devops-sentinel 0.1.0__py3-none-any.whl

devops_sentinel-0.1.0.dist-info/METADATA

@@ -0,0 +1,185 @@
+Metadata-Version: 2.4
+Name: devops-sentinel
+Version: 0.1.0
+Summary: Autonomous SRE agents that watch your services, detect anomalies, and generate blameless postmortems
+Author-email: "jagadeep.mamidi" <jagadeep.mamidi@gmail.com>
+License-Expression: MIT
+Project-URL: Homepage, https://github.com/devops-sentinel/devops-sentinel
+Project-URL: Documentation, https://devops-sentinel.dev/docs
+Project-URL: Repository, https://github.com/devops-sentinel/devops-sentinel
+Project-URL: Issues, https://github.com/devops-sentinel/devops-sentinel/issues
+Keywords: devops,sre,monitoring,incident-management,ai,postmortem
+Classifier: Development Status :: 4 - Beta
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: Intended Audience :: System Administrators
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: System :: Monitoring
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+Requires-Dist: click>=8.0
+Requires-Dist: rich>=13.0
+Requires-Dist: httpx>=0.25
+Requires-Dist: aiohttp>=3.9
+Requires-Dist: python-dotenv>=1.0
+Requires-Dist: supabase>=2.0
+Provides-Extra: dev
+Requires-Dist: pytest>=7.0; extra == "dev"
+Requires-Dist: pytest-asyncio>=0.21; extra == "dev"
+Requires-Dist: pytest-cov>=4.0; extra == "dev"
+Provides-Extra: ai
+Requires-Dist: openai>=1.0; extra == "ai"
+Requires-Dist: anthropic>=0.18; extra == "ai"
+Provides-Extra: all
+Requires-Dist: devops-sentinel[ai,dev]; extra == "all"
+
+# DevOps Sentinel
+
+**Autonomous SRE Agent System** - Reduce Mean Time to Detection (MTTD) from minutes to under 10 seconds.
+
+## Features
+
+- **Continuous Monitoring** - Health checks at configurable intervals
+- **Multi-Agent Analysis** - CrewAI-powered investigation and root cause analysis
+- **AI Postmortems** - Automated incident documentation
+- **Real-time Dashboard** - WebSocket-powered live updates
+- **CLI Interface** - Similar to Gemini CLI
+- **Pre-Deploy Linting** - Code quality checks before production
+- **Privacy-First** - No telemetry, transparent data handling
+
+## Architecture
+
+```
+┌─────────────────────────────────────────────────────────────┐
+│                      DevOps Sentinel                         │
+├─────────────────────────────────────────────────────────────┤
+│  CLI (Typer)  │  API (FastAPI)  │  Dashboard (WebSocket)    │
+├─────────────────────────────────────────────────────────────┤
+│                   Monitoring Orchestrator                    │
+├─────────────────────────────────────────────────────────────┤
+│  Watcher Agent  │  Triage Agent  │  Investigator  │  Strategist  │
+├─────────────────────────────────────────────────────────────┤
+│  Health Check  │  Slack Alert  │  Log Analysis  │  DB Health  │
+├─────────────────────────────────────────────────────────────┤
+│  Supabase (Persistence)  │  OpenRouter (LLM)  │  Slack       │
+└─────────────────────────────────────────────────────────────┘
+```
+
+## Installation
+
+```bash
+# Clone the repository
+git clone https://github.com/yourusername/devops-sentinel.git
+cd devops-sentinel
+
+# Create virtual environment
+python -m venv venv
+source venv/bin/activate  # Windows: venv\Scripts\activate
+
+# Install dependencies
+pip install -e .
+```
+
+## Quick Start
+
+```bash
+# Initialize configuration
+sentinel init
+
+# Monitor a service
+sentinel monitor https://api.example.com/health
+
+# Start dashboard
+sentinel serve
+```
+
+## CLI Commands
+
+| Command | Description |
+|---------|-------------|
+| `sentinel init` | Interactive configuration setup |
+| `sentinel monitor <url>` | Monitor a service URL |
+| `sentinel status` | Show monitored services |
+| `sentinel incidents` | List recent incidents |
+| `sentinel postmortem <id>` | View incident postmortem |
+| `sentinel serve` | Start dashboard server |
+| `sentinel lint <path>` | Run pre-deploy checks |
+
+## Configuration
+
+Create a `.env` file or run `sentinel init`:
+
+```env
+OPENROUTER_API_KEY=your_key_here
+DEFAULT_MODEL=google/gemini-pro
+SUPABASE_URL=https://your-project.supabase.co
+SUPABASE_KEY=your_anon_key
+SLACK_WEBHOOK_URL=https://hooks.slack.com/...
+```
+
+## Docker Deployment
+
+```bash
+# Build and run
+docker-compose up -d
+
+# View logs
+docker-compose logs -f sentinel
+```
+
+## How It Works
+
+1. **Watcher Agent** continuously monitors service health endpoints
+2. On failure, **First Responder** sends a Slack alert
+3. **Investigator** analyzes logs, deployments, and database status
+4. **Strategist** creates a prioritized action plan
+5. AI generates a structured postmortem saved to Supabase
+
+## Privacy
+
+- All data stays local or in YOUR Supabase instance
+- No telemetry or external data collection
+- Use `--privacy` flag to see exactly what data is processed
+- OpenRouter calls only contain health check context (no PII)
+
+## Supabase Schema
+
+```sql
+-- Run these in your Supabase SQL editor
+CREATE TABLE services (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    name TEXT NOT NULL,
+    url TEXT NOT NULL,
+    check_interval INTEGER DEFAULT 10,
+    is_active BOOLEAN DEFAULT true,
+    created_at TIMESTAMPTZ DEFAULT now()
+);
+
+CREATE TABLE incidents (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    service_id UUID REFERENCES services(id),
+    status TEXT DEFAULT 'detecting',
+    detected_at TIMESTAMPTZ DEFAULT now(),
+    resolved_at TIMESTAMPTZ,
+    mttd_seconds FLOAT,
+    postmortem TEXT
+);
+
+CREATE TABLE health_checks (
+    id UUID PRIMARY KEY DEFAULT gen_random_uuid(),
+    service_id UUID REFERENCES services(id),
+    status_code INTEGER,
+    response_time_ms FLOAT,
+    is_healthy BOOLEAN,
+    checked_at TIMESTAMPTZ DEFAULT now()
+);
+```
+
+## License
+
+MIT License

devops_sentinel-0.1.0.dist-info/RECORD

@@ -0,0 +1,51 @@
+src/__init__.py,sha256=W0c771AYtfl_5vqTT3uRL0xQ50elYkhvSoSjxtFCuVw,72
+src/api/gdpr_endpoints.py,sha256=We-73ij9hjY-JfcVhD7cF-AGCSTOMrgdGmoAgi3KMts,14865
+src/api/quick_health_check.py,sha256=I-YVcdj3ahLEq5fzXBcf_OzXpDqA6WZPQ2N2dQaIKwI,10537
+src/api/waitlist.py,sha256=bJUKWirEDextGpRVKRNKh0V9xDy70kudzMvspBBk07E,4617
+src/auth/auth_helper.py,sha256=xW7pzhAtzFyMy8yH6pxdpKB-A3nbgt8YFYE4EXF1AjU,5639
+src/auth/auth_service.py,sha256=4tyuqIdsXI1ZcmP9LjQhxflYJoqK9V7gSe0mFU-a_GQ,12982
+src/cli/__init__.py,sha256=oiyes-3XQOlOKJdpn2pHkB-kY6334dXwb6dF6zZPk4I,81
+src/cli/auth.py,sha256=4EyVCfOgZ2brpfvHjKopIl3lTuFtGjeKRh1mytU-DoE,14290
+src/cli/db.py,sha256=2F9fjzPkyz8Akw7bmua2dTdTvz8FzxwS0dA1fJEhyTE,6927
+src/cli/main.py,sha256=QqDY0SmotG6oZ9Y5SkcpB0K7SBbMKhCAHxPiU0Jycdk,17256
+src/cli/projects.py,sha256=252slmb-7dQdKRU1aa1W4A-mD14wNsDqaKfDJlEplSw,3554
+src/cli/services.py,sha256=KMakjc9c0mXC92FUArJ0GoQZ2KZRHIfXo1jwfPr6l1Y,5989
+src/core/__init__.py,sha256=W19C3wGZXJgMNjkOLfQ0WFMpB8j8JQTDJBQKfeGEThY,881
+src/core/alert_explainer.py,sha256=pAafpo_t9-jBsdKu_PygvRboa67OwLGKkrSFbm8V0Ho,14461
+src/core/alert_router.py,sha256=MPqWkylytWQE-U_SV9w-q6pqe9GdYBB7GrzFyKDOPJw,10047
+src/core/anomaly_detector.py,sha256=JRAlyh3jOGfwnc5xc_WfMxLYrudEAQwJ5eOF9NWNYtY,12587
+src/core/auto_runbook_executor.py,sha256=IDVRfwpm0CuKOkw-f7gZq749kCB4srgAYaeIGl9nxj0,16974
+src/core/baseline_monitor.py,sha256=COKICWaQFAobt2bZq0XUGNX8gcZHdppTzapoqqVZ-2s,10289
+src/core/byok_tier.py,sha256=CMo8cyDIL_QItAYvevDnbWjH3GcT7ZZxTFVoDEfe4pI,5323
+src/core/classifier.py,sha256=ajiNFMVmiz6lstZoptkgVjy1iyverWvpH8w5IVR-CzY,9851
+src/core/cost_tracker.py,sha256=U4J5xu0gEmp2gfzpWD2-YYVvyrG0Hr7Fph2_4LC04lw,10481
+src/core/dependency_analyzer.py,sha256=K4Psb8eOtfHTGtYNsvhmy3bKppyvoHdgoGWIr2iTf5A,13810
+src/core/deployment_correlator.py,sha256=E24C1U4b0THtmHSvI_ct7QxmUXD-ovjG930xx_8F0QI,13608
+src/core/incident_memory.py,sha256=s1IbaRsfU8tROBdwmYDR5yQ3NmKuvAf9OCv1RYBuLdI,15083
+src/core/on_call_manager.py,sha256=MH7X2hWqTE9ht1XsvHXvqFd0PWH4qL3UbHVKEvLT8Tc,13035
+src/core/postmortem_generator.py,sha256=HVE9r5hzM8bXAxp6KKvnKJ-esxBEYSRKzVYPXc7yosM,11687
+src/core/rate_limiter.py,sha256=EPIyHTzyEaZhq8k1bMgO8-nqAzIoU8nwJbxCd4gjaco,10911
+src/core/runbook_matcher.py,sha256=0HVoQwQr-NQRVGSxbS7estddi-yX4bgsELGIFA1_t3Q,13745
+src/core/service_map_generator.py,sha256=WtPW3Nooes6Fz-0X6saOrFTrQaKVbSzNwGe_Ru7uzOw,13468
+src/core/team_assignment_system.py,sha256=GFChh-LlbL3Xnj7mtAznF9SKpWk8uxWXu6EsfXNvVb8,12395
+src/integrations/email_notification_system.py,sha256=KEkMiXtQyp4w2OFfM5RnA7YevBvkO4J2fFGxJaI8FNw,15886
+src/integrations/github_oauth.py,sha256=pdIax8Woe5DaC4R-poLeBlqO9nJgUbp_vLwrVa-8ZOY,6170
+src/integrations/integrations_hub.py,sha256=0ZpSvyygXTLe5RednCLSekWCUNO9A_r_5K7y8Kqvhho,5494
+src/integrations/pagerduty_integration.py,sha256=HdTlb0_pSZC0GIkJYod3zlmji33ah7r_i30A0FGiuVo,11330
+src/integrations/pagerduty_oauth.py,sha256=IJMOrlLKqkfKZQsPoS0JU1N3WbXRSYxebqDcEcZ-rn0,5771
+src/integrations/slack.py,sha256=yROA7jeOVkaLmqThxOyLHAcWKuK4h_OkpEhD-xD9saY,14971
+src/integrations/slack_integration.py,sha256=VROKKme2ExfwIywTzjvB4ygPFC6tTA4UALQp-kD9FTE,14849
+src/integrations/slack_oauth.py,sha256=rd6a7Qhsy7zfidfKPRRQW3iSBBrRITYt_QM-A4vSbNs,10323
+src/ml/__init__.py,sha256=pmCpA54JMvJ066yiASK4IQghnGC8Gmr9uA_ZVzsUwbU,210
+src/ml/anomaly_detector.py,sha256=aMOGeuQ_urSbPBGZUOD7qPQ2QRvPc9_khXi4JEZ7mdU,11188
+src/notifications/email_templates.py,sha256=kzzmJjYMMZa7PWI8bgjsWW0MSMEodOsYIO27YAUaThc,17768
+src/setup/ai_setup.py,sha256=sRgfIPERgiKoib14H9fiTEizYXYzTesfh7UzCDtt1kY,7076
+src/setup/supabase_setup.py,sha256=M6FoCeURb5mMC2QZFY0NbF1HizJ49BpVmvVId0sZEB4,10318
+src/tools/chaos_engineering_tools.py,sha256=g9ks7lcUdhZHyGmh89HgZM8uRo5pDwPjWu8H2eS8jj4,15813
+src/tools/custom_health_check_tool.py,sha256=0HDy_9aSWgBSdeV_jcZQHLyZq_EjZD6lkOPvcLXSKkk,10432
+src/tools/ssl_certificate_monitor.py,sha256=LfviML9PlOiv1jEUaxl_kgZjlxjLurQhXZw3wsaoDrs,7459
+devops_sentinel-0.1.0.dist-info/METADATA,sha256=3ihOR4u0w1Zed3iXg2iJVxiFnjt-Z1AJRKj6nvnSd6g,6941
+devops_sentinel-0.1.0.dist-info/WHEEL,sha256=wUyA8OaulRlbfwMtmQsvNngGrxQHAvkKcvRmdizlJi0,92
+devops_sentinel-0.1.0.dist-info/entry_points.txt,sha256=IzfXwip0Zs1348aDQR3r1d1uKWVT9a6CeC1wTgbPmjI,46
+devops_sentinel-0.1.0.dist-info/top_level.txt,sha256=74rtVfumQlgAPzR5_2CgYN24MB0XARCg0t-gzk6gTrM,4
+devops_sentinel-0.1.0.dist-info/RECORD,,

devops_sentinel-0.1.0.dist-info/WHEEL

@@ -0,0 +1,5 @@
+Wheel-Version: 1.0
+Generator: setuptools (80.10.2)
+Root-Is-Purelib: true
+Tag: py3-none-any
+

devops_sentinel-0.1.0.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+sentinel = src.cli.main:cli

devops_sentinel-0.1.0.dist-info/top_level.txt

@@ -0,0 +1 @@
+src

src/__init__.py

@@ -0,0 +1,3 @@
+"""DevOps Sentinel - Autonomous SRE Agents"""
+
+__version__ = "0.1.0"

src/api/gdpr_endpoints.py

@@ -0,0 +1,404 @@
+"""
+GDPR Compliance Endpoints - Data Export and Deletion
+=====================================================
+
+User rights: Access, Export, Delete all personal data
+"""
+
+from datetime import datetime
+from typing import Dict, Optional
+from fastapi import APIRouter, HTTPException, Depends
+from fastapi.responses import JSONResponse
+import json
+
+
+router = APIRouter(prefix="/api/user", tags=["user"])
+
+
+class GDPRHandler:
+    """
+    Handle GDPR compliance requests
+    
+    Implements:
+    - Article 15: Right of access
+    - Article 17: Right to erasure
+    - Article 20: Right to data portability
+    """
+    
+    def __init__(self, supabase_client):
+        self.supabase = supabase_client
+    
+    async def export_all_data(self, user_id: str) -> Dict:
+        """
+        GDPR Article 20 - Export ALL user data
+        
+        Returns complete data package in JSON format
+        """
+        export_data = {
+            'export_metadata': {
+                'user_id': user_id,
+                'export_timestamp': datetime.utcnow().isoformat(),
+                'format_version': '1.0',
+                'data_retention_policy': '2 years for incidents, 90 days for logs'
+            },
+            
+            # Core account data
+            'account': await self._get_account_data(user_id),
+            
+            # Services and monitoring
+            'services': await self._get_services(user_id),
+            'health_checks': await self._get_health_checks(user_id),
+            
+            # Incidents and postmortems
+            'incidents': await self._get_incidents(user_id),
+            'postmortems': await self._get_postmortems(user_id),
+            
+            # Runbooks and automation
+            'runbooks': await self._get_runbooks(user_id),
+            'runbook_executions': await self._get_runbook_executions(user_id),
+            
+            # Team and collaboration
+            'team_members': await self._get_team_members(user_id),
+            'on_call_schedules': await self._get_on_call_schedules(user_id),
+            
+            # AI and embeddings (CRITICAL for GDPR)
+            'embeddings': await self._get_embeddings(user_id),
+            'ai_usage_logs': await self._get_ai_usage(user_id),
+            
+            # Notifications and audit
+            'notification_history': await self._get_notifications(user_id),
+            'audit_logs': await self._get_audit_logs(user_id),
+            
+            # Chaos experiments
+            'chaos_experiments': await self._get_chaos_experiments(user_id),
+            
+            # Third party data sharing disclosure
+            'third_party_processors': [
+                {
+                    'name': 'Supabase',
+                    'purpose': 'Database hosting and authentication',
+                    'location': 'United States (AWS us-east-1)',
+                    'data_shared': 'All account data, services, incidents',
+                    'data_retention': 'Until account deletion'
+                },
+                {
+                    'name': 'OpenRouter/Google AI',
+                    'purpose': 'AI analysis and postmortem generation',
+                    'location': 'United States',
+                    'data_shared': 'Incident descriptions, error messages (temporary)',
+                    'data_retention': 'Not stored after processing'
+                },
+                {
+                    'name': 'Stripe',
+                    'purpose': 'Payment processing',
+                    'location': 'United States',
+                    'data_shared': 'Email, payment method',
+                    'data_retention': 'Per Stripe policies'
+                }
+            ]
+        }
+        
+        return export_data
+    
+    async def delete_all_data(
+        self,
+        user_id: str,
+        confirmation: str
+    ) -> Dict:
+        """
+        GDPR Article 17 - Right to be forgotten
+        
+        Permanently deletes ALL user data
+        """
+        # Require explicit confirmation
+        if confirmation != "DELETE_MY_DATA":
+            raise ValueError(
+                "Must confirm deletion by providing confirmation='DELETE_MY_DATA'"
+            )
+        
+        deleted_counts = {}
+        
+        # Order matters! Delete dependent records first
+        
+        # 1. Delete AI usage logs
+        result = await self.supabase.table('ai_usage').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['ai_usage'] = len(result.data) if result.data else 0
+        
+        # 2. Delete notification history
+        result = await self.supabase.table('notification_history').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['notifications'] = len(result.data) if result.data else 0
+        
+        # 3. Delete rate limit logs
+        result = await self.supabase.table('rate_limit_log').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['rate_limits'] = len(result.data) if result.data else 0
+        
+        # 4. Delete chaos experiments
+        result = await self.supabase.table('chaos_experiments').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['chaos_experiments'] = len(result.data) if result.data else 0
+        
+        # 5. Delete runbook executions (via incidents)
+        # Will cascade from incidents
+        
+        # 6. Delete incidents
+        result = await self.supabase.table('incidents').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['incidents'] = len(result.data) if result.data else 0
+        
+        # 7. Delete health checks
+        result = await self.supabase.table('health_checks').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['health_checks'] = len(result.data) if result.data else 0
+        
+        # 8. Delete services
+        result = await self.supabase.table('services').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['services'] = len(result.data) if result.data else 0
+        
+        # 9. Delete runbooks
+        result = await self.supabase.table('runbooks').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['runbooks'] = len(result.data) if result.data else 0
+        
+        # 10. Delete team memberships
+        result = await self.supabase.table('team_members').delete().eq(
+            'user_id', user_id
+        ).execute()
+        deleted_counts['team_members'] = len(result.data) if result.data else 0
+        
+        # 11. Delete user account (last!)
+        result = await self.supabase.table('users').delete().eq(
+            'id', user_id
+        ).execute()
+        deleted_counts['user'] = 1 if result.data else 0
+        
+        return {
+            'status': 'deleted',
+            'user_id': user_id,
+            'deleted_at': datetime.utcnow().isoformat(),
+            'deleted_counts': deleted_counts,
+            'message': 'All personal data has been permanently deleted'
+        }
+    
+    async def get_data_usage_summary(self, user_id: str) -> Dict:
+        """
+        Transparency endpoint - show what data we have
+        """
+        account = await self._get_account_data(user_id)
+        
+        # Count records in each table
+        services = await self.supabase.table('services').select(
+            'id', count='exact'
+        ).eq('user_id', user_id).execute()
+        
+        incidents = await self.supabase.table('incidents').select(
+            'id', count='exact'
+        ).eq('user_id', user_id).execute()
+        
+        ai_usage = await self.supabase.table('ai_usage').select(
+            'cost_usd'
+        ).eq('user_id', user_id).execute()
+        
+        return {
+            'account_created': account.get('created_at'),
+            'email': account.get('email'),
+            'subscription_tier': account.get('subscription_tier', 'free'),
+            
+            'data_summary': {
+                'services_monitored': services.count if hasattr(services, 'count') else len(services.data),
+                'incidents_tracked': incidents.count if hasattr(incidents, 'count') else len(incidents.data),
+                'ai_calls_made': len(ai_usage.data) if ai_usage.data else 0,
+                'total_ai_cost': sum(r.get('cost_usd', 0) for r in (ai_usage.data or []))
+            },
+            
+            'data_sharing': {
+                'third_parties': ['Supabase (database)', 'OpenRouter (AI)', 'Stripe (payments)'],
+                'data_shared_with_ai': 'Incident descriptions only (not stored)',
+                'data_sold': 'Never'
+            },
+            
+            'your_rights': {
+                'export_data': 'POST /api/user/export-data',
+                'delete_account': 'DELETE /api/user/delete-account',
+                'update_preferences': 'PATCH /api/user/preferences'
+            },
+            
+            'retention_policy': {
+                'incidents': '2 years',
+                'health_checks': '90 days',
+                'audit_logs': '90 days',
+                'ai_usage_logs': '1 year'
+            }
+        }
+    
+    # Helper methods to fetch data
+    
+    async def _get_account_data(self, user_id: str) -> Dict:
+        result = await self.supabase.table('users').select('*').eq(
+            'id', user_id
+        ).execute()
+        
+        if result.data:
+            user = result.data[0]
+            # Remove sensitive fields
+            user.pop('password_hash', None)
+            return user
+        return {}
+    
+    async def _get_services(self, user_id: str):
+        result = await self.supabase.table('services').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_health_checks(self, user_id: str):
+        # Get health checks for user's services
+        services = await self._get_services(user_id)
+        service_ids = [s['id'] for s in services]
+        
+        if not service_ids:
+            return []
+        
+        result = await self.supabase.table('health_checks').select('*').in_(
+            'service_id', service_ids
+        ).limit(1000).execute()  # Limit for performance
+        
+        return result.data or []
+    
+    async def _get_incidents(self, user_id: str):
+        result = await self.supabase.table('incidents').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_postmortems(self, user_id: str):
+        result = await self.supabase.table('postmortems').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_runbooks(self, user_id: str):
+        result = await self.supabase.table('runbooks').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_runbook_executions(self, user_id: str):
+        result = await self.supabase.table('runbook_executions').select('*').eq(
+            'executed_by', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_team_members(self, user_id: str):
+        result = await self.supabase.table('team_members').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_on_call_schedules(self, user_id: str):
+        result = await self.supabase.table('on_call_schedules').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_embeddings(self, user_id: str):
+        """Get vector embeddings (GDPR requires this!)"""
+        incidents = await self._get_incidents(user_id)
+        
+        # Return embedding metadata, not raw vectors (too large)
+        embeddings = []
+        for inc in incidents:
+            if inc.get('embedding'):
+                embeddings.append({
+                    'incident_id': inc['id'],
+                    'embedding_model': 'text-embedding-3-small',
+                    'embedding_dimensions': 1536,
+                    'created_at': inc.get('created_at')
+                })
+        
+        return embeddings
+    
+    async def _get_ai_usage(self, user_id: str):
+        result = await self.supabase.table('ai_usage').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_notifications(self, user_id: str):
+        result = await self.supabase.table('notification_history').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+    
+    async def _get_audit_logs(self, user_id: str):
+        result = await self.supabase.table('audit_logs').select('*').eq(
+            'user_id', user_id
+        ).limit(1000).execute()
+        return result.data or []
+    
+    async def _get_chaos_experiments(self, user_id: str):
+        result = await self.supabase.table('chaos_experiments').select('*').eq(
+            'user_id', user_id
+        ).execute()
+        return result.data or []
+
+
+# FastAPI Routes
+
+@router.post("/export-data")
+async def export_user_data(
+    user_id: str,
+    supabase=Depends(lambda: None)  # Replace with actual dependency
+):
+    """GDPR Article 20 - Export all personal data"""
+    handler = GDPRHandler(supabase)
+    data = await handler.export_all_data(user_id)
+    
+    filename = f"devops-sentinel-export-{user_id}-{datetime.utcnow().strftime('%Y%m%d')}.json"
+    
+    return JSONResponse(
+        content=data,
+        headers={
+            'Content-Disposition': f'attachment; filename={filename}'
+        }
+    )
+
+
+@router.delete("/delete-account")
+async def delete_user_account(
+    user_id: str,
+    confirmation: str,
+    supabase=Depends(lambda: None)
+):
+    """GDPR Article 17 - Right to be forgotten"""
+    if confirmation != "DELETE_MY_DATA":
+        raise HTTPException(
+            status_code=400,
+            detail="Must provide confirmation='DELETE_MY_DATA' to delete account"
+        )
+    
+    handler = GDPRHandler(supabase)
+    result = await handler.delete_all_data(user_id, confirmation)
+    
+    return result
+
+
+@router.get("/data-usage")
+async def get_data_usage(
+    user_id: str,
+    supabase=Depends(lambda: None)
+):
+    """Transparency - show what data we have on user"""
+    handler = GDPRHandler(supabase)
+    return await handler.get_data_usage_summary(user_id)