-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathgate.go
More file actions
60 lines (50 loc) · 1.36 KB
/
gate.go
File metadata and controls
60 lines (50 loc) · 1.36 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
package writ
import (
"context"
"fmt"
"time"
"github.com/anthropics/anthropic-sdk-go"
igate "github.com/opskernel-io/writ/internal/gate"
)
// gateWrapper bridges internal/gate.Gate to the public API types.
type gateWrapper struct {
inner *igate.Gate
}
func newGate(ctx context.Context, policyPath string, eager bool) (*gateWrapper, error) {
g, err := igate.New(ctx, policyPath, eager)
if err != nil {
return nil, err
}
return &gateWrapper{inner: g}, nil
}
func (g *gateWrapper) evaluate(ctx context.Context, params anthropic.MessageNewParams, cfg Config) (Decision, ChainEntry, error) {
input := igate.GateInput{
CallerID: cfg.CallerID,
ActionType: "llm_call",
Model: string(params.Model),
}
result, err := g.inner.Evaluate(ctx, input)
if err != nil {
return Decision{}, ChainEntry{}, fmt.Errorf("gate evaluate: %w", err)
}
auditID := newAuditID()
tier := Tier(result.Tier)
decision := Decision{
Allowed: result.Allowed,
Tier: tier,
DenialReason: result.DenialReason,
AuditID: auditID,
}
entry := ChainEntry{
ID: auditID,
EventType: "llm_call",
CallerID: cfg.CallerID,
SessionID: cfg.SessionID,
HookdTraceID: cfg.HookdTraceID,
Allowed: result.Allowed,
DenialReason: result.DenialReason,
Tier: tier,
Timestamp: time.Now().UTC(),
}
return decision, entry, nil
}