Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8bb90d73e5e83145ff552f7d256a39711dd6735c
breakpilot-compliance/ai-compliance-sdk
T
History
Benjamin Admin 8bb90d73e5
Build + Deploy / build-backend-compliance (push) Successful in 3m34s
Details
Build + Deploy / build-ai-sdk (push) Successful in 1m6s
Details
Build + Deploy / build-developer-portal (push) Successful in 1m7s
Details
Build + Deploy / build-tts (push) Successful in 1m58s
Details
Build + Deploy / build-document-crawler (push) Successful in 57s
Details
Build + Deploy / build-dsms-gateway (push) Successful in 34s
Details
Build + Deploy / build-admin-compliance (push) Successful in 2m7s
Details
Build + Deploy / build-dsms-node (push) Successful in 29s
Details
CI / branch-name (push) Has been skipped
Details
CI / guardrail-integrity (push) Has been skipped
Details
CI / loc-budget (push) Failing after 17s
Details
CI / secret-scan (push) Has been skipped
Details
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / nodejs-build (push) Successful in 2m28s
Details
CI / dep-audit (push) Has been skipped
Details
CI / sbom-scan (push) Has been skipped
Details
CI / test-go (push) Successful in 42s
Details
CI / test-python-backend (push) Successful in 37s
Details
CI / test-python-document-crawler (push) Successful in 27s
Details
CI / test-python-dsms-gateway (push) Successful in 22s
Details
CI / validate-canonical-controls (push) Successful in 15s
Details
Build + Deploy / trigger-orca (push) Successful in 3m10s
Details
feat(iace): benchmark system + erklaerteil + dedup-fix 
- Erklaerteil-Template fuer Risikobeurteilungen (risk_assessment_template.go)
  in PDF-Export, Markdown-Export und Frontend ReportPrintView eingebaut
- Ground Truth Benchmark-System: Datenmodell, Fuzzy-Matching-Engine,
  3 API Endpoints (import-gt, benchmark, benchmark/summary)
- Frontend Benchmark-Tab mit Score-Cards, Kategorie-Breakdown,
  Hazard-Vergleichstabelle (Zugeordnet/Fehlend/Extra), Business Impact
- Erster Benchmark: 13.3% Coverage (Baseline) gegen 60 GT-Eintraege
- Dedup-Fix: seenCat[cat] -> seenCatZone[cat+zone] erlaubt mehrere
  Gefaehrdungen pro Kategorie an verschiedenen Gefahrenstellen
- Komponenten-spezifische Hazard-Namen und Zone-basierte Zuordnung

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-13 01:02:33 +02:00
..
cmd/server
refactor(go): split roadmap_handlers, academy/store, extract cmd/server/main to internal/app
2026-04-19 09:51:11 +02:00
data/ce-libraries
docs
chore: remove all gitea remote references; single origin push only
2026-04-19 16:16:12 +02:00
internal
feat(iace): benchmark system + erklaerteil + dedup-fix
2026-05-13 01:02:33 +02:00
migrations
feat(use-case-compiler): MC-based compliance questionnaires with scoring
2026-05-12 13:49:16 +02:00
payment-compliance-pack
policies
feat: Regulatory News Dashboard — proaktive Compliance-Alerts
2026-04-25 17:43:19 +02:00
.golangci.yml
phase 5: flip loc-budget to whole-repo blocking gate [guardrail-change]
2026-04-19 14:29:43 +02:00
Dockerfile
go.mod
feat(iace): VDA-Format FMEA Excel Export
2026-05-12 09:45:18 +02:00
go.sum
feat(iace): VDA-Format FMEA Excel Export
2026-05-12 09:45:18 +02:00
README.md
docs: update service READMEs for refactor progress and stale phase references
2026-04-19 16:07:23 +02:00

README.md

ai-compliance-sdk

Go/Gin service providing AI-Act compliance analysis: iACE impact assessments, UCCA rules engine, hazard library, training/academy, audit, escalation, portfolio, RBAC, RAG, whistleblower, workshop.

Port: 8090 → exposed 8093 (container: bp-compliance-ai-sdk) Stack: Go 1.24, Gin, pgx, Postgres.

Architecture

Clean-arch refactor is complete:

cmd/server/main.go              # Thin entrypoint, 7 LOC — wiring in internal/app/
internal/
├── app/
│   ├── app.go                  # Server initialization + lifecycle
│   └── routes.go               # Route registration
├── api/handlers/               # 8 sub-resource handler files:
│   │                           #   iace_handler_projects, hazards, mitigations,
│   │                           #   techfile, monitoring, refdata, rag, components
├── iace/                       # Store split into 7 files:
│   │                           #   store_projects, components, hazards,
│   │                           #   hazard_library, mitigations, evidence, audit
│   └── hazard_library/         # Split into 10 category files
└── ...

See ../AGENTS.go.md for the full convention.

Linting (Phase 5): .golangci.yml added — run golangci-lint run --timeout 5m ./....

Run locally

cd ai-compliance-sdk
go mod download
export COMPLIANCE_DATABASE_URL=...
go run ./cmd/server

Tests

go test -race -cover ./...
golangci-lint run --timeout 5m ./...

Co-located *_test.go, table-driven. Repo layer uses testcontainers-go (or the compose Postgres) — no SQL mocks.

Public API surface

Handlers under internal/api/handlers/ (8 sub-resource files). Health at GET /health. iACE, UCCA, training, academy, portfolio, escalation, audit, rag, whistleblower, workshop subresources. Every route is a contract.

Environment

Var Purpose
COMPLIANCE_DATABASE_URL Postgres DSN
LLM_GATEWAY_URL LLM router for rag/iACE
QDRANT_URL Vector search

Don't touch

DB schema. Hand-rolled migrations elsewhere own it.

Reference in New Issue View Git Blame Copy Permalink