Skip to content

ISSUE-690: Create AI model whitelist configuration#693

Open
Naragod wants to merge 9 commits intomasterfrom
ISSUE-690_enable_ai_model_whitelist_configuration
Open

ISSUE-690: Create AI model whitelist configuration#693
Naragod wants to merge 9 commits intomasterfrom
ISSUE-690_enable_ai_model_whitelist_configuration

Conversation

@Naragod
Copy link
Contributor

@Naragod Naragod commented Jan 13, 2026
edited
Loading

Description:

We wish to dynamically whitelist AI models available for use. To prevent the potential exposure of sensitive data when autograding/autotesting assignments, we wish to restrict usage to remote models.

Implementation

Allow users when creating an assignment the ability to submit a whitelist of available models. When the autotest is ran, any models used missing from this list will fail to execute.

Note

This PR is dependent on USTORY-549.

@Naragod Naragod added this to the v2.9.1 milestone Jan 13, 2026
@Naragod Naragod requested a review from donny-wong January 13, 2026 19:04
@Naragod Naragod linked an issue Jan 13, 2026 that may be closed by this pull request
Create a configuration setting for a list of allowed remote AI models #690
Open
@Naragod Naragod force-pushed the ISSUE-690_enable_ai_model_whitelist_configuration branch 2 times, most recently from 94bd5bf to 96d131b Compare January 13, 2026 19:13
donny-wong
donny-wong reviewed Jan 28, 2026
View reviewed changes
Copy link
Contributor

@donny-wong donny-wong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Naragod , I think you misunderstood the requirements for this Issue. We specifically would like to whitelist what is allowed to put in the remote_url argument for the RemoteModel class.

@Naragod Naragod force-pushed the ISSUE-690_enable_ai_model_whitelist_configuration branch from 1c5c352 to a908525 Compare February 1, 2026 00:26
@Naragod
Copy link
Contributor Author

Naragod commented Feb 1, 2026

Hi @Naragod , I think you misunderstood the requirements for this Issue. We specifically would like to whitelist what is allowed to put in the remote_url argument for the RemoteModel class.

Hi @donny-wong I have made some changes. Please take a look.

@donny-wong
Copy link
Contributor

donny-wong commented Feb 2, 2026

Hi @Naragod , I think you misunderstood the requirements for this Issue. We specifically would like to whitelist what is allowed to put in the remote_url argument for the RemoteModel class.

Hi @donny-wong I have made some changes. Please take a look.

Will mention here

Hi @Naragod , I think you misunderstood the requirements for this Issue. We specifically would like to whitelist what is allowed to put in the remote_url argument for the RemoteModel class.

Hi @donny-wong I have made some changes. Please take a look.

Will document here what we spoke about: We will not use a whitelist file but instead put the list of allowed endpoint urls in the settings.yml file.

donny-wong
donny-wong reviewed Feb 2, 2026
View reviewed changes
@Naragod Naragod force-pushed the ISSUE-690_enable_ai_model_whitelist_configuration branch from 34b2621 to 831c2b4 Compare February 2, 2026 16:56
@Naragod Naragod force-pushed the ISSUE-690_enable_ai_model_whitelist_configuration branch from 0cbcffe to 362ccd9 Compare February 2, 2026 18:03
@Naragod Naragod requested a review from donny-wong February 3, 2026 15:25
@Naragod Naragod force-pushed the ISSUE-690_enable_ai_model_whitelist_configuration branch from 05f7be1 to 362ccd9 Compare February 6, 2026 16:32
@Naragod Naragod requested a review from david-yz-liu February 6, 2026 16:33
donny-wong
donny-wong reviewed Feb 11, 2026
View reviewed changes
donny-wong
donny-wong reviewed Feb 18, 2026
View reviewed changes
Copy link
Contributor

@donny-wong donny-wong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good job @Naragod! I left a few comments.

server/autotest_server/testers/ai/ai_tester.py
self.tags = []

# Default remote URL used by RemoteModel when none is specified
DEFAULT_REMOTE_URL = "https://polymouth.teach.cs.toronto.edu:443/chat"
Copy link
Contributor

@donny-wong donny-wong Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please make values like this as a setting configuration.

server/autotest_server/testers/ai/settings_schema.json
},
"submission": { "type": "string" },
"model": { "type": "string" },
"remote_url": { "type": "string" },
Copy link
Contributor

@donny-wong donny-wong Feb 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not needed for this PR. Settings_schema is when we want to modify the MarkUs UI automated tests settings.

@donny-wong donny-wong removed the request for review from david-yz-liu February 18, 2026 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@donny-wong donny-wong donny-wong left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

v2.9.1

Development

Successfully merging this pull request may close these issues.

Create a configuration setting for a list of allowed remote AI models

2 participants

@Naragod @donny-wong

Comments