Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: keyvault requires multi-tenant #106

Merged
merged 2 commits into from
May 18, 2023
Merged

fix: keyvault requires multi-tenant #106

merged 2 commits into from
May 18, 2023

Conversation

dciborow
Copy link
Collaborator

github-actions[bot]
github-actions bot reviewed May 18, 2023
View reviewed changes
src/gpt_review/context.py Outdated Show resolved Hide resolved
@dciborow @github-actions
Update src/gpt_review/context.py
173bde9 
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
github-actions[bot]
github-actions bot reviewed May 18, 2023
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary by GPT-4

This change adds the additionally_allowed_tenants parameter to the DefaultAzureCredential constructor with a value of "*" (a wildcard). This means that the credential will be allowed to authenticate with any tenant, not just the one specified in the environment variable or configuration file. This can be useful in scenarios where you want to allow access to multiple tenants without having to specify each one individually.

Suggestions

Here are some suggestions for improving the changes in this PR:

  1. Add a comment explaining the reason for using additionally_allowed_tenants=["*"] in the DefaultAzureCredential() function call. This will help other developers understand the purpose of this change.

  2. Consider breaking down the long lines of code into multiple lines for better readability. For example, you can assign the values of kv_client.get_secret("azure-open-ai").value and kv_client.get_secret("azure-openai-key").value to separate variables before assigning them to openai.api_base and openai.api_key.

Here's an example with these suggestions applied:

def _load_azure_openai_context() -> Context:
    if "OPENAI_API_KEY" in os.environ:
        openai.api_key = os.environ["OPENAI_API_KEY"]
    else:
        # Allow all tenants to access the key vault
        credential = DefaultAzureCredential(additionally_allowed_tenants=["*"])
        
        kv_client = SecretClient(
            vault_url=os.getenv("AZURE_KEY_VAULT_URL", C.AZURE_KEY_VAULT),
            credential=credential,
        )
        
        api_base_value = kv_client.get_secret("azure-open-ai").value  # type: ignore
        api_key_value = kv_client.get_secret("azure-openai-key").value  # type: ignore
        
        openai.api_base = os.environ["OPENAI_API_BASE"] = api_base_value
        openai.api_key = os.environ["OPENAI_API_KEY"] = api_key_value

    return Context()

This should make the code more readable and easier to understand for future developers working on this project.

@dciborow dciborow enabled auto-merge (squash) May 18, 2023 18:18
@dciborow dciborow merged commit 3b1194d into main May 18, 2023
@dciborow dciborow deleted the dciborow/fix-credential-issue branch May 18, 2023 19:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@deepika087 deepika087 deepika087 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dciborow @deepika087