feat(knowledge): Phase 11 — Knowledge Management (Playbooks + Lessons Learned) [FASE-11]

- Playbooks: versioned Markdown runbooks per technique × type (attack/detect/investigate/respond/hunt) - PlaybookVersion: immutable snapshots on every update; restore to any previous version - LessonLearned: post-mortem records linked to tests/campaigns/attack-paths or manual - Alembic migration b037know (raw SQL, idempotent, no PostgreSQL enums) - Router /api/v1/knowledge: 14 endpoints for playbooks + lessons + stats - Pydantic validators for playbook_type, severity, entity_type (422 on invalid) - Knowledge stats endpoint: totals + breakdown by severity and playbook type - Soft-delete on both resources; include_inactive filter for admin recovery - QA script: 70+ tests across CRUD, versioning, filtering, auth, soft-delete, regression Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-05-20 13:39:05 +02:00
parent 080ce56de7
commit 4f5370db89
9 changed files with 1329 additions and 0 deletions
--- a/backend/app/main.py
+++ b/backend/app/main.py
@@ -41,6 +41,7 @@ from app.routers import webhooks as webhooks_router
 from app.routers import detection_lifecycle as detection_lifecycle_router
 from app.routers import ownership as ownership_router
 from app.routers import attack_paths as attack_paths_router
+from app.routers import knowledge as knowledge_router
 from app.domain.errors import DomainError
 from app.middleware.error_handler import domain_exception_handler
 from app.middleware.request_context import RequestContextMiddleware
@@ -141,6 +142,7 @@ app.include_router(webhooks_router.router, prefix="/api/v1")
 app.include_router(detection_lifecycle_router.router, prefix="/api/v1")
 app.include_router(ownership_router.router, prefix="/api/v1")
 app.include_router(attack_paths_router.router, prefix="/api/v1")
+app.include_router(knowledge_router.router, prefix="/api/v1")


@app.get("/health", include_in_schema=False)