The only "Idea-to-Deployment" engine that builds with compliance baked in.
Theme: From Idea to Deployment
Team: cornerbrooke
The biggest bottleneck in the enterprise isn't writing code β it's approval. Developers want to move fast, but security and compliance teams act as the "brakes" because AI-generated code can be risky or misaligned with cloud best practices. The gap between idea and deployed, compliant product costs teams weeks.
IBM TrustBuild bridges this gap by combining a generative Architect Agent with a real-time Governance Guardrail into a single, end-to-end pipeline.
| For Developers | For the Enterprise |
|---|---|
| Automates architecture scaffolding and boilerplate using IBM Granite | Ensures every generated line of code passes a Pre-flight Governance Audit |
| Generates Dockerfiles, Terraform, and IBM SDK integrations in seconds | Enforces encryption, VPC isolation, and policy compliance automatically |
| One prompt β deployment-ready kit | Innovation and regulation live in the same workflow |
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β USER PROMPT INPUT β
β "Build a customer portal for sensitive health data" β
βββββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β STAGE 1: INTENT EXTRACTION [granite-3-8b-instruct] β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ Parses natural language into structured requirements β
β β’ Identifies: stack needs, data sensitivity, scale requirements β
β β’ Output β requirements.json β
βββββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β STAGE 2: ARCHITECT NODE (The Builder) β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ Maps requirements β IBM Cloud services β
β β’ Selects: Code Engine, Cloudant, watsonx.ai, Container Registry β
β β’ Output β architecture_manifest.json β
βββββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β STAGE 3: GOVERNANCE GUARDRAIL (The Judge) β‘ INNOVATION LAYER β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ Auditor Agent scans manifest against Policy Knowledge Base β
β β’ Checks: encryption, VPC isolation, HIPAA, public API usage β
β β’ β FAIL β Auto-corrects architecture before code generation β
β β’ β
PASS β Approves for code synthesis β
β β’ Output β governance_report.json β
βββββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β STAGE 4: SECURE CODE SYNTHESIS [granite-20b-code] β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β’ Generates Dockerfile, Terraform, app boilerplate β
β β’ Pre-configured with IBM SDKs and security policies β
β β’ Output β Deployment Kit (downloadable) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
| Component | Technology | Role |
|---|---|---|
| Reasoning Engine | watsonx.ai (Granite 3.0) | Powers all agent reasoning |
| Intent Parsing | Granite-3-8b-instruct | Decomposes prompts into requirements |
| Code Generation | Granite-20b-code | Generates Dockerfiles, Terraform, boilerplate |
| Orchestration | Langflow | Connects the 4-stage multi-agent pipeline |
| Governance | watsonx.governance (simulated) | Policy enforcement and audit logic |
| Deployment Target | IBM Cloud | Code Engine, Cloudant, Container Registry |
| Frontend | React + TypeScript | Dashboard UI with real-time pipeline visualization |
| Backend | Python (FastAPI) | API layer connecting frontend to watsonx |
ibm-trustbuild/
βββ README.md # This file
βββ docker-compose.yml # Full-stack local deployment
βββ .env.example # Environment variable template
β
βββ frontend/ # React + TypeScript dashboard
β βββ package.json
β βββ tsconfig.json
β βββ public/
β β βββ index.html
β βββ src/
β βββ index.tsx
β βββ App.tsx # Root app with routing
β βββ components/
β β βββ Header.tsx # Top nav with branding
β β βββ Pipeline.tsx # 4-stage pipeline visualization
β β βββ PromptInput.tsx # User prompt entry
β β βββ GovernancePanel.tsx # Guardrail status display
β β βββ OutputKit.tsx # Final deployment kit display
β βββ styles/
β βββ globals.css # IBM Carbon-inspired theming
β
βββ backend/ # Python FastAPI API server
β βββ requirements.txt
β βββ main.py # FastAPI app entry point
β βββ routes/
β β βββ pipeline.py # /api/run-pipeline endpoint
β βββ agents/
β β βββ intent_agent.py # Stage 1: Intent Extraction
β β βββ architect_agent.py # Stage 2: Architecture Mapping
β β βββ governance_agent.py # Stage 3: Governance Guardrail
β β βββ codegen_agent.py # Stage 4: Secure Code Synthesis
β βββ services/
β β βββ watsonx_client.py # watsonx.ai API wrapper
β β βββ policy_kb.py # Governance Policy Knowledge Base
β βββ models/
β βββ schemas.py # Pydantic request/response models
β
βββ langflow/ # Langflow pipeline export
β βββ trustbuild_pipeline.json # Importable Langflow flow definition
β
βββ scripts/ # Utility and deployment scripts
β βββ setup.sh # One-command local environment setup
β βββ deploy_ibm_cloud.sh # IBM Cloud deployment script
β
βββ docker/ # Docker configurations
β βββ Dockerfile.frontend # Frontend container
β βββ Dockerfile.backend # Backend container
β
βββ docs/ # Supporting documentation
βββ DEMO_SCRIPT.md # 2-minute demo video script
- Node.js 18+ and npm
- Python 3.10+
- Docker & Docker Compose (optional, for full-stack)
- IBM Cloud account with watsonx.ai access
- watsonx.ai API Key and Project ID
git clone https://github.com/cornerbrooke/ibm-trustbuild.git
cd ibm-trustbuild
# Copy and edit the environment file
cp .env.example .env
# Edit .env with your IBM watsonx credentialsdocker-compose up --build- Frontend: http://localhost:3000
- Backend API: http://localhost:8000
- API Docs: http://localhost:8000/docs
# Terminal 1: Frontend
cd frontend
npm install
npm run dev
# Terminal 2: Backend
cd backend
pip install -r requirements.txt
uvicorn main:app --reloadSee docs/DEMO_SCRIPT.md for the full 2-minute recorded demo script.
Live Demo Flow:
- Open the TrustBuild dashboard
- Enter: "Build a customer portal that uses AI to analyze sensitive health data"
- Watch the 4-stage pipeline execute in real time
- Observe the Governance Guardrail flag and auto-correct a HIPAA compliance issue
- Download the final Deployment Kit
| Criteria | How TrustBuild Scores |
|---|---|
| Completeness & Feasibility (5pts) | Full 4-stage pipeline with working frontend, backend, and Langflow export. Real watsonx.ai integration via API. |
| Creativity & Innovation (5pts) | The Governance Guardrail with auto-correction is the differentiator. No other "code generator" enforces compliance before synthesis. |
| Design & Usability (5pts) | IBM Carbon-inspired UI with real-time pipeline status, animated stage transitions, and a one-click deployment kit download. |
| Effectiveness & Efficiency (5pts) | Directly addresses the hackathon theme. Reduces idea-to-deployment from days to 60 seconds. Scales to any enterprise policy rulebook. |
This project was built for the IBM Dev Day: AI Demystified Hackathon (January 2026).
Built with watsonx. Governed by design.