Benjamin_Boenisch/breakpilot-core
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(pipeline): G2 Compliance Commit Ledger — code↔control audit trail

Browse Source 
New table: compliance_commits (commit hash, affected controls, risk level)
New API:
  POST /v1/compliance-commits (SDK registers commit + impact)
  GET /v1/compliance-commits (list with filters)
  GET /v1/compliance-commits/by-control/{id} (all commits for a control)
  GET /v1/compliance-commits/stats (dashboard)
  GET /v1/compliance-commits/{id} (detail)

GIN index on affected_control_ids for fast @> containment queries.
454 tests pass, 0 regressions.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-05-06 19:17:45 +02:00
parent 66a70ab31c
commit e82f99b8cb
3 changed files with 295 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
control-pipeline/migrations/007_compliance_commits.sql
+38
View File
@@ -0,0 +1,38 @@
-- Migration 007: Compliance Commit Ledger (G2)
-- Schema: compliance
-- Run: ssh macmini "docker exec -i bp-core-postgres psql -U breakpilot -d breakpilot_db" < control-pipeline/migrations/007_compliance_commits.sql
SET search_path TO compliance, public;
CREATE TABLE IF NOT EXISTS compliance_commits (
id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
tenant_id UUID NOT NULL,
project_id UUID,
-- Git Info
commit_hash VARCHAR(64) NOT NULL,
commit_message TEXT,
commit_author VARCHAR(200),
commit_date TIMESTAMPTZ,
branch VARCHAR(200),
repo_url TEXT,
-- Affected Controls
affected_control_ids JSONB NOT NULL DEFAULT '[]',
affected_files JSONB DEFAULT '[]',
-- Analysis
risk_level VARCHAR(20) DEFAULT 'low'
CHECK (risk_level IN ('low', 'medium', 'high', 'critical')),
analysis_summary TEXT,
analysis_metadata JSONB DEFAULT '{}',
created_at TIMESTAMPTZ DEFAULT NOW()
);
CREATE INDEX IF NOT EXISTS idx_cc_tenant ON compliance_commits(tenant_id);
CREATE INDEX IF NOT EXISTS idx_cc_hash ON compliance_commits(commit_hash);
CREATE INDEX IF NOT EXISTS idx_cc_date ON compliance_commits(commit_date);
CREATE INDEX IF NOT EXISTS idx_cc_risk ON compliance_commits(risk_level);
-- GIN index for JSONB array containment queries (@>)
CREATE INDEX IF NOT EXISTS idx_cc_control_ids ON compliance_commits USING GIN (affected_control_ids);