mirror of
https://github.com/meta-llama/llama-stack.git
synced 2025-12-03 09:53:45 +00:00
2b187cb309
diff the `/v1/` routes that are OpenAI compatible against the OpenAI openAPI spec. This will of course only trigger on PRs where the spec is changed. This will catch errors with new handwritten additions to our openAI compat routes. Instead of fetching the OpenAPI spec from a dynamic URL, which could cause non-deterministic build failures, this change uses a local copy stored at `docs/static/openai-spec-2.3.0.yml`. This makes the conformance check fully reproducible and prevents CI failures caused by uncontrolled upstream changes. Signed-off-by: Charlie Doern <cdoern@redhat.com>
212 lines
6.9 KiB
YAML
212 lines
6.9 KiB
YAML
exclude: 'build/'
|
|
|
|
default_language_version:
|
|
python: python3.12
|
|
node: "22"
|
|
|
|
repos:
|
|
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
rev: v5.0.0 # Latest stable version
|
|
hooks:
|
|
- id: check-merge-conflict
|
|
args: ['--assume-in-merge']
|
|
- id: trailing-whitespace
|
|
exclude: '\.py$' # Exclude Python files as Ruff already handles them
|
|
- id: check-added-large-files
|
|
args: ['--maxkb=1000']
|
|
- id: end-of-file-fixer
|
|
exclude: '^(.*\.svg|.*\.md)$'
|
|
- id: no-commit-to-branch
|
|
- id: check-yaml
|
|
args: ["--unsafe"]
|
|
exclude: 'docs/static/openai-spec-2.3.0.yml'
|
|
- id: detect-private-key
|
|
- id: mixed-line-ending
|
|
args: [--fix=lf] # Forces to replace line ending by LF (line feed)
|
|
- id: check-executables-have-shebangs
|
|
- id: check-json
|
|
- id: check-shebang-scripts-are-executable
|
|
- id: check-symlinks
|
|
- id: check-toml
|
|
|
|
- repo: https://github.com/Lucas-C/pre-commit-hooks
|
|
rev: v1.5.5
|
|
hooks:
|
|
- id: insert-license
|
|
files: \.py$|\.sh$
|
|
args:
|
|
- --license-filepath
|
|
- docs/license_header.txt
|
|
|
|
- repo: https://github.com/astral-sh/ruff-pre-commit
|
|
rev: v0.12.2
|
|
hooks:
|
|
- id: ruff
|
|
args: [ --fix ]
|
|
exclude: ^src/llama_stack/strong_typing/.*$
|
|
- id: ruff-format
|
|
|
|
- repo: https://github.com/adamchainz/blacken-docs
|
|
rev: 1.19.1
|
|
hooks:
|
|
- id: blacken-docs
|
|
additional_dependencies:
|
|
- black==24.3.0
|
|
|
|
|
|
- repo: https://github.com/pre-commit/mirrors-mypy
|
|
rev: v1.18.2
|
|
hooks:
|
|
- id: mypy
|
|
additional_dependencies:
|
|
- uv==0.6.2
|
|
- mypy
|
|
- pytest
|
|
- rich
|
|
- types-requests
|
|
- pydantic
|
|
pass_filenames: false
|
|
|
|
# - repo: https://github.com/tcort/markdown-link-check
|
|
# rev: v3.11.2
|
|
# hooks:
|
|
# - id: markdown-link-check
|
|
# args: ['--quiet']
|
|
|
|
- repo: local
|
|
hooks:
|
|
- id: uv-lock
|
|
name: uv-lock
|
|
additional_dependencies:
|
|
- uv==0.7.20
|
|
entry: ./scripts/uv-run-with-index.sh lock
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^(pyproject\.toml|uv\.lock)$
|
|
- id: mypy-full
|
|
name: mypy (full type_checking)
|
|
entry: ./scripts/uv-run-with-index.sh run --group dev --group type_checking mypy
|
|
language: system
|
|
pass_filenames: false
|
|
stages: [manual]
|
|
- id: distro-codegen
|
|
name: Distribution Template Codegen
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: ./scripts/uv-run-with-index.sh run --group codegen ./scripts/distro_codegen.py
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^src/llama_stack/distributions/.*$|^src/llama_stack/providers/.*/inference/.*/models\.py$
|
|
- id: provider-codegen
|
|
name: Provider Codegen
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: ./scripts/uv-run-with-index.sh run --group codegen ./scripts/provider_codegen.py
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^src/llama_stack/providers/.*$
|
|
- id: openapi-codegen
|
|
name: API Spec Codegen
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: sh -c './scripts/uv-run-with-index.sh run ./docs/openapi_generator/run_openapi_generator.sh > /dev/null'
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^src/llama_stack/apis/|^docs/openapi_generator/
|
|
- id: check-workflows-use-hashes
|
|
name: Check GitHub Actions use SHA-pinned actions
|
|
entry: ./scripts/check-workflows-use-hashes.sh
|
|
language: system
|
|
pass_filenames: false
|
|
require_serial: true
|
|
always_run: true
|
|
files: ^\.github/workflows/.*\.ya?ml$
|
|
- id: check-init-py
|
|
name: Check for missing __init__.py files
|
|
entry: ./scripts/check-init-py.sh
|
|
language: system
|
|
pass_filenames: false
|
|
require_serial: true
|
|
always_run: true
|
|
files: ^src/llama_stack/.*$
|
|
- id: forbid-pytest-asyncio
|
|
name: Block @pytest.mark.asyncio and @pytest_asyncio.fixture
|
|
entry: bash
|
|
language: system
|
|
types: [python]
|
|
pass_filenames: true
|
|
args:
|
|
- -c
|
|
- |
|
|
grep -EnH '^[^#]*@pytest\.mark\.asyncio|@pytest_asyncio\.fixture' "$@" && {
|
|
echo;
|
|
echo "❌ Do not use @pytest.mark.asyncio or @pytest_asyncio.fixture."
|
|
echo " pytest is already configured with async-mode=auto."
|
|
echo;
|
|
exit 1;
|
|
} || true
|
|
- id: generate-ci-docs
|
|
name: Generate CI documentation
|
|
additional_dependencies:
|
|
- uv==0.7.8
|
|
entry: ./scripts/uv-run-with-index.sh run ./scripts/gen-ci-docs.py
|
|
language: python
|
|
pass_filenames: false
|
|
require_serial: true
|
|
files: ^.github/workflows/.*$
|
|
- id: ui-linter
|
|
name: Format & Lint UI
|
|
entry: bash ./scripts/run-ui-linter.sh
|
|
language: system
|
|
files: ^src/llama_stack_ui/.*\.(ts|tsx)$
|
|
pass_filenames: false
|
|
require_serial: true
|
|
|
|
- id: check-log-usage
|
|
name: Ensure 'llama_stack.log' usage for logging
|
|
entry: bash
|
|
language: system
|
|
types: [python]
|
|
pass_filenames: true
|
|
args:
|
|
- -c
|
|
- |
|
|
matches=$(grep -EnH '^[^#]*\b(import\s+logging|from\s+logging\b)' "$@" | grep -v -e '#\s*allow-direct-logging' || true)
|
|
if [ -n "$matches" ]; then
|
|
# GitHub Actions annotation format
|
|
while IFS=: read -r file line_num rest; do
|
|
echo "::error file=$file,line=$line_num::Do not use 'import logging' or 'from logging import' in $file. Use the custom log instead: from llama_stack.log import get_logger; logger = get_logger(). If direct logging is truly needed, add: # allow-direct-logging"
|
|
done <<< "$matches"
|
|
exit 1
|
|
fi
|
|
exit 0
|
|
- id: fips-compliance
|
|
name: Ensure llama-stack remains FIPS compliant
|
|
entry: bash
|
|
language: system
|
|
types: [python]
|
|
pass_filenames: true
|
|
exclude: '^tests/.*$' # Exclude test dir as some safety tests used MD5
|
|
args:
|
|
- -c
|
|
- |
|
|
grep -EnH '^[^#]*\b(md5|sha1|uuid3|uuid5)\b' "$@" && {
|
|
echo;
|
|
echo "❌ Do not use any of the following functions: hashlib.md5, hashlib.sha1, uuid.uuid3, uuid.uuid5"
|
|
echo " These functions are not FIPS-compliant"
|
|
echo;
|
|
exit 1;
|
|
} || true
|
|
|
|
ci:
|
|
autofix_commit_msg: 🎨 [pre-commit.ci] Auto format from pre-commit.com hooks
|
|
autoupdate_commit_msg: ⬆ [pre-commit.ci] pre-commit autoupdate
|
|
autofix_prs: true
|
|
autoupdate_branch: ''
|
|
autoupdate_schedule: weekly
|
|
skip: []
|
|
submodules: false
|