Add integration tests for agent with guardrails #378
Conversation
apetraru-uipath
force-pushed
the
chore/tests_for_guardrails
branch
6 times, most recently
from
3876794 to
f260a25
Compare
tests/cli/conftest.py
Outdated
| def mock_guardrails_service(): | ||
| """Mock the guardrails service to avoid HTTP errors in tests.""" | ||
|
|
||
| class MockGuardrailValidationResult(BaseModel): |
There was a problem hiding this comment.
Why do we need this new class? Cann't we use the GuardrailValidationResult class?
There was a problem hiding this comment.
Agree, I will delete this mock class
| "enabledForEvals": true, | ||
| "selector": { | ||
| "scopes": ["Tool"], | ||
| "matchNames": ["Agent _ Sentence Analyzer"] |
There was a problem hiding this comment.
Is this the correct tool name? with spaces?
There was a problem hiding this comment.
I've downloaded the uis archive and in agent.json the tool names are always with spaces:
We can double check, I know that I had to change the input files agent.json to have tools original names.
| ) | ||
|
|
||
| # Block Guardrail for Tool - blocks if input matches forbidden pattern | ||
| # Note: Using CONTAINS operator as MATCHES_REGEX has issues with the current implementation |
There was a problem hiding this comment.
What is this note about? What exactly is not working with CONTAINS?
There was a problem hiding this comment.
It was an issue with Regex matching, probably it was under development at the time I added the tests.
I will add a test specifically for regex, to check if it works as expected
| guardrails = build_guardrails_with_actions( | ||
| [ | ||
| custom_filter_guardrail, | ||
| pii_detection_guardrail, |
There was a problem hiding this comment.
Can we give them more explicit names, where to include the scope and action? Like block_agent_pii_detection_guardrail and so on...
There was a problem hiding this comment.
I did this. Moreover, I changed how agent is constructed for each test case so that we have only one guardrail configured for the agent per test
| ] | ||
|
|
||
|
|
||
| # Define guardrails programmatically (matching the uipath.json configuration) |
There was a problem hiding this comment.
Do we need to pass guardrails in the joke_agent_uipath.json file? I see that they are not in sync anyway so it looks like it doesn't matter to have them there as well?
There was a problem hiding this comment.
I've changed the approach to have in joke_agent_uipath.json a template and to select the guardrails at each test.
I prefer to have that agent template configuration in a file instead of inline-ing it into every test case
| # Setup files | ||
| with open("joke_agent_with_guardrails.py", "w", encoding="utf-8") as f: | ||
| f.write(joke_agent_script) | ||
| with open("uipath.json", "w", encoding="utf-8") as f: |
There was a problem hiding this comment.
What file do we use exacly here? "uipath.json"?
There was a problem hiding this comment.
Good catch, we only use joke_agent_with_guardrails.py and langgraph.json. I will update the setup.
|
|
||
| if not has_tool_message: | ||
| # First call: return tool call WITH "donkey" in the sentence | ||
| return AIMessage( |
There was a problem hiding this comment.
I don't really understand the real value of these tests, since we mock the model responses. How will these tests protect us in case the model response change?
There was a problem hiding this comment.
The scope of those tests (at first version) is to protect us against internal changes (someone updates something in guardrails code). My first intention was to mock any external interactions.
I can check (in another PR) if I can use a real LLM.... but those I see them as tests that are checking if external tools are working as required by us.
apetraru-uipath
force-pushed
the
chore/tests_for_guardrails
branch
from
f260a25 to
3ceef2c
Compare
Add comprehensive integration tests for guardrails at different scopes: - Agent-level guardrails (PII detection) - LLM-level guardrails (Prompt injection) - Tool-level guardrails (Filter, Block, and PII detection) Tests verify that guardrails are properly invoked and block/filter as expected.
apetraru-uipath
force-pushed
the
chore/tests_for_guardrails
branch
from
3ceef2c to
052c5cf
Compare
2 participants
Integration Tests for Agent Guardrails
Overview
Adds comprehensive integration tests for agent guardrails, verifying proper invocation and enforcement at Agent, LLM, and Tool scopes.
Guardrails Tested
Built-in Validators
Custom Deterministic Guardrails
input_phrasefield when containing "donkey"Actions Tested