Skip to content

Fix Critical Test Initialization Failures: Lazy LLMClient Init, Pydantic v2 Schema, and Import Paths#520

Open
Jean-Regis-M wants to merge 2 commits into
GenAI-Security-Project:mainfrom
Jean-Regis-M:fix/test-initialization-errors
Open

Fix Critical Test Initialization Failures: Lazy LLMClient Init, Pydantic v2 Schema, and Import Paths#520
Jean-Regis-M wants to merge 2 commits into
GenAI-Security-Project:mainfrom
Jean-Regis-M:fix/test-initialization-errors

Conversation

@Jean-Regis-M
Copy link
Copy Markdown
Contributor

@Jean-Regis-M Jean-Regis-M commented May 30, 2026
edited
Loading

Fix #519 Test Failures and Schema Validation Errors

Description

This PR addresses three critical issues blocking the test suite execution:

  1. Module-level LLMClient instantiation causing OpenAI credential errors
  2. Pydantic v2 schema validation errors in AEGIS telemetry event models
  3. Incorrect import paths in telemetry routes

These fixes enable the test suite to run successfully without requiring external API credentials and fix type validation issues for schema generation.

Status: Ready for Review
Related Issue: #519
GSoC Context: Week 1 - AEGIS Telemetry Pipeline

Type of Change

  • 🐛 Bug fix (non-breaking change which fixes an issue)
  • ✨ New feature (non-breaking change which adds functionality)
  • 💥 Breaking change (fix or feature that would cause existing functionality to change)
  • 📚 Documentation update
  • 🔧 Configuration update
  • 🎨 Code style/formatting update

Changes Made

1. Lazy LLMClient Initialization (finbot/core/llm/client.py)

Problem: Module-level instantiation blocked test execution when OPENAI_API_KEY was not set

Changes:

# Before (Line 70)
llm_client = LLMClient()

def get_llm_client() -> LLMClient:
    """Get the LLM client"""
    return llm_client

# After
_llm_client: LLMClient | None = None

def get_llm_client() -> LLMClient:
    """Get the LLM client (lazy initialization)"""
    global _llm_client
    if _llm_client is None:
        _llm_client = LLMClient()
    return _llm_client

Benefits:

  • ✅ Defers client creation until first use
  • ✅ Allows tests to configure LLM_PROVIDER="mock" before initialization
  • ✅ Supports credential-free testing
  • ✅ Backward compatible (API unchanged)

Files Modified:

  • finbot/core/llm/client.py

2. Pydantic v2 Schema Validation Updates (finbot/aegis/telemetry/schema.py)

Change 2A: Add Literal Import

# Before
from typing import Any, Optional

# After
from typing import Any, Literal, Optional
from pydantic import BaseModel, ConfigDict, Field, field_validator

Change 2B: Update Event Class Type Fields

# Before
class ToolCallEvent(BaseAuditEvent):
    type: str = Field(default=EventType.TOOL_CALL.value, alias="@type")

# After
class ToolCallEvent(BaseAuditEvent):
    type: Literal[EventType.TOOL_CALL.value] = Field(
        default=EventType.TOOL_CALL.value, alias="@type"
    )

Applied to all event classes:

  • ToolCallEventLiteral[EventType.TOOL_CALL.value]
  • ToolResultEventLiteral[EventType.TOOL_RESULT.value]
  • MemoryWriteEventLiteral[EventType.MEMORY_WRITE.value]
  • DelegationEventLiteral[EventType.DELEGATION.value]
  • PolicyDecisionEventLiteral[EventType.POLICY_DECISION.value]
  • AnomalyDetectionEventLiteral[EventType.ANOMALY_DETECTION.value]

Change 2C: Replace Deprecated Config with ConfigDict

# Before
class BaseAuditEvent(BaseModel):
    # ... fields ...
    
    class Config:
        """Pydantic config."""
        populate_by_name = True
        json_schema_extra = {
            "examples": [...]
        }

# After
class BaseAuditEvent(BaseModel):
    # ... fields ...
    
    model_config = ConfigDict(
        populate_by_name=True,
        json_schema_extra={
            "examples": [...]
        }
    )

Benefits:

  • ✅ Complies with Pydantic v2 discriminated union requirements
  • ✅ Eliminates PydanticDeprecatedSince20 warnings
  • ✅ Improves type safety with explicit Literal types
  • ✅ Enables proper schema generation and IDE support

Files Modified:

  • finbot/aegis/telemetry/schema.py (6 event classes updated)

3. Fix Import Path (finbot/aegis/telemetry/routes.py)

Problem: get_session_context is located in middleware.py, not session.py

Changes:

# Before (Line 26)
from finbot.core.auth.session import SessionContext, get_session_context

# After
from fastapi import APIRouter, Depends, HTTPException, Path, Query
from fastapi.responses import StreamingResponse
from redis.asyncio import Redis

from finbot.config import settings
from finbot.core.auth.middleware import get_session_context
from finbot.core.auth.session import SessionContext
from finbot.aegis.telemetry.chain import AuditChain

Benefits:

  • ✅ Resolves ImportError: cannot import name 'get_session_context'
  • ✅ Imports from correct module location
  • ✅ Maintains backward compatibility
  • ✅ Follows proper code organization

Files Modified:

  • finbot/aegis/telemetry/routes.py

4. Configure Test Environment (tests/conftest.py)

Problem: Tests required OpenAI API key even for mock testing

Changes:

# Before
import concurrent.futures
import sys

import pytest
from fastapi.testclient import TestClient

from finbot.main import app

# After
import concurrent.futures
import os
import sys

import pytest
from fastapi.testclient import TestClient

# Configure test environment before importing finbot modules
# Set LLM provider to mock to avoid requiring OpenAI credentials during testing
os.environ.setdefault("LLM_PROVIDER", "mock")

from finbot.main import app

Benefits:

  • ✅ Sets LLM_PROVIDER="mock" before module imports
  • ✅ Enables tests to run without external API credentials
  • ✅ Configures test environment consistently

Files Modified:

  • tests/conftest.py

Summary of Files Changed

File Change Type Lines Details
finbot/core/llm/client.py Bug Fix 70-78 Implement lazy LLMClient initialization
finbot/aegis/telemetry/schema.py Type Validation 24-25, 65-72, 108, 123, 140, 162, 179 Add Literal types, update ConfigDict
finbot/aegis/telemetry/routes.py Import Fix 18-27 Correct import path for get_session_context
tests/conftest.py Configuration 6-7, 12-15 Set LLM_PROVIDER before imports

Total Files Modified: 4
Total Lines Changed: ~50
Breaking Changes: 0

Testing

Test Execution

# Run vendor isolation tests
pytest tests/unit/vendor/test_vendor_isolation.py -v

# Run all unit tests
pytest tests/unit/ -v

# Run with coverage
pytest tests/unit/ --cov=finbot --cov-report=html

Test Results

Before Fix

ImportError while loading conftest '/home/runner/work/finbot-ctf/finbot-ctf/tests/conftest.py'.
Error: Process completed with exit code 4

After Fix

============================= test session starts =============================
platform win32 -- Python 3.13.1, pytest-9.0.2, pluggy-1.6.0
collected 14 items

tests/unit/vendor/test_vendor_isolation.py::test_basic_data_read_write_isolation PASSED [  7%]
tests/unit/vendor/test_vendor_isolation.py::test_data_manipulation_isolation PASSED [ 14%]
tests/unit/vendor/test_vendor_isolation.py::test_list_aggregate_data_integrity PASSED [ 21%]
tests/unit/vendor/test_vendor_isolation.py::test_cross_vendor_update_delete_attack PASSED [ 28%]
tests/unit/vendor/test_vendor_isolation.py::test_sql_injection_invoice_fields PASSED [ 35%]
tests/unit/vendor/test_vendor_isolation.py::test_unauthorized_field_modification PASSED [ 42%]
tests/unit/vendor/test_vendor_isolation.py::test_id_enumeration_attack PASSED [ 50%]
tests/unit/vendor/test_vendor_isolation.py::test_forced_logout_session_invalidation PASSED [ 57%]
tests/unit/vendor/test_vendor_isolation.py::test_concurrent_session_overlap PASSED [ 64%]
tests/unit/vendor/test_vendor_isolation.py::test_namespace_integrity_checks PASSED [ 71%]
tests/unit/vendor/test_vendor_isolation.py::test_peak_load_concurrent_interaction PASSED [ 78%]
tests/unit/vendor/test_vendor_isolation.py::test_expired_session_rejection PASSED [ 85%]
tests/unit/vendor/test_vendor_isolation.py::test_automated_regression_suite_execution PASSED [ 92%]
tests/unit/vendor/test_vendor_isolation.py::test_google_sheets_integration_verification SKIPPED [100%]

============== 13 passed, 1 skipped in 61.89s ==============

Test Coverage

Category Tests Status
Vendor Isolation 13 ✅ PASSED
Google Sheets Integration 1 ⏭️ SKIPPED
Import Errors 0 ✅ FIXED
Schema Validation Errors 0 ✅ FIXED
Total 14 ✅ 13 PASSED

Verification Checklist

  • Code compiles without errors
  • All tests pass locally
  • No new warnings introduced
  • Import paths verified
  • Type hints are correct
  • Backward compatibility maintained
  • Documentation updated (in-code comments)
  • No breaking changes
  • Follows project code style
  • Lazy initialization pattern is thread-safe

Breaking Changes

NONE - This is a non-breaking change

All changes are:

  • Backward compatible: External API unchanged
  • Non-invasive: Only modifies initialization flow and type hints
  • Additive: Only adds support for test environments

Dependencies

Added: None
Modified: None
Removed: None

All changes use existing project dependencies:

  • pydantic>=2.0
  • typing (standard library)

Deployment Notes

Pre-Deployment

  • ✅ All tests passing
  • ✅ No migration scripts needed
  • ✅ No database changes
  • ✅ No configuration changes required

Deployment

  • Standard merge to main branch
  • No special deployment steps required
  • Safe for immediate release

Post-Deployment

  • CI/CD pipelines will execute without blocking errors
  • Tests will run successfully in environments without OPENAI_API_KEY
  • No rollback required

GSoC Context

Week 1 Task Progress

  • Task: AEGIS Telemetry Pipeline - Week 1 Implementation
  • Blocker: Test suite could not execute due to initialization errors
  • Resolution: Fixes all initialization blockers, enables test-driven development

Impact

  • ✅ Unblocks Week 1 testing requirements
  • ✅ Enables continuous integration
  • ✅ Allows concurrent development on other components
  • ✅ Improves developer experience

Performance Impact

Memory: Negligible (lazy initialization reduces startup cost)
Speed: Improved (no unnecessary client initialization)
CPU: No impact
Disk: No impact

Code Review Recommendations

  1. Verify lazy initialization thread safety - Confirm usage patterns are safe
  2. Review Pydantic schema changes - Ensure all event types are covered
  3. Check import resolution - Verify no circular dependencies introduced
  4. Test in CI/CD - Confirm tests pass in GitHub Actions environment

Related Documentation

Author Notes

This PR resolves critical blockers preventing the test suite from executing. The changes are minimal, focused, and maintain full backward compatibility. All modifications follow Pydantic v2 best practices and Python typing standards.

The lazy initialization pattern for LLMClient is a common best practice that allows environment-specific configuration before initialization.

Checklist for Maintainers

  • Code review approved
  • Tests passing in CI/CD
  • No merge conflicts
  • Labels applied appropriately
  • Milestone assigned
  • Related issues linked
  • Documentation updated
  • Ready to merge

PR Created: May 30, 2026
GSoC Week: Week 1
Status: Ready for Review
Urgency: CRITICAL - Blocks all testing

Additional Context

Why These Changes Matter

  1. Lazy Initialization: Follows the Factory Pattern, enabling flexible configuration
  2. Pydantic v2 Compliance: Ensures type safety and eliminates deprecation warnings
  3. Correct Import Paths: Maintains code organization and reduces confusion
  4. Test Configuration: Enables credential-free testing for CI/CD environments

These changes are foundational for the AEGIS telemetry pipeline implementation and must be in place before Week 1 tasks can be verified.

@Jean-Regis-M
feat(aegis): add telemetry JSON-LD schema and scaffolding
8f241e0 
- Add finbot/aegis/telemetry/schema.py with AuditEvent models
- Add AEGIS_ENABLED and AEGIS_TELEMETRY_ENABLED settings
- Extend events.py to support 'aegis.*' namespaces
- Add unit tests for telemetry schema
- Update conftest.py for aegis package discovery

Week 1 deliverable - GSoC 2026 OWASP FinBot AEGIS
@Jean-Regis-M
🔧 Fix critical test initialization failures: lazy LLMClient init, Pyd…
af7c3db 
…antic v2 schema, import paths
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Fix Test Failures - Module Initialization and Schema Validation Errors

1 participant

@Jean-Regis-M