# FILE: Makefile # bootstrap, run, test, lint, build, deploy, format, seed .PHONY: help bootstrap run test lint build deploy format seed clean logs status deploy-external # Default target help: ## Show this help message @echo "AI Tax Agent System - Development Commands" @echo "" @echo "Usage: make [target]" @echo "" @echo "Targets:" @awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf " %-20s %s\n", $$1, $$2}' $(MAKEFILE_LIST) # Environment setup bootstrap: ## Bootstrap the development environment @echo "๐Ÿš€ Bootstrapping AI Tax Agent System..." @./scripts/generate-secrets.sh @mkdir -p data/{postgres,neo4j,qdrant,minio,vault,redis,prometheus,grafana,loki,authentik} @mkdir -p logs/{services,infra} @mkdir -p certs @echo "๐Ÿ“ Created data and log directories" @./scripts/create-networks.sh @echo "โœ… Bootstrap complete! Run 'make run' to start the system" # Network management networks: ## Create external Docker networks @./scripts/create-networks.sh generate-secrets: ## Generate secure secrets for deployment @./scripts/generate-secrets.sh @ln -sf ../environments/local/.env infra/compose/.env setup-authentik: ## Configure Authentik SSO after deployment @./scripts/setup-authentik.sh complete-authentik-setup: ## Complete Authentik initial setup and get API token @./scripts/complete-authentik-setup.sh setup-sso: ## Complete end-to-end SSO setup (setup + configuration) @echo "๐Ÿ” Setting up complete SSO configuration..." @echo "Step 1: Completing Authentik initial setup..." @./scripts/complete-authentik-setup.sh || true @echo "Step 3: Importing blueprint configuration..." @./scripts/setup-authentik.sh @echo "Step 4: Configuring Vault OIDC..." @./scripts/setup-vault.sh @echo "๐ŸŽ‰ SSO setup complete!" setup-vault: ## Configure Vault OIDC @./scripts/setup-vault.sh fix-databases: ## Fix common database issues @echo "๐Ÿ”ง Fixing database issues..." @./scripts/fix-database-issues.sh deploy-with-fixes: ## Deploy with all discovered fixes applied @echo "๐Ÿš€ Deploying with comprehensive fixes..." @./scripts/deploy-with-fixes.sh networks-clean: ## Remove external Docker networks @echo "๐Ÿงน Removing external Docker networks..." @docker network rm apa-frontend 2>/dev/null || true @docker network rm apa-backend 2>/dev/null || true @echo "โœ… Networks removed" # Development lifecycle run: ## Start all services in development mode @echo "๐Ÿƒ Starting AI Tax Agent System..." @./infra/scripts/deploy.sh local all run-simple: ## Start all services without fixes (original behavior) @echo "๐Ÿƒ Starting AI Tax Agent System (simple)..." @./scripts/create-networks.sh @./scripts/generate-dev-certs.sh @cd infra/compose && docker compose up -d @echo "โณ Waiting for services to be ready..." @sleep 10 @make status @echo "๐Ÿ”ง Run 'make setup-sso' to configure SSO" setup: generate-secrets deploy-infra ## Complete setup with secrets and infrastructure @echo "๐ŸŽ‰ Setup complete! Next steps:" @echo " 1. Run 'make setup-sso' to configure SSO" @echo " 2. Run 'make deploy-services' to start application services" @echo " 3. Access Authentik at https://auth.local.lan" @echo "" @echo "๐ŸŽ‰ System is running!" @echo "๐Ÿ“Š Grafana: https://grafana.local.lan" @echo "๐Ÿ” Authentik: https://auth.local.lan" @echo "๐Ÿ“ Review UI: https://review.local.lan" @echo "๐Ÿ”ง Traefik Dashboard: http://localhost:8080" stop: ## Stop all services @echo "๐Ÿ›‘ Stopping AI Tax Agent System..." @cd infra/compose && docker compose down restart: ## Restart all services @echo "๐Ÿ”„ Restarting AI Tax Agent System..." @make stop @make run # Build and deployment build: ## Build all Docker images @echo "๐Ÿ”จ Building Docker images..." @cd infra/compose && docker compose build --parallel @echo "โœ… Build complete" build-service: ## Build specific service (usage: make build-service SERVICE=svc-ingestion) @echo "๐Ÿ”จ Building $(SERVICE)..." @cd infra/compose && docker compose build $(SERVICE) @echo "โœ… Build complete for $(SERVICE)" deploy-infra: networks ## Deploy only infrastructure services @echo "๐Ÿ—๏ธ Deploying infrastructure services..." @./scripts/generate-dev-certs.sh @cd infra/compose && docker compose up -d apa-traefik apa-postgres apa-redis apa-authentik-db apa-authentik-redis @echo "โณ Waiting for databases..." @sleep 15 @make fix-databases @cd infra/compose && docker compose up -d apa-authentik-server apa-authentik-worker apa-authentik-outpost apa-vault apa-neo4j apa-qdrant apa-minio apa-prometheus apa-grafana apa-loki @echo "โœ… Infrastructure deployment complete" @echo "โณ Waiting for services to be ready..." @sleep 30 @echo "๐Ÿ”ง Run 'make setup-sso' to configure SSO" deploy-services: ## Deploy only application services @echo "๐Ÿš€ Deploying application services..." @cd infra/compose && docker compose up -d apa-svc-ingestion apa-svc-extract apa-svc-forms apa-svc-hmrc apa-svc-kg apa-svc-normalize-map apa-svc-ocr apa-svc-rag-indexer apa-svc-rag-retriever apa-svc-reason apa-svc-rpa apa-svc-firm-connectors @echo "โœ… Services deployment complete" # Development tools test: ## Run all tests with coverage @echo "๐Ÿงช Running all tests..." @python -m pytest tests/ -v --cov=libs --cov=apps --cov-report=term-missing --cov-report=html:htmlcov test-unit: ## Run unit tests only @echo "๐Ÿ“‹ Running unit tests..." @python -m pytest tests/unit/ -v --cov=libs --cov=apps --cov-report=term-missing test-integration: ## Run integration tests only @echo "๐Ÿ”— Running integration tests..." @python -m pytest tests/integration/ -v test-e2e: ## Run end-to-end tests only @echo "๐ŸŒ Running end-to-end tests..." @python -m pytest tests/e2e/ -v test-no-coverage: ## Run all tests without coverage reporting @echo "๐Ÿงช Running all tests (no coverage)..." @python -m pytest tests/ -v test-fast: ## Run tests without coverage for faster feedback @echo "โšก Running fast tests..." @python -m pytest tests/unit/ -v -x lint: ## Run linting and code quality checks @echo "๐Ÿ” Running linting and code quality checks..." @ruff check apps/ libs/ tests/ || echo "ruff not installed" @mypy apps/ libs/ || echo "mypy not installed" format: ## Format code @echo "โœจ Formatting code..." @echo "๐Ÿ Python formatting..." @ruff format apps/ libs/ tests/ || echo "ruff not installed" @echo "๐Ÿ“œ TypeScript formatting..." @find apps -name "*.ts" -o -name "*.tsx" -exec prettier --write {} \; 2>/dev/null || echo "prettier not installed" deploy: ## Deploy to production (placeholder) @echo "๐Ÿš€ Deploying to production..." @echo "โš ๏ธ Production deployment not implemented yet" @echo "๐Ÿ“ TODO: Implement K8s deployment with ArgoCD" # External services deployment (production) deploy-external: ## Deploy external services (traefik, authentik, gitea, etc.) @echo "๐Ÿš€ Deploying external services..." @./scripts/deploy-external.sh all deploy-traefik: ## Deploy Traefik reverse proxy @./scripts/deploy-external.sh traefik deploy-authentik: ## Deploy Authentik SSO @./scripts/deploy-external.sh authentik deploy-gitea: ## Deploy Gitea (Git + Registry) @./scripts/deploy-external.sh gitea deploy-nextcloud: ## Deploy Nextcloud @./scripts/deploy-external.sh nextcloud deploy-portainer: ## Deploy Portainer @./scripts/deploy-external.sh portainer # Multi-environment infrastructure deployment deploy-infra-local: ## Deploy application infrastructure (local) @echo "๐Ÿ—๏ธ Deploying local infrastructure..." @./infra/scripts/deploy.sh local infrastructure deploy-infra-dev: ## Deploy application infrastructure (development) @echo "๐Ÿ—๏ธ Deploying development infrastructure..." @./infra/scripts/deploy.sh development infrastructure deploy-infra-prod: ## Deploy application infrastructure (production) @echo "๐Ÿ—๏ธ Deploying production infrastructure..." @./infra/scripts/deploy.sh production infrastructure deploy-services-local: ## Deploy application services (local) @echo "๐Ÿš€ Deploying local services..." @./infra/scripts/deploy.sh local services deploy-services-dev: ## Deploy application services (development) @echo "๐Ÿš€ Deploying development services..." @./infra/scripts/deploy.sh development services deploy-services-prod: ## Deploy application services (production) @echo "๐Ÿš€ Deploying production services..." @./infra/scripts/deploy.sh production services deploy-monitoring-local: ## Deploy monitoring stack (local) @echo "๐Ÿ“Š Deploying local monitoring..." @./infra/scripts/deploy.sh local monitoring deploy-monitoring-dev: ## Deploy monitoring stack (development) @echo "๐Ÿ“Š Deploying development monitoring..." @./infra/scripts/deploy.sh development monitoring deploy-monitoring-prod: ## Deploy monitoring stack (production) @echo "๐Ÿ“Š Deploying production monitoring..." @./infra/scripts/deploy.sh production monitoring # Production (On-Server) Management prod-setup: ## Run full production setup (secrets + authentik) @echo "๐Ÿš€ Setting up production environment..." @./scripts/setup-prod.sh prod-deploy: ## Deploy full production stack @echo "๐Ÿš€ Deploying production stack..." @./infra/scripts/deploy.sh production infrastructure @./infra/scripts/deploy.sh production services prod-clean-authentik: ## WIPE Authentik data to reset admin password (DANGER) @echo "โš ๏ธ WARNING: This will delete all Authentik users and configuration!" @read -p "Are you sure? (y/N): " confirm && [ "$$confirm" = "y" ] || exit 1 @echo "๐Ÿ›‘ Stopping Authentik..." @docker stop apa-authentik-server apa-authentik-worker apa-authentik-outpost apa-authentik-db apa-authentik-redis 2>/dev/null || true @docker rm apa-authentik-server apa-authentik-worker apa-authentik-outpost apa-authentik-db apa-authentik-redis 2>/dev/null || true @echo "๐Ÿงน Removing Authentik database volume..." @docker volume rm infra_apa-authentik-db-data 2>/dev/null || true @echo "๐Ÿ”„ Restarting Authentik..." @./infra/scripts/deploy.sh production infrastructure @echo "โœ… Authentik reset complete. Go to https://auth.app.harkon.co.uk/if/flow/initial-setup/ to set admin password." # Data management seed: ## Seed the system with initial data @echo "๐ŸŒฑ Seeding system with initial data..." @echo "๐Ÿ“Š Creating Neo4j constraints and indexes..." @docker exec apa-neo4j cypher-shell -u neo4j -p $(NEO4J_PASSWORD) -f /var/lib/neo4j/import/schema.cypher 2>/dev/null || echo "Neo4j not ready" @echo "๐Ÿ—‚๏ธ Creating Qdrant collections..." @curl -X PUT "http://localhost:6333/collections/documents" -H "Content-Type: application/json" -d '{"vectors": {"size": 1536, "distance": "Cosine"}}' 2>/dev/null || echo "Qdrant not ready" @echo "โœ… Seeding complete" seed-test-data: ## Load test data for development @echo "๐Ÿ“‹ Loading test data..." @echo "โ„น๏ธ Test data loading not implemented yet" # Monitoring and debugging logs: ## Show logs from all services @cd infra/compose && docker compose logs -f logs-service: ## Show logs from specific service (usage: make logs-service SERVICE=svc-extract) @if [ -z "$(SERVICE)" ]; then \ echo "โŒ Please specify SERVICE (e.g., make logs-service SERVICE=svc-extract)"; \ exit 1; \ fi @cd infra/compose && docker compose logs -f $(SERVICE) status: ## Show status of all services @echo "๐Ÿ“Š Service Status:" @cd infra/compose && docker compose ps health: ## Check health of all services @echo "๐Ÿฅ Health Check:" @echo "๐Ÿ”— Traefik: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:8080/ping || echo 'DOWN')" @echo "๐Ÿ—„๏ธ PostgreSQL: $$(docker exec apa-postgres pg_isready -U postgres 2>/dev/null && echo 'UP' || echo 'DOWN')" @echo "๐Ÿ“Š Neo4j: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:7474 || echo 'DOWN')" @echo "๐Ÿ” Qdrant: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:6333/health || echo 'DOWN')" @echo "๐Ÿ“ฆ MinIO: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:9000/minio/health/live || echo 'DOWN')" @echo "๐Ÿ” Vault: $$(curl -s -o /dev/null -w '%{http_code}' http://localhost:8200/v1/sys/health || echo 'DOWN')" @echo "๐Ÿƒ Redis: $$(docker exec apa-redis redis-cli ping 2>/dev/null || echo 'DOWN')" @echo "๐Ÿ” Authentik: $$(curl -s -k -o /dev/null -w '%{http_code}' https://auth.local.lan || echo 'DOWN')" verify: ## Run comprehensive infrastructure verification @echo "๐Ÿ” Running infrastructure verification..." @./scripts/verify-infra.sh troubleshoot: ## Run comprehensive troubleshooting and fixes @echo "๐Ÿ” Running troubleshooting..." @./scripts/troubleshoot.sh restart-authentik: ## Restart Authentik components in correct order @echo "๐Ÿ”„ Restarting Authentik components..." @cd infra/compose && docker compose stop apa-authentik-server apa-authentik-worker apa-authentik-outpost @make fix-databases @cd infra/compose && docker compose up -d apa-authentik-server @sleep 15 @cd infra/compose && docker compose up -d apa-authentik-worker apa-authentik-outpost @echo "โœ… Authentik restart complete" restart-unleash: ## Restart Unleash with database fixes @echo "๐Ÿ”„ Restarting Unleash..." @cd infra/compose && docker compose stop apa-unleash @make fix-databases @cd infra/compose && docker compose up -d apa-unleash @echo "โœ… Unleash restart complete" # Cleanup clean: ## Clean up containers, volumes, and networks @echo "๐Ÿงน Cleaning up..." @cd infra/compose && docker compose down -v --remove-orphans @docker system prune -f @echo "โœ… Cleanup complete" clean-data: ## Clean up all data volumes (WARNING: This will delete all data!) @echo "โš ๏ธ WARNING: This will delete ALL data!" @read -p "Are you sure? (y/N): " confirm && [ "$$confirm" = "y" ] || exit 1 @make clean @docker volume rm $$(docker volume ls -q | grep ai-tax) 2>/dev/null || true @rm -rf data/* @echo "๐Ÿ—‘๏ธ All data deleted" # Development utilities shell: ## Open shell in specific service (usage: make shell SERVICE=svc-extract) @if [ -z "$(SERVICE)" ]; then \ echo "โŒ Please specify SERVICE (e.g., make shell SERVICE=svc-extract)"; \ exit 1; \ fi @docker exec -it $(SERVICE) /bin/bash db-shell: ## Open PostgreSQL shell @docker exec -it apa-postgres psql -U postgres -d tax_system neo4j-shell: ## Open Neo4j shell @docker exec -it apa-neo4j cypher-shell -u neo4j -p $(NEO4J_PASSWORD) redis-shell: ## Open Redis shell @docker exec -it apa-redis redis-cli # Documentation docs: ## Generate documentation @echo "๐Ÿ“š Generating documentation..." @mkdocs build 2>/dev/null || echo "MkDocs not installed" @echo "๐Ÿ“– Documentation available at docs/site/index.html" docs-serve: ## Serve documentation locally @echo "๐Ÿ“š Serving documentation..." @mkdocs serve 2>/dev/null || echo "MkDocs not installed" # Security security-scan: ## Run security scans @echo "๐Ÿ”’ Running security scans..." @echo "๐Ÿณ Container scanning..." @trivy image ai-tax-agent/svc-extract:latest 2>/dev/null || echo "Trivy not installed" @echo "๐Ÿ“‹ Dependency scanning..." @safety check 2>/dev/null || echo "Safety not installed" @echo "๐Ÿ” Secret scanning..." @gitleaks detect 2>/dev/null || echo "Gitleaks not installed" # Performance benchmark: ## Run performance benchmarks @echo "โšก Running performance benchmarks..." @echo "โ„น๏ธ Benchmark suite not implemented yet" load-test: ## Run load tests @echo "๐Ÿ‹๏ธ Running load tests..." @locust -f tests/load/locustfile.py 2>/dev/null || echo "Locust not installed" # Backup and restore backup: ## Create backup of all data @echo "๐Ÿ’พ Creating backup..." @mkdir -p backups/$$(date +%Y%m%d_%H%M%S) @docker exec apa-postgres pg_dump -U postgres tax_system > backups/$$(date +%Y%m%d_%H%M%S)/postgres.sql @docker exec apa-neo4j neo4j-admin dump --database=neo4j --to=/tmp/neo4j.dump @docker cp apa-neo4j:/tmp/neo4j.dump backups/$$(date +%Y%m%d_%H%M%S)/ @echo "โœ… Backup created in backups/ directory" restore: ## Restore from backup (usage: make restore BACKUP=20240101_120000) @if [ -z "$(BACKUP)" ]; then \ echo "โŒ Please specify BACKUP directory (e.g., make restore BACKUP=20240101_120000)"; \ exit 1; \ fi @echo "๐Ÿ“ฅ Restoring from backup $(BACKUP)..." @echo "โš ๏ธ This will overwrite existing data!" @read -p "Are you sure? (y/N): " confirm && [ "$$confirm" = "y" ] || exit 1 @docker exec -i apa-postgres psql -U postgres -d tax_system < backups/$(BACKUP)/postgres.sql @docker cp backups/$(BACKUP)/neo4j.dump apa-neo4j:/tmp/ @docker exec apa-neo4j neo4j-admin load --database=neo4j --from=/tmp/neo4j.dump --force @echo "โœ… Restore complete" # Environment variables env: ## Show current environment configuration @echo "๐ŸŒ Environment Configuration:" @cd infra/compose && cat .env 2>/dev/null || echo ".env file not found - run 'make bootstrap' first" # Convenience shortcuts dev-up: ## Full dev bring-up with automation @bash ./scripts/dev-up.sh dev-down: ## Stop dev environment (pass '-v' to remove volumes) @bash ./scripts/dev-down.sh $(FLAG) hosts: ## Add local domains to /etc/hosts @bash ./scripts/hosts-setup.sh dev-service: ## Run single service locally (usage: make dev-service SERVICE=svc_ingestion) @echo "๐Ÿš€ Starting $(SERVICE) locally..." @make deploy-infra @echo "๐Ÿ“ Loading environment variables from .env file..." @cd apps/$(SERVICE) && \ export $$(cat ../../.env | grep -v '^#' | xargs) && \ uvicorn main:app --reload --host 0.0.0.0 --port 8000 test-endpoints: ## Test service endpoints with curl @echo "๐Ÿงช Testing service endpoints..." @curl -s http://localhost:8000/health | jq @curl -s -X POST http://localhost:8000/v1/coverage/check \ -H "Content-Type: application/json" \ -d '{"tax_year":"2024-25","taxpayer_id":"T-001"}' | jq