Make the first RAG slice executable without risking production data
Some checks failed
verify / verify (push) Has been cancelled

The Stage 1 foundation now proves provider contracts with mocks and validates PostgreSQL/pgvector ingestion, approval binding, retrieval, reranking, and idempotency using only synthetic data. Live Bailian validation remains gated on rotating the exposed key.

Constraint: The key shown in chat is compromised and cannot be used or committed

Rejected: Mark Stage 1 complete from mock and offline results | real three-model smoke is still required

Confidence: high

Scope-risk: moderate

Reversibility: clean

Directive: Do not enable real-data ingestion until Stage 3 cloud approval and outbound manifest controls are enforced end to end

Tested: make verify; 41 pytest tests; strict mypy; Ruff; Compose config; pinned image build; empty-volume migration; role denial; two idempotent 20-vector seeds; database restart persistence

Not-tested: Live Bailian calls require a newly rotated key; React product UI is not implemented
This commit is contained in:
2026-07-12 15:41:58 +08:00
parent ec1acb36b5
commit f4ba5d5342
61 changed files with 6886 additions and 20 deletions

69
.gitignore vendored Normal file
View File

@@ -0,0 +1,69 @@
# Secrets and local configuration
.env
.env.*
!.env.example
.envrc
secrets/
*.pem
*.key
*.p12
*.pfx
# Python
__pycache__/
*.py[cod]
.pytest_cache/
.mypy_cache/
.ruff_cache/
.coverage
coverage.xml
htmlcov/
.venv/
venv/
.uv-cache/
# Node / frontend
node_modules/
dist/
build/
coverage/
.vite/
# Runtime data (manifests and public samples may be committed explicitly)
data/raw/
data/interim/
data/processed/
data/*.json
data/*.jsonl
data/*.csv
data/*.parquet
data/uploads/
data/indexes/
data/evaluation/private/
eval/
uploads/
backups/
*.sqlite
*.sqlite3
# Logs and temporary files
logs/
*.log
tmp/
temp/
.DS_Store
Thumbs.db
# IDE
.idea/
.vscode/
*.swp
*.swo
# Docker local overrides
compose.override.yaml
docker-compose.override.yml
# Generated reports
runs/
reports/generated/