Commit Graph

335 Commits

Author SHA1 Message Date
Harshit Jain 66ce7513f6 Merge branch 'main' into litellm_project_management_apis 2026-02-19 08:40:12 +05:30
Shivam Rawat 9ceaa2cbb0 tests and route permissions (#21508) 2026-02-18 16:58:38 -08:00
Sameer Kankute eb8b991260 Merge branch 'main' into litellm_oss_staging_02_17_2026 2026-02-18 17:26:33 +05:30
Julio Quinteros Pro eff082993a Fix mock target for enterprise license check
Changed from non-existent JWTAuthManager._is_jwt_auth_available to
the correct proxy_server.premium_user, which is the established
pattern used elsewhere in the test suite.

This fixes the AttributeError that would occur at runtime.

Addresses Greptile feedback (score 1/5 -> should be 5/5 now).

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-17 21:25:00 -03:00
Julio Quinteros Pro 3c61c7fbb1 fix(test): mock enterprise license check in JWT test
The test test_jwt_non_admin_team_route_access was failing with:
```
AssertionError: assert 'Only proxy admin can be used to generate' in
'Authentication Error, JWT Auth is an enterprise only feature...'
```

Root cause: The test was hitting the enterprise license validation before
reaching the proxy admin authorization check. In parallel execution with
--dist=loadscope, environment variables like LITELLM_LICENSE can vary
between workers or be unset, causing inconsistent test behavior.

Solution: Mock the JWTAuthManager._is_jwt_auth_available method to
return True, bypassing the license check. This allows the test to
reach the actual authorization logic being tested (proxy admin check).

This approach is more reliable than setting environment variables which
can cause pollution between parallel tests.

Fixes test failure exposed by PR #21277.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-17 21:25:00 -03:00
Shivam Rawat c0e87f7ffb fixed byok models for teams issue (#21408) 2026-02-17 15:26:03 -08:00
jquinter acbcfec313 Merge pull request #21422 from BerriAI/fix/lakera-keyerror-missing-api-key
fix(lakera-guardrail): avoid KeyError on missing LAKERA_API_KEY during initialization
2026-02-17 20:06:43 -03:00
Julio Quinteros Pro f8f2a86ce1 fix(lakera-guardrail): use os.environ.get() to avoid KeyError on missing LAKERA_API_KEY
`os.environ["LAKERA_API_KEY"]` raises KeyError when the env var is absent,
causing test_active_callbacks to error during fixture setup. Switch to
`os.environ.get()` in both lakera_ai.py and lakera_ai_v2.py so initialization
succeeds without the key (actual API calls will fail separately if key is unset).

Also mock `premium_user=True` in the test fixture so the enterprise
`hide_secrets` guardrail can initialize, matching the test's expectations.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-17 19:30:22 -03:00
Julio Quinteros Pro defc76b32a fix(tests): mock prisma.Prisma in backoff retry tests to avoid 'prisma generate'
PrismaClient.__init__ does `from prisma import Prisma` inline, which raises
RuntimeError when the Prisma client hasn't been generated.  This caused two
tests to fail in CI with:

  Exception: Unable to find Prisma binaries. Please run 'prisma generate' first.

Add an autouse fixture that replaces sys.modules['prisma'] with a MagicMock
for the duration of each test, allowing PrismaClient to be instantiated and
client.db to be overridden with the existing mock objects.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-02-17 19:29:20 -03:00
Julio Quinteros Pro 480974e0f9 fix: complete asyncio.iscoroutinefunction deprecation fix across codebase
Replace all asyncio.iscoroutinefunction() calls with inspect.iscoroutinefunction()
to fix Python 3.16 deprecation warnings throughout the entire codebase.

Files updated:
- litellm/litellm_core_utils/logging_utils.py
- litellm/proxy/common_utils/performance_utils.py
- litellm/proxy/management_endpoints/key_management_endpoints.py (2 occurrences)
- litellm/proxy/management_endpoints/ui_sso.py
- litellm/litellm_core_utils/redact_messages.py
- litellm/integrations/custom_guardrail.py
- tests/proxy_unit_tests/test_response_polling_handler.py

This addresses Greptile's feedback about incomplete deprecation fixes.
All instances now use the standard library inspect.iscoroutinefunction()
which is the recommended approach and won't be deprecated.
2026-02-17 18:20:44 -03:00
Sameer Kankute 791cef6d99 fix test_chat_completion 2026-02-17 20:26:28 +05:30
Sameer Kankute 288f7b860c fix test_allow_access_by_email 2026-02-17 20:19:39 +05:30
Julio Quinteros Pro 2d41b03f8b fix(test): mock environment variables for callback validation test
The test test_proxy_config_state_post_init_callback_call was failing with:
```
ValidationError: 2 validation errors for TeamCallbackMetadata
callback_vars.langfuse_public_key
  Input should be a valid string [type=string_type, input_value=None, input_type=NoneType]
```

Root cause: The test uses environment variable references like
"os.environ/LANGFUSE_PUBLIC_KEY" which get resolved at runtime. In
parallel execution with --dist=loadscope, these environment variables
may not be set in all worker processes, causing the resolution to
return None, which fails Pydantic validation expecting strings.

Solution: Use monkeypatch to set the required environment variables
before the test runs. This ensures consistent behavior across all
test execution environments (local, CI, parallel workers).

Fixes test failure exposed by PR #21277.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-15 20:44:17 -03:00
yuneng-jiang 5a78486a15 tests 2026-02-13 22:01:28 -08:00
yuneng-jiang cd148dcb82 added access groups permission checks 2026-02-13 20:01:25 -08:00
Harshit Jain 5f87e3bd28 fix: add project managemenet api with proper working 2026-02-13 18:07:27 +05:30
Harshit Jain f77fbefc22 fix: resolve conflicts with verification e2e 2026-02-13 06:11:03 +05:30
Achilleas Athanasiou Fragkoulis cb95b1cf92 fix: Add LITELLM_UI_PATH and LITELLM_ASSETS_PATH for read-only filesystem support (#20492)
Fixes #19578

---

When deploying the LiteLLM proxy with `readOnlyRootFilesystem: true` in Kubernetes, UI routes returned `404` because:

- Hardcoded paths:
  - `/var/lib/litellm/ui`
  - `/var/lib/litellm/assets`
- Runtime copy/restructure operations failed on read-only filesystems
- No detection mechanism for pre-restructured UI

---

Add configurable environment variables with intelligent detection, graceful fallbacks, and code quality improvements.

---

- **`LITELLM_UI_PATH`** — Custom UI directory location
  - Default: `/var/lib/litellm/ui` (when `LITELLM_NON_ROOT=true`)
  - Default: packaged UI path (otherwise)
  - Example: `/app/var/litellm/ui` for `emptyDir` volumes

- **`LITELLM_ASSETS_PATH`** — Custom assets directory location
  - Default: `/var/lib/litellm/assets` (when `LITELLM_NON_ROOT=true`)
  - Default: current working directory (otherwise)
  - Example: `/app/var/litellm/assets`

---

UI is detected as **pre-restructured and ready** if any of the following apply:

1. **Primary**: `.litellm_ui_ready` marker file exists (created by Dockerfile)
2. **Fallback**: Pattern-based detection — finds *any* subdirectory containing `index.html`
   (resilient to UI structure changes; no hardcoded route names)
3. **Safety**: Filesystem writability check before operations

---

**`litellm/proxy/proxy_server.py`**

- `_validate_ui_directory()` — Verifies UI has required structure (`index.html`, `_next/`)
- `_is_ui_pre_restructured()` — Pattern-based detection (not hardcoded routes)
- `_try_populate_ui_directory()` — Helper for clean error handling
- Refactored UI path decision tree with numbered cases (1, 2, 3, 4a, 4b)
- Updated UI path logic to use `LITELLM_UI_PATH`
- Added writability checks before copy/restructure operations
- Graceful fallback to packaged UI if operations fail
- Updated `server_root_path` replacement with read-only check
- Simplified assets directory creation (try/except instead of complex parent checks)
- Updated `get_image()` endpoint to use `LITELLM_ASSETS_PATH`
- Added validation for packaged and final UI paths

**`docker/Dockerfile.non_root`**

- Added `touch .litellm_ui_ready` marker after UI restructuring
- Enables automatic detection of pre-built UI in Docker images

**`tests/proxy_unit_tests/test_ui_path_detection.py`**

- Added comprehensive unit tests for new functionality
- Tests env var handling, detection logic, and writability checks

---

**`docs/my-website/docs/proxy/config_settings.md`**

- Added `LITELLM_UI_PATH` and `LITELLM_ASSETS_PATH` to env vars table
- Documented defaults and use cases

**`docs/my-website/docs/proxy/prod.md`**

- Added comprehensive "Read-Only Root Filesystem" section
- Quick fixes for permission errors
- Full Kubernetes setup with `initContainer` + `emptyDir` volumes
- API-only deployment option
- Environment variables reference table
- Notes on migrations, caching, and `server_root_path`

**`docker/README.md`**

- Updated hardened setup notes to mention pre-built UI
- Added details about UI serving from read-only paths

---

- No breaking changes
- Existing deployments continue working without modifications
- New env vars are optional with sensible defaults
- Detection logic supports both old and new builds
- Graceful fallbacks throughout

---

```yaml
apiVersion: apps/v1
kind: Deployment
spec:
  template:
    spec:
      initContainers:
        - name: setup-ui
          image: ghcr.io/berriai/litellm:main-stable
          command: ["sh", "-c", "cp -r /var/lib/litellm/ui/* /app/var/litellm/ui/"]
          volumeMounts:
            - name: ui-volume
              mountPath: /app/var/litellm/ui
      containers:
        - name: litellm
          env:
            - name: LITELLM_UI_PATH
              value: "/app/var/litellm/ui"
            - name: LITELLM_ASSETS_PATH
              value: "/app/var/litellm/assets"
          securityContext:
            readOnlyRootFilesystem: true
          volumeMounts:
            - name: ui-volume
              mountPath: /app/var/litellm/ui
      volumes:
        - name: ui-volume
          emptyDir:
            sizeLimit: 100Mi
2026-02-12 19:39:04 +05:30
Sameer Kankute 9083b06ba7 Fix test_provider_specific_header_in_request 2026-02-11 16:56:26 +05:30
Harshit Jain 51d565f619 fix conflicts with main- (this PR is from upstream/main) 2026-02-07 03:10:53 +05:30
yuneng-jiang 0cb79ace97 Fixing tests 2026-02-05 21:44:00 -08:00
yuneng-jiang 3504f05a5c Adding tests + update pyproject 2026-02-05 21:00:05 -08:00
Sameer Kankute 1f4222e6b2 Add support for 0 cost models 2026-02-02 13:29:37 +05:30
Ishaan Jaffer 2e6659d9cb test_embedding fix 2026-01-31 13:43:53 -08:00
Shin 586b041837 fix(test): update test_chat_completion to handle metadata in body
The proxy now adds metadata to the request body during processing.
Updated test to compare fields individually and strip metadata from
body comparison.

Fixes litellm_proxy_unit_testing_part2 CI failure.
2026-01-31 21:25:39 +00:00
Xianzong Xie f9eea06a37 Add tests for native_background_mode feature
Added 8 new unit tests for the native_background_mode feature:
- test_polling_disabled_when_model_in_native_background_mode
- test_polling_disabled_for_native_background_mode_with_provider_list
- test_polling_enabled_when_model_not_in_native_background_mode
- test_polling_enabled_when_native_background_mode_is_none
- test_polling_enabled_when_native_background_mode_is_empty_list
- test_native_background_mode_exact_match_required
- test_native_background_mode_with_provider_prefix_in_request
- test_native_background_mode_with_router_lookup

Committed-By-Agent: cursor
2026-01-27 16:48:22 -08:00
yuneng-jiang 45954155d7 Merge pull request #19799 from BerriAI/litellm_sso_email_casing
[Fix] SSO Email Case Sensitivity
2026-01-27 09:52:03 -08:00
yuneng-jiang 50612715a5 Merge pull request #19814 from BerriAI/litellm_team_member_add_fix
[Fix] /team/member_add User Email and ID Verifications
2026-01-27 09:49:01 -08:00
Sameer Kankute 0214cb04cd Merge branch 'main' into litellm_oss_staging_01_26_2026 2026-01-27 17:00:58 +05:30
yuneng-jiang 7307992cea fixing tests 2026-01-26 20:17:53 -08:00
yuneng-jiang ef7261d0eb Fixing tests 2026-01-26 20:07:30 -08:00
Harshit Jain b920be3ee7 fix: server rooth path (#19790) 2026-01-26 09:48:06 -08:00
Harshit Jain 79603b9c3a fix: optimize logo fetching and resolve mcp import blockers (#19719) 2026-01-25 23:08:16 -08:00
Ishaan Jaffer 0d75e506c5 fix mock_handler 2026-01-20 18:01:22 -08:00
Ishaan Jaffer b9de10bd27 test token ctr 2026-01-20 17:53:53 -08:00
Ishaan Jaff ddebdd47bc [Feat] Add Support for Claude Code Max/OAuth 2 on LiteLLM AI Gateway (#19453)
* fix count_tokens_with_anthropic_api

* remove outdated file

* fix ANTHROPIC_TOKEN_COUNTING_BETA_VERSION

* refactor: get_token_counter

* init test suite for token counter

* init token counters

* fix: fix pyrightI

* fix Code QA issues

* feat: add OAUTH handling ant

* feat: Oauth handling Ant

* test anthopic common utils

* fix code QA

* docs
2026-01-20 17:21:17 -08:00
yuneng-jiang 6e8dd06d18 fixing test 2026-01-16 19:06:23 -08:00
yuneng-jiang 809b4cb310 Revert "Revert "[Feature] Deleted Keys and Deleted Teams Table"" 2026-01-16 14:25:23 -08:00
YutaSaito 034e3a6d44 Revert "[Feature] Deleted Keys and Deleted Teams Table" 2026-01-17 06:46:41 +09:00
yuneng-jiang bd4a893daf fixing tests 2026-01-16 12:42:35 -08:00
Yuta Saito 3a55f68ea4 test: handle wildcard routes in route validation test 2026-01-16 12:53:27 +09:00
YutaSaito 960bdbbd8e Revert "[Feat] Add support for 0 cost models" 2026-01-16 09:33:38 +09:00
Sameer Kankute 11cc8dc9d2 Merge pull request #19037 from Jetemple/json-log-fix
fix: enable JSON logging via configuration and add regression test
2026-01-14 13:51:36 +05:30
Yuta Saito c5ced033c9 fix: anthropic during call guardrail error 2026-01-14 13:37:01 +09:00
Raghav Jhavar 272a48d880 [bug fix] do not fallback to token counter if disable_token_counter is enabled (#19041)
* do not fallback to token counter if disable_token_counter is enabled, and return errors instead

* add exceptions and exception utils to map the same as /v1/chat/completions

* use safe_json_loads
2026-01-13 16:53:38 -08:00
Jack Temple 9e08c2207f fix: enable JSON logging via configuration and add regression test 2026-01-13 09:38:19 -07:00
Sameer Kankute 762a3ef090 Add support for 0 cost models 2026-01-13 16:39:57 +05:30
Ishaan Jaffer f1d516f0ae test fixes 2026-01-10 15:15:41 -08:00
Ishaan Jaffer 35c636ba97 test_health_check_not_called_when_disabled 2026-01-10 13:55:11 -08:00
Ishaan Jaffer bab43ee9dd fix list keys 2026-01-07 14:34:37 +05:30