NotificationsYou must be signed in to change notification settings
Fork1k
Star11.1k

Commit0a79817

authored

feat: initializeaibridged & mount API handler (#19798)

1 parent6971f61 commit0a79817Copy full SHA for 0a79817

File tree

14 files changed

+798

-39

lines changed

coderd
- coderd.go
- database
  - dbauthz
    - dbauthz.go
    - dbauthz_test.go
  - dbmetrics
    - querymetrics.go
  - dbmock
    - dbmock.go
  - querier.go
  - queries.sql.go
  - queries
    - aibridge.sql
enterprise
- cli
  - aibridged.go
  - server.go
- coderd
  - aibridged.go
- x/aibridged

14 files changed

+798

-39

lines changed

`‎coderd/coderd.go‎`

Lines changed: 7 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -44,6 +44,8 @@ import (`
`44`	`44`	`"tailscale.com/types/key"`
`45`	`45`	`"tailscale.com/util/singleflight"`
`46`	`46`
	`47`	`+"github.com/coder/coder/v2/provisionerd/proto"`
	`48`	`+`
`47`	`49`	`"cdr.dev/slog"`
`48`	`50`	`"github.com/coder/quartz"`
`49`	`51`	`"github.com/coder/serpent"`
`@@ -95,7 +97,6 @@ import (`
`95`	`97`	`"github.com/coder/coder/v2/coderd/workspacestats"`
`96`	`98`	`"github.com/coder/coder/v2/codersdk"`
`97`	`99`	`"github.com/coder/coder/v2/codersdk/healthsdk"`
`98`		`-"github.com/coder/coder/v2/provisionerd/proto"`
`99`	`100`	`"github.com/coder/coder/v2/provisionersdk"`
`100`	`101`	`"github.com/coder/coder/v2/site"`
`101`	`102`	`"github.com/coder/coder/v2/tailnet"`
`@@ -999,6 +1000,11 @@ func New(options Options) API {`
`999`	`1000`
`1000`	`1001`	`// Experimental routes are not guaranteed to be stable and may change at any time.`
`1001`	`1002`	`r.Route("/api/experimental",func(r chi.Router) {`
	`1003`	`+r.NotFound(func(rw http.ResponseWriter,_*http.Request) {httpapi.RouteNotFound(rw) })`
	`1004`	`+`
	`1005`	`+// Only this group should be subject to apiKeyMiddleware; aibridged will mount its own`
	`1006`	`+// router and handles key validation in a different fashion.`
	`1007`	`+// See enterprise/x/aibridged/http.go.`
`1002`	`1008`	`r.Group(func(r chi.Router) {`
`1003`	`1009`	`r.Use(apiKeyMiddleware)`
`1004`	`1010`	`r.Route("/aitasks",func(r chi.Router) {`

`‎coderd/database/dbauthz/dbauthz.go‎`

Lines changed: 37 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -175,15 +175,15 @@ func (q *querier) authorizePrebuiltWorkspace(ctx context.Context, action policy.`
`175`	`175`	`returnxerrors.Errorf("authorize context: %w",workspaceErr)`
`176`	`176`	`}`
`177`	`177`
`178`		`-//authorizeAIBridgeInterceptionUpdate validates that the context's actor matches the initiator of the AIBridgeInterception.`
	`178`	`+//authorizeAIBridgeInterceptionAction validates that the context's actor matches the initiator of the AIBridgeInterception.`
`179`	`179`	`// This is used by all of the sub-resources which fall under the [ResourceAibridgeInterception] umbrella.`
`180`		`-func (q*querier)authorizeAIBridgeInterceptionUpdate(ctx context.Context,interceptionID uuid.UUID)error {`
	`180`	`+func (q*querier)authorizeAIBridgeInterceptionAction(ctx context.Context,action policy.Action,interceptionID uuid.UUID)error {`
`181`	`181`	`inter,err:=q.db.GetAIBridgeInterceptionByID(ctx,interceptionID)`
`182`	`182`	`iferr!=nil {`
`183`	`183`	`returnxerrors.Errorf("fetch aibridge interception %q: %w",interceptionID,err)`
`184`	`184`	`}`
`185`	`185`
`186`		`-err=q.authorizeContext(ctx,policy.ActionUpdate,inter.RBACObject())`
	`186`	`+err=q.authorizeContext(ctx,action,inter.RBACObject())`
`187`	`187`	`iferr!=nil {`
`188`	`188`	`returnerr`
`189`	`189`	`}`
`@@ -1928,6 +1928,37 @@ func (q *querier) GetAIBridgeInterceptionByID(ctx context.Context, id uuid.UUID)`
`1928`	`1928`	`returnfetch(q.log,q.auth,q.db.GetAIBridgeInterceptionByID)(ctx,id)`
`1929`	`1929`	`}`
`1930`	`1930`
	`1931`	`+func (q*querier)GetAIBridgeInterceptions(ctx context.Context) ([]database.AIBridgeInterception,error) {`
	`1932`	`+fetch:=func(ctx context.Context,_any) ([]database.AIBridgeInterception,error) {`
	`1933`	`+returnq.db.GetAIBridgeInterceptions(ctx)`
	`1934`	`+}`
	`1935`	`+returnfetchWithPostFilter(q.auth,policy.ActionRead,fetch)(ctx,nil)`
	`1936`	`+}`
	`1937`	`+`
	`1938`	`+func (q*querier)GetAIBridgeTokenUsagesByInterceptionID(ctx context.Context,interceptionID uuid.UUID) ([]database.AIBridgeTokenUsage,error) {`
	`1939`	`+// All aibridge_token_usages records belong to the initiator of their associated interception.`
	`1940`	`+iferr:=q.authorizeAIBridgeInterceptionAction(ctx,policy.ActionRead,interceptionID);err!=nil {`
	`1941`	`+returnnil,err`
	`1942`	`+}`
	`1943`	`+returnq.db.GetAIBridgeTokenUsagesByInterceptionID(ctx,interceptionID)`
	`1944`	`+}`
	`1945`	`+`
	`1946`	`+func (q*querier)GetAIBridgeToolUsagesByInterceptionID(ctx context.Context,interceptionID uuid.UUID) ([]database.AIBridgeToolUsage,error) {`
	`1947`	`+// All aibridge_token_usages records belong to the initiator of their associated interception.`
	`1948`	`+iferr:=q.authorizeAIBridgeInterceptionAction(ctx,policy.ActionRead,interceptionID);err!=nil {`
	`1949`	`+returnnil,err`
	`1950`	`+}`
	`1951`	`+returnq.db.GetAIBridgeToolUsagesByInterceptionID(ctx,interceptionID)`
	`1952`	`+}`
	`1953`	`+`
	`1954`	`+func (q*querier)GetAIBridgeUserPromptsByInterceptionID(ctx context.Context,interceptionID uuid.UUID) ([]database.AIBridgeUserPrompt,error) {`
	`1955`	`+// All aibridge_token_usages records belong to the initiator of their associated interception.`
	`1956`	`+iferr:=q.authorizeAIBridgeInterceptionAction(ctx,policy.ActionRead,interceptionID);err!=nil {`
	`1957`	`+returnnil,err`
	`1958`	`+}`
	`1959`	`+returnq.db.GetAIBridgeUserPromptsByInterceptionID(ctx,interceptionID)`
	`1960`	`+}`
	`1961`	`+`
`1931`	`1962`	`func (q*querier)GetAPIKeyByID(ctx context.Context,idstring) (database.APIKey,error) {`
`1932`	`1963`	`returnfetch(q.log,q.auth,q.db.GetAPIKeyByID)(ctx,id)`
`1933`	`1964`	`}`
`@@ -3813,23 +3844,23 @@ func (q *querier) InsertAIBridgeInterception(ctx context.Context, arg database.I`
`3813`	`3844`
`3814`	`3845`	`func (q*querier)InsertAIBridgeTokenUsage(ctx context.Context,arg database.InsertAIBridgeTokenUsageParams)error {`
`3815`	`3846`	`// All aibridge_token_usages records belong to the initiator of their associated interception.`
`3816`		`-iferr:=q.authorizeAIBridgeInterceptionUpdate(ctx,arg.InterceptionID);err!=nil {`
	`3847`	`+iferr:=q.authorizeAIBridgeInterceptionAction(ctx,policy.ActionUpdate,arg.InterceptionID);err!=nil {`
`3817`	`3848`	`returnerr`
`3818`	`3849`	`}`
`3819`	`3850`	`returnq.db.InsertAIBridgeTokenUsage(ctx,arg)`
`3820`	`3851`	`}`
`3821`	`3852`
`3822`	`3853`	`func (q*querier)InsertAIBridgeToolUsage(ctx context.Context,arg database.InsertAIBridgeToolUsageParams)error {`
`3823`	`3854`	`// All aibridge_tool_usages records belong to the initiator of their associated interception.`
`3824`		`-iferr:=q.authorizeAIBridgeInterceptionUpdate(ctx,arg.InterceptionID);err!=nil {`
	`3855`	`+iferr:=q.authorizeAIBridgeInterceptionAction(ctx,policy.ActionUpdate,arg.InterceptionID);err!=nil {`
`3825`	`3856`	`returnerr`
`3826`	`3857`	`}`
`3827`	`3858`	`returnq.db.InsertAIBridgeToolUsage(ctx,arg)`
`3828`	`3859`	`}`
`3829`	`3860`
`3830`	`3861`	`func (q*querier)InsertAIBridgeUserPrompt(ctx context.Context,arg database.InsertAIBridgeUserPromptParams)error {`
`3831`	`3862`	`// All aibridge_user_prompts records belong to the initiator of their associated interception.`
`3832`		`-iferr:=q.authorizeAIBridgeInterceptionUpdate(ctx,arg.InterceptionID);err!=nil {`
	`3863`	`+iferr:=q.authorizeAIBridgeInterceptionAction(ctx,policy.ActionUpdate,arg.InterceptionID);err!=nil {`
`3833`	`3864`	`returnerr`
`3834`	`3865`	`}`
`3835`	`3866`	`returnq.db.InsertAIBridgeUserPrompt(ctx,arg)`

`‎coderd/database/dbauthz/dbauthz_test.go‎`

Lines changed: 61 additions & 24 deletions

Original file line number	Diff line number	Diff line change
`@@ -4335,10 +4335,10 @@ func TestInsertAPIKey_AsPrebuildsUser(t *testing.T) {`
`4335`	`4335`
`4336`	`4336`	`func (s*MethodTestSuite)TestAIBridge() {`
`4337`	`4337`	`s.Run("GetAIBridgeInterceptionByID",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
`4338`		`-sessID:= uuid.UUID{2}`
`4339`		`-sess:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:sessID})`
`4340`		`-db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),sessID).Return(sess,nil).AnyTimes()`
`4341`		`-check.Args(sessID).Asserts(sess,policy.ActionRead).Returns(sess)`
	`4338`	`+intID:= uuid.UUID{2}`
	`4339`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4340`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()`
	`4341`	`+check.Args(intID).Asserts(intc,policy.ActionRead).Returns(intc)`
`4342`	`4342`	`}))`
`4343`	`4343`
`4344`	`4344`	`s.Run("InsertAIBridgeInterception",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
`@@ -4348,39 +4348,76 @@ func (s *MethodTestSuite) TestAIBridge() {`
`4348`	`4348`	`user.IsSystem=false`
`4349`	`4349`	`user.Deleted=false`
`4350`	`4350`
`4351`		`-sessID:= uuid.UUID{2}`
`4352`		`-sess:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:sessID,InitiatorID:initID})`
	`4351`	`+intID:= uuid.UUID{2}`
	`4352`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID,InitiatorID:initID})`
`4353`	`4353`
`4354`		`-params:= database.InsertAIBridgeInterceptionParams{ID:sess.ID,InitiatorID:sess.InitiatorID,Provider:sess.Provider,Model:sess.Model}`
	`4354`	`+params:= database.InsertAIBridgeInterceptionParams{ID:intc.ID,InitiatorID:intc.InitiatorID,Provider:intc.Provider,Model:intc.Model}`
`4355`	`4355`	`db.EXPECT().GetUserByID(gomock.Any(),initID).Return(user,nil).AnyTimes()// Validation.`
`4356`		`-db.EXPECT().InsertAIBridgeInterception(gomock.Any(),params).Return(sess,nil).AnyTimes()`
`4357`		`-check.Args(params).Asserts(sess,policy.ActionCreate)`
	`4356`	`+db.EXPECT().InsertAIBridgeInterception(gomock.Any(),params).Return(intc,nil).AnyTimes()`
	`4357`	`+check.Args(params).Asserts(intc,policy.ActionCreate)`
`4358`	`4358`	`}))`
`4359`	`4359`
`4360`	`4360`	`s.Run("InsertAIBridgeTokenUsage",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
`4361`		`-sessID:= uuid.UUID{2}`
`4362`		`-sess:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:sessID})`
`4363`		`-params:= database.InsertAIBridgeTokenUsageParams{InterceptionID:sess.ID}`
`4364`		`-db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),sessID).Return(sess,nil).AnyTimes()// Validation.`
	`4361`	`+intID:= uuid.UUID{2}`
	`4362`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4363`	`+params:= database.InsertAIBridgeTokenUsageParams{InterceptionID:intc.ID}`
	`4364`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()// Validation.`
`4365`	`4365`	`db.EXPECT().InsertAIBridgeTokenUsage(gomock.Any(),params).Return(nil).AnyTimes()`
`4366`		`-check.Args(params).Asserts(sess,policy.ActionUpdate)`
	`4366`	`+check.Args(params).Asserts(intc,policy.ActionUpdate)`
`4367`	`4367`	`}))`
`4368`	`4368`
`4369`	`4369`	`s.Run("InsertAIBridgeToolUsage",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
`4370`		`-sessID:= uuid.UUID{2}`
`4371`		`-sess:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:sessID})`
`4372`		`-params:= database.InsertAIBridgeToolUsageParams{InterceptionID:sess.ID}`
`4373`		`-db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),sessID).Return(sess,nil).AnyTimes()// Validation.`
	`4370`	`+intID:= uuid.UUID{2}`
	`4371`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4372`	`+params:= database.InsertAIBridgeToolUsageParams{InterceptionID:intc.ID}`
	`4373`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()// Validation.`
`4374`	`4374`	`db.EXPECT().InsertAIBridgeToolUsage(gomock.Any(),params).Return(nil).AnyTimes()`
`4375`		`-check.Args(params).Asserts(sess,policy.ActionUpdate)`
	`4375`	`+check.Args(params).Asserts(intc,policy.ActionUpdate)`
`4376`	`4376`	`}))`
`4377`	`4377`
`4378`	`4378`	`s.Run("InsertAIBridgeUserPrompt",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
`4379`		`-sessID:= uuid.UUID{2}`
`4380`		`-sess:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:sessID})`
`4381`		`-params:= database.InsertAIBridgeUserPromptParams{InterceptionID:sess.ID}`
`4382`		`-db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),sessID).Return(sess,nil).AnyTimes()// Validation.`
	`4379`	`+intID:= uuid.UUID{2}`
	`4380`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4381`	`+params:= database.InsertAIBridgeUserPromptParams{InterceptionID:intc.ID}`
	`4382`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()// Validation.`
`4383`	`4383`	`db.EXPECT().InsertAIBridgeUserPrompt(gomock.Any(),params).Return(nil).AnyTimes()`
`4384`		`-check.Args(params).Asserts(sess,policy.ActionUpdate)`
	`4384`	`+check.Args(params).Asserts(intc,policy.ActionUpdate)`
	`4385`	`+}))`
	`4386`	`+`
	`4387`	`+s.Run("GetAIBridgeInterceptions",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
	`4388`	`+a:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{})`
	`4389`	`+b:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{})`
	`4390`	`+db.EXPECT().GetAIBridgeInterceptions(gomock.Any()).Return([]database.AIBridgeInterception{a,b},nil).AnyTimes()`
	`4391`	`+check.Args().Asserts(a,policy.ActionRead,b,policy.ActionRead).Returns([]database.AIBridgeInterception{a,b})`
	`4392`	`+}))`
	`4393`	`+`
	`4394`	`+s.Run("GetAIBridgeTokenUsagesByInterceptionID",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
	`4395`	`+intID:= uuid.UUID{2}`
	`4396`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4397`	`+tok:=testutil.Fake(s.T(),faker, database.AIBridgeTokenUsage{InterceptionID:intID})`
	`4398`	`+toks:= []database.AIBridgeTokenUsage{tok}`
	`4399`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()// Validation.`
	`4400`	`+db.EXPECT().GetAIBridgeTokenUsagesByInterceptionID(gomock.Any(),intID).Return(toks,nil).AnyTimes()`
	`4401`	`+check.Args(intID).Asserts(intc,policy.ActionRead).Returns(toks)`
	`4402`	`+}))`
	`4403`	`+`
	`4404`	`+s.Run("GetAIBridgeToolUsagesByInterceptionID",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
	`4405`	`+intID:= uuid.UUID{2}`
	`4406`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4407`	`+tool:=testutil.Fake(s.T(),faker, database.AIBridgeToolUsage{InterceptionID:intID})`
	`4408`	`+tools:= []database.AIBridgeToolUsage{tool}`
	`4409`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()// Validation.`
	`4410`	`+db.EXPECT().GetAIBridgeToolUsagesByInterceptionID(gomock.Any(),intID).Return(tools,nil).AnyTimes()`
	`4411`	`+check.Args(intID).Asserts(intc,policy.ActionRead).Returns(tools)`
	`4412`	`+}))`
	`4413`	`+`
	`4414`	`+s.Run("GetAIBridgeUserPromptsByInterceptionID",s.Mocked(func(dbdbmock.MockStore,fakergofakeit.Faker,check*expects) {`
	`4415`	`+intID:= uuid.UUID{2}`
	`4416`	`+intc:=testutil.Fake(s.T(),faker, database.AIBridgeInterception{ID:intID})`
	`4417`	`+pr:=testutil.Fake(s.T(),faker, database.AIBridgeUserPrompt{InterceptionID:intID})`
	`4418`	`+prs:= []database.AIBridgeUserPrompt{pr}`
	`4419`	`+db.EXPECT().GetAIBridgeInterceptionByID(gomock.Any(),intID).Return(intc,nil).AnyTimes()// Validation.`
	`4420`	`+db.EXPECT().GetAIBridgeUserPromptsByInterceptionID(gomock.Any(),intID).Return(prs,nil).AnyTimes()`
	`4421`	`+check.Args(intID).Asserts(intc,policy.ActionRead).Returns(prs)`
`4385`	`4422`	`}))`
`4386`	`4423`	`}`

`‎coderd/database/dbmetrics/querymetrics.go‎`

Lines changed: 28 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/dbmock/dbmock.go‎`

Lines changed: 60 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

`‎coderd/database/querier.go‎`

Lines changed: 4 additions & 0 deletions

Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit0a79817

File tree

14 files changed

14 files changed

`‎coderd/coderd.go‎`

`‎coderd/database/dbauthz/dbauthz.go‎`

`‎coderd/database/dbauthz/dbauthz_test.go‎`

`‎coderd/database/dbmetrics/querymetrics.go‎`

`‎coderd/database/dbmock/dbmock.go‎`

`‎coderd/database/querier.go‎`

0 commit comments