A secure, AI-driven RFP (Request for Proposal) Response Automation Platform designed specifically for U.S. Government contracts. The platform leverages advanced AI/LLM capabilities, vector databases, and document processing to streamline proposal generation while maintaining strict compliance with FedRAMP, NIST 800-171, and CMMC Level 2 standards.
Version: 2.0.0 Last Updated: January 2026
- Overview
- Key Features
- Technology Stack
- Quick Start
- Project Structure
- API Endpoints
- SF330 Processing
- Multi-Tenant Architecture
- Security Features
- Testing
- Deployment
- Documentation
- Contributing
The Kenall RFP Platform helps government contractors efficiently respond to RFP opportunities by:
- Automatic Opportunity Discovery: Integration with SAM.gov API for daily contract fetching
- AI-Powered Scoring: ML-based matching of opportunities against company capabilities
- SF330 Processing: Extract and analyze historical SF330 documents with OCR support
- Intelligent Suggestions: AI-powered recommendations for projects, personnel, and partners
- Multi-Tenant Architecture: Complete data isolation for SaaS deployment
- Compliance Ready: Built for FedRAMP, NIST 800-171, and CMMC Level 2
- Multi-Tenant Architecture: Complete data isolation between organizations
- FedRAMP Ready: Required security controls and boundary protection
- NIST 800-171 Compliant: Credential protection, audit logging, access controls
- CMMC Level 2: Role-based access control, authentication, encryption
- JWT Authentication: Secure session management with tenant context
- Comprehensive Audit Logging: Track all user actions and data changes
- Vector Search: Weaviate vector database for semantic similarity search
- Local LLM: Ollama for private, on-premise LLM inference
- Document Processing: PDF extraction with OCR fallback (EasyOCR, Tesseract)
- Skills Normalization: Standardized A/E industry skill taxonomy
- Intelligent Matching: AI-powered scoring of opportunities, projects, and personnel
- Document Ingestion: Process historical SF330 PDFs
- Section Extraction: Parse Sections A, C, E, and F
- OCR Support: Handle scanned documents with EasyOCR/Tesseract
- Data Validation: Quality scoring and cross-reference validation
- Skills Normalization: Standardize skills across documents
- Certification Extraction: Auto-extract PE, PMP, LEED AP, etc.
- Teaming Detection: Identify JV and subcontractor relationships
- Automated Discovery: Daily SAM.gov API integration
- Confidence Scoring: HIGH/MEDIUM/LOW match level classification
- Pipeline Tracking: Status management (Pending → Awarded/Lost)
- Project Matching: Semantic search for relevant past projects
- Partner Recommendations: Suggest teaming partners for skill gaps
- Internal Ratings: Team assessments from working with companies
- External Ratings: CPARS, PPIRS, FAPIIS integration (optional)
- Performance Levels: CPARS-style levels (Exceptional to Unsatisfactory)
- Category Ratings: Quality, Schedule, Cost, Management, Communication
- Weighted Scoring: Configurable internal/external rating weights
- Rating History: Complete audit trail with comments and context
- Name Normalization: Handles variations like "Kenall", "Kenall Inc", "Kenall Inc."
- Alias Tracking: Link different name variations to canonical companies
- Company Identifiers: DUNS, CAGE, UEI for deduplication
- Branch Detection: Automatic branch/office location extraction
- Fuzzy Matching: AI-powered company name matching
- Per-Tenant Weights: Customize AI matching per organization
- Feature Weights: Skill match, past performance, project similarity
- Rating Integration: Weighted internal/external ratings in scoring
- Threshold Configuration: Minimum scores, recency decay, penalties
- Preference Settings: Previous partners, local companies, unrated handling
| Component | Technology | Version |
|---|---|---|
| Language | Python | 3.13 |
| Framework | FastAPI | 0.100+ |
| ORM | SQLAlchemy | 2.0+ |
| Migrations | Alembic | 1.12+ |
| Validation | Pydantic | 2.0+ |
| Auth | PyJWT + bcrypt | - |
| Component | Technology | Port |
|---|---|---|
| Relational DB | PostgreSQL | 5432 |
| Vector DB | Weaviate | 8080 |
| Cache/Queue | Redis | 6379 |
| Component | Technology |
|---|---|
| LLM | Ollama (llama3, mistral) |
| Embeddings | SentenceTransformers |
| OCR | EasyOCR, Tesseract |
| Component | Technology |
|---|---|
| Task Queue | Celery |
| Scheduler | Celery Beat |
| File Monitor | Watchdog |
| Component | Technology | Port |
|---|---|---|
| Framework | React | 5173 |
| Build Tool | Vite | - |
- Python 3.13+
- PostgreSQL 15+
- Docker & Docker Compose
- Node.js 22+ (for UI development)
- Ollama (for local LLM)
# 1. Clone and enter directory
cd /path/to/kenall/platform
# 2. Install system dependencies (macOS)
brew install tesseract poppler
# 3. Start Docker Desktop
open -a Docker
# 4. Start Weaviate
docker compose up -d
# 5. Start Ollama
ollama serve &
ollama pull llama3
ollama pull mistral
# 6. Set up Python environment
python3.13 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt
# 7. Configure environment
cp .env.example .env
# Edit .env with your settings
# 8. Run database migrations
cd app && alembic upgrade head && cd ..
# 9. Start the backend
cd app && uvicorn main:app --reload --host 0.0.0.0 --port 8000
# 10. (Optional) Start the UI
cd ../ui && npm install && npm run dev| Service | Port | URL |
|---|---|---|
| FastAPI Backend | 8000 | http://localhost:8000/api/docs |
| Weaviate | 8080 | http://localhost:8080 |
| Ollama | 11434 | http://localhost:11434 |
| React UI | 5173 | http://localhost:5173 |
| PostgreSQL | 5432 | - |
| Redis | 6379 | - |
# Check Weaviate
curl http://localhost:8080/v1/.well-known/ready
# Check Ollama
curl http://localhost:11434/api/tags
# Check Backend API
curl http://localhost:8000/healthkenall/platform/
├── app/ # FastAPI Application
│ ├── api/v1/ # API Routes
│ │ ├── endpoints/ # Endpoint Modules
│ │ │ ├── opportunities.py # Contract opportunities
│ │ │ ├── sf330_search.py # SF330 search
│ │ │ ├── user.py # User management
│ │ │ ├── tenant.py # Tenant management
│ │ │ ├── company.py # Company management
│ │ │ └── dashboard.py # Analytics
│ │ └── router.py # API router
│ ├── core/ # Core Modules
│ │ ├── settings.py # Pydantic settings
│ │ ├── database.py # Database config
│ │ ├── tenant_security.py # Multi-tenant security
│ │ ├── weaviate_manager.py # Vector DB manager
│ │ └── logging_config.py # Logging setup
│ ├── services/ # Business Services
│ │ ├── sf330/ # SF330 Processing
│ │ │ ├── ocr_engine.py # OCR with fallback
│ │ │ ├── skills_normalizer.py # Skill taxonomy
│ │ │ ├── models.py # Enhanced models
│ │ │ ├── validator.py # Data validation
│ │ │ └── enhanced_processor.py # Main processor
│ │ └── company/ # Company Services
│ │ ├── company_normalizer.py # Name normalization
│ │ └── ratings_config.py # Ratings & AI config
│ ├── models.py # SQLAlchemy models
│ ├── schemas.py # Pydantic schemas
│ ├── auth_middleware.py # JWT middleware
│ └── main.py # Application entry
├── tests/ # Test Suite
│ ├── services/ # Service tests
│ │ └── sf330/ # SF330 tests
│ ├── core/ # Core module tests
│ ├── api/ # API endpoint tests
│ └── pytest.ini # Pytest config
├── docs/ # Documentation
│ ├── BUSINESS_REQUIREMENTS.md # BRD document
│ ├── TECHNICAL_SPECIFICATION.md # Tech spec
│ └── SF330_PROCESSING_IMPROVEMENTS.md
├── alembic/ # Alembic database migrations
├── sql/ # Raw SQL migration scripts
│ └── migrations/ # Ordered migration files
│ ├── 001_multi_tenant_security.sql
│ └── 002_enhanced_ratings.sql
├── resources/ # Solicitation files
├── docker-compose.yml # Weaviate setup
├── requirements.txt # Python dependencies
├── setup.sh # Setup script
└── CLAUDE.md # Development guide
POST /api/v1/auth/login - User login
POST /api/v1/auth/register - Register tenant
POST /api/v1/auth/refresh - Refresh token
GET /api/v1/opportunities - List opportunities (paginated)
GET /api/v1/opportunities/{id} - Get opportunity details
PUT /api/v1/opportunities/{id} - Update status/notes
GET /api/v1/opportunities/{id}/score - Get match score details
POST /api/v1/sf330/search - Search projects/personnel
POST /api/v1/sf330/generate - Generate suggestions
POST /api/v1/sf330/upload - Upload SF330 for processing
GET /api/v1/sf330/{sol_num} - Get SF330 data
GET /api/v1/users - List users (tenant-scoped)
POST /api/v1/users - Create user
GET /api/v1/tenant/{id} - Get tenant info
PUT /api/v1/tenant/{id} - Update tenant
GET /api/v1/tenant/{id}/branding - Get branding
GET /api/v1/companies/details - List companies with ratings
PUT /api/v1/companies/{id} - Update company
POST /api/v1/companies/ratings - Add rating (internal/external)
GET /api/v1/companies/ratings/summary/{id} - Get comprehensive rating summary
GET /api/v1/companies/{id}/strengths - Get strengths
POST /api/v1/companies/normalize-name - Normalize company name & find matches
POST /api/v1/companies/{id}/aliases - Add company alias
GET /api/v1/companies/{id}/aliases - Get company aliases
GET /api/v1/companies/ai-config - Get AI matching configuration
PUT /api/v1/companies/ai-config - Update AI matching weights
GET /api/v1/dashboard/stats - Get pipeline statistics
GET /api/v1/dashboard/percentages - Match level distribution
Full API documentation: http://localhost:8000/api/docs
The SF330 processing system extracts and normalizes data from historical SF330 documents for AI-powered similarity matching.
| Feature | Description |
|---|---|
| OCR Support | EasyOCR + Tesseract fallback for scanned documents |
| Parallel Extraction | Async processing of sections A, C, E, F |
| Skills Normalization | Standardized A/E industry skill taxonomy |
| Certification Extraction | Auto-extract PE, PMP, LEED AP, SE, GE, etc. |
| Teaming Detection | Identify JV and subcontractor relationships |
| Validation | Quality scoring and cross-reference validation |
from app.services.sf330 import EnhancedSF330Processor
# Process an SF330 document
processor = EnhancedSF330Processor(model_name="llama3")
result = processor.process("/path/to/sf330.pdf")
# Access extracted data
print(f"Personnel: {len(result.personnel)}")
print(f"Projects: {len(result.projects)}")
print(f"Quality Score: {result.extraction_quality:.2%}")from app.services.sf330 import SkillNormalizer
normalizer = SkillNormalizer()
# Normalize a skill
skill = normalizer.normalize("structural engineering")
print(f"Canonical: {skill.canonical_name}") # structural_design
print(f"Category: {skill.category}") # engineering
# Gap analysis
covered, missing, coverage = normalizer.get_skill_gaps(
required=["structural design", "geotechnical"],
available=["structural engineering"]
)- PostgreSQL: All tables include
tenant_idwith foreign key constraints - Weaviate: All objects include
tenantIdproperty for filtering - API Layer: Automatic tenant filtering via middleware
| Role | Scope | Permissions |
|---|---|---|
| Super Admin | System | Full access to all tenants |
| Admin | Tenant | Manage users, settings, all data |
| User | Tenant | View/contribute content |
from app.core.tenant_security import require_same_tenant, get_tenant_id
@api_router.get("/{tenant_id}")
def get_tenant(tenant_id: UUID, request: Request):
# Validates user belongs to this tenant
require_same_tenant(request, tenant_id)
# ... proceed with request- JWT tokens with tenant and role claims
- bcrypt password hashing (12 rounds)
- Token expiration and refresh
- Role-based access control (RBAC)
- Per-endpoint permission checks
- Super Admin override capability
- Multi-tenant isolation
- Input validation (Pydantic)
- SQL injection prevention (SQLAlchemy ORM)
- All data access logged
- User context preserved
- IP address tracking
- NIST 800-171 controls
- FedRAMP alignment
- CMMC Level 2 readiness
# Run all tests
pytest tests/ -v
# Run with coverage
pytest tests/ --cov=app --cov-report=html
# Run specific test modules
pytest tests/services/sf330/ -v
pytest tests/core/test_tenant_security.py -v
pytest tests/api/test_endpoints.py -v
# Run by marker
pytest -m "unit" -v
pytest -m "integration" -vtests/
├── services/
│ └── sf330/
│ ├── test_models.py # Data model tests
│ ├── test_skills_normalizer.py # Skill normalization tests
│ └── test_validator.py # Validation tests
├── core/
│ └── test_tenant_security.py # Tenant isolation tests
├── api/
│ └── test_endpoints.py # API endpoint tests
└── test_auth_middleware.py # Auth middleware tests
- Minimum: 70% (enforced)
- Target: 80%+
# Start all services
./setup.sh
# Stop all services
./stop.shSee docs/DEPLOYMENT.md for detailed Azure deployment instructions.
Architecture:
- Azure Container Apps (FastAPI, Celery)
- Azure PostgreSQL Flexible Server
- Azure Redis Cache
- Azure Blob Storage (documents)
- Azure Front Door (CDN + WAF)
| Document | Description |
|---|---|
| CLAUDE.md | Development guidance for Claude Code |
| docs/BUSINESS_REQUIREMENTS.md | Business Requirements Document |
| docs/TECHNICAL_SPECIFICATION.md | Technical Architecture Spec |
| docs/SF330_PROCESSING_IMPROVEMENTS.md | SF330 Enhancement Roadmap |
| SETUP.md | Setup instructions |
| DATABASE.md | Database documentation |
| DEPLOYMENT.md | Deployment guide |
| ARCHITECTURE.md | System architecture |
| SECURITY_IMPROVEMENTS.md | Security audit report |
See CONTRIBUTING.md for guidelines.
- Python: PEP 8, type hints required
- Security: No hardcoded credentials
- Documentation: Docstrings for public functions
- Testing: Unit tests required for new features
Proprietary - Kenall Inc.
For questions, security concerns, or deployment support:
- Review documentation in this repository
- Contact Kenall IT team
Version: 2.0.0 Last Updated: January 2026 Security Review: Required before production deployment