Skip to content

EODWeber/sai-platform-meta

BranchesTags

Repository files navigation

🧭 Secure AI Platform — Meta Repository (sai-platform-meta)

Build Status License Project Board Security Scans

Documentation (via MkDocs)

What is this?

This repository serves as the program index, governance source, and documentation hub for the Secure AI Platform — a modular, production-grade framework for building, securing, and operating AI systems end-to-end. It contains the architecture blueprints, reusable scaffolds, CI/CD templates, and security policies shared across all platform components.

Architecture

The Secure AI Platform is an evolving modular system spanning the entire AI lifecycle:

data → model → API → agent → CI/CD → observability → security

📘 Full Platform Definition: See Architecture Overview for detailed module and repository definitions.

Quickstart

Clone this repo and bootstrap the shared developer environment.

git clone https://github.com/EODWeber/sai-platform-meta.git
cd sai-platform-meta

# Set up local environment (Python-only; creates .venv/)
make setup

# Optional: run hooks across the repo once
. .venv/bin/activate
pre-commit run -a

# Serve docs locally
make docs

Note: Activating the venv (source .venv/bin/activate) is optional if you call tools via $(VENV)/bin/... in Make targets, but most folks like the shell activation for ad-hoc commands.

Using the scaffolds

Copy templates and CI configs into a component repo:

cp -r .github .dev docs/templates ../sai-infra-local/

These scaffolds standardize linting, testing, CI gates, and policy checks across all Secure AI Platform projects.

Security

Security is a first-class design principle across the platform.

  • Identity & Access: JWT-based service auth + RBAC roles
  • Secrets Management: Vault-issued, short-lived credentials (no .env secrets)
  • Code & Artifact Integrity: SBOMs via Syft, image scanning with Trivy, signing via Cosign
  • Policy Enforcement: OPA/Conftest gates to ensure builds fail closed
  • Static & Dependency Scanning: CodeQL and Dependabot security updates

📄 Refer to the Threat Model Template for the per-component security review format.

Observability

Each service emits structured logs, traces, and metrics using OpenTelemetry. The sai-observability-stack repo provides a local Grafana/Loki stack with an OTel Collector pipeline.

  • Traces: visualize end-to-end request flow
  • Metrics: measure latency, throughput, and errors
  • Logs: centralized, structured logs with contextual metadata

License

Apache License 2.0 © 2025 Jeff Weber. All rights reserved.

About

Part of Secure AI Platform. Program docs root.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 1

v1.0.0 Latest
Oct 21, 2025

Packages

 
 
 

Contributors

Languages