Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cd15ab093269b8932cb69e3fedfb8ace1d81fe27
breakpilot-compliance/backend-compliance/main.py
Benjamin Admin a228b3b528
All checks were successful
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Successful in 34s
Details
CI / test-python-backend-compliance (push) Successful in 32s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 18s
Details
feat: add RAG corpus versioning and source policy backend 
Part 1 — RAG Corpus Versioning:
- New DB table compliance_corpus_versions (migration 017)
- Go CorpusVersionStore with CRUD operations
- Assessment struct extended with corpus_version_id
- API endpoints: GET /rag/corpus-status, /rag/corpus-versions/:collection
- RAG routes (search, regulations) now registered in main.go
- Ingestion script registers corpus versions after each run
- Frontend staleness badge in SDK sidebar

Part 3 — Source Policy Backend:
- New FastAPI router with CRUD for allowed sources, PII rules,
  operations matrix, audit trail, stats, and compliance report
- SQLAlchemy models for all source policy tables (migration 001)
- Frontend API base corrected from edu-search:8088/8089 to
  backend-compliance:8002/api

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-02 07:58:08 +01:00

104 lines
2.8 KiB
Python
Raw Blame History

"""
BreakPilot Compliance Backend
Extracted compliance-specific APIs from the monorepo backend.
Provides: Compliance Framework, Consent Admin, DSR, GDPR Export.
Runs on port 8002 with DB search_path=compliance,core,public.
"""
import os
from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware
# Compliance-specific API routers
from consent_api import router as consent_router
from consent_admin_api import router as consent_admin_router
from gdpr_api import router as gdpr_router, admin_router as gdpr_admin_router
from dsr_api import router as dsr_router
from dsr_admin_api import router as dsr_admin_router, templates_router as dsr_templates_router
# Compliance framework sub-package
from compliance.api import router as compliance_framework_router
# Source Policy
from compliance.api.source_policy_router import router as source_policy_router
# Middleware
from middleware import (
RequestIDMiddleware,
SecurityHeadersMiddleware,
)
app = FastAPI(
title="BreakPilot Compliance Backend",
description="GDPR/DSGVO Compliance, Consent Management, Data Subject Requests, and Regulatory Compliance Framework",
version="1.0.0",
)
# --- CORS ---
ALLOWED_ORIGINS = os.getenv("CORS_ORIGINS", "*").split(",")
app.add_middleware(
CORSMiddleware,
allow_origins=ALLOWED_ORIGINS,
allow_credentials=True,
allow_methods=["*"],
allow_headers=["*"],
)
# --- Security & Tracing Middleware ---
app.add_middleware(RequestIDMiddleware)
app.add_middleware(SecurityHeadersMiddleware)
# --- Health Endpoint ---
@app.get("/health", tags=["system"])
async def health():
"""Health check endpoint for load balancers and orchestration."""
return {
"status": "healthy",
"service": "backend-compliance",
"version": "1.0.0",
}
# --- Compliance-specific Routers ---
# Consent (user-facing)
app.include_router(consent_router, prefix="/api")
# Consent Admin
app.include_router(consent_admin_router, prefix="/api")
# GDPR / Privacy (user-facing)
app.include_router(gdpr_router, prefix="/api")
# GDPR Admin
app.include_router(gdpr_admin_router, prefix="/api")
# DSR - Data Subject Requests (user-facing)
app.include_router(dsr_router, prefix="/api")
# DSR Admin
app.include_router(dsr_admin_router, prefix="/api")
# DSR Templates Admin
app.include_router(dsr_templates_router, prefix="/api")
# Compliance Framework (regulations, controls, evidence, risks, audits, ISMS)
app.include_router(compliance_framework_router, prefix="/api")
# Source Policy (allowed sources, PII rules, audit)
app.include_router(source_policy_router, prefix="/api")
if __name__ == "__main__":
import uvicorn
uvicorn.run(
"main:app",
host="0.0.0.0",
port=int(os.getenv("PORT", "8002")),
reload=os.getenv("ENVIRONMENT", "development") == "development",
)
Reference in New Issue View Git Blame Copy Permalink