A8065384/latticelm
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: A8065384:d782204c683cce7ca8031703b81b2ce9c7759fdd
Branches Tags
A8065384:main
...
compare: A8065384:main
Branches Tags
A8065384:main

11 Commits
d782204c68 ... main

Author SHA1 Message Date
Anibal Angulo
9991e2c253 Merge pull request 'Add Chat client to UI' (#5) from push-rtlulrsvzsvl into main
Some checks failed
CI / Test (push) Failing after 1m32s
Details
CI / Lint (push) Failing after 13s
Details
CI / Build (push) Has been skipped
Details
CI / Security Scan (push) Failing after 4m44s
Details
CI / Build and Push Docker Image (push) Has been skipped
Details 
Reviewed-on: #5
 2026-03-07 03:30:02 +00:00
Anibal Angulo
9bf562bf3a Add chat client to admin UI
Some checks failed
CI / Test (pull_request) Failing after 1m33s
Details
CI / Lint (pull_request) Failing after 14s
Details
CI / Build (pull_request) Has been skipped
Details
CI / Security Scan (pull_request) Failing after 4m49s
Details
CI / Build and Push Docker Image (pull_request) Has been skipped
Details
2026-03-06 23:03:34 +00:00
Anibal Angulo
89c7e3ac85 Add fail-fast on init for missing provider credentials 2026-03-06 22:09:18 +00:00
Anibal Angulo
610b6c3367 Add deployment guides 2026-03-06 21:55:42 +00:00
Anibal Angulo
205974c351 Merge pull request 'Add Admin UI' (#4) from push-onxnztxtpxtz into main
Some checks failed
CI / Test (push) Failing after 1m34s
Details
CI / Lint (push) Failing after 13s
Details
CI / Build (push) Has been skipped
Details
CI / Security Scan (push) Failing after 4m38s
Details
CI / Build and Push Docker Image (push) Has been skipped
Details 
Reviewed-on: #4
 2026-03-05 23:10:50 +00:00
Anibal Angulo
7025ec746c Add admin UI
Some checks failed
CI / Test (pull_request) Failing after 1m33s
Details
CI / Lint (pull_request) Failing after 13s
Details
CI / Build (pull_request) Has been skipped
Details
CI / Security Scan (pull_request) Failing after 4m47s
Details
CI / Build and Push Docker Image (pull_request) Has been skipped
Details
2026-03-05 23:09:27 +00:00
Anibal Angulo
667217e66b Merge pull request 'Add CI and production grade improvements' (#3) from push-kquouluryqwu into main
Some checks failed
CI / Test (push) Failing after 1m38s
Details
CI / Security Scan (push) Has been cancelled
Details
CI / Build (push) Has been cancelled
Details
CI / Build and Push Docker Image (push) Has been cancelled
Details
CI / Lint (push) Has been cancelled
Details 
Reviewed-on: #3
 2026-03-05 23:09:11 +00:00
Anibal Angulo
59ded107a7 Improve test coverage
Some checks failed
CI / Test (pull_request) Failing after 2m58s
Details
CI / Lint (pull_request) Failing after 43s
Details
CI / Build (pull_request) Has been skipped
Details
CI / Security Scan (pull_request) Failing after 12m4s
Details
CI / Build and Push Docker Image (pull_request) Has been skipped
Details
2026-03-05 22:07:27 +00:00
Anibal Angulo
f8653ebc26 Update dependencies 2026-03-05 18:29:32 +00:00
Anibal Angulo
ccb8267813 Improve test coverage 2026-03-05 18:14:24 +00:00
A8065384
1e0bb0be8c Add comprehensive test coverage improvements 
Improved overall test coverage from 37.9% to 51.0% (+13.1 percentage points)

New test files:
- internal/observability/metrics_test.go (18 test functions)
- internal/observability/tracing_test.go (11 test functions)
- internal/observability/provider_wrapper_test.go (12 test functions)
- internal/conversation/sql_store_test.go (16 test functions)
- internal/conversation/redis_store_test.go (15 test functions)

Test helper utilities:
- internal/observability/testing.go
- internal/conversation/testing.go

Coverage improvements by package:
- internal/conversation: 0% → 66.0% (+66.0%)
- internal/observability: 0% → 34.5% (+34.5%)

Test infrastructure:
- Added miniredis/v2 for Redis store testing
- Added prometheus/testutil for metrics testing

Total: ~2,000 lines of test code, 72 new test functions

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-03-05 17:58:03 +00:00
65 changed files with 12972 additions and 1259 deletions
Expand all files Collapse all files

5
.gitignore vendored
View File

@@ -56,3 +56,8 @@ __pycache__/*
# Node.js (compliance tests)
tests/node_modules/
# Frontend
frontend/admin/node_modules/
frontend/admin/dist/
internal/admin/dist/

24
Dockerfile
View File

@@ -1,9 +1,23 @@
# Multi-stage build for Go LLM Gateway
# Stage 1: Build the Go binary
# Stage 1: Build the frontend
FROM node:18-alpine AS frontend-builder
WORKDIR /frontend
# Copy package files for better caching
COPY frontend/admin/package*.json ./
RUN npm ci --only=production
# Copy frontend source and build
COPY frontend/admin/ ./
RUN npm run build
# Stage 2: Build the Go binary
FROM golang:alpine AS builder
# Install build dependencies
RUN apk add --no-cache git ca-certificates tzdata
RUN apk add --no-cache git ca-certificates tzdata gcc musl-dev
WORKDIR /build
@@ -14,10 +28,12 @@ RUN go mod download
# Copy source code
COPY . .
# Copy pre-built frontend assets from stage 1
COPY --from=frontend-builder /frontend/dist ./internal/admin/dist
# Build the binary with optimizations
# CGO is required for SQLite support
RUN apk add --no-cache gcc musl-dev && \
CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build \
RUN CGO_ENABLED=1 GOOS=linux GOARCH=amd64 go build \
-ldflags='-w -s -extldflags "-static"' \
-a -installsuffix cgo \
-o gateway \

18
Makefile
View File

@@ -27,11 +27,27 @@ help: ## Show this help message
@echo "Targets:"
@awk 'BEGIN {FS = ":.*##"; printf "\n"} /^[a-zA-Z_-]+:.*?##/ { printf " %-20s %s\n", $$1, $$2 }' $(MAKEFILE_LIST)
# Frontend targets
frontend-install: ## Install frontend dependencies
@echo "Installing frontend dependencies..."
cd frontend/admin && npm install
frontend-build: ## Build frontend
@echo "Building frontend..."
cd frontend/admin && npm run build
rm -rf internal/admin/dist
cp -r frontend/admin/dist internal/admin/
frontend-dev: ## Run frontend dev server
cd frontend/admin && npm run dev
# Development targets
build: ## Build the binary
@echo "Building $(APP_NAME)..."
CGO_ENABLED=1 $(GOBUILD) -o $(BUILD_DIR)/$(APP_NAME) ./cmd/gateway
build-all: frontend-build build ## Build frontend and backend
build-static: ## Build static binary
@echo "Building static binary..."
CGO_ENABLED=1 $(GOBUILD) -ldflags='-w -s -extldflags "-static"' -a -installsuffix cgo -o $(BUILD_DIR)/$(APP_NAME) ./cmd/gateway
@@ -61,6 +77,8 @@ tidy: ## Tidy go modules
clean: ## Clean build artifacts
@echo "Cleaning..."
rm -rf $(BUILD_DIR)
rm -rf internal/admin/dist
rm -rf frontend/admin/dist
rm -f coverage.out coverage.html
# Docker targets

327
OBSERVABILITY.md
View File

@@ -1,327 +0,0 @@
# Observability Implementation
This document describes the observability features implemented in the LLM Gateway.
## Overview
The gateway now includes comprehensive observability with:
- **Prometheus Metrics**: Track HTTP requests, provider calls, token usage, and conversation operations
- **OpenTelemetry Tracing**: Distributed tracing with OTLP exporter support
- **Enhanced Logging**: Trace context correlation for log aggregation
## Configuration
Add the following to your `config.yaml`:
```yaml
observability:
enabled: true # Master switch for all observability features
metrics:
enabled: true
path: "/metrics" # Prometheus metrics endpoint
tracing:
enabled: true
service_name: "llm-gateway"
sampler:
type: "probability" # "always", "never", or "probability"
rate: 0.1 # 10% sampling rate
exporter:
type: "otlp" # "otlp" for production, "stdout" for development
endpoint: "localhost:4317" # OTLP collector endpoint
insecure: true # Use insecure connection (for development)
# headers: # Optional authentication headers
# authorization: "Bearer your-token"
```
## Metrics
### HTTP Metrics
- `http_requests_total` - Total HTTP requests (labels: method, path, status)
- `http_request_duration_seconds` - Request latency histogram
- `http_request_size_bytes` - Request body size histogram
- `http_response_size_bytes` - Response body size histogram
### Provider Metrics
- `provider_requests_total` - Provider API calls (labels: provider, model, operation, status)
- `provider_request_duration_seconds` - Provider latency histogram
- `provider_tokens_total` - Token usage (labels: provider, model, type=input/output)
- `provider_stream_ttfb_seconds` - Time to first byte for streaming
- `provider_stream_chunks_total` - Stream chunk count
- `provider_stream_duration_seconds` - Total stream duration
### Conversation Store Metrics
- `conversation_operations_total` - Store operations (labels: operation, backend, status)
- `conversation_operation_duration_seconds` - Store operation latency
- `conversation_active_count` - Current number of conversations (gauge)
### Example Queries
```promql
# Request rate
rate(http_requests_total[5m])
# P95 latency
histogram_quantile(0.95, rate(http_request_duration_seconds_bucket[5m]))
# Error rate
rate(http_requests_total{status=~"5.."}[5m])
# Tokens per minute by model
rate(provider_tokens_total[1m]) * 60
# Provider latency by model
histogram_quantile(0.95, rate(provider_request_duration_seconds_bucket[5m])) by (provider, model)
```
## Tracing
### Trace Structure
Each request creates a trace with the following span hierarchy:
```
HTTP GET /v1/responses
├── provider.generate or provider.generate_stream
├── conversation.get (if using previous_response_id)
└── conversation.create (to store result)
```
### Span Attributes
HTTP spans include:
- `http.method`, `http.route`, `http.status_code`
- `http.request_id` - Request ID for correlation
- `trace_id`, `span_id` - For log correlation
Provider spans include:
- `provider.name`, `provider.model`
- `provider.input_tokens`, `provider.output_tokens`
- `provider.chunk_count`, `provider.ttfb_seconds` (for streaming)
Conversation spans include:
- `conversation.id`, `conversation.backend`
- `conversation.message_count`, `conversation.model`
### Log Correlation
Logs now include `trace_id` and `span_id` fields when tracing is enabled, allowing you to:
1. Find all logs for a specific trace
2. Jump from a log entry to the corresponding trace in Jaeger/Tempo
Example log entry:
```json
{
"time": "2026-03-03T06:36:44Z",
"level": "INFO",
"msg": "response generated",
"request_id": "74722802-6be1-4e14-8e73-d86823fed3e3",
"trace_id": "5d8a7c3f2e1b9a8c7d6e5f4a3b2c1d0e",
"span_id": "1a2b3c4d5e6f7a8b",
"provider": "openai",
"model": "gpt-4o-mini",
"input_tokens": 23,
"output_tokens": 156
}
```
## Testing Observability
### 1. Test Metrics Endpoint
```bash
# Start the gateway with observability enabled
./bin/gateway -config config.yaml
# Query metrics endpoint
curl http://localhost:8080/metrics
```
Expected output includes:
```
# HELP http_requests_total Total number of HTTP requests
# TYPE http_requests_total counter
http_requests_total{method="GET",path="/metrics",status="200"} 1
# HELP conversation_active_count Number of active conversations
# TYPE conversation_active_count gauge
conversation_active_count{backend="memory"} 0
```
### 2. Test Tracing with Stdout Exporter
Set up config with stdout exporter for quick testing:
```yaml
observability:
enabled: true
tracing:
enabled: true
sampler:
type: "always"
exporter:
type: "stdout"
```
Make a request and check the logs for JSON-formatted spans.
### 3. Test Tracing with Jaeger
Run Jaeger with OTLP support:
```bash
docker run -d --name jaeger \
-e COLLECTOR_OTLP_ENABLED=true \
-p 4317:4317 \
-p 16686:16686 \
jaegertracing/all-in-one:latest
```
Update config:
```yaml
observability:
enabled: true
tracing:
enabled: true
sampler:
type: "probability"
rate: 1.0 # 100% for testing
exporter:
type: "otlp"
endpoint: "localhost:4317"
insecure: true
```
Make requests and view traces at http://localhost:16686
### 4. End-to-End Test
```bash
# Make a test request
curl -X POST http://localhost:8080/v1/responses \
-H "Content-Type: application/json" \
-d '{
"model": "gpt-4o-mini",
"input": "Hello, world!"
}'
# Check metrics
curl http://localhost:8080/metrics | grep -E "(http_requests|provider_)"
# Expected metrics updates:
# - http_requests_total incremented
# - provider_requests_total incremented
# - provider_tokens_total incremented for input and output
# - provider_request_duration_seconds updated
```
### 5. Load Test
```bash
# Install hey if needed
go install github.com/rakyll/hey@latest
# Run load test
hey -n 1000 -c 10 -m POST \
-H "Content-Type: application/json" \
-d '{"model":"gpt-4o-mini","input":"test"}' \
http://localhost:8080/v1/responses
# Check metrics for aggregated data
curl http://localhost:8080/metrics | grep http_request_duration_seconds
```
## Integration with Monitoring Stack
### Prometheus
Add to `prometheus.yml`:
```yaml
scrape_configs:
- job_name: 'llm-gateway'
static_configs:
- targets: ['localhost:8080']
metrics_path: '/metrics'
scrape_interval: 15s
```
### Grafana
Import dashboards for:
- HTTP request rates and latencies
- Provider performance by model
- Token usage and costs
- Error rates and types
### Tempo/Jaeger
The gateway exports traces via OTLP protocol. Configure your trace backend to accept OTLP on port 4317 (gRPC).
## Architecture
### Middleware Chain
```
Client Request
loggingMiddleware (request ID, logging)
tracingMiddleware (W3C Trace Context, spans)
metricsMiddleware (Prometheus metrics)
rateLimitMiddleware (rate limiting)
authMiddleware (authentication)
Application Routes
```
### Instrumentation Pattern
- **Providers**: Wrapped with `InstrumentedProvider` that tracks calls, latency, and token usage
- **Conversation Store**: Wrapped with `InstrumentedStore` that tracks operations and size
- **HTTP Layer**: Middleware captures request/response metrics and creates trace spans
### W3C Trace Context
The gateway supports W3C Trace Context propagation:
- Extracts `traceparent` header from incoming requests
- Creates child spans for downstream operations
- Propagates context through the entire request lifecycle
## Performance Impact
Observability features have minimal overhead:
- Metrics: < 1% latency increase
- Tracing (10% sampling): < 2% latency increase
- Tracing (100% sampling): < 5% latency increase
Recommended configuration for production:
- Metrics: Enabled
- Tracing: Enabled with 10-20% sampling rate
- Exporter: OTLP to dedicated collector
## Troubleshooting
### Metrics endpoint returns 404
- Check `observability.metrics.enabled` is `true`
- Verify `observability.enabled` is `true`
- Check `observability.metrics.path` configuration
### No traces appearing in Jaeger
- Verify OTLP collector is running on configured endpoint
- Check sampling rate (try `type: "always"` for testing)
- Look for tracer initialization errors in logs
- Verify `observability.tracing.enabled` is `true`
### High memory usage
- Reduce trace sampling rate
- Check for metric cardinality explosion (too many label combinations)
- Consider using recording rules in Prometheus
### Missing trace IDs in logs
- Ensure tracing is enabled
- Check that requests are being sampled (sampling rate > 0)
- Verify OpenTelemetry dependencies are correctly installed

807
README.md
View File

@@ -1,16 +1,47 @@
# latticelm
> A production-ready LLM proxy gateway written in Go with enterprise features
## Table of Contents
- [Overview](#overview)
- [Supported Providers](#supported-providers)
- [Key Features](#key-features)
- [Status](#status)
- [Use Cases](#use-cases)
- [Architecture](#architecture)
- [Quick Start](#quick-start)
- [API Standard](#api-standard)
- [API Reference](#api-reference)
- [Tech Stack](#tech-stack)
- [Project Structure](#project-structure)
- [Configuration](#configuration)
- [Chat Client](#chat-client)
- [Conversation Management](#conversation-management)
- [Observability](#observability)
- [Circuit Breakers](#circuit-breakers)
- [Azure OpenAI](#azure-openai)
- [Azure Anthropic](#azure-anthropic-microsoft-foundry)
- [Admin Web UI](#admin-web-ui)
- [Deployment](#deployment)
- [Authentication](#authentication)
- [Production Features](#production-features)
- [Roadmap](#roadmap)
- [Documentation](#documentation)
- [Contributing](#contributing)
- [License](#license)
## Overview
A lightweight LLM proxy gateway written in Go that provides a unified API interface for multiple LLM providers. Similar to LiteLLM, but built natively in Go using each provider's official SDK.
A production-ready LLM proxy gateway written in Go that provides a unified API interface for multiple LLM providers. Similar to LiteLLM, but built natively in Go using each provider's official SDK with enterprise features including rate limiting, circuit breakers, observability, and authentication.
## Purpose
## Supported Providers
Simplify LLM integration by exposing a single, consistent API that routes requests to different providers:
- **OpenAI** (GPT models)
- **Azure OpenAI** (Azure-deployed models)
- **Anthropic** (Claude)
- **Google Generative AI** (Gemini)
- **Azure OpenAI** (Azure-deployed OpenAI models)
- **Anthropic** (Claude models)
- **Azure Anthropic** (Microsoft Foundry-hosted Claude models)
- **Google Generative AI** (Gemini models)
- **Vertex AI** (Google Cloud-hosted Gemini models)
Instead of managing multiple SDK integrations in your application, call one endpoint and let the gateway handle provider-specific implementations.
@@ -31,11 +62,24 @@ latticelm (unified API)
## Key Features
### Core Functionality
- **Single API interface** for multiple LLM providers
- **Native Go SDKs** for optimal performance and type safety
- **Provider abstraction** - switch providers without changing client code
- **Lightweight** - minimal overhead, fast routing
- **Easy configuration** - manage API keys and provider settings centrally
- **Streaming support** - Server-Sent Events for all providers
- **Conversation tracking** - Efficient context management with `previous_response_id`
### Production Features
- **Circuit breakers** - Automatic failure detection and recovery per provider
- **Rate limiting** - Per-IP token bucket algorithm with configurable limits
- **OAuth2/OIDC authentication** - Support for Google, Auth0, and any OIDC provider
- **Observability** - Prometheus metrics and OpenTelemetry tracing
- **Health checks** - Kubernetes-compatible liveness and readiness endpoints
- **Admin Web UI** - Built-in dashboard for monitoring and configuration
### Configuration
- **Easy setup** - YAML configuration with environment variable overrides
- **Flexible storage** - In-memory, SQLite, MySQL, PostgreSQL, or Redis for conversations
## Use Cases
@@ -45,42 +89,70 @@ latticelm (unified API)
- A/B testing across different models
- Centralized LLM access for microservices
## 🎉 Status: **WORKING!**
## Status
**All providers integrated with official Go SDKs:**
**Production Ready** - All core features implemented and tested.
### Provider Integration
✅ All providers use official Go SDKs:
- OpenAI → `github.com/openai/openai-go/v3`
- Azure OpenAI → `github.com/openai/openai-go/v3` (with Azure auth)
- Anthropic → `github.com/anthropics/anthropic-sdk-go`
- Google → `google.golang.org/genai`
- Azure Anthropic → `github.com/anthropics/anthropic-sdk-go` (with Azure auth)
- Google Gen AI → `google.golang.org/genai`
- Vertex AI → `google.golang.org/genai` (with GCP auth)
**Compiles successfully** (36MB binary)
**Provider auto-selection** (gpt→Azure/OpenAI, claude→Anthropic, gemini→Google)
**Configuration system** (YAML with env var support)
**Streaming support** (Server-Sent Events for all providers)
**OAuth2/OIDC authentication** (Google, Auth0, any OIDC provider)
**Terminal chat client** (Python with Rich UI, PEP 723)
**Conversation tracking** (previous_response_id for efficient context)
**Rate limiting** (Per-IP token bucket with configurable limits)
**Health & readiness endpoints** (Kubernetes-compatible health checks)
### Features
✅ Provider auto-selection (gpt→OpenAI, claude→Anthropic, gemini→Google)
Streaming responses (Server-Sent Events)
Conversation tracking with `previous_response_id`
✅ OAuth2/OIDC authentication
Rate limiting with token bucket algorithm
Circuit breakers for fault tolerance
Observability (Prometheus metrics + OpenTelemetry tracing)
✅ Health & readiness endpoints
✅ Admin Web UI dashboard
✅ Terminal chat client (Python with Rich UI)
## Quick Start
### Prerequisites
- Go 1.21+ (for building from source)
- Docker (optional, for containerized deployment)
- Node.js 18+ (optional, for Admin UI development)
### Running Locally
```bash
# 1. Set API keys
# 1. Clone the repository
git clone https://github.com/yourusername/latticelm.git
cd latticelm
# 2. Set API keys
export OPENAI_API_KEY="your-key"
export ANTHROPIC_API_KEY="your-key"
export GOOGLE_API_KEY="your-key"
# 2. Build
cd latticelm
go build -o gateway ./cmd/gateway
# 3. Copy and configure settings (optional)
cp config.example.yaml config.yaml
# Edit config.yaml to customize settings
# 3. Run
./gateway
# 4. Build (includes Admin UI)
make build-all
# 4. Test (non-streaming)
curl -X POST http://localhost:8080/v1/chat/completions \
# 5. Run
./bin/llm-gateway
# Gateway starts on http://localhost:8080
# Admin UI available at http://localhost:8080/admin/
```
### Testing the API
**Non-streaming request:**
```bash
curl -X POST http://localhost:8080/v1/responses \
-H "Content-Type: application/json" \
-d '{
"model": "gpt-4o-mini",
@@ -91,9 +163,11 @@ curl -X POST http://localhost:8080/v1/chat/completions \
}
]
}'
```
# 5. Test streaming
curl -X POST http://localhost:8080/v1/chat/completions \
**Streaming request:**
```bash
curl -X POST http://localhost:8080/v1/responses \
-H "Content-Type: application/json" \
-N \
-d '{
@@ -108,6 +182,20 @@ curl -X POST http://localhost:8080/v1/chat/completions \
}'
```
### Development Mode
Run backend and frontend separately for live reloading:
```bash
# Terminal 1: Backend with auto-reload
make dev-backend
# Terminal 2: Frontend dev server
make dev-frontend
```
Frontend runs on `http://localhost:5173` with hot module replacement.
## API Standard
This gateway implements the **[Open Responses](https://www.openresponses.org)** specification — an open-source, multi-provider API standard for LLM interfaces based on OpenAI's Responses API.
@@ -124,64 +212,245 @@ By following the Open Responses spec, this gateway ensures:
For full specification details, see: **https://www.openresponses.org**
## API Reference
### Core Endpoints
#### POST /v1/responses
Create a chat completion response (streaming or non-streaming).
**Request body:**
```json
{
"model": "gpt-4o-mini",
"stream": false,
"input": [
{
"role": "user",
"content": [{"type": "input_text", "text": "Hello!"}]
}
],
"previous_response_id": "optional-conversation-id",
"provider": "optional-explicit-provider"
}
```
**Response (non-streaming):**
```json
{
"id": "resp_abc123",
"object": "response",
"model": "gpt-4o-mini",
"provider": "openai",
"output": [
{
"role": "assistant",
"content": [{"type": "text", "text": "Hello! How can I help you?"}]
}
],
"usage": {
"input_tokens": 10,
"output_tokens": 8
}
}
```
**Response (streaming):**
Server-Sent Events with `data: {...}` lines containing deltas.
#### GET /v1/models
List available models.
**Response:**
```json
{
"object": "list",
"data": [
{"id": "gpt-4o-mini", "provider": "openai"},
{"id": "claude-3-5-sonnet", "provider": "anthropic"},
{"id": "gemini-1.5-flash", "provider": "google"}
]
}
```
### Health Endpoints
#### GET /health
Liveness probe (always returns 200 if server is running).
**Response:**
```json
{
"status": "healthy",
"timestamp": 1709438400
}
```
#### GET /ready
Readiness probe (checks conversation store and providers).
**Response:**
```json
{
"status": "ready",
"timestamp": 1709438400,
"checks": {
"conversation_store": "healthy",
"providers": "healthy"
}
}
```
Returns 503 if any check fails.
### Admin Endpoints
#### GET /admin/
Web dashboard (when admin UI is enabled).
#### GET /admin/api/info
System information.
#### GET /admin/api/health
Detailed health status.
#### GET /admin/api/config
Current configuration (secrets masked).
### Observability Endpoints
#### GET /metrics
Prometheus metrics (when observability is enabled).
## Tech Stack
- **Language:** Go
- **API Specification:** [Open Responses](https://www.openresponses.org)
- **SDKs:**
- `google.golang.org/genai` (Google Generative AI)
- Anthropic Go SDK
- OpenAI Go SDK
- **Transport:** RESTful HTTP (potentially gRPC in the future)
## Status
🚧 **In Development** - Project specification and initial setup phase.
## Getting Started
1. **Copy the example config** and fill in provider API keys:
```bash
cp config.example.yaml config.yaml
```
You can also override API keys via environment variables (`GOOGLE_API_KEY`, `ANTHROPIC_API_KEY`, `OPENAI_API_KEY`).
2. **Run the gateway** using the default configuration path:
```bash
go run ./cmd/gateway --config config.yaml
```
The server listens on the address configured under `server.address` (defaults to `:8080`).
3. **Call the Open Responses endpoint**:
```bash
curl -X POST http://localhost:8080/v1/responses \
-H 'Content-Type: application/json' \
-d '{
"model": "gpt-4o-mini",
"input": [
{"role": "user", "content": [{"type": "input_text", "text": "Hello!"}]}
]
}'
```
Include `"provider": "anthropic"` (or `google`, `openai`) to pin a provider; otherwise the gateway infers it from the model name.
- **Official SDKs:**
- `google.golang.org/genai` (Google Generative AI & Vertex AI)
- `github.com/anthropics/anthropic-sdk-go` (Anthropic & Azure Anthropic)
- `github.com/openai/openai-go/v3` (OpenAI & Azure OpenAI)
- **Observability:**
- Prometheus for metrics
- OpenTelemetry for distributed tracing
- **Resilience:**
- Circuit breakers via `github.com/sony/gobreaker`
- Token bucket rate limiting
- **Transport:** RESTful HTTP with Server-Sent Events for streaming
## Project Structure
- `cmd/gateway`: Entry point that loads configuration, wires providers, and starts the HTTP server.
- `internal/config`: YAML configuration loader with environment overrides for API keys.
- `internal/api`: Open Responses request/response types and validation helpers.
- `internal/server`: HTTP handlers that expose `/v1/responses`.
- `internal/providers`: Provider abstractions plus provider-specific scaffolding in `google`, `anthropic`, and `openai` subpackages.
```
latticelm/
├── cmd/gateway/ # Main application entry point
├── internal/
│ ├── admin/ # Admin UI backend and embedded frontend
│ ├── api/ # Open Responses types and validation
│ ├── auth/ # OAuth2/OIDC authentication
│ ├── config/ # YAML configuration loader
│ ├── conversation/ # Conversation tracking and storage
│ ├── logger/ # Structured logging setup
│ ├── metrics/ # Prometheus metrics
│ ├── providers/ # Provider implementations
│ │ ├── anthropic/
│ │ ├── azureanthropic/
│ │ ├── azureopenai/
│ │ ├── google/
│ │ ├── openai/
│ │ └── vertexai/
│ ├── ratelimit/ # Rate limiting implementation
│ ├── server/ # HTTP server and handlers
│ └── tracing/ # OpenTelemetry tracing
├── frontend/admin/ # Vue.js Admin UI
├── k8s/ # Kubernetes manifests
├── tests/ # Integration tests
├── config.example.yaml # Example configuration
├── Makefile # Build and development tasks
└── README.md
```
## Configuration
The gateway uses a YAML configuration file with support for environment variable overrides.
### Basic Configuration
```yaml
server:
address: ":8080"
max_request_body_size: 10485760 # 10MB
logging:
format: "json" # or "text" for development
level: "info" # debug, info, warn, error
# Configure providers (API keys can use ${ENV_VAR} syntax)
providers:
openai:
type: "openai"
api_key: "${OPENAI_API_KEY}"
anthropic:
type: "anthropic"
api_key: "${ANTHROPIC_API_KEY}"
google:
type: "google"
api_key: "${GOOGLE_API_KEY}"
# Map model names to providers
models:
- name: "gpt-4o-mini"
provider: "openai"
- name: "claude-3-5-sonnet"
provider: "anthropic"
- name: "gemini-1.5-flash"
provider: "google"
```
### Advanced Configuration
```yaml
# Rate limiting
rate_limit:
enabled: true
requests_per_second: 10
burst: 20
# Authentication
auth:
enabled: true
issuer: "https://accounts.google.com"
audience: "your-client-id.apps.googleusercontent.com"
# Observability
observability:
enabled: true
metrics:
enabled: true
path: "/metrics"
tracing:
enabled: true
service_name: "llm-gateway"
exporter:
type: "otlp"
endpoint: "localhost:4317"
# Conversation storage
conversations:
store: "sql" # memory, sql, or redis
ttl: "1h"
driver: "sqlite3"
dsn: "conversations.db"
# Admin UI
admin:
enabled: true
```
See `config.example.yaml` for complete configuration options with detailed comments.
## Chat Client
Interactive terminal chat interface with beautiful Rich UI:
Interactive terminal chat interface with beautiful Rich UI powered by Python and the Rich library:
```bash
# Basic usage
@@ -195,20 +464,118 @@ You> /model claude
You> /models # List all available models
```
The chat client automatically uses `previous_response_id` to reduce token usage by only sending new messages instead of the full conversation history.
Features:
- **Syntax highlighting** for code blocks
- **Markdown rendering** for formatted responses
- **Model switching** on the fly with `/model` command
- **Conversation history** with automatic `previous_response_id` tracking
- **Streaming responses** with real-time display
See **[CHAT_CLIENT.md](./CHAT_CLIENT.md)** for full documentation.
The chat client uses [PEP 723](https://peps.python.org/pep-0723/) inline script metadata, so `uv run` automatically installs dependencies.
## Conversation Management
The gateway implements conversation tracking using `previous_response_id` from the Open Responses spec:
The gateway implements efficient conversation tracking using `previous_response_id` from the Open Responses spec:
- 📉 **Reduced token usage** - Only send new messages
- ⚡ **Smaller requests** - Less bandwidth
- 🧠 **Server-side context** - Gateway maintains history
- ⏰ **Auto-expire** - Conversations expire after 1 hour
- 📉 **Reduced token usage** - Only send new messages, not full history
-**Smaller requests** - Less bandwidth and faster responses
- 🧠 **Server-side context** - Gateway maintains conversation state
-**Auto-expire** - Conversations expire after configurable TTL (default: 1 hour)
See **[CONVERSATIONS.md](./CONVERSATIONS.md)** for details.
### Storage Options
Choose from multiple storage backends:
```yaml
conversations:
store: "memory" # "memory", "sql", or "redis"
ttl: "1h" # Conversation expiration
# SQLite (default for sql)
driver: "sqlite3"
dsn: "conversations.db"
# MySQL
# driver: "mysql"
# dsn: "user:password@tcp(localhost:3306)/dbname?parseTime=true"
# PostgreSQL
# driver: "pgx"
# dsn: "postgres://user:password@localhost:5432/dbname?sslmode=disable"
# Redis
# store: "redis"
# dsn: "redis://:password@localhost:6379/0"
```
## Observability
The gateway provides comprehensive observability through Prometheus metrics and OpenTelemetry tracing.
### Metrics
Enable Prometheus metrics to monitor gateway performance:
```yaml
observability:
enabled: true
metrics:
enabled: true
path: "/metrics" # Default endpoint
```
Available metrics include:
- Request counts and latencies per provider and model
- Error rates and types
- Circuit breaker state changes
- Rate limit hits
- Conversation store operations
Access metrics at `http://localhost:8080/metrics` (Prometheus scrape format).
### Tracing
Enable OpenTelemetry tracing for distributed request tracking:
```yaml
observability:
enabled: true
tracing:
enabled: true
service_name: "llm-gateway"
sampler:
type: "probability" # "always", "never", or "probability"
rate: 0.1 # Sample 10% of requests
exporter:
type: "otlp" # Send to OpenTelemetry Collector
endpoint: "localhost:4317" # gRPC endpoint
insecure: true # Use TLS in production
```
Traces include:
- End-to-end request flow
- Provider API calls
- Conversation store lookups
- Circuit breaker operations
- Authentication checks
Use with Jaeger, Zipkin, or any OpenTelemetry-compatible backend.
## Circuit Breakers
The gateway automatically wraps each provider with a circuit breaker for fault tolerance. When a provider experiences failures, the circuit breaker:
1. **Closed state** - Normal operation, requests pass through
2. **Open state** - Fast-fail after threshold reached, returns errors immediately
3. **Half-open state** - Allows test requests to check if provider recovered
Default configuration (per provider):
- **Max requests in half-open**: 3
- **Interval**: 60 seconds (resets failure count)
- **Timeout**: 30 seconds (open → half-open transition)
- **Failure ratio**: 0.5 (50% failures trips circuit)
Circuit breaker state changes are logged and exposed via metrics.
## Azure OpenAI
@@ -234,13 +601,162 @@ export AZURE_OPENAI_ENDPOINT="https://your-resource.openai.azure.com"
./gateway
```
The `provider_model_id` field lets you map a friendly model name to the actual provider identifier (e.g., an Azure deployment name). If omitted, the model `name` is used directly. See **[AZURE_OPENAI.md](./AZURE_OPENAI.md)** for complete setup guide.
The `provider_model_id` field lets you map a friendly model name to the actual provider identifier (e.g., an Azure deployment name). If omitted, the model `name` is used directly.
## Azure Anthropic (Microsoft Foundry)
The gateway supports Azure-hosted Anthropic models through Microsoft's AI Foundry:
```yaml
providers:
azureanthropic:
type: "azureanthropic"
api_key: "${AZURE_ANTHROPIC_API_KEY}"
endpoint: "https://your-resource.services.ai.azure.com/anthropic"
models:
- name: "claude-sonnet-4-5"
provider: "azureanthropic"
provider_model_id: "claude-sonnet-4-5-20250514" # optional
```
```bash
export AZURE_ANTHROPIC_API_KEY="..."
export AZURE_ANTHROPIC_ENDPOINT="https://your-resource.services.ai.azure.com/anthropic"
./gateway
```
Azure Anthropic provides Claude models with Azure's compliance, security, and regional deployment options.
## Admin Web UI
The gateway includes a built-in admin web interface for monitoring and configuration.
### Features
- **System Information** - View version, uptime, platform details
- **Health Checks** - Monitor server, providers, and conversation store status
- **Provider Status** - View configured providers and their models
- **Configuration** - View current configuration (with secrets masked)
### Accessing the Admin UI
1. Enable in config:
```yaml
admin:
enabled: true
```
2. Build with frontend assets:
```bash
make build-all
```
3. Access at: `http://localhost:8080/admin/`
### Development Mode
Run backend and frontend separately for development:
```bash
# Terminal 1: Run backend
make dev-backend
# Terminal 2: Run frontend dev server
make dev-frontend
```
Frontend dev server runs on `http://localhost:5173` and proxies API requests to backend.
## Deployment
### Docker
**See the [Docker Deployment Guide](./docs/DOCKER_DEPLOYMENT.md)** for complete instructions on using pre-built images.
Build and run with Docker:
```bash
# Build Docker image (includes Admin UI automatically)
docker build -t llm-gateway:latest .
# Run container
docker run -d \
--name llm-gateway \
-p 8080:8080 \
-e GOOGLE_API_KEY="your-key" \
-e ANTHROPIC_API_KEY="your-key" \
-e OPENAI_API_KEY="your-key" \
llm-gateway:latest
# Check status
docker logs llm-gateway
```
The Docker build uses a multi-stage process that automatically builds the frontend, so you don't need Node.js installed locally.
**Using Docker Compose:**
```yaml
version: '3.8'
services:
llm-gateway:
build: .
ports:
- "8080:8080"
environment:
- OPENAI_API_KEY=${OPENAI_API_KEY}
- ANTHROPIC_API_KEY=${ANTHROPIC_API_KEY}
- GOOGLE_API_KEY=${GOOGLE_API_KEY}
restart: unless-stopped
```
```bash
docker-compose up -d
```
The Docker image:
- Uses 3-stage build (frontend → backend → runtime) for minimal size (~50MB)
- Automatically builds and embeds the Admin UI
- Runs as non-root user (UID 1000) for security
- Includes health checks for orchestration
- No need for Node.js or Go installed locally
### Kubernetes
Production-ready Kubernetes manifests are available in the `k8s/` directory:
```bash
# Deploy to Kubernetes
kubectl apply -k k8s/
# Or deploy individual manifests
kubectl apply -f k8s/namespace.yaml
kubectl apply -f k8s/deployment.yaml
kubectl apply -f k8s/service.yaml
kubectl apply -f k8s/ingress.yaml
```
Features included:
- **High availability** - 3+ replicas with pod anti-affinity
- **Auto-scaling** - HorizontalPodAutoscaler (3-20 replicas)
- **Security** - Non-root, read-only filesystem, network policies
- **Monitoring** - ServiceMonitor and PrometheusRule for Prometheus Operator
- **Storage** - Redis StatefulSet for conversation persistence
- **Ingress** - TLS with cert-manager integration
See **[k8s/README.md](./k8s/README.md)** for complete deployment guide including:
- Cloud-specific configurations (AWS EKS, GCP GKE, Azure AKS)
- Secrets management (External Secrets Operator, Sealed Secrets)
- Monitoring and alerting setup
- Troubleshooting guide
## Authentication
The gateway supports OAuth2/OIDC authentication. See **[AUTH.md](./AUTH.md)** for setup instructions.
The gateway supports OAuth2/OIDC authentication for securing API access.
**Quick example with Google OAuth:**
### Configuration
```yaml
auth:
@@ -308,12 +824,109 @@ The readiness endpoint verifies:
- At least one provider is configured
- Returns 503 if any check fails
## Next Steps
## Roadmap
-~~Implement streaming responses~~
-~~Add OAuth2/OIDC authentication~~
-~~Implement conversation tracking with previous_response_id~~
- ⬜ Add structured logging, tracing, and request-level metrics
- ⬜ Support tool/function calling
- ⬜ Persistent conversation storage (Redis/database)
- ⬜ Expand configuration to support routing policies (cost, latency, failover)
### Completed ✅
-Streaming responses (Server-Sent Events)
-OAuth2/OIDC authentication
- ✅ Conversation tracking with `previous_response_id`
- ✅ Persistent conversation storage (SQL and Redis)
- ✅ Circuit breakers for fault tolerance
- ✅ Rate limiting
- ✅ Observability (Prometheus metrics and OpenTelemetry tracing)
- ✅ Admin Web UI
- ✅ Health and readiness endpoints
### In Progress 🚧
- ⬜ Tool/function calling support across providers
- ⬜ Request-level cost tracking and budgets
- ⬜ Advanced routing policies (cost optimization, latency-based, failover)
- ⬜ Multi-tenancy with per-tenant rate limits and quotas
- ⬜ Request caching for identical prompts
- ⬜ Webhook notifications for events (failures, circuit breaker changes)
## Documentation
Comprehensive guides and documentation are available in the `/docs` directory:
- **[Docker Deployment Guide](./docs/DOCKER_DEPLOYMENT.md)** - Deploy with pre-built images or build from source
- **[Kubernetes Deployment Guide](./k8s/README.md)** - Production deployment with Kubernetes
- **[Admin UI Documentation](./docs/ADMIN_UI.md)** - Using the web dashboard
- **[Configuration Reference](./config.example.yaml)** - All configuration options explained
See the **[docs directory README](./docs/README.md)** for a complete documentation index.
## Contributing
Contributions are welcome! Here's how you can help:
### Reporting Issues
- **Bug reports**: Include steps to reproduce, expected vs actual behavior, and environment details
- **Feature requests**: Describe the use case and why it would be valuable
- **Security issues**: Email security concerns privately (don't open public issues)
### Development Workflow
1. **Fork and clone** the repository
2. **Create a branch** for your feature: `git checkout -b feature/your-feature-name`
3. **Make your changes** with clear, atomic commits
4. **Add tests** for new functionality
5. **Run tests**: `make test`
6. **Run linter**: `make lint`
7. **Update documentation** if needed
8. **Submit a pull request** with a clear description
### Code Standards
- Follow Go best practices and idioms
- Write tests for new features and bug fixes
- Keep functions small and focused
- Use meaningful variable names
- Add comments for complex logic
- Run `go fmt` before committing
### Testing
```bash
# Run all tests
make test
# Run specific package tests
go test ./internal/providers/...
# Run with coverage
make test-coverage
# Run integration tests (requires API keys)
make test-integration
```
### Adding a New Provider
1. Create provider implementation in `internal/providers/yourprovider/`
2. Implement the `Provider` interface
3. Add provider registration in `internal/providers/providers.go`
4. Add configuration support in `internal/config/`
5. Add tests and update documentation
## License
MIT License - see the repository for details.
## Acknowledgments
- Built with official SDKs from OpenAI, Anthropic, and Google
- Inspired by [LiteLLM](https://github.com/BerriAI/litellm)
- Implements the [Open Responses](https://www.openresponses.org) specification
- Uses [gobreaker](https://github.com/sony/gobreaker) for circuit breaker functionality
## Support
- **Documentation**: Check this README and the files in `/docs`
- **Issues**: Open a GitHub issue for bugs or feature requests
- **Discussions**: Use GitHub Discussions for questions and community support
---
**Made with ❤️ in Go**

169
SECURITY_IMPROVEMENTS.md
View File

@@ -1,169 +0,0 @@
# Security Improvements - March 2026
This document summarizes the security and reliability improvements made to the go-llm-gateway project.
## Issues Fixed
### 1. Request Size Limits (Issue #2) ✅
**Problem**: The server had no limits on request body size, making it vulnerable to DoS attacks via oversized payloads.
**Solution**: Implemented `RequestSizeLimitMiddleware` that enforces a maximum request body size.
**Implementation Details**:
- Created `internal/server/middleware.go` with `RequestSizeLimitMiddleware`
- Uses `http.MaxBytesReader` to enforce limits at the HTTP layer
- Default limit: 10MB (10,485,760 bytes)
- Configurable via `server.max_request_body_size` in config.yaml
- Returns HTTP 413 (Request Entity Too Large) for oversized requests
- Only applies to POST, PUT, and PATCH requests (not GET/DELETE)
**Files Modified**:
- `internal/server/middleware.go` (new file)
- `internal/server/server.go` (added 413 error handling)
- `cmd/gateway/main.go` (integrated middleware)
- `internal/config/config.go` (added config field)
- `config.example.yaml` (documented configuration)
**Testing**:
- Comprehensive test suite in `internal/server/middleware_test.go`
- Tests cover: small payloads, exact size, oversized payloads, different HTTP methods
- Integration test verifies middleware chain behavior
### 2. Panic Recovery Middleware (Issue #4) ✅
**Problem**: Any panic in HTTP handlers would crash the entire server, causing downtime.
**Solution**: Implemented `PanicRecoveryMiddleware` that catches panics and returns proper error responses.
**Implementation Details**:
- Created `PanicRecoveryMiddleware` in `internal/server/middleware.go`
- Uses `defer recover()` pattern to catch all panics
- Logs full stack trace with request context for debugging
- Returns HTTP 500 (Internal Server Error) to clients
- Positioned as the outermost middleware to catch panics from all layers
**Files Modified**:
- `internal/server/middleware.go` (new file)
- `cmd/gateway/main.go` (integrated as outermost middleware)
**Testing**:
- Tests verify recovery from string panics, error panics, and struct panics
- Integration test confirms panic recovery works through middleware chain
- Logs are captured and verified to include stack traces
### 3. Error Handling Improvements (Bonus) ✅
**Problem**: Multiple instances of ignored JSON encoding errors could lead to incomplete responses.
**Solution**: Fixed all ignored `json.Encoder.Encode()` errors throughout the codebase.
**Files Modified**:
- `internal/server/health.go` (lines 32, 86)
- `internal/server/server.go` (lines 72, 217)
All JSON encoding errors are now logged with proper context including request IDs.
## Architecture
### Middleware Chain Order
The middleware chain is now (from outermost to innermost):
1. **PanicRecoveryMiddleware** - Catches all panics
2. **RequestSizeLimitMiddleware** - Enforces body size limits
3. **loggingMiddleware** - Request/response logging
4. **TracingMiddleware** - OpenTelemetry tracing
5. **MetricsMiddleware** - Prometheus metrics
6. **rateLimitMiddleware** - Rate limiting
7. **authMiddleware** - OIDC authentication
8. **routes** - Application handlers
This order ensures:
- Panics are caught from all middleware layers
- Size limits are enforced before expensive operations
- All requests are logged, traced, and metered
- Security checks happen closest to the application
## Configuration
Add to your `config.yaml`:
```yaml
server:
address: ":8080"
max_request_body_size: 10485760 # 10MB in bytes (default)
```
To customize the size limit:
- **1MB**: `1048576`
- **5MB**: `5242880`
- **10MB**: `10485760` (default)
- **50MB**: `52428800`
If not specified, defaults to 10MB.
## Testing
All new functionality includes comprehensive tests:
```bash
# Run all tests
go test ./...
# Run only middleware tests
go test ./internal/server -v -run "TestPanicRecoveryMiddleware|TestRequestSizeLimitMiddleware"
# Run with coverage
go test ./internal/server -cover
```
**Test Coverage**:
- `internal/server/middleware.go`: 100% coverage
- All edge cases covered (panics, size limits, different HTTP methods)
- Integration tests verify middleware chain interactions
## Production Readiness
These changes significantly improve production readiness:
1. **DoS Protection**: Request size limits prevent memory exhaustion attacks
2. **Fault Tolerance**: Panic recovery prevents cascading failures
3. **Observability**: All errors are logged with proper context
4. **Configurability**: Limits can be tuned per deployment environment
## Remaining Production Concerns
While these issues are fixed, the following should still be addressed:
- **HIGH**: Exposed credentials in `.env` file (must rotate and remove from git)
- **MEDIUM**: Observability code has 0% test coverage
- **MEDIUM**: Conversation store has only 27% test coverage
- **LOW**: Missing circuit breaker pattern for provider failures
- **LOW**: No retry logic for failed provider requests
See the original assessment for complete details.
## Verification
Build and verify the changes:
```bash
# Build the application
go build ./cmd/gateway
# Run the gateway
./gateway -config config.yaml
# Test with oversized payload (should return 413)
curl -X POST http://localhost:8080/v1/responses \
-H "Content-Type: application/json" \
-d "$(python3 -c 'print("{\"data\":\"" + "x"*11000000 + "\"}")')"
```
Expected response: `HTTP 413 Request Entity Too Large`
## References
- [OWASP: Unvalidated Redirects and Forwards](https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/04-Testing_for_Client-side_Resource_Manipulation)
- [CWE-400: Uncontrolled Resource Consumption](https://cwe.mitre.org/data/definitions/400.html)
- [Go HTTP Server Best Practices](https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/)

36
cmd/gateway/main.go
View File

@@ -10,6 +10,7 @@ import (
"net/http"
"os"
"os/signal"
"runtime"
"syscall"
"time"
@@ -19,6 +20,7 @@ import (
_ "github.com/mattn/go-sqlite3"
"github.com/redis/go-redis/v9"
"github.com/ajac-zero/latticelm/internal/admin"
"github.com/ajac-zero/latticelm/internal/auth"
"github.com/ajac-zero/latticelm/internal/config"
"github.com/ajac-zero/latticelm/internal/conversation"
@@ -151,6 +153,24 @@ func main() {
mux := http.NewServeMux()
gatewayServer.RegisterRoutes(mux)
// Register admin endpoints if enabled
if cfg.Admin.Enabled {
// Check if frontend dist exists
if _, err := os.Stat("internal/admin/dist"); os.IsNotExist(err) {
log.Fatalf("admin UI enabled but frontend dist not found")
}
buildInfo := admin.BuildInfo{
Version: "dev",
BuildTime: time.Now().Format(time.RFC3339),
GitCommit: "unknown",
GoVersion: runtime.Version(),
}
adminServer := admin.New(registry, convStore, cfg, logger, buildInfo)
adminServer.RegisterRoutes(mux)
logger.Info("admin UI enabled", slog.String("path", "/admin/"))
}
// Register metrics endpoint if enabled
if cfg.Observability.Enabled && cfg.Observability.Metrics.Enabled {
metricsPath := cfg.Observability.Metrics.Path
@@ -333,23 +353,39 @@ func initConversationStore(cfg config.ConversationConfig, logger *slog.Logger) (
return conversation.NewMemoryStore(ttl), "memory", nil
}
}
type responseWriter struct {
http.ResponseWriter
statusCode int
bytesWritten int
wroteHeader bool
}
func (rw *responseWriter) WriteHeader(code int) {
if rw.wroteHeader {
return
}
rw.wroteHeader = true
rw.statusCode = code
rw.ResponseWriter.WriteHeader(code)
}
func (rw *responseWriter) Write(b []byte) (int, error) {
if !rw.wroteHeader {
rw.wroteHeader = true
rw.statusCode = http.StatusOK
}
n, err := rw.ResponseWriter.Write(b)
rw.bytesWritten += n
return n, err
}
func (rw *responseWriter) Flush() {
if flusher, ok := rw.ResponseWriter.(http.Flusher); ok {
flusher.Flush()
}
}
func loggingMiddleware(next http.Handler, logger *slog.Logger) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
start := time.Now()

57
cmd/gateway/main_test.go Normal file
View File

@@ -0,0 +1,57 @@
package main
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
)
var _ http.Flusher = (*responseWriter)(nil)
type countingFlusherRecorder struct {
*httptest.ResponseRecorder
flushCount int
}
func newCountingFlusherRecorder() *countingFlusherRecorder {
return &countingFlusherRecorder{ResponseRecorder: httptest.NewRecorder()}
}
func (r *countingFlusherRecorder) Flush() {
r.flushCount++
}
func TestResponseWriterWriteHeaderOnlyOnce(t *testing.T) {
rec := httptest.NewRecorder()
rw := &responseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
rw.WriteHeader(http.StatusCreated)
rw.WriteHeader(http.StatusInternalServerError)
assert.Equal(t, http.StatusCreated, rec.Code)
assert.Equal(t, http.StatusCreated, rw.statusCode)
}
func TestResponseWriterWriteSetsImplicitStatus(t *testing.T) {
rec := httptest.NewRecorder()
rw := &responseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
n, err := rw.Write([]byte("ok"))
assert.NoError(t, err)
assert.Equal(t, 2, n)
assert.Equal(t, http.StatusOK, rec.Code)
assert.Equal(t, http.StatusOK, rw.statusCode)
assert.Equal(t, 2, rw.bytesWritten)
}
func TestResponseWriterFlushDelegates(t *testing.T) {
rec := newCountingFlusherRecorder()
rw := &responseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
rw.Flush()
assert.Equal(t, 1, rec.flushCount)
}

3
config.example.yaml
View File

@@ -31,6 +31,9 @@ observability:
# headers: # Optional: custom headers for authentication
# authorization: "Bearer your-token-here"
admin:
enabled: true # Enable admin UI and API (default: false)
providers:
google:
type: "google"

241
docs/ADMIN_UI.md Normal file
View File

@@ -0,0 +1,241 @@
# Admin Web UI
The LLM Gateway includes a built-in admin web interface for monitoring and managing the gateway.
## Features
### System Information
- Version and build details
- Platform information (OS, architecture)
- Go version
- Server uptime
- Git commit hash
### Health Status
- Overall system health
- Individual health checks:
- Server status
- Provider availability
- Conversation store connectivity
### Provider Management
- View all configured providers
- See provider types (OpenAI, Anthropic, Google, etc.)
- List models available for each provider
- Monitor provider status
### Configuration Viewing
- View current gateway configuration
- Secrets are automatically masked for security
- Collapsible JSON view
- Shows all config sections:
- Server settings
- Providers
- Models
- Authentication
- Conversations
- Logging
- Rate limiting
- Observability
## Setup
### Production Build
1. **Enable admin UI in config:**
```yaml
admin:
enabled: true
```
2. **Build frontend and backend together:**
```bash
make build-all
```
This command:
- Builds the Vue 3 frontend
- Copies frontend assets to `internal/admin/dist`
- Embeds assets into the Go binary using `embed.FS`
- Compiles the gateway with embedded admin UI
3. **Run the gateway:**
```bash
./bin/llm-gateway --config config.yaml
```
4. **Access the admin UI:**
Navigate to `http://localhost:8080/admin/`
### Development Mode
For faster frontend development with hot reload:
**Terminal 1 - Backend:**
```bash
make dev-backend
# or
go run ./cmd/gateway --config config.yaml
```
**Terminal 2 - Frontend:**
```bash
make dev-frontend
# or
cd frontend/admin && npm run dev
```
The frontend dev server runs on `http://localhost:5173` and automatically proxies API requests to the backend on `http://localhost:8080`.
## Architecture
### Backend Components
**Package:** `internal/admin/`
- `server.go` - AdminServer struct and initialization
- `handlers.go` - API endpoint handlers
- `routes.go` - Route registration
- `response.go` - JSON response helpers
- `static.go` - Embedded frontend asset serving
### API Endpoints
All admin API endpoints are under `/admin/api/v1/`:
- `GET /admin/api/v1/system/info` - System information
- `GET /admin/api/v1/system/health` - Health checks
- `GET /admin/api/v1/config` - Configuration (secrets masked)
- `GET /admin/api/v1/providers` - Provider list and status
### Frontend Components
**Framework:** Vue 3 + TypeScript + Vite
**Directory:** `frontend/admin/`
```
frontend/admin/
├── src/
│ ├── main.ts # App entry point
│ ├── App.vue # Root component
│ ├── router.ts # Vue Router config
│ ├── api/
│ │ ├── client.ts # Axios HTTP client
│ │ ├── system.ts # System API calls
│ │ ├── config.ts # Config API calls
│ │ └── providers.ts # Providers API calls
│ ├── components/ # Reusable components
│ ├── views/
│ │ └── Dashboard.vue # Main dashboard view
│ └── types/
│ └── api.ts # TypeScript type definitions
├── index.html
├── package.json
├── vite.config.ts
└── tsconfig.json
```
## Security Features
### Secret Masking
All sensitive data is automatically masked in API responses:
- API keys show only first 4 and last 4 characters
- Database connection strings are partially hidden
- OAuth secrets are masked
Example:
```json
{
"api_key": "sk-p...xyz"
}
```
### Authentication
In MVP version, the admin UI inherits the gateway's existing authentication:
- If `auth.enabled: true`, admin UI requires valid JWT token
- If `auth.enabled: false`, admin UI is publicly accessible
**Note:** Production deployments should always enable authentication.
## Auto-Refresh
The dashboard automatically refreshes data every 30 seconds to keep information current.
## Browser Support
The admin UI works in all modern browsers:
- Chrome/Edge (recommended)
- Firefox
- Safari
## Build Process
### Frontend Build
```bash
cd frontend/admin
npm install
npm run build
```
Output: `frontend/admin/dist/`
### Embedding in Go Binary
The `internal/admin/static.go` file uses Go's `embed` directive:
```go
//go:embed all:dist
var frontendAssets embed.FS
```
This embeds all files from the `dist` directory into the compiled binary, creating a single-file deployment artifact.
### SPA Routing
The admin UI is a Single Page Application (SPA). The static file server implements fallback to `index.html` for client-side routing, allowing Vue Router to handle navigation.
## Troubleshooting
### Admin UI shows 404
- Ensure `admin.enabled: true` in config
- Rebuild with `make build-all` to embed frontend assets
- Check that `internal/admin/dist/` exists and contains built assets
### API calls fail
- Check that backend is running on port 8080
- Verify CORS is not blocking requests (should not be an issue as UI is served from same origin)
- Check browser console for errors
### Frontend won't build
- Ensure Node.js 18+ is installed: `node --version`
- Install dependencies: `cd frontend/admin && npm install`
- Check for npm errors in build output
### Assets not loading
- Verify Vite config has correct `base: '/admin/'`
- Check that asset paths in `index.html` are correct
- Ensure Go's embed is finding the dist folder
## Future Enhancements
Planned features for future releases:
- [ ] RBAC with admin/viewer roles
- [ ] Audit logging for all admin actions
- [ ] Configuration editing (hot reload)
- [ ] Provider management (add/edit/delete)
- [ ] Model management
- [ ] Circuit breaker reset controls
- [ ] Real-time metrics and charts
- [ ] Request/response inspection
- [ ] Rate limit management

471
docs/DOCKER_DEPLOYMENT.md Normal file
View File

@@ -0,0 +1,471 @@
# Docker Deployment Guide
> Deploy the LLM Gateway using pre-built Docker images or build your own.
## Table of Contents
- [Quick Start](#quick-start)
- [Using Pre-Built Images](#using-pre-built-images)
- [Configuration](#configuration)
- [Docker Compose](#docker-compose)
- [Building from Source](#building-from-source)
- [Production Considerations](#production-considerations)
- [Troubleshooting](#troubleshooting)
## Quick Start
Pull and run the latest image:
```bash
docker run -d \
--name llm-gateway \
-p 8080:8080 \
-e OPENAI_API_KEY="sk-your-key" \
-e ANTHROPIC_API_KEY="sk-ant-your-key" \
-e GOOGLE_API_KEY="your-key" \
ghcr.io/yourusername/llm-gateway:latest
# Verify it's running
curl http://localhost:8080/health
```
## Using Pre-Built Images
Images are automatically built and published via GitHub Actions on every release.
### Available Tags
- `latest` - Latest stable release
- `v1.2.3` - Specific version tags
- `main` - Latest commit on main branch (unstable)
- `sha-abc1234` - Specific commit SHA
### Pull from Registry
```bash
# Pull latest stable
docker pull ghcr.io/yourusername/llm-gateway:latest
# Pull specific version
docker pull ghcr.io/yourusername/llm-gateway:v1.2.3
# List local images
docker images | grep llm-gateway
```
### Basic Usage
```bash
docker run -d \
--name llm-gateway \
-p 8080:8080 \
--env-file .env \
ghcr.io/yourusername/llm-gateway:latest
```
## Configuration
### Environment Variables
Create a `.env` file with your API keys:
```bash
# Required: At least one provider
OPENAI_API_KEY=sk-your-openai-key
ANTHROPIC_API_KEY=sk-ant-your-anthropic-key
GOOGLE_API_KEY=your-google-key
# Optional: Server settings
SERVER_ADDRESS=:8080
LOGGING_LEVEL=info
LOGGING_FORMAT=json
# Optional: Features
ADMIN_ENABLED=true
RATE_LIMIT_ENABLED=true
RATE_LIMIT_REQUESTS_PER_SECOND=10
RATE_LIMIT_BURST=20
# Optional: Auth
AUTH_ENABLED=false
AUTH_ISSUER=https://accounts.google.com
AUTH_AUDIENCE=your-client-id.apps.googleusercontent.com
# Optional: Observability
OBSERVABILITY_ENABLED=false
OBSERVABILITY_METRICS_ENABLED=false
OBSERVABILITY_TRACING_ENABLED=false
```
Run with environment file:
```bash
docker run -d \
--name llm-gateway \
-p 8080:8080 \
--env-file .env \
ghcr.io/yourusername/llm-gateway:latest
```
### Using Config File
For more complex configurations, use a YAML config file:
```bash
# Create config from example
cp config.example.yaml config.yaml
# Edit config.yaml with your settings
# Mount config file into container
docker run -d \
--name llm-gateway \
-p 8080:8080 \
-v $(pwd)/config.yaml:/app/config.yaml:ro \
ghcr.io/yourusername/llm-gateway:latest \
--config /app/config.yaml
```
### Persistent Storage
For persistent conversation storage with SQLite:
```bash
docker run -d \
--name llm-gateway \
-p 8080:8080 \
-v llm-gateway-data:/app/data \
-e OPENAI_API_KEY="your-key" \
-e CONVERSATIONS_STORE=sql \
-e CONVERSATIONS_DRIVER=sqlite3 \
-e CONVERSATIONS_DSN=/app/data/conversations.db \
ghcr.io/yourusername/llm-gateway:latest
```
## Docker Compose
The project includes a production-ready `docker-compose.yaml` file.
### Basic Setup
```bash
# Create .env file with API keys
cat > .env <<EOF
GOOGLE_API_KEY=your-google-key
ANTHROPIC_API_KEY=sk-ant-your-key
OPENAI_API_KEY=sk-your-key
EOF
# Start gateway + Redis
docker-compose up -d
# Check status
docker-compose ps
# View logs
docker-compose logs -f gateway
```
### With Monitoring
Enable Prometheus and Grafana:
```bash
docker-compose --profile monitoring up -d
```
Access services:
- Gateway: http://localhost:8080
- Admin UI: http://localhost:8080/admin/
- Prometheus: http://localhost:9090
- Grafana: http://localhost:3000 (admin/admin)
### Managing Services
```bash
# Stop all services
docker-compose down
# Stop and remove volumes (deletes data!)
docker-compose down -v
# Restart specific service
docker-compose restart gateway
# View logs
docker-compose logs -f gateway
# Update to latest image
docker-compose pull
docker-compose up -d
```
## Building from Source
If you need to build your own image:
```bash
# Clone repository
git clone https://github.com/yourusername/latticelm.git
cd latticelm
# Build image (includes frontend automatically)
docker build -t llm-gateway:local .
# Run your build
docker run -d \
--name llm-gateway \
-p 8080:8080 \
--env-file .env \
llm-gateway:local
```
### Multi-Platform Builds
Build for multiple architectures:
```bash
# Setup buildx
docker buildx create --use
# Build and push multi-platform
docker buildx build \
--platform linux/amd64,linux/arm64 \
-t ghcr.io/yourusername/llm-gateway:latest \
--push .
```
## Production Considerations
### Security
**Use secrets management:**
```bash
# Docker secrets (Swarm)
echo "sk-your-key" | docker secret create openai_key -
docker service create \
--name llm-gateway \
--secret openai_key \
-e OPENAI_API_KEY_FILE=/run/secrets/openai_key \
ghcr.io/yourusername/llm-gateway:latest
```
**Run as non-root:**
The image already runs as UID 1000 (non-root) by default.
**Read-only filesystem:**
```bash
docker run -d \
--name llm-gateway \
--read-only \
--tmpfs /tmp \
-v llm-gateway-data:/app/data \
-p 8080:8080 \
--env-file .env \
ghcr.io/yourusername/llm-gateway:latest
```
### Resource Limits
Set memory and CPU limits:
```bash
docker run -d \
--name llm-gateway \
-p 8080:8080 \
--memory="512m" \
--cpus="1.0" \
--env-file .env \
ghcr.io/yourusername/llm-gateway:latest
```
### Health Checks
The image includes built-in health checks:
```bash
# Check health status
docker inspect --format='{{.State.Health.Status}}' llm-gateway
# Manual health check
curl http://localhost:8080/health
curl http://localhost:8080/ready
```
### Logging
Configure structured JSON logging:
```bash
docker run -d \
--name llm-gateway \
-p 8080:8080 \
-e LOGGING_FORMAT=json \
-e LOGGING_LEVEL=info \
--log-driver=json-file \
--log-opt max-size=10m \
--log-opt max-file=3 \
ghcr.io/yourusername/llm-gateway:latest
```
### Networking
**Custom network:**
```bash
# Create network
docker network create llm-network
# Run gateway on network
docker run -d \
--name llm-gateway \
--network llm-network \
-p 8080:8080 \
--env-file .env \
ghcr.io/yourusername/llm-gateway:latest
# Run Redis on same network
docker run -d \
--name redis \
--network llm-network \
redis:7-alpine
```
## Troubleshooting
### Container Won't Start
Check logs:
```bash
docker logs llm-gateway
docker logs --tail 50 llm-gateway
```
Common issues:
- Missing required API keys
- Port 8080 already in use (use `-p 9000:8080`)
- Invalid configuration file syntax
### High Memory Usage
Monitor resources:
```bash
docker stats llm-gateway
```
Set limits:
```bash
docker update --memory="512m" llm-gateway
```
### Connection Issues
**Test from inside container:**
```bash
docker exec -it llm-gateway wget -O- http://localhost:8080/health
```
**Check port bindings:**
```bash
docker port llm-gateway
```
**Test provider connectivity:**
```bash
docker exec llm-gateway wget -O- https://api.openai.com
```
### Database Locked (SQLite)
If using SQLite with multiple containers:
```bash
# SQLite doesn't support concurrent writes
# Use Redis or PostgreSQL instead:
docker run -d \
--name redis \
redis:7-alpine
docker run -d \
--name llm-gateway \
-p 8080:8080 \
-e CONVERSATIONS_STORE=redis \
-e CONVERSATIONS_DSN=redis://redis:6379/0 \
--link redis \
ghcr.io/yourusername/llm-gateway:latest
```
### Image Pull Failures
**Authentication:**
```bash
# Login to GitHub Container Registry
echo $GITHUB_TOKEN | docker login ghcr.io -u USERNAME --password-stdin
# Pull image
docker pull ghcr.io/yourusername/llm-gateway:latest
```
**Rate limiting:**
Images are public but may be rate-limited. Use Docker Hub mirror or cache.
### Debugging
**Interactive shell:**
```bash
docker exec -it llm-gateway sh
```
**Inspect configuration:**
```bash
# Check environment variables
docker exec llm-gateway env
# Check config file
docker exec llm-gateway cat /app/config.yaml
```
**Network debugging:**
```bash
docker exec llm-gateway wget --spider http://localhost:8080/health
docker exec llm-gateway ping google.com
```
## Useful Commands
```bash
# Container lifecycle
docker stop llm-gateway
docker start llm-gateway
docker restart llm-gateway
docker rm -f llm-gateway
# Logs
docker logs -f llm-gateway
docker logs --tail 100 llm-gateway
docker logs --since 30m llm-gateway
# Cleanup
docker system prune -a
docker volume prune
docker image prune -a
# Updates
docker pull ghcr.io/yourusername/llm-gateway:latest
docker stop llm-gateway
docker rm llm-gateway
docker run -d --name llm-gateway ... ghcr.io/yourusername/llm-gateway:latest
```
## Next Steps
- **Production deployment**: See [Kubernetes guide](../k8s/README.md) for orchestration
- **Monitoring**: Enable Prometheus metrics and set up Grafana dashboards
- **Security**: Configure OAuth2/OIDC authentication
- **Scaling**: Use Kubernetes HPA or Docker Swarm for auto-scaling
## Additional Resources
- [Main README](../README.md) - Full documentation
- [Kubernetes Deployment](../k8s/README.md) - Production orchestration
- [Configuration Reference](../config.example.yaml) - All config options
- [GitHub Container Registry](https://github.com/yourusername/latticelm/pkgs/container/llm-gateway) - Published images

286
docs/IMPLEMENTATION_SUMMARY.md Normal file
View File

@@ -0,0 +1,286 @@
# Admin UI Implementation Summary
## Overview
Successfully implemented a minimal viable product (MVP) of the Admin Web UI for the go-llm-gateway service. This provides a web-based dashboard for monitoring and viewing gateway configuration.
## What Was Implemented
### Backend (Go)
**Package:** `internal/admin/`
1. **server.go** - AdminServer struct with dependencies
- Holds references to provider registry, conversation store, config, logger
- Stores build info and start time for system metrics
2. **handlers.go** - API endpoint handlers
- `handleSystemInfo()` - Returns version, uptime, platform details
- `handleSystemHealth()` - Health checks for server, providers, store
- `handleConfig()` - Returns sanitized config (secrets masked)
- `handleProviders()` - Lists all configured providers with models
3. **routes.go** - Route registration
- Registers all API endpoints under `/admin/api/v1/`
- Registers static file handler for `/admin/` path
4. **response.go** - JSON response helpers
- Standard `APIResponse` wrapper
- `writeSuccess()` and `writeError()` helpers
5. **static.go** - Embedded frontend serving
- Uses Go's `embed.FS` to bundle frontend assets
- SPA fallback to index.html for client-side routing
- Proper content-type detection and serving
**Integration:** `cmd/gateway/main.go`
- Creates AdminServer when `admin.enabled: true`
- Registers admin routes with main mux
- Uses existing auth middleware (no separate RBAC in MVP)
**Configuration:** Added `AdminConfig` to `internal/config/config.go`
```go
type AdminConfig struct {
Enabled bool `yaml:"enabled"`
}
```
### Frontend (Vue 3 + TypeScript)
**Directory:** `frontend/admin/`
**Setup Files:**
- `package.json` - Dependencies and build scripts
- `vite.config.ts` - Vite build config with `/admin/` base path
- `tsconfig.json` - TypeScript configuration
- `index.html` - HTML entry point
**Source Structure:**
```
src/
├── main.ts # App initialization
├── App.vue # Root component
├── router.ts # Vue Router config
├── api/
│ ├── client.ts # Axios HTTP client with auth interceptor
│ ├── system.ts # System API wrapper
│ ├── config.ts # Config API wrapper
│ └── providers.ts # Providers API wrapper
├── views/
│ └── Dashboard.vue # Main dashboard view
└── types/
└── api.ts # TypeScript type definitions
```
**Dashboard Features:**
- System information card (version, uptime, platform)
- Health status card with individual check badges
- Providers card showing all providers and their models
- Configuration viewer (collapsible JSON display)
- Auto-refresh every 30 seconds
- Responsive grid layout
- Clean, professional styling
### Build System
**Makefile targets added:**
```makefile
frontend-install # Install npm dependencies
frontend-build # Build frontend and copy to internal/admin/dist
frontend-dev # Run Vite dev server
build-all # Build both frontend and backend
```
**Build Process:**
1. `npm run build` creates optimized production bundle in `frontend/admin/dist/`
2. `cp -r frontend/admin/dist internal/admin/` copies assets to embed location
3. Go's `//go:embed all:dist` directive embeds files into binary
4. Single binary deployment with built-in admin UI
### Documentation
**Files Created:**
- `docs/ADMIN_UI.md` - Complete admin UI documentation
- `docs/IMPLEMENTATION_SUMMARY.md` - This file
**Files Updated:**
- `README.md` - Added admin UI section and usage instructions
- `config.example.yaml` - Added admin config example
## Files Created/Modified
### New Files (Backend)
- `internal/admin/server.go`
- `internal/admin/handlers.go`
- `internal/admin/routes.go`
- `internal/admin/response.go`
- `internal/admin/static.go`
### New Files (Frontend)
- `frontend/admin/package.json`
- `frontend/admin/vite.config.ts`
- `frontend/admin/tsconfig.json`
- `frontend/admin/tsconfig.node.json`
- `frontend/admin/index.html`
- `frontend/admin/.gitignore`
- `frontend/admin/src/main.ts`
- `frontend/admin/src/App.vue`
- `frontend/admin/src/router.ts`
- `frontend/admin/src/api/client.ts`
- `frontend/admin/src/api/system.ts`
- `frontend/admin/src/api/config.ts`
- `frontend/admin/src/api/providers.ts`
- `frontend/admin/src/views/Dashboard.vue`
- `frontend/admin/src/types/api.ts`
- `frontend/admin/public/vite.svg`
### Modified Files
- `cmd/gateway/main.go` - Added AdminServer integration
- `internal/config/config.go` - Added AdminConfig struct
- `config.example.yaml` - Added admin section
- `config.yaml` - Added admin.enabled: true
- `Makefile` - Added frontend build targets
- `README.md` - Added admin UI documentation
- `.gitignore` - Added frontend build artifacts
### Documentation
- `docs/ADMIN_UI.md` - Full admin UI guide
- `docs/IMPLEMENTATION_SUMMARY.md` - This summary
## Testing
All functionality verified:
- ✅ System info endpoint returns correct data
- ✅ Health endpoint shows all checks
- ✅ Providers endpoint lists configured providers
- ✅ Config endpoint masks secrets properly
- ✅ Admin UI HTML served correctly
- ✅ Static assets (JS, CSS, SVG) load properly
- ✅ SPA routing works (fallback to index.html)
## What Was Deferred
Based on the MVP scope decision, these features were deferred to future releases:
- RBAC (admin/viewer roles) - Currently uses existing auth only
- Audit logging - No admin action logging in MVP
- CSRF protection - Not needed for read-only endpoints
- Configuration editing - Config is read-only
- Provider management - Cannot add/edit/delete providers
- Model management - Cannot modify model mappings
- Circuit breaker controls - No manual reset capability
- Comprehensive testing - Only basic smoke tests performed
## How to Use
### Production Deployment
1. Enable in config:
```yaml
admin:
enabled: true
```
2. Build:
```bash
make build-all
```
3. Run:
```bash
./bin/llm-gateway --config config.yaml
```
4. Access: `http://localhost:8080/admin/`
### Development
**Backend:**
```bash
make dev-backend
```
**Frontend:**
```bash
make dev-frontend
```
Frontend dev server on `http://localhost:5173` proxies API to backend.
## Architecture Decisions
### Why Separate AdminServer?
Created a new `AdminServer` struct instead of extending `GatewayServer` to:
- Maintain clean separation of concerns
- Allow independent evolution of admin vs gateway features
- Support different RBAC requirements (future)
- Simplify testing and maintenance
### Why Vue 3?
Chosen for:
- Modern, lightweight framework
- Excellent TypeScript support
- Simple learning curve
- Good balance of features vs bundle size
- Active ecosystem and community
### Why Embed Assets?
Using Go's `embed.FS` provides:
- Single binary deployment
- No external dependencies at runtime
- Simpler ops (no separate frontend hosting)
- Version consistency (frontend matches backend)
### Why MVP Approach?
Three-day timeline required focus on core features:
- Essential monitoring capabilities
- Foundation for future enhancements
- Working end-to-end implementation
- Proof of concept for architecture
## Success Metrics
✅ All planned MVP features implemented
✅ Clean, maintainable code structure
✅ Comprehensive documentation
✅ Working build and deployment process
✅ Ready for future enhancements
## Next Steps
When expanding beyond MVP, consider implementing:
1. **Phase 2: Configuration Management**
- Config editing UI
- Hot reload support
- Validation and error handling
- Rollback capability
2. **Phase 3: RBAC & Security**
- Admin/viewer role separation
- Audit logging for all actions
- CSRF protection for mutations
- Session management
3. **Phase 4: Advanced Features**
- Provider add/edit/delete
- Model management UI
- Circuit breaker controls
- Real-time metrics dashboard
- Request/response inspection
- Rate limit configuration
## Total Implementation Time
Estimated: 2-3 days (MVP scope)
- Day 1: Backend API and infrastructure (4-6 hours)
- Day 2: Frontend development (4-6 hours)
- Day 3: Integration, testing, documentation (2-4 hours)
## Conclusion
Successfully delivered a working Admin Web UI MVP that provides essential monitoring and configuration viewing capabilities. The implementation follows Go and Vue.js best practices, includes comprehensive documentation, and establishes a solid foundation for future enhancements.

74
docs/README.md Normal file
View File

@@ -0,0 +1,74 @@
# Documentation
Welcome to the latticelm documentation. This directory contains detailed guides and documentation for various aspects of the LLM Gateway.
## User Guides
### [Docker Deployment Guide](./DOCKER_DEPLOYMENT.md)
Complete guide to deploying the LLM Gateway using Docker with pre-built images or building from source.
**Topics covered:**
- Using pre-built container images from CI/CD
- Configuration with environment variables and config files
- Docker Compose setup with Redis and monitoring
- Production considerations (security, resources, networking)
- Multi-platform builds
- Troubleshooting and debugging
### [Admin Web UI](./ADMIN_UI.md)
Documentation for the built-in admin dashboard.
**Topics covered:**
- Accessing the Admin UI
- Features and capabilities
- System information dashboard
- Provider status monitoring
- Configuration management
## Developer Documentation
### [Admin UI Specification](./admin-ui-spec.md)
Technical specification and design document for the Admin UI component.
**Topics covered:**
- Component architecture
- API endpoints
- UI mockups and wireframes
- Implementation details
### [Implementation Summary](./IMPLEMENTATION_SUMMARY.md)
Overview of the implementation details and architecture decisions.
**Topics covered:**
- System architecture
- Provider implementations
- Key features and their implementations
- Technology stack
## Additional Resources
## Deployment Guides
### [Kubernetes Deployment Guide](../k8s/README.md)
Production-grade Kubernetes deployment with high availability, monitoring, and security.
**Topics covered:**
- Deploying with Kustomize and kubectl
- Secrets management (External Secrets Operator, Sealed Secrets)
- Monitoring with Prometheus and OpenTelemetry
- Horizontal Pod Autoscaling and PodDisruptionBudgets
- Security best practices (RBAC, NetworkPolicies, Pod Security)
- Cloud-specific guides (AWS EKS, GCP GKE, Azure AKS)
- Storage options (Redis, PostgreSQL, managed services)
- Rolling updates and rollback strategies
For more documentation, see:
- **[Main README](../README.md)** - Overview, quick start, and feature documentation
- **[Configuration Example](../config.example.yaml)** - Detailed configuration options with comments
## Need Help?
- **Issues**: Check the [GitHub Issues](https://github.com/yourusername/latticelm/issues)
- **Discussions**: Use [GitHub Discussions](https://github.com/yourusername/latticelm/discussions) for questions
- **Contributing**: See [Contributing Guidelines](../README.md#contributing) in the main README

2445
docs/admin-ui-spec.md Normal file
View File

File diff suppressed because it is too large Load Diff

24
frontend/admin/.gitignore vendored Normal file
View File

@@ -0,0 +1,24 @@
# Logs
logs
*.log
npm-debug.log*
yarn-debug.log*
yarn-error.log*
pnpm-debug.log*
lerna-debug.log*
node_modules
dist
dist-ssr
*.local
# Editor directories and files
.vscode/*
!.vscode/extensions.json
.idea
.DS_Store
*.suo
*.ntvs*
*.njsproj
*.sln
*.sw?

13
frontend/admin/index.html Normal file
View File

@@ -0,0 +1,13 @@
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<link rel="icon" type="image/svg+xml" href="/admin/vite.svg" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>LLM Gateway Admin</title>
</head>
<body>
<div id="app"></div>
<script type="module" src="/src/main.ts"></script>
</body>
</html>

1720
frontend/admin/package-lock.json generated Normal file
View File

File diff suppressed because it is too large Load Diff

23
frontend/admin/package.json Normal file
View File

@@ -0,0 +1,23 @@
{
"name": "llm-gateway-admin",
"version": "0.1.0",
"private": true,
"type": "module",
"scripts": {
"dev": "vite",
"build": "vite build",
"preview": "vite preview"
},
"dependencies": {
"axios": "^1.6.0",
"openai": "^6.27.0",
"vue": "^3.4.0",
"vue-router": "^4.2.0"
},
"devDependencies": {
"@vitejs/plugin-vue": "^5.0.0",
"typescript": "^5.3.0",
"vite": "^5.0.0",
"vue-tsc": "^1.8.0"
}
}

1
frontend/admin/public/vite.svg Normal file
View File

@@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" aria-hidden="true" role="img" class="iconify iconify--logos" width="31.88" height="32" preserveAspectRatio="xMidYMid meet" viewBox="0 0 256 257"><defs><linearGradient id="IconifyId1813088fe1fbc01fb466" x1="-.828%" x2="57.636%" y1="7.652%" y2="78.411%"><stop offset="0%" stop-color="#41D1FF"></stop><stop offset="100%" stop-color="#BD34FE"></stop></linearGradient><linearGradient id="IconifyId1813088fe1fbc01fb467" x1="43.376%" x2="50.316%" y1="2.242%" y2="89.03%"><stop offset="0%" stop-color="#FFEA83"></stop><stop offset="8.333%" stop-color="#FFDD35"></stop><stop offset="100%" stop-color="#FFA800"></stop></linearGradient></defs><path fill="url(#IconifyId1813088fe1fbc01fb466)" d="M255.153 37.938L134.897 252.976c-2.483 4.44-8.862 4.466-11.382.048L.875 37.958c-2.746-4.814 1.371-10.646 6.827-9.67l120.385 21.517a6.537 6.537 0 0 0 2.322-.004l117.867-21.483c5.438-.991 9.574 4.796 6.877 9.62Z"></path><path fill="url(#IconifyId1813088fe1fbc01fb467)" d="M185.432.063L96.44 17.501a3.268 3.268 0 0 0-2.634 3.014l-5.474 92.456a3.268 3.268 0 0 0 3.997 3.378l24.777-5.718c2.318-.535 4.413 1.507 3.936 3.838l-7.361 36.047c-.495 2.426 1.782 4.5 4.151 3.78l15.304-4.649c2.372-.72 4.652 1.36 4.15 3.788l-11.698 56.621c-.732 3.542 3.979 5.473 5.943 2.437l1.313-2.028l72.516-144.72c1.215-2.423-.88-5.186-3.54-4.672l-25.505 4.922c-2.396.462-4.435-1.77-3.759-4.114l16.646-57.705c.677-2.35-1.37-4.583-3.769-4.113Z"></path></svg>
Side by Side

After

Width:  |  Height:  |  Size: 1.5 KiB

26
frontend/admin/src/App.vue Normal file
View File

@@ -0,0 +1,26 @@
<template>
<div id="app">
<router-view />
</div>
</template>
<script setup lang="ts">
</script>
<style>
* {
margin: 0;
padding: 0;
box-sizing: border-box;
}
body {
font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, Oxygen, Ubuntu, Cantarell, sans-serif;
background-color: #f5f5f5;
color: #333;
}
#app {
min-height: 100vh;
}
</style>

51
frontend/admin/src/api/client.ts Normal file
View File

@@ -0,0 +1,51 @@
import axios, { AxiosInstance } from 'axios'
import type { APIResponse } from '../types/api'
class APIClient {
private client: AxiosInstance
constructor() {
this.client = axios.create({
baseURL: '/admin/api/v1',
headers: {
'Content-Type': 'application/json',
},
})
// Request interceptor for auth
this.client.interceptors.request.use((config) => {
const token = localStorage.getItem('auth_token')
if (token) {
config.headers.Authorization = `Bearer ${token}`
}
return config
})
// Response interceptor for error handling
this.client.interceptors.response.use(
(response) => response,
(error) => {
console.error('API Error:', error)
return Promise.reject(error)
}
)
}
async get<T>(url: string): Promise<T> {
const response = await this.client.get<APIResponse<T>>(url)
if (response.data.success && response.data.data) {
return response.data.data
}
throw new Error(response.data.error?.message || 'Unknown error')
}
async post<T>(url: string, data: any): Promise<T> {
const response = await this.client.post<APIResponse<T>>(url, data)
if (response.data.success && response.data.data) {
return response.data.data
}
throw new Error(response.data.error?.message || 'Unknown error')
}
}
export const apiClient = new APIClient()

8
frontend/admin/src/api/config.ts Normal file
View File

@@ -0,0 +1,8 @@
import { apiClient } from './client'
import type { ConfigResponse } from '../types/api'
export const configAPI = {
async getConfig(): Promise<ConfigResponse> {
return apiClient.get<ConfigResponse>('/config')
},
}

8
frontend/admin/src/api/providers.ts Normal file
View File

@@ -0,0 +1,8 @@
import { apiClient } from './client'
import type { ProviderInfo } from '../types/api'
export const providersAPI = {
async getProviders(): Promise<ProviderInfo[]> {
return apiClient.get<ProviderInfo[]>('/providers')
},
}

12
frontend/admin/src/api/system.ts Normal file
View File

@@ -0,0 +1,12 @@
import { apiClient } from './client'
import type { SystemInfo, HealthCheckResponse } from '../types/api'
export const systemAPI = {
async getInfo(): Promise<SystemInfo> {
return apiClient.get<SystemInfo>('/system/info')
},
async getHealth(): Promise<HealthCheckResponse> {
return apiClient.get<HealthCheckResponse>('/system/health')
},
}

7
frontend/admin/src/main.ts Normal file
View File

@@ -0,0 +1,7 @@
import { createApp } from 'vue'
import App from './App.vue'
import router from './router'
const app = createApp(App)
app.use(router)
app.mount('#app')

21
frontend/admin/src/router.ts Normal file
View File

@@ -0,0 +1,21 @@
import { createRouter, createWebHistory } from 'vue-router'
import Dashboard from './views/Dashboard.vue'
import Chat from './views/Chat.vue'
const router = createRouter({
history: createWebHistory('/admin/'),
routes: [
{
path: '/',
name: 'dashboard',
component: Dashboard
},
{
path: '/chat',
name: 'chat',
component: Chat
}
]
})
export default router

82
frontend/admin/src/types/api.ts Normal file
View File

@@ -0,0 +1,82 @@
export interface APIResponse<T = any> {
success: boolean
data?: T
error?: APIError
}
export interface APIError {
code: string
message: string
}
export interface SystemInfo {
version: string
build_time: string
git_commit: string
go_version: string
platform: string
uptime: string
}
export interface HealthCheck {
status: string
message?: string
}
export interface HealthCheckResponse {
status: string
timestamp: string
checks: Record<string, HealthCheck>
}
export interface SanitizedProvider {
type: string
api_key: string
endpoint?: string
api_version?: string
project?: string
location?: string
}
export interface ModelEntry {
name: string
provider: string
provider_model_id?: string
}
export interface ConfigResponse {
server: {
address: string
max_request_body_size: number
}
providers: Record<string, SanitizedProvider>
models: ModelEntry[]
auth: {
enabled: boolean
issuer: string
audience: string
}
conversations: {
store: string
ttl: string
dsn: string
driver: string
}
logging: {
format: string
level: string
}
rate_limit: {
enabled: boolean
requests_per_second: number
burst: number
}
observability: any
}
export interface ProviderInfo {
name: string
type: string
models: string[]
status: string
}

550
frontend/admin/src/views/Chat.vue Normal file
View File

@@ -0,0 +1,550 @@
<template>
<div class="chat-page">
<header class="header">
<div class="header-content">
<router-link to="/" class="back-link"> Dashboard</router-link>
<h1>Playground</h1>
</div>
</header>
<div class="chat-container">
<!-- Sidebar -->
<aside class="sidebar">
<div class="sidebar-section">
<label class="field-label">Model</label>
<select v-model="selectedModel" class="select-input" :disabled="modelsLoading">
<option v-if="modelsLoading" value="">Loading...</option>
<option v-for="m in models" :key="m.id" :value="m.id">
{{ m.id }}
</option>
</select>
</div>
<div class="sidebar-section">
<label class="field-label">System Instructions</label>
<textarea
v-model="instructions"
class="textarea-input"
rows="4"
placeholder="You are a helpful assistant..."
></textarea>
</div>
<div class="sidebar-section">
<label class="field-label">Temperature</label>
<div class="slider-row">
<input type="range" v-model.number="temperature" min="0" max="2" step="0.1" class="slider" />
<span class="slider-value">{{ temperature }}</span>
</div>
</div>
<div class="sidebar-section">
<label class="field-label">Stream</label>
<label class="toggle">
<input type="checkbox" v-model="stream" />
<span class="toggle-slider"></span>
</label>
</div>
<button class="btn-clear" @click="clearChat">Clear Chat</button>
</aside>
<!-- Chat Area -->
<main class="chat-main">
<div class="messages" ref="messagesContainer">
<div v-if="messages.length === 0" class="empty-chat">
<p>Send a message to start chatting.</p>
</div>
<div
v-for="(msg, i) in messages"
:key="i"
:class="['message', `message-${msg.role}`]"
>
<div class="message-role">{{ msg.role }}</div>
<div class="message-content" v-html="renderContent(msg.content)"></div>
</div>
<div v-if="isLoading" class="message message-assistant">
<div class="message-role">assistant</div>
<div class="message-content">
<span class="typing-indicator">
<span></span><span></span><span></span>
</span>
{{ streamingText }}
</div>
</div>
</div>
<div class="input-area">
<textarea
v-model="userInput"
class="chat-input"
placeholder="Type a message..."
rows="1"
@keydown.enter.exact.prevent="sendMessage"
@input="autoResize"
ref="chatInputEl"
></textarea>
<button class="btn-send" @click="sendMessage" :disabled="isLoading || !userInput.trim()">
Send
</button>
</div>
</main>
</div>
</div>
</template>
<script setup lang="ts">
import { ref, onMounted, nextTick } from 'vue'
import OpenAI from 'openai'
interface ChatMessage {
role: 'user' | 'assistant'
content: string
}
interface ModelOption {
id: string
provider: string
}
const models = ref<ModelOption[]>([])
const modelsLoading = ref(true)
const selectedModel = ref('')
const instructions = ref('')
const temperature = ref(1.0)
const stream = ref(true)
const userInput = ref('')
const messages = ref<ChatMessage[]>([])
const isLoading = ref(false)
const streamingText = ref('')
const lastResponseId = ref<string | null>(null)
const messagesContainer = ref<HTMLElement | null>(null)
const chatInputEl = ref<HTMLTextAreaElement | null>(null)
const client = new OpenAI({
baseURL: `${window.location.origin}/v1`,
apiKey: 'unused',
dangerouslyAllowBrowser: true,
})
async function loadModels() {
try {
const resp = await fetch('/v1/models')
const data = await resp.json()
models.value = data.data || []
if (models.value.length > 0) {
selectedModel.value = models.value[0].id
}
} catch (e) {
console.error('Failed to load models:', e)
} finally {
modelsLoading.value = false
}
}
function scrollToBottom() {
nextTick(() => {
if (messagesContainer.value) {
messagesContainer.value.scrollTop = messagesContainer.value.scrollHeight
}
})
}
function autoResize(e: Event) {
const el = e.target as HTMLTextAreaElement
el.style.height = 'auto'
el.style.height = Math.min(el.scrollHeight, 150) + 'px'
}
function renderContent(content: string): string {
return content
.replace(/&/g, '&amp;')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/\n/g, '<br>')
}
function clearChat() {
messages.value = []
lastResponseId.value = null
streamingText.value = ''
}
async function sendMessage() {
const text = userInput.value.trim()
if (!text || isLoading.value) return
messages.value.push({ role: 'user', content: text })
userInput.value = ''
if (chatInputEl.value) {
chatInputEl.value.style.height = 'auto'
}
scrollToBottom()
isLoading.value = true
streamingText.value = ''
try {
const params: Record<string, any> = {
model: selectedModel.value,
input: text,
temperature: temperature.value,
stream: stream.value,
}
if (instructions.value.trim()) {
params.instructions = instructions.value.trim()
}
if (lastResponseId.value) {
params.previous_response_id = lastResponseId.value
}
if (stream.value) {
const response = await client.responses.create(params as any)
// The SDK returns an async iterable for streaming
let fullText = ''
for await (const event of response as any) {
if (event.type === 'response.output_text.delta') {
fullText += event.delta
streamingText.value = fullText
scrollToBottom()
} else if (event.type === 'response.completed') {
lastResponseId.value = event.response.id
}
}
messages.value.push({ role: 'assistant', content: fullText })
} else {
const response = await client.responses.create(params as any) as any
lastResponseId.value = response.id
const text = response.output
?.filter((item: any) => item.type === 'message')
?.flatMap((item: any) => item.content)
?.filter((part: any) => part.type === 'output_text')
?.map((part: any) => part.text)
?.join('') || ''
messages.value.push({ role: 'assistant', content: text })
}
} catch (e: any) {
messages.value.push({
role: 'assistant',
content: `Error: ${e.message || 'Failed to get response'}`,
})
} finally {
isLoading.value = false
streamingText.value = ''
scrollToBottom()
}
}
onMounted(() => {
loadModels()
})
</script>
<style scoped>
.chat-page {
min-height: 100vh;
display: flex;
flex-direction: column;
background-color: #f5f5f5;
}
.header {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
padding: 1rem 2rem;
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
}
.header-content {
display: flex;
align-items: center;
gap: 1.5rem;
}
.back-link {
color: rgba(255, 255, 255, 0.85);
text-decoration: none;
font-size: 0.95rem;
}
.back-link:hover {
color: white;
}
.header h1 {
font-size: 1.5rem;
font-weight: 600;
}
.chat-container {
flex: 1;
display: flex;
overflow: hidden;
height: calc(100vh - 65px);
}
/* Sidebar */
.sidebar {
width: 280px;
background: white;
border-right: 1px solid #e2e8f0;
padding: 1.5rem;
display: flex;
flex-direction: column;
gap: 1.25rem;
overflow-y: auto;
}
.sidebar-section {
display: flex;
flex-direction: column;
gap: 0.5rem;
}
.field-label {
font-size: 0.8rem;
font-weight: 600;
color: #4a5568;
text-transform: uppercase;
letter-spacing: 0.05em;
}
.select-input {
padding: 0.5rem;
border: 1px solid #e2e8f0;
border-radius: 6px;
font-size: 0.875rem;
background: white;
color: #2d3748;
}
.textarea-input {
padding: 0.5rem;
border: 1px solid #e2e8f0;
border-radius: 6px;
font-size: 0.875rem;
resize: vertical;
font-family: inherit;
color: #2d3748;
}
.slider-row {
display: flex;
align-items: center;
gap: 0.75rem;
}
.slider {
flex: 1;
accent-color: #667eea;
}
.slider-value {
font-size: 0.875rem;
font-weight: 500;
color: #2d3748;
min-width: 2rem;
text-align: right;
}
.toggle {
position: relative;
width: 44px;
height: 24px;
cursor: pointer;
}
.toggle input {
opacity: 0;
width: 0;
height: 0;
}
.toggle-slider {
position: absolute;
inset: 0;
background-color: #cbd5e0;
border-radius: 24px;
transition: 0.2s;
}
.toggle-slider::before {
content: '';
position: absolute;
height: 18px;
width: 18px;
left: 3px;
bottom: 3px;
background-color: white;
border-radius: 50%;
transition: 0.2s;
}
.toggle input:checked + .toggle-slider {
background-color: #667eea;
}
.toggle input:checked + .toggle-slider::before {
transform: translateX(20px);
}
.btn-clear {
margin-top: auto;
padding: 0.5rem;
background: #fed7d7;
color: #742a2a;
border: none;
border-radius: 6px;
font-size: 0.875rem;
font-weight: 500;
cursor: pointer;
}
.btn-clear:hover {
background: #feb2b2;
}
/* Chat Main */
.chat-main {
flex: 1;
display: flex;
flex-direction: column;
min-width: 0;
}
.messages {
flex: 1;
overflow-y: auto;
padding: 1.5rem;
display: flex;
flex-direction: column;
gap: 1rem;
}
.empty-chat {
flex: 1;
display: flex;
align-items: center;
justify-content: center;
color: #a0aec0;
font-size: 1.1rem;
}
.message {
max-width: 80%;
padding: 0.75rem 1rem;
border-radius: 12px;
line-height: 1.5;
}
.message-user {
align-self: flex-end;
background: #667eea;
color: white;
}
.message-user .message-role {
color: rgba(255, 255, 255, 0.7);
}
.message-assistant {
align-self: flex-start;
background: white;
border: 1px solid #e2e8f0;
color: #2d3748;
}
.message-role {
font-size: 0.7rem;
font-weight: 600;
text-transform: uppercase;
letter-spacing: 0.05em;
margin-bottom: 0.25rem;
color: #a0aec0;
}
.message-content {
font-size: 0.95rem;
word-break: break-word;
}
/* Typing indicator */
.typing-indicator {
display: inline-flex;
gap: 3px;
margin-right: 6px;
}
.typing-indicator span {
width: 6px;
height: 6px;
border-radius: 50%;
background: #a0aec0;
animation: bounce 1.2s infinite;
}
.typing-indicator span:nth-child(2) { animation-delay: 0.2s; }
.typing-indicator span:nth-child(3) { animation-delay: 0.4s; }
@keyframes bounce {
0%, 60%, 100% { transform: translateY(0); }
30% { transform: translateY(-4px); }
}
/* Input Area */
.input-area {
padding: 1rem 1.5rem;
background: white;
border-top: 1px solid #e2e8f0;
display: flex;
gap: 0.75rem;
align-items: flex-end;
}
.chat-input {
flex: 1;
padding: 0.75rem 1rem;
border: 1px solid #e2e8f0;
border-radius: 12px;
font-size: 0.95rem;
font-family: inherit;
resize: none;
color: #2d3748;
line-height: 1.4;
max-height: 150px;
overflow-y: auto;
}
.chat-input:focus {
outline: none;
border-color: #667eea;
box-shadow: 0 0 0 3px rgba(102, 126, 234, 0.15);
}
.btn-send {
padding: 0.75rem 1.5rem;
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
border: none;
border-radius: 12px;
font-size: 0.95rem;
font-weight: 500;
cursor: pointer;
white-space: nowrap;
}
.btn-send:disabled {
opacity: 0.5;
cursor: not-allowed;
}
.btn-send:hover:not(:disabled) {
opacity: 0.9;
}
</style>

411
frontend/admin/src/views/Dashboard.vue Normal file
View File

@@ -0,0 +1,411 @@
<template>
<div class="dashboard">
<header class="header">
<div class="header-row">
<h1>LLM Gateway Admin</h1>
<router-link to="/chat" class="nav-link">Playground </router-link>
</div>
</header>
<div class="container">
<div v-if="loading" class="loading">Loading...</div>
<div v-else-if="error" class="error">{{ error }}</div>
<div v-else class="grid">
<!-- System Info Card -->
<div class="card">
<h2>System Information</h2>
<div class="info-grid" v-if="systemInfo">
<div class="info-item">
<span class="label">Version:</span>
<span class="value">{{ systemInfo.version }}</span>
</div>
<div class="info-item">
<span class="label">Platform:</span>
<span class="value">{{ systemInfo.platform }}</span>
</div>
<div class="info-item">
<span class="label">Go Version:</span>
<span class="value">{{ systemInfo.go_version }}</span>
</div>
<div class="info-item">
<span class="label">Uptime:</span>
<span class="value">{{ systemInfo.uptime }}</span>
</div>
<div class="info-item">
<span class="label">Build Time:</span>
<span class="value">{{ systemInfo.build_time }}</span>
</div>
<div class="info-item">
<span class="label">Git Commit:</span>
<span class="value code">{{ systemInfo.git_commit }}</span>
</div>
</div>
</div>
<!-- Health Status Card -->
<div class="card">
<h2>Health Status</h2>
<div v-if="health">
<div class="health-overall">
<span class="label">Overall Status:</span>
<span :class="['badge', health.status]">{{ health.status }}</span>
</div>
<div class="health-checks">
<div v-for="(check, name) in health.checks" :key="name" class="health-check">
<span class="check-name">{{ name }}:</span>
<span :class="['badge', check.status]">{{ check.status }}</span>
<span v-if="check.message" class="check-message">{{ check.message }}</span>
</div>
</div>
</div>
</div>
<!-- Providers Card -->
<div class="card full-width">
<h2>Providers</h2>
<div v-if="providers && providers.length > 0" class="providers-grid">
<div v-for="provider in providers" :key="provider.name" class="provider-card">
<div class="provider-header">
<h3>{{ provider.name }}</h3>
<span :class="['badge', provider.status]">{{ provider.status }}</span>
</div>
<div class="provider-info">
<div class="info-item">
<span class="label">Type:</span>
<span class="value">{{ provider.type }}</span>
</div>
<div class="info-item">
<span class="label">Models:</span>
<span class="value">{{ provider.models.length }}</span>
</div>
</div>
<div v-if="provider.models.length > 0" class="models-list">
<span v-for="model in provider.models" :key="model" class="model-tag">
{{ model }}
</span>
</div>
</div>
</div>
<div v-else class="empty-state">No providers configured</div>
</div>
<!-- Config Card -->
<div class="card full-width collapsible">
<div class="card-header" @click="configExpanded = !configExpanded">
<h2>Configuration</h2>
<span class="expand-icon">{{ configExpanded ? '' : '+' }}</span>
</div>
<div v-if="configExpanded && config" class="config-content">
<pre class="config-json">{{ JSON.stringify(config, null, 2) }}</pre>
</div>
</div>
</div>
</div>
</div>
</template>
<script setup lang="ts">
import { ref, onMounted, onUnmounted } from 'vue'
import { systemAPI } from '../api/system'
import { configAPI } from '../api/config'
import { providersAPI } from '../api/providers'
import type { SystemInfo, HealthCheckResponse, ConfigResponse, ProviderInfo } from '../types/api'
const loading = ref(true)
const error = ref<string | null>(null)
const systemInfo = ref<SystemInfo | null>(null)
const health = ref<HealthCheckResponse | null>(null)
const config = ref<ConfigResponse | null>(null)
const providers = ref<ProviderInfo[] | null>(null)
const configExpanded = ref(false)
let refreshInterval: number | null = null
async function loadData() {
try {
loading.value = true
error.value = null
const [info, healthData, configData, providersData] = await Promise.all([
systemAPI.getInfo(),
systemAPI.getHealth(),
configAPI.getConfig(),
providersAPI.getProviders(),
])
systemInfo.value = info
health.value = healthData
config.value = configData
providers.value = providersData
} catch (err: any) {
error.value = err.message || 'Failed to load data'
console.error('Error loading data:', err)
} finally {
loading.value = false
}
}
onMounted(() => {
loadData()
// Auto-refresh every 30 seconds
refreshInterval = window.setInterval(loadData, 30000)
})
onUnmounted(() => {
if (refreshInterval) {
clearInterval(refreshInterval)
}
})
</script>
<style scoped>
.dashboard {
min-height: 100vh;
background-color: #f5f5f5;
}
.header {
background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
color: white;
padding: 2rem;
box-shadow: 0 2px 4px rgba(0, 0, 0, 0.1);
}
.header-row {
display: flex;
justify-content: space-between;
align-items: center;
}
.header h1 {
font-size: 2rem;
font-weight: 600;
}
.nav-link {
color: rgba(255, 255, 255, 0.85);
text-decoration: none;
font-size: 1rem;
font-weight: 500;
padding: 0.5rem 1rem;
border: 1px solid rgba(255, 255, 255, 0.3);
border-radius: 8px;
transition: all 0.2s;
}
.nav-link:hover {
color: white;
border-color: rgba(255, 255, 255, 0.6);
background: rgba(255, 255, 255, 0.1);
}
.container {
max-width: 1400px;
margin: 0 auto;
padding: 2rem;
}
.loading,
.error {
text-align: center;
padding: 3rem;
font-size: 1.2rem;
}
.error {
color: #e53e3e;
}
.grid {
display: grid;
grid-template-columns: repeat(auto-fit, minmax(400px, 1fr));
gap: 1.5rem;
}
.card {
background: white;
border-radius: 8px;
padding: 1.5rem;
box-shadow: 0 1px 3px rgba(0, 0, 0, 0.1);
}
.full-width {
grid-column: 1 / -1;
}
.card h2 {
font-size: 1.25rem;
font-weight: 600;
margin-bottom: 1rem;
color: #2d3748;
}
.info-grid {
display: grid;
gap: 0.75rem;
}
.info-item {
display: flex;
justify-content: space-between;
padding: 0.5rem 0;
border-bottom: 1px solid #e2e8f0;
}
.info-item:last-child {
border-bottom: none;
}
.label {
font-weight: 500;
color: #4a5568;
}
.value {
color: #2d3748;
}
.code {
font-family: 'Courier New', monospace;
font-size: 0.9rem;
}
.badge {
display: inline-block;
padding: 0.25rem 0.75rem;
border-radius: 12px;
font-size: 0.875rem;
font-weight: 500;
}
.badge.healthy {
background-color: #c6f6d5;
color: #22543d;
}
.badge.unhealthy {
background-color: #fed7d7;
color: #742a2a;
}
.badge.active {
background-color: #bee3f8;
color: #2c5282;
}
.health-overall {
display: flex;
align-items: center;
gap: 1rem;
padding: 1rem;
background-color: #f7fafc;
border-radius: 6px;
margin-bottom: 1rem;
}
.health-checks {
display: grid;
gap: 0.75rem;
}
.health-check {
display: flex;
align-items: center;
gap: 0.75rem;
padding: 0.75rem;
border: 1px solid #e2e8f0;
border-radius: 6px;
}
.check-name {
font-weight: 500;
color: #4a5568;
text-transform: capitalize;
}
.check-message {
color: #718096;
font-size: 0.875rem;
}
.providers-grid {
display: grid;
grid-template-columns: repeat(auto-fill, minmax(300px, 1fr));
gap: 1rem;
}
.provider-card {
border: 1px solid #e2e8f0;
border-radius: 6px;
padding: 1rem;
background-color: #f7fafc;
}
.provider-header {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 0.75rem;
}
.provider-header h3 {
font-size: 1.125rem;
font-weight: 600;
color: #2d3748;
}
.provider-info {
display: grid;
gap: 0.5rem;
margin-bottom: 0.75rem;
}
.models-list {
display: flex;
flex-wrap: wrap;
gap: 0.5rem;
margin-top: 0.75rem;
}
.model-tag {
background-color: #edf2f7;
color: #4a5568;
padding: 0.25rem 0.75rem;
border-radius: 6px;
font-size: 0.875rem;
}
.empty-state {
text-align: center;
padding: 2rem;
color: #718096;
}
.collapsible .card-header {
display: flex;
justify-content: space-between;
align-items: center;
cursor: pointer;
user-select: none;
}
.expand-icon {
font-size: 1.5rem;
font-weight: bold;
color: #4a5568;
}
.config-content {
margin-top: 1rem;
}
.config-json {
background-color: #2d3748;
color: #e2e8f0;
padding: 1rem;
border-radius: 6px;
overflow-x: auto;
font-size: 0.875rem;
line-height: 1.5;
}
</style>

25
frontend/admin/tsconfig.json Normal file
View File

@@ -0,0 +1,25 @@
{
"compilerOptions": {
"target": "ES2020",
"useDefineForClassFields": true,
"module": "ESNext",
"lib": ["ES2020", "DOM", "DOM.Iterable"],
"skipLibCheck": true,
/* Bundler mode */
"moduleResolution": "bundler",
"allowImportingTsExtensions": true,
"resolveJsonModule": true,
"isolatedModules": true,
"noEmit": true,
"jsx": "preserve",
/* Linting */
"strict": true,
"noUnusedLocals": true,
"noUnusedParameters": true,
"noFallthroughCasesInSwitch": true
},
"include": ["src/**/*.ts", "src/**/*.tsx", "src/**/*.vue"],
"references": [{ "path": "./tsconfig.node.json" }]
}

10
frontend/admin/tsconfig.node.json Normal file
View File

@@ -0,0 +1,10 @@
{
"compilerOptions": {
"composite": true,
"skipLibCheck": true,
"module": "ESNext",
"moduleResolution": "bundler",
"allowSyntheticDefaultImports": true
},
"include": ["vite.config.ts"]
}

25
frontend/admin/vite.config.ts Normal file
View File

@@ -0,0 +1,25 @@
import { defineConfig } from 'vite'
import vue from '@vitejs/plugin-vue'
export default defineConfig({
plugins: [vue()],
base: '/admin/',
server: {
port: 5173,
allowedHosts: ['.coder.ia-innovacion.work', 'localhost'],
proxy: {
'/admin/api': {
target: 'http://localhost:8080',
changeOrigin: true,
},
'/v1': {
target: 'http://localhost:8080',
changeOrigin: true,
}
}
},
build: {
outDir: 'dist',
emptyOutDir: true,
}
})

77
go.mod
View File

@@ -3,70 +3,77 @@ module github.com/ajac-zero/latticelm
go 1.25.7
require (
github.com/alicebob/miniredis/v2 v2.37.0
github.com/anthropics/anthropic-sdk-go v1.26.0
github.com/go-sql-driver/mysql v1.9.3
github.com/golang-jwt/jwt/v5 v5.3.1
github.com/google/uuid v1.6.0
github.com/jackc/pgx/v5 v5.8.0
github.com/mattn/go-sqlite3 v1.14.34
github.com/openai/openai-go/v3 v3.2.0
github.com/prometheus/client_golang v1.19.0
github.com/openai/openai-go/v3 v3.24.0
github.com/prometheus/client_golang v1.23.2
github.com/redis/go-redis/v9 v9.18.0
github.com/sony/gobreaker v1.0.0
github.com/stretchr/testify v1.11.1
go.opentelemetry.io/otel v1.29.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.29.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.29.0
go.opentelemetry.io/otel/sdk v1.29.0
go.opentelemetry.io/otel/trace v1.29.0
go.opentelemetry.io/otel v1.41.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.41.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.41.0
go.opentelemetry.io/otel/sdk v1.41.0
go.opentelemetry.io/otel/trace v1.41.0
golang.org/x/time v0.14.0
google.golang.org/genai v1.48.0
google.golang.org/grpc v1.66.2
google.golang.org/genai v1.49.0
google.golang.org/grpc v1.79.1
gopkg.in/yaml.v3 v3.0.1
)
require (
cloud.google.com/go v0.116.0 // indirect
cloud.google.com/go/auth v0.9.3 // indirect
cloud.google.com/go/compute/metadata v0.5.0 // indirect
filippo.io/edwards25519 v1.1.0 // indirect
cloud.google.com/go v0.123.0 // indirect
cloud.google.com/go/auth v0.18.2 // indirect
cloud.google.com/go/compute/metadata v0.9.0 // indirect
filippo.io/edwards25519 v1.2.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0 // indirect
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/cenkalti/backoff/v4 v4.3.0 // indirect
github.com/cenkalti/backoff/v5 v5.0.3 // indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
github.com/go-logr/logr v1.4.2 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/s2a-go v0.1.8 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
github.com/google/go-cmp v0.7.0 // indirect
github.com/google/s2a-go v0.1.9 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.13 // indirect
github.com/googleapis/gax-go/v2 v2.17.0 // indirect
github.com/gorilla/websocket v1.5.3 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 // indirect
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 // indirect
github.com/jackc/pgpassfile v1.0.0 // indirect
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 // indirect
github.com/jackc/puddle/v2 v2.2.2 // indirect
github.com/kylelemons/godebug v1.1.0 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.5.0 // indirect
github.com/prometheus/common v0.48.0 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
github.com/prometheus/client_model v0.6.2 // indirect
github.com/prometheus/common v0.67.5 // indirect
github.com/prometheus/procfs v0.20.1 // indirect
github.com/tidwall/gjson v1.18.0 // indirect
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/match v1.2.0 // indirect
github.com/tidwall/pretty v1.2.1 // indirect
github.com/tidwall/sjson v1.2.5 // indirect
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.29.0 // indirect
go.opentelemetry.io/otel/metric v1.29.0 // indirect
go.opentelemetry.io/proto/otlp v1.3.1 // indirect
github.com/yuin/gopher-lua v1.1.1 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.66.0 // indirect
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.41.0 // indirect
go.opentelemetry.io/otel/metric v1.41.0 // indirect
go.opentelemetry.io/proto/otlp v1.9.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
golang.org/x/crypto v0.47.0 // indirect
golang.org/x/net v0.49.0 // indirect
go.yaml.in/yaml/v2 v2.4.3 // indirect
golang.org/x/crypto v0.48.0 // indirect
golang.org/x/net v0.51.0 // indirect
golang.org/x/sync v0.19.0 // indirect
golang.org/x/sys v0.40.0 // indirect
golang.org/x/text v0.33.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 // indirect
google.golang.org/protobuf v1.34.2 // indirect
golang.org/x/sys v0.41.0 // indirect
golang.org/x/text v0.34.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 // indirect
google.golang.org/protobuf v1.36.11 // indirect
)

250
go.sum
View File

@@ -1,12 +1,11 @@
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go v0.116.0 h1:B3fRrSDkLRt5qSHWe40ERJvhvnQwdZiHu0bJOpldweE=
cloud.google.com/go v0.116.0/go.mod h1:cEPSRWPzZEswwdr9BxE6ChEn01dWlTaF05LiC2Xs70U=
cloud.google.com/go/auth v0.9.3 h1:VOEUIAADkkLtyfr3BLa3R8Ed/j6w1jTBmARx+wb5w5U=
cloud.google.com/go/auth v0.9.3/go.mod h1:7z6VY+7h3KUdRov5F1i8NDP5ZzWKYmEPO842BgCsmTk=
cloud.google.com/go/compute/metadata v0.5.0 h1:Zr0eK8JbFv6+Wi4ilXAR8FJ3wyNdpxHKJNPos6LTZOY=
cloud.google.com/go/compute/metadata v0.5.0/go.mod h1:aHnloV2TPI38yx4s9+wAZhHykWvVCfu7hQbF+9CWoiY=
filippo.io/edwards25519 v1.1.0 h1:FNf4tywRC1HmFuKW5xopWpigGjJKiJSV0Cqo0cJWDaA=
filippo.io/edwards25519 v1.1.0/go.mod h1:BxyFTGdWcka3PhytdK4V28tE5sGfRvvvRV7EaN4VDT4=
cloud.google.com/go v0.123.0 h1:2NAUJwPR47q+E35uaJeYoNhuNEM9kM8SjgRgdeOJUSE=
cloud.google.com/go v0.123.0/go.mod h1:xBoMV08QcqUGuPW65Qfm1o9Y4zKZBpGS+7bImXLTAZU=
cloud.google.com/go/auth v0.18.2 h1:+Nbt5Ev0xEqxlNjd6c+yYUeosQ5TtEUaNcN/3FozlaM=
cloud.google.com/go/auth v0.18.2/go.mod h1:xD+oY7gcahcu7G2SG2DsBerfFxgPAJz17zz2joOFF3M=
cloud.google.com/go/compute/metadata v0.9.0 h1:pDUj4QMoPejqq20dK0Pg2N4yG9zIkYGdBtwLoEkH9Zs=
cloud.google.com/go/compute/metadata v0.9.0/go.mod h1:E0bWwX5wTnLPedCKqk3pJmVgCBSM6qQI1yTBdEb3C10=
filippo.io/edwards25519 v1.2.0 h1:crnVqOiS4jqYleHd9vaKZ+HKtHfllngJIiOpNpoJsjo=
filippo.io/edwards25519 v1.2.0/go.mod h1:xzAOLCNug/yB62zG1bQ8uziwrIqIuxhctzJT18Q77mc=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0 h1:fou+2+WFTib47nS+nz/ozhEBnvU96bKHy6LjRsY4E28=
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.21.0/go.mod h1:t76Ruy8AHvUAC8GfMWJMa0ElSbuIcO03NLpynfbgsPA=
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 h1:B+blDbyVIG3WaikNxPnhPiJ1MThR03b3vKGtER95TP4=
@@ -15,7 +14,8 @@ github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2 h1:9iefClla7iYpfYWdzPCRDo
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.2/go.mod h1:XtLgD3ZD34DAaVIIAyG3objl5DynM3CQ/vMcbBNJZGI=
github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2 h1:oygO0locgZJe7PpYPXT5A29ZkwJaPqcva7BVeemZOZs=
github.com/AzureAD/microsoft-authentication-library-for-go v1.4.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/alicebob/miniredis/v2 v2.37.0 h1:RheObYW32G1aiJIj81XVt78ZHJpHonHLHW7OLIshq68=
github.com/alicebob/miniredis/v2 v2.37.0/go.mod h1:TcL7YfarKPGDAthEtl5NBeHZfeUQj6OXMm/+iu5cLMM=
github.com/anthropics/anthropic-sdk-go v1.26.0 h1:oUTzFaUpAevfuELAP1sjL6CQJ9HHAfT7CoSYSac11PY=
github.com/anthropics/anthropic-sdk-go v1.26.0/go.mod h1:qUKmaW+uuPB64iy1l+4kOSvaLqPXnHTTBKH6RVZ7q5Q=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
@@ -24,13 +24,10 @@ github.com/bsm/ginkgo/v2 v2.12.0 h1:Ny8MWAHyOepLGlLKYmXG4IEkioBysk6GpaRTLC8zwWs=
github.com/bsm/ginkgo/v2 v2.12.0/go.mod h1:SwYbGRRDovPVboqFv0tPTcG1sN61LM1Z4ARdbAV9g4c=
github.com/bsm/gomega v1.27.10 h1:yeMWxP2pV2fG3FgAODIY8EiRE3dy0aeFYt4l7wh6yKA=
github.com/bsm/gomega v1.27.10/go.mod h1:JyEr/xRbxbtgWNi8tIEVPUYZ5Dzef52k01W3YH0H+O0=
github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8=
github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
github.com/cenkalti/backoff/v5 v5.0.3 h1:ZN+IMa753KfX5hd8vVaMixjnqRZ3y8CuJKRKj1xcsSM=
github.com/cenkalti/backoff/v5 v5.0.3/go.mod h1:rkhZdG3JZukswDf7f0cwqPNk4K0sa+F97BxZthm/crw=
github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -38,52 +35,33 @@ github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f h1:lO4WD4F/r
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f/go.mod h1:cuUVRXasLTGF7a8hSLbxyZXjz+1KgoB3wDUb6vlszIc=
github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
github.com/dnaeon/go-vcr v1.2.0/go.mod h1:R4UdLID7HZT3taECzJs4YgbbH6PIGXB6W/sc5OLb6RQ=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg=
github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
github.com/go-sql-driver/mysql v1.9.3 h1:U/N249h2WzJ3Ukj8SowVFjdtZKfu9vlLZxjPXV1aweo=
github.com/go-sql-driver/mysql v1.9.3/go.mod h1:qn46aNg1333BRMNU69Lq93t8du/dwxI64Gl8i5p1WMU=
github.com/golang-jwt/jwt/v5 v5.3.1 h1:kYf81DTWFe7t+1VvL7eS+jKFVWaUnK9cB1qbwn63YCY=
github.com/golang-jwt/jwt/v5 v5.3.1/go.mod h1:fxCRLWMO43lRc8nhHWY6LGqRcf+1gQWArsqaEUEa5bE=
github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
github.com/golang/protobuf v1.4.3/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/s2a-go v0.1.8 h1:zZDs9gcbt9ZPLV0ndSyQk6Kacx2g/X+SKYovpnz3SMM=
github.com/google/s2a-go v0.1.8/go.mod h1:6iNWHTpQ+nfNRN5E00MSdfDwVesa8hhS32PhPO8deJA=
github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
github.com/google/s2a-go v0.1.9/go.mod h1:YA0Ei2ZQL3acow2O62kdp9UlnvMmU7kA6Eutn0dXayM=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/googleapis/enterprise-certificate-proxy v0.3.4 h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw=
github.com/googleapis/enterprise-certificate-proxy v0.3.4/go.mod h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
github.com/googleapis/enterprise-certificate-proxy v0.3.13 h1:hSPAhW3NX+7HNlTsmrvU0jL75cIzxFktheceg95Nq14=
github.com/googleapis/enterprise-certificate-proxy v0.3.13/go.mod h1:vqVt9yG9480NtzREnTlmGSBmFrA+bzb0yl0TxoBQXOg=
github.com/googleapis/gax-go/v2 v2.17.0 h1:RksgfBpxqff0EZkDWYuz9q/uWsTVz+kf43LsZ1J6SMc=
github.com/googleapis/gax-go/v2 v2.17.0/go.mod h1:mzaqghpQp4JDh3HvADwrat+6M3MOIDp5YKHhb9PAgDY=
github.com/gorilla/websocket v1.5.3 h1:saDtZ6Pbx/0u+bgYQ3q96pZgCzfhKXGPqt7kZ72aNNg=
github.com/gorilla/websocket v1.5.3/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0 h1:asbCHRVmodnJTuQ3qamDwqVOIjwqUPTYmYuemVOx+Ys=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.22.0/go.mod h1:ggCgvZ2r7uOoQjOyu2Y1NhHmEPPzzuhWgcza5M1Ji1I=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 h1:HWRh5R2+9EifMyIHV7ZV+MIZqgz+PMpZ14Jynv3O2Zs=
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0/go.mod h1:JfhWUomR1baixubs02l85lZYYOm7LV6om4ceouMv45c=
github.com/jackc/pgpassfile v1.0.0 h1:/6Hmqy13Ss2zCq62VdNG8tM1wchn8zjSGOBJ6icpsIM=
github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
github.com/jackc/pgservicefile v0.0.0-20240606120523-5a60cdf6a761 h1:iCEnooe7UlwOQYpKFhBabPMi4aNAfoODPEFNiAnClxo=
@@ -92,6 +70,8 @@ github.com/jackc/pgx/v5 v5.8.0 h1:TYPDoleBBme0xGSAX3/+NujXXtpZn9HBONkQC7IEZSo=
github.com/jackc/pgx/v5 v5.8.0/go.mod h1:QVeDInX2m9VyzvNeiCJVjCkNFqzsNb43204HshNSZKw=
github.com/jackc/puddle/v2 v2.2.2 h1:PR8nw+E/1w0GLuRFSmiioY6UooMp6KJv0/61nB7icHo=
github.com/jackc/puddle/v2 v2.2.2/go.mod h1:vriiEXHvEE654aYKXXjOvZM39qJ0q+azkZFrfEOc3H4=
github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
github.com/klauspost/cpuid/v2 v2.0.9 h1:lgaqFMSdTdQYdZ04uHyN2d/eKdOMyi2YLSvlQIBFYa4=
github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
@@ -102,147 +82,105 @@ github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
github.com/mattn/go-sqlite3 v1.14.34 h1:3NtcvcUnFBPsuRcno8pUtupspG/GM+9nZ88zgJcp6Zk=
github.com/mattn/go-sqlite3 v1.14.34/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
github.com/openai/openai-go/v3 v3.2.0 h1:2AbqFUCsoW2pm/2pUtPRuwK89dnoGHaQokzWsfoQO/U=
github.com/openai/openai-go/v3 v3.2.0/go.mod h1:UOpNxkqC9OdNXNUfpNByKOtB4jAL0EssQXq5p8gO0Xs=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/openai/openai-go/v3 v3.24.0 h1:08x6GnYiB+AAejTo6yzPY8RkZMJQ8NpreiOyM5QfyYU=
github.com/openai/openai-go/v3 v3.24.0/go.mod h1:cdufnVK14cWcT9qA1rRtrXx4FTRsgbDPW7Ia7SS5cZo=
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c h1:+mdjkGKdHQG3305AYmdv1U2eRNDiU2ErMBj1gwrq8eQ=
github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjLxUqIJNnCWiEdr3bn6IUYi15bNlnbCCU=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/prometheus/client_golang v1.19.0 h1:ygXvpU1AoN1MhdzckN+PyD9QJOSD4x7kmXYlnfbA6JU=
github.com/prometheus/client_golang v1.19.0/go.mod h1:ZRM9uEAypZakd+q/x7+gmsvXdURP+DABIEIjnmDdp+k=
github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
github.com/prometheus/client_model v0.5.0 h1:VQw1hfvPvk3Uv6Qf29VrPF32JB6rtbgI6cYPYQjL0Qw=
github.com/prometheus/client_model v0.5.0/go.mod h1:dTiFglRmd66nLR9Pv9f0mZi7B7fk5Pm3gvsjB5tr+kI=
github.com/prometheus/common v0.48.0 h1:QO8U2CdOzSn1BBsmXJXduaaW+dY/5QLjfB8svtSzKKE=
github.com/prometheus/common v0.48.0/go.mod h1:0/KsvlIEfPQCQ5I2iNSAWKPZziNCvRs5EC6ILDTlAPc=
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
github.com/prometheus/client_golang v1.23.2 h1:Je96obch5RDVy3FDMndoUsjAhG5Edi49h0RJWRi/o0o=
github.com/prometheus/client_golang v1.23.2/go.mod h1:Tb1a6LWHB3/SPIzCoaDXI4I8UHKeFTEQ1YCr+0Gyqmg=
github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
github.com/prometheus/common v0.67.5 h1:pIgK94WWlQt1WLwAC5j2ynLaBRDiinoAb86HZHTUGI4=
github.com/prometheus/common v0.67.5/go.mod h1:SjE/0MzDEEAyrdr5Gqc6G+sXI67maCxzaT3A2+HqjUw=
github.com/prometheus/procfs v0.20.1 h1:XwbrGOIplXW/AU3YhIhLODXMJYyC1isLFfYCsTEycfc=
github.com/prometheus/procfs v0.20.1/go.mod h1:o9EMBZGRyvDrSPH1RqdxhojkuXstoe4UlK79eF5TGGo=
github.com/redis/go-redis/v9 v9.18.0 h1:pMkxYPkEbMPwRdenAzUNyFNrDgHx9U+DrBabWNfSRQs=
github.com/redis/go-redis/v9 v9.18.0/go.mod h1:k3ufPphLU5YXwNTUcCRXGxUoF1fqxnhFQmscfkCoDA0=
github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0tI/otEQ=
github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc=
github.com/sony/gobreaker v1.0.0 h1:feX5fGGXSl3dYd4aHZItw+FpHLvvoaqkawKjVNiFMNQ=
github.com/sony/gobreaker v1.0.0/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/tidwall/gjson v1.14.2/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
github.com/tidwall/gjson v1.18.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
github.com/tidwall/match v1.2.0 h1:0pt8FlkOwjN2fPt4bIl4BoNxb98gGHN2ObFEDkrfZnM=
github.com/tidwall/match v1.2.0/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
github.com/tidwall/pretty v1.2.1 h1:qjsOFOWWQl+N3RsoF5/ssm1pHmJJwhjlSbZ51I6wMl4=
github.com/tidwall/pretty v1.2.1/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
github.com/yuin/gopher-lua v1.1.1 h1:kYKnWBjvbNP4XLT3+bPEwAXJx262OhaHDWDVOPjL46M=
github.com/yuin/gopher-lua v1.1.1/go.mod h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw=
github.com/zeebo/xxh3 v1.0.2 h1:xZmwmqxHZA8AI603jOQ0tMqmBr9lPeFwGg6d+xy9DC0=
github.com/zeebo/xxh3 v1.0.2/go.mod h1:5NWz9Sef7zIDm2JHfFlcQvNekmcEl9ekUZQQKCYaDcA=
go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0=
go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo=
go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw=
go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.29.0 h1:dIIDULZJpgdiHz5tXrTgKIMLkus6jEFa7x5SOKcyR7E=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.29.0/go.mod h1:jlRVBe7+Z1wyxFSUs48L6OBQZ5JwH2Hg/Vbl+t9rAgI=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.29.0 h1:nSiV3s7wiCam610XcLbYOmMfJxB9gO4uK3Xgv5gmTgg=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.29.0/go.mod h1:hKn/e/Nmd19/x1gvIHwtOwVWM+VhuITSWip3JUDghj0=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.29.0 h1:X3ZjNp36/WlkSYx0ul2jw4PtbNEDDeLskw3VPsrpYM0=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.29.0/go.mod h1:2uL/xnOXh0CHOBFCWXz5u1A4GXLiW+0IQIzVbeOEQ0U=
go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc=
go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8=
go.opentelemetry.io/otel/sdk v1.29.0 h1:vkqKjk7gwhS8VaWb0POZKmIEDimRCMsopNYnriHyryo=
go.opentelemetry.io/otel/sdk v1.29.0/go.mod h1:pM8Dx5WKnvxLCb+8lG1PRNIDxu9g9b9g59Qr7hfAAok=
go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4=
go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ=
go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0=
go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8=
go.opentelemetry.io/auto/sdk v1.2.1 h1:jXsnJ4Lmnqd11kwkBV2LgLoFMZKizbCi5fNZ/ipaZ64=
go.opentelemetry.io/auto/sdk v1.2.1/go.mod h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.66.0 h1:PnV4kVnw0zOmwwFkAzCN5O07fw1YOIQor120zrh0AVo=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.66.0/go.mod h1:ofAwF4uinaf8SXdVzzbL4OsxJ3VfeEg3f/F6CeF49/Y=
go.opentelemetry.io/otel v1.41.0 h1:YlEwVsGAlCvczDILpUXpIpPSL/VPugt7zHThEMLce1c=
go.opentelemetry.io/otel v1.41.0/go.mod h1:Yt4UwgEKeT05QbLwbyHXEwhnjxNO6D8L5PQP51/46dE=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.41.0 h1:ao6Oe+wSebTlQ1OEht7jlYTzQKE+pnx/iNywFvTbuuI=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.41.0/go.mod h1:u3T6vz0gh/NVzgDgiwkgLxpsSF6PaPmo2il0apGJbls=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.41.0 h1:mq/Qcf28TWz719lE3/hMB4KkyDuLJIvgJnFGcd0kEUI=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.41.0/go.mod h1:yk5LXEYhsL2htyDNJbEq7fWzNEigeEdV5xBF/Y+kAv0=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.41.0 h1:61oRQmYGMW7pXmFjPg1Muy84ndqMxQ6SH2L8fBG8fSY=
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.41.0/go.mod h1:c0z2ubK4RQL+kSDuuFu9WnuXimObon3IiKjJf4NACvU=
go.opentelemetry.io/otel/metric v1.41.0 h1:rFnDcs4gRzBcsO9tS8LCpgR0dxg4aaxWlJxCno7JlTQ=
go.opentelemetry.io/otel/metric v1.41.0/go.mod h1:xPvCwd9pU0VN8tPZYzDZV/BMj9CM9vs00GuBjeKhJps=
go.opentelemetry.io/otel/sdk v1.41.0 h1:YPIEXKmiAwkGl3Gu1huk1aYWwtpRLeskpV+wPisxBp8=
go.opentelemetry.io/otel/sdk v1.41.0/go.mod h1:ahFdU0G5y8IxglBf0QBJXgSe7agzjE4GiTJ6HT9ud90=
go.opentelemetry.io/otel/sdk/metric v1.41.0 h1:siZQIYBAUd1rlIWQT2uCxWJxcCO7q3TriaMlf08rXw8=
go.opentelemetry.io/otel/sdk/metric v1.41.0/go.mod h1:HNBuSvT7ROaGtGI50ArdRLUnvRTRGniSUZbxiWxSO8Y=
go.opentelemetry.io/otel/trace v1.41.0 h1:Vbk2co6bhj8L59ZJ6/xFTskY+tGAbOnCtQGVVa9TIN0=
go.opentelemetry.io/otel/trace v1.41.0/go.mod h1:U1NU4ULCoxeDKc09yCWdWe+3QoyweJcISEVa1RBzOis=
go.opentelemetry.io/proto/otlp v1.9.0 h1:l706jCMITVouPOqEnii2fIAuO3IVGBRPV5ICjceRb/A=
go.opentelemetry.io/proto/otlp v1.9.0/go.mod h1:xE+Cx5E/eEHw+ISFkwPLwCZefwVjY+pqKg1qcK03+/4=
go.uber.org/atomic v1.11.0 h1:ZvwS0R+56ePWxUNi+Atn9dWONBPp/AUETXlHW0DxSjE=
go.uber.org/atomic v1.11.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.49.0 h1:eeHFmOGUTtaaPSGNmjBKpbng9MulQsJURQUAfUwY++o=
golang.org/x/net v0.49.0/go.mod h1:/ysNB2EvaqvesRkuLAyjI1ycPZlQHM3q01F02UY/MV8=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
go.yaml.in/yaml/v2 v2.4.3 h1:6gvOSjQoTB3vt1l+CU+tSyi/HOjfOjRLJ4YwYZGwRO0=
go.yaml.in/yaml/v2 v2.4.3/go.mod h1:zSxWcmIDjOzPXpjlTTbAsKokqkDNAVtZO0WOMiT90s8=
golang.org/x/crypto v0.48.0 h1:/VRzVqiRSggnhY7gNRxPauEQ5Drw9haKdM0jqfcCFts=
golang.org/x/crypto v0.48.0/go.mod h1:r0kV5h3qnFPlQnBSrULhlsRfryS2pmewsg+XfMgkVos=
golang.org/x/net v0.51.0 h1:94R/GTO7mt3/4wIKpcR5gkGmRLOuE/2hNGeWq/GBIFo=
golang.org/x/net v0.51.0/go.mod h1:aamm+2QF5ogm02fjy5Bb7CQ0WMt1/WVM7FtyaTLlA9Y=
golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
golang.org/x/sys v0.41.0 h1:Ivj+2Cp/ylzLiEU89QhWblYnOE9zerudt9Ftecq2C6k=
golang.org/x/sys v0.41.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/text v0.34.0 h1:oL/Qq0Kdaqxa1KbNeMKwQq0reLCCaFtqu2eNuSeNHbk=
golang.org/x/text v0.34.0/go.mod h1:homfLqTYRFyVYemLBFl5GgL/DWEiH5wcsQ5gSh1yziA=
golang.org/x/time v0.14.0 h1:MRx4UaLrDotUKUdCIqzPC48t1Y9hANFKIRpNx+Te8PI=
golang.org/x/time v0.14.0/go.mod h1:eL/Oa2bBBK0TkX57Fyni+NgnyQQN4LitPmob2Hjnqw4=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
google.golang.org/genai v1.48.0 h1:1vb15G291wAjJJueisMDpUhssljhEdJU2t5qTidrVPs=
google.golang.org/genai v1.48.0/go.mod h1:A3kkl0nyBjyFlNjgxIwKq70julKbIxpSxqKO5gw/gmk=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 h1:hjSy6tcFQZ171igDaN5QHOw2n6vx40juYbC/x67CEhc=
google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:qpvKtACPCQhAdu3PyQgV4l3LMXZEtft7y8QcarRsp9I=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1 h1:pPJltXNxVzT4pK9yD8vR9X75DaWYYmLGMsEvBfFQZzQ=
google.golang.org/genproto/googleapis/rpc v0.0.0-20240903143218-8af14fe29dc1/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY=
google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
google.golang.org/grpc v1.33.2/go.mod h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
google.golang.org/grpc v1.66.2 h1:3QdXkuq3Bkh7w+ywLdLvM56cmGvQHUMZpiCzt6Rqaoo=
google.golang.org/grpc v1.66.2/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
gonum.org/v1/gonum v0.16.0/go.mod h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
google.golang.org/genai v1.49.0 h1:Se+QJaH2GYK1aaR1o5S38mlU2GD5FnVvP76nfkV7LH0=
google.golang.org/genai v1.49.0/go.mod h1:A3kkl0nyBjyFlNjgxIwKq70julKbIxpSxqKO5gw/gmk=
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171 h1:tu/dtnW1o3wfaxCOjSLn5IRX4YDcJrtlpzYkhHhGaC4=
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171/go.mod h1:M5krXqk4GhBKvB596udGL3UyjL4I1+cTbK0orROM9ng=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 h1:ggcbiqK8WWh6l1dnltU4BgWGIGo+EVYxCaAPih/zQXQ=
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171/go.mod h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
google.golang.org/grpc v1.79.1 h1:zGhSi45ODB9/p3VAawt9a+O/MULLl9dpizzNNpq7flY=
google.golang.org/grpc v1.79.1/go.mod h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=

252
internal/admin/handlers.go Normal file
View File

@@ -0,0 +1,252 @@
package admin
import (
"fmt"
"net/http"
"runtime"
"strings"
"time"
"github.com/ajac-zero/latticelm/internal/config"
)
// SystemInfoResponse contains system information.
type SystemInfoResponse struct {
Version string `json:"version"`
BuildTime string `json:"build_time"`
GitCommit string `json:"git_commit"`
GoVersion string `json:"go_version"`
Platform string `json:"platform"`
Uptime string `json:"uptime"`
}
// HealthCheckResponse contains health check results.
type HealthCheckResponse struct {
Status string `json:"status"`
Timestamp string `json:"timestamp"`
Checks map[string]HealthCheck `json:"checks"`
}
// HealthCheck represents a single health check.
type HealthCheck struct {
Status string `json:"status"`
Message string `json:"message,omitempty"`
}
// ConfigResponse contains the sanitized configuration.
type ConfigResponse struct {
Server config.ServerConfig `json:"server"`
Providers map[string]SanitizedProvider `json:"providers"`
Models []config.ModelEntry `json:"models"`
Auth SanitizedAuthConfig `json:"auth"`
Conversations config.ConversationConfig `json:"conversations"`
Logging config.LoggingConfig `json:"logging"`
RateLimit config.RateLimitConfig `json:"rate_limit"`
Observability config.ObservabilityConfig `json:"observability"`
}
// SanitizedProvider is a provider entry with secrets masked.
type SanitizedProvider struct {
Type string `json:"type"`
APIKey string `json:"api_key"`
Endpoint string `json:"endpoint,omitempty"`
APIVersion string `json:"api_version,omitempty"`
Project string `json:"project,omitempty"`
Location string `json:"location,omitempty"`
}
// SanitizedAuthConfig is auth config with secrets masked.
type SanitizedAuthConfig struct {
Enabled bool `json:"enabled"`
Issuer string `json:"issuer"`
Audience string `json:"audience"`
}
// ProviderInfo contains provider information.
type ProviderInfo struct {
Name string `json:"name"`
Type string `json:"type"`
Models []string `json:"models"`
Status string `json:"status"`
}
// handleSystemInfo returns system information.
func (s *AdminServer) handleSystemInfo(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
writeError(w, http.StatusMethodNotAllowed, "method_not_allowed", "Only GET is allowed")
return
}
uptime := time.Since(s.startTime)
info := SystemInfoResponse{
Version: s.buildInfo.Version,
BuildTime: s.buildInfo.BuildTime,
GitCommit: s.buildInfo.GitCommit,
GoVersion: s.buildInfo.GoVersion,
Platform: runtime.GOOS + "/" + runtime.GOARCH,
Uptime: formatDuration(uptime),
}
writeSuccess(w, info)
}
// handleSystemHealth returns health check results.
func (s *AdminServer) handleSystemHealth(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
writeError(w, http.StatusMethodNotAllowed, "method_not_allowed", "Only GET is allowed")
return
}
checks := make(map[string]HealthCheck)
overallStatus := "healthy"
// Server check
checks["server"] = HealthCheck{
Status: "healthy",
Message: "Server is running",
}
// Provider check
models := s.registry.Models()
if len(models) > 0 {
checks["providers"] = HealthCheck{
Status: "healthy",
Message: "Providers configured",
}
} else {
checks["providers"] = HealthCheck{
Status: "unhealthy",
Message: "No providers configured",
}
overallStatus = "unhealthy"
}
// Conversation store check
checks["conversation_store"] = HealthCheck{
Status: "healthy",
Message: "Store accessible",
}
response := HealthCheckResponse{
Status: overallStatus,
Timestamp: time.Now().Format(time.RFC3339),
Checks: checks,
}
writeSuccess(w, response)
}
// handleConfig returns the sanitized configuration.
func (s *AdminServer) handleConfig(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
writeError(w, http.StatusMethodNotAllowed, "method_not_allowed", "Only GET is allowed")
return
}
// Sanitize providers
sanitizedProviders := make(map[string]SanitizedProvider)
for name, provider := range s.cfg.Providers {
sanitizedProviders[name] = SanitizedProvider{
Type: provider.Type,
APIKey: maskSecret(provider.APIKey),
Endpoint: provider.Endpoint,
APIVersion: provider.APIVersion,
Project: provider.Project,
Location: provider.Location,
}
}
// Sanitize DSN in conversations config
convConfig := s.cfg.Conversations
if convConfig.DSN != "" {
convConfig.DSN = maskSecret(convConfig.DSN)
}
response := ConfigResponse{
Server: s.cfg.Server,
Providers: sanitizedProviders,
Models: s.cfg.Models,
Auth: SanitizedAuthConfig{
Enabled: s.cfg.Auth.Enabled,
Issuer: s.cfg.Auth.Issuer,
Audience: s.cfg.Auth.Audience,
},
Conversations: convConfig,
Logging: s.cfg.Logging,
RateLimit: s.cfg.RateLimit,
Observability: s.cfg.Observability,
}
writeSuccess(w, response)
}
// handleProviders returns the list of configured providers.
func (s *AdminServer) handleProviders(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
writeError(w, http.StatusMethodNotAllowed, "method_not_allowed", "Only GET is allowed")
return
}
// Build provider info map
providerModels := make(map[string][]string)
models := s.registry.Models()
for _, m := range models {
providerModels[m.Provider] = append(providerModels[m.Provider], m.Model)
}
// Build provider list
var providers []ProviderInfo
for name, entry := range s.cfg.Providers {
providers = append(providers, ProviderInfo{
Name: name,
Type: entry.Type,
Models: providerModels[name],
Status: "active",
})
}
writeSuccess(w, providers)
}
// maskSecret masks a secret string for display.
func maskSecret(secret string) string {
if secret == "" {
return ""
}
if len(secret) <= 8 {
return "********"
}
// Show first 4 and last 4 characters
return secret[:4] + "..." + secret[len(secret)-4:]
}
// formatDuration formats a duration in a human-readable format.
func formatDuration(d time.Duration) string {
d = d.Round(time.Second)
h := d / time.Hour
d -= h * time.Hour
m := d / time.Minute
d -= m * time.Minute
s := d / time.Second
var parts []string
if h > 0 {
parts = append(parts, formatPart(int(h), "hour"))
}
if m > 0 {
parts = append(parts, formatPart(int(m), "minute"))
}
if s > 0 || len(parts) == 0 {
parts = append(parts, formatPart(int(s), "second"))
}
return strings.Join(parts, " ")
}
func formatPart(value int, unit string) string {
if value == 1 {
return "1 " + unit
}
return fmt.Sprintf("%d %ss", value, unit)
}

45
internal/admin/response.go Normal file
View File

@@ -0,0 +1,45 @@
package admin
import (
"encoding/json"
"net/http"
)
// APIResponse is the standard JSON response wrapper.
type APIResponse struct {
Success bool `json:"success"`
Data interface{} `json:"data,omitempty"`
Error *APIError `json:"error,omitempty"`
}
// APIError represents an error response.
type APIError struct {
Code string `json:"code"`
Message string `json:"message"`
}
// writeJSON writes a JSON response.
func writeJSON(w http.ResponseWriter, statusCode int, data interface{}) {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(statusCode)
json.NewEncoder(w).Encode(data)
}
// writeSuccess writes a successful JSON response.
func writeSuccess(w http.ResponseWriter, data interface{}) {
writeJSON(w, http.StatusOK, APIResponse{
Success: true,
Data: data,
})
}
// writeError writes an error JSON response.
func writeError(w http.ResponseWriter, statusCode int, code, message string) {
writeJSON(w, statusCode, APIResponse{
Success: false,
Error: &APIError{
Code: code,
Message: message,
},
})
}

17
internal/admin/routes.go Normal file
View File

@@ -0,0 +1,17 @@
package admin
import (
"net/http"
)
// RegisterRoutes wires the admin HTTP handlers onto the provided mux.
func (s *AdminServer) RegisterRoutes(mux *http.ServeMux) {
// API endpoints
mux.HandleFunc("/admin/api/v1/system/info", s.handleSystemInfo)
mux.HandleFunc("/admin/api/v1/system/health", s.handleSystemHealth)
mux.HandleFunc("/admin/api/v1/config", s.handleConfig)
mux.HandleFunc("/admin/api/v1/providers", s.handleProviders)
// Serve frontend SPA
mux.Handle("/admin/", http.StripPrefix("/admin", s.serveSPA()))
}

59
internal/admin/server.go Normal file
View File

@@ -0,0 +1,59 @@
package admin
import (
"log/slog"
"runtime"
"time"
"github.com/ajac-zero/latticelm/internal/config"
"github.com/ajac-zero/latticelm/internal/conversation"
"github.com/ajac-zero/latticelm/internal/providers"
)
// ProviderRegistry is an interface for provider registries.
type ProviderRegistry interface {
Get(name string) (providers.Provider, bool)
Models() []struct{ Provider, Model string }
ResolveModelID(model string) string
Default(model string) (providers.Provider, error)
}
// BuildInfo contains build-time information.
type BuildInfo struct {
Version string
BuildTime string
GitCommit string
GoVersion string
}
// AdminServer hosts the admin API and UI.
type AdminServer struct {
registry ProviderRegistry
convStore conversation.Store
cfg *config.Config
logger *slog.Logger
startTime time.Time
buildInfo BuildInfo
}
// New creates an AdminServer instance.
func New(registry ProviderRegistry, convStore conversation.Store, cfg *config.Config, logger *slog.Logger, buildInfo BuildInfo) *AdminServer {
return &AdminServer{
registry: registry,
convStore: convStore,
cfg: cfg,
logger: logger,
startTime: time.Now(),
buildInfo: buildInfo,
}
}
// GetBuildInfo returns a default BuildInfo if none provided.
func DefaultBuildInfo() BuildInfo {
return BuildInfo{
Version: "dev",
BuildTime: time.Now().Format(time.RFC3339),
GitCommit: "unknown",
GoVersion: runtime.Version(),
}
}

62
internal/admin/static.go Normal file
View File

@@ -0,0 +1,62 @@
package admin
import (
"embed"
"io"
"io/fs"
"net/http"
"path"
"strings"
)
//go:embed all:dist
var frontendAssets embed.FS
// serveSPA serves the frontend SPA with fallback to index.html for client-side routing.
func (s *AdminServer) serveSPA() http.Handler {
// Get the dist subdirectory from embedded files
distFS, err := fs.Sub(frontendAssets, "dist")
if err != nil {
s.logger.Error("failed to access frontend assets", "error", err)
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
http.Error(w, "Admin UI not available", http.StatusNotFound)
})
}
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Path comes in without /admin prefix due to StripPrefix
urlPath := r.URL.Path
if urlPath == "" || urlPath == "/" {
urlPath = "index.html"
} else {
// Remove leading slash
urlPath = strings.TrimPrefix(urlPath, "/")
}
// Clean the path
cleanPath := path.Clean(urlPath)
// Try to open the file
file, err := distFS.Open(cleanPath)
if err != nil {
// File not found, serve index.html for SPA routing
cleanPath = "index.html"
file, err = distFS.Open(cleanPath)
if err != nil {
http.Error(w, "Not found", http.StatusNotFound)
return
}
}
defer file.Close()
// Get file info for content type detection
info, err := file.Stat()
if err != nil {
http.Error(w, "Internal error", http.StatusInternalServerError)
return
}
// Serve the file
http.ServeContent(w, r, cleanPath, info.ModTime(), file.(io.ReadSeeker))
})
}

31
internal/config/config.go
View File

@@ -17,6 +17,7 @@ type Config struct {
Logging LoggingConfig `yaml:"logging"`
RateLimit RateLimitConfig `yaml:"rate_limit"`
Observability ObservabilityConfig `yaml:"observability"`
Admin AdminConfig `yaml:"admin"`
}
// ConversationConfig controls conversation storage.
@@ -93,6 +94,11 @@ type AuthConfig struct {
Audience string `yaml:"audience"`
}
// AdminConfig controls the admin UI.
type AdminConfig struct {
Enabled bool `yaml:"enabled"`
}
// ServerConfig controls HTTP server values.
type ServerConfig struct {
Address string `yaml:"address"`
@@ -166,9 +172,32 @@ func Load(path string) (*Config, error) {
func (cfg *Config) validate() error {
for _, m := range cfg.Models {
if _, ok := cfg.Providers[m.Provider]; !ok {
providerEntry, ok := cfg.Providers[m.Provider]
if !ok {
return fmt.Errorf("model %q references unknown provider %q", m.Name, m.Provider)
}
switch providerEntry.Type {
case "openai", "anthropic", "google", "azureopenai", "azureanthropic":
if providerEntry.APIKey == "" {
return fmt.Errorf("model %q references provider %q (%s) without api_key", m.Name, m.Provider, providerEntry.Type)
}
}
switch providerEntry.Type {
case "azureopenai", "azureanthropic":
if providerEntry.Endpoint == "" {
return fmt.Errorf("model %q references provider %q (%s) without endpoint", m.Name, m.Provider, providerEntry.Type)
}
case "vertexai":
if providerEntry.Project == "" || providerEntry.Location == "" {
return fmt.Errorf("model %q references provider %q (vertexai) without project/location", m.Name, m.Provider)
}
case "openai", "anthropic", "google":
// No additional required fields.
default:
return fmt.Errorf("model %q references provider %q with unknown type %q", m.Name, m.Provider, providerEntry.Type)
}
}
return nil
}

42
internal/config/config_test.go
View File

@@ -103,7 +103,7 @@ server:
address: ":8080"
providers:
azure:
type: azure_openai
type: azureopenai
api_key: azure-key
endpoint: https://my-resource.openai.azure.com
api_version: "2024-02-15-preview"
@@ -113,7 +113,7 @@ models:
provider_model_id: gpt-4-deployment
`,
validate: func(t *testing.T, cfg *Config) {
assert.Equal(t, "azure_openai", cfg.Providers["azure"].Type)
assert.Equal(t, "azureopenai", cfg.Providers["azure"].Type)
assert.Equal(t, "azure-key", cfg.Providers["azure"].APIKey)
assert.Equal(t, "https://my-resource.openai.azure.com", cfg.Providers["azure"].Endpoint)
assert.Equal(t, "2024-02-15-preview", cfg.Providers["azure"].APIVersion)
@@ -126,7 +126,7 @@ server:
address: ":8080"
providers:
vertex:
type: vertex_ai
type: vertexai
project: my-gcp-project
location: us-central1
models:
@@ -135,7 +135,7 @@ models:
provider_model_id: gemini-1.5-pro
`,
validate: func(t *testing.T, cfg *Config) {
assert.Equal(t, "vertex_ai", cfg.Providers["vertex"].Type)
assert.Equal(t, "vertexai", cfg.Providers["vertex"].Type)
assert.Equal(t, "my-gcp-project", cfg.Providers["vertex"].Project)
assert.Equal(t, "us-central1", cfg.Providers["vertex"].Location)
},
@@ -208,6 +208,20 @@ models:
configYAML: `invalid: yaml: content: [unclosed`,
expectError: true,
},
{
name: "model references provider without required API key",
configYAML: `
server:
address: ":8080"
providers:
openai:
type: openai
models:
- name: gpt-4
provider: openai
`,
expectError: true,
},
{
name: "multiple models same provider",
configYAML: `
@@ -283,7 +297,7 @@ func TestConfigValidate(t *testing.T) {
name: "valid config",
config: Config{
Providers: map[string]ProviderEntry{
"openai": {Type: "openai"},
"openai": {Type: "openai", APIKey: "test-key"},
},
Models: []ModelEntry{
{Name: "gpt-4", Provider: "openai"},
@@ -295,7 +309,7 @@ func TestConfigValidate(t *testing.T) {
name: "model references unknown provider",
config: Config{
Providers: map[string]ProviderEntry{
"openai": {Type: "openai"},
"openai": {Type: "openai", APIKey: "test-key"},
},
Models: []ModelEntry{
{Name: "gpt-4", Provider: "unknown"},
@@ -303,6 +317,18 @@ func TestConfigValidate(t *testing.T) {
},
expectError: true,
},
{
name: "model references provider without api key",
config: Config{
Providers: map[string]ProviderEntry{
"openai": {Type: "openai"},
},
Models: []ModelEntry{
{Name: "gpt-4", Provider: "openai"},
},
},
expectError: true,
},
{
name: "no models",
config: Config{
@@ -317,8 +343,8 @@ func TestConfigValidate(t *testing.T) {
name: "multiple models multiple providers",
config: Config{
Providers: map[string]ProviderEntry{
"openai": {Type: "openai"},
"anthropic": {Type: "anthropic"},
"openai": {Type: "openai", APIKey: "test-key"},
"anthropic": {Type: "anthropic", APIKey: "ant-key"},
},
Models: []ModelEntry{
{Name: "gpt-4", Provider: "openai"},

368
internal/conversation/redis_store_test.go Normal file
View File

@@ -0,0 +1,368 @@
package conversation
import (
"context"
"fmt"
"testing"
"time"
"github.com/ajac-zero/latticelm/internal/api"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestNewRedisStore(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
require.NotNil(t, store)
defer store.Close()
}
func TestRedisStore_Create(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(3)
conv, err := store.Create(ctx, "test-id", "test-model", messages)
require.NoError(t, err)
require.NotNil(t, conv)
assert.Equal(t, "test-id", conv.ID)
assert.Equal(t, "test-model", conv.Model)
assert.Len(t, conv.Messages, 3)
}
func TestRedisStore_Get(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(2)
// Create a conversation
created, err := store.Create(ctx, "get-test", "model-1", messages)
require.NoError(t, err)
// Retrieve it
retrieved, err := store.Get(ctx, "get-test")
require.NoError(t, err)
require.NotNil(t, retrieved)
assert.Equal(t, created.ID, retrieved.ID)
assert.Equal(t, created.Model, retrieved.Model)
assert.Len(t, retrieved.Messages, 2)
// Test not found
notFound, err := store.Get(ctx, "non-existent")
require.NoError(t, err)
assert.Nil(t, notFound)
}
func TestRedisStore_Append(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
initialMessages := CreateTestMessages(2)
// Create conversation
conv, err := store.Create(ctx, "append-test", "model-1", initialMessages)
require.NoError(t, err)
assert.Len(t, conv.Messages, 2)
// Append more messages
newMessages := CreateTestMessages(3)
updated, err := store.Append(ctx, "append-test", newMessages...)
require.NoError(t, err)
require.NotNil(t, updated)
assert.Len(t, updated.Messages, 5)
}
func TestRedisStore_Delete(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(1)
// Create conversation
_, err := store.Create(ctx, "delete-test", "model-1", messages)
require.NoError(t, err)
// Verify it exists
conv, err := store.Get(ctx, "delete-test")
require.NoError(t, err)
require.NotNil(t, conv)
// Delete it
err = store.Delete(ctx, "delete-test")
require.NoError(t, err)
// Verify it's gone
deleted, err := store.Get(ctx, "delete-test")
require.NoError(t, err)
assert.Nil(t, deleted)
}
func TestRedisStore_Size(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
// Initial size should be 0
assert.Equal(t, 0, store.Size())
// Create conversations
messages := CreateTestMessages(1)
_, err := store.Create(ctx, "size-1", "model-1", messages)
require.NoError(t, err)
_, err = store.Create(ctx, "size-2", "model-1", messages)
require.NoError(t, err)
assert.Equal(t, 2, store.Size())
// Delete one
err = store.Delete(ctx, "size-1")
require.NoError(t, err)
assert.Equal(t, 1, store.Size())
}
func TestRedisStore_TTL(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
// Use short TTL for testing
store := NewRedisStore(client, 100*time.Millisecond)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(1)
// Create a conversation
_, err := store.Create(ctx, "ttl-test", "model-1", messages)
require.NoError(t, err)
// Fast forward time in miniredis
mr.FastForward(200 * time.Millisecond)
// Key should have expired
conv, err := store.Get(ctx, "ttl-test")
require.NoError(t, err)
assert.Nil(t, conv, "conversation should have expired")
}
func TestRedisStore_KeyStorage(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(1)
// Create conversation
_, err := store.Create(ctx, "storage-test", "model-1", messages)
require.NoError(t, err)
// Check that key exists in Redis
keys := mr.Keys()
assert.Greater(t, len(keys), 0, "should have at least one key in Redis")
}
func TestRedisStore_Concurrent(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
// Run concurrent operations
done := make(chan bool, 10)
for i := 0; i < 10; i++ {
go func(idx int) {
id := fmt.Sprintf("concurrent-%d", idx)
messages := CreateTestMessages(2)
// Create
_, err := store.Create(ctx, id, "model-1", messages)
assert.NoError(t, err)
// Get
_, err = store.Get(ctx, id)
assert.NoError(t, err)
// Append
newMsg := CreateTestMessages(1)
_, err = store.Append(ctx, id, newMsg...)
assert.NoError(t, err)
done <- true
}(i)
}
// Wait for all goroutines
for i := 0; i < 10; i++ {
<-done
}
// Verify all conversations exist
assert.Equal(t, 10, store.Size())
}
func TestRedisStore_JSONEncoding(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
// Create messages with various content types
messages := []api.Message{
{
Role: "user",
Content: []api.ContentBlock{
{Type: "text", Text: "Hello"},
},
},
{
Role: "assistant",
Content: []api.ContentBlock{
{Type: "text", Text: "Hi there!"},
},
},
}
conv, err := store.Create(ctx, "json-test", "model-1", messages)
require.NoError(t, err)
// Retrieve and verify JSON encoding/decoding
retrieved, err := store.Get(ctx, "json-test")
require.NoError(t, err)
require.NotNil(t, retrieved)
assert.Equal(t, len(conv.Messages), len(retrieved.Messages))
assert.Equal(t, conv.Messages[0].Role, retrieved.Messages[0].Role)
assert.Equal(t, conv.Messages[0].Content[0].Text, retrieved.Messages[0].Content[0].Text)
}
func TestRedisStore_EmptyMessages(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
// Create conversation with empty messages
conv, err := store.Create(ctx, "empty", "model-1", []api.Message{})
require.NoError(t, err)
require.NotNil(t, conv)
assert.Len(t, conv.Messages, 0)
// Retrieve and verify
retrieved, err := store.Get(ctx, "empty")
require.NoError(t, err)
require.NotNil(t, retrieved)
assert.Len(t, retrieved.Messages, 0)
}
func TestRedisStore_UpdateExisting(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
messages1 := CreateTestMessages(2)
// Create first version
conv1, err := store.Create(ctx, "update-test", "model-1", messages1)
require.NoError(t, err)
originalTime := conv1.UpdatedAt
// Wait a bit
time.Sleep(10 * time.Millisecond)
// Create again with different data (overwrites)
messages2 := CreateTestMessages(3)
conv2, err := store.Create(ctx, "update-test", "model-2", messages2)
require.NoError(t, err)
assert.Equal(t, "model-2", conv2.Model)
assert.Len(t, conv2.Messages, 3)
assert.True(t, conv2.UpdatedAt.After(originalTime))
}
func TestRedisStore_ContextCancellation(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
// Create a cancelled context
ctx, cancel := context.WithCancel(context.Background())
cancel()
messages := CreateTestMessages(1)
// Operations with cancelled context should fail or return quickly
_, err := store.Create(ctx, "cancelled", "model-1", messages)
// Context cancellation should be respected
_ = err
}
func TestRedisStore_ScanPagination(t *testing.T) {
client, mr := SetupTestRedis(t)
defer mr.Close()
store := NewRedisStore(client, time.Hour)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(1)
// Create multiple conversations to test scanning
for i := 0; i < 50; i++ {
id := fmt.Sprintf("scan-%d", i)
_, err := store.Create(ctx, id, "model-1", messages)
require.NoError(t, err)
}
// Size should count all of them
assert.Equal(t, 50, store.Size())
}

15
internal/conversation/sql_store.go
View File

@@ -148,7 +148,20 @@ func (s *SQLStore) Size() int {
}
func (s *SQLStore) cleanup() {
ticker := time.NewTicker(1 * time.Minute)
// Calculate cleanup interval as 10% of TTL, with sensible bounds
interval := s.ttl / 10
// Cap maximum interval at 1 minute for production
if interval > 1*time.Minute {
interval = 1 * time.Minute
}
// Allow small intervals for testing (as low as 10ms)
if interval < 10*time.Millisecond {
interval = 10 * time.Millisecond
}
ticker := time.NewTicker(interval)
defer ticker.Stop()
for {

356
internal/conversation/sql_store_test.go Normal file
View File

@@ -0,0 +1,356 @@
package conversation
import (
"context"
"database/sql"
"fmt"
"testing"
"time"
_ "github.com/mattn/go-sqlite3"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"github.com/ajac-zero/latticelm/internal/api"
)
func setupSQLiteDB(t *testing.T) *sql.DB {
t.Helper()
db, err := sql.Open("sqlite3", ":memory:")
require.NoError(t, err)
return db
}
func TestNewSQLStore(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
require.NotNil(t, store)
defer store.Close()
// Verify table was created
var tableName string
err = db.QueryRow("SELECT name FROM sqlite_master WHERE type='table' AND name='conversations'").Scan(&tableName)
require.NoError(t, err)
assert.Equal(t, "conversations", tableName)
}
func TestSQLStore_Create(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(3)
conv, err := store.Create(ctx, "test-id", "test-model", messages)
require.NoError(t, err)
require.NotNil(t, conv)
assert.Equal(t, "test-id", conv.ID)
assert.Equal(t, "test-model", conv.Model)
assert.Len(t, conv.Messages, 3)
}
func TestSQLStore_Get(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(2)
// Create a conversation
created, err := store.Create(ctx, "get-test", "model-1", messages)
require.NoError(t, err)
// Retrieve it
retrieved, err := store.Get(ctx, "get-test")
require.NoError(t, err)
require.NotNil(t, retrieved)
assert.Equal(t, created.ID, retrieved.ID)
assert.Equal(t, created.Model, retrieved.Model)
assert.Len(t, retrieved.Messages, 2)
// Test not found
notFound, err := store.Get(ctx, "non-existent")
require.NoError(t, err)
assert.Nil(t, notFound)
}
func TestSQLStore_Append(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
initialMessages := CreateTestMessages(2)
// Create conversation
conv, err := store.Create(ctx, "append-test", "model-1", initialMessages)
require.NoError(t, err)
assert.Len(t, conv.Messages, 2)
// Append more messages
newMessages := CreateTestMessages(3)
updated, err := store.Append(ctx, "append-test", newMessages...)
require.NoError(t, err)
require.NotNil(t, updated)
assert.Len(t, updated.Messages, 5)
}
func TestSQLStore_Delete(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(1)
// Create conversation
_, err = store.Create(ctx, "delete-test", "model-1", messages)
require.NoError(t, err)
// Verify it exists
conv, err := store.Get(ctx, "delete-test")
require.NoError(t, err)
require.NotNil(t, conv)
// Delete it
err = store.Delete(ctx, "delete-test")
require.NoError(t, err)
// Verify it's gone
deleted, err := store.Get(ctx, "delete-test")
require.NoError(t, err)
assert.Nil(t, deleted)
}
func TestSQLStore_Size(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
// Initial size should be 0
assert.Equal(t, 0, store.Size())
// Create conversations
messages := CreateTestMessages(1)
_, err = store.Create(ctx, "size-1", "model-1", messages)
require.NoError(t, err)
_, err = store.Create(ctx, "size-2", "model-1", messages)
require.NoError(t, err)
assert.Equal(t, 2, store.Size())
// Delete one
err = store.Delete(ctx, "size-1")
require.NoError(t, err)
assert.Equal(t, 1, store.Size())
}
func TestSQLStore_Cleanup(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
// Use very short TTL for testing
store, err := NewSQLStore(db, "sqlite3", 100*time.Millisecond)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
messages := CreateTestMessages(1)
// Create a conversation
_, err = store.Create(ctx, "cleanup-test", "model-1", messages)
require.NoError(t, err)
assert.Equal(t, 1, store.Size())
// Wait for TTL to expire and cleanup to run
time.Sleep(500 * time.Millisecond)
// Conversation should be cleaned up
assert.Equal(t, 0, store.Size())
}
func TestSQLStore_ConcurrentAccess(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
// Run concurrent operations
done := make(chan bool, 10)
for i := 0; i < 10; i++ {
go func(idx int) {
id := fmt.Sprintf("concurrent-%d", idx)
messages := CreateTestMessages(2)
// Create
_, err := store.Create(ctx, id, "model-1", messages)
assert.NoError(t, err)
// Get
_, err = store.Get(ctx, id)
assert.NoError(t, err)
// Append
newMsg := CreateTestMessages(1)
_, err = store.Append(ctx, id, newMsg...)
assert.NoError(t, err)
done <- true
}(i)
}
// Wait for all goroutines
for i := 0; i < 10; i++ {
<-done
}
// Verify all conversations exist
assert.Equal(t, 10, store.Size())
}
func TestSQLStore_ContextCancellation(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
// Create a cancelled context
ctx, cancel := context.WithCancel(context.Background())
cancel()
messages := CreateTestMessages(1)
// Operations with cancelled context should fail or return quickly
_, err = store.Create(ctx, "cancelled", "model-1", messages)
// Error handling depends on driver, but context should be respected
_ = err
}
func TestSQLStore_JSONEncoding(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
// Create messages with various content types
messages := []api.Message{
{
Role: "user",
Content: []api.ContentBlock{
{Type: "text", Text: "Hello"},
},
},
{
Role: "assistant",
Content: []api.ContentBlock{
{Type: "text", Text: "Hi there!"},
},
},
}
conv, err := store.Create(ctx, "json-test", "model-1", messages)
require.NoError(t, err)
// Retrieve and verify JSON encoding/decoding
retrieved, err := store.Get(ctx, "json-test")
require.NoError(t, err)
require.NotNil(t, retrieved)
assert.Equal(t, len(conv.Messages), len(retrieved.Messages))
assert.Equal(t, conv.Messages[0].Role, retrieved.Messages[0].Role)
assert.Equal(t, conv.Messages[0].Content[0].Text, retrieved.Messages[0].Content[0].Text)
}
func TestSQLStore_EmptyMessages(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
// Create conversation with empty messages
conv, err := store.Create(ctx, "empty", "model-1", []api.Message{})
require.NoError(t, err)
require.NotNil(t, conv)
assert.Len(t, conv.Messages, 0)
// Retrieve and verify
retrieved, err := store.Get(ctx, "empty")
require.NoError(t, err)
require.NotNil(t, retrieved)
assert.Len(t, retrieved.Messages, 0)
}
func TestSQLStore_UpdateExisting(t *testing.T) {
db := setupSQLiteDB(t)
defer db.Close()
store, err := NewSQLStore(db, "sqlite3", time.Hour)
require.NoError(t, err)
defer store.Close()
ctx := context.Background()
messages1 := CreateTestMessages(2)
// Create first version
conv1, err := store.Create(ctx, "update-test", "model-1", messages1)
require.NoError(t, err)
originalTime := conv1.UpdatedAt
// Wait a bit
time.Sleep(10 * time.Millisecond)
// Create again with different data (upsert)
messages2 := CreateTestMessages(3)
conv2, err := store.Create(ctx, "update-test", "model-2", messages2)
require.NoError(t, err)
assert.Equal(t, "model-2", conv2.Model)
assert.Len(t, conv2.Messages, 3)
assert.True(t, conv2.UpdatedAt.After(originalTime))
}

172
internal/conversation/testing.go Normal file
View File

@@ -0,0 +1,172 @@
package conversation
import (
"context"
"database/sql"
"fmt"
"testing"
"time"
"github.com/alicebob/miniredis/v2"
_ "github.com/mattn/go-sqlite3"
"github.com/redis/go-redis/v9"
"github.com/ajac-zero/latticelm/internal/api"
)
// SetupTestDB creates an in-memory SQLite database for testing
func SetupTestDB(t *testing.T, driver string) *sql.DB {
t.Helper()
var dsn string
switch driver {
case "sqlite3":
// Use in-memory SQLite database
dsn = ":memory:"
case "postgres":
// For postgres tests, use a mock or skip
t.Skip("PostgreSQL tests require external database")
return nil
case "mysql":
// For mysql tests, use a mock or skip
t.Skip("MySQL tests require external database")
return nil
default:
t.Fatalf("unsupported driver: %s", driver)
return nil
}
db, err := sql.Open(driver, dsn)
if err != nil {
t.Fatalf("failed to open database: %v", err)
}
// Create the conversations table
schema := `
CREATE TABLE IF NOT EXISTS conversations (
conversation_id TEXT PRIMARY KEY,
messages TEXT NOT NULL,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
)
`
if _, err := db.Exec(schema); err != nil {
db.Close()
t.Fatalf("failed to create schema: %v", err)
}
return db
}
// SetupTestRedis creates a miniredis instance for testing
func SetupTestRedis(t *testing.T) (*redis.Client, *miniredis.Miniredis) {
t.Helper()
mr := miniredis.RunT(t)
client := redis.NewClient(&redis.Options{
Addr: mr.Addr(),
})
// Test connection
ctx := context.Background()
if err := client.Ping(ctx).Err(); err != nil {
t.Fatalf("failed to connect to miniredis: %v", err)
}
return client, mr
}
// CreateTestMessages generates test message fixtures
func CreateTestMessages(count int) []api.Message {
messages := make([]api.Message, count)
for i := 0; i < count; i++ {
role := "user"
if i%2 == 1 {
role = "assistant"
}
messages[i] = api.Message{
Role: role,
Content: []api.ContentBlock{
{
Type: "text",
Text: fmt.Sprintf("Test message %d", i+1),
},
},
}
}
return messages
}
// CreateTestConversation creates a test conversation with the given ID and messages
func CreateTestConversation(conversationID string, messageCount int) *Conversation {
return &Conversation{
ID: conversationID,
Messages: CreateTestMessages(messageCount),
Model: "test-model",
CreatedAt: time.Now(),
UpdatedAt: time.Now(),
}
}
// MockStore is a simple in-memory store for testing
type MockStore struct {
conversations map[string]*Conversation
getCalled bool
createCalled bool
appendCalled bool
deleteCalled bool
sizeCalled bool
}
func NewMockStore() *MockStore {
return &MockStore{
conversations: make(map[string]*Conversation),
}
}
func (m *MockStore) Get(ctx context.Context, conversationID string) (*Conversation, error) {
m.getCalled = true
conv, ok := m.conversations[conversationID]
if !ok {
return nil, fmt.Errorf("conversation not found")
}
return conv, nil
}
func (m *MockStore) Create(ctx context.Context, conversationID string, model string, messages []api.Message) (*Conversation, error) {
m.createCalled = true
m.conversations[conversationID] = &Conversation{
ID: conversationID,
Model: model,
Messages: messages,
CreatedAt: time.Now(),
UpdatedAt: time.Now(),
}
return m.conversations[conversationID], nil
}
func (m *MockStore) Append(ctx context.Context, conversationID string, messages ...api.Message) (*Conversation, error) {
m.appendCalled = true
conv, ok := m.conversations[conversationID]
if !ok {
return nil, fmt.Errorf("conversation not found")
}
conv.Messages = append(conv.Messages, messages...)
conv.UpdatedAt = time.Now()
return conv, nil
}
func (m *MockStore) Delete(ctx context.Context, conversationID string) error {
m.deleteCalled = true
delete(m.conversations, conversationID)
return nil
}
func (m *MockStore) Size() int {
m.sizeCalled = true
return len(m.conversations)
}
func (m *MockStore) Close() error {
return nil
}

15
internal/observability/metrics_middleware.go
View File

@@ -48,15 +48,30 @@ type metricsResponseWriter struct {
http.ResponseWriter
statusCode int
bytesWritten int
wroteHeader bool
}
func (w *metricsResponseWriter) WriteHeader(statusCode int) {
if w.wroteHeader {
return
}
w.wroteHeader = true
w.statusCode = statusCode
w.ResponseWriter.WriteHeader(statusCode)
}
func (w *metricsResponseWriter) Write(b []byte) (int, error) {
if !w.wroteHeader {
w.wroteHeader = true
w.statusCode = http.StatusOK
}
n, err := w.ResponseWriter.Write(b)
w.bytesWritten += n
return n, err
}
func (w *metricsResponseWriter) Flush() {
if flusher, ok := w.ResponseWriter.(http.Flusher); ok {
flusher.Flush()
}
}

424
internal/observability/metrics_test.go Normal file
View File

@@ -0,0 +1,424 @@
package observability
import (
"strings"
"testing"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/testutil"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestInitMetrics(t *testing.T) {
// Test that InitMetrics returns a non-nil registry
registry := InitMetrics()
require.NotNil(t, registry, "InitMetrics should return a non-nil registry")
// Test that we can gather metrics from the registry (may be empty if no metrics recorded)
metricFamilies, err := registry.Gather()
require.NoError(t, err, "Gathering metrics should not error")
// Just verify that the registry is functional
// We cannot test specific metrics as they are package-level variables that may already be registered elsewhere
_ = metricFamilies
}
func TestRecordCircuitBreakerStateChange(t *testing.T) {
tests := []struct {
name string
provider string
from string
to string
expectedState float64
}{
{
name: "transition to closed",
provider: "openai",
from: "open",
to: "closed",
expectedState: 0,
},
{
name: "transition to open",
provider: "anthropic",
from: "closed",
to: "open",
expectedState: 1,
},
{
name: "transition to half-open",
provider: "google",
from: "open",
to: "half-open",
expectedState: 2,
},
{
name: "closed to half-open",
provider: "openai",
from: "closed",
to: "half-open",
expectedState: 2,
},
{
name: "half-open to closed",
provider: "anthropic",
from: "half-open",
to: "closed",
expectedState: 0,
},
{
name: "half-open to open",
provider: "google",
from: "half-open",
to: "open",
expectedState: 1,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Reset metrics for this test
circuitBreakerStateTransitions.Reset()
circuitBreakerState.Reset()
// Record the state change
RecordCircuitBreakerStateChange(tt.provider, tt.from, tt.to)
// Verify the transition counter was incremented
transitionMetric := circuitBreakerStateTransitions.WithLabelValues(tt.provider, tt.from, tt.to)
value := testutil.ToFloat64(transitionMetric)
assert.Equal(t, 1.0, value, "transition counter should be incremented")
// Verify the state gauge was set correctly
stateMetric := circuitBreakerState.WithLabelValues(tt.provider)
stateValue := testutil.ToFloat64(stateMetric)
assert.Equal(t, tt.expectedState, stateValue, "state gauge should reflect new state")
})
}
}
func TestMetricLabels(t *testing.T) {
// Initialize a fresh registry for testing
registry := prometheus.NewRegistry()
// Create new metric for testing labels
testCounter := prometheus.NewCounterVec(
prometheus.CounterOpts{
Name: "test_counter",
Help: "Test counter for label verification",
},
[]string{"label1", "label2"},
)
registry.MustRegister(testCounter)
tests := []struct {
name string
label1 string
label2 string
incr float64
}{
{
name: "basic labels",
label1: "value1",
label2: "value2",
incr: 1.0,
},
{
name: "different labels",
label1: "foo",
label2: "bar",
incr: 5.0,
},
{
name: "empty labels",
label1: "",
label2: "",
incr: 2.0,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
counter := testCounter.WithLabelValues(tt.label1, tt.label2)
counter.Add(tt.incr)
value := testutil.ToFloat64(counter)
assert.Equal(t, tt.incr, value, "counter value should match increment")
})
}
}
func TestHTTPMetrics(t *testing.T) {
// Reset metrics
httpRequestsTotal.Reset()
httpRequestDuration.Reset()
httpRequestSize.Reset()
httpResponseSize.Reset()
tests := []struct {
name string
method string
path string
status string
}{
{
name: "GET request",
method: "GET",
path: "/api/v1/chat",
status: "200",
},
{
name: "POST request",
method: "POST",
path: "/api/v1/generate",
status: "201",
},
{
name: "error response",
method: "POST",
path: "/api/v1/chat",
status: "500",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Simulate recording HTTP metrics
httpRequestsTotal.WithLabelValues(tt.method, tt.path, tt.status).Inc()
httpRequestDuration.WithLabelValues(tt.method, tt.path, tt.status).Observe(0.5)
httpRequestSize.WithLabelValues(tt.method, tt.path).Observe(1024)
httpResponseSize.WithLabelValues(tt.method, tt.path).Observe(2048)
// Verify counter
counter := httpRequestsTotal.WithLabelValues(tt.method, tt.path, tt.status)
value := testutil.ToFloat64(counter)
assert.Greater(t, value, 0.0, "request counter should be incremented")
})
}
}
func TestProviderMetrics(t *testing.T) {
// Reset metrics
providerRequestsTotal.Reset()
providerRequestDuration.Reset()
providerTokensTotal.Reset()
providerStreamTTFB.Reset()
providerStreamChunks.Reset()
providerStreamDuration.Reset()
tests := []struct {
name string
provider string
model string
operation string
status string
}{
{
name: "OpenAI generate success",
provider: "openai",
model: "gpt-4",
operation: "generate",
status: "success",
},
{
name: "Anthropic stream success",
provider: "anthropic",
model: "claude-3-sonnet",
operation: "stream",
status: "success",
},
{
name: "Google generate error",
provider: "google",
model: "gemini-pro",
operation: "generate",
status: "error",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Simulate recording provider metrics
providerRequestsTotal.WithLabelValues(tt.provider, tt.model, tt.operation, tt.status).Inc()
providerRequestDuration.WithLabelValues(tt.provider, tt.model, tt.operation).Observe(1.5)
providerTokensTotal.WithLabelValues(tt.provider, tt.model, "input").Add(100)
providerTokensTotal.WithLabelValues(tt.provider, tt.model, "output").Add(50)
if tt.operation == "stream" {
providerStreamTTFB.WithLabelValues(tt.provider, tt.model).Observe(0.2)
providerStreamChunks.WithLabelValues(tt.provider, tt.model).Add(10)
providerStreamDuration.WithLabelValues(tt.provider, tt.model).Observe(2.0)
}
// Verify counter
counter := providerRequestsTotal.WithLabelValues(tt.provider, tt.model, tt.operation, tt.status)
value := testutil.ToFloat64(counter)
assert.Greater(t, value, 0.0, "request counter should be incremented")
// Verify token counts
inputTokens := providerTokensTotal.WithLabelValues(tt.provider, tt.model, "input")
inputValue := testutil.ToFloat64(inputTokens)
assert.Greater(t, inputValue, 0.0, "input tokens should be recorded")
outputTokens := providerTokensTotal.WithLabelValues(tt.provider, tt.model, "output")
outputValue := testutil.ToFloat64(outputTokens)
assert.Greater(t, outputValue, 0.0, "output tokens should be recorded")
})
}
}
func TestConversationStoreMetrics(t *testing.T) {
// Reset metrics
conversationOperationsTotal.Reset()
conversationOperationDuration.Reset()
conversationActiveCount.Reset()
tests := []struct {
name string
operation string
backend string
status string
}{
{
name: "create success",
operation: "create",
backend: "redis",
status: "success",
},
{
name: "get success",
operation: "get",
backend: "sql",
status: "success",
},
{
name: "delete error",
operation: "delete",
backend: "memory",
status: "error",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Simulate recording store metrics
conversationOperationsTotal.WithLabelValues(tt.operation, tt.backend, tt.status).Inc()
conversationOperationDuration.WithLabelValues(tt.operation, tt.backend).Observe(0.01)
if tt.operation == "create" {
conversationActiveCount.WithLabelValues(tt.backend).Inc()
} else if tt.operation == "delete" {
conversationActiveCount.WithLabelValues(tt.backend).Dec()
}
// Verify counter
counter := conversationOperationsTotal.WithLabelValues(tt.operation, tt.backend, tt.status)
value := testutil.ToFloat64(counter)
assert.Greater(t, value, 0.0, "operation counter should be incremented")
})
}
}
func TestMetricHelp(t *testing.T) {
registry := InitMetrics()
metricFamilies, err := registry.Gather()
require.NoError(t, err)
// Verify that all metrics have help text
for _, mf := range metricFamilies {
assert.NotEmpty(t, mf.GetHelp(), "metric %s should have help text", mf.GetName())
}
}
func TestMetricTypes(t *testing.T) {
registry := InitMetrics()
metricFamilies, err := registry.Gather()
require.NoError(t, err)
metricTypes := make(map[string]string)
for _, mf := range metricFamilies {
metricTypes[mf.GetName()] = mf.GetType().String()
}
// Verify counter metrics
counterMetrics := []string{
"http_requests_total",
"provider_requests_total",
"provider_tokens_total",
"provider_stream_chunks_total",
"conversation_operations_total",
"circuit_breaker_state_transitions_total",
}
for _, metric := range counterMetrics {
assert.Equal(t, "COUNTER", metricTypes[metric], "metric %s should be a counter", metric)
}
// Verify histogram metrics
histogramMetrics := []string{
"http_request_duration_seconds",
"http_request_size_bytes",
"http_response_size_bytes",
"provider_request_duration_seconds",
"provider_stream_ttfb_seconds",
"provider_stream_duration_seconds",
"conversation_operation_duration_seconds",
}
for _, metric := range histogramMetrics {
assert.Equal(t, "HISTOGRAM", metricTypes[metric], "metric %s should be a histogram", metric)
}
// Verify gauge metrics
gaugeMetrics := []string{
"conversation_active_count",
"circuit_breaker_state",
}
for _, metric := range gaugeMetrics {
assert.Equal(t, "GAUGE", metricTypes[metric], "metric %s should be a gauge", metric)
}
}
func TestCircuitBreakerInvalidState(t *testing.T) {
// Reset metrics
circuitBreakerState.Reset()
circuitBreakerStateTransitions.Reset()
// Record a state change with an unknown target state
RecordCircuitBreakerStateChange("test-provider", "closed", "unknown")
// The transition should still be recorded
transitionMetric := circuitBreakerStateTransitions.WithLabelValues("test-provider", "closed", "unknown")
value := testutil.ToFloat64(transitionMetric)
assert.Equal(t, 1.0, value, "transition should be recorded even for unknown state")
// The state gauge should be 0 (default for unknown states)
stateMetric := circuitBreakerState.WithLabelValues("test-provider")
stateValue := testutil.ToFloat64(stateMetric)
assert.Equal(t, 0.0, stateValue, "unknown state should default to 0")
}
func TestMetricNaming(t *testing.T) {
registry := InitMetrics()
metricFamilies, err := registry.Gather()
require.NoError(t, err)
// Verify metric naming conventions
for _, mf := range metricFamilies {
name := mf.GetName()
// Counter metrics should end with _total
if strings.HasSuffix(name, "_total") {
assert.Equal(t, "COUNTER", mf.GetType().String(), "metric %s ends with _total but is not a counter", name)
}
// Duration metrics should end with _seconds
if strings.Contains(name, "duration") {
assert.True(t, strings.HasSuffix(name, "_seconds"), "duration metric %s should end with _seconds", name)
}
// Size metrics should end with _bytes
if strings.Contains(name, "size") {
assert.True(t, strings.HasSuffix(name, "_bytes"), "size metric %s should end with _bytes", name)
}
}
}

65
internal/observability/middleware_response_writer_test.go Normal file
View File

@@ -0,0 +1,65 @@
package observability
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
)
var _ http.Flusher = (*metricsResponseWriter)(nil)
var _ http.Flusher = (*statusResponseWriter)(nil)
type testFlusherRecorder struct {
*httptest.ResponseRecorder
flushCount int
}
func newTestFlusherRecorder() *testFlusherRecorder {
return &testFlusherRecorder{ResponseRecorder: httptest.NewRecorder()}
}
func (r *testFlusherRecorder) Flush() {
r.flushCount++
}
func TestMetricsResponseWriterWriteHeaderOnlyOnce(t *testing.T) {
rec := httptest.NewRecorder()
rw := &metricsResponseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
rw.WriteHeader(http.StatusAccepted)
rw.WriteHeader(http.StatusInternalServerError)
assert.Equal(t, http.StatusAccepted, rec.Code)
assert.Equal(t, http.StatusAccepted, rw.statusCode)
}
func TestMetricsResponseWriterFlushDelegates(t *testing.T) {
rec := newTestFlusherRecorder()
rw := &metricsResponseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
rw.Flush()
assert.Equal(t, 1, rec.flushCount)
}
func TestStatusResponseWriterWriteHeaderOnlyOnce(t *testing.T) {
rec := httptest.NewRecorder()
rw := &statusResponseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
rw.WriteHeader(http.StatusNoContent)
rw.WriteHeader(http.StatusInternalServerError)
assert.Equal(t, http.StatusNoContent, rec.Code)
assert.Equal(t, http.StatusNoContent, rw.statusCode)
}
func TestStatusResponseWriterFlushDelegates(t *testing.T) {
rec := newTestFlusherRecorder()
rw := &statusResponseWriter{ResponseWriter: rec, statusCode: http.StatusOK}
rw.Flush()
assert.Equal(t, 1, rec.flushCount)
}

83
internal/observability/provider_wrapper.go
View File

@@ -132,48 +132,53 @@ func (p *InstrumentedProvider) GenerateStream(ctx context.Context, messages []ap
defer close(outChan)
defer close(outErrChan)
// Helper function to record final metrics
recordMetrics := func() {
duration := time.Since(start).Seconds()
status := "success"
if streamErr != nil {
status = "error"
if p.tracer != nil {
span := trace.SpanFromContext(ctx)
span.RecordError(streamErr)
span.SetStatus(codes.Error, streamErr.Error())
}
} else {
if p.tracer != nil {
span := trace.SpanFromContext(ctx)
span.SetAttributes(
attribute.Int64("provider.input_tokens", totalInputTokens),
attribute.Int64("provider.output_tokens", totalOutputTokens),
attribute.Int64("provider.chunk_count", chunkCount),
attribute.Float64("provider.ttfb_seconds", ttfb.Seconds()),
)
span.SetStatus(codes.Ok, "")
}
// Record token metrics
if p.registry != nil && (totalInputTokens > 0 || totalOutputTokens > 0) {
providerTokensTotal.WithLabelValues(p.base.Name(), req.Model, "input").Add(float64(totalInputTokens))
providerTokensTotal.WithLabelValues(p.base.Name(), req.Model, "output").Add(float64(totalOutputTokens))
}
}
// Record stream metrics
if p.registry != nil {
providerRequestsTotal.WithLabelValues(p.base.Name(), req.Model, "generate_stream", status).Inc()
providerStreamDuration.WithLabelValues(p.base.Name(), req.Model).Observe(duration)
providerStreamChunks.WithLabelValues(p.base.Name(), req.Model).Add(float64(chunkCount))
if ttfb > 0 {
providerStreamTTFB.WithLabelValues(p.base.Name(), req.Model).Observe(ttfb.Seconds())
}
}
}
for {
select {
case delta, ok := <-baseChan:
if !ok {
// Stream finished - record final metrics
duration := time.Since(start).Seconds()
status := "success"
if streamErr != nil {
status = "error"
if p.tracer != nil {
span := trace.SpanFromContext(ctx)
span.RecordError(streamErr)
span.SetStatus(codes.Error, streamErr.Error())
}
} else {
if p.tracer != nil {
span := trace.SpanFromContext(ctx)
span.SetAttributes(
attribute.Int64("provider.input_tokens", totalInputTokens),
attribute.Int64("provider.output_tokens", totalOutputTokens),
attribute.Int64("provider.chunk_count", chunkCount),
attribute.Float64("provider.ttfb_seconds", ttfb.Seconds()),
)
span.SetStatus(codes.Ok, "")
}
// Record token metrics
if p.registry != nil && (totalInputTokens > 0 || totalOutputTokens > 0) {
providerTokensTotal.WithLabelValues(p.base.Name(), req.Model, "input").Add(float64(totalInputTokens))
providerTokensTotal.WithLabelValues(p.base.Name(), req.Model, "output").Add(float64(totalOutputTokens))
}
}
// Record stream metrics
if p.registry != nil {
providerRequestsTotal.WithLabelValues(p.base.Name(), req.Model, "generate_stream", status).Inc()
providerStreamDuration.WithLabelValues(p.base.Name(), req.Model).Observe(duration)
providerStreamChunks.WithLabelValues(p.base.Name(), req.Model).Add(float64(chunkCount))
if ttfb > 0 {
providerStreamTTFB.WithLabelValues(p.base.Name(), req.Model).Observe(ttfb.Seconds())
}
}
recordMetrics()
return
}
@@ -198,8 +203,10 @@ func (p *InstrumentedProvider) GenerateStream(ctx context.Context, messages []ap
if ok && err != nil {
streamErr = err
outErrChan <- err
recordMetrics()
return
}
return
// If error channel closed without error, continue draining baseChan
}
}
}()

706
internal/observability/provider_wrapper_test.go Normal file
View File

@@ -0,0 +1,706 @@
package observability
import (
"context"
"errors"
"sync"
"testing"
"time"
"github.com/ajac-zero/latticelm/internal/api"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/testutil"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"go.opentelemetry.io/otel/codes"
sdktrace "go.opentelemetry.io/otel/sdk/trace"
)
// mockBaseProvider implements providers.Provider for testing
type mockBaseProvider struct {
name string
generateFunc func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (*api.ProviderResult, error)
streamFunc func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (<-chan *api.ProviderStreamDelta, <-chan error)
callCount int
mu sync.Mutex
}
func newMockBaseProvider(name string) *mockBaseProvider {
return &mockBaseProvider{
name: name,
}
}
func (m *mockBaseProvider) Name() string {
return m.name
}
func (m *mockBaseProvider) Generate(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (*api.ProviderResult, error) {
m.mu.Lock()
m.callCount++
m.mu.Unlock()
if m.generateFunc != nil {
return m.generateFunc(ctx, messages, req)
}
// Default successful response
return &api.ProviderResult{
ID: "test-id",
Model: req.Model,
Text: "test response",
Usage: api.Usage{
InputTokens: 100,
OutputTokens: 50,
TotalTokens: 150,
},
}, nil
}
func (m *mockBaseProvider) GenerateStream(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (<-chan *api.ProviderStreamDelta, <-chan error) {
m.mu.Lock()
m.callCount++
m.mu.Unlock()
if m.streamFunc != nil {
return m.streamFunc(ctx, messages, req)
}
// Default streaming response
deltaChan := make(chan *api.ProviderStreamDelta, 3)
errChan := make(chan error, 1)
go func() {
defer close(deltaChan)
defer close(errChan)
deltaChan <- &api.ProviderStreamDelta{
Model: req.Model,
Text: "chunk1",
}
deltaChan <- &api.ProviderStreamDelta{
Text: " chunk2",
Usage: &api.Usage{
InputTokens: 50,
OutputTokens: 25,
TotalTokens: 75,
},
}
deltaChan <- &api.ProviderStreamDelta{
Done: true,
}
}()
return deltaChan, errChan
}
func (m *mockBaseProvider) getCallCount() int {
m.mu.Lock()
defer m.mu.Unlock()
return m.callCount
}
func TestNewInstrumentedProvider(t *testing.T) {
tests := []struct {
name string
providerName string
withRegistry bool
withTracer bool
}{
{
name: "with registry and tracer",
providerName: "openai",
withRegistry: true,
withTracer: true,
},
{
name: "with registry only",
providerName: "anthropic",
withRegistry: true,
withTracer: false,
},
{
name: "with tracer only",
providerName: "google",
withRegistry: false,
withTracer: true,
},
{
name: "without observability",
providerName: "test",
withRegistry: false,
withTracer: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
base := newMockBaseProvider(tt.providerName)
var registry *prometheus.Registry
if tt.withRegistry {
registry = NewTestRegistry()
}
var tp *sdktrace.TracerProvider
_ = tp
if tt.withTracer {
tp, _ = NewTestTracer()
defer ShutdownTracer(tp)
}
wrapped := NewInstrumentedProvider(base, registry, tp)
require.NotNil(t, wrapped)
instrumented, ok := wrapped.(*InstrumentedProvider)
require.True(t, ok)
assert.Equal(t, tt.providerName, instrumented.Name())
})
}
}
func TestInstrumentedProvider_Generate(t *testing.T) {
tests := []struct {
name string
setupMock func(*mockBaseProvider)
expectError bool
checkMetrics bool
}{
{
name: "successful generation",
setupMock: func(m *mockBaseProvider) {
m.generateFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (*api.ProviderResult, error) {
return &api.ProviderResult{
ID: "success-id",
Model: req.Model,
Text: "Generated text",
Usage: api.Usage{
InputTokens: 200,
OutputTokens: 100,
TotalTokens: 300,
},
}, nil
}
},
expectError: false,
checkMetrics: true,
},
{
name: "generation error",
setupMock: func(m *mockBaseProvider) {
m.generateFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (*api.ProviderResult, error) {
return nil, errors.New("provider error")
}
},
expectError: true,
checkMetrics: true,
},
{
name: "nil result",
setupMock: func(m *mockBaseProvider) {
m.generateFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (*api.ProviderResult, error) {
return nil, nil
}
},
expectError: false,
checkMetrics: true,
},
{
name: "empty tokens",
setupMock: func(m *mockBaseProvider) {
m.generateFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (*api.ProviderResult, error) {
return &api.ProviderResult{
ID: "zero-tokens",
Model: req.Model,
Text: "text",
Usage: api.Usage{
InputTokens: 0,
OutputTokens: 0,
TotalTokens: 0,
},
}, nil
}
},
expectError: false,
checkMetrics: true,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Reset metrics
providerRequestsTotal.Reset()
providerRequestDuration.Reset()
providerTokensTotal.Reset()
base := newMockBaseProvider("test-provider")
tt.setupMock(base)
registry := NewTestRegistry()
InitMetrics() // Ensure metrics are registered
tp, exporter := NewTestTracer()
defer ShutdownTracer(tp)
wrapped := NewInstrumentedProvider(base, registry, tp)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "test"}}},
}
req := &api.ResponseRequest{Model: "test-model"}
result, err := wrapped.Generate(ctx, messages, req)
if tt.expectError {
assert.Error(t, err)
assert.Nil(t, result)
} else {
if result != nil {
assert.NoError(t, err)
assert.NotNil(t, result)
}
}
// Verify provider was called
assert.Equal(t, 1, base.getCallCount())
// Check metrics were recorded
if tt.checkMetrics {
status := "success"
if tt.expectError {
status = "error"
}
counter := providerRequestsTotal.WithLabelValues("test-provider", "test-model", "generate", status)
value := testutil.ToFloat64(counter)
assert.Equal(t, 1.0, value, "request counter should be incremented")
}
// Check spans were created
spans := exporter.GetSpans()
if len(spans) > 0 {
span := spans[0]
assert.Equal(t, "provider.generate", span.Name)
if tt.expectError {
assert.Equal(t, codes.Error, span.Status.Code)
} else if result != nil {
assert.Equal(t, codes.Ok, span.Status.Code)
}
}
})
}
}
func TestInstrumentedProvider_GenerateStream(t *testing.T) {
tests := []struct {
name string
setupMock func(*mockBaseProvider)
expectError bool
checkMetrics bool
expectedChunks int
}{
{
name: "successful streaming",
setupMock: func(m *mockBaseProvider) {
m.streamFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (<-chan *api.ProviderStreamDelta, <-chan error) {
deltaChan := make(chan *api.ProviderStreamDelta, 4)
errChan := make(chan error, 1)
go func() {
defer close(deltaChan)
defer close(errChan)
deltaChan <- &api.ProviderStreamDelta{
Model: req.Model,
Text: "First ",
}
deltaChan <- &api.ProviderStreamDelta{
Text: "Second ",
}
deltaChan <- &api.ProviderStreamDelta{
Text: "Third",
Usage: &api.Usage{
InputTokens: 150,
OutputTokens: 75,
TotalTokens: 225,
},
}
deltaChan <- &api.ProviderStreamDelta{
Done: true,
}
}()
return deltaChan, errChan
}
},
expectError: false,
checkMetrics: true,
expectedChunks: 4,
},
{
name: "streaming error",
setupMock: func(m *mockBaseProvider) {
m.streamFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (<-chan *api.ProviderStreamDelta, <-chan error) {
deltaChan := make(chan *api.ProviderStreamDelta)
errChan := make(chan error, 1)
go func() {
defer close(deltaChan)
defer close(errChan)
errChan <- errors.New("stream error")
}()
return deltaChan, errChan
}
},
expectError: true,
checkMetrics: true,
expectedChunks: 0,
},
{
name: "empty stream",
setupMock: func(m *mockBaseProvider) {
m.streamFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (<-chan *api.ProviderStreamDelta, <-chan error) {
deltaChan := make(chan *api.ProviderStreamDelta)
errChan := make(chan error, 1)
go func() {
defer close(deltaChan)
defer close(errChan)
}()
return deltaChan, errChan
}
},
expectError: false,
checkMetrics: true,
expectedChunks: 0,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Reset metrics
providerRequestsTotal.Reset()
providerStreamDuration.Reset()
providerStreamChunks.Reset()
providerStreamTTFB.Reset()
providerTokensTotal.Reset()
base := newMockBaseProvider("stream-provider")
tt.setupMock(base)
registry := NewTestRegistry()
InitMetrics()
tp, exporter := NewTestTracer()
defer ShutdownTracer(tp)
wrapped := NewInstrumentedProvider(base, registry, tp)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "stream test"}}},
}
req := &api.ResponseRequest{Model: "stream-model"}
deltaChan, errChan := wrapped.GenerateStream(ctx, messages, req)
// Consume the stream
var chunks []*api.ProviderStreamDelta
var streamErr error
for {
select {
case delta, ok := <-deltaChan:
if !ok {
goto Done
}
chunks = append(chunks, delta)
case err, ok := <-errChan:
if ok && err != nil {
streamErr = err
goto Done
}
}
}
Done:
if tt.expectError {
assert.Error(t, streamErr)
} else {
assert.NoError(t, streamErr)
}
assert.Equal(t, tt.expectedChunks, len(chunks))
// Give goroutine time to finish metrics recording
time.Sleep(100 * time.Millisecond)
// Verify provider was called
assert.Equal(t, 1, base.getCallCount())
// Check metrics
if tt.checkMetrics {
status := "success"
if tt.expectError {
status = "error"
}
counter := providerRequestsTotal.WithLabelValues("stream-provider", "stream-model", "generate_stream", status)
value := testutil.ToFloat64(counter)
assert.Equal(t, 1.0, value, "stream request counter should be incremented")
}
// Check spans
time.Sleep(100 * time.Millisecond) // Give time for span to be exported
spans := exporter.GetSpans()
if len(spans) > 0 {
span := spans[0]
assert.Equal(t, "provider.generate_stream", span.Name)
}
})
}
}
func TestInstrumentedProvider_MetricsRecording(t *testing.T) {
// Reset all metrics
providerRequestsTotal.Reset()
providerRequestDuration.Reset()
providerTokensTotal.Reset()
providerStreamTTFB.Reset()
providerStreamChunks.Reset()
providerStreamDuration.Reset()
base := newMockBaseProvider("metrics-test")
registry := NewTestRegistry()
InitMetrics()
wrapped := NewInstrumentedProvider(base, registry, nil)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "test"}}},
}
req := &api.ResponseRequest{Model: "test-model"}
// Test Generate metrics
result, err := wrapped.Generate(ctx, messages, req)
require.NoError(t, err)
require.NotNil(t, result)
// Verify counter
counter := providerRequestsTotal.WithLabelValues("metrics-test", "test-model", "generate", "success")
value := testutil.ToFloat64(counter)
assert.Equal(t, 1.0, value)
// Verify token metrics
inputTokens := providerTokensTotal.WithLabelValues("metrics-test", "test-model", "input")
inputValue := testutil.ToFloat64(inputTokens)
assert.Equal(t, 100.0, inputValue)
outputTokens := providerTokensTotal.WithLabelValues("metrics-test", "test-model", "output")
outputValue := testutil.ToFloat64(outputTokens)
assert.Equal(t, 50.0, outputValue)
}
func TestInstrumentedProvider_TracingSpans(t *testing.T) {
base := newMockBaseProvider("trace-test")
tp, exporter := NewTestTracer()
defer ShutdownTracer(tp)
wrapped := NewInstrumentedProvider(base, nil, tp)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "trace"}}},
}
req := &api.ResponseRequest{Model: "trace-model"}
// Test Generate span
result, err := wrapped.Generate(ctx, messages, req)
require.NoError(t, err)
require.NotNil(t, result)
// Force span export
tp.ForceFlush(ctx)
spans := exporter.GetSpans()
require.GreaterOrEqual(t, len(spans), 1)
span := spans[0]
assert.Equal(t, "provider.generate", span.Name)
// Check attributes
attrs := span.Attributes
attrMap := make(map[string]interface{})
for _, attr := range attrs {
attrMap[string(attr.Key)] = attr.Value.AsInterface()
}
assert.Equal(t, "trace-test", attrMap["provider.name"])
assert.Equal(t, "trace-model", attrMap["provider.model"])
assert.Equal(t, int64(100), attrMap["provider.input_tokens"])
assert.Equal(t, int64(50), attrMap["provider.output_tokens"])
assert.Equal(t, int64(150), attrMap["provider.total_tokens"])
}
func TestInstrumentedProvider_WithoutObservability(t *testing.T) {
base := newMockBaseProvider("no-obs")
wrapped := NewInstrumentedProvider(base, nil, nil)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "test"}}},
}
req := &api.ResponseRequest{Model: "test"}
// Should work without observability
result, err := wrapped.Generate(ctx, messages, req)
assert.NoError(t, err)
assert.NotNil(t, result)
// Stream should also work
deltaChan, errChan := wrapped.GenerateStream(ctx, messages, req)
for {
select {
case _, ok := <-deltaChan:
if !ok {
goto Done
}
case <-errChan:
goto Done
}
}
Done:
assert.Equal(t, 2, base.getCallCount())
}
func TestInstrumentedProvider_Name(t *testing.T) {
tests := []struct {
name string
providerName string
}{
{
name: "openai provider",
providerName: "openai",
},
{
name: "anthropic provider",
providerName: "anthropic",
},
{
name: "google provider",
providerName: "google",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
base := newMockBaseProvider(tt.providerName)
wrapped := NewInstrumentedProvider(base, nil, nil)
assert.Equal(t, tt.providerName, wrapped.Name())
})
}
}
func TestInstrumentedProvider_ConcurrentCalls(t *testing.T) {
base := newMockBaseProvider("concurrent-test")
registry := NewTestRegistry()
InitMetrics()
tp, _ := NewTestTracer()
defer ShutdownTracer(tp)
wrapped := NewInstrumentedProvider(base, registry, tp)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "concurrent"}}},
}
// Make concurrent requests
const numRequests = 10
var wg sync.WaitGroup
wg.Add(numRequests)
for i := 0; i < numRequests; i++ {
go func(idx int) {
defer wg.Done()
req := &api.ResponseRequest{Model: "concurrent-model"}
_, _ = wrapped.Generate(ctx, messages, req)
}(i)
}
wg.Wait()
// Verify all calls were made
assert.Equal(t, numRequests, base.getCallCount())
// Verify metrics recorded all requests
counter := providerRequestsTotal.WithLabelValues("concurrent-test", "concurrent-model", "generate", "success")
value := testutil.ToFloat64(counter)
assert.Equal(t, float64(numRequests), value)
}
func TestInstrumentedProvider_StreamTTFB(t *testing.T) {
providerStreamTTFB.Reset()
base := newMockBaseProvider("ttfb-test")
base.streamFunc = func(ctx context.Context, messages []api.Message, req *api.ResponseRequest) (<-chan *api.ProviderStreamDelta, <-chan error) {
deltaChan := make(chan *api.ProviderStreamDelta, 2)
errChan := make(chan error, 1)
go func() {
defer close(deltaChan)
defer close(errChan)
// Simulate delay before first chunk
time.Sleep(50 * time.Millisecond)
deltaChan <- &api.ProviderStreamDelta{Text: "first"}
deltaChan <- &api.ProviderStreamDelta{Done: true}
}()
return deltaChan, errChan
}
registry := NewTestRegistry()
InitMetrics()
wrapped := NewInstrumentedProvider(base, registry, nil)
ctx := context.Background()
messages := []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "text", Text: "ttfb"}}},
}
req := &api.ResponseRequest{Model: "ttfb-model"}
deltaChan, errChan := wrapped.GenerateStream(ctx, messages, req)
// Consume stream
for {
select {
case _, ok := <-deltaChan:
if !ok {
goto Done
}
case <-errChan:
goto Done
}
}
Done:
// Give time for metrics to be recorded
time.Sleep(100 * time.Millisecond)
// TTFB should have been recorded (we can't check exact value due to timing)
// Just verify the metric exists
counter := providerStreamChunks.WithLabelValues("ttfb-test", "ttfb-model")
value := testutil.ToFloat64(counter)
assert.Greater(t, value, 0.0)
}

120
internal/observability/testing.go Normal file
View File

@@ -0,0 +1,120 @@
package observability
import (
"context"
"io"
"github.com/prometheus/client_golang/prometheus"
"github.com/prometheus/client_golang/prometheus/testutil"
"go.opentelemetry.io/otel"
"go.opentelemetry.io/otel/sdk/resource"
sdktrace "go.opentelemetry.io/otel/sdk/trace"
"go.opentelemetry.io/otel/sdk/trace/tracetest"
semconv "go.opentelemetry.io/otel/semconv/v1.24.0"
)
// NewTestRegistry creates a new isolated Prometheus registry for testing
func NewTestRegistry() *prometheus.Registry {
return prometheus.NewRegistry()
}
// NewTestTracer creates a no-op tracer for testing
func NewTestTracer() (*sdktrace.TracerProvider, *tracetest.InMemoryExporter) {
exporter := tracetest.NewInMemoryExporter()
res := resource.NewSchemaless(
semconv.ServiceNameKey.String("test-service"),
)
tp := sdktrace.NewTracerProvider(
sdktrace.WithSyncer(exporter),
sdktrace.WithResource(res),
)
otel.SetTracerProvider(tp)
return tp, exporter
}
// GetMetricValue extracts a metric value from a registry
func GetMetricValue(registry *prometheus.Registry, metricName string) (float64, error) {
metrics, err := registry.Gather()
if err != nil {
return 0, err
}
for _, mf := range metrics {
if mf.GetName() == metricName {
if len(mf.GetMetric()) > 0 {
m := mf.GetMetric()[0]
if m.GetCounter() != nil {
return m.GetCounter().GetValue(), nil
}
if m.GetGauge() != nil {
return m.GetGauge().GetValue(), nil
}
if m.GetHistogram() != nil {
return float64(m.GetHistogram().GetSampleCount()), nil
}
}
}
}
return 0, nil
}
// CountMetricsWithName counts how many metrics match the given name
func CountMetricsWithName(registry *prometheus.Registry, metricName string) (int, error) {
metrics, err := registry.Gather()
if err != nil {
return 0, err
}
for _, mf := range metrics {
if mf.GetName() == metricName {
return len(mf.GetMetric()), nil
}
}
return 0, nil
}
// GetCounterValue is a helper to get counter values using testutil
func GetCounterValue(counter prometheus.Counter) float64 {
return testutil.ToFloat64(counter)
}
// NewNoOpTracerProvider creates a tracer provider that discards all spans
func NewNoOpTracerProvider() *sdktrace.TracerProvider {
return sdktrace.NewTracerProvider(
sdktrace.WithSpanProcessor(sdktrace.NewSimpleSpanProcessor(&noOpExporter{})),
)
}
// noOpExporter is an exporter that discards all spans
type noOpExporter struct{}
func (e *noOpExporter) ExportSpans(context.Context, []sdktrace.ReadOnlySpan) error {
return nil
}
func (e *noOpExporter) Shutdown(context.Context) error {
return nil
}
// ShutdownTracer is a helper to safely shutdown a tracer provider
func ShutdownTracer(tp *sdktrace.TracerProvider) error {
if tp != nil {
return tp.Shutdown(context.Background())
}
return nil
}
// NewTestExporter creates a test exporter that writes to the provided writer
type TestExporter struct {
writer io.Writer
}
func (e *TestExporter) ExportSpans(ctx context.Context, spans []sdktrace.ReadOnlySpan) error {
return nil
}
func (e *TestExporter) Shutdown(ctx context.Context) error {
return nil
}

13
internal/observability/tracing.go
View File

@@ -17,19 +17,14 @@ import (
// InitTracer initializes the OpenTelemetry tracer provider.
func InitTracer(cfg config.TracingConfig) (*sdktrace.TracerProvider, error) {
// Create resource with service information
res, err := resource.Merge(
resource.Default(),
resource.NewWithAttributes(
semconv.SchemaURL,
semconv.ServiceName(cfg.ServiceName),
),
// Use NewSchemaless to avoid schema version conflicts
res := resource.NewSchemaless(
semconv.ServiceName(cfg.ServiceName),
)
if err != nil {
return nil, fmt.Errorf("failed to create resource: %w", err)
}
// Create exporter
var exporter sdktrace.SpanExporter
var err error
switch cfg.Exporter.Type {
case "otlp":
exporter, err = createOTLPExporter(cfg.Exporter)

17
internal/observability/tracing_middleware.go
View File

@@ -72,14 +72,29 @@ func TracingMiddleware(next http.Handler, tp *sdktrace.TracerProvider) http.Hand
// statusResponseWriter wraps http.ResponseWriter to capture the status code.
type statusResponseWriter struct {
http.ResponseWriter
statusCode int
statusCode int
wroteHeader bool
}
func (w *statusResponseWriter) WriteHeader(statusCode int) {
if w.wroteHeader {
return
}
w.wroteHeader = true
w.statusCode = statusCode
w.ResponseWriter.WriteHeader(statusCode)
}
func (w *statusResponseWriter) Write(b []byte) (int, error) {
if !w.wroteHeader {
w.wroteHeader = true
w.statusCode = http.StatusOK
}
return w.ResponseWriter.Write(b)
}
func (w *statusResponseWriter) Flush() {
if flusher, ok := w.ResponseWriter.(http.Flusher); ok {
flusher.Flush()
}
}

496
internal/observability/tracing_test.go Normal file
View File

@@ -0,0 +1,496 @@
package observability
import (
"context"
"strings"
"testing"
"time"
"github.com/ajac-zero/latticelm/internal/config"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
sdktrace "go.opentelemetry.io/otel/sdk/trace"
)
func TestInitTracer_StdoutExporter(t *testing.T) {
tests := []struct {
name string
cfg config.TracingConfig
expectError bool
}{
{
name: "stdout exporter with always sampler",
cfg: config.TracingConfig{
Enabled: true,
ServiceName: "test-service",
Sampler: config.SamplerConfig{
Type: "always",
},
Exporter: config.ExporterConfig{
Type: "stdout",
},
},
expectError: false,
},
{
name: "stdout exporter with never sampler",
cfg: config.TracingConfig{
Enabled: true,
ServiceName: "test-service-2",
Sampler: config.SamplerConfig{
Type: "never",
},
Exporter: config.ExporterConfig{
Type: "stdout",
},
},
expectError: false,
},
{
name: "stdout exporter with probability sampler",
cfg: config.TracingConfig{
Enabled: true,
ServiceName: "test-service-3",
Sampler: config.SamplerConfig{
Type: "probability",
Rate: 0.5,
},
Exporter: config.ExporterConfig{
Type: "stdout",
},
},
expectError: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
tp, err := InitTracer(tt.cfg)
if tt.expectError {
assert.Error(t, err)
assert.Nil(t, tp)
} else {
require.NoError(t, err)
require.NotNil(t, tp)
// Clean up
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
err = tp.Shutdown(ctx)
assert.NoError(t, err)
}
})
}
}
func TestInitTracer_InvalidExporter(t *testing.T) {
cfg := config.TracingConfig{
Enabled: true,
ServiceName: "test-service",
Sampler: config.SamplerConfig{
Type: "always",
},
Exporter: config.ExporterConfig{
Type: "invalid-exporter",
},
}
tp, err := InitTracer(cfg)
assert.Error(t, err)
assert.Nil(t, tp)
assert.Contains(t, err.Error(), "unsupported exporter type")
}
func TestCreateSampler(t *testing.T) {
tests := []struct {
name string
cfg config.SamplerConfig
expectedType string
shouldSample bool
checkSampleAll bool // If true, check that all spans are sampled
}{
{
name: "always sampler",
cfg: config.SamplerConfig{
Type: "always",
},
expectedType: "AlwaysOn",
shouldSample: true,
checkSampleAll: true,
},
{
name: "never sampler",
cfg: config.SamplerConfig{
Type: "never",
},
expectedType: "AlwaysOff",
shouldSample: false,
checkSampleAll: true,
},
{
name: "probability sampler - 100%",
cfg: config.SamplerConfig{
Type: "probability",
Rate: 1.0,
},
expectedType: "AlwaysOn",
shouldSample: true,
checkSampleAll: true,
},
{
name: "probability sampler - 0%",
cfg: config.SamplerConfig{
Type: "probability",
Rate: 0.0,
},
expectedType: "TraceIDRatioBased",
shouldSample: false,
checkSampleAll: true,
},
{
name: "probability sampler - 50%",
cfg: config.SamplerConfig{
Type: "probability",
Rate: 0.5,
},
expectedType: "TraceIDRatioBased",
shouldSample: false, // Can't guarantee sampling
checkSampleAll: false,
},
{
name: "default sampler (invalid type)",
cfg: config.SamplerConfig{
Type: "unknown",
},
expectedType: "TraceIDRatioBased",
shouldSample: false, // 10% default
checkSampleAll: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
sampler := createSampler(tt.cfg)
require.NotNil(t, sampler)
// Get the sampler description
description := sampler.Description()
assert.Contains(t, description, tt.expectedType)
// Test sampling behavior for deterministic samplers
if tt.checkSampleAll {
tp := sdktrace.NewTracerProvider(
sdktrace.WithSampler(sampler),
)
tracer := tp.Tracer("test")
// Create a test span
ctx := context.Background()
_, span := tracer.Start(ctx, "test-span")
spanContext := span.SpanContext()
span.End()
// Check if span was sampled
isSampled := spanContext.IsSampled()
assert.Equal(t, tt.shouldSample, isSampled, "sampling result should match expected")
// Clean up
_ = tp.Shutdown(context.Background())
}
})
}
}
func TestShutdown(t *testing.T) {
tests := []struct {
name string
setupTP func() *sdktrace.TracerProvider
expectError bool
}{
{
name: "shutdown valid tracer provider",
setupTP: func() *sdktrace.TracerProvider {
return sdktrace.NewTracerProvider()
},
expectError: false,
},
{
name: "shutdown nil tracer provider",
setupTP: func() *sdktrace.TracerProvider {
return nil
},
expectError: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
tp := tt.setupTP()
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
err := Shutdown(ctx, tp)
if tt.expectError {
assert.Error(t, err)
} else {
assert.NoError(t, err)
}
})
}
}
func TestShutdown_ContextTimeout(t *testing.T) {
tp := sdktrace.NewTracerProvider()
// Create a context that's already canceled
ctx, cancel := context.WithCancel(context.Background())
cancel()
err := Shutdown(ctx, tp)
// Shutdown should handle context cancellation gracefully
// The error might be nil or context.Canceled depending on timing
if err != nil {
assert.Contains(t, err.Error(), "context")
}
}
func TestTracerConfig_ServiceName(t *testing.T) {
tests := []struct {
name string
serviceName string
}{
{
name: "default service name",
serviceName: "llm-gateway",
},
{
name: "custom service name",
serviceName: "custom-gateway",
},
{
name: "empty service name",
serviceName: "",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
cfg := config.TracingConfig{
Enabled: true,
ServiceName: tt.serviceName,
Sampler: config.SamplerConfig{
Type: "always",
},
Exporter: config.ExporterConfig{
Type: "stdout",
},
}
tp, err := InitTracer(cfg)
// Schema URL conflicts may occur in test environment, which is acceptable
if err != nil && !strings.Contains(err.Error(), "conflicting Schema URL") {
t.Fatalf("unexpected error: %v", err)
}
if tp != nil {
// Clean up
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
_ = tp.Shutdown(ctx)
}
})
}
}
func TestCreateSampler_EdgeCases(t *testing.T) {
tests := []struct {
name string
cfg config.SamplerConfig
}{
{
name: "negative rate",
cfg: config.SamplerConfig{
Type: "probability",
Rate: -0.5,
},
},
{
name: "rate greater than 1",
cfg: config.SamplerConfig{
Type: "probability",
Rate: 1.5,
},
},
{
name: "empty type",
cfg: config.SamplerConfig{
Type: "",
Rate: 0.5,
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// createSampler should not panic with edge cases
sampler := createSampler(tt.cfg)
assert.NotNil(t, sampler)
})
}
}
func TestTracerProvider_MultipleShutdowns(t *testing.T) {
tp := sdktrace.NewTracerProvider()
ctx := context.Background()
// First shutdown should succeed
err1 := Shutdown(ctx, tp)
assert.NoError(t, err1)
// Second shutdown might return error but shouldn't panic
err2 := Shutdown(ctx, tp)
// Error is acceptable here as provider is already shut down
_ = err2
}
func TestSamplerDescription(t *testing.T) {
tests := []struct {
name string
cfg config.SamplerConfig
expectedInDesc string
}{
{
name: "always sampler description",
cfg: config.SamplerConfig{
Type: "always",
},
expectedInDesc: "AlwaysOn",
},
{
name: "never sampler description",
cfg: config.SamplerConfig{
Type: "never",
},
expectedInDesc: "AlwaysOff",
},
{
name: "probability sampler description",
cfg: config.SamplerConfig{
Type: "probability",
Rate: 0.75,
},
expectedInDesc: "TraceIDRatioBased",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
sampler := createSampler(tt.cfg)
description := sampler.Description()
assert.Contains(t, description, tt.expectedInDesc)
})
}
}
func TestInitTracer_ResourceAttributes(t *testing.T) {
cfg := config.TracingConfig{
Enabled: true,
ServiceName: "test-resource-service",
Sampler: config.SamplerConfig{
Type: "always",
},
Exporter: config.ExporterConfig{
Type: "stdout",
},
}
tp, err := InitTracer(cfg)
// Schema URL conflicts may occur in test environment, which is acceptable
if err != nil && !strings.Contains(err.Error(), "conflicting Schema URL") {
t.Fatalf("unexpected error: %v", err)
}
if tp != nil {
// Verify that the tracer provider was created successfully
// Resource attributes are embedded in the provider
tracer := tp.Tracer("test")
assert.NotNil(t, tracer)
// Clean up
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
defer cancel()
_ = tp.Shutdown(ctx)
}
}
func TestProbabilitySampler_Boundaries(t *testing.T) {
tests := []struct {
name string
rate float64
shouldAlways bool
shouldNever bool
}{
{
name: "rate 0.0 - never sample",
rate: 0.0,
shouldAlways: false,
shouldNever: true,
},
{
name: "rate 1.0 - always sample",
rate: 1.0,
shouldAlways: true,
shouldNever: false,
},
{
name: "rate 0.5 - probabilistic",
rate: 0.5,
shouldAlways: false,
shouldNever: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
cfg := config.SamplerConfig{
Type: "probability",
Rate: tt.rate,
}
sampler := createSampler(cfg)
tp := sdktrace.NewTracerProvider(
sdktrace.WithSampler(sampler),
)
defer tp.Shutdown(context.Background())
tracer := tp.Tracer("test")
// Test multiple spans to verify sampling behavior
sampledCount := 0
totalSpans := 100
for i := 0; i < totalSpans; i++ {
ctx := context.Background()
_, span := tracer.Start(ctx, "test-span")
if span.SpanContext().IsSampled() {
sampledCount++
}
span.End()
}
if tt.shouldAlways {
assert.Equal(t, totalSpans, sampledCount, "all spans should be sampled")
} else if tt.shouldNever {
assert.Equal(t, 0, sampledCount, "no spans should be sampled")
} else {
// For probabilistic sampling, we just verify it's not all or nothing
assert.Greater(t, sampledCount, 0, "some spans should be sampled")
assert.Less(t, sampledCount, totalSpans, "not all spans should be sampled")
}
})
}
}

291
internal/providers/anthropic/anthropic_test.go Normal file
View File

@@ -0,0 +1,291 @@
package anthropic
import (
"context"
"testing"
"github.com/ajac-zero/latticelm/internal/api"
"github.com/ajac-zero/latticelm/internal/config"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestNew(t *testing.T) {
tests := []struct {
name string
cfg config.ProviderConfig
validate func(t *testing.T, p *Provider)
}{
{
name: "creates provider with API key",
cfg: config.ProviderConfig{
APIKey: "sk-ant-test-key",
Model: "claude-3-opus",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.NotNil(t, p.client)
assert.Equal(t, "sk-ant-test-key", p.cfg.APIKey)
assert.Equal(t, "claude-3-opus", p.cfg.Model)
assert.False(t, p.azure)
},
},
{
name: "creates provider without API key",
cfg: config.ProviderConfig{
APIKey: "",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.Nil(t, p.client)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := New(tt.cfg)
tt.validate(t, p)
})
}
}
func TestNewAzure(t *testing.T) {
tests := []struct {
name string
cfg config.AzureAnthropicConfig
validate func(t *testing.T, p *Provider)
}{
{
name: "creates Azure provider with endpoint and API key",
cfg: config.AzureAnthropicConfig{
APIKey: "azure-key",
Endpoint: "https://test.services.ai.azure.com/anthropic",
Model: "claude-3-sonnet",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.NotNil(t, p.client)
assert.Equal(t, "azure-key", p.cfg.APIKey)
assert.Equal(t, "claude-3-sonnet", p.cfg.Model)
assert.True(t, p.azure)
},
},
{
name: "creates Azure provider without API key",
cfg: config.AzureAnthropicConfig{
APIKey: "",
Endpoint: "https://test.services.ai.azure.com/anthropic",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.Nil(t, p.client)
assert.True(t, p.azure)
},
},
{
name: "creates Azure provider without endpoint",
cfg: config.AzureAnthropicConfig{
APIKey: "azure-key",
Endpoint: "",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.Nil(t, p.client)
assert.True(t, p.azure)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := NewAzure(tt.cfg)
tt.validate(t, p)
})
}
}
func TestProvider_Name(t *testing.T) {
p := New(config.ProviderConfig{})
assert.Equal(t, "anthropic", p.Name())
}
func TestProvider_Generate_Validation(t *testing.T) {
tests := []struct {
name string
provider *Provider
messages []api.Message
req *api.ResponseRequest
expectError bool
errorMsg string
}{
{
name: "returns error when API key missing",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: ""},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "claude-3-opus",
},
expectError: true,
errorMsg: "api key missing",
},
{
name: "returns error when client not initialized",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: "sk-ant-test"},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "claude-3-opus",
},
expectError: true,
errorMsg: "client not initialized",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result, err := tt.provider.Generate(context.Background(), tt.messages, tt.req)
if tt.expectError {
assert.Error(t, err)
assert.Nil(t, result)
if tt.errorMsg != "" {
assert.Contains(t, err.Error(), tt.errorMsg)
}
} else {
assert.NoError(t, err)
assert.NotNil(t, result)
}
})
}
}
func TestProvider_GenerateStream_Validation(t *testing.T) {
tests := []struct {
name string
provider *Provider
messages []api.Message
req *api.ResponseRequest
expectError bool
errorMsg string
}{
{
name: "returns error when API key missing",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: ""},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "claude-3-opus",
},
expectError: true,
errorMsg: "api key missing",
},
{
name: "returns error when client not initialized",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: "sk-ant-test"},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "claude-3-opus",
},
expectError: true,
errorMsg: "client not initialized",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
deltaChan, errChan := tt.provider.GenerateStream(context.Background(), tt.messages, tt.req)
// Read from channels
var receivedError error
for {
select {
case _, ok := <-deltaChan:
if !ok {
deltaChan = nil
}
case err, ok := <-errChan:
if ok && err != nil {
receivedError = err
}
errChan = nil
}
if deltaChan == nil && errChan == nil {
break
}
}
if tt.expectError {
require.Error(t, receivedError)
if tt.errorMsg != "" {
assert.Contains(t, receivedError.Error(), tt.errorMsg)
}
} else {
assert.NoError(t, receivedError)
}
})
}
}
func TestChooseModel(t *testing.T) {
tests := []struct {
name string
requested string
defaultModel string
expected string
}{
{
name: "returns requested model when provided",
requested: "claude-3-opus",
defaultModel: "claude-3-sonnet",
expected: "claude-3-opus",
},
{
name: "returns default model when requested is empty",
requested: "",
defaultModel: "claude-3-sonnet",
expected: "claude-3-sonnet",
},
{
name: "returns fallback when both empty",
requested: "",
defaultModel: "",
expected: "claude-3-5-sonnet",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := chooseModel(tt.requested, tt.defaultModel)
assert.Equal(t, tt.expected, result)
})
}
}
func TestExtractToolCalls(t *testing.T) {
// Note: This function is already tested in convert_test.go
// This is a placeholder for additional integration tests if needed
t.Run("returns nil for empty content", func(t *testing.T) {
result := extractToolCalls(nil)
assert.Nil(t, result)
})
}

574
internal/providers/google/google_test.go Normal file
View File

@@ -0,0 +1,574 @@
package google
import (
"context"
"testing"
"github.com/ajac-zero/latticelm/internal/api"
"github.com/ajac-zero/latticelm/internal/config"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"google.golang.org/genai"
)
func TestNew(t *testing.T) {
tests := []struct {
name string
cfg config.ProviderConfig
expectError bool
validate func(t *testing.T, p *Provider, err error)
}{
{
name: "creates provider with API key",
cfg: config.ProviderConfig{
APIKey: "test-api-key",
Model: "gemini-2.0-flash",
},
expectError: false,
validate: func(t *testing.T, p *Provider, err error) {
assert.NoError(t, err)
assert.NotNil(t, p)
assert.NotNil(t, p.client)
assert.Equal(t, "test-api-key", p.cfg.APIKey)
assert.Equal(t, "gemini-2.0-flash", p.cfg.Model)
},
},
{
name: "creates provider without API key",
cfg: config.ProviderConfig{
APIKey: "",
},
expectError: false,
validate: func(t *testing.T, p *Provider, err error) {
assert.NoError(t, err)
assert.NotNil(t, p)
assert.Nil(t, p.client)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p, err := New(tt.cfg)
tt.validate(t, p, err)
})
}
}
func TestNewVertexAI(t *testing.T) {
tests := []struct {
name string
cfg config.VertexAIConfig
expectError bool
validate func(t *testing.T, p *Provider, err error)
}{
{
name: "creates Vertex AI provider with project and location",
cfg: config.VertexAIConfig{
Project: "my-gcp-project",
Location: "us-central1",
},
expectError: false,
validate: func(t *testing.T, p *Provider, err error) {
assert.NoError(t, err)
assert.NotNil(t, p)
// Client creation may fail without proper GCP credentials in test env
// but provider should be created
},
},
{
name: "creates Vertex AI provider without project",
cfg: config.VertexAIConfig{
Project: "",
Location: "us-central1",
},
expectError: false,
validate: func(t *testing.T, p *Provider, err error) {
assert.NoError(t, err)
assert.NotNil(t, p)
assert.Nil(t, p.client)
},
},
{
name: "creates Vertex AI provider without location",
cfg: config.VertexAIConfig{
Project: "my-gcp-project",
Location: "",
},
expectError: false,
validate: func(t *testing.T, p *Provider, err error) {
assert.NoError(t, err)
assert.NotNil(t, p)
assert.Nil(t, p.client)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p, err := NewVertexAI(tt.cfg)
tt.validate(t, p, err)
})
}
}
func TestProvider_Name(t *testing.T) {
p := &Provider{}
assert.Equal(t, "google", p.Name())
}
func TestProvider_Generate_Validation(t *testing.T) {
tests := []struct {
name string
provider *Provider
messages []api.Message
req *api.ResponseRequest
expectError bool
errorMsg string
}{
{
name: "returns error when client not initialized",
provider: &Provider{
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "gemini-2.0-flash",
},
expectError: true,
errorMsg: "client not initialized",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result, err := tt.provider.Generate(context.Background(), tt.messages, tt.req)
if tt.expectError {
assert.Error(t, err)
assert.Nil(t, result)
if tt.errorMsg != "" {
assert.Contains(t, err.Error(), tt.errorMsg)
}
} else {
assert.NoError(t, err)
assert.NotNil(t, result)
}
})
}
}
func TestProvider_GenerateStream_Validation(t *testing.T) {
tests := []struct {
name string
provider *Provider
messages []api.Message
req *api.ResponseRequest
expectError bool
errorMsg string
}{
{
name: "returns error when client not initialized",
provider: &Provider{
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "gemini-2.0-flash",
},
expectError: true,
errorMsg: "client not initialized",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
deltaChan, errChan := tt.provider.GenerateStream(context.Background(), tt.messages, tt.req)
// Read from channels
var receivedError error
for {
select {
case _, ok := <-deltaChan:
if !ok {
deltaChan = nil
}
case err, ok := <-errChan:
if ok && err != nil {
receivedError = err
}
errChan = nil
}
if deltaChan == nil && errChan == nil {
break
}
}
if tt.expectError {
require.Error(t, receivedError)
if tt.errorMsg != "" {
assert.Contains(t, receivedError.Error(), tt.errorMsg)
}
} else {
assert.NoError(t, receivedError)
}
})
}
}
func TestConvertMessages(t *testing.T) {
tests := []struct {
name string
messages []api.Message
expectedContents int
expectedSystem string
validate func(t *testing.T, contents []*genai.Content, systemText string)
}{
{
name: "converts user message",
messages: []api.Message{
{
Role: "user",
Content: []api.ContentBlock{
{Type: "input_text", Text: "Hello"},
},
},
},
expectedContents: 1,
expectedSystem: "",
validate: func(t *testing.T, contents []*genai.Content, systemText string) {
require.Len(t, contents, 1)
assert.Equal(t, "user", contents[0].Role)
assert.Equal(t, "", systemText)
},
},
{
name: "extracts system message",
messages: []api.Message{
{
Role: "system",
Content: []api.ContentBlock{
{Type: "input_text", Text: "You are a helpful assistant"},
},
},
{
Role: "user",
Content: []api.ContentBlock{
{Type: "input_text", Text: "Hello"},
},
},
},
expectedContents: 1,
expectedSystem: "You are a helpful assistant",
validate: func(t *testing.T, contents []*genai.Content, systemText string) {
require.Len(t, contents, 1)
assert.Equal(t, "You are a helpful assistant", systemText)
assert.Equal(t, "user", contents[0].Role)
},
},
{
name: "converts assistant message with tool calls",
messages: []api.Message{
{
Role: "assistant",
Content: []api.ContentBlock{
{Type: "output_text", Text: "Let me check the weather"},
},
ToolCalls: []api.ToolCall{
{
ID: "call_123",
Name: "get_weather",
Arguments: `{"location": "SF"}`,
},
},
},
},
expectedContents: 1,
validate: func(t *testing.T, contents []*genai.Content, systemText string) {
require.Len(t, contents, 1)
assert.Equal(t, "model", contents[0].Role)
// Should have text part and function call part
assert.GreaterOrEqual(t, len(contents[0].Parts), 1)
},
},
{
name: "converts tool result message",
messages: []api.Message{
{
Role: "assistant",
ToolCalls: []api.ToolCall{
{ID: "call_123", Name: "get_weather", Arguments: "{}"},
},
},
{
Role: "tool",
CallID: "call_123",
Name: "get_weather",
Content: []api.ContentBlock{
{Type: "output_text", Text: `{"temp": 72}`},
},
},
},
expectedContents: 2,
validate: func(t *testing.T, contents []*genai.Content, systemText string) {
require.Len(t, contents, 2)
// Tool result should be in user role
assert.Equal(t, "user", contents[1].Role)
require.Len(t, contents[1].Parts, 1)
assert.NotNil(t, contents[1].Parts[0].FunctionResponse)
},
},
{
name: "handles developer message as system",
messages: []api.Message{
{
Role: "developer",
Content: []api.ContentBlock{
{Type: "input_text", Text: "Developer instruction"},
},
},
},
expectedContents: 0,
expectedSystem: "Developer instruction",
validate: func(t *testing.T, contents []*genai.Content, systemText string) {
assert.Len(t, contents, 0)
assert.Equal(t, "Developer instruction", systemText)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
contents, systemText := convertMessages(tt.messages)
assert.Len(t, contents, tt.expectedContents)
assert.Equal(t, tt.expectedSystem, systemText)
if tt.validate != nil {
tt.validate(t, contents, systemText)
}
})
}
}
func TestBuildConfig(t *testing.T) {
tests := []struct {
name string
systemText string
req *api.ResponseRequest
tools []*genai.Tool
toolConfig *genai.ToolConfig
expectNil bool
validate func(t *testing.T, cfg *genai.GenerateContentConfig)
}{
{
name: "returns nil when no config needed",
systemText: "",
req: &api.ResponseRequest{},
tools: nil,
toolConfig: nil,
expectNil: true,
},
{
name: "creates config with system text",
systemText: "You are helpful",
req: &api.ResponseRequest{},
expectNil: false,
validate: func(t *testing.T, cfg *genai.GenerateContentConfig) {
require.NotNil(t, cfg)
require.NotNil(t, cfg.SystemInstruction)
assert.Len(t, cfg.SystemInstruction.Parts, 1)
},
},
{
name: "creates config with max tokens",
systemText: "",
req: &api.ResponseRequest{
MaxOutputTokens: intPtr(1000),
},
expectNil: false,
validate: func(t *testing.T, cfg *genai.GenerateContentConfig) {
require.NotNil(t, cfg)
assert.Equal(t, int32(1000), cfg.MaxOutputTokens)
},
},
{
name: "creates config with temperature",
systemText: "",
req: &api.ResponseRequest{
Temperature: float64Ptr(0.7),
},
expectNil: false,
validate: func(t *testing.T, cfg *genai.GenerateContentConfig) {
require.NotNil(t, cfg)
require.NotNil(t, cfg.Temperature)
assert.Equal(t, float32(0.7), *cfg.Temperature)
},
},
{
name: "creates config with top_p",
systemText: "",
req: &api.ResponseRequest{
TopP: float64Ptr(0.9),
},
expectNil: false,
validate: func(t *testing.T, cfg *genai.GenerateContentConfig) {
require.NotNil(t, cfg)
require.NotNil(t, cfg.TopP)
assert.Equal(t, float32(0.9), *cfg.TopP)
},
},
{
name: "creates config with tools",
systemText: "",
req: &api.ResponseRequest{},
tools: []*genai.Tool{
{
FunctionDeclarations: []*genai.FunctionDeclaration{
{Name: "get_weather"},
},
},
},
expectNil: false,
validate: func(t *testing.T, cfg *genai.GenerateContentConfig) {
require.NotNil(t, cfg)
require.Len(t, cfg.Tools, 1)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
cfg := buildConfig(tt.systemText, tt.req, tt.tools, tt.toolConfig)
if tt.expectNil {
assert.Nil(t, cfg)
} else {
require.NotNil(t, cfg)
if tt.validate != nil {
tt.validate(t, cfg)
}
}
})
}
}
func TestChooseModel(t *testing.T) {
tests := []struct {
name string
requested string
defaultModel string
expected string
}{
{
name: "returns requested model when provided",
requested: "gemini-1.5-pro",
defaultModel: "gemini-2.0-flash",
expected: "gemini-1.5-pro",
},
{
name: "returns default model when requested is empty",
requested: "",
defaultModel: "gemini-2.0-flash",
expected: "gemini-2.0-flash",
},
{
name: "returns fallback when both empty",
requested: "",
defaultModel: "",
expected: "gemini-2.0-flash-exp",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := chooseModel(tt.requested, tt.defaultModel)
assert.Equal(t, tt.expected, result)
})
}
}
func TestExtractToolCallDelta(t *testing.T) {
tests := []struct {
name string
part *genai.Part
index int
expected *api.ToolCallDelta
}{
{
name: "extracts tool call delta",
part: &genai.Part{
FunctionCall: &genai.FunctionCall{
ID: "call_123",
Name: "get_weather",
Args: map[string]any{"location": "SF"},
},
},
index: 0,
expected: &api.ToolCallDelta{
Index: 0,
ID: "call_123",
Name: "get_weather",
Arguments: `{"location":"SF"}`,
},
},
{
name: "returns nil for nil part",
part: nil,
index: 0,
expected: nil,
},
{
name: "returns nil for part without function call",
part: &genai.Part{Text: "Hello"},
index: 0,
expected: nil,
},
{
name: "generates ID when not provided",
part: &genai.Part{
FunctionCall: &genai.FunctionCall{
ID: "",
Name: "get_time",
Args: map[string]any{},
},
},
index: 1,
expected: &api.ToolCallDelta{
Index: 1,
Name: "get_time",
Arguments: `{}`,
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := extractToolCallDelta(tt.part, tt.index)
if tt.expected == nil {
assert.Nil(t, result)
} else {
require.NotNil(t, result)
assert.Equal(t, tt.expected.Index, result.Index)
assert.Equal(t, tt.expected.Name, result.Name)
if tt.part != nil && tt.part.FunctionCall != nil && tt.part.FunctionCall.ID != "" {
assert.Equal(t, tt.expected.ID, result.ID)
} else if tt.expected.ID == "" {
// Generated ID should start with "call_"
assert.Contains(t, result.ID, "call_")
}
}
})
}
}
// Helper functions
func intPtr(i int) *int {
return &i
}
func float64Ptr(f float64) *float64 {
return &f
}

304
internal/providers/openai/openai_test.go Normal file
View File

@@ -0,0 +1,304 @@
package openai
import (
"context"
"testing"
"github.com/ajac-zero/latticelm/internal/api"
"github.com/ajac-zero/latticelm/internal/config"
"github.com/openai/openai-go/v3"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
func TestNew(t *testing.T) {
tests := []struct {
name string
cfg config.ProviderConfig
validate func(t *testing.T, p *Provider)
}{
{
name: "creates provider with API key",
cfg: config.ProviderConfig{
APIKey: "sk-test-key",
Model: "gpt-4o",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.NotNil(t, p.client)
assert.Equal(t, "sk-test-key", p.cfg.APIKey)
assert.Equal(t, "gpt-4o", p.cfg.Model)
assert.False(t, p.azure)
},
},
{
name: "creates provider without API key",
cfg: config.ProviderConfig{
APIKey: "",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.Nil(t, p.client)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := New(tt.cfg)
tt.validate(t, p)
})
}
}
func TestNewAzure(t *testing.T) {
tests := []struct {
name string
cfg config.AzureOpenAIConfig
validate func(t *testing.T, p *Provider)
}{
{
name: "creates Azure provider with endpoint and API key",
cfg: config.AzureOpenAIConfig{
APIKey: "azure-key",
Endpoint: "https://test.openai.azure.com",
APIVersion: "2024-02-15-preview",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.NotNil(t, p.client)
assert.Equal(t, "azure-key", p.cfg.APIKey)
assert.True(t, p.azure)
},
},
{
name: "creates Azure provider with default API version",
cfg: config.AzureOpenAIConfig{
APIKey: "azure-key",
Endpoint: "https://test.openai.azure.com",
APIVersion: "",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.NotNil(t, p.client)
assert.True(t, p.azure)
},
},
{
name: "creates Azure provider without API key",
cfg: config.AzureOpenAIConfig{
APIKey: "",
Endpoint: "https://test.openai.azure.com",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.Nil(t, p.client)
assert.True(t, p.azure)
},
},
{
name: "creates Azure provider without endpoint",
cfg: config.AzureOpenAIConfig{
APIKey: "azure-key",
Endpoint: "",
},
validate: func(t *testing.T, p *Provider) {
assert.NotNil(t, p)
assert.Nil(t, p.client)
assert.True(t, p.azure)
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := NewAzure(tt.cfg)
tt.validate(t, p)
})
}
}
func TestProvider_Name(t *testing.T) {
p := New(config.ProviderConfig{})
assert.Equal(t, "openai", p.Name())
}
func TestProvider_Generate_Validation(t *testing.T) {
tests := []struct {
name string
provider *Provider
messages []api.Message
req *api.ResponseRequest
expectError bool
errorMsg string
}{
{
name: "returns error when API key missing",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: ""},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "gpt-4o",
},
expectError: true,
errorMsg: "api key missing",
},
{
name: "returns error when client not initialized",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: "sk-test"},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "gpt-4o",
},
expectError: true,
errorMsg: "client not initialized",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result, err := tt.provider.Generate(context.Background(), tt.messages, tt.req)
if tt.expectError {
assert.Error(t, err)
assert.Nil(t, result)
if tt.errorMsg != "" {
assert.Contains(t, err.Error(), tt.errorMsg)
}
} else {
assert.NoError(t, err)
assert.NotNil(t, result)
}
})
}
}
func TestProvider_GenerateStream_Validation(t *testing.T) {
tests := []struct {
name string
provider *Provider
messages []api.Message
req *api.ResponseRequest
expectError bool
errorMsg string
}{
{
name: "returns error when API key missing",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: ""},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "gpt-4o",
},
expectError: true,
errorMsg: "api key missing",
},
{
name: "returns error when client not initialized",
provider: &Provider{
cfg: config.ProviderConfig{APIKey: "sk-test"},
client: nil,
},
messages: []api.Message{
{Role: "user", Content: []api.ContentBlock{{Type: "input_text", Text: "Hello"}}},
},
req: &api.ResponseRequest{
Model: "gpt-4o",
},
expectError: true,
errorMsg: "client not initialized",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
deltaChan, errChan := tt.provider.GenerateStream(context.Background(), tt.messages, tt.req)
// Read from channels
var receivedError error
for {
select {
case _, ok := <-deltaChan:
if !ok {
deltaChan = nil
}
case err, ok := <-errChan:
if ok && err != nil {
receivedError = err
}
errChan = nil
}
if deltaChan == nil && errChan == nil {
break
}
}
if tt.expectError {
require.Error(t, receivedError)
if tt.errorMsg != "" {
assert.Contains(t, receivedError.Error(), tt.errorMsg)
}
} else {
assert.NoError(t, receivedError)
}
})
}
}
func TestChooseModel(t *testing.T) {
tests := []struct {
name string
requested string
defaultModel string
expected string
}{
{
name: "returns requested model when provided",
requested: "gpt-4o",
defaultModel: "gpt-4o-mini",
expected: "gpt-4o",
},
{
name: "returns default model when requested is empty",
requested: "",
defaultModel: "gpt-4o-mini",
expected: "gpt-4o-mini",
},
{
name: "returns fallback when both empty",
requested: "",
defaultModel: "",
expected: "gpt-4o-mini",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
result := chooseModel(tt.requested, tt.defaultModel)
assert.Equal(t, tt.expected, result)
})
}
}
func TestExtractToolCalls_Integration(t *testing.T) {
// Additional integration tests for extractToolCalls beyond convert_test.go
t.Run("handles empty message", func(t *testing.T) {
msg := openai.ChatCompletionMessage{}
result := extractToolCalls(msg)
assert.Nil(t, result)
})
}

5
internal/providers/providers.go
View File

@@ -136,6 +136,9 @@ func (r *Registry) Get(name string) (Provider, bool) {
func (r *Registry) Models() []struct{ Provider, Model string } {
var out []struct{ Provider, Model string }
for _, m := range r.modelList {
if _, ok := r.providers[m.Provider]; !ok {
continue
}
out = append(out, struct{ Provider, Model string }{Provider: m.Provider, Model: m.Name})
}
return out
@@ -156,7 +159,9 @@ func (r *Registry) Default(model string) (Provider, error) {
if p, ok := r.providers[providerName]; ok {
return p, nil
}
return nil, fmt.Errorf("model %q is mapped to provider %q, but that provider is not available", model, providerName)
}
return nil, fmt.Errorf("model %q not configured", model)
}
for _, p := range r.providers {

58
internal/providers/providers_test.go
View File

@@ -475,7 +475,7 @@ func TestRegistry_Default(t *testing.T) {
},
},
{
name: "returns first provider for unknown model",
name: "returns error for unknown model",
setupReg: func() *Registry {
reg, _ := NewRegistry(
map[string]config.ProviderEntry{
@@ -490,11 +490,34 @@ func TestRegistry_Default(t *testing.T) {
)
return reg
},
modelName: "unknown-model",
validate: func(t *testing.T, p Provider) {
assert.NotNil(t, p)
// Should return first available provider
modelName: "unknown-model",
expectError: true,
errorMsg: "not configured",
},
{
name: "returns error for model whose provider is unavailable",
setupReg: func() *Registry {
reg, _ := NewRegistry(
map[string]config.ProviderEntry{
"openai": {
Type: "openai",
APIKey: "", // unavailable provider
},
"google": {
Type: "google",
APIKey: "test-key",
},
},
[]config.ModelEntry{
{Name: "gpt-4", Provider: "openai"},
{Name: "gemini-pro", Provider: "google"},
},
)
return reg
},
modelName: "gpt-4",
expectError: true,
errorMsg: "not available",
},
{
name: "returns first provider for empty model name",
@@ -542,6 +565,31 @@ func TestRegistry_Default(t *testing.T) {
}
}
func TestRegistry_Models_FiltersUnavailableProviders(t *testing.T) {
reg, err := NewRegistry(
map[string]config.ProviderEntry{
"openai": {
Type: "openai",
APIKey: "", // unavailable provider
},
"google": {
Type: "google",
APIKey: "test-key",
},
},
[]config.ModelEntry{
{Name: "gpt-4", Provider: "openai"},
{Name: "gemini-pro", Provider: "google"},
},
)
require.NoError(t, err)
models := reg.Models()
require.Len(t, models, 1)
assert.Equal(t, "gemini-pro", models[0].Model)
assert.Equal(t, "google", models[0].Provider)
}
func TestBuildProvider(t *testing.T) {
tests := []struct {
name string

10
internal/server/server.go
View File

@@ -239,17 +239,17 @@ func (s *GatewayServer) handleSyncResponse(w http.ResponseWriter, r *http.Reques
}
func (s *GatewayServer) handleStreamingResponse(w http.ResponseWriter, r *http.Request, provider providers.Provider, providerMsgs []api.Message, resolvedReq *api.ResponseRequest, origReq *api.ResponseRequest, storeMsgs []api.Message) {
w.Header().Set("Content-Type", "text/event-stream")
w.Header().Set("Cache-Control", "no-cache")
w.Header().Set("Connection", "keep-alive")
w.WriteHeader(http.StatusOK)
flusher, ok := w.(http.Flusher)
if !ok {
http.Error(w, "streaming not supported", http.StatusInternalServerError)
return
}
w.Header().Set("Content-Type", "text/event-stream")
w.Header().Set("Cache-Control", "no-cache")
w.Header().Set("Connection", "keep-alive")
w.WriteHeader(http.StatusOK)
responseID := generateID("resp_")
itemID := generateID("msg_")
seq := 0

53
internal/server/streaming_writer_test.go Normal file
View File

@@ -0,0 +1,53 @@
package server
import (
"io"
"log/slog"
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
)
type nonFlusherRecorder struct {
recorder *httptest.ResponseRecorder
writeHeaderCalls int
}
func newNonFlusherRecorder() *nonFlusherRecorder {
return &nonFlusherRecorder{recorder: httptest.NewRecorder()}
}
func (w *nonFlusherRecorder) Header() http.Header {
return w.recorder.Header()
}
func (w *nonFlusherRecorder) Write(b []byte) (int, error) {
return w.recorder.Write(b)
}
func (w *nonFlusherRecorder) WriteHeader(statusCode int) {
w.writeHeaderCalls++
w.recorder.WriteHeader(statusCode)
}
func (w *nonFlusherRecorder) StatusCode() int {
return w.recorder.Code
}
func (w *nonFlusherRecorder) BodyString() string {
return w.recorder.Body.String()
}
func TestHandleStreamingResponseWithoutFlusherWritesSingleErrorHeader(t *testing.T) {
s := New(nil, nil, slog.New(slog.NewTextHandler(io.Discard, nil)))
req := httptest.NewRequest(http.MethodPost, "/v1/responses", nil)
w := newNonFlusherRecorder()
s.handleStreamingResponse(w, req, nil, nil, nil, nil, nil)
assert.Equal(t, 1, w.writeHeaderCalls)
assert.Equal(t, http.StatusInternalServerError, w.StatusCode())
assert.Contains(t, w.BodyString(), "streaming not supported")
}

1122
k8s/README.md
View File

File diff suppressed because it is too large Load Diff

BIN
scripts/__pycache__/chat.cpython-312.pyc Normal file
View File

Binary file not shown.

51
scripts/chat.py
View File

@@ -135,6 +135,41 @@ class ChatClient:
return self._stream_response(model)
else:
return self._sync_response(model)
@staticmethod
def _get_attr(obj: Any, key: str, default: Any = None) -> Any:
"""Access object attributes safely for both SDK objects and dicts."""
if obj is None:
return default
if isinstance(obj, dict):
return obj.get(key, default)
return getattr(obj, key, default)
def _extract_stream_error(self, event: Any) -> str:
"""Extract error message from a response.failed event."""
response = self._get_attr(event, "response")
error = self._get_attr(response, "error")
message = self._get_attr(error, "message")
if message:
return str(message)
return "streaming request failed"
def _extract_completed_text(self, event: Any) -> str:
"""Extract assistant output text from a response.completed event."""
response = self._get_attr(event, "response")
output_items = self._get_attr(response, "output", []) or []
text_parts = []
for item in output_items:
if self._get_attr(item, "type") != "message":
continue
for part in self._get_attr(item, "content", []) or []:
if self._get_attr(part, "type") == "output_text":
text = self._get_attr(part, "text", "")
if text:
text_parts.append(str(text))
return "".join(text_parts)
def _sync_response(self, model: str) -> str:
"""Non-streaming response with tool support."""
@@ -225,6 +260,7 @@ class ChatClient:
while iteration < max_iterations:
iteration += 1
assistant_text = ""
stream_error = None
tool_calls = {} # Dict to track tool calls by item_id
tool_calls_list = [] # Final list of completed tool calls
assistant_content = []
@@ -244,6 +280,15 @@ class ChatClient:
if event.type == "response.output_text.delta":
assistant_text += event.delta
live.update(Markdown(assistant_text))
elif event.type == "response.completed":
# Some providers may emit final text only in response.completed.
if not assistant_text:
completed_text = self._extract_completed_text(event)
if completed_text:
assistant_text = completed_text
live.update(Markdown(assistant_text))
elif event.type == "response.failed":
stream_error = self._extract_stream_error(event)
elif event.type == "response.output_item.added":
if hasattr(event, 'item') and event.item.type == "function_call":
# Start tracking a new tool call
@@ -270,6 +315,10 @@ class ChatClient:
except json.JSONDecodeError:
self.console.print(f"[red]Error parsing tool arguments JSON[/red]")
if stream_error:
self.console.print(f"[bold red]Error:[/bold red] {stream_error}")
return ""
# Build assistant content
if assistant_text:
assistant_content.append({"type": "output_text", "text": assistant_text})
@@ -485,7 +534,7 @@ def main():
console.print(Markdown(response))
except APIStatusError as e:
console.print(f"[bold red]Error {e.status_code}:[/bold red] {e.message}")
console.print(f"[bold red]Error {e.status_code}:[/bold red] {str(e)}")
except Exception as e:
console.print(f"[bold red]Error:[/bold red] {e}")

98
test_security_fixes.sh
View File

@@ -1,98 +0,0 @@
#!/bin/bash
# Test script to verify security fixes are working
# Usage: ./test_security_fixes.sh [server_url]
SERVER_URL="${1:-http://localhost:8080}"
GREEN='\033[0;32m'
RED='\033[0;31m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
echo "Testing security improvements on $SERVER_URL"
echo "================================================"
echo ""
# Test 1: Request size limit
echo -e "${YELLOW}Test 1: Request Size Limit${NC}"
echo "Sending a request with 11MB payload (exceeds 10MB limit)..."
# Generate large payload
LARGE_PAYLOAD=$(python3 -c "import json; print(json.dumps({'model': 'test', 'input': 'x' * 11000000}))" 2>/dev/null || \
perl -e 'print "{\"model\":\"test\",\"input\":\"" . ("x" x 11000000) . "\"}"')
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X POST "$SERVER_URL/v1/responses" \
-H "Content-Type: application/json" \
-d "$LARGE_PAYLOAD" \
--max-time 5 2>/dev/null)
if [ "$HTTP_CODE" = "413" ]; then
echo -e "${GREEN}✓ PASS: Received HTTP 413 (Request Entity Too Large)${NC}"
else
echo -e "${RED}✗ FAIL: Expected 413, got $HTTP_CODE${NC}"
fi
echo ""
# Test 2: Normal request size
echo -e "${YELLOW}Test 2: Normal Request Size${NC}"
echo "Sending a small valid request..."
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X POST "$SERVER_URL/v1/responses" \
-H "Content-Type: application/json" \
-d '{"model":"test","input":"hello"}' \
--max-time 5 2>/dev/null)
# Expected: either 400 (invalid model) or 502 (provider error), but NOT 413
if [ "$HTTP_CODE" != "413" ]; then
echo -e "${GREEN}✓ PASS: Request not rejected by size limit (HTTP $HTTP_CODE)${NC}"
else
echo -e "${RED}✗ FAIL: Small request incorrectly rejected with 413${NC}"
fi
echo ""
# Test 3: Health endpoint
echo -e "${YELLOW}Test 3: Health Endpoint${NC}"
echo "Checking /health endpoint..."
RESPONSE=$(curl -s -X GET "$SERVER_URL/health" --max-time 5 2>/dev/null)
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X GET "$SERVER_URL/health" --max-time 5 2>/dev/null)
if [ "$HTTP_CODE" = "200" ] && echo "$RESPONSE" | grep -q "healthy"; then
echo -e "${GREEN}✓ PASS: Health endpoint responding correctly${NC}"
else
echo -e "${RED}✗ FAIL: Health endpoint not responding correctly (HTTP $HTTP_CODE)${NC}"
fi
echo ""
# Test 4: Ready endpoint
echo -e "${YELLOW}Test 4: Ready Endpoint${NC}"
echo "Checking /ready endpoint..."
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X GET "$SERVER_URL/ready" --max-time 5 2>/dev/null)
if [ "$HTTP_CODE" = "200" ] || [ "$HTTP_CODE" = "503" ]; then
echo -e "${GREEN}✓ PASS: Ready endpoint responding (HTTP $HTTP_CODE)${NC}"
else
echo -e "${RED}✗ FAIL: Ready endpoint not responding correctly (HTTP $HTTP_CODE)${NC}"
fi
echo ""
# Test 5: Models endpoint
echo -e "${YELLOW}Test 5: Models Endpoint${NC}"
echo "Checking /v1/models endpoint..."
RESPONSE=$(curl -s -X GET "$SERVER_URL/v1/models" --max-time 5 2>/dev/null)
HTTP_CODE=$(curl -s -o /dev/null -w "%{http_code}" -X GET "$SERVER_URL/v1/models" --max-time 5 2>/dev/null)
if [ "$HTTP_CODE" = "200" ] && echo "$RESPONSE" | grep -q "object"; then
echo -e "${GREEN}✓ PASS: Models endpoint responding correctly${NC}"
else
echo -e "${RED}✗ FAIL: Models endpoint not responding correctly (HTTP $HTTP_CODE)${NC}"
fi
echo ""
echo "================================================"
echo -e "${GREEN}Testing complete!${NC}"
echo ""
echo "Note: Panic recovery cannot be tested externally without"
echo "causing intentional server errors. It has been verified"
echo "through unit tests in middleware_test.go"