Skip to content

hosting: lint fixes + address #677 review comments#678

Merged
kevintang513 merged 2 commits into
mainfrom
kevintang/agent-sdk-hosting-followup
May 30, 2026
Merged

hosting: lint fixes + address #677 review comments#678
kevintang513 merged 2 commits into
mainfrom
kevintang/agent-sdk-hosting-followup

Conversation

@kevintang513

Copy link
Copy Markdown
Contributor

Follow-up to #677. Fixes the lint-and-format check on main, and addresses the non-blocking review items (chunked-encoding note, tenant-parse robustness, kind-quickstart re-run UX, AGENT_IMAGE check timing, plus a few clarifying comments). Items 4/5/10/11 from the review are intentionally left — they're already covered by the README's 'What this doesn't give you' section.

- server.py, gateway/main.py: note that _limit_body_size only checks
  Content-Length; chunked bodies pass through (review #1)
- gateway/main.py: strip token:tenant pairs and skip malformed entries
  when parsing GATEWAY_TENANTS; log loaded count (review #2)
- requirements.txt, server.py _remember, gateway/proxy.py: clarifying
  comments (review #3, #6, #7)
- gateway/k8s.py: validate AGENT_IMAGE in initialize_standby_pool()
  instead of at import time (review #8)
- kind-quickstart.sh: auto-restart gateway on re-runs so regenerated
  GATEWAY_TENANTS takes effect (review #9)
@kevintang513 kevintang513 requested a review from PedramNavid May 29, 2026 02:55
@github-actions

Copy link
Copy Markdown

Notebook Changes

This PR modifies the following notebooks:

📓 claude_agent_sdk/07_Hosting_the_agent.ipynb

View diff
nbdiff claude_agent_sdk/07_Hosting_the_agent.ipynb (31cfc00ca5e8049a23a410d1fee0dd8428104cad) claude_agent_sdk/07_Hosting_the_agent.ipynb (4c55042d610b228b8983fafccdcfd0849e9eca5d)
--- claude_agent_sdk/07_Hosting_the_agent.ipynb (31cfc00ca5e8049a23a410d1fee0dd8428104cad)  (no timestamp)
+++ claude_agent_sdk/07_Hosting_the_agent.ipynb (4c55042d610b228b8983fafccdcfd0849e9eca5d)  (no timestamp)
## modified /cells/4/source:
@@ -1,3 +1,4 @@
-from research_agent.agent import RESEARCH_SYSTEM_PROMPT, DEFAULT_MODEL
+from research_agent.agent import DEFAULT_MODEL, RESEARCH_SYSTEM_PROMPT
+
 print(f"model: {DEFAULT_MODEL}")
 print(RESEARCH_SYSTEM_PROMPT)

Generated by nbdime

@github-actions

Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

PR Review

Recommendation: COMMENT

Summary

Follow-up to #677 that lands the lint-and-format check on main and addresses the non-blocking review comments — moves the AGENT_IMAGE check to runtime, hardens GATEWAY_TENANTS parsing, improves the kind-quickstart re-run UX, and adds clarifying comments. No blocking issues; all findings below are observability/wording nits.

Actionable Feedback (3 items)
  • claude_agent_sdk/hosting/kubernetes/gateway/main.py:74 — The module-level logger.info("gateway: loaded %d tenant token(s)", ...) runs at import. uvicorn configures logging after importing the app, and Python's default root logger is WARNING with no handler. This line almost certainly emits nothing. Either move it into lifespan() or add logging.basicConfig(level=logging.INFO). Observability-only, not functional.
  • claude_agent_sdk/hosting/kubernetes/gateway/k8s.py:47-49 — Comment claims the relocated check "fails its readiness probe." An exception in FastAPI's lifespan() startup actually causes uvicorn to exit the process → pod will CrashLoopBackOff, not fail readiness. The real win is a clear traceback in pod logs and a clean shutdown path. Consider rewording (e.g. "logs a clear startup error in pod logs").
  • claude_agent_sdk/hosting/kubernetes/gateway/main.py:66-73 — Subtle behavior change: the rewrite now .strip()s tokens. A misconfig like " abc:alice" previously created a token that no bearer header would ever match (HTTP strips whitespace); now it works. Probably the intended improvement, but worth a one-line comment so a future reader doesn't "fix" it.
Detailed Review

Code Quality

  • The tenant-parsing rewrite is much clearer than the previous dict-comprehension and correctly drops empty-token pairs. The len(_parts) != 2 guard is dead-defensive (split(":", 1) returns at most 2 elements), but it's harmless and the if not _token guard does the real work.
  • REUSING_CLUSTER scoping in kind-quickstart.sh is correctly handled under set -u: assigned only in the else branch and consumed with ${REUSING_CLUSTER:-}.
  • Notebook output-cell key reorders (output_type/name) are nbformat-normalized; they'll flip back on the next Run All in some environments. Consider adding nbformat normalization to pre-commit if you want it to stick.
  • # noqa: S106 on the k8s Secret name "egress-proxy-tls" is correct — it's a Secret object name, not credential content.

Security

  • No security regressions. Tenant parsing remains strict about empty tokens (the original concern from #677). Auth flow and ownership checks are unchanged.
  • _limit_body_size Content-Length-only behavior is now documented (good); the existing guidance to put a real size limit on the LB/gateway in production is the right framing.

Suggestions

  • The import reorder in server.py moves the "agent we built in notebook 00…" comment so it visually sits inside the third-party group. Cosmetic — Ruff's isort treated research_agent as first-party correctly.

Positive Notes

  • proxy.py:43 — the "Not async with on purpose — the client must outlive send(..., stream=True)" comment is exactly the kind of why comment that prevents a well-meaning future refactor from breaking the stream.
  • server.py:166-168 — cross-reference from _remember() to the Redis SET NX equivalent in kubernetes/gateway/k8s.py couples the two tiers' approaches at the comment level. Nice.
  • requirements.txt — the note that the Dockerfile npm pin moves together with the Python pin set is a great anti-footgun for whoever bumps these next.

@PedramNavid PedramNavid left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@kevintang513 kevintang513 merged commit f1d568d into main May 30, 2026
8 checks passed
@kevintang513 kevintang513 deleted the kevintang/agent-sdk-hosting-followup branch May 30, 2026 01:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants