8ca6c39c66
Populate the repo with the Terraform/OpenTofu provider that manages the LiteLLM dynamic secrets engine on Vault/OpenBao via the Vault API. - Provider (VAULT_ADDR/VAULT_TOKEN) with resources litellmvaultsecret_secret_backend (mount + config) and litellmvaultsecret_secret_backend_role (models, max_budget, ttl/max_ttl in seconds, metadata) - Unit tests against a mock Vault API - End-to-end test: builds the sibling plugin, boots Vault + LiteLLM + Postgres, and runs a real terraform apply/destroy asserting key generation works - Makefile, woodpecker CI (build/test/pre-commit), examples, README
58 lines
1.7 KiB
YAML
58 lines
1.7 KiB
YAML
# E2E stack for the provider: Postgres + LiteLLM + a Vault dev server with the
|
|
# litellm plugin mounted. Bind mounts use ":z" for SELinux (Fedora/RHEL).
|
|
services:
|
|
postgres:
|
|
image: postgres:16-alpine
|
|
environment:
|
|
POSTGRES_USER: litellm
|
|
POSTGRES_PASSWORD: litellm
|
|
POSTGRES_DB: litellm
|
|
healthcheck:
|
|
test: ["CMD-SHELL", "pg_isready -U litellm"]
|
|
interval: 3s
|
|
timeout: 3s
|
|
retries: 20
|
|
|
|
litellm:
|
|
image: ghcr.io/berriai/litellm:main-stable
|
|
depends_on:
|
|
postgres:
|
|
condition: service_healthy
|
|
environment:
|
|
LITELLM_MASTER_KEY: sk-master-e2e-1234
|
|
DATABASE_URL: postgresql://litellm:litellm@postgres:5432/litellm
|
|
STORE_MODEL_IN_DB: "True"
|
|
command: ["--config", "/app/config.yaml", "--port", "4000"]
|
|
volumes:
|
|
- ./litellm/config.yaml:/app/config.yaml:ro,z
|
|
ports:
|
|
- "4000:4000"
|
|
healthcheck:
|
|
test: ["CMD", "python", "-c", "import urllib.request,sys; sys.exit(0 if urllib.request.urlopen('http://localhost:4000/health/liveliness').status==200 else 1)"]
|
|
interval: 5s
|
|
timeout: 5s
|
|
retries: 40
|
|
|
|
vault:
|
|
image: hashicorp/vault:1.18
|
|
depends_on:
|
|
litellm:
|
|
condition: service_healthy
|
|
cap_add:
|
|
- IPC_LOCK
|
|
environment:
|
|
VAULT_DEV_ROOT_TOKEN_ID: root
|
|
VAULT_ADDR: http://127.0.0.1:8200
|
|
VAULT_TOKEN: root
|
|
command: ["server", "-dev", "-dev-listen-address=0.0.0.0:8200", "-config=/vault/vault.hcl"]
|
|
volumes:
|
|
- ./plugins:/vault/plugins:ro,z
|
|
- ./vault/vault.hcl:/vault/vault.hcl:ro,z
|
|
ports:
|
|
- "8200:8200"
|
|
healthcheck:
|
|
test: ["CMD", "vault", "status", "-address=http://127.0.0.1:8200"]
|
|
interval: 3s
|
|
timeout: 3s
|
|
retries: 20
|