stacklok
diff --git a/‎Dockerfile‎
Lines changed: 60 additions & 0 deletions b/‎Dockerfile‎
Lines changed: 60 additions & 0 deletions
diff --git a/‎Makefile‎
Lines changed: 6 additions & 0 deletions b/‎Makefile‎
Lines changed: 6 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 16 additions & 0 deletions b/‎README.md‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎src/codegate/pipeline/fim/secret_analyzer.py‎
Lines changed: 52 additions & 0 deletions b/‎src/codegate/pipeline/fim/secret_analyzer.py‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎src/codegate/providers/anthropic/adapter.py‎
Lines changed: 15 additions & 25 deletions b/‎src/codegate/providers/anthropic/adapter.py‎
Lines changed: 15 additions & 25 deletions
diff --git a/‎src/codegate/providers/anthropic/completion_handler.py‎
Lines changed: 33 additions & 0 deletions b/‎src/codegate/providers/anthropic/completion_handler.py‎
Lines changed: 33 additions & 0 deletions
diff --git a/‎src/codegate/providers/anthropic/provider.py‎
Lines changed: 20 additions & 8 deletions b/‎src/codegate/providers/anthropic/provider.py‎
Lines changed: 20 additions & 8 deletions
@@ -0,0 +1,60 @@
+# Builder stage: Install dependencies and build the application
+FROM python:3.12-slim AS builder
+
+# Install system dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gcc \
+    g++ \
+    && rm -rf /var/lib/apt/lists/*
+
+# Set environment variable to ensure Python modules are installed in the correct location
+ENV PYTHONPATH=/app
+
+# Install Poetry
+RUN pip install poetry==1.8.4
+
+# Create a non-root user and switch to it
+RUN adduser --system --no-create-home codegate --uid 1000
+
+# Set the working directory
+WORKDIR /app
+
+# Copy only the files needed for installing dependencies
+COPY pyproject.toml poetry.lock* /app/
+
+# Configure Poetry and install dependencies
+RUN poetry config virtualenvs.create false && \
+    poetry install --no-dev
+
+# Copy the rest of the application
+COPY . /app
+
+# Runtime stage: Create the final lightweight image
+FROM python:3.12-slim AS runtime
+
+# Install runtime system dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libgomp1 \
+    && rm -rf /var/lib/apt/lists/*
+
+# Create a non-root user and switch to it
+RUN adduser --system --no-create-home codegate --uid 1000
+USER codegate
+
+# Copy necessary artifacts from the builder stage
+COPY --from=builder /usr/local/lib/python3.12/site-packages /usr/local/lib/python3.12/site-packages
+COPY --from=builder /app /app
+
+# Set the working directory
+WORKDIR /app
+
+# Set the PYTHONPATH environment variable
+ENV PYTHONPATH=/app/src
+
+# Allow to expose weaviate_data volume
+VOLUME ["/app/weaviate_data"]
+
+# Set the container's default entrypoint
+EXPOSE 8989
+#ENTRYPOINT ["python", "-m", "src.codegate.cli", "serve", "--port", "8989", "--host", "0.0.0.0"]
+CMD ["python", "-m", "src.codegate.cli", "serve", "--port", "8989", "--host", "0.0.0.0"]
@@ -1,4 +1,6 @@
 .PHONY: clean install format lint test security build all
+CONTAINER_BUILD?=docker buildx build
+VER?=0.1.0
 
 clean:
 	rm -rf build/
@@ -27,4 +29,8 @@ security:
 build: clean test
 	poetry build
 
+image-build:
+	$(CONTAINER_BUILD) -f Dockerfile -t codegate . -t ghcr.io/stacklok/codegate:$(VER) --load
+
+
 all: clean install format lint test security build
@@ -108,3 +108,19 @@ pip install -e ".[dev]"
 ```bash
 pytest
 ```
+
+
+### Running from image
+
+A docker image can be built just with `make image-build`. That will start a codegate server ready to use.
+Then it can be started with:
+
+```bash
+docker run -p 8989:8989 codegate:latest
+```
+
+Additionally if you want to start with a pre-created database, a volume can be mounted:
+
+```bash
+docker run -p 8989:8989 -v /path/to/volume:/app/weaviate_data codegate:latest
+```
@@ -0,0 +1,52 @@
+from litellm import ChatCompletionRequest
+
+from codegate.codegate_logging import setup_logging
+from codegate.pipeline.base import PipelineContext, PipelineResponse, PipelineResult, PipelineStep
+
+logger = setup_logging()
+
+
+class SecretAnalyzer(PipelineStep):
+    """Pipeline step that handles analyzing secrets in FIM pipeline."""
+
+    message_blocked = """
+        ⚠️ CodeGate Security Warning! Analysis Report ⚠️
+        Potential leak of sensitive credentials blocked
+
+        Recommendations:
+        - Use environment variables for secrets
+    """
+
+    @property
+    def name(self) -> str:
+        """
+        Returns the name of this pipeline step.
+
+        Returns:
+            str: The identifier 'fim-secret-analyzer'
+        """
+        return "fim-secret-analyzer"
+
+    async def process(
+            self,
+            request: ChatCompletionRequest,
+            context: PipelineContext
+    ) -> PipelineResult:
+        # We should call here Secrets Blocking module to see if the request messages contain secrets
+        # messages_contain_secrets = [analyze_msg_secrets(msg) for msg in request.messages]
+        # message_with_secrets = any(messages_contain_secretes)
+
+        # For the moment to test shortcutting just treat all messages as if they contain secrets
+        message_with_secrets = False
+        if message_with_secrets:
+            logger.info('Blocking message with secrets.')
+            return PipelineResult(
+                response=PipelineResponse(
+                    step_name=self.name,
+                    content=self.message_blocked,
+                    model=request["model"],
+                ),
+            )
+
+        # No messages with secrets, execute the rest of the pipeline
+        return PipelineResult(request=request)
@@ -1,40 +1,30 @@
-from typing import Any, Dict, Optional
-
-from litellm import AdapterCompletionStreamWrapper, ChatCompletionRequest, ModelResponse
 from litellm.adapters.anthropic_adapter import (
     AnthropicAdapter as LitellmAnthropicAdapter,
 )
-from litellm.types.llms.anthropic import AnthropicResponse
 
-from codegate.providers.base import StreamGenerator
-from codegate.providers.litellmshim import BaseAdapter, anthropic_stream_generator
+from codegate.providers.litellmshim.adapter import (
+    LiteLLMAdapterInputNormalizer,
+    LiteLLMAdapterOutputNormalizer,
+)
 
 
-class AnthropicAdapter(BaseAdapter):
+class AnthropicInputNormalizer(LiteLLMAdapterInputNormalizer):
     """
     LiteLLM's adapter class interface is used to translate between the Anthropic data
     format and the underlying model. The AnthropicAdapter class contains the actual
     implementation of the interface methods, we just forward the calls to it.
     """
 
-    def __init__(self, stream_generator: StreamGenerator = anthropic_stream_generator):
-        self.litellm_anthropic_adapter = LitellmAnthropicAdapter()
-        super().__init__(stream_generator)
+    def __init__(self):
+        super().__init__(LitellmAnthropicAdapter())
 
-    def translate_completion_input_params(
-        self,
-        completion_request: Dict,
-    ) -> Optional[ChatCompletionRequest]:
-        return self.litellm_anthropic_adapter.translate_completion_input_params(completion_request)
 
-    def translate_completion_output_params(
-        self, response: ModelResponse
-    ) -> Optional[AnthropicResponse]:
-        return self.litellm_anthropic_adapter.translate_completion_output_params(response)
+class AnthropicOutputNormalizer(LiteLLMAdapterOutputNormalizer):
+    """
+    LiteLLM's adapter class interface is used to translate between the Anthropic data
+    format and the underlying model. The AnthropicAdapter class contains the actual
+    implementation of the interface methods, we just forward the calls to it.
+    """
 
-    def translate_completion_output_params_streaming(
-        self, completion_stream: Any
-    ) -> AdapterCompletionStreamWrapper | None:
-        return self.litellm_anthropic_adapter.translate_completion_output_params_streaming(
-            completion_stream
-        )
+    def __init__(self):
+        super().__init__(LitellmAnthropicAdapter())
@@ -0,0 +1,33 @@
+from typing import AsyncIterator, Optional, Union
+
+from litellm import ChatCompletionRequest, ModelResponse
+
+from codegate.providers.litellmshim import LiteLLmShim
+
+
+class AnthropicCompletion(LiteLLmShim):
+    """
+    AnthropicCompletion used by the Anthropic provider to execute completions
+    """
+
+    async def execute_completion(
+        self,
+        request: ChatCompletionRequest,
+        api_key: Optional[str],
+        stream: bool = False,
+    ) -> Union[ModelResponse, AsyncIterator[ModelResponse]]:
+        """
+        Ensures the model name is prefixed with 'anthropic/' to explicitly route to Anthropic's API.
+
+        LiteLLM automatically maps most model names, but prepending 'anthropic/' forces the request
+        to Anthropic.  This avoids issues with unrecognized names like 'claude-3-5-sonnet-latest',
+        which LiteLLM doesn't accept as a valid Anthropic model. This safeguard may be unnecessary
+        but ensures compatibility.
+
+        For more details, refer to the
+        [LiteLLM Documentation](https://docs.litellm.ai/docs/providers/anthropic).
+        """
+        model_in_request = request['model']
+        if not model_in_request.startswith('anthropic/'):
+            request['model'] = f'anthropic/{model_in_request}'
+        return await super().execute_completion(request, api_key, stream)
@@ -1,17 +1,28 @@
 import json
+from typing import Optional
 
 from fastapi import Header, HTTPException, Request
 
-from codegate.providers.anthropic.adapter import AnthropicAdapter
-from codegate.providers.base import BaseProvider
-from codegate.providers.litellmshim import LiteLLmShim
+from codegate.providers.anthropic.adapter import AnthropicInputNormalizer, AnthropicOutputNormalizer
+from codegate.providers.anthropic.completion_handler import AnthropicCompletion
+from codegate.providers.base import BaseProvider, SequentialPipelineProcessor
+from codegate.providers.litellmshim import anthropic_stream_generator
 
 
 class AnthropicProvider(BaseProvider):
-    def __init__(self, pipeline_processor=None):
-        adapter = AnthropicAdapter()
-        completion_handler = LiteLLmShim(adapter)
-        super().__init__(completion_handler, pipeline_processor)
+    def __init__(
+                self,
+                pipeline_processor: Optional[SequentialPipelineProcessor] = None,
+                fim_pipeline_processor: Optional[SequentialPipelineProcessor] = None
+            ):
+        completion_handler = AnthropicCompletion(stream_generator=anthropic_stream_generator)
+        super().__init__(
+            AnthropicInputNormalizer(),
+            AnthropicOutputNormalizer(),
+            completion_handler,
+            pipeline_processor,
+            fim_pipeline_processor
+        )
 
     @property
     def provider_route_name(self) -> str:
@@ -35,5 +46,6 @@ async def create_message(
             body = await request.body()
             data = json.loads(body)
 
-            stream = await self.complete(data, x_api_key)
+            is_fim_request = self._is_fim_request(request, data)
+            stream = await self.complete(data, x_api_key, is_fim_request)
             return self._completion_handler.create_streaming_response(stream)