8ec8af4c2d
Some checks failed
Build + Deploy / build-admin-compliance (push) Failing after 45s
Build + Deploy / build-backend-compliance (push) Successful in 13s
Build + Deploy / build-ai-sdk (push) Successful in 40s
Build + Deploy / build-developer-portal (push) Successful in 12s
Build + Deploy / build-tts (push) Successful in 11s
Build + Deploy / build-document-crawler (push) Successful in 14s
Build + Deploy / build-dsms-gateway (push) Successful in 12s
Build + Deploy / trigger-orca (push) Has been skipped
CI/CD / loc-budget (push) Successful in 21s
CI/CD / guardrail-integrity (push) Has been skipped
CI/CD / go-lint (push) Has been skipped
CI/CD / python-lint (push) Has been skipped
CI/CD / nodejs-lint (push) Has been skipped
CI/CD / test-go-ai-compliance (push) Successful in 48s
CI/CD / test-python-backend-compliance (push) Failing after 38s
CI/CD / test-python-document-crawler (push) Successful in 31s
CI/CD / test-python-dsms-gateway (push) Successful in 27s
CI/CD / sbom-scan (push) Has been skipped
CI/CD / validate-canonical-controls (push) Successful in 19s
There is only one remote (origin). Removed all occurrences of:
- git push gitea / git push origin main && git push gitea main
- "Pushing to gitea (external)" in deploy.sh
- # gitea: git@gitea.meghsakha.com:... remote comment in docs-src/index.md
- "Push auf gitea triggert" → "Push auf origin triggert" in docs
- Clone URL updated to ssh://git@coolify.meghsakha.com:22222/... in
README.md and CONTRIBUTING.md
Web UI URLs (gitea.meghsakha.com/...) are unchanged — those are still valid.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
5.0 KiB
5.0 KiB
BreakPilot Compliance - Dokumentation
Willkommen zur Dokumentation des BreakPilot Compliance-Stacks (Team B: DSGVO/Compliance).
Drei-Projekt-Architektur
| Projekt | Beschreibung | Docs |
|---|---|---|
| breakpilot-core | Shared Infrastructure (DB, Cache, Vault, Nginx) | Port 8009 |
| breakpilot-lehrer | Bildungs-Stack | Port 8010 |
| breakpilot-compliance (dieses Projekt) | DSGVO/Compliance-Stack | Port 8011 |
Compliance haengt ausschliesslich von Core ab (PostgreSQL, Valkey, Vault, Qdrant, MinIO, Embedding, RAG). Es gibt keine Laufzeitabhaengigkeit zu breakpilot-lehrer.
Services
| Service | Container | Port | Tech | Beschreibung |
|---|---|---|---|---|
| Admin Compliance | bp-compliance-admin | 3007 | Next.js | Compliance-Dashboard |
| Developer Portal | bp-compliance-developer-portal | 3006 | Next.js | API-Dokumentation fuer Kunden |
| Backend Compliance | bp-compliance-backend | 8002 | Python/FastAPI | Compliance API |
| AI Compliance SDK | bp-compliance-ai-sdk | 8090/8093 | Go/Gin | DSGVO-konforme KI-Nutzung |
| DSMS Node | bp-compliance-dsms-node | 4001/5001 | IPFS | Dezentrales Datenschutz-Management |
| DSMS Gateway | bp-compliance-dsms-gateway | 8082 | Node.js/Express | IPFS Gateway |
| Document Crawler | bp-compliance-document-crawler | 8098 | Python | Web-Crawler fuer Rechtstexte |
SDK-Module (Kundenbereich)
Module die Compliance-Kunden im SDK sehen und nutzen:
| Modul | Beschreibung | Frontend |
|---|---|---|
| TOM | Technisch-Organisatorische Massnahmen | /sdk/tom |
| DSFA | Datenschutz-Folgenabschaetzung | /sdk/dsfa |
| VVT | Verzeichnis von Verarbeitungstaetigkeiten | /sdk/vvt |
| Loeschfristen | Loeschfristen-Verwaltung | /sdk/loeschfristen |
| Requirements | Compliance-Anforderungen (CRUD + RAG) | /sdk/requirements |
| Controls | Technische/Organisatorische Kontrollen | /sdk/controls |
| Evidence | Compliance-Nachweise mit Gueltigkeit | /sdk/evidence |
| Risk Matrix | 5x5 Risikomatrix (Inherent/Residual) | /sdk/risks |
| AI Act Compliance | KI-Verordnung Konformitaet | /sdk/ai-act |
| Obligations v2 | 325 Pflichten aus 9 Regulierungen, TOM-Mapping, Gap-Analyse | /sdk/obligations |
| IACE | CE-Risikobeurteilung (Maschinenverordnung, AI Act, CRA) | /sdk/iace |
| Audit Checklist | Audit-Checkliste mit Sign-Off | /sdk/audit-checklist |
| Audit Report | Audit-Berichte mit PDF-Export | /sdk/audit-report |
| Consent Management | Einwilligungs-Verwaltung | /sdk/einwilligungen |
| DSR | Betroffenenrechte (Art. 15-21 DSGVO) | /sdk/dsr |
| E-Mail-Templates | Benachrichtigungs-Vorlagen (DSR, Incidents, Schulungen) | /sdk/email-templates |
| Academy | Datenschutz-Schulungen mit PDF-Zertifikaten | /sdk/academy |
| Training Engine | KI-generierte Schulungen, Quiz, Rollenmatrix, TTS-Video | /sdk/training |
| Whistleblower | Hinweisgebersystem (HinSchG) | /sdk/whistleblower |
| Incidents | Datenschutz-Vorfaelle (Art. 33/34 DSGVO) | /sdk/incidents |
| Vendors | Auftragsverarbeiter-Management | /sdk/vendor-compliance |
| Reporting | Compliance-Berichte fuer Top Management | /sdk/reporting |
| Import | Dokument-Import + Gap-Analyse | /sdk/import |
| Screening | SBOM + CVE-Scan via OSV.dev | /sdk/screening |
| RAG/Quellen | Semantische Suche in Regulierungstexten | /sdk/rag |
| Industry Templates | Branchenvorlagen (E-Commerce, Gesundheit, etc.) | /sdk/industry-templates |
| Document Crawler | Automatisches Crawling von Rechtstexten | /sdk/document-crawler |
| Advisory Board | KI-Compliance-Beirat | /sdk/advisory-board |
URLs
Production (Orca-deployed)
| URL | Service | Beschreibung |
|---|---|---|
| https://admin-dev.breakpilot.ai/ | Admin Compliance | Compliance-Dashboard |
| https://developers-dev.breakpilot.ai/ | Developer Portal | API-Dokumentation |
| https://api-dev.breakpilot.ai/ | Backend API | Compliance REST API |
| https://sdk-dev.breakpilot.ai/ | AI SDK API | SDK Backend-API |
Lokal (Mac Mini — nur Dev/Tests)
| URL | Service |
|---|---|
| https://macmini:3007/ | Admin Compliance |
| https://macmini:3006/ | Developer Portal |
| https://macmini:8002/ | Backend API |
| https://macmini:8093/ | AI SDK API |
Deployment
# Production (Orca — Standardweg):
git push origin main
# Orca baut und deployt automatisch.
# Lokal (Mac Mini — nur Dev/Tests):
docker compose -f breakpilot-compliance/docker-compose.yml up -d
Git
# Zwei Remotes - IMMER zu beiden pushen:
git push origin main
# Remotes:
# origin: http://macmini:3003/pilotadmin/breakpilot-compliance.git
Services-Dokumentation
- AI Compliance SDK
- Document Crawler
- SDK-Module: siehe Unterverzeichnisse