chore(ci): optimize adding cache, audit and toolchain

[Lingikaushikreddy]

Changes

• CI/CD Optimization:
  • Implemented swatinem/rust-cache to significantly reduce build times by caching Cargo dependencies.
  • Added cargo-audit to automatically check for security vulnerabilities in dependencies.
  • Pinned the Rust toolchain using dtolnay/rust-toolchain for stability.
• Code Quality:
  • Refactored src/providers/openai/provider.rs to replace legacy eprintln! calls with tracing::error! for proper integration with OpenTelemetry.
• Documentation:
  • Updated CHANGELOG.md with the new version details.

Changes Checklist

• CI Build passes (Caching enabled)
• Security audit added
• • cargo clippy passes clean
• Structured logging implemented inopenAI provider

Verification

Verified locally with:

cargo

<!-- ELLIPSIS_HIDDEN -->

----

> [!IMPORTANT]
> Optimize CI/CD with caching and security checks, and enhance OpenAI provider logging for better observability.
> 
>   - **CI/CD Optimization**:
>     - Implement `swatinem/rust-cache` in `.github/workflows/ci.yml` to cache Cargo dependencies, reducing build times.
>     - Add `cargo-audit` in `.github/workflows/ci.yml` for automatic security vulnerability checks.
>     - Pin Rust toolchain using `dtolnay/rust-toolchain` in `.github/workflows/ci.yml` for stability.
>   - **Code Quality**:
>     - Replace `eprintln!` with `tracing::error!` in `src/providers/openai/provider.rs` for better OpenTelemetry integration.
>   - **Documentation**:
>     - Update `CHANGELOG.md` with version `0.7.2` details, including CI/CD and logging changes.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis" src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=traceloop%2Fhub&utm_source=github&utm_medium=referral)<sup> for 61ab819dad9a308e1ebe393a4283480e6b5f7438. You can [customize](https://app.ellipsis.dev/traceloop/settings/summaries) this summary. It will automatically update as commits are pushed.</sup>

<!-- ELLIPSIS_HIDDEN -->

<!-- This is an auto-generated comment: release notes by coderabbit.ai -->
## Summary by CodeRabbit

* **Chores**
  * CI improvements: stable Rust toolchain setup, dependency caching, and automated security audits for more reliable builds.
  * Added a new development version entry (v0.7.2-dev) to the changelog.

* **Bug Fixes**
  * Improved error visibility via structured logging and stricter error-level reporting across OpenAI provider operations.

<sub>✏️ Tip: You can customize this high-level summary in your review settings.</sub>
<!-- end of auto-generated comment: release notes by coderabbit.ai -->

[CLAassistant]

All committers have signed the CLA.

[coderabbitai]

📝 Walkthrough

Walkthrough

Adds Rust toolchain install, dependency caching, and a cargo-audit step to CI; changes OpenAI provider logging to structured error-level logs; adds a new changelog entry v0.7.2-dev documenting these updates.

Changes

Cohort / File(s)	Summary
CI/CD Pipeline /.github/workflows/ci.yml	Added post-checkout steps to install Rust via dtolnay/rust-toolchain@stable (with clippy and rustfmt), cache dependencies via swatinem/rust-cache@v2, and run actions-rust-lang/audit@v1 before existing format/clippy/build/test steps.
OpenAI Provider Logging src/providers/openai/provider.rs	Replaced info! and eprintln! usages with error! structured logging across request send, response parsing, and non-success branches; updated imports to tracing::error. Review focus: log context and sensitive-data leakage.
Release Notes CHANGELOG.md	Added v0.7.2-dev entry documenting CI additions (toolchain, caching, audit) and a Fix noting migration of OpenAI provider to structured logging.

Sequence Diagram(s)

(omitted — changes are CI additions and logging-level adjustments that don't introduce a new multi-component runtime control flow)

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Poem

🐇 I hopped through CI with a curious twitch,
Toolchains snug, dependencies stitched,
An audit peered where shadows play,
Errors now shout the things they say,
I munch on logs and skip to pitch 🥕

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately reflects the main CI/CD optimization focus of the PR, specifically mentioning cache, audit, and toolchain additions to the workflow.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ellipsis-dev]

Important

Looks good to me! 👍

Reviewed everything up to 61ab819 in 1 minute and 51 seconds. Click for details.

• Reviewed 133 lines of code in 4 files
• Skipped 0 files when reviewing.
• Skipped posting 3 draft comments. View those below.
• Modify your settings and rules to customize what types of comments Ellipsis leaves. And don't forget to react with 👍 or 👎 to teach Ellipsis.

1. src/providers/openai/provider.rs:125

• Draft comment:
  Avoid using unwrap() on response.text().await in error branches; if reading the error body fails, it could panic. Consider using a safe fallback like unwrap_or_default() or proper error handling.
• Reason this comment was not posted:
  Comment was on unchanged code.

2. src/providers/openai/provider.rs:72

• Draft comment:
  Ensure configuration consistency: key() returns config.key but requests use config.api_key for the Authorization header. Verify these fields represent the same value to avoid authentication issues.
• Reason this comment was not posted:
  Comment was not on a location in the diff, so it can't be submitted as a review comment.

3. CHANGELOG.md:3

• Draft comment:
  Typo: '### Ci' should likely be '### CI' since 'CI' is an acronym for Continuous Integration.
• Reason this comment was not posted:
  Decided after close inspection that this draft comment was likely wrong and/or not actionable: usefulness confidence = 15% vs. threshold = 50% This is a stylistic comment about capitalization in a CHANGELOG file. While "CI" is technically an acronym, the existing changelog uses a consistent style where section headers are in title case (e.g., "### Feat", "### Fix"). The comment suggests breaking this consistency by making "CI" all caps. This appears to be a minor stylistic preference rather than a clear bug or issue. The rules state not to comment on things that are obvious or unimportant, and this seems to fall into that category. Additionally, changelog formatting is often automated or follows a specific convention, and "Ci" might be intentional to match the style. However, I could be wrong - maybe "CI" being an acronym is important enough that it should be all caps regardless of the style guide. Some projects do capitalize acronyms even in title case contexts. Without knowing the project's specific style guide, I can't be 100% certain this is wrong. While there might be a style guide that prefers "CI", the existing changelog clearly uses title case for all section headers ("Feat", "Fix"), making "Ci" consistent with the established pattern. This is a minor stylistic preference without strong evidence it's incorrect, and the rules say not to make comments that are obvious or unimportant. This comment should be deleted. It's a minor stylistic suggestion that goes against the existing consistent pattern in the changelog where section headers use title case. There's no strong evidence this is incorrect, and it falls under "obvious or unimportant" comments that should be avoided.

Workflow ID: wflow_NqSYVmdkpOwuRQs8

^{You can customize by changing your verbosity settings, reacting with 👍 or 👎, replying to comments, or adding code review rules.}

[coderabbitai]

Actionable comments posted: 1

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (3)

src/providers/openai/provider.rs (3)

125-130: Replace .unwrap() to prevent potential panics.

Line 127 calls .unwrap() on response.text().await, which will panic if the response body cannot be read. This can crash the service when handling upstream errors.

🔎 Proposed fix

         } else {
-            error!(
-                "OpenAI API request error: {}",
-                response.text().await.unwrap()
-            );
+            let error_text = response
+                .text()
+                .await
+                .unwrap_or_else(|e| format!("Failed to read error response: {}", e));
+            error!("OpenAI API request error: {}", error_text);
             Err(StatusCode::from_u16(status.as_u16()).unwrap_or(StatusCode::INTERNAL_SERVER_ERROR))
         }

---

157-162: Replace .unwrap() to prevent potential panics.

Line 159 calls .unwrap() on response.text().await, which will panic if the response body cannot be read. This can crash the service when handling upstream errors.

🔎 Proposed fix

         } else {
-            error!(
-                "OpenAI API request error: {}",
-                response.text().await.unwrap()
-            );
+            let error_text = response
+                .text()
+                .await
+                .unwrap_or_else(|e| format!("Failed to read error response: {}", e));
+            error!("OpenAI API request error: {}", error_text);
             Err(StatusCode::from_u16(status.as_u16()).unwrap_or(StatusCode::INTERNAL_SERVER_ERROR))
         }

---

189-194: Replace .unwrap() to prevent potential panics.

Line 191 calls .unwrap() on response.text().await, which will panic if the response body cannot be read. This can crash the service when handling upstream errors.

🔎 Proposed fix

         } else {
-            error!(
-                "OpenAI API request error: {}",
-                response.text().await.unwrap()
-            );
+            let error_text = response
+                .text()
+                .await
+                .unwrap_or_else(|e| format!("Failed to read error response: {}", e));
+            error!("OpenAI API request error: {}", error_text);
             Err(StatusCode::from_u16(status.as_u16()).unwrap_or(StatusCode::INTERNAL_SERVER_ERROR))
         }

🧹 Nitpick comments (1)

src/providers/openai/provider.rs (1)

104-130: Consider differentiating log levels for client vs. server errors.

All non-success HTTP responses are currently logged at error! level. For better observability, consider logging 4xx client errors at warn! level and reserving error! for 5xx server errors and request failures.

Example pattern for chat_completions

} else {
    let error_text = response
        .text()
        .await
        .unwrap_or_else(|e| format!("Failed to read error response: {}", e));
    
    if status.is_client_error() {
        tracing::warn!("OpenAI API client error: {}", error_text);
    } else {
        error!("OpenAI API server error: {}", error_text);
    }
    
    Err(StatusCode::from_u16(status.as_u16()).unwrap_or(StatusCode::INTERNAL_SERVER_ERROR))
}

Apply similar patterns to completions and embeddings methods.

Also applies to: 146-162, 178-194

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 25672a0 and 61ab819.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (3)

• .github/workflows/ci.yml
• CHANGELOG.md
• src/providers/openai/provider.rs

🔇 Additional comments (4)

CHANGELOG.md (1)

1-12: LGTM! Changelog entry is well-structured.

The v0.7.2-dev changelog entry accurately documents the CI/CD improvements and the OpenAI provider logging migration. The format is consistent with existing entries.

.github/workflows/ci.yml (2)

19-22: LGTM! Rust toolchain setup is correct.

The use of dtolnay/rust-toolchain@stable with clippy and rustfmt components is appropriate and follows best practices for Rust CI pipelines.

---

23-24: LGTM! Dependency caching is properly configured.

Using swatinem/rust-cache@v2 will significantly reduce build times by caching Cargo dependencies and build artifacts.

src/providers/openai/provider.rs (1)

14-14: LGTM! Import updated for structured logging migration.

The change from tracing::info to tracing::error aligns with the migration to error-level logging.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

• Linear integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 61ab819 and bebf86d.

📒 Files selected for processing (1)

• .github/workflows/ci.yml

🔇 Additional comments (2)

.github/workflows/ci.yml (2)

23-24: LGTM!

The use of swatinem/rust-cache@v2 is appropriate and will effectively reduce build times by caching Cargo dependencies.

---

25-26: LGTM! Past review concern addressed.

The security audit now uses actions-rust-lang/audit@v1, which is the actively maintained action recommended in the previous review. This properly addresses the concern about using an unmaintained action.

[doronkopit5]

@Lingikaushikreddy Thanks for the contrib!
please address my comments - as you can see CI fails right now

[doronkopit5]

please revert this bump - we do this automatically using commitezen

[doronkopit5]

please revert here as well, this file is automated

[doronkopit5]

Im not sure this should be part of the build - you can see it fails CI right now and doesn't even state why
Maybe create a new step for this