PhyComp¶
PhyComp is the compliance evaluation and audit reporting service for the PhyWare platform. It pulls telemetry from PhyCloud, evaluates each event against a configurable rules engine (speed limits, geofences, proximity thresholds, custom rules), records violations, and renders audit reports for regulatory and ISO 10218 / ISO/TS 15066 / EU AI Act inspections.
Canonical implementation¶
The canonical PhyComp service is the Rust implementation under PhyComp/rust/:
axum+tokioHTTP server,tower-httpmiddleware.sqlxasync database layer (SQLite for dev, PostgreSQL for production) with embeddedsqlx::migrate!()schema migrations.reqwest+rustls-tlsfor the outbound PhyCloud client (no OpenSSL).- Shared schema DTOs with PhyCloud Rust (no duplicated request / response types — see issue #225).
- Structured JSON logging via
tracing-subscriber(shape-compatible with the historical Pythonstructlogoutput). - Single static binary, small container image, no Python runtime.
The historical Python MVP was removed after the #235 cutover (the final step of the Python → Rust migration epic #219). operators upgrading from the Python service should follow the operator migration guide.
Quick start¶
The repo-root docker-compose.yml now builds the canonical phycomp service from the Rust Dockerfile:
# Bring up Postgres + the canonical Rust PhyCloud + PhyComp services.
docker compose up -d phycomp
# Health check
curl -sf http://localhost:8001/health
For local development without Docker:
Feature surface¶
| Area | Endpoints | Notes |
|---|---|---|
| Health & readiness | GET /health, GET /health/ready | |
| Bootstrap (platform admin) | POST /api/v1/admin/bootstrap, GET /api/v1/admin/bootstrap/status | First-run platform-admin tenant + key issuance |
| Tenant registration | POST /api/v1/registration/register | Federated registration using a PhyCloud phyc_… key |
| Rules | GET/POST/PUT/DELETE /api/v1/rules*, POST /api/v1/rules/defaults | Speed limit / geofence / proximity / custom |
| Violations | GET /api/v1/violations, GET /api/v1/violations/{id} | Tenant-scoped query + filtering |
| Evaluation | POST /api/v1/evaluate | Trigger evaluation against PhyCloud data or inline events |
| Reports | POST/GET /api/v1/reports* | Audit report generation |
| Admin | POST/GET /api/v1/admin/tenants* | Platform-admin gated |
A full OpenAPI document is served at GET /openapi.json (with a Swagger UI at GET /docs) by the Rust service.
Architecture¶
flowchart LR
A[PhyTrace SDK] -->|UDM events| B[PhyCloud — Rust]
C[phyware CLI] -->|query / admin| B
C -->|comp rules / violations / reports| D[PhyComp — Rust]
D -->|fetch + introspect| B
D -->|persist| E[(PostgreSQL / SQLite)]
F[Admin dashboard] -->|browse + manage| D Federation with PhyCloud¶
PhyComp tenants are minted by exchanging a PhyCloud phyc_… API key for a PhyComp-scoped phycomp_… key via the POST /api/v1/registration/register endpoint. The Rust service reuses PhyCloud's introspection endpoint (/oauth/introspect) to validate the inbound key, so no shared secrets are needed between the two services. See PhyComp/rust/phycomp/src/api/registration.rs.
Further reading¶
- Operator migration guide — Python → Rust cutover steps.
PhyComp/rust/README.md— canonical service README.- Migration epic #219 — historical context.
- Cutover issue #235 — this release's tracking issue.