore, providerRegistry)
trainingHandlers := handlers.NewTrainingHandlers(trainingStore, contentGenerator, blockGenerator, ttsClient)
ragHandlers := handlers.NewRAGHandlers(corpusVersionStore)
obligationsHandlers := handlers.NewObligationsHandlersWithStore(obligationsStore)
// Maximizer
maximizerStore := maximizer.NewStore(pool)
maximizerRules, err := maximizer.LoadConstraintRulesFromDefault()
if err != nil {
log.Printf("WARNING: Maximizer constraints not loaded: %v", err)
maximizerRules = &maximizer.ConstraintRuleSet{Version: "0.0.0"}
}
maximizerSvc := maximizer.NewService(maximizerStore, uccaStore, maximizerRules)
maximizerHandlers := handlers.NewMaximizerHandlers(maximizerSvc)
rbacMiddleware := rbac.NewMiddleware(rbacService, policyEngine)
// Router
router := gin.Default()
router.Use(cors.New(cors.Config{
AllowOrigins: cfg.AllowedOrigins,
AllowMethods: []string{"GET", "POST", "PUT", "DELETE", "OPTIONS"},
AllowHeaders: []string{"Origin", "Content-Type", "Authorization", "X-User-ID", "X-Tenant-ID", "X-Namespace-ID", "X-Tenant-Slug"},
ExposeHeaders: []string{"Content-Length", "Content-Disposition"},
AllowCredentials: true,
MaxAge: 12 * time.Hour,
}))
router.GET("/health", func(c *gin.Context) {
c.JSON(http.StatusOK, gin.H{
"status": "healthy",
"timestamp": time.Now().UTC().Format(time.RFC3339),
})
})
registerRoutes(router, rbacMiddleware,
rbacHandlers, llmHandlers, auditHandlers,
uccaHandlers, escalationHandlers, obligationsHandlers, ragHandlers,
roadmapHandlers, workshopHandlers, portfolioHandlers,
academyHandlers, trainingHandlers, whistleblowerHandlers, iaceHandler,
maximizerHandlers)
return router
}
Reference in New Issue View Git Blame Copy Permalink