compliance-checkkit 0.1.0

A small Python toolkit for defining and evaluating compliance checklists.

compliance-checkkit

compliance-checkkit is a small Python library and CLI for defining compliance controls, attaching evidence, and producing simple pass/fail reports.

It is designed for early audit automation, internal readiness checks, and CI gatekeeping where a lightweight checklist is enough.

Install

pip install compliance-checkkit

For local development:

python -m pip install -e ".[dev]"

Quick Start

Create a checklist:

id: soc2-lite
name: SOC 2 Readiness
controls:
  - id: access-review
    title: Quarterly access reviews are completed
    required: true
    checks:
      - evidence_key: access_review_completed
        equals: true
  - id: incident-plan
    title: Incident response plan exists
    required: true
    checks:
      - evidence_key: incident_response_plan_url
        present: true

Create evidence:

{
  "access_review_completed": true,
  "incident_response_plan_url": "https://example.com/plan"
}

Run the CLI:

compliance-checkkit evaluate checklist.yml evidence.json

Use the library:

from compliance_checkkit import evaluate_files

report = evaluate_files("checklist.yml", "evidence.json")
print(report.summary.status)

Checklist Format

Each control contains one or more checks. A control passes only when all of its checks pass.

Supported check fields:

• evidence_key: key to read from the evidence file
• present: true: value must be present and non-empty
• equals: value must equal the expected value
• contains: value must contain the expected item or substring
• one_of: value must be one of the listed values

Publish

Update the package metadata in pyproject.toml, especially the GitHub URLs, then:

python -m pip install -e ".[dev]"
python -m pytest
python -m build
python -m twine upload dist/*

For a safer first release, publish to TestPyPI:

python -m twine upload --repository testpypi dist/*

License

MIT