Merge pull request #68 from OneFineStarstuff/codex/develop-comprehensive-ai-governance-reference

Add enterprise AI governance artifact package, tooling, CI workflow, and tests

Author: OneFineStarstuff

.github/workflows/governance-artifact-validation.yml

@@ -0,0 +1,84 @@
+name: Governance Artifact Validation
+
+on:
+  workflow_dispatch:
+  pull_request:
+    paths:
+      - docs/artifacts/**
+      - docs/reports/INSTITUTIONAL_AGI_ASI_MASTER_REFERENCE_2026_2030.md
+      - scripts/validate_governance_artifact.py
+      - scripts/export_governance_artifact_json.py
+      - scripts/summarize_governance_test_results.py
+      - scripts/generate_governance_manifest.py
+      - scripts/governance_artifact_constants.py
+      - test_validate_governance_artifact.py
+      - test_export_governance_artifact_json.py
+      - test_summarize_governance_test_results.py
+      - test_governance_artifact_integrity.py
+      - test_generate_governance_manifest.py
+      - requirements-dev.txt
+      - Makefile
+      - .github/workflows/governance-artifact-validation.yml
+  push:
+    branches: ["main"]
+    paths:
+      - docs/artifacts/**
+      - docs/reports/INSTITUTIONAL_AGI_ASI_MASTER_REFERENCE_2026_2030.md
+      - scripts/validate_governance_artifact.py
+      - scripts/export_governance_artifact_json.py
+      - scripts/summarize_governance_test_results.py
+      - scripts/generate_governance_manifest.py
+      - scripts/governance_artifact_constants.py
+      - test_validate_governance_artifact.py
+      - test_export_governance_artifact_json.py
+      - test_summarize_governance_test_results.py
+      - test_governance_artifact_integrity.py
+      - test_generate_governance_manifest.py
+      - requirements-dev.txt
+      - Makefile
+      - .github/workflows/governance-artifact-validation.yml
+
+permissions:
+  contents: read
+
+concurrency:
+  group: governance-artifact-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  validate-governance-artifacts:
+    runs-on: ubuntu-latest
+    timeout-minutes: 10
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.11'
+          cache: 'pip'
+          cache-dependency-path: 'requirements-dev.txt'
+
+      - name: Install dependencies
+        run: pip install -r requirements-dev.txt
+
+      - name: Run governance verification pipeline
+        run: make verify-governance
+
+      - name: Publish test summary
+        if: always()
+        run: |
+          if [ -f artifacts/test-results/governance-tests.xml ]; then
+            SUMMARY=$(make --no-print-directory summarize-governance-tests)
+            echo "$SUMMARY" | tee -a "$GITHUB_STEP_SUMMARY"
+          else
+            echo "Governance tests summary unavailable: JUnit report not found." | tee -a "$GITHUB_STEP_SUMMARY"
+          fi
+
+      - name: Upload governance test results
+        if: always() && hashFiles('artifacts/test-results/governance-tests.xml') != ''
+        uses: actions/upload-artifact@v4
+        with:
+          name: governance-test-results
+          path: artifacts/test-results/governance-tests.xml

.gitignore

@@ -37,3 +37,6 @@ Thumbs.db
 next-env.d.ts
 __pycache__/
 *.patch
+
+# Governance test artifacts
+artifacts/test-results/

CHANGELOG.md

@@ -1,5 +1,15 @@
 # Changelog
 
+## Version 1.1.0
+- Added enterprise AI governance artifact package under `docs/artifacts/` with YAML source, canonical JSON export, JSON Schema contract, and example templates.
+- Added governance tooling scripts for export, validation, and JUnit result summarization:
+  - `scripts/export_governance_artifact_json.py`
+  - `scripts/validate_governance_artifact.py`
+  - `scripts/summarize_governance_test_results.py`
+- Added Makefile-driven governance checks (`build-governance-json`, `check-governance-json-clean`, `validate-governance`, `test-governance-ci`, `summarize-governance-tests`).
+- Added governance CI workflow (`.github/workflows/governance-artifact-validation.yml`) with summary publishing and test artifact upload.
+- Added pytest coverage for exporter/validator/summarizer and pinned governance dev dependencies in `requirements-dev.txt`.
+
 ## Version 1.0.1
 - Integrated NLP, CV, and Speech Processor modules.
 - Added OAuth2 authentication.

Makefile

@@ -1,3 +1,36 @@
+.PHONY: build-governance-json check-governance-json-clean check-governance-manifest-clean validate-governance test-governance test-governance-ci summarize-governance-tests build-governance-manifest verify-governance
+
+build-governance-json:
+	python scripts/export_governance_artifact_json.py --root .
+
+check-governance-json-clean:
+	python scripts/export_governance_artifact_json.py --root . --verify
+
+validate-governance:
+	python scripts/validate_governance_artifact.py --root .
+
+test-governance:
+	pytest -q test_validate_governance_artifact.py test_export_governance_artifact_json.py test_summarize_governance_test_results.py test_governance_artifact_integrity.py test_generate_governance_manifest.py
+
+test-governance-ci:
+	mkdir -p artifacts/test-results
+	pytest -q test_validate_governance_artifact.py test_export_governance_artifact_json.py test_summarize_governance_test_results.py test_governance_artifact_integrity.py test_generate_governance_manifest.py --junitxml=artifacts/test-results/governance-tests.xml
+
+summarize-governance-tests:
+	python scripts/summarize_governance_test_results.py --report artifacts/test-results/governance-tests.xml
+
+build-governance-manifest:
+	python scripts/generate_governance_manifest.py --root .
+
+check-governance-manifest-clean:
+	python scripts/generate_governance_manifest.py --root . --verify
+
+verify-governance:
+	$(MAKE) check-governance-json-clean
+	$(MAKE) check-governance-manifest-clean
+	$(MAKE) validate-governance
+	$(MAKE) test-governance-ci
+	$(MAKE) summarize-governance-tests
 .DEFAULT_GOAL := check-gsifi-governance
 
 .PHONY: validate-gsifi-governance validate-gsifi-governance-module test-gsifi-governance lint-gsifi-governance check-gsifi-governance

README.md

@@ -61,3 +61,68 @@ Feel free to open issues or submit pull requests!
 ## License
 
 This project is licensed under the MIT License - see the LICENSE file for details.
+
+## Governance Artifact Tooling
+
+This repository includes a governance artifact package under `docs/artifacts/` with:
+- YAML source-of-truth artifact
+- canonical JSON export
+- JSON Schema contract
+- sample CI/CD policy and regulator report templates
+
+### Local governance checks
+
+```bash
+pip install -r requirements-dev.txt
+# non-mutating freshness checks
+make check-governance-json-clean
+make check-governance-manifest-clean
+make validate-governance
+make test-governance
+# CI-style run with JUnit output
+make test-governance-ci
+make summarize-governance-tests
+# one-shot full pipeline
+make verify-governance
+```
+
+When generated files are intentionally updated, regenerate before commit:
+
+```bash
+make build-governance-json
+make build-governance-manifest
+```
+
+### Notes
+- `make check-governance-json-clean` fails if committed JSON is stale (without rewriting files).
+- `make check-governance-manifest-clean` fails if committed `docs/artifacts/manifest.json` is stale (without rewriting files).
+- `make validate-governance` enforces schema, parity, and template checks.
+- `make test-governance` includes an integrity test against the repository artifact files.
+- CI runs the same targets in `.github/workflows/governance-artifact-validation.yml` and uploads JUnit results and posts a summary.
+
+
+### Advanced path overrides
+
+Use custom paths when artifacts are relocated (all paths are relative to `--root`):
+
+```bash
+python scripts/export_governance_artifact_json.py --root . \
+  --yaml docs/artifacts/custom.yaml \
+  --json docs/artifacts/custom.json
+
+python scripts/validate_governance_artifact.py --root . \
+  --yaml docs/artifacts/custom.yaml \
+  --json docs/artifacts/custom.json \
+  --schema docs/artifacts/schemas/enterprise_ai_governance_artifact.schema.json \
+  --cicd docs/artifacts/examples/cicd_policy_gate_manifest.yaml \
+  --report docs/artifacts/examples/regulator_report_template.xml
+```
+
+
+### Tool version flags
+
+```bash
+python scripts/export_governance_artifact_json.py --version
+python scripts/validate_governance_artifact.py --version
+python scripts/summarize_governance_test_results.py --version
+```

docs/artifacts/README.md

@@ -0,0 +1,53 @@
+# Enterprise AI Governance Artifact Package
+
+This folder contains the machine-readable governance package for the 2026–2030 program.
+
+## Contents
+
+- `enterprise_ai_governance_machine_readable_2026_2030.yaml` — source-of-truth artifact.
+- `enterprise_ai_governance_machine_readable_2026_2030.json` — canonical exported JSON.
+- `schemas/enterprise_ai_governance_artifact.schema.json` — JSON Schema contract.
+- `examples/cicd_policy_gate_manifest.yaml` — CI/CD gate manifest example.
+- `examples/regulator_report_template.xml` — regulator report template (`title/abstract/content`).
+- `manifest.json` — SHA-256 manifest for package integrity tracking.
+
+## Validation workflow
+
+From repository root:
+
+```bash
+pip install -r requirements-dev.txt
+# non-mutating freshness checks
+make check-governance-json-clean
+make check-governance-manifest-clean
+make validate-governance
+make test-governance
+# one-shot full pipeline
+make verify-governance
+```
+
+`check-governance-json-clean` and `check-governance-manifest-clean` are non-mutating
+verification gates that fail when generated artifacts need regeneration.
+
+When intentionally updating generated artifacts, run:
+
+```bash
+make build-governance-json
+make build-governance-manifest
+```
+
+CI uses the same sequence in `.github/workflows/governance-artifact-validation.yml`.
+
+## Custom path usage
+
+Both exporter and validator support path overrides relative to `--root`:
+
+```bash
+python scripts/export_governance_artifact_json.py --root . --yaml docs/artifacts/custom.yaml --json docs/artifacts/custom.json
+python scripts/validate_governance_artifact.py --root . --yaml docs/artifacts/custom.yaml --json docs/artifacts/custom.json --schema docs/artifacts/schemas/enterprise_ai_governance_artifact.schema.json --cicd docs/artifacts/examples/cicd_policy_gate_manifest.yaml --report docs/artifacts/examples/regulator_report_template.xml
+```
+
+
+## Integrity test
+
+Repository-level artifact integrity is enforced by `test_governance_artifact_integrity.py`, which validates committed YAML/JSON parity and schema conformance against the files in this folder.