Add assigned policy list to catalog response

[menakaj]

Purpose

Describe the problems, issues, or needs driving this feature/fix and include links to related issues in the following format: Resolves issue1, issue2, etc.

Goals

Describe the solutions that this feature/fix will introduce to resolve the problems described above

Approach

Describe how you are implementing the solutions. Include an animated GIF or screenshot if the change affects the UI (email documentation@wso2.com to review all UI text). Include a link to a Markdown file or Google doc if the feature write-up is too long to paste here.

User stories

Summary of user stories addressed by this change>

Release note

Brief description of the new feature or bug fix as it will appear in the release notes

Documentation

Link(s) to product documentation that addresses the changes of this PR. If no doc impact, enter �N/A� plus brief explanation of why there�s no doc impact

Training

Link to the PR for changes to the training content in https://github.com/wso2/WSO2-Training, if applicable

Certification

Type �Sent� when you have provided new/updated certification questions, plus four answers for each question (correct answer highlighted in bold), based on this change. Certification questions/answers should be sent to certification@wso2.com and NOT pasted in this PR. If there is no impact on certification exams, type �N/A� and explain why.

Marketing

Link to drafts of marketing content that will describe and promote this feature, including product page changes, technical articles, blog posts, videos, etc., if applicable

Automation tests

• Unit tests

  Code coverage information

• Integration tests

  Details about the test cases and coverage

Security checks

• Followed secure coding standards in http://wso2.com/technical-reports/wso2-secure-engineering-guidelines? yes/no
• Ran FindSecurityBugs plugin and verified report? yes/no
• Confirmed that this PR doesn't commit any keys, passwords, tokens, usernames, or other secrets? yes/no

Samples

Provide high-level details about the samples related to this feature

Related PRs

List any other related PRs

Migrations (if applicable)

Describe migration steps and platforms on which migration has been tested

Test environment

List all JDK versions, operating systems, databases, and browser/versions on which this feature/fix was tested

Learning

Describe the research phase and any blog posts, patterns, libraries, or add-ons you used to solve the problem.

Summary by CodeRabbit

• New Features

  • Policies field now included in LLM provider catalog responses, enabling visibility of applicable policies for each provider

• Bug Fixes

  • Eliminated unnecessary artifact table updates during provider and proxy update operations
  • Enhanced proxy update logic to preserve existing proxy identity while updating mutable configuration fields

[coderabbitai]

Warning

Rate limit exceeded

@menakaj has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 12 minutes and 14 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 6c98e9c0-0356-4ea5-9c15-6a9c2d6cb470

📥 Commits

Reviewing files that changed from the base of the PR and between 96679df and ddb80a9.

📒 Files selected for processing (5)

• agent-manager-service/controllers/catalog_controller.go
• agent-manager-service/docs/api_v1_openapi.yaml
• agent-manager-service/models/catalog.go
• agent-manager-service/repositories/catalog_repository.go
• agent-manager-service/spec/model_catalog_llm_provider_entry.go

📝 Walkthrough

Walkthrough

This change introduces support for Policies in LLM provider catalog entries by adding a new Policies field across models, spec definitions, and API documentation. It populates policies from configuration during catalog loading and modifies the agent configuration service with a new helper method for proxy update handling. Additionally, artifact table updates are removed from provider and proxy repository update operations.

Changes

Cohort / File(s)	Summary
Policy Field Addition - Core Models agent-manager-service/models/catalog.go, agent-manager-service/spec/model_catalog_llm_provider_entry.go	Added Policies []string field to CatalogLLMProviderEntry struct with omitempty JSON tag. Spec file includes accessor methods (Get, Set, Has, Ok) and ToMap serialization updates.
API Schema Update agent-manager-service/docs/api_v1_openapi.yaml	Extended OpenAPI schema to include policies as an array of strings in CatalogLLMProviderEntry definition.
Policy Data Population agent-manager-service/repositories/catalog_repository.go, agent-manager-service/controllers/catalog_controller.go	Repository extracts policy names from configuration and populates Policies field during catalog loading. Controller maps policies in the LLM provider catalog response conversion.
Artifact Update Removal agent-manager-service/repositories/llm_provider_repository.go, agent-manager-service/repositories/llm_proxy_repository.go	Removed artifact table update calls and current time creation from Update methods. Now only updates provider/proxy table fields directly.
Agent Configuration Service Refactoring agent-manager-service/services/agent_configuration_service.go	Added buildLLMProxyUpdateConfig helper method to construct proxy configuration for update scenarios by preserving existing proxy identity (Name, Context, Security, ProjectUUID) while updating mutable fields (Provider, UpstreamAuth, Policies). Updated processEnvProxyUpdate to use this new method.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐰 Policies now dance in the catalog's hall,
Fields added with grace, a field for them all!
Artifacts retire from their update refrain,
Proxy configs preserved through update's domain.

🚥 Pre-merge checks | ✅ 1 | ❌ 2

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is entirely templated with placeholder text and contains no substantive content about the change; all sections (Purpose, Goals, Approach, etc.) remain unfilled.	Fill in the template sections with actual implementation details: explain the purpose/goals, describe the approach used, include testing details, and document any security/certification impacts.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly summarizes the main change—adding policies to the catalog response—and directly relates to the file changes where a Policies field is added to CatalogLLMProviderEntry across multiple files.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

📝 Coding Plan

• Generate coding plan for human review comments

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Tip

CodeRabbit can use your project's `golangci-lint` configuration to improve the quality of Go code reviews.

Add a configuration file to your project to customize how CodeRabbit runs golangci-lint.

[coderabbitai]

🧹 Nitpick comments (3)

agent-manager-service/repositories/llm_provider_repository.go (1)

189-195: Misleading log message: UUID is validated but not "resolved".

The log message at line 190 says "resolved UUID", but the parsed UUID is now discarded (_). The parse only serves as validation. Consider updating the log message to accurately reflect the operation.

Suggested fix

 	return r.db.Transaction(func(tx *gorm.DB) error {
-		slog.Info("LLMProviderRepo.Update: resolved UUID", "providerID", providerID)
+		slog.Info("LLMProviderRepo.Update: validating provider ID format", "providerID", providerID)
 
 		_, err := uuid.Parse(providerID)
 		if err != nil {
 			return fmt.Errorf("error parsing provider id: %s, error: %w", providerID, err)
 		}

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@agent-manager-service/repositories/llm_provider_repository.go` around lines
189 - 195, The log message "LLMProviderRepo.Update: resolved UUID" is misleading
because the code only validates the UUID via uuid.Parse and discards the result;
update the slog.Info call in the Transaction block to reflect validation (e.g.,
"validated UUID") or, alternatively, capture the parsed value (assign the result
of uuid.Parse to a variable) and log the actual parsed UUID; refer to the
Transaction lambda, providerID, the uuid.Parse call and the slog.Info invocation
to locate and fix the message.

agent-manager-service/services/agent_configuration_service.go (2)

1679-1680: Minor: Go naming convention for UUID acronym.

Per Go conventions, acronyms should be fully uppercase. contextUuid should be contextUUID.

✏️ Suggested fix

-	contextUuid := uuid.New()
-	contextPath := fmt.Sprintf("/%s", contextUuid)
+	contextUUID := uuid.New()
+	contextPath := fmt.Sprintf("/%s", contextUUID)

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@agent-manager-service/services/agent_configuration_service.go` around lines
1679 - 1680, The variable name contextUuid violates Go conventions for acronyms;
rename contextUuid to contextUUID and update any dependent uses such as the
subsequent contextPath assignment (contextPath := fmt.Sprintf("/%s",
contextUUID)) and all other references in the same function/file to use
contextUUID so the identifier follows the uppercase-acronym style.

---

902-902: Returning providerUUID alone has no effect on rollback.

The returned rollbackResource{providerUUID: providerUUID} is never added to rollbackResources because line 1307 checks rbRes.providerAPIKeyID != "", which will be false. The providerUUID field alone is unused during rollback (line 1992 also checks providerAPIKeyID != "").

Consider returning an empty struct or documenting that Scenario B requires no rollback tracking:

♻️ Suggested simplification

-	return rollbackResource{providerUUID: providerUUID}, nil
+	// Scenario B reuses existing proxy/keys; no new external resources to roll back.
+	return rollbackResource{}, nil

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@agent-manager-service/services/agent_configuration_service.go` at line 902,
The returned rollbackResource{providerUUID: providerUUID} is ineffective because
rollback logic only uses entries with a non-empty providerAPIKeyID (checks like
rbRes.providerAPIKeyID != "" and later checks providerAPIKeyID != ""); either
stop returning a partial rollbackResource for this code path or populate
providerAPIKeyID when rollback tracking is required. Update the function to
return an empty rollbackResource{} for Scenario B (or add a comment documenting
that Scenario B requires no rollback tracking), or set providerAPIKeyID on the
returned rollbackResource when you expect it to be consumed by the
rollbackResources aggregation and execution paths (rollbackResource,
rbRes.providerAPIKeyID, providerAPIKeyID checks).

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@agent-manager-service/repositories/llm_provider_repository.go`:
- Around line 189-195: The log message "LLMProviderRepo.Update: resolved UUID"
is misleading because the code only validates the UUID via uuid.Parse and
discards the result; update the slog.Info call in the Transaction block to
reflect validation (e.g., "validated UUID") or, alternatively, capture the
parsed value (assign the result of uuid.Parse to a variable) and log the actual
parsed UUID; refer to the Transaction lambda, providerID, the uuid.Parse call
and the slog.Info invocation to locate and fix the message.

In `@agent-manager-service/services/agent_configuration_service.go`:
- Around line 1679-1680: The variable name contextUuid violates Go conventions
for acronyms; rename contextUuid to contextUUID and update any dependent uses
such as the subsequent contextPath assignment (contextPath := fmt.Sprintf("/%s",
contextUUID)) and all other references in the same function/file to use
contextUUID so the identifier follows the uppercase-acronym style.
- Line 902: The returned rollbackResource{providerUUID: providerUUID} is
ineffective because rollback logic only uses entries with a non-empty
providerAPIKeyID (checks like rbRes.providerAPIKeyID != "" and later checks
providerAPIKeyID != ""); either stop returning a partial rollbackResource for
this code path or populate providerAPIKeyID when rollback tracking is required.
Update the function to return an empty rollbackResource{} for Scenario B (or add
a comment documenting that Scenario B requires no rollback tracking), or set
providerAPIKeyID on the returned rollbackResource when you expect it to be
consumed by the rollbackResources aggregation and execution paths
(rollbackResource, rbRes.providerAPIKeyID, providerAPIKeyID checks).

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 355bd4b1-196b-4ff8-bdb7-04e8486c8508

📥 Commits

Reviewing files that changed from the base of the PR and between 640f931 and 96679df.

📒 Files selected for processing (8)

• agent-manager-service/controllers/catalog_controller.go
• agent-manager-service/docs/api_v1_openapi.yaml
• agent-manager-service/models/catalog.go
• agent-manager-service/repositories/catalog_repository.go
• agent-manager-service/repositories/llm_provider_repository.go
• agent-manager-service/repositories/llm_proxy_repository.go
• agent-manager-service/services/agent_configuration_service.go
• agent-manager-service/spec/model_catalog_llm_provider_entry.go

💤 Files with no reviewable changes (1)

• agent-manager-service/repositories/llm_proxy_repository.go