coulomb/llm-connect
2
0
Fork 0
generated from coulomb/repo-seed
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete activity-core LLM endpoint handoff (LLM-WP-0006)
Some checks failed
CI / test (3.10) (push) Has been cancelled
Details
CI / test (3.11) (push) Has been cancelled
Details
CI / test (3.12) (push) Has been cancelled
Details

Browse Source 
Switch the custodian triage default from anthropic/claude-sonnet-4 to
google/gemini-2.5-flash, which advertises structured-output support on
OpenRouter. Tighten the OpenRouter adapter to send strict JSON schema
requests and set provider.require_parameters=true so routing only hits
providers that honor the requested response_format.

Update Kubernetes deploy docs and config for the verified coulombcore
handoff: Containerfile build path, image-pull-policy=Never for smoke
pods, credential-routing notes, and live smoke evidence. Mark
LLM-WP-0006 finished with closure notes from 2026-06-18.
This commit is contained in:
Bernd Worsch
2026-06-19 13:51:12 +02:00
parent 6a0319ee86
commit 90eb39c247
12 changed files with 176 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
docs/activity-core-llm-endpoint.md
View File

@@ -27,7 +27,7 @@ Default runtime values:
```text
provider=openrouter
model=anthropic/claude-sonnet-4
model=google/gemini-2.5-flash
temperature=0.2
max_tokens=1800
max_depth=2
@@ -47,6 +47,12 @@ Provider credentials must be injected at runtime through
`llm-connect-provider-secrets`; do not store credential values in Git or State
Hub.
Credential custody follows the ops-warden routing table: LLM provider API keys
are an operator/OpenBao-to-Kubernetes Secret action, not an ops-warden issuance
task. For the default OpenRouter profile, the Secret must provide
`OPENROUTER_API_KEY` without exposing the value in Git, State Hub, logs, or
chat.
## Local Smoke
Run a mock server that returns known schema-valid daily triage JSON:
@@ -85,6 +91,7 @@ Run the in-namespace smoke:
kubectl -n activity-core run llm-connect-smoke \
--rm -i --restart=Never \
--image=llm-connect:latest \
--image-pull-policy=Never \
--env=LLM_CONNECT_URL=http://llm-connect.activity-core.svc.cluster.local:8080 \
--env=LLM_CONNECT_TIMEOUT_SECONDS=300 \
-- python scripts/smoke_activity_core_endpoint.py
@@ -92,13 +99,17 @@ kubectl -n activity-core run llm-connect-smoke \
## Handoff Status
Code-owned artifacts are present in this repo. Live handoff is still pending
operator action:
Code-owned artifacts are present in this repo and the live llm-connect
handoff is verified as of 2026-06-18:
- Build/publish the `llm-connect` image selected by Railiance.
- Create the runtime provider Secret outside Git.
- Apply `deploy/k8s/activity-core-llm-connect`.
- Smoke from the `activity-core` namespace.
- Set activity-core `LLM_CONNECT_URL` to the stable URL above.
- Run or observe one daily WSJF smoke/manual activity run and confirm a
non-secret State Hub `daily_triage` progress event.
- `docker.io/library/llm-connect:latest` was rebuilt from `Containerfile`,
imported into the `coulombcore` k3s image store, and rolled out.
- `activity-core/llm-connect-provider-secrets` reports `DATA 1`; no Secret
values were inspected or recorded.
- The live ConfigMap sets `LLM_CONNECT_MODEL=google/gemini-2.5-flash` and
`LLM_CONNECT_CUSTODIAN_TRIAGE_MODEL=google/gemini-2.5-flash`.
- The in-namespace smoke passed against the stable Service:
`smoke: pass health=ok latency_seconds=2.147 recommendations=1`.
Scheduled `daily_triage` evidence collection is activity-core ownership under
`ACTIVITY-WP-0006`.