Doblier · Ameen-Alam · Mar 5, 2025 · Mar 3, 2025 · Mar 4, 2025 · Mar 4, 2025
diff --git a/.env.example b/.env.example
@@ -4,7 +4,7 @@
 
 # Core Application Settings
 # ------------------------
-APP_NAME=AgentOrchestrator
+APP_NAME=AORBIT                    # Updated name
 DEBUG=false                 # Set to true for development 
 HOST=0.0.0.0                # Host to bind the server to
 PORT=8000                   # Port to bind the server to
@@ -54,4 +54,27 @@ METRICS_PREFIX=ao                     # Prefix for metrics names
 
 # Logging
 # -------
-LOG_LEVEL=INFO                        # DEBUG, INFO, WARNING, ERROR, or CRITICAL 
+LOG_LEVEL=INFO                        # DEBUG, INFO, WARNING, ERROR, or CRITICAL 
+
+# Enterprise Security Framework
+# ---------------------------
+SECURITY_ENABLED=true                 # Master switch for enhanced security features
+RBAC_ENABLED=true                     # Enable Role-Based Access Control
+AUDIT_ENABLED=true                    # Enable comprehensive audit logging
+ENCRYPTION_ENABLED=true               # Enable data encryption features
+
+# Encryption Configuration
+# ----------------------
+# ENCRYPTION_KEY=                      # Base64 encoded 32-byte key for encryption
+                                      # If not set, a random key will be generated on startup
+                                      # IMPORTANT: Set this in production to prevent data loss!
+
+# RBAC Configuration
+# ----------------
+RBAC_ADMIN_KEY=aorbit-admin-key       # Default admin API key (change in production!)
+RBAC_DEFAULT_ROLE=read_only           # Default role for new API keys
+
+# Audit Configuration
+# -----------------
+AUDIT_RETENTION_DAYS=90               # Number of days to retain audit logs
+AUDIT_COMPLIANCE_MODE=true            # Enables stricter compliance features
diff --git a/.env_backup b/.env_backup
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -2,7 +2,8 @@ name: CI
 
 on:
   push:
-    branches: [ main ]
+    # branches: [ main ]
+    branches: [ feature/crfi001 ]
   pull_request:
     branches: [ main ]
 
@@ -46,10 +47,17 @@ jobs:
       run: |
         uv pip install --system -e ".[test]"
 
-    - name: Lint with ruff
-      run: |
-        uv pip install --system ruff
-        ruff check .
+    - name: Lint with Ruff
+      uses: astral-sh/ruff-action@v3
+      with:
+        version: latest
+        args: check --output-format=github
+
+    - name: Format with Ruff
+      uses: astral-sh/ruff-action@v3
+      with:
+        version: latest
+        args: format --check
 
     - name: Prepare test environment
       run: |
@@ -58,19 +66,24 @@ jobs:
 
     - name: Run tests
       run: |
-        # Now we can run all tests since we've properly mocked the Google API
-        python -m pytest --cov=agentorchestrator
+        # Run all tests with security tests enabled
+        python -m pytest --cov=agentorchestrator -v -m 'security or not security' --asyncio-mode=strict
       env:
         GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY || 'dummy-key-for-testing' }}
         DATABASE_URL: ${{ secrets.DATABASE_URL || 'postgresql://test:test@localhost:5432/test' }}
         AUTH_DEFAULT_KEY: ${{ secrets.AUTH_DEFAULT_KEY || 'test-api-key' }}
         REDIS_HOST: ${{ secrets.REDIS_HOST || 'localhost' }}
         REDIS_PORT: ${{ secrets.REDIS_PORT || '6379' }}
+        SECURITY_ENABLED: true
+        RBAC_ENABLED: true
+        AUDIT_LOGGING_ENABLED: true
+        ENCRYPTION_ENABLED: true
+        ENCRYPTION_KEY: test-key-for-encryption
 
   uat:
     needs: test
     runs-on: ubuntu-latest
-    if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || startsWith(github.ref, 'refs/heads/release/'))
+    if: github.event_name == 'push' && (github.ref == 'refs/heads/feature/crfi001' || startsWith(github.ref, 'refs/heads/release/'))
 
     steps:
     - uses: actions/checkout@v3
@@ -102,15 +115,22 @@ jobs:
 
     - name: Test API endpoints
       run: |
-        # Run integration tests to verify API endpoints
-        python -m pytest tests/test_main.py tests/integration
+        # Run integration tests to verify API endpoints with security enabled
+        python -m pytest tests/test_main.py tests/integration tests/security -v --asyncio-mode=strict
       env:
         GOOGLE_API_KEY: ${{ secrets.GOOGLE_API_KEY || 'dummy-key-for-testing' }}
+        SECURITY_ENABLED: true
+        RBAC_ENABLED: true
+        AUDIT_LOGGING_ENABLED: true
+        ENCRYPTION_ENABLED: true
+        ENCRYPTION_KEY: test-key-for-encryption
+        REDIS_HOST: localhost
+        REDIS_PORT: 6379
 
   build:
     needs: [test, uat]
     runs-on: ubuntu-latest
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    if: github.event_name == 'push' && github.ref == 'refs/heads/feature/crfi001'
 
     steps:
     - uses: actions/checkout@v3
@@ -156,7 +176,7 @@ jobs:
   deploy-prod:
     needs: build
     runs-on: ubuntu-latest
-    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    if: github.event_name == 'push' && github.ref == 'refs/heads/feature/crfi001'
     environment: production
 
     steps:

diff --git a/.github/workflows/uv-test.yml b/.github/workflows/uv-test.yml
@@ -2,7 +2,8 @@ name: UV Test
 
 on:
   push:
-    branches: [ main ]
+    # branches: [ main ]
+    branches: [ feature/crfi001 ]
   pull_request:
     branches: [ main ]
 

diff --git a/.gitignore b/.gitignore
@@ -26,6 +26,10 @@ wheels/
 .env.uat
 .env.dev
 .venv
+.venv-dev
+.venv-uat
+.venv-test
+.venv-prod
 env/
 venv/
 ENV/

diff --git a/Makefile b/Makefile
@@ -0,0 +1,104 @@
+.PHONY: install dev-install test lint format clean docs build publish help
+
+# Default target
+help:
+	@echo "AORBIT - Enterprise Agent Orchestration Framework"
+	@echo ""
+	@echo "Usage:"
+	@echo "  make install         Install production dependencies and package"
+	@echo "  make dev-install     Install development dependencies and package in editable mode"
+	@echo "  make test            Run tests"
+	@echo "  make lint            Run linters (ruff, mypy, black --check)"
+	@echo "  make format          Format code (black, isort)"
+	@echo "  make clean           Clean build artifacts"
+	@echo "  make docs            Build documentation"
+	@echo "  make build           Build distribution packages"
+	@echo "  make publish         Publish to PyPI"
+	@echo ""
+
+# Install production dependencies
+install:
+	@echo "Installing AORBIT..."
+	python -m pip install -U uv
+	uv pip install .
+	@echo "Installation complete. Type 'aorbit --help' to get started."
+
+# Install development dependencies
+dev-install:
+	@echo "Installing AORBIT in development mode..."
+	python -m pip install -U uv
+	uv pip install -e ".[dev,docs]"
+	@echo "Development installation complete. Type 'aorbit --help' to get started."
+
+# Run tests
+test:
+	@echo "Running tests..."
+	pytest
+
+# Run with coverage
+coverage:
+	@echo "Running tests with coverage..."
+	pytest --cov=agentorchestrator --cov-report=term-missing --cov-report=html
+
+# Run linters
+lint:
+	@echo "Running linters..."
+	ruff check .
+	mypy agentorchestrator
+	black --check .
+	isort --check .
+
+# Format code
+format:
+	@echo "Formatting code..."
+	black .
+	isort .
+
+# Clean build artifacts
+clean:
+	@echo "Cleaning build artifacts..."
+	rm -rf build/
+	rm -rf dist/
+	rm -rf *.egg-info/
+	rm -rf htmlcov/
+	rm -rf .coverage
+	rm -rf .pytest_cache/
+	rm -rf .ruff_cache/
+	rm -rf __pycache__/
+	find . -type d -name __pycache__ -exec rm -rf {} +
+
+# Build documentation
+docs:
+	@echo "Building documentation..."
+	mkdocs build
+
+# Serve documentation locally
+docs-serve:
+	@echo "Serving documentation at http://localhost:8000"
+	mkdocs serve
+
+# Build distribution packages
+build: clean
+	@echo "Building distribution packages..."
+	python -m build
+
+# Publish to PyPI
+publish: build
+	@echo "Publishing to PyPI..."
+	twine upload dist/*
+
+# Generate a new encryption key and save to .env
+generate-key:
+	@echo "Generating new encryption key..."
+	@python -c "import base64; import secrets; key = base64.b64encode(secrets.token_bytes(32)).decode('utf-8'); print(f'ENCRYPTION_KEY={key}')" >> .env
+	@echo "Key added to .env file."
+
+# Run the development server
+run:
+	@echo "Starting AORBIT development server..."
+	python main.py
+
+# Initialize security with default roles/permissions
+init-security:
+	@echo "Initializing security framework..."
+	@python -c "from agentorchestrator.security.rbac import RBACManager; import redis.asyncio as redis; import asyncio; async def init(): r = redis.from_url('redis://localhost:6379/0'); rbac = RBACManager(r); await rbac.create_role('admin'); await rbac.assign_permission('admin', '*:*'); await rbac.create_role('user'); await rbac.assign_permission('user', 'read:*'); print('Default roles created: admin, user'); redis_client = await r.close(); asyncio.run(init())" 
diff --git a/README.md b/README.md
@@ -1,22 +1,22 @@
-# AgentOrchestrator
+# AORBIT
 
-![AgentOrchestrator Banner](https://via.placeholder.com/800x200?text=AgentOrchestrator)
+![AORBIT Banner](https://via.placeholder.com/800x200?text=AORBIT)
 
 [![License](https://img.shields.io/badge/license-MIT-blue.svg)](LICENSE)
 [![Python](https://img.shields.io/badge/python-3.12-blue.svg)](https://www.python.org/downloads/)
 [![UV](https://img.shields.io/badge/package%20manager-uv-green.svg)](https://github.com/astral-sh/uv)
 [![CI](https://github.com/ameen-alam/AgentOrchestrator/actions/workflows/ci.yml/badge.svg)](https://github.com/ameen-alam/AgentOrchestrator/actions/workflows/ci.yml)
 
-**AgentOrchestrator**: A powerful, production-grade framework for deploying AI agents anywhere - cloud, serverless, containers, or local development environments.
+**AORBIT**: A powerful, production-grade framework for deploying AI agents with enterprise-grade security - perfect for financial applications and sensitive data processing.
 
 ## 🚀 Quick Start (5 minutes)
 
 ### Local Development
 
 ```bash
 # Clone the repository
-git clone https://github.com/your-username/AgentOrchestrator.git
-cd AgentOrchestrator
+git clone https://github.com/your-username/AORBIT.git
+cd AORBIT
 
 # Set up environment with UV
 uv venv
@@ -38,8 +38,8 @@ Your server is now running at http://localhost:8000! 🎉
 
 ```bash
 # Clone the repository
-git clone https://github.com/your-username/AgentOrchestrator.git
-cd AgentOrchestrator
+git clone https://github.com/your-username/AORBIT.git
+cd AORBIT
 
 # Windows PowerShell
 .\scripts\run_environments.ps1 -Environment dev -Build
@@ -80,9 +80,26 @@ GET http://localhost:8000/api/v1/agent/my_first_agent?input=John
 
 That's it! Your first AI agent is up and running.
 
+## 🔒 Enterprise Security Framework
+
+AORBIT includes a comprehensive enterprise-grade security framework designed for financial applications:
+
+- **Role-Based Access Control (RBAC)**: Fine-grained permission management with hierarchical roles
+- **Comprehensive Audit Logging**: Immutable audit trail for all system activities
+- **Data Encryption**: Both at-rest and in-transit encryption for sensitive data
+- **API Key Management**: Enhanced API keys with role assignments and IP restrictions
+
+To enable the security framework, simply set the following in your `.env` file:
+
+```
+SECURITY_ENABLED=true
+```
+
+For detailed information, see the [Security Framework Documentation](docs/security_framework.md).
+
 ## 🐳 Running Different Environments
 
-AgentOrchestrator supports multiple environments through Docker:
+AORBIT supports multiple environments through Docker:
 
 ```bash
 # Windows PowerShell
@@ -124,22 +141,24 @@ For more details, see the [Docker Environments Guide](docs/docker_environments.m
 - **Deploy Anywhere**: Cloud, serverless functions, containers or locally
 - **Stateless Architecture**: Horizontally scalable with no shared state
 - **Flexible Agent System**: Support for any LLM via LangChain, LlamaIndex, etc.
-- **Enterprise Ready**: Authentication, rate limiting, caching, and metrics built-in
+- **Enterprise Ready**: Authentication, RBAC, audit logging, encryption, and metrics built-in
+- **Financial Applications**: Designed for sensitive data processing and compliance requirements
 - **Developer Friendly**: Automatic API generation, hot-reloading, and useful error messages
 
 ## 🛣️ Roadmap
 
 - [x] Core framework
 - [x] Dynamic agent discovery
 - [x] API generation
+- [x] Enterprise security features
 - [ ] Agent marketplace
-- [ ] Enterprise security features
 - [ ] Managed cloud offering
 
 ## 📚 Documentation
 
 - [Getting Started Guide](docs/getting-started.md)
 - [Creating Agents](docs/creating-agents.md)
+- [Security Framework](docs/security_framework.md)
 - [Deployment Options](docs/deployment.md)
 - [API Reference](docs/api-reference.md)
 - [Docker Environments Guide](docs/docker_environments.md)

diff --git a/__pycache__/main.cpython-312.pyc b/__pycache__/main.cpython-312.pyc