mirror of
https://github.com/googleapis/genai-toolbox.git
synced 2026-02-13 00:25:10 -05:00
293c1d6889
This PR introduces a significant update to the Toolbox configuration file format, which is one of the primary **breaking changes** required for the implementation of the Advanced Control Plane. # Summary of Changes The configuration schema has been updated to enforce resource isolation and facilitate atomic, incremental updates. * Resource Isolation: Resource definitions are now separated into individual blocks, using a distinct structure for each resource type (Source, Tool, Toolset, etc.). This improves readability, management, and auditing of configuration files. * Field Name Modification: Internal field names have been modified to align with declarative methodologies. Specifically, the configuration now separates kind (general resource type, e.g., Source) from type (specific implementation, e.g., Postgres). # User Impact Existing tools.yaml configuration files are now in an outdated format. Users must eventually update their files to the new YAML format. # Mitigation & Compatibility Backward compatibility is maintained during this transition to ensure no immediate user action is required for existing files. * Immediate Backward Compatibility: The source code includes a pre-processing layer that automatically detects outdated configuration files (v1 format) and converts them to the new v2 format under the hood. * [COMING SOON] Migration Support: The new toolbox migrate subcommand will be introduced to allow users to automatically convert their old configuration files to the latest format. # Example Example for config file v2: ``` kind: sources name: my-pg-instance type: cloud-sql-postgres project: my-project region: my-region instance: my-instance database: my_db user: my_user password: my_pass --- kind: authServices name: my-google-auth type: google clientId: testing-id --- kind: tools name: example_tool type: postgres-sql source: my-pg-instance description: some description statement: SELECT * FROM SQL_STATEMENT; parameters: - name: country type: string description: some description --- kind: tools name: example_tool_2 type: postgres-sql source: my-pg-instance description: returning the number one statement: SELECT 1; --- kind: toolsets name: example_toolset tools: - example_tool ``` --------- Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Co-authored-by: Averi Kitsch <akitsch@google.com>
1.9 KiB
1.9 KiB
title, type, weight, description
| title | type | weight | description |
|---|---|---|---|
| Google Sign-In | docs | 1 | Use Google Sign-In for Oauth 2.0 flow and token lifecycle. |
Getting Started
Google Sign-In manages the OAuth 2.0 flow and token lifecycle. To integrate the Google Sign-In workflow to your web app follow this guide.
After setting up the Google Sign-In workflow, you should have registered your
application and retrieved a Client ID. Configure your auth service
in with the Client ID.
Behavior
Authorized Invocations
When using Authorized Invocations, a tool will be considered authorized if it has a valid Oauth 2.0 token that matches the Client ID.
Authenticated Parameters
When using Authenticated Parameters, any claim provided by the id-token can be used for the parameter.
Example
kind: authServices
name: my-google-auth
type: google
clientId: ${YOUR_GOOGLE_CLIENT_ID}
{{< notice tip >}} Use environment variable replacement with the format ${ENV_NAME} instead of hardcoding your secrets into the configuration file. {{< /notice >}}
Reference
| field | type | required | description |
|---|---|---|---|
| type | string | true | Must be "google". |
| clientId | string | true | Client ID of your application from registering your application. |