This is an example implementation of a Spring Boot AI Chat Agent that uses the open-policy-ai-advisor-spring-boot-starter to enforce governance and policy-driven guardrails. By integrating Open Policy Agent (OPA), this agent can evaluate prompts and tool calls against custom Rego policies before they ever reach the LLM.
To run this example, you need the following components active:
- Ollama: For running local LLMs (e.g., Llama 3).
- OPA Server: To evaluate your security and logic policies.
- Docker: To easily spin up the OPA environment.
This repository includes a docker-compose.yml and rego policy file that starts the OPA server and automatically configure the policy.
cd opa
docker-compose up -dEnsure local ollama is served.
ollama run llama3
This app uses the custom advisor starter. It is already included in the pom.xml
<dependency>
<groupId>io.github.pramodkuth</groupId>
<artifactId>open-policy-ai-advisor-spring-boot-starter</artifactId>
<version>0.0.1-M1</version>
</dependency>The src/main/resources/application.yml is pre-configured to connect the ChatClient to both Ollama and the OPA sidecar.
spring:
ai:
ollama:
base-url: http://localhost:11434
chat:
options:
model: llama3.1
open-policy:
agent:
host: http://localhost:8181
resilience4j-instance: opa
advisors:
my-prompt-safety-advisor:
policies:
- name: test
path: v1/data/agentpolicy/allow
guard-prompt: true
resilience4j:
circuitbreaker:
instances:
opa:
sliding-window-size: 10
failure-rate-threshold: 50
retry:
instances:
opa:
max-attempts: 3
wait-duration: 500mscurl -X 'POST' \
'http://localhost:8080/prompt' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"prompt": "create user"
}'curl -X 'POST' \
'http://localhost:8080/prompt' \
-H 'accept: */*' \
-H 'Content-Type: application/json' \
-d '{
"prompt": "delete user"
}'