Skip to content

feat(governance): LlamaIndex adapter#360

Open
aditik0303 wants to merge 7 commits into
mainfrom
feat/governance-llamaindex
Open

feat(governance): LlamaIndex adapter#360
aditik0303 wants to merge 7 commits into
mainfrom
feat/governance-llamaindex

Conversation

@aditik0303

@aditik0303 aditik0303 commented Jun 24, 2026

Copy link
Copy Markdown

Summary

Adds a LlamaIndex governance adapter to uipath-llamaindex. It lets UiPath governance evaluate what a LlamaIndex workflow/agent does at the model and tool level, and block disallowed actions, without the agent author writing governance code. This package contains only the LlamaIndex-specific bridge.

What it does

  • Detects a workflows.Workflow. LlamaIndex routes LLM and tool calls through its process-global instrumentation dispatcher (the same mechanism used for OpenInference tracing), so the adapter governs by registering an event handler on the root dispatcher rather than mutating the agent; attach returns the agent unchanged.

  • Maps each instrumentation event to a governance check:

    LlamaIndex event Governance hook
    LLMChatStartEvent BEFORE_MODEL
    LLMChatEndEvent AFTER_MODEL
    AgentToolCallEvent TOOL_CALL
  • LlamaIndex emits no tool-end event, so AFTER_TOOL is not wired; a tool result is instead governed at the next BEFORE_MODEL, where it is fed back to the model as input.

  • Enforces by letting a GovernanceBlockException (raised on a DENY decision) propagate, stopping the model call or tool. Any other error inside a governance hook is logged and swallowed, so a governance failure cannot break an otherwise-healthy agent run.

  • Installed by the runtime factory: passing an evaluator to new_runtime wires governance onto the resolved agent in place. No adapter registry, no entry point, no import-time registration.

What it does not do

  • Does not fire agent-level boundaries (BEFORE_AGENT / AFTER_AGENT); those are owned by the governance host.
  • Does not depend on platform, auth, transport, or runtime internals — only on the shared governance contracts in uipath-core.

aditik0303 and others added 2 commits June 22, 2026 23:09
Registers a BaseEventHandler on the root instrumentation dispatcher (LLMChatStartEvent -> BEFORE_MODEL, LLMChatEndEvent -> AFTER_MODEL, AgentToolCallEvent -> TOOL_CALL).

Self-registers via the uipath.governance.adapters entry point; unit-tested and verified firing through the framework's real execution path. BEFORE/AFTER_AGENT remain owned by the uipath-runtime wrapper.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
…, framework-only can_handle)

Mirror radu's LangChain-adapter review across the LlamaIndex adapter:
- __init__: drop the import-time registration side-effect; registration only via the uipath.governance.adapters entry point.
- can_handle: claim only a real workflows.Workflow; remove the duck-typed (run / Workflow-shaped name) fallback.
- docstring: 'governance host' instead of uipath-runtime internals.
- tests: can_handle uses a real stepped Workflow; a duck-typed look-alike is now rejected.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings June 24, 2026 12:37

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a UiPath governance adapter for LlamaIndex workflows, integrating with LlamaIndex’s global instrumentation dispatcher and exposing registration via an entry point for governance-host discovery.

Changes:

  • Introduces LlamaIndexAdapter, GovernanceEventHandler, and callback routing for BEFORE_MODEL / AFTER_MODEL / TOOL_CALL.
  • Adds entry-point based adapter registration (uipath.governance.adapters) with idempotent registration logic.
  • Adds unit tests exercising real LlamaIndex instrumentation events and dispatcher attach/detach behavior; updates dependencies/lockfile to include uipath-core.

Reviewed changes

Copilot reviewed 4 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
packages/uipath-llamaindex/uv.lock Adds uipath-core to the locked dependency set.
packages/uipath-llamaindex/tests/governance/test_adapter.py New tests covering can_handle, dispatcher attach/detach, event routing, argument coercion, and exception semantics.
packages/uipath-llamaindex/tests/governance/init.py Adds governance tests package marker.
packages/uipath-llamaindex/src/uipath_llamaindex/governance/adapter.py Implements the LlamaIndex governance adapter, dispatcher handler, and payload extraction helpers.
packages/uipath-llamaindex/src/uipath_llamaindex/governance/init.py Adds entry-point callable register_governance_adapter() with idempotent registry registration.
packages/uipath-llamaindex/pyproject.toml Adds uipath-core dependency and the uipath.governance.adapters entry point.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread packages/uipath-llamaindex/src/uipath_llamaindex/governance/adapter.py Outdated
aditik0303 and others added 5 commits June 24, 2026 18:27
Module docstring: registers via the uipath.governance.adapters entry point, not at import time.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
These files were swept into the branch by a broad add; they are unrelated to the governance adapter. Reverting/removing them so the PR contains only governance changes.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
An earlier cleanup commit compared against a stale local main and wrongly removed SETUP.MD and reverted the LlamaIndex docs change. Both files come from main (PRs #352/#356), not this branch. Restore them to the main version so this PR is governance-only with no spurious deletions.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Core PR #1761 removed BaseAdapter from uipath-core. Migrate to the
factory-evaluator pattern (matching #899):

- governance/adapter.py -> event_handler.py: replace the BaseAdapter
  subclass (name/can_handle/attach/detach) with module-level
  install_governance() that registers the GovernanceEventHandler on the
  root instrumentation dispatcher; keep the handler + callbacks. File
  named for its seam (the event handler), like LangChain's callbacks.py.
- runtime/factory.py: new_runtime reads `evaluator` from kwargs and
  calls install_governance.
- governance/__init__.py: drop register_governance_adapter + registry
  import; expose install_governance. No import-time side effects.
- pyproject.toml: remove the uipath.governance.adapters entry point.
- tests (test_adapter.py -> test_event_handler.py): drop can_handle/
  attach/detach; cover install_governance + factory wiring.

ruff + mypy clean; 17 governance tests pass.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Review findings (Viswa) for PR #360:

- Re-install now rebinds the single process-global handler to the new run's
  evaluator / session instead of silently no-oping. The dispatcher is
  process-global, so a reused process serving a new runtime previously kept
  governing under the *first* run's evaluator; last install now wins.
- Added uninstall_governance() (public detach) and wired it into the factory's
  dispose, so the global dispatcher does not retain the evaluator (and its
  resources) after the runtime is gone. Tests use it instead of mutating
  dispatcher.event_handlers directly.
- Documented the process-global model explicitly: single active governance
  handler per process; two *concurrently* executing runtimes in one process
  would share the latest-installed evaluator — a property of LlamaIndex's
  global instrumentation, matching the one-workflow-per-process runtime model.
- Documented that handle() is a deliberately synchronous gate: a BEFORE_MODEL /
  TOOL_CALL decision must complete (and be able to BLOCK) before the underlying
  call proceeds; an async out-of-band check could not gate it.
- Drop the per-callbacks uuid trace_id (identical for every call); trace
  correlation is owned by the layer below, matching LangChain. Requires
  uipath-core >= 0.5.20 (removed trace_id from EvaluatorProtocol) — bumped.
- Count llm/tool calls only after governance passes (no inflation on block).

Tests: reinstall-rebinds-single-handler, uninstall-removes-handler, and made
the swallow-on-error caplog assertion propagation-independent.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@sonarqubecloud

sonarqubecloud Bot commented Jul 1, 2026

Copy link
Copy Markdown

Quality Gate Failed Quality Gate failed

Failed conditions
88.5% Coverage on New Code (required ≥ 90%)

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants