diff --git a/docs/config.html b/docs/config.html index 25b89f93a..f6817a54d 100644 --- a/docs/config.html +++ b/docs/config.html @@ -176,6 +176,24 @@

Lightspeed Core Stack

📋 Configuration schema

+

APIKeyTokenConfiguration

+

API Key Token configuration.

+ + + + + + + + + + + + + + +
FieldTypeDescription
api_keystring +

AccessRule

Rule defining what actions a role can perform.

@@ -240,6 +258,11 @@

AuthenticationConfiguration

+ + +
api_key_config + +
rh_identity_config diff --git a/docs/config.md b/docs/config.md index b07bc7042..cdc65a5ba 100644 --- a/docs/config.md +++ b/docs/config.md @@ -7,6 +7,17 @@ +## APIKeyTokenConfiguration + + +API Key Token configuration. + + +| Field | Type | Description | +|-------|------|-------------| +| api_key | string | | + + ## AccessRule @@ -42,6 +53,7 @@ Authentication configuration. | k8s_cluster_api | string | | | k8s_ca_cert_path | string | | | jwk_config | | | +| api_key_config | | | | rh_identity_config | | | @@ -297,11 +309,11 @@ Useful resources: Model context protocol server configuration. -MCP (Model Context Protocol) servers provide tools and -capabilities to the AI agents. These are configured by this structure. -Only MCP servers defined in the lightspeed-stack.yaml configuration are -available to the agents. Tools configured in the llama-stack run.yaml -are not accessible to lightspeed-core agents. +MCP (Model Context Protocol) servers provide tools and capabilities to the +AI agents. These are configured by this structure. Only MCP servers +defined in the lightspeed-stack.yaml configuration are available to the +agents. Tools configured in the llama-stack run.yaml are not accessible to +lightspeed-core agents. Useful resources: @@ -322,9 +334,9 @@ Useful resources: PostgreSQL database configuration. -PostgreSQL database is used by Lightspeed Core Stack service for storing information about -conversation IDs. It can also be leveraged to store conversation history and information -about quota usage. +PostgreSQL database is used by Lightspeed Core Stack service for storing +information about conversation IDs. It can also be leveraged to store +conversation history and information about quota usage. Useful resources: @@ -437,10 +449,10 @@ SQLite database configuration. Service configuration. -Lightspeed Core Stack is a REST API service that accepts requests -on a specified hostname and port. It is also possible to enable -authentication and specify the number of Uvicorn workers. When more -workers are specified, the service can handle requests concurrently. +Lightspeed Core Stack is a REST API service that accepts requests on a +specified hostname and port. It is also possible to enable authentication +and specify the number of Uvicorn workers. When more workers are specified, +the service can handle requests concurrently. | Field | Type | Description | diff --git a/docs/config.png b/docs/config.png index ad7b86ca2..8ec2bb6a1 100644 Binary files a/docs/config.png and b/docs/config.png differ diff --git a/docs/config.puml b/docs/config.puml index c4b67a8c4..3be4801b7 100644 --- a/docs/config.puml +++ b/docs/config.puml @@ -1,5 +1,8 @@ @startuml classes set namespaceSeparator none +class "APIKeyTokenConfiguration" as src.models.config.APIKeyTokenConfiguration { + api_key +} class "AccessRule" as src.models.config.AccessRule { actions : list[Action] role : str @@ -8,6 +11,8 @@ class "Action" as src.models.config.Action { name } class "AuthenticationConfiguration" as src.models.config.AuthenticationConfiguration { + api_key_config : Optional[APIKeyTokenConfiguration] + api_key_configuration jwk_config : Optional[JwkConfiguration] jwk_configuration k8s_ca_cert_path : Optional[FilePath] @@ -184,6 +189,7 @@ class "UserDataCollection" as src.models.config.UserDataCollection { transcripts_storage : Optional[str] check_storage_location_is_set_when_needed() -> Self } +src.models.config.APIKeyTokenConfiguration --|> src.models.config.ConfigurationBase src.models.config.AccessRule --|> src.models.config.ConfigurationBase src.models.config.AuthenticationConfiguration --|> src.models.config.ConfigurationBase src.models.config.AuthorizationConfiguration --|> src.models.config.ConfigurationBase diff --git a/docs/config.svg b/docs/config.svg index 23e86421f..bfd0ef2d0 100644 --- a/docs/config.svg +++ b/docs/config.svg @@ -1,609 +1,626 @@ - + + + + + + + APIKeyTokenConfiguration + + api_key + + - - - - AccessRule - - actions : list[Action] - role : str - + + + + AccessRule + + actions : list[Action] + role : str + - - - - Action - - name - + + + + Action + + name + - - - - AuthenticationConfiguration - - jwk_config : Optional[JwkConfiguration] - jwk_configuration - k8s_ca_cert_path : Optional[FilePath] - k8s_cluster_api : Optional[AnyHttpUrl] - module : str - rh_identity_config : Optional[RHIdentityConfiguration] - rh_identity_configuration - skip_tls_verification : bool - - check_authentication_model() -> Self + + + + AuthenticationConfiguration + + api_key_config : Optional[APIKeyTokenConfiguration] + api_key_configuration + jwk_config : Optional[JwkConfiguration] + jwk_configuration + k8s_ca_cert_path : Optional[FilePath] + k8s_cluster_api : Optional[AnyHttpUrl] + module : str + rh_identity_config : Optional[RHIdentityConfiguration] + rh_identity_configuration + skip_tls_verification : bool + + check_authentication_model() -> Self - - - - AuthorizationConfiguration - - access_rules : list[AccessRule] - + + + + AuthorizationConfiguration + + access_rules : list[AccessRule] + - - - - ByokRag - - db_path - embedding_dimension - embedding_model : str - rag_id : str - rag_type : str - vector_db_id : str - + + + + ByokRag + + db_path + embedding_dimension + embedding_model : str + rag_id : str + rag_type : str + vector_db_id : str + - - - - CORSConfiguration - - allow_credentials : bool - allow_headers : list[str] - allow_methods : list[str] - allow_origins : list[str] - - check_cors_configuration() -> Self + + + + CORSConfiguration + + allow_credentials : bool + allow_headers : list[str] + allow_methods : list[str] + allow_origins : list[str] + + check_cors_configuration() -> Self - - - - Configuration - - authentication - authorization : Optional[AuthorizationConfiguration] - byok_rag : list[ByokRag] - conversation_cache - customization : Optional[Customization] - database - inference - llama_stack - mcp_servers : list[ModelContextProtocolServer] - name : str - quota_handlers - service - user_data_collection - - dump(filename: str) -> None + + + + Configuration + + authentication + authorization : Optional[AuthorizationConfiguration] + byok_rag : list[ByokRag] + conversation_cache + customization : Optional[Customization] + database + inference + llama_stack + mcp_servers : list[ModelContextProtocolServer] + name : str + quota_handlers + service + user_data_collection + + dump(filename: str) -> None - - - - ConfigurationBase - - model_config - + + + + ConfigurationBase + + model_config + - - - - ConversationHistoryConfiguration - - memory : Optional[InMemoryCacheConfig] - postgres : Optional[PostgreSQLDatabaseConfiguration] - sqlite : Optional[SQLiteDatabaseConfiguration] - type : Literal['noop', 'memory', 'sqlite', 'postgres'] | None - - check_cache_configuration() -> Self + + + + ConversationHistoryConfiguration + + memory : Optional[InMemoryCacheConfig] + postgres : Optional[PostgreSQLDatabaseConfiguration] + sqlite : Optional[SQLiteDatabaseConfiguration] + type : Literal['noop', 'memory', 'sqlite', 'postgres'] | None + + check_cache_configuration() -> Self - - - - CustomProfile - - path : str - prompts : dict[str, str] - - get_prompts() -> dict[str, str] + + + + CustomProfile + + path : str + prompts : dict[str, str] + + get_prompts() -> dict[str, str] - - - - Customization - - custom_profile : Optional[CustomProfile] - disable_query_system_prompt : bool - profile_path : Optional[str] - system_prompt : Optional[str] - system_prompt_path : Optional[FilePath] - - check_customization_model() -> Self + + + + Customization + + custom_profile : Optional[CustomProfile] + disable_query_system_prompt : bool + profile_path : Optional[str] + system_prompt : Optional[str] + system_prompt_path : Optional[FilePath] + + check_customization_model() -> Self - - - - DatabaseConfiguration - - config - db_type - postgres : Optional[PostgreSQLDatabaseConfiguration] - sqlite : Optional[SQLiteDatabaseConfiguration] - - check_database_configuration() -> Self + + + + DatabaseConfiguration + + config + db_type + postgres : Optional[PostgreSQLDatabaseConfiguration] + sqlite : Optional[SQLiteDatabaseConfiguration] + + check_database_configuration() -> Self - - - - InMemoryCacheConfig - - max_entries - + + + + InMemoryCacheConfig + + max_entries + - - - - InferenceConfiguration - - default_model : Optional[str] - default_provider : Optional[str] - - check_default_model_and_provider() -> Self + + + + InferenceConfiguration + + default_model : Optional[str] + default_provider : Optional[str] + + check_default_model_and_provider() -> Self - - - - JsonPathOperator - - name - + + + + JsonPathOperator + + name + - - - - JwkConfiguration - - jwt_configuration - url - + + + + JwkConfiguration + + jwt_configuration + url + - - - - JwtConfiguration - - role_rules : list[JwtRoleRule] - user_id_claim : str - username_claim : str - + + + + JwtConfiguration + + role_rules : list[JwtRoleRule] + user_id_claim : str + username_claim : str + - - - - JwtRoleRule - - compiled_regex - jsonpath : str - negate : bool - operator - roles : list[str] - value : Any - - check_jsonpath() -> Self - check_regex_pattern() -> Self - check_roles() -> Self + + + + JwtRoleRule + + compiled_regex + jsonpath : str + negate : bool + operator + roles : list[str] + value : Any + + check_jsonpath() -> Self + check_regex_pattern() -> Self + check_roles() -> Self - - - - LlamaStackConfiguration - - api_key : Optional[SecretStr] - library_client_config_path : Optional[str] - url : Optional[str] - use_as_library_client : Optional[bool] - - check_llama_stack_model() -> Self + + + + LlamaStackConfiguration + + api_key : Optional[SecretStr] + library_client_config_path : Optional[str] + url : Optional[str] + use_as_library_client : Optional[bool] + + check_llama_stack_model() -> Self - - - - ModelContextProtocolServer - - name : str - provider_id : str - url : str - + + + + ModelContextProtocolServer + + name : str + provider_id : str + url : str + - - - - PostgreSQLDatabaseConfiguration - - ca_cert_path : Optional[FilePath] - db : str - gss_encmode : str - host : str - namespace : Optional[str] - password - port - ssl_mode : str - user : str - - check_postgres_configuration() -> Self + + + + PostgreSQLDatabaseConfiguration + + ca_cert_path : Optional[FilePath] + db : str + gss_encmode : str + host : str + namespace : Optional[str] + password + port + ssl_mode : str + user : str + + check_postgres_configuration() -> Self - - - - QuotaHandlersConfiguration - - enable_token_history : bool - limiters : list[QuotaLimiterConfiguration] - postgres : Optional[PostgreSQLDatabaseConfiguration] - scheduler - sqlite : Optional[SQLiteDatabaseConfiguration] - + + + + QuotaHandlersConfiguration + + enable_token_history : bool + limiters : list[QuotaLimiterConfiguration] + postgres : Optional[PostgreSQLDatabaseConfiguration] + scheduler + sqlite : Optional[SQLiteDatabaseConfiguration] + - - - - QuotaLimiterConfiguration - - initial_quota - name : str - period : str - quota_increase - type : Literal['user_limiter', 'cluster_limiter'] - + + + + QuotaLimiterConfiguration + + initial_quota + name : str + period : str + quota_increase + type : Literal['user_limiter', 'cluster_limiter'] + - - - - QuotaSchedulerConfiguration - - period - + + + + QuotaSchedulerConfiguration + + period + - - - - RHIdentityConfiguration - - required_entitlements : Optional[list[str]] - + + + + RHIdentityConfiguration + + required_entitlements : Optional[list[str]] + - - - - SQLiteDatabaseConfiguration - - db_path : str - + + + + SQLiteDatabaseConfiguration + + db_path : str + - - - - ServiceConfiguration - - access_log : bool - auth_enabled : bool - color_log : bool - cors - host : str - port - tls_config - workers - - check_service_configuration() -> Self + + + + ServiceConfiguration + + access_log : bool + auth_enabled : bool + color_log : bool + cors + host : str + port + tls_config + workers + + check_service_configuration() -> Self - - - - TLSConfiguration - - tls_certificate_path : Optional[FilePath] - tls_key_password : Optional[FilePath] - tls_key_path : Optional[FilePath] - - check_tls_configuration() -> Self + + + + TLSConfiguration + + tls_certificate_path : Optional[FilePath] + tls_key_password : Optional[FilePath] + tls_key_path : Optional[FilePath] + + check_tls_configuration() -> Self - - - - UserDataCollection - - feedback_enabled : bool - feedback_storage : Optional[str] - transcripts_enabled : bool - transcripts_storage : Optional[str] - - check_storage_location_is_set_when_needed() -> Self + + + + UserDataCollection + + feedback_enabled : bool + feedback_storage : Optional[str] + transcripts_enabled : bool + transcripts_storage : Optional[str] + + check_storage_location_is_set_when_needed() -> Self + + + + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - - authentication + + + authentication - - - cors + + + cors - - - conversation_cache + + + conversation_cache - - - custom_profile + + + custom_profile - - - database + + + database - - - inference + + + inference - - - operator + + + operator - - - jwt_configuration + + + jwt_configuration - - - llama_stack + + + llama_stack - - - quota_handlers + + + quota_handlers - - - scheduler + + + scheduler - - - sqlite + + + sqlite - - - service + + + service - - - tls_config + + + tls_config - - - user_data_collection + + + user_data_collection - +