Installation

Requirements

• Python 3.11 or later
• An OPA-compatible policy engine — Docker is the easiest path; see Policy engine options below for alternatives
• Apache 2.0 — no API key, no account, no telemetry phone-home

Install the package

pip install kitelogik

The base install is everything you need for the policy engine, the YAML→Rego compiler, the audit store, the credential broker, and all 11 framework adapters.

Optional extras

OSS ships a narrow set of extras:

Extra	Pulls in	When you need it
kitelogik[openai]	openai>=1.0.0	Using the OpenAI adapter or the OpenAI Agents SDK
kitelogik[google]	google-genai>=0.3.0	Using the Google ADK adapter
kitelogik[dev]	pytest, ruff, mypy, pre-commit, hypothesis	Contributing to Kite Logik itself

pip install "kitelogik[openai]"

Other framework adapters (LangChain, LangGraph, CrewAI, Pydantic AI, LlamaIndex, Semantic Kernel, Haystack, Dify) don't get their own extras — install the framework yourself, then pip install kitelogik.

Policy engine options

Kite Logik talks to a policy engine over HTTP (OPAClient) or evaluates Rego in-process (RegorusClient). Three setup paths in increasing order of friction:

A. Docker Compose from a kitelogik init scaffold (easiest)

kitelogik init my-agent generates a docker-compose.yml that runs OPA on :8181 with --watch enabled (so policy changes hot-reload).

kitelogik init my-agent
cd my-agent
docker compose up -d

This is the path documented in the Quickstart.

B. Direct docker run against an existing project

If you already have a policies/ directory and don't want a compose file:

docker run -d --name opa -p 8181:8181 \
    -v "$(pwd)/policies:/policies:ro" \
    openpolicyagent/opa:latest run --server --addr :8181 /policies

C. Point at an OPA you already operate

If your platform team runs OPA centrally:

from kitelogik import OPAClient, PolicyGate

gate = PolicyGate(opa_client=OPAClient(base_url="https://opa.internal"))

D. In-process Regorus (no Docker)

Microsoft's Regorus is a Rust-based Rego evaluator with Python bindings. Not yet on PyPI — build from source:

# 1. Install Rust: https://rustup.rs
git clone https://github.com/microsoft/regorus.git
cd regorus
cargo xtask build-python
pip install bindings/python/dist/regorus-*.whl

Then swap the engine in your code:

from kitelogik import PolicyGate, RegorusClient

gate = PolicyGate(opa_client=RegorusClient(policy_dir="./policies"))

WARNING

Regorus is labelled experimental upstream. For production deployments, prefer OPAClient against an OPA sidecar — same PolicyEvaluator protocol, broader operational tooling.

Verify the install

kitelogik version

You should see the installed package version. If you get command not found, the CLI was installed into a virtualenv that isn't on your PATH — activate the venv or invoke with python -m kitelogik.cli version.

Then check OPA is reachable:

curl -fsS http://localhost:8181/health && echo OK

Next

• Quickstart — scaffold an agent and see decisions in five minutes
• Your first governed tool — add @governed to a function you actually care about