mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-03 09:53:45 +00:00
aaecd0327c
# What does this PR do? diff the `/v1/` routes that are OpenAI compatible against the OpenAI openAPI spec. This will of course only trigger on PRs where the spec is changed. This will catch errors with new handwritten additions to our openAI compat routes. Instead of fetching the OpenAPI spec from a dynamic URL, which could cause non-deterministic build failures, this change uses a local copy stored at `docs/static/openai-spec.yml`. This makes the conformance check fully reproducible and prevents CI failures caused by uncontrolled upstream changes. I am marking this test with `continue-on-error: true`, until we get rid of all of the errors. Nevertheless, this is a nice utility to have so folks know if their spec changes introduce more breaking changes or fix breakages when comparing to the OpenAI openapi spec. ## Test Plan test should pass. Signed-off-by: Charlie Doern <cdoern@redhat.com>
232 lines
7.7 KiB
YAML
232 lines
7.7 KiB
YAML
exclude: 'build/'
|
|
minimum_pre_commit_version: 4.4.0
|
|
default_language_version:
|
|
python: python3.12
|
|
node: "22"
|
|
|
|
repos:
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v5.0.0 # Latest stable version
|
|
hooks:
|
|
- id: check-merge-conflict
|
|
args: ['--assume-in-merge']
|
|
- id: trailing-whitespace
|
|
exclude: '\.py$' # Exclude Python files as Ruff already handles them
|
|
- id: check-added-large-files
|
|
args: ['--maxkb=1000']
|
|
- id: end-of-file-fixer
|
|
exclude: '^(.*\.svg|.*\.md)$'
|
|
- id: no-commit-to-branch
|
|
- id: check-yaml
|
|
args: ["--unsafe"]
|
|
exclude: 'docs/static/openai-spec-2.3.0.yml'
|
|
- id: detect-private-key
|
|
- id: mixed-line-ending
|
|
args: [--fix=lf] # Forces to replace line ending by LF (line feed)
|
|
- id: check-executables-have-shebangs
|
|
- id: check-json
|
|
- id: check-shebang-scripts-are-executable
|
|
- id: check-symlinks
|
|
- id: check-toml
|
|
|
|
- repo: https://github.com/Lucas-C/pre-commit-hooks
|
|
rev: v1.5.5
|
|
hooks:
|
|
- id: insert-license
|
|
files: \.py$|\.sh$
|
|
args:
|
|
- --license-filepath
|
|
- docs/license_header.txt
|
|
|
|
- repo: https://github.com/astral-sh/ruff-pre-commit
|
|
rev: v0.12.2
|
|
hooks:
|
|
- id: ruff
|
|
args: [ --fix ]
|
|
- id: ruff-format
|
|
|
|
- repo: https://github.com/adamchainz/blacken-docs
|
|
rev: 1.19.1
|
|
hooks:
|
|
- id: blacken-docs
|
|
additional_dependencies:
|
|
- black==24.3.0
|
|
|
|
|
|
- repo: https://github.com/pre-commit/mirrors-mypy
|
|
rev: v1.18.2
|
|
hooks:
|
|
- id: mypy
|
|
additional_dependencies:
|
|
- uv==0.6.2
|
|
- mypy
|
|
- pytest
|
|
- rich
|
|
- types-requests
|
|
- pydantic
|
|
pass_filenames: false
|
|
|
|
# - repo: https://github.com/tcort/markdown-link-check
|
|
# rev: v3.11.2
|
|
# hooks:
|
|
# - id: markdown-link-check
|
|
# args: ['--quiet']
|
|
|
|
- repo: local
|
|
hooks:
|
|
- id: uv-lock
|
|
name: uv-lock
|
|
additional_dependencies:
|
|
- uv==0.7.20
|
|
entry: ./scripts/uv-run-with-index.sh lock
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^(pyproject\.toml|uv\.lock)$
|
|
- id: mypy-full
|
|
name: mypy (full type_checking)
|
|
entry: ./scripts/uv-run-with-index.sh run --group dev --group type_checking mypy
|
|
language: system
|
|
pass_filenames: false
|
|
stages: [manual]
|
|
- id: distro-codegen
|
|
name: Distribution Template Codegen
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: ./scripts/uv-run-with-index.sh run --group codegen ./scripts/distro_codegen.py
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^src/llama_stack/distributions/.*$|^src/llama_stack/providers/.*/inference/.*/models\.py$
|
|
- id: provider-codegen
|
|
name: Provider Codegen
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: ./scripts/uv-run-with-index.sh run --group codegen ./scripts/provider_codegen.py
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^src/llama_stack/providers/.*$|^scripts/run_openapi_generator.sh$
|
|
- id: openapi-codegen
|
|
name: API Spec Codegen
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: sh -c './scripts/uv-run-with-index.sh run scripts/run_openapi_generator.sh'
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^src/llama_stack_api/.*$
|
|
- id: check-workflows-use-hashes
|
|
name: Check GitHub Actions use SHA-pinned actions
|
|
entry: ./scripts/check-workflows-use-hashes.sh
|
|
language: system
|
|
pass_filenames: false
|
|
require_serial: true
|
|
always_run: true
|
|
files: ^\.github/workflows/.*\.ya?ml$
|
|
- id: check-init-py
|
|
name: Check for missing __init__.py files
|
|
entry: ./scripts/check-init-py.sh
|
|
language: system
|
|
pass_filenames: false
|
|
require_serial: true
|
|
always_run: true
|
|
files: ^src/llama_stack/.*$
|
|
- id: forbid-pytest-asyncio
|
|
name: Block @pytest.mark.asyncio and @pytest_asyncio.fixture
|
|
entry: bash
|
|
language: system
|
|
types: [python]
|
|
pass_filenames: true
|
|
args:
|
|
- -c
|
|
- |
|
|
grep -EnH '^[^#]*@pytest\.mark\.asyncio|@pytest_asyncio\.fixture' "$@" && {
|
|
echo;
|
|
echo "❌ Do not use @pytest.mark.asyncio or @pytest_asyncio.fixture."
|
|
echo " pytest is already configured with async-mode=auto."
|
|
echo;
|
|
exit 1;
|
|
} || true
|
|
- id: generate-ci-docs
|
|
name: Generate CI documentation
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: ./scripts/uv-run-with-index.sh run ./scripts/gen-ci-docs.py
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^.github/workflows/.*$
|
|
- id: ui-linter
|
|
name: Format & Lint UI
|
|
entry: bash ./scripts/run-ui-linter.sh
|
|
language: system
|
|
files: ^src/llama_stack_ui/.*\.(ts|tsx)$
|
|
pass_filenames: false
|
|
require_serial: true
|
|
|
|
- id: check-log-usage
|
|
name: Ensure 'llama_stack.log' usage for logging
|
|
entry: bash
|
|
language: system
|
|
types: [python]
|
|
pass_filenames: true
|
|
args:
|
|
- -c
|
|
- |
|
|
matches=$(grep -EnH '^[^#]*\b(import\s+logging|from\s+logging\b)' "$@" | grep -v -e '#\s*allow-direct-logging' || true)
|
|
if [ -n "$matches" ]; then
|
|
# GitHub Actions annotation format
|
|
while IFS=: read -r file line_num rest; do
|
|
echo "::error file=$file,line=$line_num::Do not use 'import logging' or 'from logging import' in $file. Use the custom log instead: from llama_stack.log import get_logger; logger = get_logger(). If direct logging is truly needed, add: # allow-direct-logging"
|
|
done <<< "$matches"
|
|
exit 1
|
|
fi
|
|
exit 0
|
|
- id: fips-compliance
|
|
name: Ensure llama-stack remains FIPS compliant
|
|
entry: bash
|
|
language: system
|
|
types: [python]
|
|
pass_filenames: true
|
|
exclude: '^tests/.*$' # Exclude test dir as some safety tests used MD5
|
|
args:
|
|
- -c
|
|
- |
|
|
grep -EnH '^[^#]*\b(md5|sha1|uuid3|uuid5)\b' "$@" && {
|
|
echo;
|
|
echo "❌ Do not use any of the following functions: hashlib.md5, hashlib.sha1, uuid.uuid3, uuid.uuid5"
|
|
echo " These functions are not FIPS-compliant"
|
|
echo;
|
|
exit 1;
|
|
} || true
|
|
- id: check-api-independence
|
|
name: Ensure llama_stack_api does not import llama_stack
|
|
entry: bash
|
|
language: system
|
|
pass_filenames: false
|
|
require_serial: true
|
|
always_run: true
|
|
files: ^src/llama_stack_api/.*$
|
|
args:
|
|
- -c
|
|
- |
|
|
API_DIR="src/llama_stack_api"
|
|
grep -rn --include="*.py" -E '^[^#]*(import llama_stack\b|from llama_stack\b)' "$API_DIR" 2>/dev/null && {
|
|
echo "llama_stack_api must not import llama_stack";
|
|
exit 1;
|
|
}
|
|
[ -f "$API_DIR/pyproject.toml" ] && grep -n 'llama_stack[^_]' "$API_DIR/pyproject.toml" && {
|
|
echo "llama_stack_api must not depend on llama_stack in pyproject.toml";
|
|
exit 1;
|
|
}
|
|
exit 0
|
|
|
|
ci:
|
|
autofix_commit_msg: 🎨 [pre-commit.ci] Auto format from pre-commit.com hooks
|
|
autoupdate_commit_msg: ⬆ [pre-commit.ci] pre-commit autoupdate
|
|
autofix_prs: true
|
|
autoupdate_branch: ''
|
|
autoupdate_schedule: weekly
|
|
skip: []
|
|
submodules: false
|