feature/FIRE 779 get the api key from env

[drorIvry]

• use env if env var is present
• get api key from env var

Summary by CodeRabbit

• New Features
  • CLI now returns and displays a job ID alongside evaluation results, and includes it when generating reports.
  • Added support for a Qualifire API key via a new CLI option; if not provided, the app automatically uses the QUALIFIRE_API_KEY environment variable.
• Documentation
  • Clarified that the scenario parameter for the log evaluation tool is a dictionary, not a string.

[coderabbitai]

Walkthrough

Introduces job_id propagation through the CLI evaluation and reporting flow, adds an optional qualifire_api_key to CLI input, and adds environment-variable fallback for the Qualifire API key in server handlers. Also updates a doc note about a parameter type in evaluator_agent.

Changes

Cohort / File(s)	Summary
Docs note update rogue/evaluator_agent/evaluator_agent.py	Appends a documentation note clarifying that _log_evaluation parameter scenario is a dict, not a string; no runtime changes.
CLI input model rogue/models/cli_input.py	Adds optional field `qualifire_api_key: SecretStr
CLI flow: job_id threading rogue/run_cli.py	Changes return types of run_scenarios and _run_scenarios_with_sdk to `(EvaluationResults
Server Qualifire key fallback rogue/server/api/llm.py	Adds environment-variable fallback (QUALIFIRE_API_KEY) to populate request.qualifire_api_key in generate_summary and report_summary_handler; removes logging of key/IDs/URL.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor U as User
  participant CLI as run_cli
  participant Eval as run_scenarios/_run_scenarios_with_sdk
  participant S as Rogue Server
  participant SDK as SDK.generate_summary
  participant R as create_report

  U->>CLI: Invoke evaluation
  CLI->>Eval: run_scenarios(...)
  Eval->>S: Start evaluation (scenarios, config)
  S-->>Eval: results + job_id
  Eval-->>CLI: (results, job_id)
  alt results present
    CLI->>R: create_report(..., job_id)
    R->>SDK: generate_summary(..., job_id)
    SDK-->>R: report string
    R-->>CLI: report path
  else no results
    CLI-->>U: No results (None, None)
  end

Loading

sequenceDiagram
  autonumber
  participant C as Client
  participant API as server/api/llm.generate_summary
  participant ENV as Process Env
  participant Q as QualifireService

  C->>API: Request (qualifire_api_key? , job_id?)
  alt qualifire_api_key missing
    API->>ENV: Read QUALIFIRE_API_KEY
    ENV-->>API: key (or null)
    API->>API: request.qualifire_api_key = env key if available
  end
  API->>Q: report_summary(..., qualifire_api_key, job_id)
  Q-->>API: summary
  API-->>C: summary

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• FIRE-751 - report to BFF #37: Implements similar Qualifire integration, including job_id propagation and summary/report plumbing, overlapping with this PR’s CLI and server changes.

Suggested reviewers

• yuval-qf
• osher-qualifire

Poem

A hop, a skip, a job_id in tow,
I bound through logs where summaries grow.
A key from the breeze (ENV, shh—don’t tell),
Reports now bloom with a gentle swell.
New fields sprout green in the CLI glen—
Thump-thump! Ship it. We’ll hop again. 🐇✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 50.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title "feature/FIRE 779 get the api key from env" accurately captures the primary change—using an environment variable to obtain the API key—and aligns with the PR objectives and code changes touching server/CLI handling of the Qualifire key. It is concise and focused, though it includes a branch-style prefix and ticket number.

✨ Finishing touches

• 📝 Generate Docstrings

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/FIRE-779-get-the-api-key-from-env

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cursor]

This PR is being reviewed by Cursor Bugbot

Details

You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.

To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.

[cursor]

Bug: API Key Ignored in Report Creation

The qualifire_api_key from CLIInput isn't passed to the create_report function. This causes any Qualifire API key provided via the CLI to be ignored, preventing its use by the server.

 

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

rogue/run_cli.py (1)

364-374: Thread Qualifire API key from CLI/config into create_report.

CLIInput now has qualifire_api_key, but it isn’t passed here. Without server env, remote servers won’t get the key.

Apply this diff to pass it through:

     report_summary = await create_report(
         rogue_server_url=args.rogue_server_url,
         judge_llm=cli_input.judge_llm,
         results=results,
         job_id=job_id,
         output_report_file=cli_input.output_report_file,
         judge_llm_api_key_secret=cli_input.judge_llm_api_key,
+        qualifire_api_key_secret=cli_input.qualifire_api_key,
         deep_test_mode=cli_input.deep_test_mode,
         judge_model=cli_input.judge_llm,
     )

🧹 Nitpick comments (3)

rogue/evaluator_agent/evaluator_agent.py (1)

113-119: Align _send_message_to_evaluated_agent return contract with docs.

Docs say "response" is the other agent's text, but the function returns the full JSON (model_dump_json()). Recommend returning agent_response_text and, if needed, include raw JSON under a different key.

Apply this diff:

-            return {"response": response.model_dump_json()}
+            return {"response": agent_response_text, "raw": response.model_dump_json()}

Also applies to: 588-589

rogue/server/api/llm.py (1)

100-104: Good: env fallback added. Also guard /report_summary when key missing.

Env fallback looks right and avoids logging the secret. In /report_summary, if the key is still absent after fallback, return 400 instead of failing inside the service.

Apply this diff within report_summary_handler after the fallback:

         if not request.qualifire_api_key:
-            env_api_key = os.getenv("QUALIFIRE_API_KEY")
-            if env_api_key:
-                request.qualifire_api_key = env_api_key
+            env_api_key = os.getenv("QUALIFIRE_API_KEY")
+            if env_api_key:
+                request.qualifire_api_key = env_api_key
+        if not request.qualifire_api_key:
+            raise HTTPException(
+                status_code=400,
+                detail="Missing Qualifire API key. Provide it in the request or set QUALIFIRE_API_KEY on the server.",
+            )

Also applies to: 180-184

rogue/run_cli.py (1)

16-86: Add a CLI flag for the Qualifire API key (with env-based guidance).

Expose --qualifire-api-key to allow passing the key when the server env isn’t available.

Add this argument in set_cli_args:

parser.add_argument(
    "--qualifire-api-key",
    required=False,
    help="Qualifire API key. If omitted, the server will use its QUALIFIRE_API_KEY environment variable when available.",
)

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between dc4beb9 and d7c4ef7.

📒 Files selected for processing (4)

• rogue/evaluator_agent/evaluator_agent.py (1 hunks)
• rogue/models/cli_input.py (1 hunks)
• rogue/run_cli.py (7 hunks)
• rogue/server/api/llm.py (3 hunks)

🧰 Additional context used

📓 Path-based instructions (2)

{rogue,tests,examples}/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

{rogue,tests,examples}/**/*.py: Format Python code with Black
Organize imports according to isort conventions
Use type hints for all function signatures
Follow PEP 8 naming (snake_case for variables and functions, PascalCase for classes)
Use try/except blocks for code that may raise exceptions
Ensure code passes flake8 linting
Ensure code passes mypy type checks per .mypy.ini
Address Bandit-reported security issues in Python code

Files:

• rogue/evaluator_agent/evaluator_agent.py
• rogue/models/cli_input.py
• rogue/server/api/llm.py
• rogue/run_cli.py

rogue/**/*.py

📄 CodeRabbit inference engine (AGENTS.md)

Place application/package code under the rogue/ directory

Files:

• rogue/evaluator_agent/evaluator_agent.py
• rogue/models/cli_input.py
• rogue/server/api/llm.py
• rogue/run_cli.py

🧬 Code graph analysis (2)

rogue/server/api/llm.py (2)

sdks/python/rogue_sdk/client.py (1)

• request (79-83)

packages/sdk/src/client.ts (1)

• request (31-79)

rogue/run_cli.py (1)

sdks/python/rogue_sdk/types.py (1)

• EvaluationResults (192-208)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: codestyle
• GitHub Check: Cursor Bugbot

🔇 Additional comments (2)

rogue/run_cli.py (1)

99-100: LGTM: job_id propagation end-to-end.

Tuple returns, wiring, and SDK call updates are coherent and backwards-safe for callers that now unpack (results, job_id).

Also applies to: 126-137, 176-180, 190-191, 221-221, 347-358, 369-369

rogue/models/cli_input.py (1)

18-18: Incorrect — no change required: qualifire_api_key already present on CLIInput.
Field is defined in rogue/models/cli_input.py (line ~18) and is propagated/used across run_cli.py, server/api/llm.py and the SDK; the suggested diff is unnecessary.

Likely an incorrect or invalid review comment.

[coderabbitai]

⚠️ Potential issue

Fix tool doc/signature mismatch for _log_evaluation (scenario_type).

The tool doc omits scenario_type, but the function requires it. This will cause tool-call validation failures. Either document the param as optional or make it optional in code.

Apply this doc tweak:

-3. `_log_evaluation(scenario: dict, context_id: str, evaluation_passed: bool, reason: str)` NOTE: THE SCENARIO IS A DICTIONARY NOT A STRING
+3. `_log_evaluation(scenario: dict, context_id: str, evaluation_passed: bool, reason: str, scenario_type: Optional[str] = None)` NOTE: THE SCENARIO IS A DICTIONARY NOT A STRING

And make the code accept it as optional (outside this hunk):

# Change signature to:
def _log_evaluation(
    self,
    scenario: dict[str, str],
    context_id: str,
    evaluation_passed: bool,
    reason: str,
    scenario_type: Optional[str] = None,
) -> None:
    ...

🤖 Prompt for AI Agents

In rogue/evaluator_agent/evaluator_agent.py around line 120, the tool doc and
function signature for _log_evaluation are out of sync: the doc omits
scenario_type while the function requires it, and the doc incorrectly states
scenario is a string (it’s a dict). Update the docstring to document scenario as
dict[str, str] and add an optional scenario_type parameter, and change the
function signature to accept scenario_type: Optional[str] = None so tool-call
validation passes; ensure all internal uses handle scenario_type possibly being
None.

[yuval-qf]

LGTM