Add /llm endpoint to flask-poc weblog#7127
Draft
christophe-papazian wants to merge 10 commits into
Draft
Conversation
Contributor
|
|
|
Implements the GET /llm endpoint (model + operation query params) for the flask-poc weblog, covering the 6 openai-v2 operations (3 sync, 3 async). Adds openai==2.41.1 to requirements-flask-poc.txt. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
- Add /llm endpoint to flask weblog (sync + async OpenAI operations) - Fix setup_root_has_no_llm_tags method name in test_endpoints.py - Update python.yml manifest: enable tests for flask-poc v4.12.0rc1, mark legacy operations as irrelevant (openai >= 1.0 removed them), mark other weblogs as irrelevant (framework-independent feature) Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
christophe-papazian
force-pushed
the
christophe-papazian/flask-llm-endpoint
branch
from
35898c8 to
2084bdb
Compare
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
All weblogs sharing flask/app.py (flask-poc, uds-flask, uwsgi-poc) now have openai available. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
gh-worker-dd-mergequeue-cf854d Bot
pushed a commit
to DataDog/dd-trace-py
that referenced
this pull request
Jun 15, 2026
) APPSEC-68345 ## Description Emit `server.business_logic.llm.event` to the WAF when AppSec is enabled and an OpenAI `chat.completions`, `completions`, or `responses` call is made during a web request. Enables WAF rules to tag LLM-backed endpoints in the API Endpoint Catalog. - New `ddtrace/appsec/_contrib/openai/` listener dispatches the WAF address with provider and model on each call - `_constants.py` registers `LLM_EVENT` as a persistent WAF address - `patch.py` fixes raw-response streaming early-return path to still fire AppSec `.before` events; adds `completions` endpoint dispatch ## Testing `tests/contrib/openai/test_openai_appsec_llm_events.py` covers sync/async, chat/completions/responses, Azure OpenAI (`engine` kwarg), and streaming paths. Also validated with DataDog/system-tests#7127 ## Risks No-op when AppSec is off or outside a request context. WAF deduplicates persistent addresses so only the first LLM call per request is surfaced (by design). Co-authored-by: christophe.papazian <christophe.papazian@datadoghq.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
APPSEC-68345
Adds the
GET /llmendpoint to the flask-poc Python weblog, enabling system tests for LLM OpenAI instrumentation.Covers 6 operations (3 sync via
OpenAI(), 3 async viaAsyncOpenAI()). Legacy openai v0 operations are not included as they are incompatible withopenai==2.41.1.Also adds
openai==2.41.1torequirements-flask-poc.txt.