app/main.py

"""
ARF API Control Plane — Main Application Entry Point
====================================================

The control plane serves as the HTTP layer between the **Agentic Reliability
Framework (ARF)** core engine and external consumers (front‑end dashboard,
enterprise clients, and monitoring infrastructure).

It is responsible for:

* **Lifetime management** of the Bayesian risk engine, policy engine,
  semantic memory (RAG graph), and epistemic models.
* **Observability** via optional OpenTelemetry tracing and Prometheus metrics
  (the latter exposed automatically by ``prometheus-fastapi-instrumentator``
  on ``/metrics``).
* **Rate limiting** and **usage tracking** with atomic quota consumption.
* **CORS** configuration for the public ARF front‑end.
* **Database‑backed persistence** of the conjugate Bayesian posteriors so
  that online learning survives restarts.
* **Automated Rust enforcer canary promotion** via Wilson confidence interval
  monitoring of the agreement counters.

All heavy components are loaded **lazily and best‑effort** – if a dependency
is missing the API continues to serve health‑check and status endpoints,
degrading gracefully rather than crashing.
"""
import logging
import os
import sys
import json
import threading
import time as _time
from contextlib import asynccontextmanager
from typing import Dict

from fastapi import FastAPI
from fastapi.middleware.cors import CORSMiddleware

# ── Optional: Prometheus metrics ─────────────────────────────
try:
    from prometheus_fastapi_instrumentator import Instrumentator
    PROMETHEUS_AVAILABLE = True
except ImportError:
    PROMETHEUS_AVAILABLE = False
    Instrumentator = None

# ── Optional: rate‑limiting (slowapi) ────────────────────────
try:
    from slowapi import _rate_limit_exceeded_handler
    from slowapi.errors import RateLimitExceeded
    from slowapi.middleware import SlowAPIMiddleware
    SLOWAPI_AVAILABLE = True
except ImportError:
    SLOWAPI_AVAILABLE = False
    _rate_limit_exceeded_handler = None
    RateLimitExceeded = None
    SlowAPIMiddleware = None

# ── Core ARF engine (optional but essential for governance) ──
try:
    from agentic_reliability_framework.core.governance.risk_engine import RiskEngine
    from agentic_reliability_framework.core.governance.policy_engine import PolicyEngine
    from agentic_reliability_framework.runtime.memory import create_faiss_index, RAGGraphMemory
    from agentic_reliability_framework.runtime.memory.constants import MemoryConstants
    ARF_AVAILABLE = True
except ImportError:
    ARF_AVAILABLE = False
    RiskEngine = None
    PolicyEngine = None
    create_faiss_index = None
    RAGGraphMemory = None
    MemoryConstants = None

# ── Usage tracker ────────────────────────────────────────────
from app.core.usage_tracker import init_tracker, tracker, Tier

from app.api import (
    routes_governance,
    routes_history,
    routes_incidents,
    routes_intents,
    routes_risk,
    routes_memory,
    routes_admin,
    routes_payments,
    webhooks,
    routes_users,
    routes_pricing,
)
from app.api.deps import limiter
from app.core.config import settings

logger = logging.getLogger("arf.api")
logging.basicConfig(
    level=logging.INFO,
    format="%(asctime)s - %(name)s - %(levelname)s - %(message)s",
    handlers=[logging.StreamHandler(sys.stdout)],
)


@asynccontextmanager
async def lifespan(app: FastAPI):
    """
    Application lifespan manager.

    All initialisation that requires a running event loop (database
    connections, model loading, etc.) happens **before** the ``yield``.
    Cleanup (if any) happens after the ``yield``.

    Initialisation order:
        1. Risk engine (Bayesian scoring + HMC).
        2. Load persisted conjugate posterior state (``beta_state`` table).
        3. OpenTelemetry tracing (console exporter by default).
        4. Policy engine, RAG memory, and epistemic model.
        5. Usage tracker (SQLite / Redis).
        6. Wilson confidence monitor for Rust enforcer canary promotion.
    """
    logger.info("🚀 Starting ARF API Control Plane")
    logger.debug(f"Python path: {sys.path}")

    # ── 1. Risk engine ────────────────────────────────────────
    if ARF_AVAILABLE:
        hmc_model_path = os.getenv("ARF_HMC_MODEL", "models/hmc_model.json")
        use_hyperpriors = os.getenv(
            "ARF_USE_HYPERPRIORS", "false"
        ).lower() == "true"
        logger.info(
            "Initializing RiskEngine – HMC model: %s, hyperpriors: %s",
            hmc_model_path,
            use_hyperpriors,
        )
        try:
            app.state.risk_engine = RiskEngine(
                hmc_model_path=hmc_model_path,
                use_hyperpriors=use_hyperpriors,
                n0=1000,
                hyperprior_weight=0.3,
            )
            logger.info("✅ RiskEngine initialized successfully.")
        except Exception as e:
            logger.exception("💥 Fatal error initializing RiskEngine")
            raise RuntimeError("RiskEngine initialization failed") from e

        # ── 2. Persisted Bayesian state ───────────────────────
        try:
            from app.database.session import SessionLocal
            from app.database.models_intents import BetaStateDB
            from agentic_reliability_framework.core.governance.risk_engine import ActionCategory

            db = SessionLocal()
            try:
                rows = db.query(BetaStateDB).all()
                if rows:
                    state = {
                        ActionCategory(row.category): (row.alpha, row.beta)
                        for row in rows
                    }
                    app.state.risk_engine.beta_store.load_state(state)
                    logger.info(
                        "Loaded Bayesian posterior state from database (%d categories).",
                        len(state),
                    )
                else:
                    logger.info(
                        "No persisted Bayesian state found; using default priors."
                    )
            finally:
                db.close()
        except Exception as e:
            logger.warning(
                "Could not load Bayesian state from database: %s", e
            )

        # ── 3. Tracing (OpenTelemetry) ─────────────────────────
        try:
            from opentelemetry import trace
            from opentelemetry.sdk.resources import SERVICE_NAME, Resource
            from opentelemetry.sdk.trace import TracerProvider
            from opentelemetry.sdk.trace.export import SimpleSpanProcessor, ConsoleSpanExporter
            from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

            resource = Resource.create({SERVICE_NAME: "arf-api"})
            provider = TracerProvider(resource=resource)
            provider.add_span_processor(SimpleSpanProcessor(ConsoleSpanExporter()))
            trace.set_tracer_provider(provider)

            FastAPIInstrumentor.instrument_app(app)
            logger.info("✅ Tracing initialized (console exporter).")
        except Exception as e:
            logger.warning("Tracing initialization skipped: %s", e)

        # ── 4. Policy engine, RAG, epistemic model ─────────────
        try:
            app.state.policy_engine = PolicyEngine()
            logger.info("✅ PolicyEngine initialized successfully.")
        except Exception as e:
            logger.warning(f"PolicyEngine initialization failed: {e}")
            app.state.policy_engine = None

        try:
            faiss_index = create_faiss_index(dim=MemoryConstants.VECTOR_DIM)
            app.state.rag_graph = RAGGraphMemory(faiss_index)
            logger.info("✅ RAGGraphMemory initialized successfully.")
        except Exception as e:
            logger.warning(f"RAGGraphMemory initialization failed: {e}")
            app.state.rag_graph = None

        epistemic_model_name = os.getenv("EPISTEMIC_MODEL", "")
        if epistemic_model_name:
            try:
                from sentence_transformers import SentenceTransformer
                logger.info(f"Loading epistemic model: {epistemic_model_name}")
                app.state.epistemic_model = SentenceTransformer(
                    epistemic_model_name
                )
                app.state.epistemic_tokenizer = app.state.epistemic_model.tokenizer
                logger.info("✅ Epistemic model loaded.")
            except ImportError:
                logger.warning(
                    "sentence-transformers not installed; epistemic signals will be zeros."
                )
                app.state.epistemic_model = None
                app.state.epistemic_tokenizer = None
            except Exception as e:
                logger.warning(f"Failed to load epistemic model: {e}")
                app.state.epistemic_model = None
                app.state.epistemic_tokenizer = None
        else:
            logger.info(
                "EPISTEMIC_MODEL not set; epistemic signals will be zeros."
            )
            app.state.epistemic_model = None
            app.state.epistemic_tokenizer = None
    else:
        logger.warning(
            "agentic_reliability_framework not installed; risk engine, policy engine, RAG disabled."
        )

    # ── 5. Usage tracker ──────────────────────────────────────
    usage_tracking_disabled = (
        os.getenv("ARF_USAGE_TRACKING", "true").lower() == "false"
    )
    if not usage_tracking_disabled:
        logger.info("Initialising usage tracker...")
        try:
            init_tracker(
                db_path=os.getenv("ARF_USAGE_DB_PATH", "arf_usage.db"),
                redis_url=os.getenv("ARF_REDIS_URL"),
            )
            # Seed initial API keys from environment variable (for testing / demo)
            api_keys_json = os.getenv("ARF_API_KEYS", "{}")
            try:
                api_keys = json.loads(api_keys_json)
                for key, tier_str in api_keys.items():
                    try:
                        tier = Tier(tier_str.lower())
                        tracker.get_or_create_api_key(key, tier)
                        logger.info(f"Seeded API key for tier {tier.value}")
                    except ValueError:
                        logger.warning(
                            f"Invalid tier '{tier_str}' for key {key}, skipping"
                        )
            except json.JSONDecodeError:
                logger.warning(
                    "ARF_API_KEYS environment variable is not valid JSON; skipping seeding."
                )
            app.state.usage_tracker = tracker
            logger.info("✅ Usage tracker ready.")
        except Exception as e:
            logger.critical(f"Failed to initialise usage tracker: {e}")
            raise RuntimeError("Usage tracker initialisation failed") from e
    else:
        logger.info("Usage tracking disabled by ARF_USAGE_TRACKING=false.")
        app.state.usage_tracker = None

    # ── 6. Wilson confidence monitor ──────────────────────────
    try:
        from app.services.wilson_monitor import update as wilson_update
        from prometheus_client import REGISTRY

        def _wilson_updater():
            while True:
                try:
                    agreed = REGISTRY.get_sample_value(
                        'arf_rust_agreement_total', {'result': 'agreed'}
                    ) or 0.0
                    diverged = REGISTRY.get_sample_value(
                        'arf_rust_agreement_total', {'result': 'diverged'}
                    ) or 0.0
                    wilson_update(int(agreed), int(diverged))
                except Exception as e:
                    logger.debug("Wilson updater error: %s", e)
                _time.sleep(300)  # every 5 minutes

        threading.Thread(target=_wilson_updater, daemon=True).start()
        logger.info("✅ Wilson monitor background updater started.")
    except Exception as e:
        logger.warning("Wilson monitor initialization skipped: %s", e)

    yield
    logger.info("🛑 Shutting down ARF API")


def create_app() -> FastAPI:
    """
    Build and configure the FastAPI application.

    Middleware order:
        1. CORS (restricted to the public front‑end origin).
        2. Rate limiting (if slowapi is installed).
        3. Prometheus metrics exposition (if available).

    All API routers are included under the ``/api/v1`` prefix except
    memory (``/v1/memory``) and webhooks (root level).

    A simple ``/health`` endpoint is provided for liveness probes.
    """
    app = FastAPI(
        title=settings.app_name,
        version="0.5.0",
        lifespan=lifespan,
        docs_url="/docs",
        redoc_url="/redoc",
        description="Agentic Reliability Framework (ARF) API",
    )

    # ── CORS ──────────────────────────────────────────────────
    allowed_origins = ["https://arf-frontend-sandy.vercel.app"]
    app.add_middleware(
        CORSMiddleware,
        allow_origins=allowed_origins,
        allow_credentials=True,
        allow_methods=["*"],
        allow_headers=["*"],
    )
    logger.debug("CORS middleware configured")

    # ── Rate limiter ──────────────────────────────────────────
    if SLOWAPI_AVAILABLE:
        app.state.limiter = limiter
        app.add_exception_handler(
            RateLimitExceeded, _rate_limit_exceeded_handler
        )
        app.add_middleware(SlowAPIMiddleware)
        logger.debug("Rate limiter middleware configured")
    else:
        logger.debug("Rate limiter disabled (slowapi not installed)")

    # ── Prometheus ────────────────────────────────────────────
    if PROMETHEUS_AVAILABLE:
        Instrumentator().instrument(app).expose(app)
        logger.debug("Prometheus instrumentator configured")
    else:
        logger.debug("Prometheus instrumentator disabled (module not installed)")

    # ── API Routers ───────────────────────────────────────────
    app.include_router(
        routes_incidents.router, prefix="/api/v1", tags=["incidents"]
    )
    app.include_router(routes_risk.router, prefix="/api/v1", tags=["risk"])
    app.include_router(
        routes_intents.router, prefix="/api/v1", tags=["intents"]
    )
    app.include_router(
        routes_history.router, prefix="/api/v1", tags=["history"]
    )
    app.include_router(
        routes_governance.router, prefix="/api/v1", tags=["governance"]
    )
    app.include_router(
        routes_memory.router, prefix="/v1/memory", tags=["memory"]
    )
    app.include_router(
        routes_admin.router, prefix="/api/v1", tags=["admin"]
    )
    app.include_router(
        routes_payments.router, prefix="/api/v1", tags=["payments"]
    )
    app.include_router(
        webhooks.router, tags=["webhooks"]
    )
    app.include_router(
        routes_users.router, prefix="/api/v1", tags=["users"]
    )
    app.include_router(
        routes_pricing.router, prefix="/api/v1", tags=["pricing"]
    )
    logger.debug("All API routers included")

    @app.get("/health", tags=["health"])
    async def health() -> Dict[str, str]:
        """Liveness probe – returns 200 when the application is running."""
        return {"status": "ok"}

    return app


app = create_app()