Skip to content

Merge latest upstream/develop branch changes into rh aiq main #117

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 8 commits into
base: rh-aiq-main
Choose a base branch
from
Open

Merge latest upstream/develop branch changes into rh aiq main #117

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
d271a2d
Update workflow to allow disabling the vulnerability dependency check…
shawn-davis Jul 30, 2025
69161b7
Add max_retries option to cve_fetch_intel (#113)
efajardo-nv Aug 6, 2025
f3473aa
Add request_timeout option to cve_fetch_intel (#114)
efajardo-nv Aug 7, 2025
43055ce
Add `intel_source_timeout` config to `cve_fetch_intel` function (#118)
ashsong-nv Aug 18, 2025
844d75e
Update nat dependency to rc8 and up (#120)
katherineh123 Aug 19, 2025
b071f0c
migrating to nat 1.2.0 (#121)
katherineh123 Aug 30, 2025
93ae5c1
Merge remote-tracking branch' 'upstream/develop' into rh-aiq-main
zvigrinberg Sep 10, 2025
780fa44
Merge branch 'rh-aiq-main' into merge-develop-into-rh-aiq-main
zvigrinberg Sep 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
96 changes: 45 additions & 51 deletions README.md
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion deploy/1_Deploy_CVE.ipynb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -618,7 +618,7 @@
"source": [
"Run the following commands:\n",
"- `cp configs/config.yml .tmp/config.yml` and\n",
"- `aiq serve --config_file=.tmp/config.yml --host 0.0.0.0 --port 26466`"
"- `nat serve --config_file=.tmp/config.yml --host 0.0.0.0 --port 26466`"
]
},
{
Expand Down
2 changes: 1 addition & 1 deletion deploy/2_Customize_CVE.ipynb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -904,7 +904,7 @@
"This looks good! Now, we will submit it to the HTTP server of the Vulnerability Analysis workflow. If your HTTP server is no longer running, you can bring it back up by running the following command again in your container.\n",
"\n",
"```bash\n",
"aiq serve --config_file=.tmp/config.yml --host 0.0.0.0 --port 26466\n",
"nat serve --config_file=.tmp/config.yml --host 0.0.0.0 --port 26466\n",
"```\n",
"\n",
"We can submit the custom scan request as below by running the curl command. Like last time, keep an eye on the output in the terminal where you ran this command `docker compose exec -it vuln-analysis bash`."
Expand Down
4 changes: 2 additions & 2 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ dynamic = ["version"]
dependencies = [
"aiohttp-client-cache==0.11",
"aioresponses==0.7.6",
"nvidia-nat[langchain,profiling,telemetry]>=1.2.0rc8,<1.3.0",
"nvidia-nat[langchain,profiling,telemetry]>=1.2.0,<1.4.0",
"aiofiles",
"brotli",
"esprima",
Expand All @@ -36,7 +36,7 @@ requires-python = ">=3.11,<3.13"
description = "NVIDIA AI Blueprint: Vulnerability Analysis for Container Security"
classifiers = ["Programming Language :: Python"]

[project.entry-points.'aiq.components']
[project.entry-points.'nat.components']
vuln_analysis = "vuln_analysis.register"

[dependency-groups]
Expand Down
2 changes: 1 addition & 1 deletion quick_start/quick_start_guide.ipynb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -337,7 +337,7 @@
"metadata": {},
"source": [
"```bash\n",
"aiq serve --config_file=.tmp/config.yml --host 0.0.0.0 --port 26466\n",
"nat serve --config_file=.tmp/config.yml --host 0.0.0.0 --port 26466\n",
"```"
]
},
Expand Down
2 changes: 1 addition & 1 deletion scripts/run_all_messages.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,5 @@ for input_file in ${input_files[@]}; do
echo "Running workflow for ${base_name}..."

dotenv -f .env run -- \
aiq run --config_file=configs/config.yml --input_file=${input_file}
nat run --config_file=configs/config.yml --input_file=${input_file}
done
86 changes: 43 additions & 43 deletions src/vuln_analysis/configs/openapi/openapi.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
"/generate": {
"post": {
"summary": "Post Single",
"description": "Executes the default AIQ Toolkit workflow from the loaded configuration",
"description": "Executes the default NeMo Agent Toolkit workflow from the loaded configuration",
"operationId": "post_single_generate_post",
"requestBody": {
"content": {
Expand Down Expand Up @@ -57,7 +57,7 @@
"/generate/stream": {
"post": {
"summary": "Post Stream",
"description": "Executes the default AIQ Toolkit workflow from the loaded configuration",
"description": "Executes the default NeMo Agent Toolkit workflow from the loaded configuration",
"operationId": "post_stream_generate_stream_post",
"requestBody": {
"content": {
Expand Down Expand Up @@ -173,13 +173,13 @@
"/chat": {
"post": {
"summary": "Post Single",
"description": "Executes the default AIQ Toolkit workflow from the loaded configuration",
"description": "Executes the default NeMo Agent Toolkit workflow from the loaded configuration",
"operationId": "post_single_chat_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQChatRequest"
"$ref": "#/components/schemas/ChatRequest"
}
}
},
Expand All @@ -191,7 +191,7 @@
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQChatResponse"
"$ref": "#/components/schemas/ChatResponse"
}
}
}
Expand Down Expand Up @@ -222,13 +222,13 @@
"/chat/stream": {
"post": {
"summary": "Post Stream",
"description": "Executes the default AIQ Toolkit workflow from the loaded configuration",
"description": "Executes the default NeMo Agent Toolkit workflow from the loaded configuration",
"operationId": "post_stream_chat_stream_post",
"requestBody": {
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQChatRequest"
"$ref": "#/components/schemas/ChatRequest"
}
}
},
Expand All @@ -242,10 +242,10 @@
"schema": {
"anyOf": [
{
"$ref": "#/components/schemas/AIQChatResponseChunk"
"$ref": "#/components/schemas/ChatResponseChunk"
},
{
"$ref": "#/components/schemas/AIQResponseIntermediateStep"
"$ref": "#/components/schemas/ResponseIntermediateStep"
}
],
"title": "Response Post Stream Chat Stream Post"
Expand Down Expand Up @@ -287,7 +287,7 @@
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQEvaluateStatusResponse"
"$ref": "#/components/schemas/EvaluateStatusResponse"
}
}
}
Expand Down Expand Up @@ -330,7 +330,7 @@
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQEvaluateStatusResponse"
"$ref": "#/components/schemas/EvaluateStatusResponse"
}
}
}
Expand Down Expand Up @@ -392,7 +392,7 @@
"schema": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AIQEvaluateStatusResponse"
"$ref": "#/components/schemas/EvaluateStatusResponse"
},
"title": "Response Get Jobs Evaluate Jobs Get"
}
Expand Down Expand Up @@ -431,7 +431,7 @@
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQEvaluateRequest"
"$ref": "#/components/schemas/EvaluateRequest"
}
}
},
Expand All @@ -443,7 +443,7 @@
"content": {
"application/json": {
"schema": {
"$ref": "#/components/schemas/AIQEvaluateResponse"
"$ref": "#/components/schemas/EvaluateResponse"
}
}
}
Expand Down Expand Up @@ -474,7 +474,7 @@
},
"components": {
"schemas": {
"AIQChatRequest": {
"ChatRequest": {
"properties": {
"messages": {
"items": {
Expand Down Expand Up @@ -533,10 +533,10 @@
"required": [
"messages"
],
"title": "AIQChatRequest",
"description": "AIQChatRequest is a data model that represents a request to the AIQ Toolkit chat API."
"title": "ChatRequest",
"description": "ChatRequest is a data model that represents a request to the NeMo Agent Toolkit chat API."
},
"AIQChatResponse": {
"ChatResponse": {
"properties": {
"id": {
"type": "string",
Expand All @@ -558,15 +558,15 @@
},
"choices": {
"items": {
"$ref": "#/components/schemas/AIQChoice"
"$ref": "#/components/schemas/Choice"
},
"type": "array",
"title": "Choices"
},
"usage": {
"anyOf": [
{
"$ref": "#/components/schemas/AIQUsage"
"$ref": "#/components/schemas/Usage"
},
{
"type": "null"
Expand All @@ -582,18 +582,18 @@
"created",
"choices"
],
"title": "AIQChatResponse",
"description": "AIQChatResponse is a data model that represents a response from the AIQ Toolkit chat API."
"title": "ChatResponse",
"description": "ChatResponse is a data model that represents a response from the NeMo Agent Toolkit chat API."
},
"AIQChatResponseChunk": {
"ChatResponseChunk": {
"properties": {
"id": {
"type": "string",
"title": "Id"
},
"choices": {
"items": {
"$ref": "#/components/schemas/AIQChoice"
"$ref": "#/components/schemas/Choice"
},
"type": "array",
"title": "Choices"
Expand Down Expand Up @@ -621,13 +621,13 @@
"choices",
"created"
],
"title": "AIQChatResponseChunk",
"description": "AIQChatResponseChunk is a data model that represents a response chunk from the AIQ Toolkit chat streaming API."
"title": "ChatResponseChunk",
"description": "ChatResponseChunk is a data model that represents a response chunk from the NeMo Agent Toolkit chat streaming API."
},
"AIQChoice": {
"Choice": {
"properties": {
"message": {
"$ref": "#/components/schemas/AIQChoiceMessage"
"$ref": "#/components/schemas/ChoiceMessage"
},
"finish_reason": {
"anyOf": [
Expand Down Expand Up @@ -658,9 +658,9 @@
"message",
"index"
],
"title": "AIQChoice"
"title": "Choice"
},
"AIQChoiceMessage": {
"ChoiceMessage": {
"properties": {
"content": {
"anyOf": [
Expand All @@ -686,9 +686,9 @@
}
},
"type": "object",
"title": "AIQChoiceMessage"
"title": "ChoiceMessage"
},
"AIQEvaluateRequest": {
"EvaluateRequest": {
"properties": {
"config_file": {
"type": "string",
Expand Down Expand Up @@ -724,10 +724,10 @@
"required": [
"config_file"
],
"title": "AIQEvaluateRequest",
"title": "EvaluateRequest",
"description": "Request model for the evaluate endpoint."
},
"AIQEvaluateResponse": {
"EvaluateResponse": {
"properties": {
"job_id": {
"type": "string",
Expand All @@ -745,10 +745,10 @@
"job_id",
"status"
],
"title": "AIQEvaluateResponse",
"title": "EvaluateResponse",
"description": "Response model for the evaluate endpoint."
},
"AIQEvaluateStatusResponse": {
"EvaluateStatusResponse": {
"properties": {
"job_id": {
"type": "string",
Expand Down Expand Up @@ -823,10 +823,10 @@
"created_at",
"updated_at"
],
"title": "AIQEvaluateStatusResponse",
"title": "EvaluateStatusResponse",
"description": "Response model for the evaluate status endpoint."
},
"AIQResponseIntermediateStep": {
"ResponseIntermediateStep": {
"properties": {
"id": {
"type": "string",
Expand Down Expand Up @@ -864,10 +864,10 @@
"name",
"payload"
],
"title": "AIQResponseIntermediateStep",
"description": "AIQResponseSerializedStep is a data model that represents a serialized step in the AIQ Toolkit chat streaming API."
"title": "ResponseIntermediateStep",
"description": "ResponseSerializedStep is a data model that represents a serialized step in the NeMo Agent Toolkit chat streaming API."
},
"AIQUsage": {
"Usage": {
"properties": {
"prompt_tokens": {
"type": "integer",
Expand All @@ -888,7 +888,7 @@
"completion_tokens",
"total_tokens"
],
"title": "AIQUsage"
"title": "Usage"
},
"AgentIntermediateStep": {
"properties": {
Expand Down Expand Up @@ -2980,4 +2980,4 @@
}
}
}
}
}
13 changes: 8 additions & 5 deletions src/vuln_analysis/functions/cve_agent.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,20 @@
from vuln_analysis.runtime_context import ctx_state
import logging
import typing
from aiq.builder.builder import Builder
from aiq.builder.framework_enum import LLMFrameworkEnum
from aiq.builder.function_info import FunctionInfo
from aiq.cli.register_workflow import register_function
from aiq.data_models.function import FunctionBaseConfig

from nat.builder.builder import Builder
from nat.builder.framework_enum import LLMFrameworkEnum
from nat.builder.function_info import FunctionInfo
from nat.cli.register_workflow import register_function
from nat.data_models.function import FunctionBaseConfig
from langchain.agents import AgentExecutor
from langchain.agents import create_react_agent
from langchain.agents.agent import RunnableAgent
from langchain.agents.mrkl.output_parser import MRKLOutputParser
from langchain_core.exceptions import OutputParserException
from langchain_core.prompts import PromptTemplate
from pydantic import Field

from vuln_analysis.data_models.state import AgentMorpheusEngineState
from vuln_analysis.utils.prompting import get_agent_prompt
from vuln_analysis.logging.loggers_factory import LoggingFactory, trace_id
Expand Down Expand Up @@ -106,6 +107,7 @@ async def _create_agent(config: CVEAgentExecutorToolConfig, builder: Builder,


async def _process_steps(agent, steps, semaphore):

async def _process_step(step):
if semaphore:
async with semaphore:
Expand Down Expand Up @@ -170,6 +172,7 @@ def _postprocess_results(results: list[list[dict]], replace_exceptions: bool,

@register_function(config_type=CVEAgentExecutorToolConfig, framework_wrappers=[LLMFrameworkEnum.LANGCHAIN])
async def cve_agent(config: CVEAgentExecutorToolConfig, builder: Builder):

semaphore = asyncio.Semaphore(config.max_concurrency) if config.max_concurrency else None

async def _arun(state: AgentMorpheusEngineState) -> AgentMorpheusEngineState:
Expand Down
Loading