Spaces:

A-R-F
/

Agentic-Reliability-Framework-API

Running

App Files Files Community

Agentic-Reliability-Framework-API / hf_demo.py

petter2025

Update hf_demo.py

aedd0be verified about 1 month ago

raw

history blame

40.2 kB

	"""
	ARF OSS v3.3.9 - Enterprise Lead Generation Engine
	Compatible with Gradio 4.44.1 and Pydantic V2
	"""

	import os
	import json
	import uuid
	import hmac
	import hashlib
	import logging
	import asyncio
	import sqlite3
	import requests
	from datetime import datetime, timedelta
	from typing import Dict, List, Optional, Any, Tuple
	from contextlib import contextmanager
	from dataclasses import dataclass, asdict
	from enum import Enum

	import gradio as gr
	from fastapi import FastAPI, HTTPException, Depends
	from fastapi.middleware.cors import CORSMiddleware
	from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
	from pydantic import BaseModel, Field, field_validator # Changed from validator
	from gradio import mount_gradio_app

	# ============== CONFIGURATION ==============
	class Settings:
	"""Centralized configuration - easy to modify"""

	# Hugging Face settings
	HF_SPACE_ID = os.environ.get('SPACE_ID', 'local')
	HF_TOKEN = os.environ.get('HF_TOKEN', '')

	# Persistence - HF persistent storage
	DATA_DIR = '/data' if os.path.exists('/data') else './data'
	os.makedirs(DATA_DIR, exist_ok=True)

	# Lead generation
	LEAD_EMAIL = "petter2025us@outlook.com"
	CALENDLY_URL = "https://calendly.com/petter2025us/arf-demo"

	# Webhook for lead alerts (set in HF secrets)
	SLACK_WEBHOOK = os.environ.get('SLACK_WEBHOOK', '')
	SENDGRID_API_KEY = os.environ.get('SENDGRID_API_KEY', '')

	# Security
	API_KEY = os.environ.get('ARF_API_KEY', str(uuid.uuid4()))

	# ARF defaults
	DEFAULT_CONFIDENCE_THRESHOLD = 0.9
	DEFAULT_MAX_RISK = "MEDIUM"

	settings = Settings()

	# ============== LOGGING ==============
	logging.basicConfig(
	level=logging.INFO,
	format='%(asctime)s - %(name)s - %(levelname)s - %(message)s',
	handlers=[
	logging.FileHandler(f'{settings.DATA_DIR}/arf.log'),
	logging.StreamHandler()
	]
	)
	logger = logging.getLogger('arf.oss')

	# ============== ENUMS & TYPES ==============
	class RiskLevel(str, Enum):
	LOW = "LOW"
	MEDIUM = "MEDIUM"
	HIGH = "HIGH"
	CRITICAL = "CRITICAL"

	class ExecutionLevel(str, Enum):
	AUTONOMOUS_LOW = "AUTONOMOUS_LOW"
	AUTONOMOUS_HIGH = "AUTONOMOUS_HIGH"
	SUPERVISED = "SUPERVISED"
	OPERATOR_REVIEW = "OPERATOR_REVIEW"

	class LeadSignal(str, Enum):
	HIGH_RISK_BLOCKED = "high_risk_blocked"
	NOVEL_ACTION = "novel_action"
	POLICY_VIOLATION = "policy_violation"
	CONFIDENCE_LOW = "confidence_low"
	REPEATED_FAILURE = "repeated_failure"

	# ============== REAL ARF BAYESIAN ENGINE ==============
	class BayesianRiskEngine:
	"""
	True Bayesian inference with conjugate priors
	Matches ARF OSS production implementation
	"""

	def __init__(self):
	# Beta-Binomial conjugate prior
	# Prior represents belief about risk before seeing evidence
	self.prior_alpha = 2.0 # Pseudocounts for "safe" outcomes
	self.prior_beta = 5.0 # Pseudocounts for "risky" outcomes

	# Action type priors (learned from industry data)
	self.action_priors = {
	'database': {'alpha': 1.5, 'beta': 8.0}, # DB ops are risky
	'network': {'alpha': 3.0, 'beta': 4.0}, # Network ops medium risk
	'compute': {'alpha': 4.0, 'beta': 3.0}, # Compute ops safer
	'security': {'alpha': 2.0, 'beta': 6.0}, # Security ops risky
	'default': {'alpha': 2.0, 'beta': 5.0}
	}

	# Load historical evidence from persistent storage
	self.evidence_db = f"{settings.DATA_DIR}/evidence.db"
	self._init_db()

	def _init_db(self):
	"""Initialize SQLite DB for evidence storage"""
	with self._get_db() as conn:
	conn.execute('''
	CREATE TABLE IF NOT EXISTS evidence (
	id TEXT PRIMARY KEY,
	action_type TEXT,
	action_hash TEXT,
	success INTEGER,
	total INTEGER,
	timestamp TEXT,
	metadata TEXT
	)
	''')
	conn.execute('''
	CREATE INDEX IF NOT EXISTS idx_action_hash
	ON evidence(action_hash)
	''')

	@contextmanager
	def _get_db(self):
	conn = sqlite3.connect(self.evidence_db)
	try:
	yield conn
	finally:
	conn.close()

	def classify_action(self, action_text: str) -> str:
	"""Classify action type for appropriate prior"""
	action_lower = action_text.lower()

	if any(word in action_lower for word in ['database', 'db', 'sql', 'table', 'drop', 'delete']):
	return 'database'
	elif any(word in action_lower for word in ['network', 'firewall', 'load balancer']):
	return 'network'
	elif any(word in action_lower for word in ['pod', 'container', 'deploy', 'scale']):
	return 'compute'
	elif any(word in action_lower for word in ['security', 'cert', 'key', 'access']):
	return 'security'
	else:
	return 'default'

	def get_prior(self, action_type: str) -> Tuple[float, float]:
	"""Get prior parameters for action type"""
	prior = self.action_priors.get(action_type, self.action_priors['default'])
	return prior['alpha'], prior['beta']

	def get_evidence(self, action_hash: str) -> Tuple[int, int]:
	"""Get historical evidence for similar actions"""
	with self._get_db() as conn:
	cursor = conn.execute(
	'SELECT SUM(success), SUM(total) FROM evidence WHERE action_hash = ?',
	(action_hash[:50],)
	)
	row = cursor.fetchone()
	return (row[0] or 0, row[1] or 0) if row else (0, 0)

	def calculate_posterior(self,
	action_text: str,
	context: Dict[str, Any]) -> Dict[str, Any]:
	"""
	True Bayesian posterior calculation
	P(risk \| action, context) ∝ P(action, context \| risk) * P(risk)
	"""
	# 1. Classify action for appropriate prior
	action_type = self.classify_action(action_text)
	alpha0, beta0 = self.get_prior(action_type)

	# 2. Get historical evidence
	action_hash = hashlib.sha256(action_text.encode()).hexdigest()
	successes, trials = self.get_evidence(action_hash)

	# 3. Update prior with evidence → posterior
	alpha_n = alpha0 + successes
	beta_n = beta0 + (trials - successes)

	# 4. Posterior mean (expected risk)
	posterior_mean = alpha_n / (alpha_n + beta_n)

	# 5. Incorporate context as likelihood adjustment
	context_multiplier = self._context_likelihood(context)

	# 6. Final risk score (posterior predictive)
	risk_score = posterior_mean * context_multiplier
	risk_score = min(0.99, max(0.01, risk_score))

	# 7. 95% credible interval (Beta distribution quantiles)
	# Using approximation for computational efficiency
	variance = (alpha_n * beta_n) / ((alpha_n + beta_n)*2 (alpha_n + beta_n + 1))
	std_dev = variance ** 0.5
	ci_lower = max(0.01, posterior_mean - 1.96 * std_dev)
	ci_upper = min(0.99, posterior_mean + 1.96 * std_dev)

	# 8. Risk level
	if risk_score > 0.8:
	risk_level = RiskLevel.CRITICAL
	elif risk_score > 0.6:
	risk_level = RiskLevel.HIGH
	elif risk_score > 0.4:
	risk_level = RiskLevel.MEDIUM
	else:
	risk_level = RiskLevel.LOW

	return {
	"score": risk_score,
	"level": risk_level,
	"credible_interval": [ci_lower, ci_upper],
	"posterior_parameters": {"alpha": alpha_n, "beta": beta_n},
	"prior_used": {"alpha": alpha0, "beta": beta0, "type": action_type},
	"evidence_used": {"successes": successes, "trials": trials},
	"context_multiplier": context_multiplier,
	"calculation": f"""
	Posterior = Beta(α={alpha_n:.1f}, β={beta_n:.1f})
	Mean = {alpha_n:.1f} / ({alpha_n:.1f} + {beta_n:.1f}) = {posterior_mean:.3f}
	× Context multiplier {context_multiplier:.2f} = {risk_score:.3f}
	"""
	}

	def _context_likelihood(self, context: Dict) -> float:
	"""Calculate likelihood multiplier from context"""
	multiplier = 1.0

	# Environment
	if context.get('environment') == 'production':
	multiplier *= 1.5
	elif context.get('environment') == 'staging':
	multiplier *= 0.8

	# Time
	hour = datetime.now().hour
	if hour < 6 or hour > 22: # Off-hours
	multiplier *= 1.3

	# User seniority
	if context.get('user_role') == 'junior':
	multiplier *= 1.4
	elif context.get('user_role') == 'senior':
	multiplier *= 0.9

	# Backup status
	if not context.get('backup_available', True):
	multiplier *= 1.6

	return multiplier

	def record_outcome(self, action_text: str, success: bool):
	"""Record actual outcome for future Bayesian updates"""
	action_hash = hashlib.sha256(action_text.encode()).hexdigest()
	action_type = self.classify_action(action_text)

	with self._get_db() as conn:
	conn.execute('''
	INSERT INTO evidence (id, action_type, action_hash, success, total, timestamp)
	VALUES (?, ?, ?, ?, ?, ?)
	''', (
	str(uuid.uuid4()),
	action_type,
	action_hash[:50],
	1 if success else 0,
	1,
	datetime.utcnow().isoformat()
	))
	conn.commit()

	logger.info(f"Recorded outcome for {action_type}: success={success}")

	# ============== POLICY ENGINE ==============
	class PolicyEngine:
	"""
	Deterministic OSS policies - advisory only
	Matches ARF OSS healing_policies.py
	"""

	def __init__(self):
	self.config = {
	"confidence_threshold": settings.DEFAULT_CONFIDENCE_THRESHOLD,
	"max_autonomous_risk": settings.DEFAULT_MAX_RISK,
	"risk_thresholds": {
	RiskLevel.LOW: 0.7,
	RiskLevel.MEDIUM: 0.5,
	RiskLevel.HIGH: 0.3,
	RiskLevel.CRITICAL: 0.1
	},
	"destructive_patterns": [
	r'\bdrop\s+database\b',
	r'\bdelete\s+from\b',
	r'\btruncate\b',
	r'\balter\s+table\b',
	r'\bdrop\s+table\b',
	r'\bshutdown\b',
	r'\bterminate\b',
	r'\brm\s+-rf\b'
	],
	"require_human": [RiskLevel.CRITICAL, RiskLevel.HIGH],
	"require_rollback": True
	}

	def evaluate(self,
	action: str,
	risk: Dict[str, Any],
	confidence: float) -> Dict[str, Any]:
	"""
	Evaluate action against policies
	Returns gate results and final decision
	"""
	gates = []

	# Gate 1: Confidence threshold
	confidence_passed = confidence >= self.config["confidence_threshold"]
	gates.append({
	"gate": "confidence_threshold",
	"passed": confidence_passed,
	"threshold": self.config["confidence_threshold"],
	"actual": confidence,
	"reason": f"Confidence {confidence:.2f} {'≥' if confidence_passed else '<'} threshold {self.config['confidence_threshold']}",
	"type": "numerical"
	})

	# Gate 2: Risk level
	risk_levels = list(RiskLevel)
	max_idx = risk_levels.index(RiskLevel(self.config["max_autonomous_risk"]))
	action_idx = risk_levels.index(risk["level"])
	risk_passed = action_idx <= max_idx

	gates.append({
	"gate": "risk_assessment",
	"passed": risk_passed,
	"max_allowed": self.config["max_autonomous_risk"],
	"actual": risk["level"].value,
	"reason": f"Risk level {risk['level'].value} {'≤' if risk_passed else '>'} max autonomous {self.config['max_autonomous_risk']}",
	"type": "categorical",
	"metadata": {
	"risk_score": risk["score"],
	"credible_interval": risk["credible_interval"]
	}
	})

	# Gate 3: Destructive check
	import re
	is_destructive = any(
	re.search(pattern, action.lower())
	for pattern in self.config["destructive_patterns"]
	)

	gates.append({
	"gate": "destructive_check",
	"passed": not is_destructive,
	"is_destructive": is_destructive,
	"reason": "Non-destructive operation" if not is_destructive else "Destructive operation detected",
	"type": "boolean",
	"metadata": {"requires_rollback": is_destructive}
	})

	# Gate 4: Human review requirement
	requires_human = risk["level"] in self.config["require_human"]

	gates.append({
	"gate": "human_review",
	"passed": not requires_human,
	"requires_human": requires_human,
	"reason": "Human review not required" if not requires_human else f"Human review required for {risk['level'].value} risk",
	"type": "boolean"
	})

	# Gate 5: OSS license (always passes in OSS)
	gates.append({
	"gate": "license_check",
	"passed": True,
	"edition": "OSS",
	"reason": "OSS edition - advisory only",
	"type": "license"
	})

	# Overall decision
	all_passed = all(g["passed"] for g in gates)

	# Determine required level
	if not all_passed:
	required_level = ExecutionLevel.OPERATOR_REVIEW
	elif risk["level"] == RiskLevel.LOW:
	required_level = ExecutionLevel.AUTONOMOUS_LOW
	elif risk["level"] == RiskLevel.MEDIUM:
	required_level = ExecutionLevel.AUTONOMOUS_HIGH
	else:
	required_level = ExecutionLevel.SUPERVISED

	return {
	"allowed": all_passed,
	"required_level": required_level.value,
	"gates": gates,
	"advisory_only": True,
	"oss_disclaimer": "OSS edition provides advisory only. Enterprise adds execution."
	}

	def update_config(self, key: str, value: Any):
	"""Live policy updates"""
	if key in self.config:
	self.config[key] = value
	logger.info(f"Policy updated: {key} = {value}")
	return True
	return False

	# ============== RAG MEMORY WITH PERSISTENCE ==============
	class RAGMemory:
	"""
	Persistent RAG memory using SQLite + vector embeddings
	Survives HF Space restarts
	"""

	def __init__(self):
	self.db_path = f"{settings.DATA_DIR}/memory.db"
	self._init_db()
	self.embedding_cache = {}

	def _init_db(self):
	"""Initialize memory tables"""
	with self._get_db() as conn:
	# Incidents table
	conn.execute('''
	CREATE TABLE IF NOT EXISTS incidents (
	id TEXT PRIMARY KEY,
	action TEXT,
	action_hash TEXT,
	risk_score REAL,
	risk_level TEXT,
	confidence REAL,
	allowed BOOLEAN,
	gates TEXT,
	timestamp TEXT,
	embedding TEXT
	)
	''')

	# Enterprise signals table
	conn.execute('''
	CREATE TABLE IF NOT EXISTS signals (
	id TEXT PRIMARY KEY,
	signal_type TEXT,
	action TEXT,
	risk_score REAL,
	metadata TEXT,
	timestamp TEXT,
	contacted BOOLEAN DEFAULT 0
	)
	''')

	# Create indexes
	conn.execute('CREATE INDEX IF NOT EXISTS idx_action_hash ON incidents(action_hash)')
	conn.execute('CREATE INDEX IF NOT EXISTS idx_signal_type ON signals(signal_type)')
	conn.execute('CREATE INDEX IF NOT EXISTS idx_signal_contacted ON signals(contacted)')

	@contextmanager
	def _get_db(self):
	conn = sqlite3.connect(self.db_path)
	conn.row_factory = sqlite3.Row
	try:
	yield conn
	finally:
	conn.close()

	def _simple_embedding(self, text: str) -> List[float]:
	"""Simple bag-of-words embedding for demo"""
	# Cache embeddings
	if text in self.embedding_cache:
	return self.embedding_cache[text]

	# Simple character trigram embedding
	words = text.lower().split()
	trigrams = set()
	for word in words:
	for i in range(len(word) - 2):
	trigrams.add(word[i:i+3])

	# Convert to fixed-size vector (simplified)
	# In production, use sentence-transformers
	vector = [hash(t) % 1000 / 1000.0 for t in sorted(trigrams)[:100]]
	# Pad to fixed length
	while len(vector) < 100:
	vector.append(0.0)
	vector = vector[:100]

	self.embedding_cache[text] = vector
	return vector

	def store_incident(self,
	action: str,
	risk_score: float,
	risk_level: RiskLevel,
	confidence: float,
	allowed: bool,
	gates: List[Dict]):
	"""Store incident in persistent memory"""
	action_hash = hashlib.sha256(action.encode()).hexdigest()[:50]
	embedding = json.dumps(self._simple_embedding(action))

	with self._get_db() as conn:
	conn.execute('''
	INSERT INTO incidents
	(id, action, action_hash, risk_score, risk_level, confidence, allowed, gates, timestamp, embedding)
	VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
	''', (
	str(uuid.uuid4()),
	action[:500],
	action_hash,
	risk_score,
	risk_level.value,
	confidence,
	1 if allowed else 0,
	json.dumps(gates),
	datetime.utcnow().isoformat(),
	embedding
	))
	conn.commit()

	def find_similar(self, action: str, limit: int = 5) -> List[Dict]:
	"""Find similar incidents using cosine similarity"""
	query_embedding = self._simple_embedding(action)

	with self._get_db() as conn:
	# Get all recent incidents
	cursor = conn.execute('''
	SELECT * FROM incidents
	ORDER BY timestamp DESC
	LIMIT 100
	''')

	incidents = []
	for row in cursor.fetchall():
	stored_embedding = json.loads(row['embedding'])

	# Cosine similarity
	dot = sum(q * s for q, s in zip(query_embedding, stored_embedding))
	norm_q = sum(qq for q in query_embedding) * 0.5
	norm_s = sum(ss for s in stored_embedding) * 0.5

	if norm_q > 0 and norm_s > 0:
	similarity = dot / (norm_q * norm_s)
	else:
	similarity = 0

	incidents.append({
	'id': row['id'],
	'action': row['action'],
	'risk_score': row['risk_score'],
	'risk_level': row['risk_level'],
	'confidence': row['confidence'],
	'allowed': bool(row['allowed']),
	'timestamp': row['timestamp'],
	'similarity': similarity
	})

	# Sort by similarity and return top k
	incidents.sort(key=lambda x: x['similarity'], reverse=True)
	return incidents[:limit]

	def track_enterprise_signal(self,
	signal_type: LeadSignal,
	action: str,
	risk_score: float,
	metadata: Dict = None):
	"""Track enterprise interest signals with persistence"""

	signal = {
	'id': str(uuid.uuid4()),
	'signal_type': signal_type.value,
	'action': action[:200],
	'risk_score': risk_score,
	'metadata': json.dumps(metadata or {}),
	'timestamp': datetime.utcnow().isoformat(),
	'contacted': 0
	}

	with self._get_db() as conn:
	conn.execute('''
	INSERT INTO signals
	(id, signal_type, action, risk_score, metadata, timestamp, contacted)
	VALUES (?, ?, ?, ?, ?, ?, ?)
	''', (
	signal['id'],
	signal['signal_type'],
	signal['action'],
	signal['risk_score'],
	signal['metadata'],
	signal['timestamp'],
	signal['contacted']
	))
	conn.commit()

	logger.info(f"🔔 Enterprise signal: {signal_type.value} - {action[:50]}...")

	# Trigger immediate notification for high-value signals
	if signal_type in [LeadSignal.HIGH_RISK_BLOCKED, LeadSignal.NOVEL_ACTION]:
	self._notify_sales_team(signal)

	return signal

	def _notify_sales_team(self, signal: Dict):
	"""Real-time notification to sales team"""

	# Slack webhook
	if settings.SLACK_WEBHOOK:
	try:
	requests.post(settings.SLACK_WEBHOOK, json={
	"text": f"🚨 Enterprise Lead Signal\n"
	f"Type: {signal['signal_type']}\n"
	f"Action: {signal['action']}\n"
	f"Risk Score: {signal['risk_score']:.2f}\n"
	f"Time: {signal['timestamp']}\n"
	f"Contact: {settings.LEAD_EMAIL}"
	})
	except:
	pass

	# Email via SendGrid (if configured)
	if settings.SENDGRID_API_KEY:
	# Send email logic here
	pass

	def get_uncontacted_signals(self) -> List[Dict]:
	"""Get signals that haven't been followed up"""
	with self._get_db() as conn:
	cursor = conn.execute('''
	SELECT * FROM signals
	WHERE contacted = 0
	ORDER BY timestamp DESC
	''')

	signals = []
	for row in cursor.fetchall():
	signals.append({
	'id': row['id'],
	'signal_type': row['signal_type'],
	'action': row['action'],
	'risk_score': row['risk_score'],
	'metadata': json.loads(row['metadata']),
	'timestamp': row['timestamp']
	})
	return signals

	def mark_contacted(self, signal_id: str):
	"""Mark signal as contacted"""
	with self._get_db() as conn:
	conn.execute('UPDATE signals SET contacted = 1 WHERE id = ?', (signal_id,))
	conn.commit()

	# ============== AUTHENTICATION ==============
	security = HTTPBearer()

	def verify_api_key(credentials: HTTPAuthorizationCredentials = Depends(security)):
	"""Simple API key authentication for enterprise endpoints"""
	if credentials.credentials != settings.API_KEY:
	raise HTTPException(status_code=403, detail="Invalid API key")
	return credentials.credentials

	# ============== PYDANTIC MODELS ==============
	class ActionRequest(BaseModel):
	proposedAction: str = Field(..., min_length=1, max_length=1000)
	confidenceScore: float = Field(..., ge=0.0, le=1.0)
	riskLevel: RiskLevel
	description: Optional[str] = None
	requiresHuman: bool = False
	rollbackFeasible: bool = True
	user_role: str = "devops"
	session_id: Optional[str] = None

	# FIXED: Using Pydantic V2 field_validator instead of deprecated validator
	@field_validator('proposedAction')
	@classmethod
	def validate_action(cls, v: str) -> str:
	if len(v.strip()) == 0:
	raise ValueError('Action cannot be empty')
	return v

	class ConfigUpdateRequest(BaseModel):
	confidenceThreshold: Optional[float] = Field(None, ge=0.5, le=1.0)
	maxAutonomousRisk: Optional[RiskLevel] = None

	class GateResult(BaseModel):
	gate: str
	reason: str
	passed: bool
	threshold: Optional[float] = None
	actual: Optional[float] = None
	type: str = "boolean"
	metadata: Optional[Dict] = None

	class EvaluationResponse(BaseModel):
	allowed: bool
	requiredLevel: str
	gatesTriggered: List[GateResult]
	shouldEscalate: bool
	escalationReason: Optional[str] = None
	executionLadder: Optional[Dict] = None
	oss_disclaimer: str = "OSS edition provides advisory only. Enterprise adds mechanical gates and execution."

	class LeadSignalResponse(BaseModel):
	id: str
	signal_type: str
	action: str
	risk_score: float
	timestamp: str
	metadata: Dict

	# ============== FASTAPI SETUP ==============
	app = FastAPI(
	title="ARF OSS Real Engine",
	version="3.3.9",
	description="Real ARF OSS components for enterprise lead generation",
	contact={
	"name": "ARF Sales",
	"email": settings.LEAD_EMAIL,
	}
	)

	app.add_middleware(
	CORSMiddleware,
	allow_origins=["*"],
	allow_credentials=True,
	allow_methods=["*"],
	allow_headers=["*"],
	)

	# Initialize ARF components
	risk_engine = BayesianRiskEngine()
	policy_engine = PolicyEngine()
	memory = RAGMemory()

	# ============== API ENDPOINTS ==============
	@app.get("/api/v1/config")
	async def get_config():
	"""Get current ARF configuration"""
	return {
	"confidenceThreshold": policy_engine.config["confidence_threshold"],
	"maxAutonomousRisk": policy_engine.config["max_autonomous_risk"],
	"riskScoreThresholds": policy_engine.config["risk_thresholds"],
	"version": "3.3.9",
	"edition": "OSS"
	}

	@app.post("/api/v1/config")
	async def update_config(config: ConfigUpdateRequest):
	"""Update ARF configuration (live)"""
	if config.confidenceThreshold:
	policy_engine.update_config("confidence_threshold", config.confidenceThreshold)
	if config.maxAutonomousRisk:
	policy_engine.update_config("max_autonomous_risk", config.maxAutonomousRisk.value)
	return await get_config()

	@app.post("/api/v1/evaluate", response_model=EvaluationResponse)
	async def evaluate_action(request: ActionRequest):
	"""
	Real ARF OSS evaluation pipeline
	Used by Replit UI frontend
	"""
	try:
	# Build context
	context = {
	"environment": "production",
	"user_role": request.user_role,
	"backup_available": request.rollbackFeasible,
	"requires_human": request.requiresHuman
	}

	# 1. Bayesian risk assessment
	risk = risk_engine.calculate_posterior(
	action_text=request.proposedAction,
	context=context
	)

	# 2. Policy evaluation
	policy = policy_engine.evaluate(
	action=request.proposedAction,
	risk=risk,
	confidence=request.confidenceScore
	)

	# 3. RAG memory recall
	similar = memory.find_similar(request.proposedAction, limit=3)

	# 4. Track enterprise signals
	if not policy["allowed"] and risk["score"] > 0.7:
	memory.track_enterprise_signal(
	signal_type=LeadSignal.HIGH_RISK_BLOCKED,
	action=request.proposedAction,
	risk_score=risk["score"],
	metadata={
	"confidence": request.confidenceScore,
	"risk_level": risk["level"].value,
	"failed_gates": [g["gate"] for g in policy["gates"] if not g["passed"]]
	}
	)

	if len(similar) < 2 and risk["score"] > 0.6:
	memory.track_enterprise_signal(
	signal_type=LeadSignal.NOVEL_ACTION,
	action=request.proposedAction,
	risk_score=risk["score"],
	metadata={"similar_count": len(similar)}
	)

	# 5. Store in memory
	memory.store_incident(
	action=request.proposedAction,
	risk_score=risk["score"],
	risk_level=risk["level"],
	confidence=request.confidenceScore,
	allowed=policy["allowed"],
	gates=policy["gates"]
	)

	# 6. Format gates for response
	gates = []
	for g in policy["gates"]:
	gates.append(GateResult(
	gate=g["gate"],
	reason=g["reason"],
	passed=g["passed"],
	threshold=g.get("threshold"),
	actual=g.get("actual"),
	type=g.get("type", "boolean"),
	metadata=g.get("metadata")
	))

	# 7. Build execution ladder
	execution_ladder = {
	"levels": [
	{"name": "AUTONOMOUS_LOW", "required": gates[0].passed and gates[1].passed},
	{"name": "AUTONOMOUS_HIGH", "required": all(g.passed for g in gates[:3])},
	{"name": "SUPERVISED", "required": all(g.passed for g in gates[:4])},
	{"name": "OPERATOR_REVIEW", "required": True}
	],
	"current": policy["required_level"]
	}

	return EvaluationResponse(
	allowed=policy["allowed"],
	requiredLevel=policy["required_level"],
	gatesTriggered=gates,
	shouldEscalate=not policy["allowed"],
	escalationReason=None if policy["allowed"] else "Failed mechanical gates",
	executionLadder=execution_ladder
	)

	except Exception as e:
	logger.error(f"Evaluation failed: {e}", exc_info=True)
	raise HTTPException(status_code=500, detail=str(e))

	@app.get("/api/v1/enterprise/signals", dependencies=[Depends(verify_api_key)])
	async def get_enterprise_signals(contacted: bool = False):
	"""
	Get enterprise lead signals (protected endpoint)
	Requires API key from HF secrets
	"""
	if contacted:
	signals = memory.get_uncontacted_signals()
	else:
	# Get all signals from last 30 days
	with memory._get_db() as conn:
	cursor = conn.execute('''
	SELECT * FROM signals
	WHERE datetime(timestamp) > datetime('now', '-30 days')
	ORDER BY timestamp DESC
	''')
	signals = []
	for row in cursor.fetchall():
	signals.append({
	'id': row['id'],
	'signal_type': row['signal_type'],
	'action': row['action'],
	'risk_score': row['risk_score'],
	'metadata': json.loads(row['metadata']),
	'timestamp': row['timestamp'],
	'contacted': bool(row['contacted'])
	})

	return {"signals": signals, "count": len(signals)}

	@app.post("/api/v1/enterprise/signals/{signal_id}/contact")
	async def mark_signal_contacted(signal_id: str):
	"""Mark a lead signal as contacted"""
	memory.mark_contacted(signal_id)
	return {"status": "success", "message": "Signal marked as contacted"}

	@app.get("/api/v1/memory/similar")
	async def get_similar_actions(action: str, limit: int = 5):
	"""Find similar historical actions"""
	similar = memory.find_similar(action, limit=limit)
	return {"similar": similar, "count": len(similar)}

	@app.post("/api/v1/feedback")
	async def record_outcome(action: str, success: bool):
	"""
	Record actual outcome for Bayesian updating
	This is how ARF learns
	"""
	risk_engine.record_outcome(action, success)
	return {"status": "success", "message": "Outcome recorded"}

	@app.get("/health")
	async def health_check():
	"""Health check endpoint"""
	return {
	"status": "healthy",
	"version": "3.3.9",
	"edition": "OSS",
	"memory_entries": len(memory.get_uncontacted_signals()),
	"timestamp": datetime.utcnow().isoformat()
	}

	# ============== GRADIO LEAD GENERATION UI ==============
	def create_lead_gen_ui():
	"""Professional lead generation interface"""

	# FIXED: Moved theme and css to launch() method
	with gr.Blocks(title="ARF OSS - Enterprise Reliability Intelligence") as ui:

	# Header
	gr.HTML(f"""
	<div style="padding: 2rem; border-radius: 1rem; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%); color: white; text-align: center;">
	<h1 style="font-size: 3em; margin-bottom: 0.5rem;">🤖 ARF OSS v3.3.9</h1>
	<h2 style="font-size: 1.5em; font-weight: 300; margin-bottom: 2rem;">
	Real Bayesian Reliability Intelligence
	</h2>
	<div style="display: inline-block; background: rgba(255,255,255,0.2); padding: 0.5rem 1rem;
	border-radius: 2rem; margin-bottom: 2rem;">
	⚡ Running REAL ARF OSS Components • No Simulation
	</div>
	</div>
	""")

	# Value Proposition
	with gr.Row():
	with gr.Column():
	gr.HTML("""
	<div style="text-align: center; padding: 2rem;">
	<h3 style="color: #333; font-size: 2em;">From Bayesian Analysis to Autonomous Execution</h3>
	<p style="color: #666; font-size: 1.2em; max-width: 800px; margin: 1rem auto;">
	This demo uses real ARF OSS components for risk assessment.
	Enterprise adds mechanical gates, learning loops, and governed execution.
	</p>
	</div>
	""")

	# Features Grid
	with gr.Row():
	with gr.Column():
	gr.HTML("""
	<div style="padding: 1.5rem; border-radius: 0.5rem; background: #f8f9fa; border-left: 4px solid #667eea; height: 100%;">
	<h4>🧮 True Bayesian Inference</h4>
	<p>Beta-Binomial conjugate priors with evidence updates</p>
	</div>
	""")
	with gr.Column():
	gr.HTML("""
	<div style="padding: 1.5rem; border-radius: 0.5rem; background: #f8f9fa; border-left: 4px solid #667eea; height: 100%;">
	<h4>🛡️ Deterministic Policies</h4>
	<p>5 mechanical gates with live configuration</p>
	</div>
	""")

	with gr.Row():
	with gr.Column():
	gr.HTML("""
	<div style="padding: 1.5rem; border-radius: 0.5rem; background: #f8f9fa; border-left: 4px solid #667eea; height: 100%;">
	<h4>💾 Persistent RAG Memory</h4>
	<p>SQLite + vector embeddings for incident recall</p>
	</div>
	""")
	with gr.Column():
	gr.HTML("""
	<div style="padding: 1.5rem; border-radius: 0.5rem; background: #f8f9fa; border-left: 4px solid #667eea; height: 100%;">
	<h4>📊 Lead Intelligence</h4>
	<p>Automatic enterprise signal detection</p>
	</div>
	""")

	# Live Demo Stats - FIXED: Removed 'every' parameter for Gradio 4.x
	demo_stats = gr.JSON(
	label="📊 Live Demo Statistics",
	value={
	"active_since": datetime.utcnow().strftime("%Y-%m-%d %H:%M"),
	"bayesian_prior": "Beta(2.0, 5.0)",
	"memory_size": len(memory.get_uncontacted_signals()),
	"enterprise_signals": len(memory.get_uncontacted_signals())
	}
	)

	# CTA Section
	gr.HTML(f"""
	<div style="margin: 3rem 0; padding: 3rem; background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
	border-radius: 1rem; text-align: center; color: white;">
	<h2 style="font-size: 2.5em; margin-bottom: 1rem;">🚀 Ready for Autonomous Operations?</h2>
	<p style="font-size: 1.3em; margin-bottom: 2rem;">
	See ARF Enterprise with mechanical gates and execution
	</p>

	<div style="display: flex; gap: 1rem; justify-content: center; flex-wrap: wrap;">
	<a href="mailto:{settings.LEAD_EMAIL}?subject=ARF%20Enterprise%20Demo%20Request&body=I%20saw%20the%20real%20ARF%20OSS%20demo%20and%20would%20like%20to%20discuss%20Enterprise%20capabilities."
	style="background: white; color: #667eea; padding: 1rem 2rem; border-radius: 2rem; font-weight: bold; text-decoration: none; display: inline-block; margin: 0.5rem;">
	📧 {settings.LEAD_EMAIL}
	</a>
	<a href="{settings.CALENDLY_URL}" target="_blank"
	style="background: #FFD700; color: #333; padding: 1rem 2rem; border-radius: 2rem; font-weight: bold; text-decoration: none; display: inline-block; margin: 0.5rem;">
	📅 Schedule Technical Demo
	</a>
	</div>

	<p style="margin-top: 2rem; font-size: 0.9em; opacity: 0.9;">
	⚡ 30-min technical deep-dive • Live autonomous execution • Enterprise pricing<br>
	🔒 All demos confidential and tailored to your infrastructure
	</p>
	</div>
	""")

	# Footer
	gr.HTML(f"""
	<div style="text-align: center; padding: 2rem; color: #666; border-top: 1px solid #eee;">
	<p>
	📧 <a href="mailto:{settings.LEAD_EMAIL}" style="color: #667eea;">{settings.LEAD_EMAIL}</a> •
	🐙 <a href="https://github.com/petterjuan/agentic-reliability-framework" style="color: #667eea;">GitHub</a>
	</p>
	<p style="font-size: 0.9rem;">
	© 2026 ARF - Open Source Intelligence, Enterprise Execution<br>
	<span style="font-size: 0.8rem; color: #999;">
	v3.3.9 • Real Bayesian Inference • Persistent RAG • Lead Intelligence
	</span>
	</p>
	</div>
	""")

	return ui

	# ============== MOUNT GRADIO ON FASTAPI ==============
	gradio_ui = create_lead_gen_ui()
	app = mount_gradio_app(app, gradio_ui, path="/")

	# ============== MAIN ENTRY POINT ==============
	if __name__ == "__main__":
	import uvicorn
	port = int(os.environ.get('PORT', 7860))

	logger.info("="*60)
	logger.info("🚀 ARF OSS v3.3.9 Starting")
	logger.info(f"📊 Data directory: {settings.DATA_DIR}")
	logger.info(f"📧 Lead email: {settings.LEAD_EMAIL}")
	logger.info(f"🔑 API Key: {settings.API_KEY[:8]}... (set in HF secrets)")
	logger.info(f"🌐 Serving at: http://0.0.0.0:{port}")
	logger.info("="*60)

	# ✅ REMOVE gradio_ui.launch() - FastAPI serves Gradio
	uvicorn.run(
	app,
	host="0.0.0.0",
	port=port,
	log_level="info"
	)