feat: optimize config valid for runtime auth (#28)

cuericlee · web-flow · commit 037705342744 · 2025-12-16T11:58:48.000+08:00
diff --git a/agentkit/toolkit/cli/cli_config.py b/agentkit/toolkit/cli/cli_config.py
@@ -119,6 +119,11 @@ def config_command(
     cr_repo_name: Optional[str] = typer.Option(
         None, "--cr_repo_name", "--ve_cr_repo_name", help="CR repository name"
     ),
+    cr_auto_create_instance_type: Optional[str] = typer.Option(
+        None,
+        "--cr_auto_create_instance_type",
+        help="CR instance type when auto-creating: Micro/Enterprise",
+    ),
     # Runtime configuration parameters
     runtime_name: Optional[str] = typer.Option(
         None, "--runtime_name", "--ve_runtime_name", help="Runtime instance name"
@@ -135,6 +140,21 @@ def config_command(
         "--ve_runtime_apikey_name",
         help="Runtime API key secret name",
     ),
+    runtime_auth_type: Optional[str] = typer.Option(
+        None,
+        "--runtime_auth_type",
+        help="Runtime authentication type: key_auth/custom_jwt",
+    ),
+    runtime_jwt_discovery_url: Optional[str] = typer.Option(
+        None,
+        "--runtime_jwt_discovery_url",
+        help="OIDC Discovery URL when runtime_auth_type is custom_jwt",
+    ),
+    runtime_jwt_allowed_clients: Optional[List[str]] = typer.Option(
+        None,
+        "--runtime_jwt_allowed_clients",
+        help="Allowed OAuth2 client IDs when runtime_auth_type is custom_jwt (can be used multiple times)",
+    ),
 ):
     """Configure AgentKit (supports interactive and non-interactive modes).
     
@@ -227,9 +247,13 @@ def config_command(
             cr_instance_name=cr_instance_name,
             cr_namespace_name=cr_namespace_name,
             cr_repo_name=cr_repo_name,
+            cr_auto_create_instance_type=cr_auto_create_instance_type,
             runtime_name=runtime_name,
             runtime_role_name=runtime_role_name,
             runtime_apikey_name=runtime_apikey_name,
+            runtime_auth_type=runtime_auth_type,
+            runtime_jwt_discovery_url=runtime_jwt_discovery_url,
+            runtime_jwt_allowed_clients=runtime_jwt_allowed_clients,
         )
 
         has_cli_params = ConfigParamHandler.has_cli_params(cli_params)
diff --git a/agentkit/toolkit/cli/interactive_config.py b/agentkit/toolkit/cli/interactive_config.py
@@ -307,6 +307,15 @@ def _prompt_for_field(
                 if len(args) == 2 and type(None) in args:
                     field_type = args[0]
 
+        prompt_condition = metadata.get("prompt_condition")
+        if prompt_condition:
+            depends_on = prompt_condition.get("depends_on")
+            expected_values = prompt_condition.get("values", [])
+            if depends_on and expected_values:
+                depend_value = current_config.get(depends_on)
+                if depend_value not in expected_values:
+                    return current_config.get(name, default)
+
         if get_origin(field_type) is list or field_type is List:
             return self._handle_list(description, default, metadata, current, total)
 
@@ -327,7 +336,6 @@ def _prompt_for_field(
             description, metadata, current_config
         )
 
-        # Conditional validation loop
         validation = metadata.get("validation", {})
         while True:
             # Call specific input handler (basic validation)
@@ -339,8 +347,7 @@ def _prompt_for_field(
                     enhanced_description, default, metadata, current, total
                 )
 
-            # If conditional validation type, perform conditional validation
-            if validation.get("type") == "conditional" and value:
+            if validation.get("type") == "conditional":
                 errors = self._validate_conditional_value(
                     name, value, validation, current_config
                 )
@@ -428,7 +435,11 @@ def _validate_conditional_value(
         if depend_value and depend_value in rules:
             rule = rules[depend_value]
 
-            # choices validation
+            if rule.get("required") and (
+                not value or (isinstance(value, str) and not value.strip())
+            ):
+                errors.append("This field cannot be empty")
+
             if "choices" in rule and value not in rule["choices"]:
                 msg = rule.get(
                     "message", f"Must be one of: {', '.join(rule['choices'])}"
diff --git a/agentkit/toolkit/config/config_handler.py b/agentkit/toolkit/config/config_handler.py
@@ -81,9 +81,13 @@ def collect_cli_params(
         cr_instance_name: Optional[str],
         cr_namespace_name: Optional[str],
         cr_repo_name: Optional[str],
+        cr_auto_create_instance_type: Optional[str],
         runtime_name: Optional[str],
         runtime_role_name: Optional[str],
         runtime_apikey_name: Optional[str],
+        runtime_auth_type: Optional[str],
+        runtime_jwt_discovery_url: Optional[str],
+        runtime_jwt_allowed_clients: Optional[List[str]],
     ) -> Dict[str, Any]:
         """Collect all CLI parameters.
 
@@ -144,12 +148,22 @@ def collect_cli_params(
             strategy_params["cr_namespace_name"] = cr_namespace_name
         if cr_repo_name is not None:
             strategy_params["cr_repo_name"] = cr_repo_name
+        if cr_auto_create_instance_type is not None:
+            strategy_params["cr_auto_create_instance_type"] = (
+                cr_auto_create_instance_type
+            )
         if runtime_name is not None:
             strategy_params["runtime_name"] = runtime_name
         if runtime_role_name is not None:
             strategy_params["runtime_role_name"] = runtime_role_name
         if runtime_apikey_name is not None:
             strategy_params["runtime_apikey_name"] = runtime_apikey_name
+        if runtime_auth_type is not None:
+            strategy_params["runtime_auth_type"] = runtime_auth_type
+        if runtime_jwt_discovery_url is not None:
+            strategy_params["runtime_jwt_discovery_url"] = runtime_jwt_discovery_url
+        if runtime_jwt_allowed_clients is not None:
+            strategy_params["runtime_jwt_allowed_clients"] = runtime_jwt_allowed_clients
 
         return {"common": common_params, "strategy": strategy_params}
 
@@ -230,6 +244,34 @@ def update_config(
                 else:
                     new_strategy_config[key] = value
 
+            strategy_obj = None
+            if strategy_name == "local":
+                from agentkit.toolkit.config import LocalStrategyConfig
+
+                strategy_obj = LocalStrategyConfig.from_dict(
+                    new_strategy_config, skip_render=True
+                )
+            elif strategy_name == "cloud":
+                from agentkit.toolkit.config import CloudStrategyConfig
+
+                strategy_obj = CloudStrategyConfig.from_dict(
+                    new_strategy_config, skip_render=True
+                )
+            elif strategy_name == "hybrid":
+                from agentkit.toolkit.config import HybridStrategyConfig
+
+                strategy_obj = HybridStrategyConfig.from_dict(
+                    new_strategy_config, skip_render=True
+                )
+
+            if strategy_obj is not None:
+                strategy_errors = self.validator.validate_dataclass(strategy_obj)
+                if strategy_errors:
+                    console.print("[red]Configuration validation failed:[/red]")
+                    for error in strategy_errors:
+                        console.print(f"  [red]✗[/red] {error}")
+                    return False
+
             self._show_config_changes(
                 old_strategy_config,
                 new_strategy_config,
diff --git a/agentkit/toolkit/config/config_validator.py b/agentkit/toolkit/config/config_validator.py
@@ -16,7 +16,7 @@
 
 import re
 from typing import List, Any
-from dataclasses import fields
+from dataclasses import fields, is_dataclass
 
 from agentkit.toolkit.config.config import CommonConfig
 
@@ -82,7 +82,59 @@ def validate_common_config(config: CommonConfig) -> List[str]:
         return errors
 
     @staticmethod
-    def _validate_conditional_fields(config: CommonConfig) -> List[str]:
+    def validate_dataclass(config: Any) -> List[str]:
+        if not is_dataclass(config):
+            return []
+
+        errors: List[str] = []
+
+        for field in fields(config):
+            if field.name.startswith("_"):
+                continue
+
+            validation = field.metadata.get("validation", {})
+
+            if validation.get("type") == "conditional":
+                continue
+
+            value = getattr(config, field.name)
+
+            if validation.get("required") and (
+                not value or (isinstance(value, str) and not value.strip())
+            ):
+                desc = field.metadata.get("description", field.name)
+                errors.append(f"{desc} is required")
+                continue
+
+            pattern = validation.get("pattern")
+            if pattern and value and isinstance(value, str):
+                if not re.match(pattern, value):
+                    desc = field.metadata.get("description", field.name)
+                    msg = validation.get("message", "Invalid format")
+                    errors.append(f"{desc}: {msg}")
+
+            choices = field.metadata.get("choices")
+            if choices and value:
+                valid_values = []
+                if isinstance(choices, list):
+                    if choices and isinstance(choices[0], dict):
+                        valid_values = [c["value"] for c in choices]
+                    else:
+                        valid_values = choices
+
+                if valid_values and value not in valid_values:
+                    desc = field.metadata.get("description", field.name)
+                    errors.append(
+                        f"{desc} must be one of: {', '.join(map(str, valid_values))}"
+                    )
+
+        conditional_errors = ConfigValidator._validate_conditional_fields(config)
+        errors.extend(conditional_errors)
+
+        return errors
+
+    @staticmethod
+    def _validate_conditional_fields(config: Any) -> List[str]:
         """Execute conditional validation (cross-field dependencies).
 
         Args:
@@ -93,7 +145,7 @@ def _validate_conditional_fields(config: CommonConfig) -> List[str]:
         """
         errors = []
 
-        for field in fields(CommonConfig):
+        for field in fields(config):
             if field.name.startswith("_"):
                 continue
 
@@ -111,11 +163,6 @@ def _validate_conditional_fields(config: CommonConfig) -> List[str]:
             depend_value = getattr(config, depends_on, None)
             current_value = getattr(config, field.name, None)
 
-            if not current_value or (
-                isinstance(current_value, str) and not current_value.strip()
-            ):
-                continue
-
             if depend_value in rules:
                 rule = rules[depend_value]
                 field_errors = ConfigValidator._apply_conditional_rule(
@@ -143,6 +190,12 @@ def _apply_conditional_rule(
         errors = []
         desc = metadata.get("description", field_name)
 
+        if rule.get("required") and (
+            value is None or (isinstance(value, str) and not value.strip())
+        ):
+            errors.append(f"{desc} is required")
+            return errors
+
         if "choices" in rule:
             if value not in rule["choices"]:
                 msg = rule.get(
diff --git a/agentkit/toolkit/config/strategy_configs.py b/agentkit/toolkit/config/strategy_configs.py
@@ -171,6 +171,11 @@ class HybridStrategyConfig(AutoSerializableMixin):
         metadata={
             "description": "CR instance type when auto-creating (Micro or Enterprise)",
             "icon": "⚙️",
+            "choices": [
+                {"value": "Micro", "description": "Micro"},
+                {"value": "Enterprise", "description": "Enterprise"},
+            ],
+            "hidden": True,
         },
     )
     cr_image_full_url: str = field(
@@ -244,13 +249,33 @@ class HybridStrategyConfig(AutoSerializableMixin):
         metadata={
             "description": "OIDC Discovery URL for JWT validation (required when auth_type is custom_jwt)",
             "examples": "https://userpool-xxx.userpool.auth.id.cn-beijing.volces.com/.well-known/openid-configuration",
+            "prompt_condition": {
+                "depends_on": "runtime_auth_type",
+                "values": [AUTH_TYPE_CUSTOM_JWT],
+            },
+            "validation": {
+                "type": "conditional",
+                "depends_on": "runtime_auth_type",
+                "rules": {
+                    AUTH_TYPE_CUSTOM_JWT: {
+                        "required": True,
+                        "pattern": r"^https://.+",
+                        "hint": "(must be a valid https URL)",
+                        "message": "must be a valid https URL",
+                    }
+                },
+            },
         },
     )
     runtime_jwt_allowed_clients: List[str] = field(
         default_factory=list,
         metadata={
             "description": "Allowed OAuth2 client IDs (required when auth_type is custom_jwt)",
             "examples": "['fa99ec54-8a1c-49b2-9a9e-3f3ba31d9a33']",
+            "prompt_condition": {
+                "depends_on": "runtime_auth_type",
+                "values": [AUTH_TYPE_CUSTOM_JWT],
+            },
         },
     )
     runtime_endpoint: str = field(
@@ -371,6 +396,11 @@ class CloudStrategyConfig(AutoSerializableMixin):
         metadata={
             "description": "CR instance type when auto-creating (Micro or Enterprise)",
             "icon": "⚙️",
+            "choices": [
+                {"value": "Micro", "description": "Micro"},
+                {"value": "Enterprise", "description": "Enterprise"},
+            ],
+            "hidden": True,
         },
     )
     cr_region: str = field(
@@ -468,13 +498,33 @@ class CloudStrategyConfig(AutoSerializableMixin):
         metadata={
             "description": "OIDC Discovery URL for JWT validation (required when auth_type is custom_jwt)",
             "examples": "https://userpool-xxx.userpool.auth.id.cn-beijing.volces.com/.well-known/openid-configuration",
+            "prompt_condition": {
+                "depends_on": "runtime_auth_type",
+                "values": [AUTH_TYPE_CUSTOM_JWT],
+            },
+            "validation": {
+                "type": "conditional",
+                "depends_on": "runtime_auth_type",
+                "rules": {
+                    AUTH_TYPE_CUSTOM_JWT: {
+                        "required": True,
+                        "pattern": r"^https://.+",
+                        "hint": "(must be a valid https URL)",
+                        "message": "must be a valid https URL",
+                    }
+                },
+            },
         },
     )
     runtime_jwt_allowed_clients: List[str] = field(
         default_factory=list,
         metadata={
             "description": "Allowed OAuth2 client IDs (required when auth_type is custom_jwt)",
             "examples": "['fa99ec54-8a1c-49b2-9a9e-3f3ba31d9a33']",
+            "prompt_condition": {
+                "depends_on": "runtime_auth_type",
+                "values": [AUTH_TYPE_CUSTOM_JWT],
+            },
         },
     )
     runtime_endpoint: str = field(
