expanding the functionality

Author: smarunich

.kiro/specs/model-publishing-workflow/tasks.md

@@ -1,28 +1,28 @@
 # Implementation Plan
 
-- [ ] 1. Set up core publishing infrastructure and types
+- [x] 1. Set up core publishing infrastructure and types
   - Create PublishingService struct and basic methods in `management/publishing.go`
   - Add publishing-related types to `management/types.go` (PublishConfig, PublishedModel, RateLimitConfig, etc.)
   - Add publishing service initialization to `management/main.go`
   - _Requirements: 1.1, 1.2, 1.3_
 
-- [ ] 2. Extend K8s client with Gateway API operations
-  - [ ] 2.1 Add HTTPRoute CRUD operations to `management/k8s.go`
+- [x] 2. Extend K8s client with Gateway API operations
+  - [x] 2.1 Add HTTPRoute CRUD operations to `management/k8s.go`
     - Implement CreateHTTPRoute, UpdateHTTPRoute, DeleteHTTPRoute methods
     - Add HTTPRoute resource validation and error handling
     - _Requirements: 1.4, 1.6_
 
-  - [ ] 2.2 Add AIGatewayRoute CRUD operations to `management/k8s.go`
+  - [x] 2.2 Add AIGatewayRoute CRUD operations to `management/k8s.go`
     - Implement CreateAIGatewayRoute, UpdateAIGatewayRoute, DeleteAIGatewayRoute methods
     - Add AIGatewayRoute resource validation for OpenAI compatibility
     - _Requirements: 1.5, 1.6_
 
-  - [ ] 2.3 Add BackendTrafficPolicy operations for rate limiting
+  - [x] 2.3 Add BackendTrafficPolicy operations for rate limiting
     - Implement CreateBackendTrafficPolicy, UpdateBackendTrafficPolicy, DeleteBackendTrafficPolicy methods
     - Add rate limiting policy validation and configuration
     - _Requirements: 3.1, 3.2, 3.3_
 
-  - [ ] 2.4 Add API key secret management operations
+  - [x] 2.4 Add API key secret management operations
     - Implement CreateAPIKeySecret, UpdateAPIKeySecret, DeleteAPIKeySecret methods
     - Add secure API key generation and storage functionality
     - _Requirements: 1.3, 4.3_
@@ -91,7 +91,7 @@
     - Maintain published endpoints during updates
     - _Requirements: 4.2, 4.4_
 
-- [ ] 6. Add monitoring and usage tracking
+- [-] 6. Add monitoring and usage tracking
   - [ ] 6.1 Implement usage statistics collection
     - Track API requests, tokens used, and access patterns per published model
     - Add metrics for rate limit violations and authentication failures
@@ -104,26 +104,26 @@
     - Add security event logging for unauthorized access attempts
     - _Requirements: 6.1, 6.3_
 
-- [ ] 7. Create React UI components for publishing
-  - [ ] 7.1 Create PublishingForm component
+- [x] 7. Create React UI components for publishing
+  - [x] 7.1 Create PublishingForm component
     - Build form for configuring model publishing settings
     - Add rate limiting configuration options
     - Include tenant selection and access control settings
     - _Requirements: 1.1, 3.1, 3.4_
 
-  - [ ] 7.2 Create PublishedModelsList component
+  - [x] 7.2 Create PublishedModelsList component
     - Display list of published models with status and usage metrics
     - Add management actions (unpublish, update, rotate keys)
     - Show API endpoint information and documentation
     - _Requirements: 4.1, 4.2, 5.1_
 
-  - [ ] 7.3 Create APIKeyManager component
+  - [x] 7.3 Create APIKeyManager component
     - Display API keys with copy-to-clipboard functionality
     - Add key rotation interface with confirmation dialogs
     - Show key usage statistics and last access times
     - _Requirements: 4.3, 5.1_
 
-  - [ ] 7.4 Extend ModelList component with publish actions
+  - [x] 7.4 Extend ModelList component with publish actions
     - Add "Publish" button to model list items
     - Show publishing status indicators
     - Add quick access to published model endpoints
@@ -142,7 +142,7 @@
     - Create language-specific SDK examples (Python, JavaScript, curl)
     - _Requirements: 5.2, 5.4, 5.5_
 
-- [ ] 9. Implement comprehensive error handling
+- [-] 9. Implement comprehensive error handling
   - [ ] 9.1 Add publishing validation errors
     - Handle model not found, not ready, and invalid tenant scenarios
     - Add gateway configuration failure handling

management/errors.go

@@ -0,0 +1,284 @@
+package main
+
+import (
+	"fmt"
+	"log"
+	"strings"
+	"time"
+)
+
+// PublishingError represents a publishing-specific error with context
+type PublishingError struct {
+	Code      string
+	Message   string
+	Details   string
+	Cause     error
+	Namespace string
+	ModelName string
+	Step      string
+}
+
+func (e *PublishingError) Error() string {
+	if e.Details != "" {
+		return fmt.Sprintf("%s: %s - %s", e.Code, e.Message, e.Details)
+	}
+	return fmt.Sprintf("%s: %s", e.Code, e.Message)
+}
+
+func (e *PublishingError) Unwrap() error {
+	return e.Cause
+}
+
+// NewPublishingError creates a new publishing error
+func NewPublishingError(code, message, namespace, modelName, step string, cause error) *PublishingError {
+	details := ""
+	if cause != nil {
+		details = cause.Error()
+	}
+	
+	return &PublishingError{
+		Code:      code,
+		Message:   message,
+		Details:   details,
+		Cause:     cause,
+		Namespace: namespace,
+		ModelName: modelName,
+		Step:      step,
+	}
+}
+
+// PublishingRollback handles rollback operations when publishing fails
+type PublishingRollback struct {
+	service   *PublishingService
+	namespace string
+	modelName string
+	steps     []string
+}
+
+// NewPublishingRollback creates a new rollback handler
+func NewPublishingRollback(service *PublishingService, namespace, modelName string) *PublishingRollback {
+	return &PublishingRollback{
+		service:   service,
+		namespace: namespace,
+		modelName: modelName,
+		steps:     make([]string, 0),
+	}
+}
+
+// AddStep adds a step to the rollback list
+func (r *PublishingRollback) AddStep(step string) {
+	r.steps = append(r.steps, step)
+}
+
+// Execute performs the rollback operations
+func (r *PublishingRollback) Execute() {
+	log.Printf("Starting rollback for model %s/%s", r.namespace, r.modelName)
+	
+	// Rollback in reverse order
+	for i := len(r.steps) - 1; i >= 0; i-- {
+		step := r.steps[i]
+		log.Printf("Rolling back step: %s", step)
+		
+		switch step {
+		case "api_key":
+			r.service.cleanupAPIKey(r.namespace, r.modelName)
+		case "gateway_config":
+			r.service.cleanupGatewayConfiguration(r.namespace, r.modelName)
+		case "rate_limiting":
+			r.service.cleanupRateLimitingPolicy(r.namespace, r.modelName)
+		case "metadata":
+			r.service.cleanupPublishedModelMetadata(r.namespace, r.modelName)
+		default:
+			log.Printf("Unknown rollback step: %s", step)
+		}
+	}
+	
+	log.Printf("Rollback completed for model %s/%s", r.namespace, r.modelName)
+}
+
+// ValidationError represents validation errors during publishing
+type ValidationError struct {
+	Field   string
+	Value   interface{}
+	Message string
+}
+
+func (e *ValidationError) Error() string {
+	return fmt.Sprintf("validation error for field '%s': %s", e.Field, e.Message)
+}
+
+// PublishingValidator handles validation of publishing requests
+type PublishingValidator struct {
+	service *PublishingService
+}
+
+// NewPublishingValidator creates a new validator
+func NewPublishingValidator(service *PublishingService) *PublishingValidator {
+	return &PublishingValidator{
+		service: service,
+	}
+}
+
+// ValidatePublishRequest validates a publish request
+func (v *PublishingValidator) ValidatePublishRequest(namespace, modelName string, config PublishConfig) []ValidationError {
+	var errors []ValidationError
+	
+	// Validate model exists and is ready
+	if err := v.service.validateModelExists(namespace, modelName); err != nil {
+		errors = append(errors, ValidationError{
+			Field:   "model",
+			Value:   modelName,
+			Message: fmt.Sprintf("Model validation failed: %v", err),
+		})
+	}
+	
+	// Validate tenant ID
+	if config.TenantID == "" {
+		errors = append(errors, ValidationError{
+			Field:   "tenantId",
+			Value:   config.TenantID,
+			Message: "Tenant ID is required",
+		})
+	}
+	
+	// Validate rate limiting configuration
+	if config.RateLimiting.RequestsPerMinute <= 0 {
+		errors = append(errors, ValidationError{
+			Field:   "rateLimiting.requestsPerMinute",
+			Value:   config.RateLimiting.RequestsPerMinute,
+			Message: "Requests per minute must be greater than 0",
+		})
+	}
+	
+	if config.RateLimiting.RequestsPerHour <= 0 {
+		errors = append(errors, ValidationError{
+			Field:   "rateLimiting.requestsPerHour",
+			Value:   config.RateLimiting.RequestsPerHour,
+			Message: "Requests per hour must be greater than 0",
+		})
+	}
+	
+	if config.RateLimiting.RequestsPerMinute > config.RateLimiting.RequestsPerHour {
+		errors = append(errors, ValidationError{
+			Field:   "rateLimiting",
+			Value:   nil,
+			Message: "Requests per minute cannot exceed requests per hour",
+		})
+	}
+	
+	// Validate model type
+	if config.ModelType != "" && config.ModelType != "traditional" && config.ModelType != "openai" {
+		errors = append(errors, ValidationError{
+			Field:   "modelType",
+			Value:   config.ModelType,
+			Message: "Model type must be 'traditional' or 'openai'",
+		})
+	}
+	
+	// Validate external path
+	if config.ExternalPath != "" {
+		if !strings.HasPrefix(config.ExternalPath, "/") {
+			errors = append(errors, ValidationError{
+				Field:   "externalPath",
+				Value:   config.ExternalPath,
+				Message: "External path must start with '/'",
+			})
+		}
+	}
+	
+	// Validate authentication configuration
+	if config.Authentication.Type != "apikey" {
+		errors = append(errors, ValidationError{
+			Field:   "authentication.type",
+			Value:   config.Authentication.Type,
+			Message: "Only 'apikey' authentication is currently supported",
+		})
+	}
+	
+	return errors
+}
+
+// RecoveryHandler handles recovery from publishing failures
+type RecoveryHandler struct {
+	service *PublishingService
+}
+
+// NewRecoveryHandler creates a new recovery handler
+func NewRecoveryHandler(service *PublishingService) *RecoveryHandler {
+	return &RecoveryHandler{
+		service: service,
+	}
+}
+
+// RecoverFromFailure attempts to recover from a publishing failure
+func (r *RecoveryHandler) RecoverFromFailure(namespace, modelName string, err error) error {
+	log.Printf("Attempting recovery for model %s/%s after error: %v", namespace, modelName, err)
+	
+	// Check if model is partially published
+	isPublished := r.service.isModelPublished(namespace, modelName)
+	
+	if isPublished {
+		log.Printf("Model %s/%s appears to be partially published, attempting cleanup", namespace, modelName)
+		
+		// Perform cleanup
+		r.service.cleanupAPIKey(namespace, modelName)
+		r.service.cleanupGatewayConfiguration(namespace, modelName)
+		r.service.cleanupRateLimitingPolicy(namespace, modelName)
+		r.service.cleanupPublishedModelMetadata(namespace, modelName)
+		
+		log.Printf("Cleanup completed for model %s/%s", namespace, modelName)
+	}
+	
+	return nil
+}
+
+// ErrorReporter handles error reporting and logging
+type ErrorReporter struct {
+	service *PublishingService
+}
+
+// NewErrorReporter creates a new error reporter
+func NewErrorReporter(service *PublishingService) *ErrorReporter {
+	return &ErrorReporter{
+		service: service,
+	}
+}
+
+// ReportError reports an error with context
+func (r *ErrorReporter) ReportError(user *User, namespace, modelName, operation string, err error) {
+	// Log the error
+	log.Printf("Publishing error - User: %s, Model: %s/%s, Operation: %s, Error: %v", 
+		user.Name, namespace, modelName, operation, err)
+	
+	// Create error log entry
+	errorEntry := map[string]interface{}{
+		"timestamp": time.Now().Format(time.RFC3339),
+		"user":      user.Name,
+		"tenant":    user.Tenant,
+		"operation": operation,
+		"model":     modelName,
+		"namespace": namespace,
+		"error":     err.Error(),
+		"level":     "error",
+	}
+	
+	// Store error in audit log
+	errorLogName := fmt.Sprintf("publishing-errors-%s", time.Now().Format("2006-01-02"))
+	
+	// Try to get existing error log for today
+	existingLog, logErr := r.service.k8sClient.GetConfigMap(namespace, errorLogName)
+	if logErr != nil {
+		// Create new error log
+		errorData := map[string]interface{}{
+			"entries": []interface{}{errorEntry},
+		}
+		r.service.k8sClient.CreateConfigMap(namespace, errorLogName, errorData)
+	} else {
+		// Append to existing error log
+		if entries, ok := existingLog["entries"].([]interface{}); ok {
+			entries = append(entries, errorEntry)
+			existingLog["entries"] = entries
+			r.service.k8sClient.UpdateConfigMap(namespace, errorLogName, existingLog)
+		}
+	}
+}