Skip to content

Fix #23853: AI Governance and Compliance Framework for AI Applications #23854

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
harshach merged 14 commits into from
Dec 12, 2025
Merged

Fix #23853: AI Governance and Compliance Framework for AI Applications #23854

harshach merged 14 commits into from
Dec 12, 2025

Conversation

@harshach
Copy link
Collaborator

@harshach harshach commented Oct 13, 2025
edited by gitar-bot bot
Loading

Describe your changes:

Fixes #23853

I worked on ... because ...

Type of change:

  • Bug fix
  • Improvement
  • New feature
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation

Checklist:

  • I have read the CONTRIBUTING document.
  • My PR title is Fixes <issue-number>: <short explanation>
  • I have commented on my code, particularly in hard-to-understand areas.
  • For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

Summary by Gitar

  • New AI governance framework:

    • Implements comprehensive compliance tracking for AI applications supporting 9 regulatory frameworks (EU AI Act, NIST AI RMF, Singapore Model AI Governance, Canada AIDA, US AI Bill of Rights, ISO/IEC 42001, UK AI Regulation, China AI Regulations, Custom)
    • Detailed EU AI Act compliance structure with Articles 5 & 6 assessments, risk classification, conformity assessment, and transparency obligations

  • New entity types:

    • AIApplication in entity/ai/aiApplication.json for AI systems (chatbots, agents, copilots, RAG, code generators) with governance metadata and multi-model support
    • AIGovernancePolicy in entity/ai/aiGovernancePolicy.json for policy rules including bias thresholds, data access controls, cost controls, and violation tracking
    • LLMModel in entity/ai/llmModel.json for LLM catalog with capabilities, cost tracking, and bias/performance metrics
    • PromptTemplate in entity/ai/promptTemplate.json for reusable prompt management
    • AgentExecution in entity/ai/agentExecution.json for AI agent execution logging with token usage and cost tracking
    • LLMService for LLM service connections (Anthropic, Azure OpenAI, Bedrock, HuggingFace, Ollama, OpenAI, VertexAI)

  • Reusable compliance type:

    • aiCompliance.json in type/aiCompliance.json with framework-specific assessments, ethical AI evaluation (privacy, fairness, reliability, transparency, accountability, environmental impact), and verification/certification tracking

  • Backend infrastructure:

    • 6 repository classes extending EntityRepository with full CRUD operations, updaters, and relationship management
    • 6 REST resource classes with mappers for entity transformations
    • 5 search index classes with Elasticsearch mappings for metadata discovery
    • Database migrations for MySQL and PostgreSQL creating entity tables with JSON storage and generated columns

  • Shadow AI detection:

    • Registration status tracking (Registered, Unregistered, PendingApproval, Approved, Rejected) in governance metadata
    • Risk assessment with levels, factors, mitigations, and approval workflow support

@harshach harshach requested a review from a team as a code owner October 13, 2025 04:08
@github-actions github-actions bot added backend safe to test Add this label to run secure Github workflows on PRs labels Oct 13, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Oct 13, 2025

TypeScript types have been updated based on the JSON schema changes in the PR

@github-actions github-actions bot requested a review from a team as a code owner October 13, 2025 04:11
pmbrull
pmbrull reviewed Oct 13, 2025
View reviewed changes
@github-actions
Copy link
Contributor

github-actions bot commented Oct 13, 2025
edited
Loading

Jest test Coverage

UI tests summary

Lines Statements Branches Functions
Coverage: 63%
 63.99% (50492/78905) 41.42% (24431/58988) 44.96% (7726/17183)

@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 13, 2025

Quality Gate Passed Quality Gate passed for 'open-metadata-ingestion'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

pmbrull
pmbrull previously approved these changes Oct 27, 2025
View reviewed changes
@github-actions
Copy link
Contributor

github-actions bot commented Dec 10, 2025

TypeScript types have been updated based on the JSON schema changes in the PR

@harshach
Merge origin/main into ai_agents
37918f1 
- Resolved conflicts in CollectionDAO.java and ListFilterTest.java
- Added AI Governance DAOs and accessor methods to CollectionDAO
- Merged pipeline execution features from main
- All AI Governance tests passing (394 tests, 0 failures)
- Rebuilt openmetadata-spec to generate new schema classes
- Code formatted with spotless
@harshach
Merge origin/main into ai_agents - added pipeline execution features …
2671cb1 
…and resolved conflicts
@github-actions
Copy link
Contributor

github-actions bot commented Dec 11, 2025

TypeScript types have been updated based on the JSON schema changes in the PR

@gitar-bot
Copy link

gitar-bot bot commented Dec 11, 2025
edited
Loading

🔍 CI failure analysis for 2c36fd6: Multiple CI failures across 7 jobs: (1) Docker build - IBM package, (2) DBT test - consistent Python failure, (3) Playwright - 1 failed/7 flaky, (4) Maven MySQL CI - NEW: test failure + schema file errors for new AI entities.

Issue

Multiple CI job failures detected across 7 jobs:

  1. Docker build failure
  2. DBT Cloud test - consistent across Python versions
  3. Playwright E2E - 1 failed, 7 flaky
  4. Maven MySQL CI - NEW - test failure + schema errors

Root Cause 4 - Maven MySQL CI Failure (NEW - CRITICAL)

Build Result

  • Tests run: 7669
  • Failures: 1
  • Errors: 0
  • Skipped: 707
  • BUILD FAILURE

Failed Test

org.openmetadata.service.resources.apis.APIEndpointResourceTest.postPutPatch_entityCertification

Test suite: APIEndpointResourceTest (100 tests, 1 failure, 6 skipped)

Critical Schema Errors - DIRECTLY RELATED TO PR

Missing schema files for ALL new AI governance entities:

ERROR o.o.s.u.SchemaFieldExtractor - Schema file not found at path: json/schema/entity/data/promptTemplate.json
ERROR o.o.s.u.SchemaFieldExtractor - Schema file not found at path: json/schema/entity/data/llmModel.json
ERROR o.o.s.u.SchemaFieldExtractor - Schema file not found at path: json/schema/entity/data/agentExecution.json
ERROR o.o.s.u.SchemaFieldExtractor - Schema file not found at path: json/schema/entity/data/aiGovernancePolicy.json
ERROR o.o.s.u.SchemaFieldExtractor - Schema file not found at path: json/schema/entity/data/aiApplication.json

All 5 new AI governance entities are missing their schema files in the json/schema/entity/data/ directory.

Additional Errors

  • Multiple lineage migration errors: "Error while updating null json rows with createdAt, createdBy, updatedAt and updatedBy for lineage"
  • RdfIndexApp installation failures (4 occurrences)
  • SecretsManager errors extracting tags

Assessment - PR HAS CRITICAL ISSUES

This failure is DIRECTLY RELATED to the PR:

  1. Missing schema files: The PR adds 5 new AI governance entity types but the schema JSON files are not found at runtime:

    • promptTemplate.json
    • llmModel.json
    • agentExecution.json
    • aiGovernancePolicy.json
    • aiApplication.json

  2. Incorrect schema path: The schemas are likely defined in openmetadata-spec/src/main/resources/json/schema/entity/ai/ but the code is looking for them in json/schema/entity/data/

  3. Test failure: The APIEndpointResourceTest.postPutPatch_entityCertification test failure may be related to the schema errors or entity registration issues

Root cause: The new AI entity schemas need to be:

  • Either moved to the expected entity/data/ directory
  • OR the SchemaFieldExtractor code needs to be updated to look in entity/ai/ directory
  • OR the entity type registration needs to specify the correct schema path

Previous Failures Summary

  1. Docker build: External IBM package issue - Low priority
  2. DBT Cloud test: Consistent failure from main merge - High priority
  3. Playwright E2E: 1 failed (Spreadsheet version), 7 flaky - Medium priority

Details

Jobs Affected:

  • py-run-build-tests (57817681316) - Docker build
  • py-run-tests (3.11/3.10) (3 jobs) - DBT test
  • playwright-ci-postgresql (6, 6) (57817682105) - E2E tests
  • maven-mysql-ci (57817681185) - Maven build/test failure

Suggested Actions

For Maven MySQL CI Failure (URGENT - BLOCKS MERGE)

  1. Verify schema file locations:

    find openmetadata-spec -name "*aiApplication*" -o -name "*llmModel*" -o -name "*promptTemplate*"

  2. Check entity registration - verify how these entities are registered and what schema path they specify

  3. Fix schema path - either:

    • Move schema files from entity/ai/ to entity/data/ if that's the expected location
    • Update SchemaFieldExtractor to look in entity/ai/ for AI governance entities
    • Update entity type definitions to use correct schema paths

  4. Investigate test failure - run APIEndpointResourceTest.postPutPatch_entityCertification locally to understand the root cause

  5. Check build process - ensure schema files are properly included in the build artifacts

For Other Failures

  • Docker build: Low - retry/skip
  • DBT test: High - investigate main branch changes
  • Playwright: Medium - monitor/retry

Priority Summary:

  • Maven MySQL CI: CRITICAL - schema files missing, blocks merge
  • DBT Cloud test: HIGH - needs investigation
  • Playwright E2E: Medium - environmental/flaky
  • Docker build: Low - external dependency

Tip

Comment Gitar fix CI or enable auto apply.

Auto-apply is off - Gitar will not commit updates to this branch. Enable by commenting gitar auto-apply:on.
Was this helpful? React with 👍 / 👎 | This comment will update automatically (Docs)

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 11, 2025

Quality Gate Passed Quality Gate passed for 'open-metadata-ui'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@harshach harshach merged commit 0d132ad into main Dec 12, 2025
28 of 34 checks passed
@harshach harshach deleted the ai_agents branch December 12, 2025 04:54
@gitar-bot gitar-bot bot mentioned this pull request Dec 12, 2025
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pmbrull pmbrull pmbrull left review comments

Assignees

No one assigned

Labels

backend safe to test Add this label to run secure Github workflows on PRs

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

AI Governance and Compliance Framework for AI Applications

3 participants

@harshach @pmbrull