Agentic-Support-Copilot / data /docs /implementation_plan.md
Vineetiitg
feat: implement Redis session memory and multi-turn conversational RAG with coreference resolution
a30ab12
|
Raw
History Blame Contribute Delete
10.5 kB

Support Docs Copilot β€” Audit & Enhanced Implementation Plan

Honest Assessment of Current State

I've read every single file in the project. Here's the unfiltered truth:

What Already Exists (Skeleton-Complete)

The project has the file structure for all 13 phases you outlined β€” files exist for config, loaders, chunking, indexer, registry, context builder, query transform, retriever, guardrails, auth, observability, evaluation, UI tabs, Docker, and tests. The git log shows 12 commits covering the roadmap.

Critical Problems I Found

Most of these implementations are shallow scaffolds, not production-grade code. An experienced interviewer will see through them in minutes.

Area Problem Severity
Query Transform Just regex heuristics ("error" β†’ "troubleshoot", "how" β†’ "steps"). No actual LLM-based query rewriting. πŸ”΄ Critical
Guardrails Duplicate keyword lists between input.py and validators.py. Both are simple substring checks β€” trivially bypassable. No real prompt injection detection. πŸ”΄ Critical
Auth Static API keys compared as strings. No JWT, no password hashing, no token expiry. AUTH_ENABLED=false by default. 🟑 Weak
Observability Only RequestMetrics with manual timing. No structured JSON logging, no correlation IDs in responses, no OpenTelemetry. 🟑 Weak
Eval token_overlap is a naive set intersection of tokens. No semantic similarity, no faithfulness scoring, no RAGAS integration despite listing ragas in requirements. πŸ”΄ Critical
Tests 4 test files with 7 total tests. All pure unit tests on trivial logic. Zero integration tests, zero API tests, no pytest fixtures. πŸ”΄ Critical
Golden QA Only 2 questions. No realistic scenario coverage. 🟑 Weak
Sample Docs Only 2 tiny .txt files. No PDF/DOCX/HTML/MD samples to prove multi-format works. 🟑 Weak
Streaming endpoint /chat/stream duplicates the entire RAG logic instead of reusing the workflow. The prompt template is hardcoded separately from the workflow's prompt. πŸ”΄ Critical
README Still says python app/engine/ingestion.py instead of python -m app.engine.ingestion. Missing architecture diagram, security section, eval section. 🟑 Weak
Docker No health checks in compose. No .dockerignore. Frontend Dockerfile installs streamlit requests from pip instead of requirements.txt. 🟑 Weak
Rate Limiter In-memory deque per client. Resets on every server restart. Not usable in multi-worker setup. 🟑 Weak
Logging configure_logging() is a 3-line basicConfig. Uses print() statements everywhere in the workflow. 🟑 Weak
\r\n line endings Mixed CRLF/LF throughout workflow.py and other files. Looks sloppy in diffs. 🟒 Minor
Error handling CopilotError in errors.py is defined but never used anywhere. No FastAPI exception handler registered. 🟑 Weak

Additional Enhancements to Make This Genuinely Resume-Worthy

These are the things NOT in your 13-phase plan that a senior engineer or interviewer would look for.

1. Conversation Memory / Multi-Turn Chat πŸ”΄ CRITICAL MISS

Your copilot currently has zero conversation history. Each query is independent. A real support copilot needs:

  • Session-level chat history (at minimum last N turns)
  • Context-aware follow-up ("What about for enterprise users?" should work after "What is the refund policy?")
  • LangGraph state should carry conversation history

2. Async Architecture πŸ”΄ CRITICAL MISS

workflow.py uses rag_agent.invoke() which is synchronous. The FastAPI endpoints are async def but block on sync LangChain calls. This means:

  • Your server blocks on every LLM call
  • Under load, it's a single-threaded bottleneck
  • Should use rag_agent.ainvoke() with async LangChain chains

3. Proper Error Handling with FastAPI Exception Handlers 🟑 IMPORTANT

CopilotError exists but has zero usage. You need:

  • @app.exception_handler(CopilotError) registered
  • All business logic raising CopilotError instead of raw HTTPException
  • Consistent error response schema

4. Answer Confidence Score 🟑 IMPORTANT

Your roadmap mentions "show answer confidence" in Phase 10 but there's no mechanism to compute it. You need:

  • Retrieval relevance score aggregation
  • Hallucination check result exposed as confidence level
  • Display in both API response and UI

5. Proper Structured JSON Logging 🟑 IMPORTANT

Replace print() and basicConfig with:

  • JSON-structured log output (for log aggregators)
  • Request ID propagation across all log lines
  • Log level configurable from env

6. Feedback Loop / Thumbs Up-Down 🟑 NICE-TO-HAVE

Store user feedback on answers for future evaluation and fine-tuning signals:

  • POST /feedback endpoint
  • SQLite or JSON file store
  • Display in eval dashboard

7. Proper .dockerignore 🟒 QUICK WIN

Missing entirely. Without it, your Docker builds copy .venv/, qdrant_data/, __pycache__/, .git/ into the image.

8. Makefile / scripts/run.ps1 🟒 QUICK WIN

One-command shortcuts for common operations. Shows engineering maturity.

9. pyproject.toml instead of requirements.txt 🟒 POLISH

Modern Python projects use pyproject.toml. It shows you know current tooling.

10. CORS Middleware 🟒 QUICK WIN

Not configured. The frontend works because it uses server-side requests, but any other client would fail.

11. Realistic Sample Documents 🟑 IMPORTANT

You need 5-8 real-ish support documents across formats (.md, .pdf, .txt, .html) to demonstrate the multi-format pipeline actually works in demos.

12. CI/CD Pipeline (GitHub Actions) 🟑 IMPORTANT

A .github/workflows/ci.yml that runs tests + linting on push. Makes the repo look professional.


Open Questions

Please answer these before I start implementing:

  1. Conversation memory: Do you want full multi-turn chat history, or is single-turn acceptable for now?
  2. Async refactor: Should I convert the LangGraph workflow to async (ainvoke), or keep sync for simplicity?
  3. pyproject.toml: Do you want me to migrate from requirements.txt to pyproject.toml?
  4. GitHub Actions CI: Do you want a CI workflow file?
  5. Feedback endpoint: Should I add a /feedback thumbs-up/down endpoint with local storage?
  6. Which of the additional enhancements above do you want included? (I recommend all of them β€” they're what separates a "tutorial project" from a "I built this" project)

Proposed Implementation Order

I'll implement in this order (stabilize β†’ depth β†’ polish), creating natural git commits at each step:

Phase A: Fix Foundation & Consistency

  1. Normalize line endings, fix print() β†’ logger, wire up CopilotError + exception handlers
  2. Fix README commands, add .dockerignore, add CORS middleware
  3. Fix streaming endpoint to reuse workflow instead of duplicating logic
  4. Commit: fix: normalize logging, error handling, and streaming consistency

Phase B: Real Query Rewriting

  1. Replace regex heuristics with LLM-based query rewriting via Ollama
  2. Commit: feat: add LLM-based query rewriting for improved retrieval

Phase C: Stronger Guardrails

  1. Deduplicate injection patterns, add more patterns, add encoding-aware detection
  2. Add SSN/credit-card PII patterns to output redaction
  3. Commit: feat: strengthen prompt injection and PII detection guardrails

Phase D: Proper Auth

  1. Add JWT token generation, password hashing, token expiry
  2. Add proper auth middleware
  3. Commit: feat: implement JWT authentication with role-based access

Phase E: Conversation Memory

  1. Add conversation history to LangGraph state
  2. Wire up session-based chat history in API and UI
  3. Commit: feat: add multi-turn conversation memory to chat workflow

Phase F: Answer Confidence

  1. Compute confidence from retrieval scores + hallucination check
  2. Expose in API response and UI
  3. Commit: feat: add answer confidence scoring to responses

Phase G: Structured Logging & Observability

  1. JSON structured logging with request ID propagation
  2. Granular stage timing (retrieval, reranking, generation separately)
  3. Commit: feat: add structured JSON logging with request correlation

Phase H: Real Evaluation

  1. Expand golden QA to 10+ questions
  2. Add semantic similarity scoring (not just token overlap)
  3. Add retrieval precision/recall metrics
  4. Commit: feat: expand RAG evaluation with semantic metrics and larger dataset

Phase I: Realistic Sample Docs

  1. Create 5-8 sample docs in multiple formats (.md, .txt, .pdf placeholder, .html)
  2. Commit: docs: add multi-format sample documents for demo

Phase J: Test Coverage

  1. Add API integration tests with FastAPI TestClient
  2. Add proper pytest fixtures and conftest.py
  3. Add test for auth, streaming, ingestion flow
  4. Commit: test: add integration tests for API, auth, and retrieval pipeline

Phase K: Docker & Deployment Polish

  1. Fix Dockerfiles, add health checks, add .dockerignore
  2. Add Makefile with common commands
  3. Commit: deploy: harden Docker setup with health checks and build optimization

Phase L: Feedback System

  1. Add /feedback endpoint with local JSON storage
  2. Display feedback stats in eval tab
  3. Commit: feat: add user feedback collection for answer quality tracking

Phase M: CI + README + Architecture

  1. Add GitHub Actions CI workflow
  2. Rewrite README with architecture diagram, security section, eval section
  3. Commit: docs: comprehensive README with architecture diagram and CI pipeline

Phase N: Async Refactor

  1. Convert workflow to async, use ainvoke
  2. Commit: perf: convert RAG workflow to async for concurrent request handling

Verification Plan

Automated Tests

pytest tests/ -v
pytest tests/ -v --tb=short  # CI mode

Manual Verification

  • Backend starts: uvicorn app.main:app --reload
  • UI connects: streamlit run ui/app.py
  • Ingestion works: python -m app.engine.ingestion ingest
  • Chat returns cited answers
  • Guardrails block injection attempts
  • Auth restricts admin endpoints
  • Docker compose brings up full stack