agentops-cockpit 0.9.7__py3-none-any.whl → 0.9.8__py3-none-any.whl

agent_ops_cockpit/ops/evidence_bridge.py

@@ -1,3 +1,12 @@
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
+from tenacity import retry, wait_exponential, stop_after_attempt
 import json
 import os
 import urllib.request
@@ -7,13 +16,11 @@ from typing import Dict, Any, Optional, List
 import importlib.metadata
 from packaging import version
 from rich.console import Console
-
 console = Console()
-
-WATCHLIST_PATH = os.path.join(os.path.dirname(__file__), "watchlist.json")
+WATCHLIST_PATH = os.path.join(os.path.dirname(__file__), 'watchlist.json')
 
 def clean_version(v_str: str) -> str:
-    match = re.search(r'(\d+\.\d+(?:\.\d+)?(?:[a-zA-Z]+\d+)?)', v_str)
+    match = re.search('(\\d+\\.\\d+(?:\\.\\d+)?(?:[a-zA-Z]+\\d+)?)', v_str)
     if match:
         return match.group(1)
     return v_str.strip().lstrip('v')
@@ -25,23 +32,16 @@ def fetch_latest_from_atom(url: str) -> Optional[Dict[str, str]]:
             tree = ET.parse(response)
             root = tree.getroot()
             ns = {'ns': 'http://www.w3.org/2005/Atom'}
-            
             latest_entry = root.find('ns:entry', ns)
             if latest_entry is not None:
                 title = latest_entry.find('ns:title', ns).text
                 updated = latest_entry.find('ns:updated', ns).text
                 content_node = latest_entry.find('ns:content', ns)
-                summary = ""
+                summary = ''
                 if content_node is not None:
-                    summary = re.sub('<[^<]+?>', '', content_node.text or "")[:500] + "..."
-                
+                    summary = re.sub('<[^<]+?>', '', content_node.text or '')[:500] + '...'
                 raw_v = title.strip().split()[-1]
-                return {
-                    "version": clean_version(raw_v) if "==" not in raw_v else clean_version(raw_v.split("==")[-1]),
-                    "date": updated,
-                    "title": title,
-                    "summary": summary
-                }
+                return {'version': clean_version(raw_v) if '==' not in raw_v else clean_version(raw_v.split('==')[-1]), 'date': updated, 'title': title, 'summary': summary}
     except Exception:
         return None
     return None
@@ -50,83 +50,50 @@ def get_installed_version(package_name: str) -> str:
     try:
         return importlib.metadata.version(package_name)
     except importlib.metadata.PackageNotFoundError:
-        return "Not Installed"
+        return 'Not Installed'
 
 def get_package_evidence(package_name: str) -> Dict[str, Any]:
     if not os.path.exists(WATCHLIST_PATH):
-        return {"error": "Watchlist not found"}
-
+        return {'error': 'Watchlist not found'}
     with open(WATCHLIST_PATH, 'r') as f:
         watchlist = json.load(f)
-
-    # Flatten categories to find the package
     for cat_name, cat in watchlist.items():
-        if cat_name == "compatibility_rules":
+        if cat_name == 'compatibility_rules':
             continue
         for name, info in cat.items():
-            if info.get("package") == package_name or name == package_name:
-                latest = fetch_latest_from_atom(info["feed"])
+            if info.get('package') == package_name or name == package_name:
+                latest = fetch_latest_from_atom(info['feed'])
                 installed = get_installed_version(package_name)
-                min_v = info.get("min_version_for_optimizations", "0.0.0")
-                
+                min_v = info.get('min_version_for_optimizations', '0.0.0')
                 upgrade_required = False
-                if installed != "Not Installed":
+                if installed != 'Not Installed':
                     try:
                         if version.parse(installed) < version.parse(min_v):
                             upgrade_required = True
                     except Exception:
                         pass
-
-                return {
-                    "package": package_name,
-                    "installed_version": installed,
-                    "latest_version": latest["version"] if latest else "Unknown",
-                    "min_optimized_version": min_v,
-                    "upgrade_required": upgrade_required,
-                    "release_date": latest["date"] if latest else "Unknown",
-                    "source_url": info["feed"].replace(".atom", ""),
-                    "best_practice_context": latest["summary"] if latest else "Check release notes for performance/security enhancements."
-                }
-    return {"error": f"Package {package_name} not found in watchlist"}
+                return {'package': package_name, 'installed_version': installed, 'latest_version': latest['version'] if latest else 'Unknown', 'min_optimized_version': min_v, 'upgrade_required': upgrade_required, 'release_date': latest['date'] if latest else 'Unknown', 'source_url': info['feed'].replace('.atom', ''), 'best_practice_context': latest['summary'] if latest else 'Check release notes for performance/security enhancements.'}
+    return {'error': f'Package {package_name} not found in watchlist'}
 
 def get_compatibility_report(installed_packages: List[str]) -> List[Dict[str, Any]]:
     if not os.path.exists(WATCHLIST_PATH):
         return []
-
     with open(WATCHLIST_PATH, 'r') as f:
         watchlist = json.load(f)
-    
-    rules = watchlist.get("compatibility_rules", [])
+    rules = watchlist.get('compatibility_rules', [])
     reports = []
-    
-    # Normalize imports to find root package names
     roots = set()
     for pkg in installed_packages:
         roots.add(pkg.split('.')[0].replace('-', '_'))
-
     for rule in rules:
-        comp_root = rule["component"].replace('-', '_')
+        comp_root = rule['component'].replace('-', '_')
         if comp_root in roots:
-            # Check for incompatibilities
-            for forbidden in rule.get("incompatible_with", []):
+            for forbidden in rule.get('incompatible_with', []):
                 forbidden_root = forbidden.replace('-', '_')
                 if forbidden_root in roots:
-                    reports.append({
-                        "type": "INCOMPATIBLE",
-                        "component": rule["component"],
-                        "conflict_with": forbidden,
-                        "reason": rule["reason"]
-                    })
-            
-            # Check for synergies
-            for synergy in rule.get("works_well_with", []):
+                    reports.append({'type': 'INCOMPATIBLE', 'component': rule['component'], 'conflict_with': forbidden, 'reason': rule['reason']})
+            for synergy in rule.get('works_well_with', []):
                 synergy_root = synergy.replace('-', '_')
                 if synergy_root in roots:
-                    reports.append({
-                        "type": "SYNERGY",
-                        "component": rule["component"],
-                        "partner": synergy,
-                        "reason": f"Optimally paired with ecosystem partner {synergy}."
-                    })
-
-    return reports
+                    reports.append({'type': 'SYNERGY', 'component': rule['component'], 'partner': synergy, 'reason': f'Optimally paired with ecosystem partner {synergy}.'})
+    return reports

agent_ops_cockpit/ops/frameworks.py

@@ -359,6 +359,84 @@ GO_CHECKLIST = [
     }
 ]
 
+LLAMAINDEX_CHECKLIST = [
+    {
+        "category": "🏗️ LlamaIndex (Data Intelligence)",
+        "checks": [
+            ("RAG: Using Advanced Retrieval (Sub-Question, Recursive)?", "Critical for complex reasoning over unstructured data."),
+            ("Memory: Is a BaseChatEngine or specialized buffer used?", "Ensures conversational continuity with large retrieval contexts."),
+            ("Knowledge Graphs: Is Property Graph Index active?", "Next-gen standard for relational reasoning in agents.")
+        ]
+    }
+]
+
+VECTORDN_CHECKLIST = [
+    {
+        "category": "🧠 Vector Native Infrastructure",
+        "checks": [
+            ("Native Vector: Using Pinecone, Weaviate, or Qdrant?", "Enterprise standard for hybrid search and metadata filtering."),
+            ("Local Native: Using ChromaDB or LanceDB?", "Standard for local-first or edge-compute agents."),
+            ("Indexing: Are specialized Namespaces or Collections used?", "Ensures tenant isolation and multi-modal query efficiency.")
+        ]
+    }
+]
+
+OBSERVABILITY_CHECKLIST = [
+    {
+        "category": "🔬 AgentOps Observability & Evaluation",
+        "checks": [
+            ("Tracing: Using LangSmith, Arize Phoenix, or Langfuse?", "Deep trace analysis for debugging multi-hop agent failures."),
+            ("Evaluation: Are DeepEval or RAGAS active in CI/CD?", "Automated scoring for retrieval and alignment quality."),
+            ("Experiments: Is Weights & Biases (W&B) used for track tracking?", "Industry standard for prompt and hyperparameter optimization.")
+        ]
+    }
+]
+
+INFERENCE_CHECKLIST = [
+    {
+        "category": "⚡ Specialized Inference Engines",
+        "checks": [
+            ("Self-Hosting: Is vLLM used for high-throughput serving?", "Private cloud standard for concurrent agent execution."),
+            ("Edge / Local: Is Ollama used for local development?", "Prevents token leakage in early-stage reasoning cycles."),
+            ("Real-Time: Is Groq LPU used for low-latency voice/chat?", "Critical for maintaining agentic 'conversational flow'."),
+            ("Microsrvices: Are NVIDIA NIMs used for VPC-native deployment?", "Standard for containerized model microservices.")
+        ]
+    }
+]
+
+GUARDRAILS_CHECKLIST = [
+    {
+        "category": "🛡️ Advanced Guardrail Fences",
+        "checks": [
+            ("Topical Rails: Is NeMo Guardrails (NVIDIA) active?", "Standard for enforcing domain-specific conversation boundaries."),
+            ("Structured Safety: Is Guardrails AI used for JSON validation?", "Ensures structured outputs are both safe and schema-compliant."),
+            ("Gateway Defense: Is Lakera Guard active at the ingress?", "Hardened defense against prompt injection at the API level.")
+        ]
+    }
+]
+
+DSPY_CHECKLIST = [
+    {
+        "category": "🏗️ Programmatic Optimization (DSPy)",
+        "checks": [
+            ("Compilation: Are Optimizers (BootstrapFewShot/MIPRO) used?", "Industry standard for replacing manual prompt engineering with compiled logic."),
+            ("Signatures: Are declarative DSPy Signatures used for task definition?", "Ensures structured, repeatable reasoning modules."),
+            ("Assertions: Are DSPy Assertions/Suggestions active?", "Runtime self-correction for complex agentic logic.")
+        ]
+    }
+]
+
+SPRING_AI_CHECKLIST = [
+    {
+        "category": "🏗️ Spring AI (Java Enterprise)",
+        "checks": [
+            ("Orchestration: Using ChatClient or specialized Advisors?", "Spring-standard for enterprise agent integration."),
+            ("Vector Store: Is a Spring-compatible VectorStore (PgVector/Pinecone) active?", "Ensures type-safe data retrieval in Java stacks."),
+            ("Observability: Is Spring Boot Actuator/Micrometer integrated?", "Critical for enterprise-grade agent monitoring and tracing.")
+        ]
+    }
+]
+
 
 FRAMEWORKS = {
     "google": {
@@ -439,8 +517,42 @@ FRAMEWORKS = {
         "checklist": CREWAI_CHECKLIST,
         "indicators": [r"crewai", r"Agent\(", r"Task\(", r"Crew\("]
     },
+    "llamaindex": {
+        "name": "LlamaIndex / Data Agents",
+        "checklist": LLAMAINDEX_CHECKLIST,
+        "indicators": [r"llamaindex", r"llama-index", r"VectorStoreIndex", r"KnowledgeGraphIndex"]
+    },
+    "vectordb": {
+        "name": "Vector Native (Pinecone/Weaviate/Chroma)",
+        "checklist": VECTORDN_CHECKLIST,
+        "indicators": [r"pinecone", r"weaviate", r"qdrant", r"chromadb", r"lancedb", r"milvus"]
+    },
+    "observability": {
+        "name": "Observability (LangSmith/Phoenix)",
+        "checklist": OBSERVABILITY_CHECKLIST,
+        "indicators": [r"langsmith", r"arize", r"phoenix", r"langfuse", r"deepeval", r"ragas", r"wandb"]
+    },
+    "inference": {
+        "name": "Inference Engines (vLLM/Groq)",
+        "checklist": INFERENCE_CHECKLIST,
+        "indicators": [r"vllm", r"ollama", r"groq", r"nvidia-nim", r"tgi"]
+    },
+    "guardrails": {
+        "name": "Guardrail Fences (NeMo/Lakera)",
+        "checklist": GUARDRAILS_CHECKLIST,
+        "indicators": [r"nemoguardrails", r"guardrails-ai", r"lakera"]
+    },
+    "dspy": {
+        "name": "DSPy / Programmatic Optimization",
+        "checklist": DSPY_CHECKLIST,
+        "indicators": [r"dspy", r"BootstrapFewShot", r"MIPRO", r"Signature"]
+    },
+    "springai": {
+        "name": "Spring AI (Java)",
+        "checklist": SPRING_AI_CHECKLIST,
+        "indicators": [r"spring-ai", r"ChatClient", r"org\.springframework\.ai"]
+    },
     "generic": {
-
         "name": "Generic Agentic Stack",
         "checklist": GENERIC_CHECKLIST,
         "indicators": []
@@ -448,6 +560,17 @@ FRAMEWORKS = {
 }
 
 
+NIST_AI_RMF_CHECKLIST = [
+    {
+        "category": "⚖️ NIST AI RMF (Governance)",
+        "checks": [
+            ("Transparency: Is the agent's purpose and limitation documented?", "Ensures users know what the AI can/cannot do."),
+            ("Human-in-the-Loop: Are sensitive decisions manually reviewed?", "Mitigates high-risk autonomous failures."),
+            ("Traceability: Is every agent reasoning step logged?", "Required for forensic audit and accountability.")
+        ]
+    }
+]
+
 def detect_framework(path: str = ".") -> str:
     """ Detects the framework based on README or requirements.txt files. """
     content = ""

agent_ops_cockpit/ops/git_portal.py

@@ -0,0 +1,74 @@
+import os
+import git
+from typing import List
+from rich.console import Console
+
+console = Console()
+
+class GitPortal:
+    """
+    Phase 5: The 'Ambassador' - Autonomous Git & PR Portal.
+    Handles branch creation, committing fixes, and preparing for PR submission.
+    """
+    def __init__(self, repo_path: str = "."):
+        self.repo_path = repo_path
+        try:
+            self.repo = git.Repo(repo_path)
+        except Exception as e:
+            self.repo = None
+            console.print(f"[red]❌ Git initialization failed: {e}[/red]")
+
+    def create_fix_branch(self, branch_name: str):
+        """Creates and switches to a new branch for fixes."""
+        if not self.repo: return None
+        
+        current = self.repo.active_branch
+        console.print(f"🌿 [dim]Creating fix branch: {branch_name} (from {current.name})[/dim]")
+        
+        new_branch = self.repo.create_head(branch_name)
+        new_branch.checkout()
+        return new_branch
+
+    def commit_fixes(self, files: List[str], message: str):
+        """Stages and commits the remediated files."""
+        if not self.repo: return False
+        
+        self.repo.index.add(files)
+        self.repo.index.commit(message)
+        console.print(f"📦 [bold green]Committed fixes to {len(files)} files.[/bold green]")
+        return True
+
+    def push_fixes(self, branch_name: str):
+        """Pushes the branch to the remote."""
+        if not self.repo: return False
+        
+        try:
+            origin = self.repo.remote(name='origin')
+            console.print(f"🚀 [cyan]Pushing {branch_name} to origin...[/cyan]")
+            origin.push(branch_name)
+            return True
+        except Exception as e:
+            console.print(f"[yellow]⚠️  Push failed (Remote likely not configured): {e}[/yellow]")
+            return False
+
+    def get_pr_body(self, findings_count: int, score_improvement: int):
+        """Generates the body text for a GitHub PR."""
+        return f"""
+# 🕹️ AgentOps Cockpit: Autonomous Room Fixest
+**Status**: AUTO_REMEDIATION_COMPLETE
+**Maturity Score Improvement**: +{score_improvement}%
+
+## 🛠️ Summary of Remediations
+This PR was automatically generated by the AgentOps Cockpit (v1.1) to resolve **{findings_count} architectural gaps**.
+
+### 🧗 Resiliency Hardening
+- Injected `tenacity` retry decorators on volatile network calls.
+- Applied `timeout` guards to async tool executions to prevent Zombie processes.
+
+### 🛡️ Security Posture
+- Resolved hardcoded credential risks via AST detection.
+- Fixed behavioral PII leaks identified in runtime traces.
+
+---
+*Generated autonomously by the AgentOps Cockpit 'The Closer' Engine.*
+"""

agent_ops_cockpit/ops/mcp_hub.py

@@ -1,9 +1,15 @@
+from tenacity import retry, wait_exponential, stop_after_attempt
 from typing import List, Dict, Any
 import asyncio
 import os
+import logging
 from mcp import ClientSession, StdioServerParameters
 from mcp.client.stdio import stdio_client
 
+# v1.1 Compliance: Transit Logging (SOC2 CC6.1)
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger("mcp_hub")
+
 class MCPHub:
     """
     Model Context Protocol (MCP) Hub.
@@ -13,67 +19,38 @@ class MCPHub:
 
     def __init__(self):
         self.servers: Dict[str, StdioServerParameters] = {}
-        self.registry = {
-            "search": {"type": "mcp", "provider": "google-search", "server": "google-search-mcp"},
-            "db": {"type": "mcp", "provider": "alloydb", "server": "postgres-mcp"},
-            "legacy_crm": {"type": "rest", "provider": "internal", "status": "deprecated"}
-        }
+        self.registry = {'search': {'type': 'mcp', 'provider': 'google-search', 'server': 'google-search-mcp'}, 'db': {'type': 'mcp', 'provider': 'alloydb', 'server': 'postgres-mcp'}, 'legacy_crm': {'type': 'rest', 'provider': 'internal', 'status': 'deprecated'}}
 
-    def register_server(self, name: str, command: str, args: List[str] = None):
+    def register_server(self, name: str, command: str, args: List[str]=None):
         """Registers a local MCP server."""
-        self.servers[name] = StdioServerParameters(
-            command=command,
-            args=args or [],
-            env=os.environ.copy()
-        )
+        self.servers[name] = StdioServerParameters(command=command, args=args or [], env=os.environ.copy())
 
     async def execute_tool(self, tool_name: str, arguments: Dict[str, Any]):
         """
         Executes a tool call using the Model Context Protocol.
         """
+        logger.info(f"TRANSIT_LOG: Executing tool '{tool_name}' with {len(arguments)} args.")
         if tool_name not in self.registry:
-            raise ValueError(f"Tool {tool_name} not found in MCP registry.")
-
+            raise ValueError(f'Tool {tool_name} not found in MCP registry.')
         config = self.registry[tool_name]
-        
-        # If it's a legacy tool, handle it separately
-        if config["type"] == "rest":
-            print(f"⚠️  Executing legacy REST tool: {tool_name}")
+        if config['type'] == 'rest':
+            print(f'⚠️  Executing legacy REST tool: {tool_name}')
             return await self._mock_legacy_exec(tool_name, arguments)
-
-        server_name = config.get("server")
+        server_name = config.get('server')
         if not server_name or server_name not in self.servers:
-            # Fallback to mock for demo/unconfigured environments
             print(f"ℹ️  MCP Server '{server_name}' not configured. Running in simulated mode.")
             return await self._mock_mcp_exec(tool_name, arguments)
-
-        # Real MCP Protocol Execution
         async with stdio_client(self.servers[server_name]) as (read, write):
             async with ClientSession(read, write) as session:
                 await session.initialize()
-                result = await session.call_tool(tool_name, arguments)
-                return {
-                    "result": result.content,
-                    "protocol": "mcp-v1",
-                    "server": server_name
-                }
+                result = await session.call_tool(tool_name, arguments, timeout=10)
+                return {'result': result.content, 'protocol': 'mcp-v1', 'server': server_name}
 
     async def _mock_mcp_exec(self, tool_name: str, args: Dict[str, Any]):
         await asyncio.sleep(0.2)
-        return {
-            "result": f"Simulated MCP response for {tool_name}",
-            "protocol": "mcp-virtual",
-            "assurance": 0.95
-        }
+        return {'result': f'Simulated MCP response for {tool_name}', 'protocol': 'mcp-virtual', 'assurance': 0.95}
 
     async def _mock_legacy_exec(self, tool_name: str, args: Dict[str, Any]):
         await asyncio.sleep(0.5)
-        return {
-            "result": f"Legacy response for {tool_name}",
-            "protocol": "rest-legacy",
-            "warning": "MIGRATE_TO_MCP"
-        }
-
-global_mcp_hub = MCPHub()
-# Example registration (commented out as it requires local binaries)
-# global_mcp_hub.register_server("google-search-mcp", "npx", ["-y", "@modelcontextprotocol/server-google-search"])
+        return {'result': f'Legacy response for {tool_name}', 'protocol': 'rest-legacy', 'warning': 'MIGRATE_TO_MCP'}
+global_mcp_hub = MCPHub()