Enterprise AI orchestration for secure contract and workflow operations.
CyberAi provides an enterprise control plane with RBAC-protected task execution, live audit streams, and CI-driven delivery.
This README documents the current enterprise runtime and delivery model without legacy UI/UX screenshots.
| Parameter | Scope | Default | Notes |
|---|---|---|---|
NODE_ENV |
server/server.js auth behavior |
development |
In production, token-decoding auth stubs are disabled and requests fall back to anonymous role unless real auth is integrated. |
PORT |
server/index.js listener |
3000 |
Port for enterprise API + Socket.IO service. |
ROLE_MODEL |
src/security/* + server/core/rbac.js |
action-based RBAC | Web/app canonical roles are mapped to server-layer roles for task execution. |
Canonical app roles (src/security/roles.ts):
| Role | Typical Access |
|---|---|
admin |
Full platform/admin access (admin:all) |
operator |
Workflow + deployment operations |
user |
Read/chat-level access |
guest |
Restricted/public access |
Server execution roles (server/core/rbac.js):
| Role | Level | Execution Access |
|---|---|---|
admin |
3 | Full |
developer |
2 | Task execution allowed |
auditor |
1 | Read-only |
agent |
0 | No privileged task execution |
Canonical-to-server mapping (server/server.js):
operator -> developeruser -> auditorguest -> agent
The enterprise deployment runbooks standardize the following variables:
| Variable | Required | Example | Purpose |
|---|---|---|---|
LLAMA_API_KEY |
Yes (enterprise AI integrations) | LLAMA_API_KEY=llama_live_0123456789abcdef |
Authenticates enterprise LLM provider integrations. |
MARKETPLACE_ENABLED |
Yes | MARKETPLACE_ENABLED=true |
Enables/disables enterprise marketplace workflows deterministically. |
cat > .env.enterprise <<'ENV'
NODE_ENV=production
PORT=3000
LLAMA_API_KEY=llama_live_0123456789abcdef
MARKETPLACE_ENABLED=true
ENVset -a
source ./.env.enterprise
set +a
node -e "console.log({
hasLlamaApiKey: Boolean(process.env.LLAMA_API_KEY),
marketplaceEnabled: process.env.MARKETPLACE_ENABLED === 'true',
nodeEnv: process.env.NODE_ENV,
port: Number(process.env.PORT || 3000)
})"| Workflow | File | Trigger | Purpose |
|---|---|---|---|
| CI | .github/workflows/ci.yml |
push, pull_request on main |
Lint, typecheck, test, and build gates. |
| Advanced Build Matrix | .github/workflows/advanced-build.yml |
push, pull_request on main/develop, workflow_dispatch |
Multi-OS build matrix, optimized build artifact, Docker build test, verification. |
| CodeQL Security Scanning | .github/workflows/codeql.yml |
push, pull_request, scheduled weekly, manual |
Security and quality analysis for JavaScript code. |
| Lint | .github/workflows/lint.yml |
GitHub event-driven | Dedicated lint enforcement pipeline. |
| Dependency Review | .github/workflows/dependency-review.yml |
Pull requests | Dependency policy enforcement. |
| Deploy Pages | .github/workflows/pages-deploy.yml |
push on main, workflow_dispatch |
Build and deploy GitHub Pages docs/site. |
| Release Management / Schedule | .github/workflows/release.yml, .github/workflows/release-schedule.yml |
Tag push (v*.*.*), schedule, workflow_dispatch |
Release automation and cadence controls. |
| Dimension | Values |
|---|---|
| Operating system | ubuntu-latest, macos-latest, windows-latest |
| Node.js version | 20, 22 |
| Gates per job | npm run typecheck, npm run lint, npm run build, npm test |
| Setting | Value |
|---|---|
| Builder | docker/setup-buildx-action@v4 |
| Build action | docker/build-push-action@v7 |
| Context / Dockerfile | . / ./Dockerfile |
| Push / load | push: false, load: true |
| Tag | cyberai:test |
| Target stage | production |
| Runtime validation | docker run --rm cyberai:test node --version |
CyberAi keeps the enterprise build pipeline deterministic across local development, CI, and containerized release flows.
- Primary compiler:
npm run build(tsc) - Type gate:
npm run typecheck - Quality gate:
npm run lint && npm run test - Optimized pipeline:
npm run build:advanced - Container pipeline:
npm run docker:build - Full build reference: BUILD.md
# 1. Install dependencies
npm ci
# 2. Quality gates
npm run lint
npm run typecheck
npm run test
# 3. Start enterprise server
npm run dev:enterpriseOptional targeted runs:
npm run test:unit
npm run test:integration# Build image
npm run docker:build
# Run container with enterprise variables
docker run --rm -p 3000:3000 \
--env-file ./.env.enterprise \
cyberai:latestCompose option:
npm run docker:up
npm run docker:down- Create production secrets/environment variables (
LLAMA_API_KEY,MARKETPLACE_ENABLED,NODE_ENV,PORT) in your deployment platform. - Push to
mainto trigger CI and deployment workflows. - Verify the pipeline status in GitHub Actions for CI, Advanced Build Matrix, and CodeQL.
- Run a smoke check against the enterprise endpoint:
curl -sS -X POST http://localhost:3000/api/task \
-H 'Content-Type: application/json' \
-d '{"prompt":"health-check","agent":"builder"}'CyberAi/
βββ app/ # App shell and enterprise views
βββ server/ # Enterprise API + Socket.IO backend
βββ src/security/ # Canonical RBAC model and guards
βββ contracts/ # Contract definitions
βββ tests/ # Unit + integration tests
βββ .github/workflows/ # CI/CD automation
βββ docs/ # Documentation assets and guides
- Contributing: CONTRIBUTING.md
- Security policy: SECURITY.md
- License: LICENSE