mirror of
https://gh.wpcy.net/https://github.com/discourse/discourse.git
synced 2026-06-19 05:35:40 +08:00
79e3d8b003
Introduce an `AiSecret` model to allow admins to manage API keys and secrets in a single place, shared across LLMs and embedding definitions. Previously each LLM and embedding stored its own api_key directly. This change introduces a secrets vault so that a single secret can be referenced by multiple models, reducing duplication and making key rotation easier. Key changes: - New `ai_secrets` table, model, serializer, and CRUD controller with in-use protection on delete - LlmModel and EmbeddingDefinition now accept an optional `ai_secret_id` foreign key as an alternative to inline `api_key`; validation ensures one or the other is set - Provider params of type `:secret` (e.g. Bedrock `access_key_id`) resolve through AiSecret at runtime - Admin UI: new Secrets nav tab with list/edit views, inline AiSecretSelector dropdown + quick-create modal on LLM and embedding editor forms - Post-migration deduplicates existing api_key values into the new secrets table and back-fills foreign keys - Fabricator and specs for model, controller, and usage-tracking logic --------- Co-authored-by: awesomerobot <kris.aubuchon@discourse.org> Co-authored-by: Keegan George <kgeorge13@gmail.com>
6 lines
148 B
Ruby
Vendored
6 lines
148 B
Ruby
Vendored
# frozen_string_literal: true
|
|
|
|
Fabricator(:ai_secret) do
|
|
name { sequence(:name) { |n| "API Secret #{n}" } }
|
|
secret "sk-test-secret-key-123"
|
|
end
|
