From 36b7981240d95999140e406101da2bbae0b46e06 Mon Sep 17 00:00:00 2001 From: salecharohit Date: Sat, 4 Apr 2026 22:42:17 +0530 Subject: [PATCH 1/5] feat(bedrock): add BEDROCK_CONFIG_PATH support for custom provider config Mirrors the existing LLM_SERVER_CONFIG_PATH / OLLAMA_SERVER_CONFIG_PATH pattern so operators can supply a YAML file that overrides the built-in embedded bedrock/config.yml without modifying source code. Changes: - config.go: add BedrockConfig field mapped to BEDROCK_CONFIG_PATH env var - bedrock/bedrock.go: DefaultProviderConfig now accepts *config.Config; reads from BedrockConfig path when set, falls back to embedded config.yml - providers.go, cmd/ctester/main.go: pass cfg to updated DefaultProviderConfig - docker-compose.yml: wire BEDROCK_CONFIG_PATH env var and mount ${PENTAGI_BEDROCK_CONFIG_PATH:-./glm_flash_bedrock.yml} into the container - .env.example: document the new BEDROCK_CONFIG_PATH variable - glm_flash_bedrock.yml: example config exporting the glm_flash DB provider (zai.glm-4.7-flash via Bedrock) as a portable YAML file Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 1 + backend/cmd/ctester/main.go | 2 +- backend/pkg/config/config.go | 1 + backend/pkg/providers/bedrock/bedrock.go | 13 +- backend/pkg/providers/providers.go | 2 +- docker-compose.yml | 2 + glm_flash_bedrock.yml | 178 +++++++++++++++++++++++ 7 files changed, 195 insertions(+), 4 deletions(-) create mode 100644 glm_flash_bedrock.yml diff --git a/.env.example b/.env.example index 4d2795d6..4312f8a0 100644 --- a/.env.example +++ b/.env.example @@ -26,6 +26,7 @@ BEDROCK_ACCESS_KEY_ID= BEDROCK_SECRET_ACCESS_KEY= BEDROCK_SESSION_TOKEN= BEDROCK_SERVER_URL= +BEDROCK_CONFIG_PATH= # Optional: path to a YAML file with per-agent model config (overrides the built-in bedrock/config.yml) ## DeepSeek LLM provider DEEPSEEK_API_KEY= diff --git a/backend/cmd/ctester/main.go b/backend/cmd/ctester/main.go index c8ac8ac8..57840bca 100644 --- a/backend/cmd/ctester/main.go +++ b/backend/cmd/ctester/main.go @@ -168,7 +168,7 @@ func createProvider(providerType string, cfg *config.Config) (provider.Provider, "BEDROCK_DEFAULT_AUTH=true, BEDROCK_BEARER_TOKEN, or " + "BEDROCK_ACCESS_KEY_ID+BEDROCK_SECRET_ACCESS_KEY") } - providerConfig, err := bedrock.DefaultProviderConfig() + providerConfig, err := bedrock.DefaultProviderConfig(cfg) if err != nil { return nil, fmt.Errorf("error creating bedrock provider config: %w", err) } diff --git a/backend/pkg/config/config.go b/backend/pkg/config/config.go index 0f88c97c..fc87b039 100644 --- a/backend/pkg/config/config.go +++ b/backend/pkg/config/config.go @@ -111,6 +111,7 @@ type Config struct { BedrockSecretKey string `env:"BEDROCK_SECRET_ACCESS_KEY"` BedrockSessionToken string `env:"BEDROCK_SESSION_TOKEN"` BedrockServerURL string `env:"BEDROCK_SERVER_URL"` + BedrockConfig string `env:"BEDROCK_CONFIG_PATH"` // === LLM Provider: DeepSeek === DeepSeekAPIKey string `env:"DEEPSEEK_API_KEY"` diff --git a/backend/pkg/providers/bedrock/bedrock.go b/backend/pkg/providers/bedrock/bedrock.go index 242451ee..a621e202 100644 --- a/backend/pkg/providers/bedrock/bedrock.go +++ b/backend/pkg/providers/bedrock/bedrock.go @@ -7,6 +7,7 @@ import ( "fmt" "net/http" "net/url" + "os" "reflect" "sync" @@ -48,8 +49,16 @@ func BuildProviderConfig(configData []byte) (*pconfig.ProviderConfig, error) { return providerConfig, nil } -func DefaultProviderConfig() (*pconfig.ProviderConfig, error) { - configData, err := configFS.ReadFile("config.yml") +func DefaultProviderConfig(cfg *config.Config) (*pconfig.ProviderConfig, error) { + var ( + configData []byte + err error + ) + if cfg.BedrockConfig == "" { + configData, err = configFS.ReadFile("config.yml") + } else { + configData, err = os.ReadFile(cfg.BedrockConfig) + } if err != nil { return nil, err } diff --git a/backend/pkg/providers/providers.go b/backend/pkg/providers/providers.go index 62ac438c..3374685e 100644 --- a/backend/pkg/providers/providers.go +++ b/backend/pkg/providers/providers.go @@ -186,7 +186,7 @@ func NewProviderController( defaultConfigs[provider.ProviderGemini] = config } - if config, err := bedrock.DefaultProviderConfig(); err != nil { + if config, err := bedrock.DefaultProviderConfig(cfg); err != nil { return nil, fmt.Errorf("failed to create bedrock provider config: %w", err) } else { defaultConfigs[provider.ProviderBedrock] = config diff --git a/docker-compose.yml b/docker-compose.yml index 2b6adb70..bb21cff7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,6 +55,7 @@ services: - BEDROCK_SECRET_ACCESS_KEY=${BEDROCK_SECRET_ACCESS_KEY:-} - BEDROCK_SESSION_TOKEN=${BEDROCK_SESSION_TOKEN:-} - BEDROCK_SERVER_URL=${BEDROCK_SERVER_URL:-} + - BEDROCK_CONFIG_PATH=${BEDROCK_CONFIG_PATH:-} - DEEPSEEK_API_KEY=${DEEPSEEK_API_KEY:-} - DEEPSEEK_SERVER_URL=${DEEPSEEK_SERVER_URL:-} - DEEPSEEK_PROVIDER=${DEEPSEEK_PROVIDER:-} @@ -176,6 +177,7 @@ services: - ${PENTAGI_DOCKER_SOCKET:-/var/run/docker.sock}:/var/run/docker.sock - ${PENTAGI_LLM_SERVER_CONFIG_PATH:-./example.custom.provider.yml}:/opt/pentagi/conf/custom.provider.yml - ${PENTAGI_OLLAMA_SERVER_CONFIG_PATH:-./example.ollama.provider.yml}:/opt/pentagi/conf/ollama.provider.yml + - ${PENTAGI_BEDROCK_CONFIG_PATH:-./glm_flash_bedrock.yml}:/opt/pentagi/conf/bedrock.provider.yml - ${PENTAGI_DOCKER_CERT_PATH:-./docker-ssl}:/opt/pentagi/docker/ssl user: root:root # while using docker.sock networks: diff --git a/glm_flash_bedrock.yml b/glm_flash_bedrock.yml new file mode 100644 index 00000000..362d6c73 --- /dev/null +++ b/glm_flash_bedrock.yml @@ -0,0 +1,178 @@ +# GLM Flash configuration for AWS Bedrock (zai.glm-4.7-flash) +# Exported from the glm_flash provider stored in the database. +# To use, set BEDROCK_CONFIG_PATH=./glm_flash_bedrock.yml in your .env file. + +simple: + model: zai.glm-4.7-flash + temperature: 0.5 + top_p: 0.5 + n: 1 + max_tokens: 6000 + price: + input: 0.15 + output: 0.6 + cache_read: 0 + cache_write: 0 + +simple_json: + model: zai.glm-4.7-flash + temperature: 0.5 + top_p: 0.5 + n: 1 + max_tokens: 63998 + json: true + price: + input: 0.15 + output: 0.6 + cache_read: 0 + cache_write: 0 + +primary_agent: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63999 + reasoning: + effort: high + max_tokens: 2048 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 + +assistant: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63998 + reasoning: + effort: low + max_tokens: 1024 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 + +generator: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63998 + reasoning: + max_tokens: 4096 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 + +refiner: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63998 + reasoning: + effort: medium + max_tokens: 2048 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 + +adviser: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63998 + reasoning: + effort: high + max_tokens: 64000 + price: + input: 5.0 + output: 25.0 + cache_read: 0.5 + cache_write: 6.25 + +reflector: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 4096 + reasoning: + effort: low + max_tokens: 1024 + price: + input: 1.0 + output: 5.0 + cache_read: 0.1 + cache_write: 1.25 + +searcher: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 8192 + reasoning: + max_tokens: 1024 + price: + input: 1.0 + output: 5.0 + cache_read: 0.1 + cache_write: 1.25 + +enricher: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63998 + reasoning: + max_tokens: 1024 + price: + input: 1.0 + output: 5.0 + cache_read: 0.1 + cache_write: 1.25 + +coder: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63997 + reasoning: + effort: high + max_tokens: 2048 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 + +installer: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 63996 + reasoning: + max_tokens: 1024 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 + +pentester: + model: zai.glm-4.7-flash + temperature: 1.0 + n: 1 + max_tokens: 128000 + reasoning: + effort: high + max_tokens: 1024 + price: + input: 3.0 + output: 15.0 + cache_read: 0.3 + cache_write: 3.75 From 4be1a26cba9f3b754e278102d063654ed1a89452 Mon Sep 17 00:00:00 2001 From: salecharohit Date: Sat, 4 Apr 2026 22:49:44 +0530 Subject: [PATCH 2/5] docs: document BEDROCK_CONFIG_PATH in README Add BEDROCK_CONFIG_PATH to the AWS Bedrock Provider Configuration table and the full env reference section to document the custom YAML config path feature added in the feature branch. Co-Authored-By: Claude Sonnet 4.6 --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 5defc219..ed919159 100644 --- a/README.md +++ b/README.md @@ -1705,6 +1705,7 @@ PentAGI integrates with Amazon Bedrock, offering access to 20+ foundation models | `BEDROCK_SECRET_ACCESS_KEY` | | AWS secret access key for static credentials | | `BEDROCK_SESSION_TOKEN` | | AWS session token for temporary credentials (optional, used with static credentials) | | `BEDROCK_SERVER_URL` | | Custom Bedrock endpoint (VPC endpoints, local testing) | +| `BEDROCK_CONFIG_PATH` | | Path to a custom YAML provider config file (overrides the built-in default config for model/pricing definitions) | **Authentication Priority**: `BEDROCK_DEFAULT_AUTH` → `BEDROCK_BEARER_TOKEN` → `BEDROCK_ACCESS_KEY_ID`+`BEDROCK_SECRET_ACCESS_KEY` @@ -2643,6 +2644,7 @@ BEDROCK_ACCESS_KEY_ID=your_aws_access_key # AWS access key ID (static cre BEDROCK_SECRET_ACCESS_KEY=your_aws_secret_key # AWS secret access key (static credentials) BEDROCK_SESSION_TOKEN= # AWS session token (optional, for temporary credentials with static auth) BEDROCK_SERVER_URL= # Optional custom Bedrock endpoint (VPC endpoints, local testing) +BEDROCK_CONFIG_PATH= # Optional path to a custom YAML provider config (overrides built-in model/pricing definitions) # For Ollama (local server or cloud) OLLAMA_SERVER_URL= # Local: http://ollama-server:11434, Cloud: https://ollama.com From aeeb98dd006ab9187e02f326eea29f7c4427ebc7 Mon Sep 17 00:00:00 2001 From: salecharohit Date: Mon, 6 Apr 2026 12:41:43 +0530 Subject: [PATCH 3/5] fix(docker): hardcode BEDROCK_CONFIG_PATH in-container path in compose MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Instead of passing BEDROCK_CONFIG_PATH through from the host env (which required users to know the internal container path), set it directly to the fixed mount point /opt/pentagi/conf/bedrock.provider.yml in compose. Users now only need PENTAGI_BEDROCK_CONFIG_PATH pointing to their host file — consistent with how PENTAGI_LLM_SERVER_CONFIG_PATH and PENTAGI_OLLAMA_SERVER_CONFIG_PATH work. Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 2 +- docker-compose.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.env.example b/.env.example index 4312f8a0..5629232b 100644 --- a/.env.example +++ b/.env.example @@ -26,7 +26,7 @@ BEDROCK_ACCESS_KEY_ID= BEDROCK_SECRET_ACCESS_KEY= BEDROCK_SESSION_TOKEN= BEDROCK_SERVER_URL= -BEDROCK_CONFIG_PATH= # Optional: path to a YAML file with per-agent model config (overrides the built-in bedrock/config.yml) +PENTAGI_BEDROCK_CONFIG_PATH= # Optional: host path to a YAML file with per-agent model config (e.g. ./glm_flash_bedrock.yml); mounted into the container automatically ## DeepSeek LLM provider DEEPSEEK_API_KEY= diff --git a/docker-compose.yml b/docker-compose.yml index bb21cff7..2a9ac138 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,7 +55,7 @@ services: - BEDROCK_SECRET_ACCESS_KEY=${BEDROCK_SECRET_ACCESS_KEY:-} - BEDROCK_SESSION_TOKEN=${BEDROCK_SESSION_TOKEN:-} - BEDROCK_SERVER_URL=${BEDROCK_SERVER_URL:-} - - BEDROCK_CONFIG_PATH=${BEDROCK_CONFIG_PATH:-} + - BEDROCK_CONFIG_PATH=/opt/pentagi/conf/bedrock.provider.yml - DEEPSEEK_API_KEY=${DEEPSEEK_API_KEY:-} - DEEPSEEK_SERVER_URL=${DEEPSEEK_SERVER_URL:-} - DEEPSEEK_PROVIDER=${DEEPSEEK_PROVIDER:-} From b1b606df7abd89844b128f964a06650082e4096d Mon Sep 17 00:00:00 2001 From: salecharohit Date: Mon, 6 Apr 2026 12:46:47 +0530 Subject: [PATCH 4/5] fix(docker): align BEDROCK_CONFIG_PATH pattern with existing providers Follow the same two-variable convention used for LLM_SERVER_CONFIG_PATH and OLLAMA_SERVER_CONFIG_PATH: - PENTAGI_BEDROCK_CONFIG_PATH: host-side path to the YAML file, mounted into the container at /opt/pentagi/conf/bedrock.provider.yml - BEDROCK_CONFIG_PATH: in-container path passed to the app, set to /opt/pentagi/conf/bedrock.provider.yml when using the above Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 3 ++- docker-compose.yml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.env.example b/.env.example index 5629232b..f9c19640 100644 --- a/.env.example +++ b/.env.example @@ -26,7 +26,7 @@ BEDROCK_ACCESS_KEY_ID= BEDROCK_SECRET_ACCESS_KEY= BEDROCK_SESSION_TOKEN= BEDROCK_SERVER_URL= -PENTAGI_BEDROCK_CONFIG_PATH= # Optional: host path to a YAML file with per-agent model config (e.g. ./glm_flash_bedrock.yml); mounted into the container automatically +BEDROCK_CONFIG_PATH= # Optional: set to /opt/pentagi/conf/bedrock.provider.yml when using PENTAGI_BEDROCK_CONFIG_PATH below ## DeepSeek LLM provider DEEPSEEK_API_KEY= @@ -138,6 +138,7 @@ PENTAGI_DOCKER_SOCKET= PENTAGI_DOCKER_CERT_PATH= PENTAGI_LLM_SERVER_CONFIG_PATH= PENTAGI_OLLAMA_SERVER_CONFIG_PATH= +PENTAGI_BEDROCK_CONFIG_PATH= # Host path to a custom Bedrock provider config YAML (e.g. ./glm_flash_bedrock.yml from the repo root); mounted into the container at /opt/pentagi/conf/bedrock.provider.yml ## PentAGI security settings PUBLIC_URL=https://localhost:8443 diff --git a/docker-compose.yml b/docker-compose.yml index 2a9ac138..bb21cff7 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,7 +55,7 @@ services: - BEDROCK_SECRET_ACCESS_KEY=${BEDROCK_SECRET_ACCESS_KEY:-} - BEDROCK_SESSION_TOKEN=${BEDROCK_SESSION_TOKEN:-} - BEDROCK_SERVER_URL=${BEDROCK_SERVER_URL:-} - - BEDROCK_CONFIG_PATH=/opt/pentagi/conf/bedrock.provider.yml + - BEDROCK_CONFIG_PATH=${BEDROCK_CONFIG_PATH:-} - DEEPSEEK_API_KEY=${DEEPSEEK_API_KEY:-} - DEEPSEEK_SERVER_URL=${DEEPSEEK_SERVER_URL:-} - DEEPSEEK_PROVIDER=${DEEPSEEK_PROVIDER:-} From 264116827d0932a909f1cd38cc1fc4b0f61348ee Mon Sep 17 00:00:00 2001 From: salecharohit Date: Mon, 6 Apr 2026 15:19:54 +0530 Subject: [PATCH 5/5] feat(bedrock): auto-seed provider from BEDROCK_CONFIG_PATH on startup - Add Name field to ProviderConfig; YAML name: key sets the provider name shown in the UI (e.g. glm_flash) - Add SeedDefaultProviders to ProviderController: upserts the Bedrock provider into the DB for all existing users at startup and lazily for new users on their first Settings page visit - Editing the YAML and restarting PentAGI automatically propagates new values with no UI interaction required - Simplify to a single BEDROCK_CONFIG_PATH variable: compose uses it as the host-side volume mount path and translates it to the fixed container path via :+ substitution, eliminating PENTAGI_BEDROCK_CONFIG_PATH - Fix bedrock_test.go: pass &config.Config{} to DefaultProviderConfig after its signature was updated to accept a config argument Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 3 +- backend/pkg/graph/schema.resolvers.go | 4 ++ backend/pkg/providers/bedrock/bedrock_test.go | 10 +-- backend/pkg/providers/pconfig/config.go | 1 + backend/pkg/providers/providers.go | 69 ++++++++++++++++++- docker-compose.yml | 4 +- glm_flash_bedrock.yml | 2 + 7 files changed, 82 insertions(+), 11 deletions(-) diff --git a/.env.example b/.env.example index f9c19640..34a2b548 100644 --- a/.env.example +++ b/.env.example @@ -26,7 +26,7 @@ BEDROCK_ACCESS_KEY_ID= BEDROCK_SECRET_ACCESS_KEY= BEDROCK_SESSION_TOKEN= BEDROCK_SERVER_URL= -BEDROCK_CONFIG_PATH= # Optional: set to /opt/pentagi/conf/bedrock.provider.yml when using PENTAGI_BEDROCK_CONFIG_PATH below +BEDROCK_CONFIG_PATH= # Optional: path to a custom YAML provider config on the host (e.g. ./glm_flash_bedrock.yml next to docker-compose.yml); the name field inside the YAML sets the provider name in the UI ## DeepSeek LLM provider DEEPSEEK_API_KEY= @@ -138,7 +138,6 @@ PENTAGI_DOCKER_SOCKET= PENTAGI_DOCKER_CERT_PATH= PENTAGI_LLM_SERVER_CONFIG_PATH= PENTAGI_OLLAMA_SERVER_CONFIG_PATH= -PENTAGI_BEDROCK_CONFIG_PATH= # Host path to a custom Bedrock provider config YAML (e.g. ./glm_flash_bedrock.yml from the repo root); mounted into the container at /opt/pentagi/conf/bedrock.provider.yml ## PentAGI security settings PUBLIC_URL=https://localhost:8443 diff --git a/backend/pkg/graph/schema.resolvers.go b/backend/pkg/graph/schema.resolvers.go index 340b1208..ce4867bd 100644 --- a/backend/pkg/graph/schema.resolvers.go +++ b/backend/pkg/graph/schema.resolvers.go @@ -1695,6 +1695,10 @@ func (r *queryResolver) SettingsProviders(ctx context.Context) (*model.Providers "uid": uid, }).Debug("get providers") + if err := r.ProvidersCtrl.SeedDefaultProviders(ctx, uid); err != nil { + r.Logger.WithError(err).Warn("failed to seed default providers") + } + config := model.ProvidersConfig{ Enabled: &model.ProvidersReadinessStatus{}, Default: &model.DefaultProvidersConfig{}, diff --git a/backend/pkg/providers/bedrock/bedrock_test.go b/backend/pkg/providers/bedrock/bedrock_test.go index 71ec530e..aeeac337 100644 --- a/backend/pkg/providers/bedrock/bedrock_test.go +++ b/backend/pkg/providers/bedrock/bedrock_test.go @@ -21,7 +21,7 @@ func TestConfigLoading(t *testing.T) { BedrockSecretKey: "test-key", } - providerConfig, err := DefaultProviderConfig() + providerConfig, err := DefaultProviderConfig(&config.Config{}) if err != nil { t.Fatalf("Failed to create provider config: %v", err) } @@ -68,7 +68,7 @@ func TestProviderType(t *testing.T) { BedrockSecretKey: "test-key", } - providerConfig, err := DefaultProviderConfig() + providerConfig, err := DefaultProviderConfig(&config.Config{}) if err != nil { t.Fatalf("Failed to create provider config: %v", err) } @@ -154,7 +154,7 @@ func TestGetUsage(t *testing.T) { BedrockSecretKey: "test-key", } - providerConfig, err := DefaultProviderConfig() + providerConfig, err := DefaultProviderConfig(&config.Config{}) if err != nil { t.Fatalf("Failed to create provider config: %v", err) } @@ -877,7 +877,7 @@ func TestExtractToolsFromOptions(t *testing.T) { // TestAuthenticationStrategies verifies all supported authentication methods. func TestAuthenticationStrategies(t *testing.T) { - providerConfig, err := DefaultProviderConfig() + providerConfig, err := DefaultProviderConfig(&config.Config{}) if err != nil { t.Fatalf("Failed to create provider config: %v", err) } @@ -1020,7 +1020,7 @@ func TestAuthenticationStrategies(t *testing.T) { // TestAuthenticationErrors verifies error handling for invalid configurations. func TestAuthenticationErrors(t *testing.T) { - providerConfig, err := DefaultProviderConfig() + providerConfig, err := DefaultProviderConfig(&config.Config{}) if err != nil { t.Fatalf("Failed to create provider config: %v", err) } diff --git a/backend/pkg/providers/pconfig/config.go b/backend/pkg/providers/pconfig/config.go index eaf4e0a0..0a85f9a7 100644 --- a/backend/pkg/providers/pconfig/config.go +++ b/backend/pkg/providers/pconfig/config.go @@ -214,6 +214,7 @@ type AgentConfig struct { // ProviderConfig represents the configuration for all agents type ProviderConfig struct { + Name string `json:"name,omitempty" yaml:"name,omitempty"` Simple *AgentConfig `json:"simple,omitempty" yaml:"simple,omitempty"` SimpleJSON *AgentConfig `json:"simple_json,omitempty" yaml:"simple_json,omitempty"` PrimaryAgent *AgentConfig `json:"primary_agent,omitempty" yaml:"primary_agent,omitempty"` diff --git a/backend/pkg/providers/providers.go b/backend/pkg/providers/providers.go index 3374685e..31acbd6e 100644 --- a/backend/pkg/providers/providers.go +++ b/backend/pkg/providers/providers.go @@ -117,6 +117,8 @@ type ProviderController interface { prvID int64, ) (database.Provider, error) + SeedDefaultProviders(ctx context.Context, userID int64) error + TestAgent( ctx context.Context, prvtype provider.ProviderType, @@ -353,7 +355,7 @@ func NewProviderController( graphitiClient = &graphiti.Client{} } - return &providerController{ + pc := &providerController{ db: db, cfg: cfg, docker: docker, @@ -372,7 +374,24 @@ func NewProviderController( defaultConfigs: defaultConfigs, Providers: providers, - }, nil + } + + // Seed configured system providers into the DB for all existing users so + // they are immediately available without any UI interaction. This runs on + // every startup, so editing a YAML config file and restarting PentAGI + // automatically propagates new values. + ctx := context.Background() + if users, err := db.GetUsers(ctx); err != nil { + logrus.WithError(err).Warn("failed to fetch users for provider seeding") + } else { + for _, u := range users { + if err := pc.SeedDefaultProviders(ctx, u.ID); err != nil { + logrus.WithError(err).Warnf("failed to seed default providers for user %d", u.ID) + } + } + } + + return pc, nil } func (pc *providerController) NewFlowProvider( @@ -826,6 +845,52 @@ func (pc *providerController) NewProvider(prv database.Provider) (provider.Provi } } +func (pc *providerController) SeedDefaultProviders(ctx context.Context, userID int64) error { + if pc.cfg.BedrockConfig == "" { + return nil + } + if !pc.cfg.BedrockDefaultAuth && pc.cfg.BedrockBearerToken == "" && + (pc.cfg.BedrockAccessKey == "" || pc.cfg.BedrockSecretKey == "") { + return nil + } + + bedrockCfg, ok := pc.defaultConfigs[provider.ProviderBedrock] + if !ok { + return nil + } + + rawConfig, err := json.Marshal(bedrockCfg) + if err != nil { + return fmt.Errorf("failed to marshal bedrock config: %w", err) + } + + prvname := bedrockCfg.Name + if prvname == "" { + prvname = string(provider.DefaultProviderNameBedrock) + } + existing, err := pc.db.GetUserProviderByName(ctx, database.GetUserProviderByNameParams{ + Name: prvname, + UserID: userID, + }) + if err != nil { + _, err = pc.db.CreateProvider(ctx, database.CreateProviderParams{ + UserID: userID, + Type: database.ProviderType(provider.ProviderBedrock), + Name: prvname, + Config: rawConfig, + }) + return err + } + + _, err = pc.db.UpdateUserProvider(ctx, database.UpdateUserProviderParams{ + ID: existing.ID, + UserID: userID, + Config: rawConfig, + Name: existing.Name, + }) + return err +} + func (pc *providerController) CreateProvider( ctx context.Context, userID int64, diff --git a/docker-compose.yml b/docker-compose.yml index bb21cff7..76a9d725 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,7 +55,7 @@ services: - BEDROCK_SECRET_ACCESS_KEY=${BEDROCK_SECRET_ACCESS_KEY:-} - BEDROCK_SESSION_TOKEN=${BEDROCK_SESSION_TOKEN:-} - BEDROCK_SERVER_URL=${BEDROCK_SERVER_URL:-} - - BEDROCK_CONFIG_PATH=${BEDROCK_CONFIG_PATH:-} + - BEDROCK_CONFIG_PATH=${BEDROCK_CONFIG_PATH:+/opt/pentagi/conf/bedrock.provider.yml} - DEEPSEEK_API_KEY=${DEEPSEEK_API_KEY:-} - DEEPSEEK_SERVER_URL=${DEEPSEEK_SERVER_URL:-} - DEEPSEEK_PROVIDER=${DEEPSEEK_PROVIDER:-} @@ -177,7 +177,7 @@ services: - ${PENTAGI_DOCKER_SOCKET:-/var/run/docker.sock}:/var/run/docker.sock - ${PENTAGI_LLM_SERVER_CONFIG_PATH:-./example.custom.provider.yml}:/opt/pentagi/conf/custom.provider.yml - ${PENTAGI_OLLAMA_SERVER_CONFIG_PATH:-./example.ollama.provider.yml}:/opt/pentagi/conf/ollama.provider.yml - - ${PENTAGI_BEDROCK_CONFIG_PATH:-./glm_flash_bedrock.yml}:/opt/pentagi/conf/bedrock.provider.yml + - ${BEDROCK_CONFIG_PATH:-./glm_flash_bedrock.yml}:/opt/pentagi/conf/bedrock.provider.yml - ${PENTAGI_DOCKER_CERT_PATH:-./docker-ssl}:/opt/pentagi/docker/ssl user: root:root # while using docker.sock networks: diff --git a/glm_flash_bedrock.yml b/glm_flash_bedrock.yml index 362d6c73..db1c4804 100644 --- a/glm_flash_bedrock.yml +++ b/glm_flash_bedrock.yml @@ -2,6 +2,8 @@ # Exported from the glm_flash provider stored in the database. # To use, set BEDROCK_CONFIG_PATH=./glm_flash_bedrock.yml in your .env file. +name: glm_flash + simple: model: zai.glm-4.7-flash temperature: 0.5