Skip to content

feat(s3): Docker + config + LLM portability — P1.5 S3#91

Merged
bayrem merged 4 commits into
mainfrom
feat/p1.5-s3-docker-config-llm
Jun 16, 2026
Merged

feat(s3): Docker + config + LLM portability — P1.5 S3#91
bayrem merged 4 commits into
mainfrom
feat/p1.5-s3-docker-config-llm

Conversation

@bjridicodes

@bjridicodes bjridicodes commented Jun 16, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Summary

Phase 1.5 Sprint S3 — makes ARIA deployable as a Docker container, config-path-flexible, and LLM-provider-agnostic.

What ships

  • Security fix claude -p wired as default production LLM is a tool-execution / exfiltration risk #84 (High): `ClaudeCodeLLMClient` is no longer the hardwired default. `llm.provider` in `conf.yaml` (or `ARIA_LLM_PROVIDER` env var) controls which client is used. Default is now `anthropic` — direct REST API, no local tool access, no exfiltration vector.
  • `ARIA_CONFIG_PATH`: config loader reads `conf.yaml` from a configurable path, enabling ConfigMap mounts (`/etc/aria/conf.yaml`) in container deployments.
  • `VertexAILLMClient`: new `LLMClientInterface` for GCP Vertex AI (ADC auth, no API key). Routes to `AnthropicVertex` for Claude-on-Vertex models and to the Gemini SDK for Gemini models.
  • `GCPSecretManagerVault`: new `VaultInterface` backed by GCP Secret Manager (ADC auth). `runtime.vault_backend` selects between `env` / `gcp` / `hashicorp` / `aws` / `azure`.
  • Dockerfile + `.dockerignore`: `python:3.11-slim`, non-root `aria` user (uid 1000), curl health check, uvicorn entrypoint. `conf.yaml` excluded from image — always mounted at runtime.
  • `deployment/monolithic/`: `docker-compose.yml` with bind-mount config and named log volume; `conf.yaml.example`.
  • Deployment docs: `documentation/guides/installation.md` (full Docker + Kubernetes guide); README `## Deployment` section.
  • CI: `docker-smoke` job builds the image and smoke-tests `/api/v1/health` on every PR and merge to `main`.

Tests

41 new unit tests; 294 total passing. `make lint` clean.

Issues closed

Closes #51
Closes #52
Closes #53
Closes #54
Closes #55
Closes #56
Closes #57
Closes #58
Closes #84

Test plan

  • `make lint` — black, isort, ruff, mypy all green
  • `make test` — 294 unit tests pass
  • `docker build -t aria:ci .` builds without error
  • `docker run -e ARIA_DRY_RUN=true -e ARIA_LLM_PROVIDER=anthropic -e ANTHROPIC_API_KEY=dummy -p 8000:8000 aria:ci` + `curl http://localhost:8000/api/v1/health\` returns 200
  • CI `docker-smoke` job passes on this PR

🤖 Generated with Claude Code

@bjridicodes @claude
feat(s3): Docker + config + LLM portability — P1.5 S3 (#51 #52 #53 #54
7691f4f 
…#55 #56 #57 #58 #84)

- ARIA_CONFIG_PATH: config loader now reads conf.yaml from a configurable path
  (ARIA_CONFIG_PATH env var), enabling ConfigMap mounts in container deployments.
- llm.provider: dynamic LLM client selection (anthropic | claude_code | vertex_ai)
  via conf.yaml or ARIA_LLM_PROVIDER. Defaults to 'anthropic' — removes
  ClaudeCodeLLMClient as the hardwired default, closing the tool-exfiltration
  risk identified in #84.
- VertexAILLMClient: new LLMClientInterface for GCP Vertex AI (ADC auth, no API
  key). Routes to AnthropicVertex for Claude-on-Vertex models and to the Gemini
  SDK for Gemini models.
- GCPSecretManagerVault: new VaultInterface backed by GCP Secret Manager (ADC
  auth). vault_backend config key selects between env/gcp/hashicorp/aws/azure.
- Dockerfile + .dockerignore: python:3.11-slim, non-root aria user (uid 1000),
  curl health check, uvicorn entrypoint. conf.yaml excluded from image —
  always mounted at runtime via ARIA_CONFIG_PATH.
- deployment/monolithic/: docker-compose.yml with bind-mount config pattern and
  named log volume; conf.yaml.example for the monolithic deployment.
- deployment/README.md: four deployment patterns (Docker CLI, compose, Cloud Run,
  GKE ConfigMap) with LLM provider and vault backend selection tables.
- CI: docker-smoke job builds the image and hits /api/v1/health on every PR and
  push to main.
- 41 new unit tests; 294 total passing. make lint clean.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
github-code-quality[bot]
github-code-quality Bot found potential problems Jun 16, 2026
View reviewed changes
Comment thread tests/unit/test_gcp_secret_manager_vault.py Fixed
Comment thread tests/unit/test_vertex_llm_client.py Fixed
bjridicodes and others added 3 commits June 16, 2026 13:27
@bjridicodes @claude
docs: add installation guide (Docker + K8s) and README deployment sec…
9944cb5 
…tion

- documentation/guides/installation.md: full installation guide covering
  Docker (local/VM), docker-compose, and Kubernetes paths; conf.yaml prep,
  LLM provider selection, vault backend options
- documentation/index.md: link to new installation guide
- README.md: add Deployment section with Docker quickstart, K8s outline,
  and pointer to the full guide

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@bjridicodes @claude
fix(security): eliminate dynamic SQL construction in SQLiteRunStore
800b9da 
Replace _build_filters() + f-string SQL with static query templates using
the `? IS NULL OR column = ?` pattern. SQL strings are now module-level
constants; user input (HTTP query params) flows only into the parameter
tuple and never into the query string. Closes CodeQL alerts #5 and #6.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@bjridicodes @claude
fix(tests): resolve code-quality bot flags on PR #91
0de52ab 
- test_gcp_secret_manager_vault: replace mixed import/import-from for
  gcp_secret_manager module with consistent from-import + reload via
  sys.modules[__module__]
- test_vertex_llm_client: remove unused PermissionDenied class stub from
  test_permission_denied_raises_llm_auth_error (side_effect already uses
  LLMAuthError directly)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@bayrem bayrem merged commit d469169 into main Jun 16, 2026
7 checks passed
@bayrem bayrem deleted the feat/p1.5-s3-docker-config-llm branch June 16, 2026 13:40
This was referenced Jun 16, 2026
Closed
Closed
Closed
Closed
Closed
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment