RubyGems - legion-llm - Versions diffs - 0.6.26 → 0.6.27 - Mend

legion-llm 0.6.26 → 0.6.27

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: af7fcbce72c505c3b3e917b9d35722c1f4ff52aeb501cf2d2cfb405696396182
-  data.tar.gz: e7b4218911866adc8bddad3bff9fdddbef37f28c17b97c9efeccb80479a678f8
+  metadata.gz: b85e3ef4ae750eb9aa512fcc0ce3b2de89fc13828dcdcef7ef558859a422e8f1
+  data.tar.gz: 4617e27eec5e4292146338dc4a593e4e0762838b6c1c24c925fedca472775aae
 SHA512:
-  metadata.gz: d709a447c48dba8b0e4de936d13d5ddb9b632bbd887aec1c18e4ec3182b2348ad4ae381f1b637ab02eca2ea67210e51e2b5c1ba6a7891cddc4c4aaeb2baeb37b
-  data.tar.gz: '090830b799d8ba677c44d5bcfd1e665da3a27dbd3e2a995abbdcc12db0fc36efa93663edb67e167d4273f00b4e6bb2af32c6025a6a3c07359e0efb62a62757a2'
+  metadata.gz: c93930484d5c716d2429490ca192bd9e758fd291aa81942a43309e8ab72c9accb1e472241a47255c24e590320748b54f8e71b678b4dc204e78ac975a1b0b7188
+  data.tar.gz: 62453e4f583641b9c2e4e714f120def689548795baa7609844c8d8069f5b577ee644025ac18b324c2ff029a7163b82bde78426996c5bb6e062573aaa0d74c170

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,10 @@
 # Legion LLM Changelog
+## [Unreleased]
+### Added
+- Broker soft consumer in Providers module — tries Identity::Broker before Settings for all provider credentials (Phase 8 Wave 2)
 ## [0.6.26] - 2026-04-09
 ### Changed

data/CLAUDE.md CHANGED Viewed

@@ -8,7 +8,7 @@
 Core LegionIO gem providing LLM capabilities to all extensions. Wraps ruby_llm to provide a consistent interface for chat, embeddings, tool use, and agents across multiple providers (Bedrock, Anthropic, OpenAI, Gemini, Ollama). Includes a dynamic weighted routing engine that dispatches requests across local, fleet, and cloud tiers based on caller intent, priority rules, time schedules, cost multipliers, and real-time provider health.
 **GitHub**: https://github.com/LegionIO/legion-llm
-**Version**: 0.6.25
+**Version**: 0.6.27
 **License**: Apache-2.0
 ## Architecture
@@ -504,7 +504,7 @@ The legacy `vault_path` per-provider setting was removed in v0.3.1.
 Tests run without the full LegionIO stack. `spec/spec_helper.rb` stubs `Legion::Logging` and `Legion::Settings` with in-memory implementations. Each test resets settings to defaults via `before(:each)`.
 ```bash
-bundle exec rspec    # 882 examples, 0 failures
+bundle exec rspec    # 1661 examples, 0 failures
 bundle exec rubocop  # 0 offenses
 ```

data/lib/legion/llm/providers.rb CHANGED Viewed

@@ -28,6 +28,9 @@ module Legion
                       else
                         config[:api_key]
                       end
+          has_creds ||= broker_has_credential?(provider) unless has_creds
           next unless has_creds
           config[:enabled] = true
@@ -70,6 +73,19 @@ module Legion
       def configure_bedrock(config)
         has_sigv4 = config[:api_key] && config[:secret_key]
         has_bearer = config[:bearer_token]
+        unless has_sigv4 || has_bearer
+          broker_creds = resolve_broker_aws_credentials
+          if broker_creds
+            has_sigv4 = true
+            config = config.merge(
+              api_key:       broker_creds.access_key_id,
+              secret_key:    broker_creds.secret_access_key,
+              session_token: (broker_creds.session_token if broker_creds.respond_to?(:session_token))
+            )
+          end
+        end
         return unless has_sigv4 || has_bearer
         require 'legion/llm/bedrock_bearer_auth' if has_bearer
@@ -90,35 +106,38 @@ module Legion
       end
       def configure_anthropic(config)
-        return unless config[:api_key]
+        api_key = resolve_broker_credential(:anthropic) || config[:api_key]
+        return unless api_key
         RubyLLM.configure do |c|
-          c.anthropic_api_key = config[:api_key]
+          c.anthropic_api_key = api_key
         end
         log.info 'Configured Anthropic provider'
       end
       def configure_openai(config)
-        return unless config[:api_key]
+        api_key = resolve_broker_credential(:openai) || config[:api_key]
+        return unless api_key
         RubyLLM.configure do |c|
-          c.openai_api_key = config[:api_key]
+          c.openai_api_key = api_key
         end
         log.info 'Configured OpenAI provider'
       end
       def configure_gemini(config)
-        return unless config[:api_key]
+        api_key = resolve_broker_credential(:gemini) || config[:api_key]
+        return unless api_key
         RubyLLM.configure do |c|
-          c.gemini_api_key = config[:api_key]
+          c.gemini_api_key = api_key
         end
         log.info 'Configured Gemini provider'
       end
       def configure_azure(config)
         api_base = config[:api_base]
-        api_key = config[:api_key]
+        api_key = resolve_broker_credential(:azure) || config[:api_key]
         auth_token = config[:auth_token]
         return unless api_base && (api_key || auth_token)
@@ -197,6 +216,41 @@ module Legion
         handle_exception(e, level: :debug, operation: 'llm.providers.verify_single_provider', provider: provider, model: model)
         # config[:enabled] = false
       end
+      def resolve_broker_credential(provider_name)
+        return nil unless defined?(Legion::Identity::Broker)
+        Legion::Identity::Broker.token_for(provider_name)
+      rescue StandardError => e
+        handle_exception(e, level: :debug, operation: "llm.providers.broker_resolve.#{provider_name}")
+        nil
+      end
+      def resolve_broker_aws_credentials
+        return nil unless defined?(Legion::Identity::Broker)
+        renewer = Legion::Identity::Broker.renewer_for(:aws)
+        return renewer.provider.current_credentials if renewer&.provider.respond_to?(:current_credentials)
+        nil
+      rescue StandardError => e
+        handle_exception(e, level: :debug, operation: 'llm.providers.broker_resolve.aws')
+        nil
+      end
+      def broker_has_credential?(provider)
+        return false unless defined?(Legion::Identity::Broker)
+        case provider
+        when :bedrock
+          renewer = Legion::Identity::Broker.renewer_for(:aws)
+          renewer&.provider.respond_to?(:current_credentials) && !renewer.provider.current_credentials.nil?
+        else
+          !Legion::Identity::Broker.token_for(provider).nil?
+        end
+      rescue StandardError
+        false
+      end
     end
   end
 end

data/lib/legion/llm/version.rb CHANGED Viewed

@@ -2,6 +2,6 @@
 module Legion
   module LLM
-    VERSION = '0.6.26'
+    VERSION = '0.6.27'
   end
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: legion-llm
 version: !ruby/object:Gem::Version
-  version: 0.6.26
+  version: 0.6.27
 platform: ruby
 authors:
 - Esity