@ouro.bot/cli 0.1.0-alpha.59 → 0.1.0-alpha.60
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/changelog.json +8 -0
- package/dist/heart/config.js +1 -0
- package/dist/heart/core.js +2 -2
- package/dist/heart/providers/azure.js +78 -6
- package/package.json +2 -1
package/changelog.json
CHANGED
|
@@ -1,6 +1,14 @@
|
|
|
1
1
|
{
|
|
2
2
|
"_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
|
|
3
3
|
"versions": [
|
|
4
|
+
{
|
|
5
|
+
"version": "0.1.0-alpha.60",
|
|
6
|
+
"changes": [
|
|
7
|
+
"Azure OpenAI provider now supports DefaultAzureCredential for managed identity auth in production and az-login auth for local dev, with API key as an optional fallback.",
|
|
8
|
+
"The @azure/identity package is lazy-loaded only when the managed identity path is used, so API key users and other providers pay no cold-start cost.",
|
|
9
|
+
"Auth failure errors now preserve the original cause and list all three resolution paths (API key, az login, managed identity)."
|
|
10
|
+
]
|
|
11
|
+
},
|
|
4
12
|
{
|
|
5
13
|
"version": "0.1.0-alpha.59",
|
|
6
14
|
"changes": [
|
package/dist/heart/config.js
CHANGED
package/dist/heart/core.js
CHANGED
|
@@ -29,8 +29,8 @@ function getProviderRuntimeFingerprint() {
|
|
|
29
29
|
const provider = (0, identity_1.loadAgentConfig)().provider;
|
|
30
30
|
switch (provider) {
|
|
31
31
|
case "azure": {
|
|
32
|
-
const { apiKey, endpoint, deployment, modelName, apiVersion } = (0, config_1.getAzureConfig)();
|
|
33
|
-
return JSON.stringify({ provider, apiKey, endpoint, deployment, modelName, apiVersion });
|
|
32
|
+
const { apiKey, endpoint, deployment, modelName, apiVersion, managedIdentityClientId } = (0, config_1.getAzureConfig)();
|
|
33
|
+
return JSON.stringify({ provider, apiKey, endpoint, deployment, modelName, apiVersion, managedIdentityClientId });
|
|
34
34
|
}
|
|
35
35
|
case "anthropic": {
|
|
36
36
|
const { model, setupToken } = (0, config_1.getAnthropicConfig)();
|
|
@@ -1,34 +1,106 @@
|
|
|
1
1
|
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
2
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.createAzureTokenProvider = createAzureTokenProvider;
|
|
3
37
|
exports.createAzureProviderRuntime = createAzureProviderRuntime;
|
|
4
38
|
const openai_1 = require("openai");
|
|
5
39
|
const config_1 = require("../config");
|
|
6
40
|
const runtime_1 = require("../../nerves/runtime");
|
|
7
41
|
const streaming_1 = require("../streaming");
|
|
8
42
|
const model_capabilities_1 = require("../model-capabilities");
|
|
43
|
+
const COGNITIVE_SERVICES_SCOPE = "https://cognitiveservices.azure.com/.default";
|
|
44
|
+
// @azure/identity is imported dynamically (below) rather than at the top level
|
|
45
|
+
// because it's a heavy package (~30+ transitive deps) and we only need it when
|
|
46
|
+
// using the managed-identity auth path. API-key users and other providers
|
|
47
|
+
// shouldn't pay the cold-start cost.
|
|
48
|
+
function createAzureTokenProvider(managedIdentityClientId) {
|
|
49
|
+
let credential = null;
|
|
50
|
+
return async () => {
|
|
51
|
+
try {
|
|
52
|
+
if (!credential) {
|
|
53
|
+
const { DefaultAzureCredential } = await Promise.resolve().then(() => __importStar(require("@azure/identity")));
|
|
54
|
+
const credentialOptions = managedIdentityClientId
|
|
55
|
+
? { managedIdentityClientId }
|
|
56
|
+
: undefined;
|
|
57
|
+
credential = new DefaultAzureCredential(credentialOptions);
|
|
58
|
+
}
|
|
59
|
+
const tokenResponse = await credential.getToken(COGNITIVE_SERVICES_SCOPE);
|
|
60
|
+
return tokenResponse.token;
|
|
61
|
+
}
|
|
62
|
+
catch (err) {
|
|
63
|
+
const detail = err instanceof Error ? err.message : String(err);
|
|
64
|
+
throw new Error(`Azure OpenAI authentication failed: ${detail}\n` +
|
|
65
|
+
"To fix this, either:\n" +
|
|
66
|
+
" 1. Set providers.azure.apiKey in secrets.json, or\n" +
|
|
67
|
+
" 2. Run 'az login' to authenticate with your Azure account (for local dev), or\n" +
|
|
68
|
+
" 3. Attach a managed identity to your App Service and set providers.azure.managedIdentityClientId in secrets.json (for deployed environments)");
|
|
69
|
+
}
|
|
70
|
+
};
|
|
71
|
+
}
|
|
9
72
|
function createAzureProviderRuntime() {
|
|
73
|
+
const azureConfig = (0, config_1.getAzureConfig)();
|
|
74
|
+
const useApiKey = !!azureConfig.apiKey;
|
|
75
|
+
const authMethod = useApiKey ? "key" : "managed-identity";
|
|
10
76
|
(0, runtime_1.emitNervesEvent)({
|
|
11
77
|
component: "engine",
|
|
12
78
|
event: "engine.provider_init",
|
|
13
79
|
message: "azure provider init",
|
|
14
|
-
meta: { provider: "azure" },
|
|
80
|
+
meta: { provider: "azure", authMethod },
|
|
15
81
|
});
|
|
16
|
-
|
|
17
|
-
if (!(azureConfig.apiKey && azureConfig.endpoint && azureConfig.deployment && azureConfig.modelName)) {
|
|
82
|
+
if (!(azureConfig.endpoint && azureConfig.deployment && azureConfig.modelName)) {
|
|
18
83
|
throw new Error("provider 'azure' is selected in agent.json but providers.azure is incomplete in secrets.json.");
|
|
19
84
|
}
|
|
20
85
|
const modelCaps = (0, model_capabilities_1.getModelCapabilities)(azureConfig.modelName);
|
|
21
86
|
const capabilities = new Set();
|
|
22
87
|
if (modelCaps.reasoningEffort)
|
|
23
88
|
capabilities.add("reasoning-effort");
|
|
24
|
-
const
|
|
25
|
-
apiKey: azureConfig.apiKey,
|
|
89
|
+
const clientOptions = {
|
|
26
90
|
endpoint: azureConfig.endpoint.replace(/\/openai.*$/, ""),
|
|
27
91
|
deployment: azureConfig.deployment,
|
|
28
92
|
apiVersion: azureConfig.apiVersion,
|
|
29
93
|
timeout: 30000,
|
|
30
94
|
maxRetries: 0,
|
|
31
|
-
}
|
|
95
|
+
};
|
|
96
|
+
if (useApiKey) {
|
|
97
|
+
clientOptions.apiKey = azureConfig.apiKey;
|
|
98
|
+
}
|
|
99
|
+
else {
|
|
100
|
+
const managedIdentityClientId = azureConfig.managedIdentityClientId || undefined;
|
|
101
|
+
clientOptions.azureADTokenProvider = createAzureTokenProvider(managedIdentityClientId);
|
|
102
|
+
}
|
|
103
|
+
const client = new openai_1.AzureOpenAI(clientOptions);
|
|
32
104
|
let nativeInput = null;
|
|
33
105
|
let nativeInstructions = "";
|
|
34
106
|
return {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@ouro.bot/cli",
|
|
3
|
-
"version": "0.1.0-alpha.
|
|
3
|
+
"version": "0.1.0-alpha.60",
|
|
4
4
|
"main": "dist/heart/daemon/ouro-entry.js",
|
|
5
5
|
"bin": {
|
|
6
6
|
"cli": "dist/heart/daemon/ouro-bot-entry.js",
|
|
@@ -33,6 +33,7 @@
|
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
35
|
"@anthropic-ai/sdk": "^0.78.0",
|
|
36
|
+
"@azure/identity": "^4.13.0",
|
|
36
37
|
"@microsoft/teams.apps": "^2.0.5",
|
|
37
38
|
"@microsoft/teams.dev": "^2.0.5",
|
|
38
39
|
"fast-glob": "^3.3.3",
|