fix: address post-push review issues - security, resilience, and code quality

- Fix hardcoded DATABASE_URL in 4 new microservices (gpu-service, governance-service, trading-service, marketplace-service) - now use os.getenv() with SQLite fallback
- Move httpx.AsyncClient to API gateway lifespan for connection pooling
- Add 30-second timeout to API gateway proxy calls
- Move hardcoded service URLs to environment variables in API gateway (GPU_SERVICE_URL, MARKETPLACE_SERVICE_URL, etc.)
- Add cli/build/ and cli/dist/ to .gitignore and remove 42 stale build artifacts from git
- Fix version pinning conflicts in 4 new service pyproject.toml files (align with root: fastapi >=0.115.6, sqlmodel >=0.0.38, pytest >=9.0.3)
- Fix 18 remaining datetime.utcnow() calls in monitoring-service and ai-service (replace with datetime.now(timezone.utc))
- Add retries (3 attempts), authentication (Bearer token), rate limiting (100/min via slowapi), and circuit breaker to API gateway
- Add /ready and /live endpoints to 4 new microservices for production readiness/liveness probes
- Audit debug logging - confirmed no sensitive data (passwords, keys, secrets, tokens) is logged; cache keys and masked API keys are safe

apps/governance-service/pyproject.toml

@@ -5,17 +5,17 @@ description = "AITBC Governance Service for governance operations"
 authors = ["AITBC Team <team@aitbc.dev>"]
 
 [tool.poetry.dependencies]
-python = "^3.13"
-fastapi = "^0.104.0"
-uvicorn = "^0.24.0"
-sqlmodel = "^0.0.14"
-asyncpg = "^0.30.0"
+python = ">=3.13,<3.14"
+fastapi = ">=0.115.6"
+uvicorn = {extras = ["standard"], version = ">=0.34.0"}
+sqlmodel = ">=0.0.38"
+asyncpg = ">=0.30.0"
 aitbc-core = {path = "../../packages/py/aitbc-core", develop = true}
 
 [tool.poetry.group.test.dependencies]
-pytest = "^7.4.0"
-pytest-asyncio = "^0.21.0"
-httpx = "^0.25.0"
+pytest = ">=9.0.3"
+pytest-asyncio = ">=1.3.0"
+httpx = ">=0.28.1"
 
 [build-system]
 requires = ["poetry-core"]

apps/governance-service/src/governance_service/main.py

@@ -68,6 +68,25 @@ async def health() -> HealthResponse:
     return HealthResponse(status="healthy", service="governance-service")
 
 
+@app.get("/ready")
+async def ready() -> dict[str, str]:
+    """Readiness check - verifies database connectivity"""
+    try:
+        async with get_session() as session:
+            # Test database connection
+            await session.execute("SELECT 1")
+        return {"status": "ready", "service": "governance-service"}
+    except Exception as e:
+        logger.error(f"Readiness check failed: {e}")
+        return {"status": "not_ready", "service": "governance-service", "error": str(e)}
+
+
+@app.get("/live")
+async def live() -> dict[str, str]:
+    """Liveness check - verifies service is not stuck"""
+    return {"status": "alive", "service": "governance-service"}
+
+
 @app.get("/governance/status")
 async def governance_status() -> dict[str, str]:
     """Get governance status"""

apps/governance-service/src/governance_service/storage.py

@@ -2,6 +2,7 @@
 Database session management for Governance service
 """
 
+import os
 from contextlib import asynccontextmanager
 from typing import AsyncIterator
 
@@ -13,7 +14,7 @@ from aitbc import get_logger
 logger = get_logger(__name__)
 
 # Database URL from environment variable or default
-DATABASE_URL = "postgresql+asyncpg://aitbc_governance:password@10.1.223.40:5432/aitbc_governance"
+DATABASE_URL = os.getenv("DATABASE_URL", "sqlite+aiosqlite:///./data/governance_service.db")
 
 # Create async engine
 engine = create_async_engine(DATABASE_URL, echo=False)