Real-time data platform serving context to AI agents
Project description
AgentFlow
Event-native metrics layer: business metrics that move when events happen — measured 1.1 s p50 event-to-metric freshness on production defaults. Live entity lookups, typed contracts, dual-language SDKs, and release-gated delivery for people, dashboards, services, and AI agents alike.
Why this exists
BI on a replica answers yesterday's questions. Support, ops, and merch workflows need current orders, metrics, and health signals at the moment of decision — not a stale warehouse snapshot, not a pile of one-off service adapters, and not a cache that quietly serves 30-second-old numbers.
AgentFlow's axis is event → live metric: every metric declares which events move it (a contract-tested lineage graph), and the serving layer keeps reads fresh by invalidating its cache when events arrive — a measured behavior, not a slogan (docs/freshness-benchmark.md). One serving boundary on top of that axis:
- streaming ingestion for operational events (validated, enriched, journaled)
- a semantic layer that exposes entities, metrics, lineage, and query endpoints
- typed, versioned contracts — each metric ships with its source events and a staleness budget
- Python and TypeScript clients that speak the same API surface
Consumers are whoever needs the number now: humans, dashboards, downstream services, and AI agents — agents are one consumer, not the product.
Highlights
- Measured event-to-metric freshness — an event entering the pipeline is reflected in
GET /v1/metrics/*in 1.06 s p50 / 1.99 s p95 on production defaults (event-driven cache invalidation, no webhook registration), tunable to 238 ms p50; a plain TTL cache on the same pipeline sits at ~15 s. Reproducible viapython scripts/benchmark_freshness.py→ freshness benchmark - Lineage as a contract — all six metrics declare their source events, serving table, and a 2.5 s p95 staleness budget in versioned contracts, exposed through
/v1/catalogand/v1/contractsand pinned by tests against the actual write path - Published release line through
v1.5.0on PyPI (agentflow-runtime,agentflow-client) and npm (@yuliaedomskikh/agentflow-client) via OIDC Trusted Publishers with SLSA provenance on every artifact - Tested and gated — 1,500+ unit tests plus a broad Windows no-Docker suite; CI enforces 13 required status checks (lint, schema, unit, integration, helm, perf, terraform, bandit, safety, npm-audit, trivy, contract, build-smoke) through branch protection
- Dual SDK parity across Python and TypeScript — retries, circuit breakers, batching, pagination, contract pinning, idempotency keys,
as_ofhistorical reads — over sub-second entity lookups (p5038–55 ms, p99167 mson local hardware) - Security in the hot path — tenant isolation on every read surface, parameterized queries,
sqlglotAST validation for NL-to-SQL, fail-closed auth, secret scrubbing, and a Bandit gate for new findings - Production-shaped extras — two CDC paths (hardened Debezium/Kafka Connect + a ClickHouse per-branch fan-out), on-call runbooks, and a narrated demo of the DV2 multi-branch warehouse
Quick start
Upgrading from v1.0.x? See the v1.1 migration guide before installing.
Prerequisites:
- Python
3.11+ make- Docker Compose (
make demostarts Redis and the ClickHouse serving store)
PowerShell 7+:
git clone https://github.com/brownjuly2003-code/agentflow.git
cd agentflow
. .\scripts\setup.ps1
make demo
macOS / Linux:
git clone https://github.com/brownjuly2003-code/agentflow.git
cd agentflow
source ./scripts/setup.sh
make demo
make demo starts Redis and ClickHouse, seeds demo data through the full pipeline (validated events land in the ClickHouse serving store), and serves the API on http://localhost:8000. Swagger UI is available at http://localhost:8000/docs.
Try it:
curl http://localhost:8000/v1/entity/order/ORD-20260404-1001
curl -X POST http://localhost:8000/v1/query \
-H "Content-Type: application/json" \
-d '{"question":"Show me top 3 products"}'
Local demo runs without API-key enforcement unless you explicitly configure AGENTFLOW_API_KEYS_FILE.
Architecture
Event sources -> Kafka -> Flink -> Iceberg --------\
-> Semantic layer -> FastAPI -> Agent / SDK
Local demo -> local_pipeline -> ClickHouse ------/
(DuckDB stays the local lake / test store)
Stack:
- Ingestion: Kafka producers, Debezium/Kafka Connect CDC, and a local synthetic pipeline
- Processing: Flink plus validation and enrichment stages
- Storage: Iceberg for production-shaped tables; ClickHouse is the serving store (ADR 0006 — ReplacingMergeTree upserts,
final=1reads), DuckDB the local-dev / test store - Serving: FastAPI, contract registry, lineage, search, and operational endpoints
- Orchestration: Dagster
- IaC: Terraform, Helm, Docker Compose, and a Fly.io demo config
See docs/architecture.md for the detailed design, trade-offs, and deployment topologies.
CDC source capture is standardized on Debezium/Kafka Connect; downstream consumers use the canonical AgentFlow CDC contract defined in ADR 0005.
What's inside
| Area | Files |
|---|---|
| API core | src/serving/api/ |
| Semantic layer | src/serving/semantic_layer/ |
| Python SDK | sdk/agentflow/ |
| TypeScript SDK | sdk-ts/src/ |
| Agent integrations | integrations/agentflow_integrations/ (LangChain, LlamaIndex, CrewAI, MCP) |
| Flink jobs | src/processing/flink_jobs/ |
| Test suites | tests/ |
| Design decisions | docs/decisions/ (ADRs) |
| Public site | site/ |
| IaC | infrastructure/terraform/, infrastructure/dv2/, helm/, k8s/ |
| DV2.0 warehouse | warehouse/agentflow/dv2/ (hubs / links / satellites + X5 loader) |
Documentation
Core
- Architecture — system context, data flow, failure modes
- API Reference — endpoint-by-endpoint curl / Python / TypeScript examples
- Operational Runbook + On-Call Runbooks — local stack, CDC capture, and production-incident playbooks
- Security Audit — threat model, controls, and evidence
- Glossary — interview-ready explanations of the core technical terms
- Interactive Technical Walkthrough — MkDocs Material guide (Mermaid architecture, SDK, deployment, observability)
Deep dives
- DV2.0 Multi-Branch Extension — Data Vault 2.0 model for mid-market e-com (5 locations / 3 jurisdictions): schema, end-to-end flow, demo evidence
- CDC Deployment Plan — Debezium/Kafka Connect rollout
- Competitive Analysis · Release Readiness · Cost Analysis
- Fly.io Demo Deploy — minimal hosted demo
- Contributing · Changelog
Development
# verified release slice
python -m pytest tests/unit tests/integration tests/sdk -q
# benchmark and regression gate
python scripts/run_benchmark.py
python scripts/check_performance.py --baseline docs/benchmark-baseline.json --current .artifacts/load/results.json --max-regress 20
# benchmark trend: [.github/perf-history.json](.github/perf-history.json) is appended on every main push;
# render the history locally with `make perf-plot` (writes docs/perf/history.html).
# contracts and security
python scripts/generate_contracts.py --check
bandit -r src sdk --ini .bandit --severity-level medium -f json -o .tmp/bandit-current.json
python scripts/bandit_diff.py .bandit-baseline.json .tmp/bandit-current.json
Status
v1.5.0 is the current release line — PyPI agentflow-runtime /
agentflow-client and npm @yuliaedomskikh/agentflow-client, all
published via OIDC Trusted Publishers with SLSA provenance attestations.
CI on main is green across all 12 required checks.
The v1.1.0 → v1.5.0 arc landed in five increments on top of a security
audit-closure sprint:
v1.1.0— audit closure: tenant isolation across every read surface, SQL guard centralized onsqlglot, entity allowlist enforcement, fail-closed auth, secret rotation, Helm hardening, OpenAPI drift gate, and the required status checks.v1.2.0— DV2 multi-branch warehouse: 38 Data Vault 2.0 tables (8 hubs / 8 links / 22+ satellites), an Argo Workflowsdv2-refreshtemplate, a dbt project (3 mart models + 12 tests), and per-branch CDC fan-out via ClickHouseMaterializedPostgreSQL.v1.3.0—helm/kafka-connecthardening matched tohelm/agentflow(NetworkPolicy + PDB + securityContext), live Helm validation across both charts, and the narrated DV2 demo (terminal + web-UI + dbt docs).v1.4.0— maintenance: on-call runbooks,SECURITY.md, issue/PR templates, contract/DORA CI hardening, repo hygiene, and a dependency wave (mypy, Terraform AWS provider, TypeScript, GitHub Actions, Vitest). No runtime API changes fromv1.3.0.v1.5.0— security & correctness hardening: argon2id key hashing with an O(1) peppered lookup index (M-C4), an NL→SQL guard bypass fix (typedread_csv/read_parquetscan functions now denied in projection position),sqlglotcontrol-byte and mutation-target repairs, and a strict-mypyexpansion across the orchestration and freshness slices. No public API changes.
Beyond the tagged line, main carries post-v1.5.0 work pending the next
tag: the DV2 raw vault migrated from ClickHouse to PostgreSQL with a cloud
supplier reference, the PyIceberg sink backed by a real MinIO object store,
and event-driven OLTP→vault freshness via PostgreSQL LISTEN/NOTIFY. See
the [Unreleased] section of the changelog for details.
Scope
This is a reference data-engineering project. The streaming, warehouse, and deployment artifacts (Flink, Iceberg, Helm, Terraform, k8s) are exercised against a local pipeline and a kind cluster in CI rather than a managed cloud. Wiring it to a live production source needs inputs that live outside the repo — CDC source onboarding (runbook ready in docs/operations/cdc-production-onboarding.md), a public benchmark on production-grade hardware, and an external pen-test attestation.
Screenshots
| Admin UI | API docs |
|---|---|
| Landing page | Benchmark run |
|---|---|
Capture notes and publish-time checks are listed in docs/publication-checklist.md.
License
MIT. See LICENSE.
Credits
Built as a data-engineering reference project. Initial release cycle
2026-04-10 → 2026-04-20, with post-audit hardening and the DV2
extension landing through v1.4.0. Architecture decisions are recorded as
ADRs in docs/decisions/.
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file agentflow_runtime-1.6.0.tar.gz.
File metadata
- Download URL: agentflow_runtime-1.6.0.tar.gz
- Upload date:
- Size: 201.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
3ba04ba783ace723ca80bbe7877f31d049418cc5813f143d5a836c890b50b14f
|
|
| MD5 |
667fe82a99c3f6bf7d1de3a7ead6210a
|
|
| BLAKE2b-256 |
9a4db36dd78b0b312b685699b9610afa3d2e0e33244ae5955101b4e61081c1a3
|
Provenance
The following attestation bundles were made for agentflow_runtime-1.6.0.tar.gz:
Publisher:
publish-pypi.yml on brownjuly2003-code/agentflow
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
agentflow_runtime-1.6.0.tar.gz -
Subject digest:
3ba04ba783ace723ca80bbe7877f31d049418cc5813f143d5a836c890b50b14f - Sigstore transparency entry: 2043393233
- Sigstore integration time:
-
Permalink:
brownjuly2003-code/agentflow@734132a38dc3c8ec325047bdbe9c748f1095fe3f -
Branch / Tag:
refs/tags/v1.6.0 - Owner: https://github.com/brownjuly2003-code
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@734132a38dc3c8ec325047bdbe9c748f1095fe3f -
Trigger Event:
push
-
Statement type:
File details
Details for the file agentflow_runtime-1.6.0-py3-none-any.whl.
File metadata
- Download URL: agentflow_runtime-1.6.0-py3-none-any.whl
- Upload date:
- Size: 217.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
df7a88e2943ba72f5d2135d422a43ee99d65fffb58860fe6b44a2eef0104cd08
|
|
| MD5 |
b12f00cb54ea087b74741276a60d7d41
|
|
| BLAKE2b-256 |
7f52f003d15700568af7bc1b0e2c9481fcc2647bd8706b8a2a6ed64b6ba22342
|
Provenance
The following attestation bundles were made for agentflow_runtime-1.6.0-py3-none-any.whl:
Publisher:
publish-pypi.yml on brownjuly2003-code/agentflow
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
agentflow_runtime-1.6.0-py3-none-any.whl -
Subject digest:
df7a88e2943ba72f5d2135d422a43ee99d65fffb58860fe6b44a2eef0104cd08 - Sigstore transparency entry: 2043393339
- Sigstore integration time:
-
Permalink:
brownjuly2003-code/agentflow@734132a38dc3c8ec325047bdbe9c748f1095fe3f -
Branch / Tag:
refs/tags/v1.6.0 - Owner: https://github.com/brownjuly2003-code
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish-pypi.yml@734132a38dc3c8ec325047bdbe9c748f1095fe3f -
Trigger Event:
push
-
Statement type: