Search by 
bluefly / gov_compliance
Government compliance module for security policies and regulatory requirements
dev-drupal-standards-fix-20250802
2025-08-03 17:56 UTC
Requires
- php: >=8.1
- drupal/core: ^10.3 || ^11
Requires (Dev)
- drupal/core-dev: ^10.3 || ^11
- phpspec/prophecy-phpunit: ^2.0
- phpunit/phpunit: ^10
Suggests
- drupal/admin_audit_trail: Enhanced audit logging (^1.0)
- drupal/captcha: Bot prevention (^2.0)
- drupal/encrypt: Field encryption support (^3.2)
- drupal/field_encrypt: Encrypt sensitive data fields (^3.2)
- drupal/flood_control: Brute force protection (^3.0)
- drupal/key: Key management for encryption (^1.20)
- drupal/password_policy: Password compliance enforcement (^4.0)
- drupal/seckit: Security hardening (^2.0)
- drupal/security_review: Automated security scanning (^3.0)
- drupal/tfa: Two-factor authentication (^1.11)
- firebase/php-jwt: JWT authentication support (^6.0)
This package is auto-updated.
Last update: 2025-08-20 03:03:21 UTC
README
"navtitle": "gov_compliance" "shortdesc": "Part of the LLM Platform ecosystem" "source": "Last updated: 2025-08-01"
"outputclass": "concept"
Government Compliance Module
Government compliance automation for regulated industries.
- FISMA, FedRAMP, HIPAA, PCI DSS, and SOC 2 compliance frameworks
- Automated PII detection and data classification with remediation
- Security policy enforcement with real-time violation blocking
- Comprehensive audit trails with tamper-evident logging
- AI request interception for data sovereignty compliance
- Compliance enforcement and documentation
The module uses an API-first approach with GraphQL as the primary API and REST as fallback.
Repository Information {#topic-repository-information-2}
- Type: Drupal Module (Git Submodule)
- GitLab URL: https://gitlab.bluefly.io/llm/gov_compliance
- Submodule Path: web/modules/custom/gov_compliance
- Local Path: {{PROJECT_ROOT}}/web/modules/custom/gov_compliance
Integration Steps {#topic-integration-steps-3}
Navigate to Individual Repository
# This module is a git submodule, work in its individual repo cd /path/to/individual/gov_compliance/repositoryCopy OpenAPI Specification
cp openapi.yaml ./Create Contract Testing Structure
mkdir -p tests/src/Functional mkdir -p tests/featuresAdd PHPUnit Configuration
<!-- phpunit.xml --> <testsuite name="gov_compliance API Contract Tests"> <directory>tests/src/Functional</directory> <file>tests/src/Functional/*ApiContractTest.php</file> </testsuite>Configure JSON:API Entities
# JSON:API is built into Drupal 10 core, just needs configuration drush en rest restui serialization hal -y drush crUpdate GitLab CI
include: - component: gitlab.bluefly.io/llm/gitlab_components/components/ci-cd/drupal/template@latest - component: gitlab.bluefly.io/llm/gitlab_components/components/testing/comprehensive-testing@latest drupal_api_validation: extends: .drupal_base script: - drush en rest restui serialization hal -y - drush cr - vendor/bin/phpunit tests/src/Functional/*ApiContractTest.phpCommit Changes
git add . git commit -m "feat: implement API-first architecture for Drupal module - Add OpenAPI 3.1 specification with JSON:API endpoints - Implement PHPUnit contract tests - Configure REST and JSON:API endpoints - Enable API-first development workflow 🤖 Generated with API-First Transformation Co-Authored-By: Claude <noreply@anthropic.com>" git push origin main
API Endpoints {#topic-api-endpoints-4}
GraphQL (Primary)
- Endpoint: /graphql
- Explorer: /graphql/explorer
- Schema: See
schema/gov-compliance.graphql
REST (Fallback)
- Entities: /jsonapi/policy_violation/*
- Custom API: /api/v1/gov_compliance/*
- Health Check: /api/v1/gov_compliance/health
Production Deployment {#topic-production-deployment-5}
- Main Platform: https://llm.llm.bluefly.io/api/v1/gov_compliance
- JSON:API: https://llm.llm.bluefly.io/jsonapi/gov_compliance
- Documentation: https://docs.llm.bluefly.io/api-docs/gov_compliance
Local Development {#topic-local-development-6}
- Main Platform: https://llm.local.bluefly.io/api/v1/gov_compliance
- JSON:API: https://llm.local.bluefly.io/jsonapi/gov_compliance
- Port Access: http://llm.local.bluefly.io:33000/api/v1/gov_compliance
Quality Assurance {#topic-quality-assurance-7}
TDDAI Audits
This module is regularly audited using TDDAI for Drupal compliance and best practices.
Latest Audit Status: ✅ Passed (No violations found)
Audit Report: docs/gov_compliance_audit.json
Run TDDAI Audit:
npx tddai drupal audit web/modules/custom/gov_compliance --json
Audit Coverage:
- Drupal 10/11 compliance
- Security best practices
- Code quality standards
- API contract validation
- Test coverage analysis
API-First Development Workflow {#topic-api-first-workflow-8}
This module follows GraphQL-first development with REST as fallback:
1. Define GraphQL Schema
type PolicyViolation {
id: ID!
title: String!
severityLevel: SeverityLevel!
complianceFramework: TaxonomyTerm
remediationSteps: String
autoRemediated: Boolean!
assignee: User
dueDate: DateTime
resolutionNotes: String
relatedViolations: [PolicyViolation!]
}
enum SeverityLevel {
LOW
MEDIUM
HIGH
CRITICAL
}
2. Generate Drupal Configurations
# Enable API First Generator
drush en api_first_generator -y
# Generate field configurations
drush api-first:generate schema/gov-compliance.graphql --module=gov_compliance
# Generate views
drush api-first:generate-views schema/gov-compliance.graphql --module=gov_compliance
3. Query via GraphQL
query ComplianceViolations {
policyViolations(
filter: { severityLevel: { in: [HIGH, CRITICAL] } }
sort: { field: DUE_DATE, direction: ASC }
) {
edges {
node {
id
title
severityLevel
assignee {
name
}
dueDate
}
}
}
}
4. REST Fallback (Legacy Support)
GET /api/v1/policy-violations?filter[severityLevel]=critical&sort=dueDate
See API-First Documentation for complete implementation guide.