mirror of
https://github.com/we-promise/sure.git
synced 2026-04-12 16:47:22 +00:00
84bfe5b7ab
* feat(helm): add Pipelock ConfigMap, scanning config, and consolidate compose - Add ConfigMap template rendering DLP, response scanning, MCP input/tool scanning, and forward proxy settings from values - Mount ConfigMap as /etc/pipelock/pipelock.yaml volume in deployment - Add checksum/config annotation for automatic pod restart on config change - Gate HTTPS_PROXY/HTTP_PROXY env injection on forwardProxy.enabled (skip in MCP-only mode) - Use hasKey for all boolean values to prevent Helm default swallowing false - Single source of truth for ports (forwardProxy.port/mcpProxy.port) - Pipelock-specific imagePullSecrets with fallback to app secrets - Merge standalone compose.example.pipelock.yml into compose.example.ai.yml - Add pipelock.example.yaml for Docker Compose users - Add exclude-paths to CI workflow for locale file false positives * Add external assistant support (OpenAI-compatible SSE proxy) Allow self-hosted instances to delegate chat to an external AI agent via an OpenAI-compatible streaming endpoint. Configurable per-family through Settings UI or ASSISTANT_TYPE env override. - Assistant::External::Client: SSE streaming HTTP client (no new gems) - Settings UI with type selector, env lock indicator, config status - Helm chart and Docker Compose env var support - 45 tests covering client, config, routing, controller, integration * Add session key routing, email allowlist, and config plumbing Route to the actual OpenClaw session via x-openclaw-session-key header instead of creating isolated sessions. Gate external assistant access behind an email allowlist (EXTERNAL_ASSISTANT_ALLOWED_EMAILS env var). Plumb session_key and allowedEmails through Helm chart, compose, and env template. * Add HTTPS_PROXY support to External::Client for Pipelock integration Net::HTTP does not auto-read HTTPS_PROXY/HTTP_PROXY env vars (unlike Faraday). Explicitly resolve proxy from environment in build_http so outbound traffic to the external assistant routes through Pipelock's forward proxy when enabled. Respects NO_PROXY for internal hosts. * Add UI fields for external assistant config (Setting-backed with env fallback) Follow the same pattern as OpenAI settings: database-backed Setting fields with env var defaults. Self-hosters can now configure the external assistant URL, token, and agent ID from the browser (Settings > Self-Hosting > AI Assistant) instead of requiring env vars. Fields disable when the corresponding env var is set. * Improve external assistant UI labels and add help text Change placeholder to generic OpenAI-compatible URL pattern. Add help text under each field explaining where the values come from: URL from agent provider, token for authentication, agent ID for multi-agent routing. * Add external assistant docs and fix URL help text Add External AI Assistant section to docs/hosting/ai.md covering setup (UI and env vars), how it works, Pipelock security scanning, access control, and Docker Compose example. Drop "chat completions" jargon from URL help text. * Harden external assistant: retry logic, disconnect UI, error handling, and test coverage - Add retry with backoff for transient network errors (no retry after streaming starts) - Add disconnect button with confirmation modal in self-hosting settings - Narrow rescue scope with fallback logging for unexpected errors - Safe cleanup of partial responses on stream interruption - Gate ai_available? on family assistant_type instead of OR-ing all providers - Truncate conversation history to last 20 messages - Proxy-aware HTTP client with NO_PROXY support - Sanitize protocol to use generic headers (X-Agent-Id, X-Session-Key) - Full test coverage for streaming, retries, proxy routing, config, and disconnect * Exclude external assistant client from Pipelock scan-diff False positive: `@token` instance variable flagged as "Credential in URL". Temporary workaround until Pipelock supports inline suppression. * Address review feedback: NO_PROXY boundary fix, SSE done flag, design tokens - Fix NO_PROXY matching to require domain boundary (exact match or .suffix), case-insensitive. Prevents badexample.com matching example.com. - Add done flag to SSE streaming so read_body stops after [DONE] - Move MAX_CONVERSATION_MESSAGES to class level - Use bg-success/bg-destructive design tokens for status indicators - Add rationale comment for pipelock scan exclusion - Update docs last-updated date * Address second round of review feedback - Allowlist email comparison is now case-insensitive and nil-safe - Cap SSE buffer at 1 MB to prevent memory blowup from malformed streams - Don't expose upstream HTTP response body in user-facing errors (log it instead) - Fix frozen string warning on buffer initialization - Fix "builtin" typo in docs (should be "built-in") * Protect completed responses from cleanup, sanitize error messages - Don't destroy a fully streamed assistant message if post-stream metadata update fails (only cleanup partial responses) - Log raw connection/HTTP errors internally, show generic messages to users to avoid leaking network/proxy details - Update test assertions for new error message wording * Fix SSE content guard and NO_PROXY test correctness Use nil check instead of present? for SSE delta content to preserve whitespace-only chunks (newlines, spaces) that can occur in code output. Fix NO_PROXY test to use HTTP_PROXY matching the http:// client URL so the proxy resolution and NO_PROXY bypass logic are actually exercised. * Forward proxy credentials to Net::HTTP Pass proxy_uri.user and proxy_uri.password to Net::HTTP.new so authenticated proxies (http://user:pass@host:port) work correctly. Without this, credentials parsed from the proxy URL were silently dropped. Nil values are safe as positional args when no creds exist. * Update pipelock integration to v0.3.1 with full scanning config Bump Helm image tag from 0.2.7 to 0.3.1. Add missing security sections to both the Helm ConfigMap and compose example config: mcp_tool_policy, mcp_session_binding, and tool_chain_detection. These protect the /mcp endpoint against tool injection, session hijacking, and multi-step exfiltration chains. Add version and mode fields to config files. Enable include_defaults for DLP and response scanning to merge user patterns with the 35 built-in patterns. Remove redundant --mode CLI flag from the Helm deployment template since mode is now in the config file.
113 lines
5.3 KiB
Plaintext
113 lines
5.3 KiB
Plaintext
<div class="space-y-4">
|
|
<div>
|
|
<h2 class="font-medium mb-1"><%= t(".title") %></h2>
|
|
<% if ENV["ASSISTANT_TYPE"].present? %>
|
|
<p class="text-sm text-secondary"><%= t(".env_notice", type: ENV["ASSISTANT_TYPE"]) %></p>
|
|
<% else %>
|
|
<p class="text-secondary text-sm mb-4"><%= t(".description") %></p>
|
|
<% end %>
|
|
</div>
|
|
|
|
<% effective_type = ENV["ASSISTANT_TYPE"].presence || Current.family.assistant_type %>
|
|
|
|
<%= styled_form_with model: Current.family,
|
|
url: settings_hosting_path,
|
|
method: :patch,
|
|
class: "space-y-4",
|
|
data: {
|
|
controller: "auto-submit-form",
|
|
"auto-submit-form-trigger-event-value": "change"
|
|
} do |form| %>
|
|
<%= form.select :assistant_type,
|
|
options_for_select(
|
|
[
|
|
[t(".type_builtin"), "builtin"],
|
|
[t(".type_external"), "external"]
|
|
],
|
|
effective_type
|
|
),
|
|
{ label: t(".type_label") },
|
|
{ disabled: ENV["ASSISTANT_TYPE"].present?,
|
|
data: { "auto-submit-form-target": "auto" } } %>
|
|
<% end %>
|
|
<% if effective_type == "external" %>
|
|
<div class="flex items-center gap-2 text-sm mb-4">
|
|
<% if Assistant::External.configured? %>
|
|
<span class="inline-block w-2 h-2 rounded-full bg-success"></span>
|
|
<span class="text-secondary"><%= t(".external_configured") %></span>
|
|
<% else %>
|
|
<span class="inline-block w-2 h-2 rounded-full bg-destructive"></span>
|
|
<span class="text-secondary"><%= t(".external_not_configured") %></span>
|
|
<% end %>
|
|
</div>
|
|
|
|
<% if ENV["EXTERNAL_ASSISTANT_URL"].present? && ENV["EXTERNAL_ASSISTANT_TOKEN"].present? %>
|
|
<p class="text-sm text-secondary"><%= t(".env_configured_external") %></p>
|
|
<% end %>
|
|
|
|
<% if Assistant::External.configured? && !ENV["EXTERNAL_ASSISTANT_URL"].present? %>
|
|
<div class="flex items-center justify-between p-3 rounded-lg border border-primary">
|
|
<div>
|
|
<p class="text-sm font-medium text-primary"><%= t(".disconnect_title") %></p>
|
|
<p class="text-xs text-secondary"><%= t(".disconnect_description") %></p>
|
|
</div>
|
|
<%= button_to t(".disconnect_button"),
|
|
disconnect_external_assistant_settings_hosting_path,
|
|
method: :delete,
|
|
class: "bg-red-600 fg-inverse text-sm font-medium rounded-lg px-4 py-2 whitespace-nowrap",
|
|
data: { turbo_confirm: {
|
|
title: t(".confirm_disconnect.title"),
|
|
body: t(".confirm_disconnect.body"),
|
|
accept: t(".disconnect_button"),
|
|
acceptClass: "w-full bg-red-600 fg-inverse rounded-xl text-center p-[10px] border mb-2"
|
|
}} %>
|
|
</div>
|
|
<% end %>
|
|
|
|
<%= styled_form_with model: Setting.new,
|
|
url: settings_hosting_path,
|
|
method: :patch,
|
|
class: "space-y-4",
|
|
data: {
|
|
controller: "auto-submit-form",
|
|
"auto-submit-form-trigger-event-value": "blur"
|
|
} do |form| %>
|
|
<%= form.text_field :external_assistant_url,
|
|
label: t(".url_label"),
|
|
placeholder: t(".url_placeholder"),
|
|
value: Setting.external_assistant_url,
|
|
autocomplete: "off",
|
|
autocapitalize: "none",
|
|
spellcheck: "false",
|
|
inputmode: "url",
|
|
disabled: ENV["EXTERNAL_ASSISTANT_URL"].present?,
|
|
data: { "auto-submit-form-target": "auto" } %>
|
|
<p class="text-xs text-secondary mt-1"><%= t(".url_help") %></p>
|
|
|
|
<%= form.password_field :external_assistant_token,
|
|
label: t(".token_label"),
|
|
placeholder: t(".token_placeholder"),
|
|
value: (Setting.external_assistant_token.present? ? "********" : nil),
|
|
autocomplete: "off",
|
|
autocapitalize: "none",
|
|
spellcheck: "false",
|
|
inputmode: "text",
|
|
disabled: ENV["EXTERNAL_ASSISTANT_TOKEN"].present?,
|
|
data: { "auto-submit-form-target": "auto" } %>
|
|
<p class="text-xs text-secondary mt-1"><%= t(".token_help") %></p>
|
|
|
|
<%= form.text_field :external_assistant_agent_id,
|
|
label: t(".agent_id_label"),
|
|
placeholder: t(".agent_id_placeholder"),
|
|
value: Setting.external_assistant_agent_id,
|
|
autocomplete: "off",
|
|
autocapitalize: "none",
|
|
spellcheck: "false",
|
|
inputmode: "text",
|
|
disabled: ENV["EXTERNAL_ASSISTANT_AGENT_ID"].present?,
|
|
data: { "auto-submit-form-target": "auto" } %>
|
|
<p class="text-xs text-secondary mt-1"><%= t(".agent_id_help") %></p>
|
|
<% end %>
|
|
<% end %>
|
|
</div>
|