feat: add native SAP AI Core support

Adds a new 'aicore' LLM provider that authenticates directly with SAP AI Core using OAuth client credentials. This eliminates the need for an external proxy (hai-aicore or hai) when running review-bot in SAP environments. Key changes: - New llm/aicore.go with AICoreClient for OAuth token management and deployment discovery - Thread-safe token caching with automatic refresh before expiry - Automatic routing to /invoke (Anthropic) or /chat/completions (OpenAI) based on model name - New CLI flags: --aicore-client-id, --aicore-client-secret, --aicore-auth-url, --aicore-api-url, --aicore-resource-group - Updated action.yml with corresponding inputs - Comprehensive test coverage for AI Core client Example usage in CI: llm-provider: aicore llm-model: anthropic--claude-4.6-sonnet aicore-client-id: ${{ secrets.AICORE_CLIENT_ID }} aicore-client-secret: ${{ secrets.AICORE_CLIENT_SECRET }} aicore-auth-url: ${{ secrets.AICORE_AUTH_URL }} aicore-api-url: ${{ secrets.AICORE_API_URL }} Closes #49
2026-05-08 17:49:26 -07:00
parent 2089ca0f2d
commit cf453504cb
6 changed files with 967 additions and 17 deletions
@@ -1,6 +1,6 @@
 // Package llm provides clients for LLM chat completion APIs.
 //
-// Supports OpenAI-compatible (default) and Anthropic Messages API providers.
+// Supports OpenAI-compatible (default), Anthropic Messages API, and SAP AI Core providers.
 package llm

 import (
@@ -22,6 +22,8 @@ const (
 	ProviderOpenAI Provider = "openai"
 	// ProviderAnthropic uses the Anthropic Messages API endpoint.
 	ProviderAnthropic Provider = "anthropic"
+	// ProviderAICore uses SAP AI Core with OAuth authentication.
+	ProviderAICore Provider = "aicore"
 )

 // Client calls an LLM chat completion API.
@@ -35,6 +37,7 @@ type Client struct {
 	temperature float64
 	provider    Provider
 	http        *http.Client
+	aicore      *AICoreClient // Only set when provider is aicore
 }

 // NewClient creates a new LLM client. Default provider is OpenAI-compatible.
@@ -60,12 +63,20 @@ func (c *Client) WithTemperature(t float64) *Client {
 	return c
 }

-// WithProvider sets the API provider format (openai or anthropic).
+// WithProvider sets the API provider format (openai, anthropic, or aicore).
 func (c *Client) WithProvider(p Provider) *Client {
 	c.provider = p
 	return c
 }

+// WithAICore configures the client to use SAP AI Core for authentication.
+// This sets the provider to aicore automatically.
+func (c *Client) WithAICore(cfg AICoreConfig) *Client {
+	c.provider = ProviderAICore
+	c.aicore = NewAICoreClient(cfg)
+	return c
+}
+
 // Message represents a chat message.
 type Message struct {
 	Role    string `json:"role"`
@@ -82,6 +93,8 @@ func (c *Client) Complete(ctx context.Context, messages []Message) (string, erro
 		switch c.provider {
 		case ProviderAnthropic:
 			result, err = c.completeAnthropic(ctx, messages)
+		case ProviderAICore:
+			result, err = c.completeAICore(ctx, messages)
 		default:
 			result, err = c.completeOpenAI(ctx, messages)
 		}
@@ -106,6 +119,18 @@ func (c *Client) Complete(ctx context.Context, messages []Message) (string, erro
 	return "", err
 }

+// completeAICore routes to AI Core using the appropriate endpoint based on model type.
+func (c *Client) completeAICore(ctx context.Context, messages []Message) (string, error) {
+	if c.aicore == nil {
+		return "", fmt.Errorf("AI Core client not configured")
+	}
+
+	if IsAnthropicModel(c.model) {
+		return c.aicore.CompleteAnthropic(ctx, c.model, messages, 8192, c.temperature)
+	}
+	return c.aicore.CompleteOpenAI(ctx, c.model, messages, c.temperature)
+}
+
 // isRetryableError returns true for transient errors worth retrying.
 func isRetryableError(err error) bool {
 	if err == nil {