Skip to content

Adding the inference grant to the Claim #1139

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 22, 2025
Merged

Adding the inference grant to the Claim #1139

merged 4 commits into from
Jul 22, 2025
+121 −6

Conversation

adrian-cowham
Copy link
Contributor

This grant will be used by the inference gateway for authentication.

@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Jul 21, 2025
edited
Loading

⚠️ No Changeset found

Latest commit: e2aabe0

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

💥 An error occurred when fetching the changed packages and changesets in this PR 
Some errors occurred when validating the changesets config:
The package or glob expression "github.com/livekit/protocol" specified in the `fixed` option does not match any package in the project. You may have misspelled the package name or provided an invalid glob expression. Note that glob expressions must be defined according to https://www.npmjs.com/package/micromatch.

@CLAassistant
Copy link

CLAassistant commented Jul 21, 2025
edited
Loading

CLA assistant check
All committers have signed the CLA.

@adrian-cowham adrian-cowham marked this pull request as ready for review July 21, 2025 18:09
boks1971
boks1971 approved these changes Jul 21, 2025
View reviewed changes
Copy link
Contributor

@boks1971 boks1971 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for adding missing bits.

@adrian-cowham
Copy link
Contributor Author

I added Gateway specific guid IDs. These are used as options when connecting to the psql db. A psql connection is required for when calling backend-common/auth/accesskey.NewAccessKeyProvider

davidzhao
davidzhao reviewed Jul 21, 2025
View reviewed changes
auth/grants.go Outdated

type InferenceGrant struct {
// Admin grants to all inference features (LLM, STT, TTS)
Admin bool `json:"admin,omitempty"`
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should we make this more nuanced vs having to rely on the "admin" permission?

i.e. does it make sense to have separate permission tokens for diff services? i.e. either:

llm: bool
tts: bool
stt: bool

or maybe a single "perform" permission to allow performing an inference? (as opposed to admin could mean update settings or other features)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was going to add the finer grain permissions but decided to go with the simpler approach since we can add those permissions later. Happy to add them now though. Also, I like the name perform better, will change it.

davidzhao
davidzhao reviewed Jul 21, 2025
View reviewed changes
utils/guid/id.go Outdated
CloudAgentVersionPrefix = "CAV_"
CloudAgentSecretPrefix = "CAS_"
CloudAgentWorkerPrefix = "CAW_"
CloudAgentGatewayPrefix = "CAG_"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is the idea that for each inference request we'd have an ID?

if so could we just call it CloudInference ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These values are prefixes for node ids. The node ids are used as labels for the DB prometheus metrics. Happy to rename it but this seems to be the convention I noticed.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I removed these values since the gateway no longer needs a DB connection.

davidzhao
davidzhao approved these changes Jul 22, 2025
View reviewed changes
Copy link
Member

@davidzhao davidzhao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@adrian-cowham adrian-cowham merged commit becd101 into main Jul 22, 2025
7 checks passed
@adrian-cowham adrian-cowham deleted the gateway-grants branch July 22, 2025 17:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@davidzhao davidzhao davidzhao approved these changes

@boks1971 boks1971 boks1971 approved these changes

@real-danm real-danm real-danm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@adrian-cowham @CLAassistant @davidzhao @boks1971 @real-danm