refactor(infra): promote OpenAI-compatible client from experimental to infra#921
refactor(infra): promote OpenAI-compatible client from experimental to infra#921garrett4wade wants to merge 10 commits intomainfrom
Conversation
Summary of ChangesHello @garrett4wade, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed! This pull request refactors the project's structure by promoting the OpenAI-compatible client and related infrastructure from an experimental module to a stable infrastructure module. This change establishes the agentic workflow components as production-ready. Concurrently, it removes outdated Highlights
🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console. Changelog
Ignored Files
Activity
Using Gemini Code AssistThe full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips. Invoking Gemini You can request assistance from Gemini at any point by creating a comment using either
Customization To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a Limitations & Feedback Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here. You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension. Footnotes
|
There was a problem hiding this comment.
Code Review
This pull request refactors the OpenAI-compatible client, promoting it from the experimental stage to a stable infrastructure component by moving modules from areal/experimental to areal/infra and updating import paths. However, the promoted infrastructure contains critical security vulnerabilities. Specifically, the ProxyRolloutServer and the internal callback server in RolloutController lack authentication and expose endpoints that allow for Remote Code Execution (RCE), environment variable injection, and arbitrary file deletion. Resolve these vulnerabilities before merging. Additionally, there is a medium-severity design issue related to a circular dependency introduced between the new areal.infra.openai and areal.infra.proxy packages that should be addressed.
…o infra Move OpenAI-compatible client infrastructure from areal/experimental/ to areal/infra/, establishing it as stable production code. This change reflects the maturity of the agentic workflow infrastructure. Key changes: - Move areal/experimental/openai/ → areal/infra/openai/ - Move areal/experimental/openai/proxy/ → areal/infra/proxy/ - Move areal/experimental/camel/ → areal/infra/camel/ - Relocate tests from areal/tests/experimental/openai/ to areal/tests/openai_client/ - Remove deprecated MultiTurnWorkflow implementations (multi_turn.py, multi_turn_v2.py) - Update all imports across the codebase - Add areal/tests/openai_client/ to CI test coverage
e07736b to
591c0ca
Compare
…o infra Move areal/experimental/openai to areal/infra/openai, promoting the OpenAI-compatible client and proxy server to production-ready status. Key changes: - Move openai client, cache, types, and tool_call_parser to areal/infra/openai/ - Move proxy server, client_session, and workflow to areal/infra/proxy/ - Move camel/openai_model.py to areal/infra/camel/ - Add API key authentication for proxy server communication - Update rollout_controller to generate and distribute API keys to proxy workers - Add OpenAIProxyConfig with api_key field to CLI args - Update all imports across workflows, tests, and examples - Update documentation to reflect new module paths - Remove deprecated multi_turn_v2.py from experimental The authentication mechanism uses auto-generated API keys (secrets.token_urlsafe) distributed to proxy workers via environment variables, protecting the proxy server from unauthorized access in distributed deployments.
3d7d811 to
5cfc58a
Compare
Description
Promote the OpenAI-compatible client and proxy server from experimental to
production-ready status by moving them to areal/infra/. This includes adding
API key authentication for secure proxy server communication in distributed
deployments.
Related Issue
N/A
Type of Change
Checklist
jb build docs/gemini review)Breaking Change Details (if applicable):
N/A
Additional Context
Key changes:
areal/experimental/openai/→areal/infra/openai/areal/experimental/openai/proxy/→areal/infra/proxy/areal/experimental/camel/openai_model.py→areal/infra/camel/openai_model.pysecrets.token_urlsafe)OpenAIProxyConfig.api_keyto CLI argsmulti_turn_v2.pyFiles changed:
areal/infra/openai/- OpenAI-compatible client, cache, typesareal/infra/proxy/- Proxy server with authenticationareal/infra/controller/rollout_controller.py:321-405- API key generation/distributionareal/api/cli_args.py- New OpenAIProxyConfig.api_key fieldareal/tests/openai_client/docs/