datadog 2.23.0 → 2.28.0

data/lib/datadog/ai_guard/component.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+require_relative 'api_client'
+require_relative 'evaluation'
+require_relative 'evaluation/request'
+require_relative 'evaluation/result'
+require_relative 'evaluation/no_op_result'
+require_relative 'evaluation/message'
+require_relative 'evaluation/tool_call'
+require_relative 'ext'
+
+module Datadog
+  module AIGuard
+    # Component for API Guard product
+    class Component
+      attr_reader :api_client, :logger
+
+      def self.build(settings, logger:, telemetry:)
+        return unless settings.respond_to?(:ai_guard) && settings.ai_guard.enabled
+
+        api_client = APIClient.new(
+          endpoint: settings.ai_guard.endpoint,
+          api_key: settings.api_key,
+          application_key: settings.ai_guard.app_key,
+          timeout: settings.ai_guard.timeout_ms / 1_000
+        )
+
+        new(api_client, logger: logger, telemetry: telemetry)
+      end
+
+      def initialize(api_client, logger:, telemetry:)
+        @api_client = api_client
+        @logger = logger
+        @telemetry = telemetry
+      end
+
+      def shutdown!
+        # no-op
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/configuration/ext.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Configuration
+      # This module contains constants for AI Guard component
+      module Ext
+        ENV_AI_GUARD_ENABLED = "DD_AI_GUARD_ENABLED"
+        ENV_AI_GUARD_ENDPOINT = "DD_AI_GUARD_ENDPOINT"
+        ENV_AI_GUARD_TIMEOUT = "DD_AI_GUARD_TIMEOUT"
+        ENV_AI_GUARD_MAX_CONTENT_SIZE = "DD_AI_GUARD_MAX_CONTENT_SIZE"
+        ENV_AI_GUARD_MAX_MESSAGES_LENGTH = "DD_AI_GUARD_MAX_MESSAGES_LENGTH"
+        ENV_APP_KEY = "DD_APP_KEY"
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/configuration/settings.rb

@@ -0,0 +1,110 @@
+# frozen_string_literal: true
+
+require "uri"
+require_relative "ext"
+
+module Datadog
+  module AIGuard
+    module Configuration
+      # AI Guard specific settings
+      module Settings
+        def self.extended(base)
+          base = base.singleton_class unless base.is_a?(Class)
+          add_settings!(base)
+        end
+
+        def self.add_settings!(base)
+          base.class_eval do
+            # AI Guard specific configurations.
+            # @public_api
+            settings :ai_guard do
+              # Enable AI Guard.
+              #
+              # You can use this option to skip calls to AI Guard API without having to remove library as a whole.
+              #
+              # @default `DD_AI_GUARD_ENABLED`, otherwise `false`
+              # @return [Boolean]
+              option :enabled do |o|
+                o.type :bool
+                o.env Ext::ENV_AI_GUARD_ENABLED
+                o.default false
+              end
+
+              define_method(:instrument) do |integration_name|
+                return unless enabled # steep:ignore
+
+                if (registered_integration = Datadog::AIGuard::Contrib::Integration.registry[integration_name])
+                  klass = registered_integration.klass
+                  if klass.loaded? && klass.compatible?
+                    instance = klass.new
+                    instance.patcher.patch unless instance.patcher.patched?
+                  end
+                end
+              end
+
+              # AI Guard API endpoint path.
+              #
+              # @default `DD_AI_GUARD_ENDPOINT`, otherwise `nil`
+              # @return [String, nil]
+              option :endpoint do |o|
+                o.type :string, nilable: true
+                o.env Ext::ENV_AI_GUARD_ENDPOINT
+
+                o.setter do |value|
+                  next unless value
+
+                  uri = URI(value.to_s)
+                  raise ArgumentError, "Please provide an absolute URI that includes a protocol" unless uri.absolute?
+
+                  uri.to_s.delete_suffix("/")
+                end
+              end
+
+              # Datadog Application key.
+              #
+              # @default `DD_APP_KEY` environment variable, otherwise `nil`
+              # @return [String, nil]
+              option :app_key do |o|
+                o.type :string, nilable: true
+                o.env Ext::ENV_APP_KEY
+              end
+
+              # Request timeout in milliseconds.
+              #
+              # @default `DD_AI_GUARD_TIMEOUT`, otherwise 10 000 ms
+              # @return [Integer]
+              option :timeout_ms do |o|
+                o.type :int
+                o.env Ext::ENV_AI_GUARD_TIMEOUT
+                o.default 10_000
+              end
+
+              # Maximum content size in bytes.
+              # Content that exceeds the maximum allowed size is truncated before
+              # being stored in the current span context.
+              #
+              # @default `DD_AI_GUARD_MAX_CONTENT_SIZE`, otherwise 524 228 bytes
+              # @return [Integer]
+              option :max_content_size_bytes do |o|
+                o.type :int
+                o.env Ext::ENV_AI_GUARD_MAX_CONTENT_SIZE
+                o.default 512 * 1024
+              end
+
+              # Maximum number of messages.
+              # Older messages are omitted once the message limit is reached.
+              #
+              # @default `DD_AI_GUARD_MAX_MESSAGES_LENGTH`, otherwise 16 messages
+              # @return [Integer]
+              option :max_messages_length do |o|
+                o.type :int
+                o.env Ext::ENV_AI_GUARD_MAX_MESSAGES_LENGTH
+                o.default 16
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/configuration.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    # Configuration module for AI Guard
+    module Configuration
+    end
+  end
+end
+
+require_relative "configuration/settings"

data/lib/datadog/ai_guard/contrib/integration.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Contrib
+      # Base provides features that are shared across all integrations
+      module Integration
+        RegisteredIntegration = Struct.new(:name, :klass, :options)
+
+        @registry = {}
+
+        # Class-level methods for Integration
+        module ClassMethods
+          def register_as(name, options = {})
+            Integration.register(self, name, options)
+          end
+
+          def compatible?
+            true
+          end
+        end
+
+        def self.included(base)
+          base.extend(ClassMethods)
+        end
+
+        def self.register(integration, name, options)
+          @registry[name] = RegisteredIntegration.new(name, integration, options)
+        end
+
+        def self.registry
+          @registry
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/contrib/ruby_llm/chat_instrumentation.rb

@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Contrib
+      module RubyLLM
+        # module that gets prepended to RubyLLM::Chat
+        module ChatInstrumentation
+          class << self
+            def evaluate!(messages)
+              ai_guard_messages = messages.flat_map do |message|
+                if message.tool_call?
+                  message.tool_calls.map do |tool_call_id, tool_call|
+                    AIGuard.assistant(id: tool_call_id, tool_name: tool_call.name, arguments: tool_call.arguments.to_s)
+                  end
+                elsif message.tool_result?
+                  AIGuard.tool(tool_call_id: message.tool_call_id, content: message.content)
+                else
+                  AIGuard.message(role: message.role, content: message.content)
+                end
+              end
+
+              AIGuard.evaluate(*ai_guard_messages, allow_raise: true)
+            end
+          end
+
+          def complete(&block)
+            Datadog::AIGuard::Contrib::RubyLLM::ChatInstrumentation.evaluate!(messages)
+
+            super
+          end
+
+          def handle_tool_calls(response, &block)
+            Datadog::AIGuard::Contrib::RubyLLM::ChatInstrumentation.evaluate!(messages)
+
+            super
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/contrib/ruby_llm/integration.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require_relative "../integration"
+require_relative "patcher"
+
+module Datadog
+  module AIGuard
+    module Contrib
+      module RubyLLM
+        # This class provides helper methods that are used when patching RubyLLM
+        class Integration
+          include Datadog::AIGuard::Contrib::Integration
+
+          MINIMUM_VERSION = Gem::Version.new("1.0.0")
+
+          register_as :ruby_llm, auto_patch: false
+
+          def self.version
+            Gem.loaded_specs["ruby_llm"]&.version
+          end
+
+          def self.loaded?
+            !defined?(::RubyLLM).nil?
+          end
+
+          def self.compatible?
+            super && !!(version&.>= MINIMUM_VERSION)
+          end
+
+          def self.auto_instrument?
+            false
+          end
+
+          def patcher
+            Patcher
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/contrib/ruby_llm/patcher.rb

@@ -0,0 +1,30 @@
+# frozen_string_literal: true
+
+require_relative "chat_instrumentation"
+
+module Datadog
+  module AIGuard
+    module Contrib
+      module RubyLLM
+        # AIGuard patcher module for RubyLLM
+        module Patcher
+          module_function
+
+          def patched?
+            !!Patcher.instance_variable_get(:@patched)
+          end
+
+          def target_version
+            Integration.version
+          end
+
+          def patch
+            ::RubyLLM::Chat.prepend(ChatInstrumentation)
+
+            Patcher.instance_variable_set(:@patched, true)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/evaluation/message.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Evaluation
+      # Message class for AI Guard
+      class Message
+        attr_reader :role, :content, :tool_call, :tool_call_id
+
+        def initialize(role:, content: nil, tool_call: nil, tool_call_id: nil)
+          raise ArgumentError, "Role must be set to a non-empty value" if role.to_s.empty?
+
+          @role = role.to_sym
+          @content = content
+          @tool_call = tool_call
+          @tool_call_id = tool_call_id
+
+          if @tool_call && !@tool_call.is_a?(ToolCall)
+            raise ArgumentError, "Expected an instance of #{ToolCall.name} for :tool_call argument"
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/evaluation/no_op_result.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Evaluation
+      # Class for emulating AI Guard evaluation result when AI Guard is disabled.
+      class NoOpResult
+        attr_reader :action, :reason, :tags
+
+        def initialize
+          @action = Result::ALLOW_ACTION
+          @reason = "AI Guard is disabled"
+          @tags = []
+        end
+
+        def allow?
+          true
+        end
+
+        def deny?
+          false
+        end
+
+        def abort?
+          false
+        end
+
+        def blocking_enabled?
+          false
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/evaluation/request.rb

@@ -0,0 +1,81 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Evaluation
+      # Request builds the request body from an array of messages and processes the response
+      class Request
+        REQUEST_PATH = "/evaluate"
+
+        attr_reader :serialized_messages
+
+        def initialize(messages)
+          @serialized_messages = serialize_messages(messages)
+        end
+
+        def perform
+          api_client = AIGuard.api_client
+
+          # This should never happen, as we are only calling this method when AI Guard is enabled,
+          # and this means the API Client was not initialized properly.
+          #
+          # Please report this at https://github.com/datadog/dd-trace-rb/blob/master/CONTRIBUTING.md#found-a-bug
+          raise "AI Guard API Client not initialized" unless api_client
+
+          raw_response = api_client.post(REQUEST_PATH, body: build_request_body)
+
+          Result.new(raw_response)
+        end
+
+        private
+
+        def build_request_body
+          {
+            data: {
+              attributes: {
+                messages: @serialized_messages,
+                meta: {
+                  service: Datadog.configuration.service,
+                  env: Datadog.configuration.env
+                }
+              }
+            }
+          }
+        end
+
+        def serialize_messages(messages)
+          serialized_messages = []
+
+          messages.each do |message|
+            serialized_messages << serialize_message(message)
+
+            break if serialized_messages.count == Datadog.configuration.ai_guard.max_messages_length
+          end
+
+          serialized_messages
+        end
+
+        def serialize_message(message)
+          if message.tool_call
+            {
+              role: message.role,
+              tool_calls: [
+                {
+                  id: message.tool_call.id,
+                  function: {
+                    name: message.tool_call.tool_name,
+                    arguments: message.tool_call.arguments
+                  }
+                }
+              ]
+            }
+          elsif message.tool_call_id
+            {role: message.role, tool_call_id: message.tool_call_id, content: message.content}
+          else
+            {role: message.role, content: message.content}
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/evaluation/result.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Evaluation
+      # Wrapper class for evaluation API response
+      class Result
+        ALLOW_ACTION = "ALLOW"
+        DENY_ACTION = "DENY"
+        ABORT_ACTION = "ABORT"
+
+        attr_reader :action, :reason, :tags
+
+        def initialize(raw_response)
+          attributes = raw_response.fetch("data").fetch("attributes")
+
+          @action = attributes.fetch("action")
+          @reason = attributes.fetch("reason")
+          @tags = attributes.fetch("tags")
+          @is_blocking_enabled = attributes.fetch("is_blocking_enabled")
+        rescue KeyError => e
+          raise AIGuardClientError, "Missing key: \"#{e.key}\""
+        end
+
+        def allow?
+          action == ALLOW_ACTION
+        end
+
+        def deny?
+          action == DENY_ACTION
+        end
+
+        def abort?
+          action == ABORT_ACTION
+        end
+
+        def blocking_enabled?
+          !!@is_blocking_enabled
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/evaluation/tool_call.rb

@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    module Evaluation
+      # Tool call class for AI Guard
+      class ToolCall
+        attr_reader :tool_name, :id, :arguments
+
+        def initialize(tool_name, id:, arguments:)
+          @tool_name = tool_name
+          @id = id
+          @arguments = arguments
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/evaluation.rb

@@ -0,0 +1,72 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    # module that contains a function for performing AI Guard Evaluation request
+    # and creating `ai_guard` span with required tags
+    module Evaluation
+      class << self
+        def perform(messages, allow_raise: false)
+          raise ArgumentError, "Messages must not be empty" if messages&.empty?
+
+          Tracing.trace(Ext::SPAN_NAME) do |span, trace|
+            if (last_message = messages.last)
+              if last_message.tool_call
+                span.set_tag(Ext::TARGET_TAG, "tool")
+                span.set_tag(Ext::TOOL_NAME_TAG, last_message.tool_call.tool_name)
+              elsif last_message.tool_call_id
+                span.set_tag(Ext::TARGET_TAG, "tool")
+
+                if (tool_call_message = messages.find { |m| m.tool_call&.id == last_message.tool_call_id })
+                  span.set_tag(Ext::TOOL_NAME_TAG, tool_call_message.tool_call.tool_name) # steep:ignore
+                end
+              else
+                span.set_tag(Ext::TARGET_TAG, "prompt")
+              end
+            end
+
+            request = Request.new(messages)
+            result = request.perform
+
+            span.set_tag(Ext::ACTION_TAG, result.action)
+            span.set_tag(Ext::REASON_TAG, result.reason)
+
+            span.set_metastruct_tag(
+              Ext::METASTRUCT_TAG,
+              {
+                messages: truncate_content(request.serialized_messages),
+                attack_categories: result.tags
+              }
+            )
+
+            if allow_raise && (result.deny? || result.abort?) && result.blocking_enabled?
+              span.set_tag(Ext::BLOCKED_TAG, true)
+              raise AIGuardAbortError.new(action: result.action, reason: result.reason, tags: result.tags)
+            end
+
+            result
+          end
+        end
+
+        def perform_no_op
+          AIGuard.logger&.warn("AI Guard is disabled, messages were not evaluated")
+
+          NoOpResult.new
+        end
+
+        private
+
+        def truncate_content(serialized_messages)
+          serialized_messages.map do |message| # steep:ignore
+            next message unless message[:content]
+
+            {
+              **message,
+              content: message[:content].byteslice(0, Datadog.configuration.ai_guard.max_content_size_bytes)
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/datadog/ai_guard/ext.rb

@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+module Datadog
+  module AIGuard
+    # AI Guard specific constants
+    module Ext
+      SPAN_NAME = "ai_guard"
+      TARGET_TAG = "ai_guard.target"
+      TOOL_NAME_TAG = "ai_guard.tool_name"
+      ACTION_TAG = "ai_guard.action"
+      REASON_TAG = "ai_guard.reason"
+      BLOCKED_TAG = "ai_guard.blocked"
+      METASTRUCT_TAG = "ai_guard"
+    end
+  end
+end