Add Foundation gateway roadmap and config profile

2026-04-29 14:16:56 -04:00 · 2026-04-29 14:16:56 -04:00 · 73629bf4f4
parent 2355cf8114
commit 73629bf4f4
5 changed files with 565 additions and 0 deletions
--- a/configs/control.foundation.example.yaml
+++ b/configs/control.foundation.example.yaml
@ -0,0 +1,59 @@
+deployment_profile: "foundation_gateway"
+
+server:
+  host: "127.0.0.1"
+  port: 8800
+
+auth:
+  # Keep a break-glass/static admin key only for initial provisioning or recovery.
+  client_api_keys:
+    - "change-me-foundation-admin-key"
+  node_api_keys:
+    - "change-me-node-key"
+  enable_named_client_keys: true
+  key_hash_secret_env: "GENIEHIVE_KEY_HASH_SECRET"
+
+audit:
+  enabled: true
+
+admin_api:
+  enabled: true
+
+authorization:
+  enforce_model_allowlists: true
+  enforce_operation_allowlists: true
+  empty_allowlist_means_no_access: true
+
+storage:
+  sqlite_path: "state/geniehive.foundation.sqlite3"
+
+roles_path: "configs/roles.foundation.archive.yaml"
+
+routing:
+  health_stale_after_s: 30
+  default_strategy: "scored"
+
+providers:
+  # Provider-backed services are optional. Keep API keys in environment variables,
+  # not in YAML or client scripts.
+  - provider_id: "openai-foundation"
+    provider_kind: "openai_compatible"
+    base_url: "https://api.openai.com"
+    api_key_env: "OPENAI_API_KEY"
+    enabled: false
+  - provider_id: "anthropic-foundation"
+    provider_kind: "anthropic_messages"
+    base_url: "https://api.anthropic.com"
+    api_key_env: "ANTHROPIC_API_KEY"
+    default_headers:
+      anthropic-version: "2023-06-01"
+    enabled: false
+
+budgeting:
+  enabled: false
+  reset_day_of_month: 1
+  global_monthly_budget_cents: 5000
+  provider_monthly_budget_cents:
+    openai-foundation: 3000
+    anthropic-foundation: 3000
+  deny_on_unknown_cost: false
--- a/docs/foundation_gateway_baseline.md
+++ b/docs/foundation_gateway_baseline.md
@ -0,0 +1,72 @@
+# Foundation Gateway Baseline
+
+Last updated: 2026-04-29
+
+## Repository State
+
+- Repository: `/home/netuser/bin/geniehive`
+- Baseline commit: `2355cf8114db5a1ac4630ca22aba63c703553f70`
+- Branch: `main`
+
+## Current Capability Snapshot
+
+GenieHive is currently a local-first control plane for heterogeneous generative
+AI services. It already supports:
+
+- OpenAI-compatible `GET /v1/models`
+- OpenAI-compatible `POST /v1/chat/completions`
+- OpenAI-compatible `POST /v1/embeddings`
+- `POST /v1/audio/transcriptions` multipart proxying
+- node registration and heartbeat
+- SQLite-backed hosts, services, roles, and benchmark samples
+- role-based route resolution
+- request policy shaping
+- benchmark-informed route scoring
+- optional active service health probing
+- static client and node API keys
+
+## Casual Deployment Behavior To Preserve
+
+- `configs/control.example.yaml` loads without Foundation-specific sections.
+- Static `auth.client_api_keys` authorize client requests with `X-Api-Key`.
+- Static `auth.node_api_keys` authorize node requests with
+  `X-GenieHive-Node-Key`.
+- Empty client or node key lists disable that auth check for development.
+- Local model servers do not require provider credential config.
+- Admin endpoints, audit logging, named keys, and budget checks are not required
+  for a local-only deployment.
+
+## Current Example Ports
+
+- Control plane default: `127.0.0.1:8800`
+- Node examples commonly use localhost service endpoints for Ollama,
+  llama.cpp, llamafile, or vLLM.
+- Recent ZeroTier test deployment used control plane binding
+  `172.24.50.65:8800`, node `127.0.0.1:8891`, and llama.cpp
+  `127.0.0.1:18091`.
+
+## Baseline Verification
+
+Run from the repository root:
+
+```bash
+python -m pytest -q tests
+```
+
+Expected current result at baseline: all tests pass.
+
+Current verification result after adding the Foundation roadmap and config
+profile scaffold:
+
+```text
+50 passed
+```
+
+## Known Constraints
+
+- Client authentication is static-key based, not named or revocable per user.
+- Request attribution is not currently persisted.
+- Provider credentials are not modeled as first-class control-plane objects.
+- No budget or quota enforcement exists.
+- Anthropic Messages API is not natively adapted behind the OpenAI-compatible
+  facade.
--- a/docs/foundation_gateway_roadmap.md
+++ b/docs/foundation_gateway_roadmap.md
@ -0,0 +1,350 @@
+# Foundation Gateway Roadmap
+
+Last updated: 2026-04-29
+
+## Decision
+
+Do not fork GenieHive for the Foundation AI gateway work. Implement the feature
+set as an optional hardening profile on top of the existing local-first control
+plane.
+
+The core project should continue to support casual deployment:
+
+- local model services remain first-class
+- static `client_api_keys` and `node_api_keys` remain supported
+- empty key lists can still disable auth for development
+- audit logging, named keys, quotas, provider accounts, and admin endpoints are
+  opt-in
+
+Foundation deployments should enable stricter controls through config, role
+catalogs, and operator documentation.
+
+## Design Principle
+
+Separate mechanism from policy.
+
+Core GenieHive mechanisms:
+
+- authenticate a client and attach a request identity
+- route OpenAI-compatible requests through roles and services
+- optionally record audit metadata without prompt or completion content
+- optionally enforce model and operation scopes
+- optionally route to external provider-backed services
+- optionally summarize usage and enforce budgets
+
+Foundation policy:
+
+- who may receive a key
+- what models and roles are approved
+- what budgets apply
+- what provider accounts are used
+- how requests are reviewed before public publication
+- how emergency disable and key rotation are performed
+
+## Compatibility Contract
+
+Every Foundation hardening change must preserve these behaviors unless a config
+explicitly opts into stricter operation:
+
+1. Existing `configs/control.example.yaml` continues to load.
+2. Existing static `auth.client_api_keys` continues to authorize requests.
+3. Existing node registration keys continue to work.
+4. Existing role catalogs continue to route without client allowlists.
+5. `GET /v1/models`, chat, embeddings, transcription, and cluster inspection
+   remain available in casual deployments.
+6. No provider credentials are required for local-only deployment.
+7. Admin endpoints are disabled unless admin authentication is configured.
+
+## Profiles
+
+### Casual Profile
+
+The casual profile is the default shape of GenieHive.
+
+Expected traits:
+
+- local or LAN-bound control plane
+- static shared client key, or no auth during isolated development
+- no audit log by default
+- no budget enforcement
+- no provider credential store
+- no admin API exposed by default
+
+### Foundation Gateway Profile
+
+The Foundation gateway profile is an opt-in deployment mode for managed access
+to local and paid AI services.
+
+Expected traits:
+
+- named, revocable client credentials
+- request audit log without prompt or completion content
+- model and operation allowlists per key
+- Foundation-owned provider account indirection
+- optional budget and quota enforcement
+- migration-specific role catalogs
+- operator and board-readable governance documentation
+
+## Configuration Shape
+
+The final config shape may evolve, but the intended compatibility model is:
+
+```yaml
+deployment_profile: "casual"
+
+auth:
+  client_api_keys:
+    - "change-me-client-key"
+  node_api_keys:
+    - "change-me-node-key"
+  enable_named_client_keys: false
+  key_hash_secret_env: "GENIEHIVE_KEY_HASH_SECRET"
+
+audit:
+  enabled: false
+
+admin_api:
+  enabled: false
+
+authorization:
+  enforce_model_allowlists: false
+  enforce_operation_allowlists: false
+  empty_allowlist_means_no_access: true
+
+providers: []
+
+budgeting:
+  enabled: false
+```
+
+Foundation example configs can switch these flags on. Casual example configs
+should stay short and understandable.
+
+## Revised Milestones
+
+### M0: Baseline and Compatibility Guard
+
+Goal: record the current behavior and make compatibility explicit before adding
+governance features.
+
+Tasks:
+
+- Add `docs/foundation_gateway_baseline.md`.
+- Record current commit, test command, existing exposed ports, and supported
+  casual deployment behavior.
+- Add or preserve tests proving `configs/control.example.yaml` still loads and
+  static `X-Api-Key` auth still works.
+
+Acceptance:
+
+- Baseline document exists.
+- Current test suite passes or failures are documented.
+- Compatibility contract is visible in docs.
+
+### M1: Config Profiles and Feature Flags
+
+Goal: introduce opt-in switches without changing runtime behavior.
+
+Tasks:
+
+- Add config models for `deployment_profile`, `audit`, `admin_api`,
+  `authorization`, `providers`, and `budgeting`.
+- Keep default values equivalent to current casual behavior.
+- Add a Foundation example config skeleton.
+- Add tests for default values and legacy config loading.
+
+Acceptance:
+
+- Existing configs load unchanged.
+- New config sections are accepted.
+- No governance feature activates by default.
+
+### M2: Named Client Credentials
+
+Goal: support named, revocable API keys while keeping static keys working.
+
+Tasks:
+
+- Add `ClientContext` with principal metadata.
+- Add API key generation, hashing, verification, and redaction helpers.
+- Add a `client_keys` SQLite table.
+- Add registry methods to create, list, disable, enable, and touch keys.
+- Support named keys only when `auth.enable_named_client_keys` is true.
+- Preserve static `auth.client_api_keys`.
+
+Acceptance:
+
+- Static keys still work.
+- Named keys work through `X-Api-Key` when enabled.
+- Disabled named keys fail.
+- Raw keys are never stored.
+- Request handlers can read authenticated client context.
+
+### M3: Request Audit Log
+
+Goal: make production requests attributable without storing prompt or completion
+content.
+
+Tasks:
+
+- Add request ID generation from `X-Request-Id` or UUID.
+- Add `request_audit_log` SQLite table.
+- Record identity, operation, requested model, resolved service, upstream model,
+  provider kind, status, duration, token usage when available, estimated cost
+  when available, and error category.
+- Add admin-only query and summary endpoints, disabled unless admin API is
+  enabled.
+
+Acceptance:
+
+- Chat, embeddings, and transcription requests create audit rows when enabled.
+- Prompt and completion content are not logged.
+- Failed routing and upstream errors are logged.
+- Casual deployments have no audit behavior unless enabled.
+
+### M4: Model and Operation Authorization
+
+Goal: let Foundation keys be limited to approved roles, models, and operations.
+
+Tasks:
+
+- Add allowed models and allowed operations to named keys.
+- Enforce operation scopes only when authorization enforcement is enabled.
+- Support exact model IDs and conservative glob patterns such as `local/*`,
+  `openai/*`, `anthropic/*`, and `role/*`.
+- Prefer role IDs for migration workflows.
+
+Acceptance:
+
+- A chat-only key cannot call embeddings when enforcement is enabled.
+- A key restricted to `archive_migrator` cannot call unrelated roles.
+- Legacy static keys are unaffected unless explicitly mapped into stricter mode.
+
+### M5: Archive Migration Profile
+
+Goal: support TalkOrigins/SciSiteForge-style migration without direct provider
+keys in migration scripts.
+
+Tasks:
+
+- Add `configs/roles.foundation.archive.yaml`.
+- Add roles such as `archive_migrator`, `archive_metadata_extractor`,
+  `archive_link_reviewer`, `archive_copyeditor`, and
+  `archive_factcheck_assistant`.
+- Add `configs/control.foundation.example.yaml`.
+- Add `configs/clients/archive_migration.example.env`.
+- Add a smoke script that calls `archive_migrator` through the OpenAI-compatible
+  facade.
+
+Acceptance:
+
+- A migration client only needs `GENIEHIVE_BASE_URL`, `GENIEHIVE_API_KEY`, and
+  `GENIEHIVE_MODEL`.
+- The requested model is a role, not a provider-specific model.
+- Local-only provider routing remains possible.
+
+### M6: Provider Credential Indirection
+
+Goal: keep paid provider credentials out of role configs, node configs, and
+client scripts.
+
+Tasks:
+
+- Add provider config entries using environment variables first.
+- Add external/provider-backed service registration without requiring node
+  heartbeat.
+- Resolve provider headers centrally in the upstream layer.
+- Keep provider credential storage optional; encrypted-at-rest credentials can
+  be deferred.
+
+Acceptance:
+
+- Provider keys are loaded from environment variables, not committed YAML.
+- Provider-backed services can be routed like local services.
+- Local-only deployments do not need provider sections.
+
+### M7: Anthropic Messages Adapter
+
+Goal: expose Anthropic models through the existing OpenAI-compatible chat facade.
+
+Tasks:
+
+- Add provider protocol dispatch in `UpstreamClient`.
+- Transform OpenAI-shaped messages into Anthropic Messages requests.
+- Transform Anthropic responses back to OpenAI-compatible chat completions.
+- Reject Anthropic streaming clearly until implemented.
+
+Acceptance:
+
+- A chat request can route to an Anthropic-backed service.
+- System messages and usage fields are mapped correctly.
+- Unsupported streaming fails with a specific error.
+
+### M8: Budget and Quota Enforcement
+
+Goal: prevent accidental provider overspend.
+
+Tasks:
+
+- Add budget config with disabled default.
+- Use audit summaries to calculate monthly usage.
+- Add request, token, and estimated-cost limits per key, provider, and globally.
+- Add configurable price maps.
+
+Acceptance:
+
+- Requests over configured limits are denied before upstream calls.
+- Unknown-cost behavior is configurable.
+- Casual deployments do not perform budget checks.
+
+### M9: Admin CLI and Operations Docs
+
+Goal: make managed operation scriptable and understandable.
+
+Tasks:
+
+- Add `geniehive-admin` CLI for create/list/disable/enable keys and usage
+  summaries.
+- Add Foundation docs for gateway operation, provider accounts, key management,
+  archive migration workflow, and emergency disable.
+- Document when provider-native seats are needed instead of GenieHive routing.
+
+Acceptance:
+
+- A new operator can provision and revoke a user key without editing SQLite.
+- A board-facing control summary explains ownership, auditability, and budget
+  control.
+
+### M10: Security Review
+
+Goal: make the Foundation profile safe to expose beyond localhost.
+
+Tasks:
+
+- Add a security checklist covering provider keys, admin auth, content logging,
+  CORS, TLS/reverse proxy, backup/restore, rate limits, and emergency disable.
+- Implement critical checklist items or explicitly defer with issue references.
+- Keep WAN and zero-trust networking as deployment concerns unless a concrete
+  need appears.
+
+Acceptance:
+
+- Security checklist exists.
+- Critical production risks have implementation or documented mitigations.
+
+## Initial Implementation Order
+
+1. M0: Baseline and compatibility guard.
+2. M1: Config profiles and feature flags.
+3. M2: Named client credentials.
+4. M3: Request audit log.
+5. M4: Model and operation authorization.
+6. M5: Archive migration profile.
+7. M6: Provider credential indirection.
+8. M7: Anthropic Messages adapter.
+9. M8: Budget and quota enforcement.
+10. M9: Admin CLI and operations docs.
+11. M10: Security review.
+
+This order lets local-only and TalkOrigins migration pilots start before paid
+provider routing and budget controls are complete.
--- a/src/geniehive_control/config.py
+++ b/src/geniehive_control/config.py
@ -14,6 +14,39 @@ class ServerConfig(BaseModel):
 class AuthConfig(BaseModel):
    client_api_keys: list[str] = Field(default_factory=list)
    node_api_keys: list[str] = Field(default_factory=list)
+    enable_named_client_keys: bool = False
+    key_hash_secret_env: str = "GENIEHIVE_KEY_HASH_SECRET"
+
+
+class AuditConfig(BaseModel):
+    enabled: bool = False
+
+
+class AdminApiConfig(BaseModel):
+    enabled: bool = False
+
+
+class AuthorizationConfig(BaseModel):
+    enforce_model_allowlists: bool = False
+    enforce_operation_allowlists: bool = False
+    empty_allowlist_means_no_access: bool = True
+
+
+class ProviderConfig(BaseModel):
+    provider_id: str
+    provider_kind: str
+    base_url: str
+    api_key_env: str | None = None
+    default_headers: dict[str, str] = Field(default_factory=dict)
+    enabled: bool = True
+
+
+class BudgetingConfig(BaseModel):
+    enabled: bool = False
+    reset_day_of_month: int = 1
+    global_monthly_budget_cents: int | None = None
+    provider_monthly_budget_cents: dict[str, int] = Field(default_factory=dict)
+    deny_on_unknown_cost: bool = False


 class StorageConfig(BaseModel):
@ -33,8 +66,14 @@ class RoutingConfig(BaseModel):


 class ControlConfig(BaseModel):
+    deployment_profile: str = "casual"
    server: ServerConfig = Field(default_factory=ServerConfig)
    auth: AuthConfig = Field(default_factory=AuthConfig)
+    audit: AuditConfig = Field(default_factory=AuditConfig)
+    admin_api: AdminApiConfig = Field(default_factory=AdminApiConfig)
+    authorization: AuthorizationConfig = Field(default_factory=AuthorizationConfig)
+    providers: list[ProviderConfig] = Field(default_factory=list)
+    budgeting: BudgetingConfig = Field(default_factory=BudgetingConfig)
    storage: StorageConfig = Field(default_factory=StorageConfig)
    routing: RoutingConfig = Field(default_factory=RoutingConfig)
    roles_path: str | None = None
--- a/tests/test_control_config.py
+++ b/tests/test_control_config.py
@ -0,0 +1,45 @@
+from pathlib import Path
+
+from geniehive_control.config import ControlConfig, load_config
+
+
+def test_default_control_config_is_casual_and_non_governed() -> None:
+    cfg = ControlConfig()
+
+    assert cfg.deployment_profile == "casual"
+    assert cfg.auth.client_api_keys == []
+    assert cfg.auth.node_api_keys == []
+    assert cfg.auth.enable_named_client_keys is False
+    assert cfg.audit.enabled is False
+    assert cfg.admin_api.enabled is False
+    assert cfg.authorization.enforce_model_allowlists is False
+    assert cfg.authorization.enforce_operation_allowlists is False
+    assert cfg.providers == []
+    assert cfg.budgeting.enabled is False
+
+
+def test_legacy_control_example_loads_without_foundation_sections() -> None:
+    cfg = load_config(Path("configs/control.example.yaml"))
+
+    assert cfg.deployment_profile == "casual"
+    assert cfg.auth.client_api_keys == ["change-me-client-key"]
+    assert cfg.auth.node_api_keys == ["change-me-node-key"]
+    assert cfg.auth.enable_named_client_keys is False
+    assert cfg.audit.enabled is False
+    assert cfg.admin_api.enabled is False
+    assert cfg.providers == []
+
+
+def test_foundation_control_example_loads_as_opt_in_profile() -> None:
+    cfg = load_config(Path("configs/control.foundation.example.yaml"))
+
+    assert cfg.deployment_profile == "foundation_gateway"
+    assert cfg.auth.enable_named_client_keys is True
+    assert cfg.audit.enabled is True
+    assert cfg.admin_api.enabled is True
+    assert cfg.authorization.enforce_model_allowlists is True
+    assert cfg.authorization.enforce_operation_allowlists is True
+    assert cfg.providers[0].provider_id == "openai-foundation"
+    assert cfg.providers[0].api_key_env == "OPENAI_API_KEY"
+    assert cfg.providers[1].provider_kind == "anthropic_messages"
+    assert cfg.budgeting.global_monthly_budget_cents == 5000