arbiter-ops 1.0.4

AIOps substrate · 9-plane hexagonal decomposition · ISO 42001 + NIST AI RMF + EU AI Act + DORA evidenced

arbiter-ops

Agentic AIOps substrate as a standalone package — 9-plane hexagonal decomposition with ISO 42001, NIST AI RMF, EU AI Act and DORA evidence mappings. Provides the substrate for closed-loop incident response, HIL approval workflows, and self-improvement campaigns on top of a native audit primitive.

Install

pip install arbiter-ops

Optional extras:

pip install arbiter-ops[slack]            # Slack channel + triage rooms
pip install arbiter-ops[neo4j]            # Neo4j context plane
pip install arbiter-ops[integrations]     # PagerDuty + Splunk SOAR + Dynatrace
pip install arbiter-ops[llm]              # Anthropic LLM adapter (direct SDK)
pip install arbiter-ops[litellm]          # LiteLLM cross-provider abstraction
pip install arbiter-ops[portkey]          # Portkey AI Gateway (virtual keys, fallback, semantic cache)
pip install arbiter-ops[mcp]              # MCP server (arbiter-ops-mcp · 7 substrate tools)
pip install arbiter-ops[kafka]            # Kafka event-stream sensing
pip install arbiter-ops[ml-decision]      # XGBoost triage classifier
pip install arbiter-ops[ml-intelligence]  # XGBoost cost predictor (3-booster)
pip install arbiter-ops[ml-surrogate]     # XGBoost GA surrogate fitness
pip install arbiter-ops[smt]              # z3-solver constraint verifier
pip install arbiter-ops[signing]          # Ed25519 recipe-pack signing
pip install arbiter-ops[all]              # everything

Quick start

# 1. Spin up Postgres + Temporal
docker compose -f docker-compose.yml up -d

# 2. Migrate
arbiter-ops migrate \
  --dsn "postgresql://postgres:arbiter-ops@localhost/arbiter_ops"

# 3. Serve the API
arbiter-ops serve --port 8003

# 4. Run the HIL Temporal worker
arbiter-ops-hil-worker --temporal-host localhost:7233 --task-queue hil

# 5. Smoke test
arbiter-ops smoke-test

Architecture

arbiter-ops packages the 9-plane hexagonal AIOps decomposition into a single distributable. Each plane is a hex container with its own domain types, ports, and pluggable adapters:

plane	responsibility
sensing	ingest signals from observability sources
context	entity + topology resolver
feature	feature engineering for downstream reasoners
intelligence	LLM + ML reasoners (provider-neutral)
reasoning	ensemble + causal classifier
decision	policy engine + autonomy levels
action	invokers (PagerDuty · Splunk SOAR · Dynatrace · etc.)
evidence	facade over the audit record store
improvement	offline GA campaign + policy evolution

Three first-class supporting containers ride alongside the planes: the HITL Gating Service (G-1..G-5 gate types), the Adversarial Verifier, and the Global Circuit Breaker.

Native audit primitive

Every governed decision flows through arbiter_ops.governance.AuditPort via authorize (consulted before commit) and record (post-hoc evidence). The default LocalAuditAdapter is a default-permit adapter that emits JSON-line evidence to stdout (or to the file pointed at by ARBITER_OPS_AUDIT_PATH). Operators replace it by registering an alternate AuditPort implementation in the application container.

from arbiter_ops.governance import make_default_audit_port, AuditRequest

port = make_default_audit_port()                 # LocalAuditAdapter
verdict = port.authorize(AuditRequest.new())     # always APPROVE by default
# ... run the decision ...
# port.record(AuditRecord.from_components(...))  # emit evidence

Documentation

All package-specific docs live under docs/ in the GitHub repo. HTML files are linked through htmlpreview.github.io so they render in-browser without cloning.

Package docs

Doc	What it covers
dev_guide.html (source)	14-section developer guide · install → 5-min smoke → C4 architecture → 9-plane usage with runnable examples → troubleshooting
FEATURES.md · FEATURES.html	Full capability catalog · all 9 planes + 11 supporting containers · port + adapter counts · architectural invariants
DEFERRED.md	External-blocker items (Cedar engine · top-level CLI · etc.)
triage_classifier.md	XGBoost triage classifier (decision plane) deep-dive
cost_predictor.md	XGBoost cost predictor + CostAwareRouter (intelligence plane) deep-dive
fitness_surrogate.md	XGBoost GA surrogate + HybridFitnessEvaluator (improvement plane) deep-dive
portkey_integration.md	Portkey AI Gateway integration · reasoner + invoker · virtual keys · config-driven fallback · semantic cache
mcp_integration.md	MCP (Model Context Protocol) integration · MCPToolInvoker (action plane) + arbiter-ops-mcp server (7 substrate tools)
CHANGELOG.md	Per-release notes

Compliance + benchmarks

Doc	What it covers
BENCHMARKS.md	Published Layer 2a performance numbers (1.15M ops/sec band lookup · sub-microsecond hot path · reproducible methodology)
owasp-agentic-mapping.md	OWASP Agentic Top 10 coverage map (ASI-01..ASI-10) · 6/10 full · 4/10 partial (operator-supplied adapters for the partials)

Deployment

Production deployment assets ship under deploy/ in the GitHub repo (not in the Python wheel — clone the repo to use these):

Path	What it covers
deploy/helm/arbiter-ops/	Helm chart · API + HIL Temporal worker · HPA · PDB · NetworkPolicy · CIS-aligned PodSecurityContext · cert-manager + sub-chart Postgres/Temporal
deploy/overlays/prod/	Production overlay · IRSA-wired ServiceAccount · 4 SealedSecret templates · IRSA Terraform module · ArgoCD Application manifest · operator runbook

Standards alignment

Not certified. arbiter-ops is not certified against any of the standards listed below. The substrate provides contracts and primitives that operators may use as evidence in their own certification audits. No claim of compliance is made by the maintainers; standards-body audits, third-party assessments, and regulatory acceptance are the operator's responsibility. The table below describes what the substrate contributes — full alignment depends on operator-supplied adapters (durable audit storage, identity provider, key custody, etc.) and the operator's own audit-and-attestation process.

See docs/compliance/owasp-agentic-mapping.md for an honest substrate-vs-adapter split (informational only, not a security audit).

Standard	What arbiter-ops contributes
ISO/IEC 42001 (AIMS)	AuditPort + approach-band registry + HIL gate types for clauses 4–10
NIST AI RMF	Govern + Map ports · evidence flow for Measure + Manage
EU AI Act Art. 12	Per-call authorize/record envelope · adapter chooses retention
DORA	ICT-incident-response primitives · event-bus port · evidence emission
OWASP Agentic Top 10	6/10 full · 4/10 partial (operator adapters close the partials)

Trademarks

Product names, logos, and brand names referenced in this codebase and its documentation (PagerDuty · Splunk · Dynatrace · Datadog · ServiceNow · Atlassian · Microsoft · Anthropic · OpenAI · Postgres · Temporal · Slack · Neo4j · Kubernetes · and others) are property of their respective owners. Use of these names is for interoperability identification only and does not imply endorsement, affiliation, partnership, or sponsorship. See TRADEMARKS.md for the full list and attribution.

Disclosure: AI-assisted authorship

Portions of this project — code, tests, documentation, and operator runbooks — were authored with AI assistance. The maintainers warrant in good faith that all incorporated code is either original or sourced from properly-licensed permissive-license open-source projects with attribution preserved. If you believe any portion of this codebase improperly incorporates third-party material, please file an issue at https://github.com/mjayason/arbiter-ops/issues and the maintainers will investigate and resolve promptly.

No warranty

arbiter-ops is distributed under the Apache License, Version 2.0, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. The maintainers do not warrant that the substrate is fit for any particular purpose, free of defects, free of security vulnerabilities, or suitable for use in regulated environments. Operators are solely responsible for evaluating fitness for their use case, validating security posture against their threat model, and obtaining any certifications, audits, or regulatory acceptance their use requires. Nothing in this README, the accompanying docs, the benchmark numbers, or the compliance mappings constitutes legal, regulatory, security, or compliance advice. See LICENSE for the full warranty disclaimer and limitation of liability.

License

Apache-2.0 · see LICENSE.