""" AI provider route matrix snapshot. Loads the latest committed, read-only AI Router / Ollama / OpenClaw / Nemotron / Gemini provider route matrix. This module never switches providers, calls paid APIs, probes external providers, reads secrets, changes runtime routes, enters shadow/canary, triggers workflows, or executes runtime actions. """ from __future__ import annotations import json from pathlib import Path from typing import Any from src.services.snapshot_paths import default_evaluations_dir _DEFAULT_EVALUATIONS_DIR = default_evaluations_dir(Path(__file__)) _SNAPSHOT_PATTERN = "ai_provider_route_matrix_*.json" _SCHEMA_VERSION = "ai_provider_route_matrix_v1" def load_latest_ai_provider_route_matrix( evaluations_dir: Path | None = None, ) -> dict[str, Any]: """Load the newest committed AI provider route matrix snapshot.""" directory = evaluations_dir or _DEFAULT_EVALUATIONS_DIR candidates = sorted(directory.glob(_SNAPSHOT_PATTERN)) if not candidates: raise FileNotFoundError(f"no AI provider route matrix snapshots found in {directory}") latest = candidates[-1] with latest.open(encoding="utf-8") as handle: payload = json.load(handle) if not isinstance(payload, dict): raise ValueError(f"{latest}: expected JSON object") _require_schema(payload, _SCHEMA_VERSION, str(latest)) _require_read_only_boundaries(payload, str(latest)) _require_operation_boundaries(payload, str(latest)) _require_rollup_consistency(payload, str(latest)) _require_route_evidence(payload, str(latest)) _require_candidate_gates(payload, str(latest)) _require_operator_denials(payload, str(latest)) _require_no_plaintext_secret_payload_keys(payload, str(latest)) return payload def _require_schema(payload: dict[str, Any], expected: str, label: str) -> None: actual = payload.get("schema_version") if actual != expected: raise ValueError(f"{label}: expected schema_version={expected}, got {actual!r}") def _require_read_only_boundaries(payload: dict[str, Any], label: str) -> None: program_status = payload.get("program_status") or {} if program_status.get("read_only_mode") is not True: raise ValueError(f"{label}: program_status.read_only_mode must be true") approval_boundaries = payload.get("approval_boundaries") or {} allowed = sorted(key for key, value in approval_boundaries.items() if value is not False) if allowed: raise ValueError(f"{label}: approval boundaries must remain false: {allowed}") def _require_operation_boundaries(payload: dict[str, Any], label: str) -> None: boundaries = payload.get("operation_boundaries") or {} if boundaries.get("read_only_api_allowed") is not True: raise ValueError(f"{label}: read_only_api_allowed must be true") blocked_flags = { "provider_switch_allowed", "production_routing_change_allowed", "use_ai_router_toggle_allowed", "fallback_order_change_allowed", "ollama_endpoint_change_allowed", "paid_api_call_allowed", "paid_api_frequency_increase_allowed", "external_provider_probe_allowed", "live_benchmark_allowed", "shadow_or_canary_allowed", "openclaw_replacement_allowed", "nemotron_shadow_allowed", "gemini_direct_call_allowed", "secret_read_allowed", "secret_plaintext_allowed", "notification_send_allowed", "workflow_trigger_allowed", "deploy_trigger_allowed", "reload_trigger_allowed", "runtime_execution_allowed", } allowed = sorted(flag for flag in blocked_flags if boundaries.get(flag) is not False) if allowed: raise ValueError(f"{label}: operation boundaries must remain false: {allowed}") def _require_rollup_consistency(payload: dict[str, Any], label: str) -> None: routes = payload.get("provider_routes") or [] gates = payload.get("candidate_gates") or [] gaps = payload.get("source_gaps") or [] rollups = payload.get("rollups") or {} if rollups.get("total_routes") != len(routes): raise ValueError(f"{label}: rollups.total_routes must match provider_routes") if rollups.get("by_kind") != _count_by(routes, "kind"): raise ValueError(f"{label}: rollups.by_kind must match provider_routes") if rollups.get("by_status") != _count_by(routes, "status"): raise ValueError(f"{label}: rollups.by_status must match provider_routes") if rollups.get("by_route_gate") != _count_by(routes, "route_gate"): raise ValueError(f"{label}: rollups.by_route_gate must match provider_routes") requiring_action = sorted( route.get("route_id") for route in routes if route.get("status") == "action_required" ) if sorted(rollups.get("route_ids_requiring_action") or []) != requiring_action: raise ValueError(f"{label}: rollups.route_ids_requiring_action must match routes") approval_gates = sorted( gate.get("gate_id") for gate in gates if gate.get("approval_required") is True ) if sorted(rollups.get("candidate_gate_ids_requiring_approval") or []) != approval_gates: raise ValueError( f"{label}: rollups.candidate_gate_ids_requiring_approval must match candidate_gates" ) if sorted(rollups.get("source_gap_ids") or []) != sorted(gap.get("gap_id") for gap in gaps): raise ValueError(f"{label}: rollups.source_gap_ids must match source_gaps") zero_count_fields = { "provider_switch_allowed_count", "paid_api_call_allowed_count", "shadow_or_canary_allowed_count", "runtime_route_change_allowed_count", } non_zero = sorted(field for field in zero_count_fields if rollups.get(field) != 0) if non_zero: raise ValueError(f"{label}: route permission rollup counts must remain 0: {non_zero}") def _require_route_evidence(payload: dict[str, Any], label: str) -> None: routes = payload.get("provider_routes") or [] missing = sorted( route.get("route_id") for route in routes if not route.get("current_policy") or not route.get("provider_order") or not route.get("fallback_policy") or not route.get("evidence_refs") or not route.get("next_action") ) if missing: raise ValueError(f"{label}: provider_routes must include policy, order, evidence, next_action: {missing}") required_route_ids = { "ai_router_execution_policy", "ollama_global_endpoint_order", "alert_ai_ollama_first_lane", "openclaw_nemo_rca_lane", "nemotron_tool_calling_candidate", "gemini_final_fallback_policy", } present = {route.get("route_id") for route in routes} missing_required = sorted(required_route_ids - present) if missing_required: raise ValueError(f"{label}: missing required provider routes: {missing_required}") blocked_candidates = sorted( route.get("route_id") for route in routes if route.get("kind") == "nemotron_candidate" and route.get("status") != "blocked" ) if blocked_candidates: raise ValueError(f"{label}: Nemotron candidates must remain blocked: {blocked_candidates}") def _require_candidate_gates(payload: dict[str, Any], label: str) -> None: gates = payload.get("candidate_gates") or [] required_ids = { "provider_switch_gate", "nemotron_replay_gate", "paid_provider_call_gate", } present = {gate.get("gate_id") for gate in gates} missing = sorted(required_ids - present) if missing: raise ValueError(f"{label}: missing required candidate gates: {missing}") not_approval_required = sorted( gate.get("gate_id") for gate in gates if gate.get("approval_required") is not True ) if not_approval_required: raise ValueError(f"{label}: candidate gates must require approval: {not_approval_required}") def _require_operator_denials(payload: dict[str, Any], label: str) -> None: contract = payload.get("operator_contract") or {} must_not_interpret_as = set(contract.get("must_not_interpret_as") or []) required_denials = { "provider 切換批准", "production routing change 批准", "Gemini / Claude / NVIDIA 付費呼叫批准", "OpenClaw 取代或降級批准", "Nemotron 進 shadow / canary 批准", "fallback order 修改批准", "Ollama endpoint / ConfigMap 修改批准", "Secret payload 已讀取或可輸出", "外部 live probe 或 benchmark 批准", "workflow / deploy / reload 觸發批准", "runtime execution 授權", } if not required_denials.issubset(must_not_interpret_as): raise ValueError(f"{label}: operator_contract.must_not_interpret_as is missing required denials") provider_switch_policy = str(contract.get("provider_switch_policy") or "") if "P1-004" not in provider_switch_policy or "只能盤點與顯示" not in provider_switch_policy: raise ValueError(f"{label}: provider_switch_policy must preserve P1-004 read-only boundary") def _require_no_plaintext_secret_payload_keys(value: Any, label: str, path: str = "$") -> None: if isinstance(value, dict): forbidden_key_fragments = { "secret_value", "token_value", "authorization_header", "private_key", "webhook_secret", "runner_token", "gemini_api_key_value", "nvidia_api_key_value", "claude_api_key_value", } for key, nested in value.items(): lowered = str(key).lower() if any(fragment in lowered for fragment in forbidden_key_fragments): raise ValueError(f"{label}: forbidden secret payload key at {path}.{key}") _require_no_plaintext_secret_payload_keys(nested, label, f"{path}.{key}") elif isinstance(value, list): for index, nested in enumerate(value): _require_no_plaintext_secret_payload_keys(nested, label, f"{path}[{index}]") def _count_by(items: list[dict[str, Any]], key: str) -> dict[str, int]: counts: dict[str, int] = {} for item in items: value = item.get(key) counts[value] = counts.get(value, 0) + 1 return counts