Skip to content

LCORE-1427: Normalize Tool and Inline RAG default behavior#2146

Open
Jazzcort wants to merge 4 commits into
lightspeed-core:mainfrom
Jazzcort:normalize-tool-and-inlice-rag
Open

LCORE-1427: Normalize Tool and Inline RAG default behavior#2146
Jazzcort wants to merge 4 commits into
lightspeed-core:mainfrom
Jazzcort:normalize-tool-and-inlice-rag

Conversation

@Jazzcort

@Jazzcort Jazzcort commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Description

Remove fallback to all registered vector stores when tool RAG is unconfigured.

Previously, when neither rag.tool nor rag.inline were configured, prepare_tools would fetch and register all vector stores from llama-stack as a backward-compatibility fallback. This implicit behavior is removed — tool RAG now requires explicit configuration via rag.tool. Updated docs, config model, example YAML, and tests to reflect the new behavior.

Type of change

  • Refactor
  • New feature
  • Bug fix
  • CVE fix
  • Optimization
  • Documentation Update
  • Configuration Update
  • Bump-up service version
  • Bump-up dependent library
  • Bump-up library or tool used for development (does not change the final image)
  • CI configuration change
  • Konflux configuration change
  • Unit tests improvement
  • Integration tests improvement
  • End to end tests improvement
  • Benchmarks improvement

Tools used to create PR

Identify any AI code assistants used in this PR (for transparency and review context)

  • Assisted-by: (e.g., Claude, CodeRabbit, Ollama, etc., N/A if not used)
  • Generated by: (e.g., tool name and version; N/A if not used)

Related Tickets & Documents

Checklist before requesting a review

  • I have performed a self-review of my code.
  • PR has passed all pre-merge test jobs.
  • If it is a core feature, I have added thorough tests.

Testing

  1. Set rag.tool to an empty list or simply omit it.
  2. Check that there is no tool rag enabled even if there are some manually registered vector stores from llama-stack side.

Summary by CodeRabbit

  • Behavior Changes

    • RAG strategies are now disabled by default.
    • Tool-based RAG is activated only when rag.tool or request-specific vector stores are explicitly configured.
    • rag.inline no longer enables or influences tool-based RAG.
    • Unconfigured tool RAG no longer automatically uses all available vector stores.
  • Documentation

    • Updated configuration, API, BYOK, and example documentation to reflect the new explicit RAG configuration behavior.
  • Tests

    • Updated unit and integration coverage for RAG enablement, vector-store selection, and configuration precedence.

@coderabbitai

coderabbitai Bot commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Review Change Stack

Warning

Review limit reached

@Jazzcort, you've reached your PR review limit, so we couldn't start this review.

Next review available in: 12 minutes

Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available.
You're only billed for reviews past your plan's rate limits ($0.25/file).

How can I continue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews.

How do review limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please refer docs for additional details.

Review details
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: f1febcb5-8248-4cdc-8500-2f18dd8b1cd3

📥 Commits

Reviewing files that changed from the base of the PR and between 7d4dca6 and 06cbdd2.

📒 Files selected for processing (1)
  • tests/integration/container_lifecycle/test_container_lifecycle.py

Walkthrough

RAG configuration now defaults both strategies to disabled, and Tool RAG requires explicit vector-store configuration. Response tool preparation no longer accepts an explicit client or falls back to all stores. Tests and integration teardown behavior were updated accordingly.

Changes

RAG strategy behavior

Layer / File(s) Summary
RAG configuration contract
src/models/config.py, docs/devel_doc/..., docs/models/..., docs/user_doc/..., examples/...
Documentation and schema descriptions state that inline and tool default to []; omitting tool disables Tool RAG.
Tool vector-store resolution
src/utils/responses.py
prepare_tools uses request IDs or configured rag.tool IDs, removes the implicit all-store fallback, and no longer accepts an explicit client.
Resolution and integration validation
tests/unit/utils/test_responses.py, tests/integration/endpoints/...
Tests cover Tool RAG precedence, disabled behavior, revised signatures, mocking, and explicit tool configuration.

Container test cleanup

Layer / File(s) Summary
Session container cleanup
tests/integration/container_lifecycle/test_container_lifecycle.py
A session teardown fixture force-removes the local image and prunes dangling images with bounded timeouts.

Estimated code review effort: 3 (Moderate) | ~30 minutes

Sequence Diagram(s)

sequenceDiagram
  participant Request
  participant prepare_tools
  participant RagConfiguration
  participant LlamaStack
  Request->>prepare_tools: vector_store_ids or None
  prepare_tools->>RagConfiguration: read rag.tool when request IDs are absent
  prepare_tools->>LlamaStack: list vector stores only through get_vector_store_ids
  prepare_tools-->>Request: prepared tools or None
Loading

Possibly related PRs

Suggested reviewers: tisnik, asimurka

🚥 Pre-merge checks | ✅ 7
✅ Passed checks (7 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: normalizing the default behavior for Tool and Inline RAG.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
Performance And Algorithmic Complexity ✅ Passed No new O(n^2), N+1, unbounded growth, or missing-pagination regressions found; the RAG fallback removal reduces work and the cleanup fixture is bounded.
Security And Secret Handling ✅ Passed No new secret logging/hardcoded creds or authz gaps found; responses/query endpoints keep @authorize and auth dependencies, and PR only alters RAG fallback/docs/tests.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
✨ Simplify code
  • Create PR with simplified code

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@Jazzcort
Jazzcort marked this pull request as draft July 14, 2026 19:48

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
tests/unit/utils/test_responses.py (1)

3062-3065: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Rename test to reflect the updated function signature.

Since get_vector_store_ids no longer accepts a vector_store_ids parameter, the "when_no_ids_provided" suffix is obsolete. Consider renaming the test for clarity.

♻️ Proposed fix
-    async def test_fetches_all_when_no_ids_provided(
+    async def test_fetches_all_vector_stores(
         self, mocker: MockerFixture
     ) -> None:
-        """Test that all vector stores are fetched when no IDs provided."""
+        """Test that all available vector stores are fetched."""
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/unit/utils/test_responses.py` around lines 3062 - 3065, Rename the test
method test_fetches_all_when_no_ids_provided to reflect that
get_vector_store_ids no longer accepts a vector_store_ids argument, removing the
obsolete “when_no_ids_provided” wording while preserving the test behavior.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@tests/unit/utils/test_responses.py`:
- Around line 3062-3065: Rename the test method
test_fetches_all_when_no_ids_provided to reflect that get_vector_store_ids no
longer accepts a vector_store_ids argument, removing the obsolete
“when_no_ids_provided” wording while preserving the test behavior.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: c8e521c5-292b-4e00-a6df-6ba018037946

📥 Commits

Reviewing files that changed from the base of the PR and between 216426e and 649cc20.

📒 Files selected for processing (8)
  • docs/byok_guide.md
  • docs/config.md
  • docs/models/responses_succ.md
  • docs/openapi.md
  • examples/lightspeed-stack-byok-okp-rag.yaml
  • src/models/config.py
  • src/utils/responses.py
  • tests/unit/utils/test_responses.py
📜 Review details
⏰ Context from checks skipped due to timeout. (15)
  • GitHub Check: integration_tests (3.12)
  • GitHub Check: integration_tests (3.13)
  • GitHub Check: unit_tests (3.12)
  • GitHub Check: unit_tests (3.13)
  • GitHub Check: Pylinter
  • GitHub Check: build-pr
  • GitHub Check: mypy
  • GitHub Check: E2E Tests for Lightspeed Evaluation job
  • GitHub Check: E2E: library mode / ci / group 1
  • GitHub Check: E2E: server mode / ci / group 3
  • GitHub Check: E2E: server mode / ci / group 2
  • GitHub Check: E2E: server mode / ci / group 1
  • GitHub Check: E2E: library mode / ci / group 2
  • GitHub Check: E2E: library mode / ci / group 3
  • GitHub Check: Konflux kflux-prd-rh02 / lightspeed-stack-0-7-on-pull-request
⚠️ CI failures not shown inline (3)

GitHub Actions: OpenAPI (Spectral) / 0_spectral.txt: LCORE-1427: Normalize Tool and Inline RAG default behavior

Conclusion: failure

View job details

##[group]Run set -euo pipefail
 �[36;1mset -euo pipefail�[0m
 �[36;1muv run python scripts/generate_openapi_schema.py /tmp/openapi-generated.json�[0m
 �[36;1mif ! diff -u docs/openapi.json /tmp/openapi-generated.json; then�[0m
 �[36;1m  echo "::error::docs/openapi.json is out of date. Regenerate with: uv run scripts/generate_openapi_schema.py docs/openapi.json"�[0m

GitHub Actions: Pydocstyle / 0_pydocstyle.txt: LCORE-1427: Normalize Tool and Inline RAG default behavior

Conclusion: failure

View job details

##[group]Run uv tool run pydocstyle -v src tests
 �[36;1muv tool run pydocstyle -v src tests�[0m
 shell: /usr/bin/bash -e {0}
 env:
   UV_PYTHON: 3.12
   VIRTUAL_ENV: /home/runner/work/lightspeed-stack/lightspeed-stack/.venv
   UV_CACHE_DIR: /home/runner/work/_temp/setup-uv-cache
 ##[endgroup]
 Installed 2 packages in 3ms
 Checking file src/configuration.py.
 Checking file src/__init__.py.
 Checking file src/version.py.
 Checking file src/sentry.py.
 Checking file src/lightspeed_stack.py.
 Checking file src/client.py.
 Checking file src/constants.py.
 Checking file src/log.py.
 Checking file src/llama_stack_configuration.py.
 Checking file src/quota/quota_exceed_error.py.
 Checking file src/quota/sql.py.
 Checking file src/quota/__init__.py.
 Checking file src/quota/user_quota_limiter.py.
 Checking file src/quota/connect_pg.py.
 Checking file src/quota/revokable_quota_limiter.py.
 Checking file src/quota/quota_limiter.py.
 Checking file src/quota/quota_limiter_factory.py.
 Checking file src/quota/connect_sqlite.py.
 Checking file src/quota/token_usage_history.py.
 Checking file src/quota/cluster_quota_limiter.py.
 Checking file src/utils/vector_search.py.
 Checking file src/utils/stream_interrupts.py.
 Checking file src/utils/prompts.py.
 Checking file src/utils/__init__.py.
 Checking file src/utils/mcp_oauth_probe.py.
 Checking file src/utils/checks.py.
 Checking file src/utils/config_dumper.py.
 Checking file src/utils/openapi_schema_dumper.py.
 Checking file src/utils/quota_utils.py.
 Checking file src/utils/endpoints.py.
 Checking file src/utils/responses.py.
 Checking file src/utils/rh_identity.py.
 Checking file src/utils/reranker.py.
 Checking file src/utils/token_counter.py.
 Checking file src/utils/pydantic_ai_helpers.py.
 Checking file src/utils/mcp_auth_headers.py.
 Checking file src/utils/degraded_mode.py.
 Checking file src/utils/json_schema_updater.py.
 Checking file src/utils/llama_stack_version.py.
 Checking file src/utils/mcp_headers.py.
 Checkin...

GitHub Actions: OpenAPI (Spectral) / spectral: LCORE-1427: Normalize Tool and Inline RAG default behavior

Conclusion: failure

View job details

##[group]Run set -euo pipefail
 �[36;1mset -euo pipefail�[0m
 �[36;1muv run python scripts/generate_openapi_schema.py /tmp/openapi-generated.json�[0m
 �[36;1mif ! diff -u docs/openapi.json /tmp/openapi-generated.json; then�[0m
 �[36;1m  echo "::error::docs/openapi.json is out of date. Regenerate with: uv run scripts/generate_openapi_schema.py docs/openapi.json"�[0m
🧰 Additional context used
📓 Path-based instructions (5)
**/*

📄 CodeRabbit inference engine (Custom checks)

**/*: Flag meaningful O(n^2)+ algorithms on non-trivial inputs, including handlers and Kubernetes list operations.
Flag N+1 patterns that list items and then query once per item, including Kubernetes API and database access.
Flag expensive work inside loops, including API calls, JSON parsing, and regex compilation.
Flag unbounded growth in caches, watchers, or buffers when eviction or limits are missing.
Flag missing pagination or limits on list operations and API endpoints.
Flag secrets or tokens logged in plaintext or hardcoded in source.
Flag API endpoints missing authentication or authorization.
Flag injection vulnerabilities, including SQL injection, command injection, and path traversal.
Flag sensitive data leaked in API responses, WebSocket messages, or logs.
Flag Kubernetes Secrets and Red Hat secrets missing OwnerReferences.

Files:

  • examples/lightspeed-stack-byok-okp-rag.yaml
  • docs/byok_guide.md
  • docs/models/responses_succ.md
  • docs/config.md
  • docs/openapi.md
  • src/utils/responses.py
  • src/models/config.py
  • tests/unit/utils/test_responses.py
**/*.{py,toml,yaml,yml,json}

📄 CodeRabbit inference engine (AGENTS.md)

Run and satisfy the project's configured quality checks, including Black, Pylint, Pyright, Ruff, pydocstyle, type checks, and Bandit security scanning.

Files:

  • examples/lightspeed-stack-byok-okp-rag.yaml
  • src/utils/responses.py
  • src/models/config.py
  • tests/unit/utils/test_responses.py
**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

**/*.py: Use absolute imports for internal Python modules and check pyproject.toml for existing dependencies and versions before adding dependencies.
All Python modules must begin with descriptive docstrings; package __init__.py files must contain brief package descriptions.
Use logger = get_logger(__name__) from log.py for module logging.
Use Final[type] for constants and check constants.py for shared constants before defining new ones.
Define type aliases at module level for clarity.
All functions must have Google-style docstrings and complete parameter and return type annotations.
Use typing_extensions.Self for model validators, modern union syntax such as str | int, and Optional[Type] for optional values.
Use descriptive, action-oriented snake_case names for functions, such as get_, validate_, and check_.
Do not modify parameter objects in place when producing results; return a new data structure instead.
Use async def for I/O operations and external API calls.
Handle APIConnectionError from Llama Stack integrations.
Use standard logger levels appropriately: debug for diagnostics, info for normal execution, warning for unexpected or potentially problematic conditions, and error for serious failures.
All classes must have descriptive Google-style docstrings, complete attribute type annotations, and specific types instead of Any.
Use PascalCase for classes with descriptive suffixes, including Configuration, Error/Exception, Resolver, and Interface where applicable.
Use ABC and @abstractmethod for abstract interfaces.
Follow Google Python docstring conventions and include Parameters, Returns, Raises, and Attributes sections when applicable.

Files:

  • src/utils/responses.py
  • src/models/config.py
  • tests/unit/utils/test_responses.py
src/models/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use BaseModel for data models, ConfigurationBase for configuration models, and Pydantic @model_validator and @field_validator for validation.

Files:

  • src/models/config.py
tests/unit/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use pytest for all unit tests; do not use unittest. Put shared fixtures in conftest.py, use pytest-mock for mocks, mark async tests with pytest.mark.asyncio, and maintain at least 60% unit-test coverage.

Files:

  • tests/unit/utils/test_responses.py
🧠 Learnings (6)
📚 Learning: 2026-05-20T08:09:30.641Z
Learnt from: max-svistunov
Repo: lightspeed-core/lightspeed-stack PR: 1580
File: docs/design/llama-stack-config-merge/poc-results/library-mode/synthesized-run.yaml:107-110
Timestamp: 2026-05-20T08:09:30.641Z
Learning: In Llama-stack config YAMLs, when defining a Llama Guard safety shield entry, set `provider_shield_id` to the *guard model identifier* (e.g., `meta-llama/Llama-Guard-3-8B`). Do not use a chat/generative model id (e.g., `openai/gpt-4o-mini`): a chat-model id (or `native_override`) indicates only an override landed and does **not** mean the safety shield is actually gating queries. Ensure any E2E coverage for the related implementation (JIRA/E2E tests) exercises a real Llama Guard model to verify that the shield is effective.

Applied to files:

  • examples/lightspeed-stack-byok-okp-rag.yaml
📚 Learning: 2026-02-23T14:56:59.186Z
Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1198
File: src/utils/responses.py:184-192
Timestamp: 2026-02-23T14:56:59.186Z
Learning: In the lightspeed-stack codebase (lightspeed-core/lightspeed-stack), do not enforce de-duplication of duplicate client.models.list() calls in model selection flows (e.g., in src/utils/responses.py prepare_responses_params). These calls are considered relatively cheap and removing duplicates could add unnecessary complexity to the flow. Apply this guideline specifically to this file/context unless similar performance characteristics and design decisions are documented elsewhere.

Applied to files:

  • src/utils/responses.py
📚 Learning: 2026-06-24T13:45:37.249Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 1971
File: src/utils/markdown_repair.py:31-36
Timestamp: 2026-06-24T13:45:37.249Z
Learning: In the lightspeed-stack repository, docstrings must use the section header name "Parameters:" (not "Args:") for function arguments, even if the project references Google Python docstring conventions. Ensure docstrings follow the project’s established "Parameters:" header format for any documented function parameters.

Applied to files:

  • src/utils/responses.py
  • src/models/config.py
  • tests/unit/utils/test_responses.py
📚 Learning: 2026-07-06T15:26:18.398Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 2071
File: src/models/config.py:2416-2422
Timestamp: 2026-07-06T15:26:18.398Z
Learning: In this repo’s Python code under src/**, don’t treat differences in string concatenation style as a style inconsistency when Black has effectively forced (or made clearer) use of explicit `+` string concatenation in multi-line logger/string expressions. If adjacent-literal implicit concatenation is avoided/changed specifically to accommodate Black’s formatting in these call sites, accept the `+` usage and don’t recommend converting it solely for consistency with nearby blocks that use implicit concatenation.

Applied to files:

  • src/utils/responses.py
  • src/models/config.py
📚 Learning: 2026-01-12T10:58:40.230Z
Learnt from: blublinsky
Repo: lightspeed-core/lightspeed-stack PR: 972
File: src/models/config.py:459-513
Timestamp: 2026-01-12T10:58:40.230Z
Learning: In lightspeed-core/lightspeed-stack, for Python files under src/models, when a user claims a fix is done but the issue persists, verify the current code state before accepting the fix. Steps: review the diff, fetch the latest changes, run relevant tests, reproduce the issue, search the codebase for lingering references to the original problem, confirm the fix is applied and not undone by subsequent commits, and validate with local checks to ensure the issue is resolved.

Applied to files:

  • src/models/config.py
📚 Learning: 2026-02-25T07:46:33.545Z
Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1211
File: src/models/responses.py:8-16
Timestamp: 2026-02-25T07:46:33.545Z
Learning: In the Python codebase, requests.py should use OpenAIResponseInputTool as Tool while responses.py uses OpenAIResponseTool as Tool. This difference is intentional due to differing schemas for input vs output tools in llama-stack-api. Apply this distinction consistently to other models under src/models (e.g., ensure request-related tools use the InputTool variant and response-related tools use the ResponseTool variant). If adding new tools, choose the corresponding InputTool or Tool class based on whether the tool represents input or output, and document the rationale in code comments.

Applied to files:

  • src/models/config.py
🪛 GitHub Actions: Pydocstyle / 0_pydocstyle.txt
src/utils/responses.py

[error] 133-133: pydocstyle: D401: First line should be in imperative mood (perhaps 'Fetch', not 'Fetche')

🪛 GitHub Actions: Pydocstyle / pydocstyle
src/utils/responses.py

[error] 133-133: pydocstyle: D401 violation in public function get_vector_store_ids: First line should be in imperative mood (perhaps 'Fetch', not 'Fetche').

🔇 Additional comments (6)
docs/byok_guide.md (1)

264-268: LGTM!

docs/config.md (1)

609-616: LGTM!

docs/models/responses_succ.md (1)

1843-1850: LGTM!

docs/openapi.md (1)

8158-8165: LGTM!

examples/lightspeed-stack-byok-okp-rag.yaml (1)

63-63: LGTM!

src/models/config.py (1)

2261-2262: LGTM!

Also applies to: 2277-2277

@Jazzcort
Jazzcort force-pushed the normalize-tool-and-inlice-rag branch 7 times, most recently from 6e81e70 to ad40b35 Compare July 16, 2026 16:15
@Jazzcort
Jazzcort marked this pull request as ready for review July 16, 2026 17:34

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
src/models/config.py (1)

701-733: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Use modern union syntax for the optional ID.

The changed annotations use Optional[str], but repository Python code must use str | None. Update both the field and validator signature consistently.

Proposed fix
-    id: Optional[str] = Field(
+    id: str | None = Field(
...
-    def validate_id(cls, value: Optional[str]) -> Optional[str]:
+    def validate_id(cls, value: str | None) -> str | None:

As per coding guidelines, src/**/*.py must use modern union syntax.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/models/config.py` around lines 701 - 733, Update the Provider
configuration model’s id field annotation and the validate_id validator
parameter and return annotations to use str | None instead of Optional[str],
keeping the existing optional-ID behavior unchanged.

Source: Coding guidelines

tests/integration/endpoints/test_query_integration.py (1)

618-658: 📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

Remove redundant mock setup and unused mocker parameter.

Since prepare_tools no longer falls back to fetching all vector stores (and this test exercises no_tools=True anyway), the mock setup for vector_stores.list is dead code. You can safely remove it along with the mocker fixture parameter, matching the excellent cleanup already done in test_query_v2_endpoint_uses_tools_when_available.

♻️ Proposed refactor
-async def test_query_v2_endpoint_bypasses_tools_when_no_tools_true(
-    test_config: AppConfig,
-    mock_llama_stack_client: AsyncMockType,
-    mock_query_agent: AsyncMockType,
-    test_request: Request,
-    test_auth: AuthTuple,
-    patch_db_session: Session,
-    mocker: MockerFixture,
-) -> None:
+async def test_query_v2_endpoint_bypasses_tools_when_no_tools_true(
+    test_config: AppConfig,
+    mock_llama_stack_client: AsyncMockType,
+    mock_query_agent: AsyncMockType,
+    test_request: Request,
+    test_auth: AuthTuple,
+    patch_db_session: Session,
+) -> None:
     """Test that tools are NOT used when no_tools=True.
...
         test_auth: noop authentication tuple
         patch_db_session: Test database session
-        mocker: pytest-mock fixture
 
     Returns:
...
     _ = test_config
     _ = patch_db_session
 
-    mock_vector_store = mocker.MagicMock()
-    mock_vector_store.id = "vs-test-123"
-
-    mock_list_result = mocker.MagicMock()
-    mock_list_result.data = [mock_vector_store]
-
-    mock_llama_stack_client.vector_stores.list.return_value = mock_list_result
-
     query_request = QueryRequest(query="What is Ansible?", no_tools=True)
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/endpoints/test_query_integration.py` around lines 618 -
658, In test_query_v2_endpoint_bypasses_tools_when_no_tools_true, remove the
unused mocker parameter and delete the mock_vector_store, mock_list_result, and
vector_stores.list mock setup; retain the test configuration, session setup, and
remaining assertions unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/utils/responses.py`:
- Around line 129-131: Delete the unused get_vector_store_ids helper and remove
its dedicated TestGetVectorStoreIds tests. Verify no remaining references
require updates, while leaving unrelated response utilities and tests unchanged.

---

Outside diff comments:
In `@src/models/config.py`:
- Around line 701-733: Update the Provider configuration model’s id field
annotation and the validate_id validator parameter and return annotations to use
str | None instead of Optional[str], keeping the existing optional-ID behavior
unchanged.

In `@tests/integration/endpoints/test_query_integration.py`:
- Around line 618-658: In
test_query_v2_endpoint_bypasses_tools_when_no_tools_true, remove the unused
mocker parameter and delete the mock_vector_store, mock_list_result, and
vector_stores.list mock setup; retain the test configuration, session setup, and
remaining assertions unchanged.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 86d8317b-70c5-4d37-955c-dabb33acd5b3

📥 Commits

Reviewing files that changed from the base of the PR and between 649cc20 and d00eb6e.

📒 Files selected for processing (14)
  • .github/workflows/integration_tests.yaml
  • docs/models/responses_succ.md
  • docs/openapi.json
  • docs/openapi.md
  • docs/user_doc/byok_guide.md
  • docs/user_doc/config.md
  • examples/lightspeed-stack-byok-okp-rag.yaml
  • src/models/config.py
  • src/utils/responses.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/integration/endpoints/test_responses_byok_integration.py
  • tests/integration/endpoints/test_responses_integration.py
  • tests/unit/app/endpoints/test_responses.py
  • tests/unit/utils/test_responses.py
💤 Files with no reviewable changes (3)
  • tests/integration/endpoints/test_responses_byok_integration.py
  • tests/unit/app/endpoints/test_responses.py
  • tests/integration/endpoints/test_responses_integration.py
📜 Review details
🧰 Additional context used
📓 Path-based instructions (8)
**/*

📄 CodeRabbit inference engine (Custom checks)

**/*: Flag meaningful O(n^2)+ algorithms on non-trivial inputs, including handlers and Kubernetes list operations.
Flag N+1 patterns that list items and then query once per item, including Kubernetes API and database access.
Flag expensive work inside loops, including API calls, JSON parsing, and regex compilation.
Flag unbounded growth in caches, watchers, or buffers when eviction or limits are missing.
Flag missing pagination or limits on list operations and API endpoints.
Flag secrets or tokens logged in plaintext or hardcoded in source.
Flag API endpoints missing authentication or authorization.
Flag injection vulnerabilities, including SQL injection, command injection, and path traversal.
Flag sensitive data leaked in API responses, WebSocket messages, or logs.
Flag Kubernetes Secrets and Red Hat secrets missing OwnerReferences.

Files:

  • docs/user_doc/byok_guide.md
  • examples/lightspeed-stack-byok-okp-rag.yaml
  • docs/openapi.md
  • docs/openapi.json
  • docs/models/responses_succ.md
  • docs/user_doc/config.md
  • src/models/config.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/unit/utils/test_responses.py
  • src/utils/responses.py
**/*.{py,yaml,yml,json,toml}

📄 CodeRabbit inference engine (AGENTS.md)

Never commit secrets or keys; use environment variables for sensitive data.

Files:

  • examples/lightspeed-stack-byok-okp-rag.yaml
  • docs/openapi.json
  • src/models/config.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/unit/utils/test_responses.py
  • src/utils/responses.py
**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

**/*.py: Use absolute imports for internal Python modules.
Start every module with a descriptive docstring and use logger = get_logger(__name__) for module logging.
Define shared constants in the central constants.py module, use descriptive comments, and annotate constants with Final[type].
Use complete type annotations for function parameters and return values, modern union syntax, and typing_extensions.Self for model validators.
Document all modules, classes, and functions using Google-style Python docstrings, including applicable Parameters, Returns, Raises, and Attributes sections.
Use descriptive snake_case, action-oriented function names such as get_, validate_, and check_.
Avoid modifying input parameters in place; return a newly created data structure instead.
Use async def for I/O operations and external API calls.
Use standard logger levels appropriately: debug for diagnostics, info for normal execution, warning for unexpected conditions, and error for serious failures.
Name classes with PascalCase and use descriptive suffixes such as Configuration, Error/Exception, Resolver, and Interface where applicable.
Use ABC and @abstractmethod for abstract interfaces; provide complete, specific type annotations for class attributes and avoid Any.

Files:

  • src/models/config.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/unit/utils/test_responses.py
  • src/utils/responses.py
src/models/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use ConfigurationBase for configuration Pydantic models and BaseModel for data models; use @model_validator and @field_validator for validation.

Files:

  • src/models/config.py
src/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Configuration models must extend ConfigurationBase, whose extra="forbid" behavior rejects unknown fields; use types such as Optional[FilePath], PositiveInt, and SecretStr where appropriate.

Files:

  • src/models/config.py
  • src/utils/responses.py
tests/integration/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use pytest for all integration tests; do not use unittest.

Files:

  • tests/integration/endpoints/test_query_integration.py
tests/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Maintain at least 60% unit-test coverage and 10% integration-test coverage.

Files:

  • tests/integration/endpoints/test_query_integration.py
  • tests/unit/utils/test_responses.py
tests/unit/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use pytest for unit tests, shared fixtures in conftest.py, pytest-mock for mocks, and pytest.mark.asyncio for asynchronous tests; do not use unittest.

Files:

  • tests/unit/utils/test_responses.py
🧠 Learnings (7)
📚 Learning: 2026-05-06T08:35:54.687Z
Learnt from: radofuchs
Repo: lightspeed-core/lightspeed-stack PR: 1690
File: .github/workflows/e2e_tests_providers.yaml:279-285
Timestamp: 2026-05-06T08:35:54.687Z
Learning: In .github/workflows/e2e_tests_providers.yaml and related e2e workflow files, the show_logs step should not use docker compose logs with --tail or --since (i.e., keep logs unbounded). The quick connectivity test runs once immediately after container startup, so the log output is small and a log tail limit is unnecessary. If you adjust this, add a rationale comment in the workflow explaining why unbounded logs are acceptable and ensure CI behavior remains deterministic.

Applied to files:

  • .github/workflows/integration_tests.yaml
📚 Learning: 2026-05-20T08:09:30.641Z
Learnt from: max-svistunov
Repo: lightspeed-core/lightspeed-stack PR: 1580
File: docs/design/llama-stack-config-merge/poc-results/library-mode/synthesized-run.yaml:107-110
Timestamp: 2026-05-20T08:09:30.641Z
Learning: In Llama-stack config YAMLs, when defining a Llama Guard safety shield entry, set `provider_shield_id` to the *guard model identifier* (e.g., `meta-llama/Llama-Guard-3-8B`). Do not use a chat/generative model id (e.g., `openai/gpt-4o-mini`): a chat-model id (or `native_override`) indicates only an override landed and does **not** mean the safety shield is actually gating queries. Ensure any E2E coverage for the related implementation (JIRA/E2E tests) exercises a real Llama Guard model to verify that the shield is effective.

Applied to files:

  • examples/lightspeed-stack-byok-okp-rag.yaml
📚 Learning: 2026-01-12T10:58:40.230Z
Learnt from: blublinsky
Repo: lightspeed-core/lightspeed-stack PR: 972
File: src/models/config.py:459-513
Timestamp: 2026-01-12T10:58:40.230Z
Learning: In lightspeed-core/lightspeed-stack, for Python files under src/models, when a user claims a fix is done but the issue persists, verify the current code state before accepting the fix. Steps: review the diff, fetch the latest changes, run relevant tests, reproduce the issue, search the codebase for lingering references to the original problem, confirm the fix is applied and not undone by subsequent commits, and validate with local checks to ensure the issue is resolved.

Applied to files:

  • src/models/config.py
📚 Learning: 2026-02-25T07:46:33.545Z
Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1211
File: src/models/responses.py:8-16
Timestamp: 2026-02-25T07:46:33.545Z
Learning: In the Python codebase, requests.py should use OpenAIResponseInputTool as Tool while responses.py uses OpenAIResponseTool as Tool. This difference is intentional due to differing schemas for input vs output tools in llama-stack-api. Apply this distinction consistently to other models under src/models (e.g., ensure request-related tools use the InputTool variant and response-related tools use the ResponseTool variant). If adding new tools, choose the corresponding InputTool or Tool class based on whether the tool represents input or output, and document the rationale in code comments.

Applied to files:

  • src/models/config.py
📚 Learning: 2026-06-24T13:45:37.249Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 1971
File: src/utils/markdown_repair.py:31-36
Timestamp: 2026-06-24T13:45:37.249Z
Learning: In the lightspeed-stack repository, docstrings must use the section header name "Parameters:" (not "Args:") for function arguments, even if the project references Google Python docstring conventions. Ensure docstrings follow the project’s established "Parameters:" header format for any documented function parameters.

Applied to files:

  • src/models/config.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/unit/utils/test_responses.py
  • src/utils/responses.py
📚 Learning: 2026-07-06T15:26:18.398Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 2071
File: src/models/config.py:2416-2422
Timestamp: 2026-07-06T15:26:18.398Z
Learning: In this repo’s Python code under src/**, don’t treat differences in string concatenation style as a style inconsistency when Black has effectively forced (or made clearer) use of explicit `+` string concatenation in multi-line logger/string expressions. If adjacent-literal implicit concatenation is avoided/changed specifically to accommodate Black’s formatting in these call sites, accept the `+` usage and don’t recommend converting it solely for consistency with nearby blocks that use implicit concatenation.

Applied to files:

  • src/models/config.py
  • src/utils/responses.py
📚 Learning: 2026-02-23T14:56:59.186Z
Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1198
File: src/utils/responses.py:184-192
Timestamp: 2026-02-23T14:56:59.186Z
Learning: In the lightspeed-stack codebase (lightspeed-core/lightspeed-stack), do not enforce de-duplication of duplicate client.models.list() calls in model selection flows (e.g., in src/utils/responses.py prepare_responses_params). These calls are considered relatively cheap and removing duplicates could add unnecessary complexity to the flow. Apply this guideline specifically to this file/context unless similar performance characteristics and design decisions are documented elsewhere.

Applied to files:

  • src/utils/responses.py
🪛 ast-grep (0.44.1)
tests/unit/utils/test_responses.py

[warning] 1613-1613: Do not make http calls without encryption
Context: "http://test"
Note: [CWE-319] Cleartext Transmission of Sensitive Information.

(requests-http)

🔇 Additional comments (10)
src/models/config.py (1)

2261-2277: LGTM!

docs/models/responses_succ.md (1)

1843-1850: LGTM!

docs/openapi.json (1)

18087-18093: LGTM!

docs/openapi.md (1)

8158-8165: LGTM!

docs/user_doc/config.md (1)

609-616: LGTM!

Also applies to: 826-832

docs/user_doc/byok_guide.md (1)

264-264: LGTM!

examples/lightspeed-stack-byok-okp-rag.yaml (1)

63-63: LGTM!

tests/unit/utils/test_responses.py (1)

1597-1637: LGTM!

Also applies to: 1702-1741, 1748-1841, 3031-3077

tests/integration/endpoints/test_query_integration.py (1)

694-702: 📐 Maintainability & Code Quality | 💤 Low value

Remove mocker from the docstring.

The mocker parameter was removed from the function signature but is still listed in the docstring.

📝 Proposed fix
         test_auth: noop authentication tuple
         patch_db_session: Test database session
-        mocker: pytest-mock fixture
.github/workflows/integration_tests.yaml (1)

18-26: LGTM!

Comment thread src/utils/responses.py
Comment on lines 129 to 131
async def get_vector_store_ids(
client: AsyncLlamaStackClient,
vector_store_ids: Optional[list[str]] = None,
) -> list[str]:

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

📐 Maintainability & Code Quality | 🔵 Trivial | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
# Description: Search for usages of get_vector_store_ids outside of its definition and tests.

rg -n -w 'get_vector_store_ids' -g '!tests/**' -g '!*test*.py'

Repository: lightspeed-core/lightspeed-stack

Length of output: 170


🏁 Script executed:

#!/bin/bash
set -euo pipefail

# Inspect the function definition and search all references, including tests and imports.
sed -n '1,220p' src/utils/responses.py
printf '\n--- REFERENCES ---\n'
rg -n -w 'get_vector_store_ids' .
printf '\n--- IMPORTS ---\n'
rg -n 'from\s+src\.utils\.responses\s+import|import\s+.*responses' . --glob '!**/__pycache__/**'

Repository: lightspeed-core/lightspeed-stack

Length of output: 9872


🏁 Script executed:

#!/bin/bash
set -euo pipefail

sed -n '3000,3095p' tests/unit/utils/test_responses.py

Repository: lightspeed-core/lightspeed-stack

Length of output: 3750


Remove get_vector_store_ids and its dedicated tests
No production code references this helper anymore, so it can be deleted along with TestGetVectorStoreIds.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/utils/responses.py` around lines 129 - 131, Delete the unused
get_vector_store_ids helper and remove its dedicated TestGetVectorStoreIds
tests. Verify no remaining references require updates, while leaving unrelated
response utilities and tests unchanged.

@Jazzcort

Copy link
Copy Markdown
Contributor Author

The Ad-hoc free disk space step helps us to pass integration test more consistently, but not sure if it's a right thing to do. We maybe need to optimize tests/integration/container_lifecycle/test_container_lifecycle.py so it doesn't consume too much disk space with all those podman commands. Might need some clean up process after each test case. 😁

@Jazzcort
Jazzcort force-pushed the normalize-tool-and-inlice-rag branch from d00eb6e to 3a48c84 Compare July 17, 2026 15:01
Jazzcort added 3 commits July 17, 2026 11:02
…nfigured

Previously, when neither rag.tool nor rag.inline were configured,
prepare_tools would fetch and register all vector stores from
llama-stack as a backward-compatibility fallback. This implicit
behavior is removed — tool RAG now requires explicit configuration
via rag.tool. Updated docs, config model, example YAML, and tests
to reflect the new behavior.
@Jazzcort
Jazzcort force-pushed the normalize-tool-and-inlice-rag branch 2 times, most recently from c118d26 to f678857 Compare July 17, 2026 15:03

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@tests/integration/container_lifecycle/test_container_lifecycle.py`:
- Around line 68-72: Update the container cleanup subprocess.run call in the
lifecycle fixture to remove the image referenced by the configured
LLAMA_STACK_IMAGE value rather than the hardcoded lightspeed-llama-stack:local
tag. Preserve the existing forced removal, output capture, and timeout behavior.
- Around line 68-77: Update the teardown cleanup sequence containing the
container runtime “rmi” and “image prune” subprocess.run calls to handle
TimeoutExpired and OSError independently, logging each exception at warning
level and continuing to the next cleanup step. Preserve visibility of non-zero
exit codes by warn-logging failed subprocess results instead of silently
ignoring them, so cleanup remains best-effort without aborting fixture teardown.
- Around line 68-77: Update the container lifecycle cleanup fixture around the
unconditional image removal so it only removes images created by the current
test session. Use a unique session-specific image tag or track created image
identifiers, and pass that ownership information to cleanup; preserve pruning
behavior while preventing deletion of pre-existing or concurrently used shared
images.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: b8cc2148-ea86-469e-87cf-74933e18b752

📥 Commits

Reviewing files that changed from the base of the PR and between d00eb6e and 3a48c84.

📒 Files selected for processing (1)
  • tests/integration/container_lifecycle/test_container_lifecycle.py
📜 Review details
⏰ Context from checks skipped due to timeout. (7)
  • GitHub Check: E2E Tests for Lightspeed Evaluation job
  • GitHub Check: E2E: library mode / ci / group 1
  • GitHub Check: E2E: library mode / ci / group 2
  • GitHub Check: E2E: library mode / ci / group 3
  • GitHub Check: E2E: server mode / ci / group 3
  • GitHub Check: E2E: server mode / ci / group 2
  • GitHub Check: E2E: server mode / ci / group 1
🧰 Additional context used
📓 Path-based instructions (5)
**/*

📄 CodeRabbit inference engine (Custom checks)

**/*: Flag meaningful O(n^2)+ algorithms on non-trivial inputs, including handlers and Kubernetes list operations.
Flag N+1 patterns that list items and then query once per item, including Kubernetes API and database access.
Flag expensive work inside loops, including API calls, JSON parsing, and regex compilation.
Flag unbounded growth in caches, watchers, or buffers when eviction or limits are missing.
Flag missing pagination or limits on list operations and API endpoints.
Flag secrets or tokens logged in plaintext or hardcoded in source.
Flag API endpoints missing authentication or authorization.
Flag injection vulnerabilities, including SQL injection, command injection, and path traversal.
Flag sensitive data leaked in API responses, WebSocket messages, or logs.
Flag Kubernetes Secrets and Red Hat secrets missing OwnerReferences.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

**/*.py: Use absolute imports for internal Python modules.
Start every module with a descriptive docstring and use logger = get_logger(__name__) for module logging.
Define shared constants in the central constants.py module, use descriptive comments, and annotate constants with Final[type].
Use complete type annotations for function parameters and return values, modern union syntax, and typing_extensions.Self for model validators.
Document all modules, classes, and functions using Google-style Python docstrings, including applicable Parameters, Returns, Raises, and Attributes sections.
Use descriptive snake_case, action-oriented function names such as get_, validate_, and check_.
Avoid modifying input parameters in place; return a newly created data structure instead.
Use async def for I/O operations and external API calls.
Use standard logger levels appropriately: debug for diagnostics, info for normal execution, warning for unexpected conditions, and error for serious failures.
Name classes with PascalCase and use descriptive suffixes such as Configuration, Error/Exception, Resolver, and Interface where applicable.
Use ABC and @abstractmethod for abstract interfaces; provide complete, specific type annotations for class attributes and avoid Any.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
tests/integration/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use pytest for all integration tests; do not use unittest.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
tests/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Maintain at least 60% unit-test coverage and 10% integration-test coverage.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
**/*.{py,yaml,yml,json,toml}

📄 CodeRabbit inference engine (AGENTS.md)

Never commit secrets or keys; use environment variables for sensitive data.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
🧠 Learnings (1)
📚 Learning: 2026-06-24T13:45:37.249Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 1971
File: src/utils/markdown_repair.py:31-36
Timestamp: 2026-06-24T13:45:37.249Z
Learning: In the lightspeed-stack repository, docstrings must use the section header name "Parameters:" (not "Args:") for function arguments, even if the project references Google Python docstring conventions. Ensure docstrings follow the project’s established "Parameters:" header format for any documented function parameters.

Applied to files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
🪛 ast-grep (0.44.1)
tests/integration/container_lifecycle/test_container_lifecycle.py

[error] 67-71: Command coming from incoming request
Context: subprocess.run(
[container_runtime, "rmi", "-f", "lightspeed-llama-stack:local"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)
Note: [CWE-78] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

(subprocess-from-request)


[error] 72-76: Command coming from incoming request
Context: subprocess.run(
[container_runtime, "image", "prune", "-f"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)
Note: [CWE-78] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

(subprocess-from-request)

🔇 Additional comments (2)
tests/integration/container_lifecycle/test_container_lifecycle.py (2)

56-56: 🎯 Functional Correctness

Use a complete generator annotation.

Generator[None] provides only the yield type, while Generator normally requires yield, send, and return types. Use Generator[None, None, None] or Iterator[None], after verifying the repository’s declared Python target.


55-56: 🎯 Functional Correctness

No scope mismatch here container_runtime is already session-scoped, so this fixture dependency is fine.

			> Likely an incorrect or invalid review comment.

Comment on lines +68 to +72
subprocess.run(
[container_runtime, "rmi", "-f", "lightspeed-llama-stack:local"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀 Performance & Scalability | 🟠 Major | ⚡ Quick win

Honor the configured image tag during cleanup.

The repository documents LLAMA_STACK_IMAGE as customizable, but this fixture always removes only lightspeed-llama-stack:local. A custom tagged image will survive because image prune does not remove tagged images.

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/container_lifecycle/test_container_lifecycle.py` around
lines 68 - 72, Update the container cleanup subprocess.run call in the lifecycle
fixture to remove the image referenced by the configured LLAMA_STACK_IMAGE value
rather than the hardcoded lightspeed-llama-stack:local tag. Preserve the
existing forced removal, output capture, and timeout behavior.

Comment on lines +68 to +77
subprocess.run(
[container_runtime, "rmi", "-f", "lightspeed-llama-stack:local"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)
subprocess.run(
[container_runtime, "image", "prune", "-f"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🩺 Stability & Availability | 🟠 Major | ⚡ Quick win

Make teardown cleanup best-effort.

subprocess.run can raise TimeoutExpired or OSError during teardown; if the first command times out, pruning is skipped and the test session may fail during fixture teardown. Catch cleanup exceptions, continue to the next cleanup step, and emit a warning instead of silently discarding non-zero exit codes. As per coding guidelines, unexpected cleanup failures should use warning-level logging.

🧰 Tools
🪛 ast-grep (0.44.1)

[error] 72-76: Command coming from incoming request
Context: subprocess.run(
[container_runtime, "image", "prune", "-f"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)
Note: [CWE-78] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

(subprocess-from-request)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/container_lifecycle/test_container_lifecycle.py` around
lines 68 - 77, Update the teardown cleanup sequence containing the container
runtime “rmi” and “image prune” subprocess.run calls to handle TimeoutExpired
and OSError independently, logging each exception at warning level and
continuing to the next cleanup step. Preserve visibility of non-zero exit codes
by warn-logging failed subprocess results instead of silently ignoring them, so
cleanup remains best-effort without aborting fixture teardown.

Source: Coding guidelines


🩺 Stability & Availability | 🟠 Major | 🏗️ Heavy lift

Do not force-remove an image the session does not own.

Because this autouse fixture unconditionally runs rmi -f, it can delete a pre-existing image or an image being used by another concurrent test session. Track images created by this session, use a unique test tag, or otherwise protect shared artifacts.

🧰 Tools
🪛 ast-grep (0.44.1)

[error] 72-76: Command coming from incoming request
Context: subprocess.run(
[container_runtime, "image", "prune", "-f"],
capture_output=True,
timeout=CONTAINER_CLEANUP_TIMEOUT,
)
Note: [CWE-78] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

(subprocess-from-request)

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/container_lifecycle/test_container_lifecycle.py` around
lines 68 - 77, Update the container lifecycle cleanup fixture around the
unconditional image removal so it only removes images created by the current
test session. Use a unique session-specific image tag or track created image
identifiers, and pass that ownership information to cleanup; preserve pruning
behavior while preventing deletion of pre-existing or concurrently used shared
images.

@Jazzcort
Jazzcort force-pushed the normalize-tool-and-inlice-rag branch from f678857 to 7d4dca6 Compare July 17, 2026 17:53

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (2)
tests/integration/endpoints/test_query_integration.py (1)

686-703: 📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

Update the docstring for explicit Tool RAG configuration.

It still describes vector-store discovery and documents the removed mocker parameter.

Proposed fix
-    """Test that tools are used when no_tools=False and vector stores are available.
+    """Test that tools are used when Tool RAG is explicitly configured.

-    - Tool preparation logic retrieves available tools
+    - Tool preparation resolves IDs configured in rag.tool
...
-    - Integration between query handler, vector stores, and tool preparation
+    - Integration between the query handler and configured tool preparation
...
-        mocker: pytest-mock fixture

As per coding guidelines, function docstrings must accurately document applicable parameters. <coding_guidelines>

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/endpoints/test_query_integration.py` around lines 686 -
703, Update the affected integration test’s docstring to describe explicit Tool
RAG configuration rather than vector-store discovery, and remove the obsolete
mocker parameter entry while retaining documentation for the parameters still
accepted by the test.

Source: Coding guidelines

src/utils/responses.py (1)

228-240: 📐 Maintainability & Code Quality | 🟠 Major | ⚡ Quick win

Use the repository-required Parameters: docstring header.

Proposed fix
-    Args:
+    Parameters:

Based on learnings, this repository requires Parameters: rather than Args:. <retrieved_learnings>

🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@src/utils/responses.py` around lines 228 - 240, Update the docstring for the
tool-preparation function containing the vector_store_ids, no_tools, token,
mcp_headers, and request_headers descriptions by replacing the Args: header with
the repository-required Parameters: header, leaving the parameter descriptions
unchanged.

Sources: Coding guidelines, Learnings

♻️ Duplicate comments (1)
tests/integration/container_lifecycle/test_container_lifecycle.py (1)

70-79: 🩺 Stability & Availability | 🟠 Major | ⚡ Quick win

Make teardown cleanup robust and honor the configured image tag.

The cleanup sequence currently hardcodes the image tag (lightspeed-llama-stack:local) instead of respecting the documented LLAMA_STACK_IMAGE configuration. Additionally, subprocess.run can raise subprocess.TimeoutExpired (since a timeout is provided) or OSError. If left unhandled, these exceptions will abort the pytest session teardown. Furthermore, non-zero exit codes are silently ignored because capture_output=True is used without checking the return code.

Wrap the calls in try...except, use os.environ.get() for the image tag, and log failures at the warning level to ensure best-effort cleanup.

🛠️ Proposed fix

Make sure import os is at the top of the file. Assuming logger is configured in the module as per coding guidelines, update the fixture as follows:

-    subprocess.run(
-        [container_runtime, "rmi", "-f", "lightspeed-llama-stack:local"],
-        capture_output=True,
-        timeout=IMAGE_CLEANUP_TIMEOUT,
-    )
-    subprocess.run(
-        [container_runtime, "image", "prune", "-f"],
-        capture_output=True,
-        timeout=DANGLING_IMAGES_CLEANUP_TIMEOUT,
-    )
+    image_tag = os.environ.get("LLAMA_STACK_IMAGE", "lightspeed-llama-stack:local")
+    
+    try:
+        res = subprocess.run(
+            [container_runtime, "rmi", "-f", image_tag],
+            capture_output=True,
+            timeout=IMAGE_CLEANUP_TIMEOUT,
+            text=True,
+        )
+        if res.returncode != 0:
+            logger.warning(f"Failed to remove image {image_tag}: {res.stderr}")
+    except Exception as e:
+        logger.warning(f"Error during image removal for {image_tag}: {e}")
+        
+    try:
+        res = subprocess.run(
+            [container_runtime, "image", "prune", "-f"],
+            capture_output=True,
+            timeout=DANGLING_IMAGES_CLEANUP_TIMEOUT,
+            text=True,
+        )
+        if res.returncode != 0:
+            logger.warning(f"Failed to prune dangling images: {res.stderr}")
+    except Exception as e:
+        logger.warning(f"Error during dangling image prune: {e}")
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@tests/integration/container_lifecycle/test_container_lifecycle.py` around
lines 70 - 79, Update the teardown cleanup around the container-runtime calls to
use the configured image tag from os.environ.get("LLAMA_STACK_IMAGE") instead of
the hardcoded value. Wrap both subprocess.run calls in handling for
subprocess.TimeoutExpired and OSError, check non-zero return codes, and log all
cleanup failures at warning level through the module logger so teardown remains
best-effort; add the os import if needed.

Source: Coding guidelines

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@src/utils/responses.py`:
- Around line 228-240: Update the docstring for the tool-preparation function
containing the vector_store_ids, no_tools, token, mcp_headers, and
request_headers descriptions by replacing the Args: header with the
repository-required Parameters: header, leaving the parameter descriptions
unchanged.

In `@tests/integration/endpoints/test_query_integration.py`:
- Around line 686-703: Update the affected integration test’s docstring to
describe explicit Tool RAG configuration rather than vector-store discovery, and
remove the obsolete mocker parameter entry while retaining documentation for the
parameters still accepted by the test.

---

Duplicate comments:
In `@tests/integration/container_lifecycle/test_container_lifecycle.py`:
- Around line 70-79: Update the teardown cleanup around the container-runtime
calls to use the configured image tag from os.environ.get("LLAMA_STACK_IMAGE")
instead of the hardcoded value. Wrap both subprocess.run calls in handling for
subprocess.TimeoutExpired and OSError, check non-zero return codes, and log all
cleanup failures at warning level through the module logger so teardown remains
best-effort; add the os import if needed.

ℹ️ Review info
⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4c680109-bd7e-4ea9-ae1b-541f11fa015b

📥 Commits

Reviewing files that changed from the base of the PR and between 3a48c84 and 7d4dca6.

📒 Files selected for processing (14)
  • docs/devel_doc/openapi.json
  • docs/devel_doc/openapi.md
  • docs/models/responses_succ.md
  • docs/user_doc/byok_guide.md
  • docs/user_doc/config.md
  • examples/lightspeed-stack-byok-okp-rag.yaml
  • src/models/config.py
  • src/utils/responses.py
  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/integration/endpoints/test_responses_byok_integration.py
  • tests/integration/endpoints/test_responses_integration.py
  • tests/unit/app/endpoints/test_responses.py
  • tests/unit/utils/test_responses.py
💤 Files with no reviewable changes (3)
  • tests/integration/endpoints/test_responses_byok_integration.py
  • tests/integration/endpoints/test_responses_integration.py
  • tests/unit/app/endpoints/test_responses.py
📜 Review details
⏰ Context from checks skipped due to timeout. (11)
  • GitHub Check: integration_tests (3.13)
  • GitHub Check: integration_tests (3.12)
  • GitHub Check: unit_tests (3.12)
  • GitHub Check: build-pr
  • GitHub Check: E2E: server mode / ci / group 3
  • GitHub Check: E2E: library mode / ci / group 3
  • GitHub Check: E2E: server mode / ci / group 2
  • GitHub Check: E2E: library mode / ci / group 1
  • GitHub Check: E2E: server mode / ci / group 1
  • GitHub Check: E2E: library mode / ci / group 2
  • GitHub Check: E2E Tests for Lightspeed Evaluation job
🧰 Additional context used
📓 Path-based instructions (8)
**/*

📄 CodeRabbit inference engine (Custom checks)

**/*: Flag meaningful O(n^2)+ algorithms on non-trivial inputs, including handlers and Kubernetes list operations.
Flag N+1 patterns that list items and then query once per item, including Kubernetes API and database access.
Flag expensive work inside loops, including API calls, JSON parsing, and regex compilation.
Flag unbounded growth in caches, watchers, or buffers when eviction or limits are missing.
Flag missing pagination or limits on list operations and API endpoints.
Flag secrets or tokens logged in plaintext or hardcoded in source.
Flag API endpoints missing authentication or authorization.
Flag injection vulnerabilities, including SQL injection, command injection, and path traversal.
Flag sensitive data leaked in API responses, WebSocket messages, or logs.
Flag Kubernetes Secrets and Red Hat secrets missing OwnerReferences.

Files:

  • docs/user_doc/byok_guide.md
  • docs/devel_doc/openapi.json
  • docs/models/responses_succ.md
  • examples/lightspeed-stack-byok-okp-rag.yaml
  • src/models/config.py
  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • docs/devel_doc/openapi.md
  • docs/user_doc/config.md
  • tests/integration/endpoints/test_query_integration.py
  • src/utils/responses.py
  • tests/unit/utils/test_responses.py
**/*.{py,yaml,yml,json,toml}

📄 CodeRabbit inference engine (AGENTS.md)

Never commit secrets or keys; use environment variables for sensitive data.

Files:

  • docs/devel_doc/openapi.json
  • examples/lightspeed-stack-byok-okp-rag.yaml
  • src/models/config.py
  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • tests/integration/endpoints/test_query_integration.py
  • src/utils/responses.py
  • tests/unit/utils/test_responses.py
**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

**/*.py: Use absolute imports for internal Python modules.
Start every module with a descriptive docstring and use logger = get_logger(__name__) for module logging.
Define shared constants in the central constants.py module, use descriptive comments, and annotate constants with Final[type].
Use complete type annotations for function parameters and return values, modern union syntax, and typing_extensions.Self for model validators.
Document all modules, classes, and functions using Google-style Python docstrings, including applicable Parameters, Returns, Raises, and Attributes sections.
Use descriptive snake_case, action-oriented function names such as get_, validate_, and check_.
Avoid modifying input parameters in place; return a newly created data structure instead.
Use async def for I/O operations and external API calls.
Use standard logger levels appropriately: debug for diagnostics, info for normal execution, warning for unexpected conditions, and error for serious failures.
Name classes with PascalCase and use descriptive suffixes such as Configuration, Error/Exception, Resolver, and Interface where applicable.
Use ABC and @abstractmethod for abstract interfaces; provide complete, specific type annotations for class attributes and avoid Any.

Files:

  • src/models/config.py
  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • tests/integration/endpoints/test_query_integration.py
  • src/utils/responses.py
  • tests/unit/utils/test_responses.py
src/models/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use ConfigurationBase for configuration Pydantic models and BaseModel for data models; use @model_validator and @field_validator for validation.

Files:

  • src/models/config.py
src/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Configuration models must extend ConfigurationBase, whose extra="forbid" behavior rejects unknown fields; use types such as Optional[FilePath], PositiveInt, and SecretStr where appropriate.

Files:

  • src/models/config.py
  • src/utils/responses.py
tests/integration/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use pytest for all integration tests; do not use unittest.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • tests/integration/endpoints/test_query_integration.py
tests/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Maintain at least 60% unit-test coverage and 10% integration-test coverage.

Files:

  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • tests/integration/endpoints/test_query_integration.py
  • tests/unit/utils/test_responses.py
tests/unit/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Use pytest for unit tests, shared fixtures in conftest.py, pytest-mock for mocks, and pytest.mark.asyncio for asynchronous tests; do not use unittest.

Files:

  • tests/unit/utils/test_responses.py
🧠 Learnings (6)
📚 Learning: 2026-05-20T08:09:30.641Z
Learnt from: max-svistunov
Repo: lightspeed-core/lightspeed-stack PR: 1580
File: docs/design/llama-stack-config-merge/poc-results/library-mode/synthesized-run.yaml:107-110
Timestamp: 2026-05-20T08:09:30.641Z
Learning: In Llama-stack config YAMLs, when defining a Llama Guard safety shield entry, set `provider_shield_id` to the *guard model identifier* (e.g., `meta-llama/Llama-Guard-3-8B`). Do not use a chat/generative model id (e.g., `openai/gpt-4o-mini`): a chat-model id (or `native_override`) indicates only an override landed and does **not** mean the safety shield is actually gating queries. Ensure any E2E coverage for the related implementation (JIRA/E2E tests) exercises a real Llama Guard model to verify that the shield is effective.

Applied to files:

  • examples/lightspeed-stack-byok-okp-rag.yaml
📚 Learning: 2026-01-12T10:58:40.230Z
Learnt from: blublinsky
Repo: lightspeed-core/lightspeed-stack PR: 972
File: src/models/config.py:459-513
Timestamp: 2026-01-12T10:58:40.230Z
Learning: In lightspeed-core/lightspeed-stack, for Python files under src/models, when a user claims a fix is done but the issue persists, verify the current code state before accepting the fix. Steps: review the diff, fetch the latest changes, run relevant tests, reproduce the issue, search the codebase for lingering references to the original problem, confirm the fix is applied and not undone by subsequent commits, and validate with local checks to ensure the issue is resolved.

Applied to files:

  • src/models/config.py
📚 Learning: 2026-02-25T07:46:33.545Z
Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1211
File: src/models/responses.py:8-16
Timestamp: 2026-02-25T07:46:33.545Z
Learning: In the Python codebase, requests.py should use OpenAIResponseInputTool as Tool while responses.py uses OpenAIResponseTool as Tool. This difference is intentional due to differing schemas for input vs output tools in llama-stack-api. Apply this distinction consistently to other models under src/models (e.g., ensure request-related tools use the InputTool variant and response-related tools use the ResponseTool variant). If adding new tools, choose the corresponding InputTool or Tool class based on whether the tool represents input or output, and document the rationale in code comments.

Applied to files:

  • src/models/config.py
📚 Learning: 2026-06-24T13:45:37.249Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 1971
File: src/utils/markdown_repair.py:31-36
Timestamp: 2026-06-24T13:45:37.249Z
Learning: In the lightspeed-stack repository, docstrings must use the section header name "Parameters:" (not "Args:") for function arguments, even if the project references Google Python docstring conventions. Ensure docstrings follow the project’s established "Parameters:" header format for any documented function parameters.

Applied to files:

  • src/models/config.py
  • tests/integration/container_lifecycle/test_container_lifecycle.py
  • tests/integration/endpoints/test_query_integration.py
  • src/utils/responses.py
  • tests/unit/utils/test_responses.py
📚 Learning: 2026-07-06T15:26:18.398Z
Learnt from: Jdubrick
Repo: lightspeed-core/lightspeed-stack PR: 2071
File: src/models/config.py:2416-2422
Timestamp: 2026-07-06T15:26:18.398Z
Learning: In this repo’s Python code under src/**, don’t treat differences in string concatenation style as a style inconsistency when Black has effectively forced (or made clearer) use of explicit `+` string concatenation in multi-line logger/string expressions. If adjacent-literal implicit concatenation is avoided/changed specifically to accommodate Black’s formatting in these call sites, accept the `+` usage and don’t recommend converting it solely for consistency with nearby blocks that use implicit concatenation.

Applied to files:

  • src/models/config.py
  • src/utils/responses.py
📚 Learning: 2026-02-23T14:56:59.186Z
Learnt from: asimurka
Repo: lightspeed-core/lightspeed-stack PR: 1198
File: src/utils/responses.py:184-192
Timestamp: 2026-02-23T14:56:59.186Z
Learning: In the lightspeed-stack codebase (lightspeed-core/lightspeed-stack), do not enforce de-duplication of duplicate client.models.list() calls in model selection flows (e.g., in src/utils/responses.py prepare_responses_params). These calls are considered relatively cheap and removing duplicates could add unnecessary complexity to the flow. Apply this guideline specifically to this file/context unless similar performance characteristics and design decisions are documented elsewhere.

Applied to files:

  • src/utils/responses.py
🪛 ast-grep (0.44.1)
tests/integration/container_lifecycle/test_container_lifecycle.py

[error] 69-73: Command coming from incoming request
Context: subprocess.run(
[container_runtime, "rmi", "-f", "lightspeed-llama-stack:local"],
capture_output=True,
timeout=IMAGE_CLEANUP_TIMEOUT,
)
Note: [CWE-78] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

(subprocess-from-request)


[error] 74-78: Command coming from incoming request
Context: subprocess.run(
[container_runtime, "image", "prune", "-f"],
capture_output=True,
timeout=DANGLING_IMAGES_CLEANUP_TIMEOUT,
)
Note: [CWE-78] Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

(subprocess-from-request)

tests/unit/utils/test_responses.py

[warning] 1613-1613: Do not make http calls without encryption
Context: "http://test"
Note: [CWE-319] Cleartext Transmission of Sensitive Information.

(requests-http)

🔇 Additional comments (12)
src/models/config.py (1)

2261-2262: LGTM!

Also applies to: 2277-2277

docs/models/responses_succ.md (1)

1843-1850: LGTM!

docs/devel_doc/openapi.md (1)

8158-8165: LGTM!

docs/devel_doc/openapi.json (1)

18087-18093: LGTM!

src/utils/responses.py (2)

129-155: Remove the now-unreferenced helper and its dedicated tests.

This remains covered by the previous review comment for Lines 129-131.


244-279: LGTM!

tests/unit/utils/test_responses.py (2)

3027-3077: Remove these tests with get_vector_store_ids.

Their removal is already covered by the previous review comment on the unused helper.


1035-1339: LGTM!

Also applies to: 1597-1637, 1702-1841, 3266-3283

docs/user_doc/config.md (1)

609-616: LGTM!

docs/user_doc/byok_guide.md (1)

264-264: LGTM!

examples/lightspeed-stack-byok-okp-rag.yaml (1)

63-63: LGTM!

tests/integration/endpoints/test_query_integration.py (1)

708-729: LGTM!

@Jazzcort
Jazzcort force-pushed the normalize-tool-and-inlice-rag branch from 7d4dca6 to 06cbdd2 Compare July 17, 2026 18:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant