mcp-souschef 3.0.0__py3-none-any.whl → 3.5.1__py3-none-any.whl

souschef/ui/app.py

@@ -9,13 +9,7 @@ if str(app_path) not in sys.path:
 import contextlib
 import os
 from collections.abc import Callable, Iterable, Mapping, Sequence
-from typing import (
-    TYPE_CHECKING,
-    Any,
-    Concatenate,
-    ParamSpec,
-    TypeVar,
-)
+from typing import TYPE_CHECKING, Any, Concatenate, ParamSpec, TypeVar
 
 import streamlit as st
 
@@ -27,7 +21,10 @@ if TYPE_CHECKING:
 P = ParamSpec("P")
 R = TypeVar("R")
 
+from souschef.core import _ensure_within_base_path, _normalize_path
+from souschef.core.path_utils import safe_exists, safe_glob, safe_is_dir, safe_is_file
 from souschef.ui.pages.ai_settings import show_ai_settings_page
+from souschef.ui.pages.chef_server_settings import show_chef_server_settings_page
 from souschef.ui.pages.cookbook_analysis import show_cookbook_analysis_page
 
 # Constants
@@ -39,6 +36,7 @@ NAV_MIGRATION_PLANNING = "Migration Planning"
 NAV_DEPENDENCY_MAPPING = "Dependency Mapping"
 NAV_VALIDATION_REPORTS = "Validation Reports"
 NAV_AI_SETTINGS = "AI Settings"
+NAV_CHEF_SERVER_SETTINGS = "Chef Server Settings"
 NAV_COOKBOOK_ANALYSIS = "Cookbook Analysis"
 BUTTON_ANALYSE_DEPENDENCIES = "Analyse Dependencies"
 INPUT_METHOD_DIRECTORY_PATH = "Directory Path"
@@ -129,13 +127,14 @@ def main() -> None:
     # Navigation section
     st.subheader("Navigation")
 
-    col1, col2, col3, col4, col5 = st.columns(5)
+    col1, col2, col3 = st.columns(3)
+    col4, col5, col6 = st.columns(3)
 
     with col1:
         if st.button(
             "Cookbook Analysis",
             type="primary" if page == NAV_COOKBOOK_ANALYSIS else "secondary",
-            width="stretch",
+            use_container_width=True,
             key="nav_cookbook_analysis",
         ):
             st.session_state.current_page = NAV_COOKBOOK_ANALYSIS
@@ -145,7 +144,7 @@ def main() -> None:
         if st.button(
             "Migration Planning",
             type="primary" if page == NAV_MIGRATION_PLANNING else "secondary",
-            width="stretch",
+            use_container_width=True,
             key="nav_migration_planning",
         ):
             st.session_state.current_page = NAV_MIGRATION_PLANNING
@@ -155,7 +154,7 @@ def main() -> None:
         if st.button(
             "Dependency Mapping",
             type="primary" if page == NAV_DEPENDENCY_MAPPING else "secondary",
-            width="stretch",
+            use_container_width=True,
             key="nav_dependency_mapping",
         ):
             st.session_state.current_page = NAV_DEPENDENCY_MAPPING
@@ -165,7 +164,7 @@ def main() -> None:
         if st.button(
             "Validation Reports",
             type="primary" if page == NAV_VALIDATION_REPORTS else "secondary",
-            width="stretch",
+            use_container_width=True,
             key="nav_validation_reports",
         ):
             st.session_state.current_page = NAV_VALIDATION_REPORTS
@@ -175,12 +174,22 @@ def main() -> None:
         if st.button(
             "AI Settings",
             type="primary" if page == NAV_AI_SETTINGS else "secondary",
-            width="stretch",
+            use_container_width=True,
             key="nav_ai_settings",
         ):
             st.session_state.current_page = NAV_AI_SETTINGS
             st.rerun()
 
+    with col6:
+        if st.button(
+            "Chef Server",
+            type="primary" if page == NAV_CHEF_SERVER_SETTINGS else "secondary",
+            use_container_width=True,
+            key="nav_chef_server_settings",
+        ):
+            st.session_state.current_page = NAV_CHEF_SERVER_SETTINGS
+            st.rerun()
+
     st.divider()
 
     # Page routing
@@ -196,6 +205,7 @@ def _route_to_page(page: str) -> None:
         NAV_DEPENDENCY_MAPPING: show_dependency_mapping,
         NAV_VALIDATION_REPORTS: show_validation_reports,
         NAV_AI_SETTINGS: show_ai_settings_page,
+        NAV_CHEF_SERVER_SETTINGS: show_chef_server_settings_page,
     }
 
     route_func = page_routes.get(page)
@@ -2550,28 +2560,31 @@ def _collect_files_to_validate(input_path: str) -> list[Path]:
         # Error already reported by _normalize_and_validate_input_path
         return []
 
-    path_obj = validated_path
-    files_to_validate = []
+    # Path is normalized and validated to be within app root
+    path_obj: Path = validated_path
+    files_to_validate: list[Path] = []
 
-    if not path_obj.exists():
+    # Check if path exists using safe function
+    if not safe_exists(path_obj, Path.cwd()):
         st.error(f"Path does not exist: {path_obj}")
         return []
 
-    if path_obj.is_file():
+    # Determine if it's a file or directory
+    if safe_is_file(path_obj, Path.cwd()):
         if path_obj.suffix in [".yml", ".yaml"] and path_obj.name not in [
             ".kitchen.yml",
             "kitchen.yml",
             "docker-compose.yml",
         ]:
             files_to_validate.append(path_obj)
-    elif path_obj.is_dir():
+    elif safe_is_dir(path_obj, Path.cwd()):
         # Filter out obvious non-playbook files
         excluded_files = {".kitchen.yml", "kitchen.yml", "docker-compose.yml"}
 
-        yml_files = list(path_obj.glob("**/*.yml"))
-        yaml_files = list(path_obj.glob("**/*.yaml"))
+        yml_files: list[Path] = safe_glob(path_obj, "**/*.yml", Path.cwd())
+        yaml_files: list[Path] = safe_glob(path_obj, "**/*.yaml", Path.cwd())
 
-        raw_files = yml_files + yaml_files
+        raw_files: list[Path] = yml_files + yaml_files
         files_to_validate.extend([f for f in raw_files if f.name not in excluded_files])
 
     return files_to_validate
@@ -2743,22 +2756,14 @@ def _normalize_and_validate_input_path(input_path: str) -> Path | None:
         return None
 
     try:
-        # Expand user home and resolve to an absolute, normalized path
-        path_obj = Path(raw).expanduser().resolve()
-    except Exception:
-        st.error(f"Invalid path: {raw}")
-        return None
-
-    # Optional safety: constrain to the application root directory
-    try:
+        path_obj = _normalize_path(raw)
         app_root = Path(app_path).resolve()
-        path_obj.relative_to(app_root)
-    except Exception:
-        st.error("Path must be within the SousChef project directory.")
+        # Use centralised containment validation
+        return _ensure_within_base_path(path_obj, app_root)
+    except (ValueError, OSError) as e:
+        st.error(f"Invalid path: {e}")
         return None
 
-    return path_obj
-
 
 def _handle_validation_execution(input_path: str, options: Mapping[str, Any]) -> None:
     """Execute the validation process with progress tracking."""
@@ -2777,8 +2782,11 @@ def _handle_validation_execution(input_path: str, options: Mapping[str, Any]) ->
             # Error is handled inside _collect_files_to_validate
             # if path doesn't exist or is invalid
             validated_path = _normalize_and_validate_input_path(input_path)
-            if validated_path is not None and validated_path.exists():
-                st.warning(f"No YAML files found in {validated_path}")
+            if validated_path is not None:
+                # Check if the validated path exists
+                path_exists: bool = safe_exists(validated_path, Path.cwd())
+                if path_exists:
+                    st.warning(f"No YAML files found in {validated_path}")
             return
 
         progress_tracker.update(3, f"Validating {len(files_to_validate)} files...")

souschef/ui/pages/ai_settings.py

@@ -8,10 +8,11 @@ import json
 import os
 from pathlib import Path
 from typing import Any
-from urllib.parse import urlparse, urlunparse
 
 import streamlit as st
 
+from souschef.core.url_validation import validate_user_provided_url
+
 # AI Provider Constants
 ANTHROPIC_PROVIDER = "Anthropic (Claude)"
 OPENAI_PROVIDER = "OpenAI (GPT)"
@@ -21,6 +22,7 @@ LOCAL_PROVIDER = "Local Model"
 
 # UI Constants
 API_KEY_LABEL = "API Key"
+REQUESTS_NOT_INSTALLED_MESSAGE = "requests library not installed"
 
 # Import AI libraries (optional dependencies)
 try:
@@ -34,9 +36,9 @@ except ImportError:
     APIClient = None
 
 try:
-    import requests  # type: ignore[import-untyped]
+    import requests
 except ImportError:
-    requests = None
+    requests = None  # type: ignore[assignment]
 
 try:
     import openai
@@ -70,8 +72,26 @@ def _get_model_options(provider):
 def _render_api_configuration(provider):
     """Render API configuration UI and return config values."""
     if provider == LOCAL_PROVIDER:
-        st.info("Local model configuration will be added in a future update.")
-        return "", "", ""
+        col1, col2 = st.columns(2)
+        with col1:
+            base_url = st.text_input(
+                "Local Server URL",
+                help=(
+                    "HTTPS URL of your local model server (Ollama, llama.cpp, vLLM, "
+                    "etc.). Add non-public hosts to SOUSCHEF_ALLOWED_HOSTNAMES."
+                ),
+                key="base_url_input",
+                placeholder="https://localhost:11434 (for Ollama)",
+                value="https://localhost:11434",
+            )
+        with col2:
+            model = st.text_input(
+                "Model Name",
+                help="Name of the model to use from your local server",
+                key="model_input",
+                placeholder="e.g., llama2, mistral, neural-chat",
+            )
+        return model, base_url, ""
     elif provider == WATSON_PROVIDER:
         col1, col2, col3 = st.columns(3)
         with col1:
@@ -258,7 +278,7 @@ def show_ai_settings_page():
 
 def validate_ai_configuration(provider, api_key, model, base_url="", project_id=""):
     """Validate the AI configuration by making a test API call."""
-    if not api_key and provider != "Local Model":
+    if not api_key and provider != LOCAL_PROVIDER:
         st.error("API key is required for validation.")
         return
 
@@ -276,8 +296,10 @@ def validate_ai_configuration(provider, api_key, model, base_url="", project_id=
                 success, message = validate_watson_config(api_key, project_id, base_url)
             elif provider == LIGHTSPEED_PROVIDER:
                 success, message = validate_lightspeed_config(api_key, model, base_url)
+            elif provider == LOCAL_PROVIDER:
+                success, message = validate_local_model_config(base_url, model)
             else:
-                st.info("Local model validation not implemented yet.")
+                st.error("Unknown provider selected.")
                 return
 
             if success:
@@ -299,29 +321,116 @@ def _sanitize_lightspeed_base_url(base_url: str) -> str:
     - Strip any user-supplied path, query, or fragment.
     """
     default_url = "https://api.redhat.com"
-    allowed_hosts = {
-        "api.redhat.com",
-    }
+    allowed_hosts = {"api.redhat.com"}
+
+    return validate_user_provided_url(
+        base_url,
+        default_url=default_url,
+        allowed_hosts=allowed_hosts,
+        strip_path=True,
+    )
+
+
+def _check_ollama_server(base_url: str, model: str) -> tuple[bool, str]:
+    """Check Ollama server availability and models."""
+    if requests is None:
+        return False, REQUESTS_NOT_INSTALLED_MESSAGE
+
+    response = requests.get(f"{base_url}/api/tags", timeout=5)
+    if response.status_code == 200:
+        models_data = response.json()
+        available = [m.get("name", "") for m in models_data.get("models", [])]
+
+        if model and model in available:
+            return True, f"Model '{model}' found on Ollama server"
+        elif available:
+            models_str = ", ".join(available[:3])
+            return True, f"Ollama server with models: {models_str}"
+        else:
+            return False, "Ollama server found but no models available"
+    return False, "Ollama API not responding"
+
+
+def _check_openai_compatible_server(base_url: str, model: str) -> tuple[bool, str]:
+    """Check OpenAI-compatible server availability and models."""
+    if requests is None:
+        return False, REQUESTS_NOT_INSTALLED_MESSAGE
+
+    response = requests.get(f"{base_url}/v1/models", timeout=5)
+    if response.status_code == 200:
+        models_data = response.json()
+        available = [m.get("id", "") for m in models_data.get("data", [])]
+
+        if model and model in available:
+            return True, f"Model '{model}' found on server"
+        elif available:
+            return True, f"OpenAI-compatible server running at {base_url}"
+        else:
+            return False, "Server found but no models available"
+    return False, "OpenAI API not responding"
+
 
-    if not base_url or not str(base_url).strip():
-        return default_url
+def validate_local_model_config(base_url="", model=""):
+    """
+    Validate local model server configuration.
 
-    parsed = urlparse(base_url)
+    Supports multiple local model servers:
+    - Ollama (default: https://localhost:11434)
+    - llama.cpp server (default: https://localhost:8000)
+    - vLLM (default: https://localhost:8000)
+    - LM Studio (default: https://localhost:1234)
 
-    # If scheme is missing, assume https
-    if not parsed.scheme:
-        parsed = parsed._replace(scheme="https")
+    Args:
+        base_url: Base URL of local model server
+        model: Model name to check availability
 
-    if parsed.scheme.lower() != "https":
-        raise ValueError("Base URL must use HTTPS.")
+    Returns:
+        Tuple of (success: bool, message: str)
 
-    hostname = (parsed.hostname or "").lower()
-    if hostname not in allowed_hosts:
-        raise ValueError("Base URL host must be a supported Red Hat domain.")
+    """
+    if requests is None:
+        return False, REQUESTS_NOT_INSTALLED_MESSAGE
 
-    # Normalize to scheme + netloc only; drop path/query/fragment.
-    cleaned = parsed._replace(path="", params="", query="", fragment="")
-    return urlunparse(cleaned)
+    # Default to Ollama if no URL provided
+    if not base_url:
+        base_url = "https://localhost:11434"
+
+    try:
+        base_url = validate_user_provided_url(base_url)
+    except ValueError as exc:
+        return False, f"Invalid local model server URL: {exc}"
+
+    base_url = base_url.rstrip("/")
+
+    try:
+        # Try Ollama API first
+        success, message = _check_ollama_server(base_url, model)
+        if success or "Ollama server" in message:
+            return success, f"{message} at {base_url}"
+
+        # Try OpenAI-compatible API
+        success, message = _check_openai_compatible_server(base_url, model)
+        if success:
+            return success, message
+
+        # If neither endpoint works, server might not be running
+        return False, (
+            f"Cannot connect to local model server at {base_url}. "
+            "Make sure it's running."
+        )
+
+    except requests.exceptions.Timeout:
+        return (
+            False,
+            f"Connection timed out. Is server running at {base_url}?",
+        )
+    except requests.exceptions.ConnectionError:
+        return (
+            False,
+            f"Cannot reach {base_url}. Ensure local model server is running.",
+        )
+    except Exception as e:
+        return False, f"Error validating local model server: {e}"
 
 
 def validate_anthropic_config(api_key, model):
@@ -351,7 +460,12 @@ def validate_openai_config(api_key, model, base_url=""):
     try:
         client_kwargs = {"api_key": api_key}
         if base_url:
-            client_kwargs["base_url"] = base_url
+            try:
+                validated_url = validate_user_provided_url(base_url)
+            except ValueError as exc:
+                return False, f"Invalid base URL: {exc}"
+
+            client_kwargs["base_url"] = validated_url
 
         client = openai.OpenAI(**client_kwargs)
 
@@ -415,11 +529,18 @@ def validate_watson_config(api_key, project_id, base_url=""):
         )
 
     try:
+        validated_url = "https://us-south.ml.cloud.ibm.com"
+        if base_url:
+            try:
+                validated_url = validate_user_provided_url(base_url)
+            except ValueError as exc:
+                return False, f"Invalid base URL: {exc}"
+
         # Initialize Watsonx client
         client = APIClient(
             api_key=api_key,
             project_id=project_id,
-            url=base_url or "https://us-south.ml.cloud.ibm.com",
+            url=validated_url,
         )
 
         # Test connection by listing available models
@@ -441,9 +562,9 @@ def save_ai_settings(
 ):
     """Save AI settings to configuration file."""
     try:
-        # Use /tmp/.souschef for container compatibility (tmpfs is writable)
-        config_dir = Path("/tmp/.souschef")
-        config_dir.mkdir(exist_ok=True)
+        # Use user-specific directory with secure permissions
+        config_dir = Path.home() / ".souschef"
+        config_dir.mkdir(mode=0o700, parents=True, exist_ok=True)
         config_file = config_dir / "ai_config.json"
 
         config = {
@@ -552,7 +673,7 @@ def _load_ai_settings_from_env() -> dict[str, str | float | int]:
 def _load_ai_settings_from_file() -> dict[str, Any]:
     """Load AI settings from configuration file."""
     try:
-        config_file = Path("/tmp/.souschef/ai_config.json")
+        config_file = Path.home() / ".souschef" / "ai_config.json"
         if config_file.exists():
             with config_file.open() as f:
                 result = json.load(f)