🎨 Palette: Dynamic Zero Trust pillar status in SSP report

[AGI-Corporation]

🎨 Palette: Dynamic Zero Trust pillar status in SSP report

This change replaces static "See assessment" text in the System Security Plan (SSP) Markdown report with dynamic visual progress bars for each Zero Trust pillar.

💡 What:

• Added ZT_PILLAR_DOMAINS constant in backend/routers/reports.py to centralize CMMC domain mapping.
• Implemented get_maturity_pct helper for weighted compliance calculation (0.5 for partials).
• Refactored generate_ssp and get_dashboard to use dynamic pillar data.
• Enhanced the SSP Markdown table with visual progress bars.

🎯 Why:

• Improves visual scannability of generated reports for human stakeholders.
• Ensures consistency between the API dashboard and generated documents.

♿ Accessibility:

• Uses block-based visual progress bars with explicit percentage labels.
• Standardized implementation status emojis.

---

PR created automatically by Jules for task 8363647733487862273 started by @AGI-Corporation

Summary by CodeRabbit

• New Features

  • ZT Pillar Alignment in reports now dynamically generates rows based on applicable controls, replacing static placeholders.
  • Dashboard pillar list is now generated from a centralized source, ensuring consistency across reports.

• Bug Fixes

  • Improved compliance percentage calculations in reports with refined maturity weighting logic.

[google-labs-jules]

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

---

For security, I will only act on instructions from the user who triggered this task.

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes centralize ZT (Zero Trust) pillar configuration into a module-level mapping, add a weighted maturity calculation function, and refactor the /ssp report endpoint to dynamically generate pillar rows from domain membership instead of using a static table. The /dashboard endpoint is similarly updated to derive pillar data from the same mapping.

Changes

Cohort / File(s)	Summary
ZT Pillar Configuration & Maturity Calculation backend/routers/reports.py	Added ZT_PILLAR_DOMAINS mapping constant and get_maturity_pct() function for weighted maturity scoring (implemented: 1.0, partial: 0.5). Updated /ssp endpoint to dynamically generate pillar-alignment rows by filtering controls per pillar domain and computing maturity. Updated /dashboard endpoint to generate zt_pillars list from ZT_PILLAR_DOMAINS instead of hardcoding values.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• 🎨 Palette: SSP Report Visual Enhancements #73: Modifies /ssp report's overall progress rendering from percentage-based to progress bar format, overlapping with this PR's progress-bar logic changes.
• 🎨 Palette: Enhance SSP report with visual indicators #66: Updates SSP report generation in backend/routers/reports.py around compliance/progress computation and rendering, directly related to similar report output modifications.

Poem

🐰 A rabbit hops through pillar halls,
Where domains map to ZT's calls,
No hardcoded lists to freeze,
Just dynamic rows with calculated ease,
Maturity blooms—half, full, or less! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title references dynamic Zero Trust pillar status updates in the SSP report, which directly aligns with the main change of replacing static pillar data with dynamically generated rows derived from ZT_PILLAR_DOMAINS.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch palette-dynamic-zt-pillars-8363647733487862273

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

backend/routers/reports.py (1)

27-35: Use one shared source for ZT pillar/domain mapping

This mapping is duplicated in agents/orchestrator/agent.py (Line 82-91 in provided snippet). Keeping multiple copies will drift over time and skew report vs agent behavior.

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@backend/routers/reports.py` around lines 27 - 35, The ZT_PILLAR_DOMAINS
mapping is duplicated; remove the local copy in reports.py and import the single
source of truth used by the agent (the mapping defined in
agents.orchestrator.agent, e.g. ZT_PILLAR_DOMAINS) and reference that imported
constant where needed; update any references in functions or logic in reports.py
that used the local ZT_PILLAR_DOMAINS to use the imported symbol instead, and
ensure tests/import paths still resolve.

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In `@backend/routers/reports.py`:
- Around line 108-113: Overall Compliance currently computes compliance_pct
using only implemented controls (compliance_pct = status_counts["implemented"] /
total_controls * 100); update this to match the pillar maturity logic by
counting partials at half weight (i.e., implemented + 0.5 * partial) divided by
total_controls before multiplying by 100, then pass that to get_progress_bar;
update the same calculation location referenced by the second occurrence (the
other compliance_pct calculation around the other summary) so both overall and
pillar math use the same weighted partial logic, and keep references to
status_counts, total_controls, compliance_pct and get_progress_bar to locate the
changes.

---

Nitpick comments:
In `@backend/routers/reports.py`:
- Around line 27-35: The ZT_PILLAR_DOMAINS mapping is duplicated; remove the
local copy in reports.py and import the single source of truth used by the agent
(the mapping defined in agents.orchestrator.agent, e.g. ZT_PILLAR_DOMAINS) and
reference that imported constant where needed; update any references in
functions or logic in reports.py that used the local ZT_PILLAR_DOMAINS to use
the imported symbol instead, and ensure tests/import paths still resolve.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2093fd80-4d54-461b-8990-65a7648722fc

📥 Commits

Reviewing files that changed from the base of the PR and between c9be2df and 09f1a6a.

📒 Files selected for processing (1)

• backend/routers/reports.py

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Align Overall Compliance math with pillar maturity math

At Line 108-113, Overall Compliance is implemented-only, but pillar status (Line 138) uses weighted partials (0.5). This can present conflicting compliance signals in the same SSP.

Suggested fix

-    compliance_pct = (
-        (status_counts["implemented"] / total_controls * 100)
-        if total_controls > 0
-        else 0
-    )
+    compliance_pct = get_maturity_pct(
+        status_counts["implemented"],
+        status_counts["partial"],
+        total_controls,
+    )

Also applies to: 150-150

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@backend/routers/reports.py` around lines 108 - 113, Overall Compliance
currently computes compliance_pct using only implemented controls
(compliance_pct = status_counts["implemented"] / total_controls * 100); update
this to match the pillar maturity logic by counting partials at half weight
(i.e., implemented + 0.5 * partial) divided by total_controls before multiplying
by 100, then pass that to get_progress_bar; update the same calculation location
referenced by the second occurrence (the other compliance_pct calculation around
the other summary) so both overall and pillar math use the same weighted partial
logic, and keep references to status_counts, total_controls, compliance_pct and
get_progress_bar to locate the changes.