langsmith
Version:
Client library to connect to the LangSmith Observability and Evaluation Platform.
108 lines (107 loc) • 3.66 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.workspaceSecret = workspaceSecret;
exports.opaqueSecret = opaqueSecret;
exports.proxyConfig = proxyConfig;
exports.awsAuth = awsAuth;
exports.gcpAuth = gcpAuth;
function requireNonEmptyString(value, field) {
if (typeof value !== "string" || value.trim() === "") {
throw new Error(`${field} must be a non-empty string`);
}
return value.trim();
}
function requireNonEmptyStringArray(values, field) {
if (!Array.isArray(values) || values.length === 0) {
throw new Error(`${field} must be a non-empty array of strings`);
}
return values.map((value) => requireNonEmptyString(value, field));
}
function requireProxyRules(rules) {
if (rules === undefined) {
return [];
}
if (!Array.isArray(rules)) {
throw new Error("rules must be an array of proxy rule objects");
}
return rules.map((rule) => {
if (rule === null || typeof rule !== "object" || Array.isArray(rule)) {
throw new Error("rules must be an array of proxy rule objects");
}
validateProxyProviderRule(rule);
return rule;
});
}
function validateProxyProviderRule(rule) {
if (rule.type !== "gcp") {
return;
}
const gcp = rule.gcp;
if (gcp === undefined || gcp.scopes === undefined) {
throw new Error("gcp proxy auth rules require scopes");
}
requireNonEmptyStringArray(gcp.scopes, "scopes");
}
/** Reference a LangSmith workspace secret in a sandbox proxy configuration. */
function workspaceSecret(name) {
const normalized = requireNonEmptyString(name, "name");
const startsWithBrace = normalized.startsWith("{");
const endsWithBrace = normalized.endsWith("}");
if (startsWithBrace !== endsWithBrace) {
throw new Error("workspace secret must be a name or a {NAME} reference");
}
if (startsWithBrace && normalized.slice(1, -1).trim() === "") {
throw new Error("workspace secret reference must contain a name");
}
return {
type: "workspace_secret",
value: startsWithBrace ? normalized : `{${normalized}}`,
};
}
/** Provide a write-only secret value for a sandbox proxy configuration. */
function opaqueSecret(value) {
return {
type: "opaque",
value: requireNonEmptyString(value, "value"),
};
}
/** Build a sandbox proxy config from one or more proxy rules. */
function proxyConfig({ rules, noProxy, accessControl, } = {}) {
const config = {
rules: requireProxyRules(rules),
};
if (noProxy !== undefined) {
config.no_proxy = requireNonEmptyStringArray(noProxy, "noProxy");
}
if (accessControl !== undefined) {
config.access_control = { ...accessControl };
}
return config;
}
/** Build a sandbox proxy rule that signs AWS HTTPS requests with SigV4. */
function awsAuth({ accessKeyId, secretAccessKey, name = "aws", enabled = true, }) {
return {
name: requireNonEmptyString(name, "name"),
type: "aws",
enabled,
aws: {
access_key_id: accessKeyId,
secret_access_key: secretAccessKey,
},
};
}
/** Build a sandbox proxy rule that injects GCP OAuth bearer auth. */
function gcpAuth({ serviceAccountJson, scopes, name = "gcp", enabled = true, }) {
const gcp = {
service_account_json: serviceAccountJson,
};
if (scopes !== undefined) {
gcp.scopes = requireNonEmptyStringArray(scopes, "scopes");
}
return {
name: requireNonEmptyString(name, "name"),
type: "gcp",
enabled,
gcp,
};
}