Skip to content

feat: Unify logging and add request middleware#1455

Merged
edwinjosechittilappilly merged 5 commits into
mainfrom
remove-log-points-main
Apr 23, 2026
Merged

feat: Unify logging and add request middleware#1455
edwinjosechittilappilly merged 5 commits into
mainfrom
remove-log-points-main

Conversation

@edwinjosechittilappilly

Copy link
Copy Markdown
Collaborator

Remove noisy/sensitive debug logs: drop per-stream chunk debug messages in agent.py and stop logging the full user object string in the search API. Also set the "openai" logger to WARNING in logging_config.py to avoid DEBUG-level emission of full request payloads (which can include headers/JWTs/API keys). These changes reduce log verbosity and help prevent accidental leakage of secrets.

Mirror of #1442


This pull request focuses on improving logging consistency, error handling, and log message clarity across the codebase. The main changes include replacing raw exception printing and inconsistent logging with structured logging using logger.exception, updating log levels and messages to be more descriptive, and ensuring that logging configuration is initialized early in the application lifecycle.

Logging and Error Handling Improvements

  • Replaced traceback.print_exc() and logger.error calls with logger.exception for better structured error logging and stack trace capture throughout the codebase, including in authentication, chat, connector, upload, and streaming endpoints (src/api/auth.py, src/api/chat.py, src/api/connectors.py, src/api/knowledge_filter.py, src/api/upload.py, src/agent.py, src/connectors/onedrive/connector.py, src/connectors/onedrive/oauth.py, src/connectors/sharepoint/connector.py). [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18]
  • Updated log messages to include context-specific tags (e.g., [AUTH], [CHAT], [CONNECTOR], [INGEST], [CONFIG]) and improved message clarity and structure for easier debugging and log filtering. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11]

Logging Configuration and Initialization

  • Added early initialization of environment variables and logging configuration in a new src/bootstrap.py module, ensuring that all subsequent imports use the correct logging setup.
  • Updated modules such as src/api/auth.py and src/api/upload.py to import and use the logger from the new logging configuration. [1] [2]

Minor Codebase Cleanups

  • Removed commented-out main block from src/connectors/ibm_cos/connector.py for cleaner code.
  • Minor adjustments to log fields and removed unnecessary user details from debug logs for privacy and clarity. [1] [2]

These changes collectively make logging more robust, consistent, and informative, which will help with debugging and maintaining the codebase.

Remove noisy/sensitive debug logs: drop per-stream chunk debug messages in agent.py and stop logging the full user object string in the search API. Also set the "openai" logger to WARNING in logging_config.py to avoid DEBUG-level emission of full request payloads (which can include headers/JWTs/API keys). These changes reduce log verbosity and help prevent accidental leakage of secrets.
Adjust logging and error handling across several modules:

- src/dependencies.py: Remove a development debug log that printed IBM auth headers.
- src/main.py: Stop importing configure_from_env (only get_logger kept). Ensure a single x-request-id in responses by removing any upstream header values before injecting the generated correlation ID.
- src/utils/acl_utils.py: Replace logger.error calls with logger.exception to include tracebacks when ACL checks or updates fail.
- src/utils/logging_config.py: Change filter_health_and_metrics to only suppress routine access-log INFO entries for high-frequency endpoints (errors/warnings still surface). Also use dict_tracebacks when JSON logs are enabled to improve traceback formatting.

These changes reduce noisy logs, ensure consistent request ID headers, and provide better diagnostic information for ACL-related errors.
Configure structured logging immediately after loading .env so module-level loggers are correct on import (bootstrap.py). Move get_logger after configuration and emit a startup info log. Remove redundant configure_from_env() from main and prevent Uvicorn from overriding structlog by passing log_config=None to uvicorn.run. Enhance logging_config: add json_logs flag, choose JSON vs console renderer, route uvicorn loggers through our handler, suppress noisy third‑party libraries, capture Python warnings via logging, and tune logger levels. Lowered Opensearch shutdown noise by changing a warning to a debug message in opensearch_utils.
Replace ad-hoc prints/tracebacks with structured logger.exception/logger.* calls across the codebase and standardize log messages/levels (agent, api, connectors, services, utils). Introduce a redesigned utils/logging_config.py with structured logging processors, JSON/dev renderers, stdlib logging bridge, header sanitization, and environment-driven configuration. Add a pure-ASGI RequestLoggingMiddleware in main.py to bind request_id and emit per-request structured logs (status, duration) and inject x-request-id. Misc: update log contexts, remove test __main__ in IBM COS connector, and improve a few log levels/messages for clarity and observability.
@github-actions github-actions Bot added backend 🔷 Issues related to backend services (OpenSearch, Langflow, APIs) enhancement 🔵 New feature or request labels Apr 23, 2026

This comment was marked as outdated.

@github-actions github-actions Bot added enhancement 🔵 New feature or request and removed enhancement 🔵 New feature or request labels Apr 23, 2026
@github-actions github-actions Bot added the lgtm label Apr 23, 2026
@edwinjosechittilappilly edwinjosechittilappilly merged commit 7b3f837 into main Apr 23, 2026
10 checks passed
@edwinjosechittilappilly edwinjosechittilappilly deleted the remove-log-points-main branch April 23, 2026 17:44
edwinjosechittilappilly added a commit that referenced this pull request Apr 30, 2026
commit cb5acc0497928f580cc46f3ed67d58cfd7ef28b7
Author: ming <[email protected]>
Date:   Wed Apr 29 15:59:39 2026 -0400

    feat: Operator config and new domain name (#1509)

    * update openr.ag domain name

    * config.go

    * add base manifest file

    * reconcile tenant namespace

    * unit test

    * go fmt fix

    * run unit test in gh action

    * fix lint in unit test

commit 3691a83efffbb7127bb9b20dbb56857988f5c162
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 29 09:41:11 2026 -0400

    fix: Unable to overwrite documents in Knowledge

    Issue

    - #70921

    Summary

    - Fixed a bug where overwriting an existing document in Knowledge failed because the query cache invalidation assumed a flat array format but the search results now use a `SearchResult` object structure with a `files` property.

    Frontend

    - Updated `queryClient.setQueriesData` callback in `knowledge-dropdown.tsx` to handle the `SearchResult` structure `{ files: [], warnings: [] }` when filtering out the file being overwritten
    - Added a fallback path to handle the legacy flat array format for backwards compatibility
    - Changed the `oldData` type annotation from `[]` to `any` to accommodate both data shapes

commit b2b4de38f7ca1176f8ffcc87187aed69528ef323
Author: Lucas Oliveira <[email protected]>
Date:   Wed Apr 29 10:01:17 2026 -0300

    fix: pass parameters as global variable headers to MCP server on agent flow (#1479)

    * Added fix for passing headers on flow, removed patching MCP server on backend

    * added owner global variable

    * updated agent flow with new code for mcp

    * test: cover MCP URL ingest integration

    * updated flow

    * removed unused global variable field

    * removed check for is no auth mode

    * added more specific search

    * removed checks that are hard coded

    * changed update mcp server urls to get langflow mcp service directly

    * updated status of patch mcp server url

    * fix test

    * fixed nitpicks

    ---------

    Co-authored-by: phact <[email protected]>

commit 3daae7919345d1f83127114463d07f0a846345e0
Author: Mike Fortman <[email protected]>
Date:   Tue Apr 28 16:24:41 2026 -0500

    feat: Add Segment Tracking (#1506)

    * add envs to docker-compose

    * Add page tracking for segment (#1485)

    * Move envs for segment (#1497)

    * feat: Add tracking to onboarding, ingest, and llm calls (#1505)

    * init button tracking

    * add process and llm tracking

    * track onboarding page

    * llm tracking

    * track ingest tasks

    ---------

    Co-authored-by: Copilot <[email protected]>

    ---------

    Co-authored-by: Copilot <[email protected]>

commit 1e4b3bde268d159e3d440e2c3545389687a7c621
Author: Agnes George <[email protected]>
Date:   Wed Apr 29 01:30:17 2026 +0530

    avoid using user controlled data in run block (#1491)

    Co-authored-by: Agnes-George1 <[email protected]>

commit d71fda5c5c5f6fa5deabff784e2f0098ab625b7c
Author: Mike Pawlowski <[email protected]>
Date:   Tue Apr 28 15:58:56 2026 -0400

    fix: Knowledge search fails with embedding model error (#1468) (#1499)

    * fix: Knowledge search fails with embedding model error

    Issue

    - #69807

    Summary

    - Fixed knowledge search failing with an embedding model error when a previously configured provider was removed after documents were ingested.
    - Search now degrades gracefully to keyword-only results instead of hard-failing, and the UI surfaces a non-fatal warning banner explaining the degraded state.

    Backend: Graceful Embedding Failure & Provider-Removal Guard

    - Added `strict` mode to `get_litellm_model_name` in `models_service.py` that raises `UnknownEmbeddingProvider` immediately when no configured provider claims a model, preventing LiteLLM from entering a costly retry loop on an unroutable model.
    - Refactored `search_service.py` to gather embedding results with `return_exceptions=True`, tracking per-model failures in `failed_models` and continuing with the subset of models that succeeded.
    - Introduced keyword-only fallback when all embeddings fail: removed the embedding-field `exists` filter from the query so documents without a matching embedding field are still returned, and bumped `multi_match` boost to compensate for the absent semantic signal.
    - Added `warnings` to the search response payload (`code: "embedding_unavailable"`) to signal degraded semantic search to the client.
    - Added `force_remove` flag to `SettingsUpdateBody` in `settings.py` and a pre-removal check (`_affected_embedding_models`) that returns a structured `409` response listing affected models and chunk counts before allowing a provider to be removed.

    Frontend: 409 Force-Remove Flow & Warning Banner

    - Introduced `UpdateSettingsError` typed error class and `isEmbeddingProviderInUseError` type guard in `useUpdateSettingsMutation.ts` to preserve the structured 409 payload from the backend.
    - Added `force_remove` to `UpdateSettingsRequest` and wired it through the Ollama, OpenAI, and watsonx settings dialogs; on a 409, `affectedModels` state is populated and the dialog footer switches to a force-confirmation view listing impacted models and chunk counts.
    - Updated `useGetSearchQuery.ts` return type from `File[]` to `SearchResult` (`{ files, warnings }`) and propagated the change through `knowledge/page.tsx` and `knowledge/chunks/page.tsx`.
    - Rendered `embedding_unavailable` warnings in the knowledge page as amber banner alerts that explain the degraded state and guide users to re-ingest or re-configure the missing provider.

    * fix: Knowledge search fails with embedding model error

    Issue

    - #69225

    Summary

    - Moved model registry refresh into the background Langflow sync task to ensure it runs after provider config is saved, preventing stale registry state from blocking embedding model resolution.
    - Added fallback registration for Ollama models that lack a `capabilities` field, ensuring older Ollama versions can still surface embedding models for knowledge search routing.

    API Changes

    - Removed eager `update_model_registry()` call from `update_settings` and passed `models_service` into `_run_async_post_save_langflow_updates` so the registry refresh happens in the background after save completes.
    - Added `models_service` parameter to `_run_async_post_save_langflow_updates`; registry refresh only runs when a provider update was detected.

    Model Registry Changes

    - Registered Ollama models with no `capabilities` field as potential embedding models, defaulting `nomic-embed-text` variants as the default embedding model.
    - Preserved graceful error handling so models that cannot actually embed fail at the LiteLLM call level rather than silently dropping from the registry.

    * added stale time 0 to get search query to reflect changes

    ---------

    Co-authored-by: Lucas Oliveira <[email protected]>

commit ef9f24ae1a8d6a60f11d02caff0115b00545ea1a
Author: Wallgau <[email protected]>
Date:   Tue Apr 28 09:39:42 2026 -0400

    fix: sync ingest embedding from settings and persist ingest UI (#1492)

    * Fix connector ingest settings propagation and sync navigation timing

    Ensure connector ingest settings are consistently respected across frontend and backend flows. The upload UI now uses session-hydrated knowledge defaults with controlled ingest state, preserves selected embedding values in the model picker, and navigates to Knowledge only after successful sync. Backend connector sync now forwards per-request ingest settings through router/service/processor layers, applies selected embedding model correctly (including connector-only Langflow override behavior), and adds reusable settings-to-tweaks mapping plus unit coverage for tweak merging and non-Langflow chunk resplitting.

    * addressed Lucas comment by removing hardcoded OpenAI embedding tweak usage and relying on SELECTED_EMBEDDING_MODEL for Langflow ingestion model selection.

    Also updated merge-tweaks tests to reflect the new behavior: embeddingModel is ignored in tweaks while chunk-related settings continue to map to SplitText tweaks.

    ---------

    Co-authored-by: Olfa Maslah <[email protected]>
    Co-authored-by: Olfa Maslah <[email protected]>

commit 2e138c0fb7fd6f1936b37454b9e5f8a15ba61152
Author: Lucas Oliveira <[email protected]>
Date:   Tue Apr 28 09:43:57 2026 -0300

    fix: changed frontend checks to pass correct embedding model to backend (#1478)

    * fixed frontend not passing the correct model

    * remove unreachable code

    * fixed format

commit 55e5b009bd0661ed84727fa0338ec69f7393a93d
Author: Mike Fortman <[email protected]>
Date:   Mon Apr 27 14:14:56 2026 -0500

    ensure model selections are reflected in LF (#1475)

commit 3820ff8ba2a59ab56b9b557591d7a41d6862bde6
Author: Mike Pawlowski <[email protected]>
Date:   Fri Apr 24 13:45:16 2026 -0400

    fix: Ingest document from chat is not working (OSS) (#1463)

    * fix: Ingest document from chat is not working

    Issue

    - GH-69225

    Summary

    - Gated the chat input file upload ("+" button) behind a new `OPENRAG_INGEST_VIA_CHAT` feature flag, defaulting to hidden, so operators can opt-in to chat-based ingestion without changing existing behaviour.

    Backend

    - Added `OPENRAG_INGEST_VIA_CHAT` env var to `src/config/settings.py` (defaults `false`).
    - Exposed `ingest_via_chat` field on `SettingsResponse` in `src/api/settings.py`, populated from the new env var.
    - Documented the env var in `.env.example`.

    Frontend

    - Added `ingest_via_chat` field to the `Settings` interface in `useGetSettingsQuery.ts`.
    - Added `ingestViaChat` prop to `ChatInput` and conditionally rendered the "+" upload button only when the prop is `true`.
    - Passed `settings?.ingest_via_chat ?? false` from `chat/page.tsx` to `ChatInput`.
    - Reformatted `tsconfig.json` (array expansions, `jsx: preserve`).

commit 3294736f061f8c12ce2dd05b935cd5ccb288cc74
Author: Agnes George <[email protected]>
Date:   Fri Apr 24 21:13:39 2026 +0530

    fix: Backend CVE fixes  (#1413)

    * python libraries upgrade to resolce CVEs

    * upgrade aiohttp library

    * upgrade pip

    * update pytest

    ---------

    Co-authored-by: Agnes-George1 <[email protected]>

commit 634f3afee512f3189009ddd70860efd55aa1300c
Author: April I. Murphy <[email protected]>
Date:   Fri Apr 24 08:14:02 2026 -0700

    reduce chunk size troubleshooting (#1461)

commit f812ea1cccf420cfbf47d4ca877a1cf636da7288
Author: Agnes George <[email protected]>
Date:   Fri Apr 24 19:16:21 2026 +0530

    fix: frontend cve fixes (#1415)

    * resolve all npm issues

    * config changes due to next upgrade

    * resolve other npm issues

    * force upgrade pkgs

    * update pkg for cve

    * Removed the deprecated eslint added typescript

    * downloading and replacing pkg as CVE fix

    * fix cve

    * Changed dockerfile

    * changed package json

    * Format

    ---------

    Co-authored-by: Agnes-George1 <[email protected]>
    Co-authored-by: Lucas Oliveira <[email protected]>

commit 71d39651e6caab696daf94348001d4d2d5f1393b
Author: Mike Fortman <[email protected]>
Date:   Thu Apr 23 16:14:27 2026 -0500

    feat: Agent skills for OpenRAG installation and SDK support (#1427)

    * feat: Add agent skills for OpenRAG install and SDK

    - Add plugins/skills directory structure
    - Include install skill documentation
    - Include SDK skill documentation

    * restructure skills locations

    * Fixed the python sdk settings update example to use a flattened structure

    * Fixed incorrect use of camelCase for TypeScrip search filters use according to the SDK's SearchFilters shape.

    * align install/sdk docs with actual SDK shapes and agent behavior

    ---------

    Co-authored-by: SonicDMG <[email protected]>

commit 7b3f83782b603c4644ae272e0b36e9c4195d2551
Author: Edwin Jose <[email protected]>
Date:   Thu Apr 23 12:44:22 2026 -0500

    feat: Unify logging and add request middleware (#1455)

commit 4fb112eacad334b894cca6e89b45fbfc103f3f28
Author: ming <[email protected]>
Date:   Wed Apr 22 17:25:59 2026 -0400

    operator docker image build (#1452)

commit 1e305240305dd7da8dad1c8898d65e96938ccf97
Merge: d26fbb67 77878917
Author: ming <[email protected]>
Date:   Tue Apr 21 14:44:37 2026 -0400

    Merge pull request #1448 from langflow-ai/operator

    feat: kubernetes operator

commit 7787891744035bd19431183477bf4f0f4eed2dfd
Author: ming luo <[email protected]>
Date:   Tue Apr 21 14:39:53 2026 -0400

    upgrade github action golangci-lint version

commit b4716e492bf42f9a147b4e3d11f00fd4cae40f77
Author: ming luo <[email protected]>
Date:   Tue Apr 21 14:36:18 2026 -0400

    fix golanglint-ci version

commit 3e0f29e71a58a0d2515ae81f4daf951cd05f5176
Author: ming luo <[email protected]>
Date:   Tue Apr 21 14:14:54 2026 -0400

    fix gofmt

commit e683c0502aae76c58ea16d23e2ba3d72f35c5df8
Author: ming luo <[email protected]>
Date:   Tue Apr 21 14:11:51 2026 -0400

    fix ci

commit 0cfd37437d5c0b055cba43e5615bfc2796778f1e
Author: ming luo <[email protected]>
Date:   Tue Apr 21 14:09:03 2026 -0400

    ci

commit 212e64962430c2c0142f3df23adcbae5d03626bb
Author: ming luo <[email protected]>
Date:   Tue Apr 21 14:03:05 2026 -0400

    kubernetes operator

commit d26fbb6700126f45e0fc654c132ab25c845f715a
Merge: a41782c0 b9d16e80
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 18:39:15 2026 -0300

    Merge pull request #1425 from langflow-ai/fix/watsonx_models

    fix: update models api and langflow models setting

commit b9d16e804451f18c1e3ce52f4200558c9bd10632
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 18:17:38 2026 -0300

    fix minor double space

commit 59351e4b5a5d4ced069d96cce3d8c88de5db829f
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 17:54:40 2026 -0300

    fixed nitpicks

commit 8d867ac63f4d11781dacf277cdfc25e6bde71055
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 17:06:13 2026 -0300

    updated update_langflow_model_values to have logic to update everything at once

commit 65da4ec0c89ae15761c24e9d0e038242329e4d73
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:24:53 2026 -0300

    Added max size to flow locks cache

commit 5a239f6f2279696c786d0322fda3c0af05509830
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:23:24 2026 -0300

    fix misaligned comment

commit 9e782f4913a0513848bdc706c7691e0b9887027b
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:22:57 2026 -0300

    clear cache on failure

commit aeaa153e2641efe246f091606ea65c6dedad50d3
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:21:03 2026 -0300

    removed tech preview false

commit 41cc13298d3c3bf1c13b7e63795358322801e4df
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:20:36 2026 -0300

    Updated embedding provider if just one is supplied

commit bf16524026fa5c204e0917c8880ad03b0a62292a
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:18:57 2026 -0300

    Re add save config file

commit b843fd49f4d065d2ec2294cb7edce065a5a9f448
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 20 14:17:43 2026 -0300

    Changed LLM condition bug

commit a41782c0cd30d13684a5181a34b1e0422192db46
Author: Edwin Jose <[email protected]>
Date:   Mon Apr 20 12:00:42 2026 -0500

    fix: update knowledge-dropdown with pptx and xlsx file type support (#1437)

commit cdc33a17808488fb4983c10f12fff3f8d1b250f0
Author: Edwin Jose <[email protected]>
Date:   Mon Apr 20 11:42:46 2026 -0500

    feat: Add tenacity retry and streamable HTTP conversion for lanngflow MCP (#1421)

commit 7dded21416f55cdaf2b85d6082d2f9de61cfaf8a
Author: Mike Fortman <[email protected]>
Date:   Mon Apr 20 09:26:01 2026 -0500

    feat: Release branch parity (#1433)

    * feat: Add Bulk actions bar on knowledge base table for delete actions (#1371)

    * feat: Update sdk for SaaS env handling (#1364)

    * sdk saas updates

    * update versions

    * chore: update uv.lock files after version bump

    * Require API key or headers; add auth tests

    Enforce authentication at OpenRAGClient construction by raising AuthenticationError when neither api_key nor extra_headers (nor OPENRAG_API_KEY env var) are provided. Also lightweight formatting cleanups in client request/header construction. Expanded tests: updated the missing-key test and added coverage for extra_headers-only auth, env-var-only auth, and explicit api_key precedence to ensure various auth modes (e.g. IBM headers) are supported and prioritized correctly.

    * tag as rc1 for testing purposes

    * chore: update uv.lock files after version bump

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

    * Add bulk actions bar and animiate

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

    * refactor: SaaS design sweep (#1394)

    * feat: Update sdk for SaaS env handling (#1364)

    * sdk saas updates

    * update versions

    * chore: update uv.lock files after version bump

    * Require API key or headers; add auth tests

    Enforce authentication at OpenRAGClient construction by raising AuthenticationError when neither api_key nor extra_headers (nor OPENRAG_API_KEY env var) are provided. Also lightweight formatting cleanups in client request/header construction. Expanded tests: updated the missing-key test and added coverage for extra_headers-only auth, env-var-only auth, and explicit api_key precedence to ensure various auth modes (e.g. IBM headers) are supported and prioritized correctly.

    * tag as rc1 for testing purposes

    * chore: update uv.lock files after version bump

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

    * Display version in the UI

    * toggles and slider

    * function call

    * text color

    * align backgrounds in settings

    * table footer border

    * batch action match design

    * icon colors

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

    * hide the google and onedrive connectors in saas (#1429)

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

commit 4449b6352c358dde2bb521c80723811524047b8f
Author: Lucas Oliveira <[email protected]>
Date:   Fri Apr 17 19:54:01 2026 -0300

    made updates happen depending on what part of the onboarding we are

commit 40ce6fd0f6324f4a15c864b62cccfe00d7756e16
Author: Lucas Oliveira <[email protected]>
Date:   Fri Apr 17 19:45:01 2026 -0300

    Pass provider and embedding model

commit 692c618771ead9cc05d8412367f1c0d3f5148f3c
Author: Lucas Oliveira <[email protected]>
Date:   Fri Apr 17 19:38:25 2026 -0300

    updated flows

commit 3fc5ee74598561c3b1ebe7d3d3e117ae2530e70f
Author: Lucas Oliveira <[email protected]>
Date:   Fri Apr 17 15:54:51 2026 -0300

    changed docker namespace for opensearch

commit 179476d32522072545a6b9b8604ffa579c681432
Author: Lucas Oliveira <[email protected]>
Date:   Thu Apr 16 19:55:55 2026 -0300

    remove command

commit fb939a8de03776f0e09c320153aba77879def274
Author: Lucas Oliveira <[email protected]>
Date:   Thu Apr 16 19:55:06 2026 -0300

    cache and execute langflow calls at the same time

commit c7b3b0deb3cf9080393f9b325e52d7b0281f968f
Author: Lucas Oliveira <[email protected]>
Date:   Thu Apr 16 19:54:49 2026 -0300

    make flow updates lock, save embedding settings before updating models

commit c4bfa17a3bc4c7d819ce2b383a05a2ec98d61558
Author: Lucas Oliveira <[email protected]>
Date:   Thu Apr 16 17:58:04 2026 -0300

    added new version of API and limit results to not tech preview

commit 3703fc247997939dc67afd4b0fcf5fe9d0f9142f
Author: Mike Fortman <[email protected]>
Date:   Thu Apr 16 15:34:29 2026 -0500

    Fix tooltip visibility (#1420)

commit 6997cacce8e3c825dfedc2e4a506ab2f7f21872a
Merge: b901448d 51bc104f
Author: Nate McCall <[email protected]>
Date:   Thu Apr 16 09:52:58 2026 +1200

    Merge pull request #1392 from langflow-ai/1391-knn-params-dedupe

    refactor(knn): consolidate knn_vector field mapping into shared helper

commit 51bc104f1be08f8e351e142319a29d8eed4a153a
Merge: 96c16c19 b901448d
Author: zznate <[email protected]>
Date:   Thu Apr 16 07:42:21 2026 +1200

    Merge remote-tracking branch 'origin/main' into 1391-knn-params-dedupe

    # Conflicts:
    #	src/utils/embedding_fields.py
    #	src/utils/embeddings.py

commit b901448d84dcc9299076e3cb40c9a5a1c069cea1
Author: Lucas Oliveira <[email protected]>
Date:   Wed Apr 15 14:49:24 2026 -0300

    feat: updated langflow to 1.9 (#1405)

    * updated langflow version

    * updated flows

commit 796cc2f07c6b04868ae3865eba633d68ddc36521
Author: Edwin Jose <[email protected]>
Date:   Wed Apr 15 12:17:15 2026 -0500

    feat: Integrate FastMCP streamable HTTP server (#1396)

    Co-authored-by: Mike Fortman <[email protected]>

commit 46065c87e54dd041f5df9864fb4d4f4848617c70
Author: Edwin Jose <[email protected]>
Date:   Wed Apr 15 10:31:53 2026 -0500

    chore: sdk release 0.3.0 (#1400)

    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

commit aca507663c1bef00c5e743bf1bbb4c48c7fae300
Author: Edwin Jose <[email protected]>
Date:   Wed Apr 15 10:30:21 2026 -0500

    fix: Store raw JWT in auth cookie (strip 'Bearer ') (#1376)

commit a2fdfba0d4ef95e5369f53711e90406b8ce35ac5
Author: Lucas Oliveira <[email protected]>
Date:   Wed Apr 15 10:15:06 2026 -0300

    feat: add smoke tests for onboarding (#1110)

    * updated env example to contain flow ids

    * added data test ids into onboarding components

    * added required asset

    * updated package lock

    * added onboarding test

    * componentized onboarding

    * updated e2e test to get from secrets

    * fixed onboarding

    * Fix for e2e tests not working on CI

    * make script not generate opensearch password

    * add logs

    * fix for # in password and added make docling

    * direct host docker internal to host gateway

    * remove changes to makefile

    * removed changes to docker copose

    * updated playwright config and e2e tests to build all images

    * updated script and test workflow to reduce time and fix startup

    * add check for onboarding complete

    * added reset prop on onboarding

    * restore npm ci

    * fixed onboarding test to be less flaky

    * collect logs on failure

    * clear images and add flow ids

    * reactivated tasks tests and increased timeout on onboarding

    * set just 1 worker locally too to not cause race conditions

commit f7b6db5724419ef9a26799d686ff012a64ca5cfe
Author: Lucas Oliveira <[email protected]>
Date:   Tue Apr 14 18:33:39 2026 -0300

    fix: re-add litellm, fix ingestion without langflow for all providers, fix search functionality for all providers (#1368)

    * Revert "Remove agentd integration; add OpenAI deps"

    This reverts commit 55db515590e9ee154caffa9a241e434cbfb63b34.

    * change http2 probe to use configured provider

    * Centralized litellm logic and dimensions

    * pinned litellm

    * Changed pyproject and uv lock

    * Changed agentd lock

    * Changed model name referencing variable inside try

    * changed files to reference embedding model just from embedding constants

    * wrap search tool in global function to work with @tool

    * just run probe when openai

    * removed patched client since only openai works now

    * changed os environment with correct ollama api base and base url before litellm call

    * revert docker compose

    * removed unused import openai

    * fixed review comments

    * add parenthesis on the embedding model

    * Changed model-provider association to occur in ModelsService, with a global dict controlling the state

    * Removed creation of dynamic index body and create index based on current embedding's size

    * added function to fetch all models when loading them on settings page and on init

    * update pyproject

    * deleted unused dimensions

    * updated documentation for file

    * removed unused code and raise value error when dimensions dont exist

    * pass models service to required fields

    * add check for none provider lower

    * added guard for empty embeddings

    * add anthropic on known prefixes

    * Fixed anonymous user and ollama ingestion of default documents

    * Removed redundant call to litellm

    * updated uv lock

commit 7305e1050b010a0a64c116be0a02fb144425a602
Author: Edwin Jose <[email protected]>
Date:   Tue Apr 14 12:04:25 2026 -0500

    fix: httpx resolution error in mcp (#1397)

    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

commit 93435d7391d6cb2754cc0144e8b8e2ff89bdb6a5
Author: Edwin Jose <[email protected]>
Date:   Tue Apr 14 11:41:58 2026 -0500

    chore: mcp allow pre release dependencies (#1395)

    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

commit 8f396d3a8fe08fceffc7015f9d7af62f4f4e401e
Merge: d1ec6abb 7bcb32c6
Author: Mike Pawlowski <[email protected]>
Date:   Tue Apr 14 09:21:35 2026 -0400

    Merge pull request #1385 from langflow-ai/mp/feat/GH-1384-jwt-signing-key-auth

    feat(backend): Re-implement support for the JWT_SIGNING_KEY environment variable for auth...

commit 96c16c19f78d81898366652dba7b4773e892de48
Author: zznate <[email protected]>
Date:   Tue Apr 14 11:34:55 2026 +1200

    refactor(knn): consolidate knn_vector field mapping into shared helper

    Extract the duplicated knn_vector field literal into
    build_knn_vector_field() in utils.embedding_fields as the single source of
    truth for OpenRAG's JVector/DiskANN method configuration. All four call
    sites now delegate to the helper:

    - src/config/settings.py (INDEX_BODY legacy chunk_embedding field)
    - src/utils/embedding_fields.py (ensure_embedding_field_exists)
    - src/utils/embeddings.py (create_dynamic_index_body)
    - scripts/migrate_embedding_model_field.py (ensure_new_field_exists)

    The helper returns a fresh dict per call so callers may extend it in
    place without affecting other sites, which unblocks follow-up work on
    per-field advanced.* parameters (hierarchy_enabled, num_pq_subspaces,
    etc.) without re-introducing drift.

    No runtime behavior change: the generated mapping is byte-identical to
    the previous inline literal for the same dimension. KNN_EF_CONSTRUCTION
    and KNN_M imports are removed from callers that no longer reference them
    directly.

    Adds tests/unit/test_embedding_fields.py covering structure, dimension
    propagation, settings resolution (including monkeypatch override),
    call-site isolation, and INDEX_BODY parity.

    Refs #1391

commit d1ec6abb6fde33d2deaa21dc10aa689bccc88009
Author: Lucas Oliveira <[email protected]>
Date:   Mon Apr 13 17:57:49 2026 -0300

    updated langflow version (#1379)

commit 7bcb32c6c984c3d7b8831b0123656f63844f65ad
Author: Mike Pawlowski <[email protected]>
Date:   Mon Apr 13 06:28:26 2026 -0700

    feat(backend): Re-implement support for the JWT_SIGNING_KEY environment variable for auth...

    ...as a replacement for generation and use of private / public keys

    Issue

    - #1384
    - Add JWT_SIGNING_KEY environment variable to `.env.example`

commit b64f8ee2255a96e18d462b55be0a6f8dbbb9c7ed
Author: Mike Pawlowski <[email protected]>
Date:   Sun Apr 12 13:49:00 2026 -0700

    feat(backend): Re-implement support for the JWT_SIGNING_KEY environment variable for auth...

    ...as a replacement for generation and use of private / public keys

    Issue

    - #1384

    Summary

    - Added support for an external `JWT_SIGNING_KEY` environment variable, allowing the backend to skip RSA key generation when a signing key is already provided externally.
    - Added `host.docker.internal` host mapping to the Langflow service in `docker-compose.yml` to enable container-to-host networking.

    Backend

    - Skipped RSA JWT key generation in `initialize_services()` when the `JWT_SIGNING_KEY` environment variable is set.
    - Removed `os.chmod()` calls on existing RSA key files to avoid permission errors when running as a non-root user.

    Docker

    - Passed `JWT_SIGNING_KEY` environment variable through to the backend service in `docker-compose.yml`.
    - Added `extra_hosts` entry (`host.docker.internal:host-gateway`) to the Langflow service for host networking support.

commit f50523276e276c0e59b94ef4a0156e2c79194441
Author: Mike Pawlowski <[email protected]>
Date:   Fri Apr 10 18:11:48 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322
    - Introduce OPENRAG_RUN_MODE environment variable

commit 4adff5e0ebe22274c0d1574d5f470961a814f501
Author: Mike Pawlowski <[email protected]>
Date:   Fri Apr 10 18:09:28 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322
    - Execute gosu only if running as root

commit d432a309f82f93bb581f62d8c085299f912b2042
Author: Mike Pawlowski <[email protected]>
Date:   Fri Apr 10 18:08:02 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322
    - Rename Backend entry point script

commit 0bde2b87d9ecb3408faa2f323e78b81269217962
Author: Mike Fortman <[email protected]>
Date:   Mon Apr 13 13:04:04 2026 -0500

    Display version in the UI (#1386)

commit a5ed9b66b4ab09bcaa303e757b5ade555273a967
Author: Lucas Oliveira <[email protected]>
Date:   Fri Apr 10 14:01:17 2026 -0300

    fix: change factory-reset functions to delete named volume for opensearch-data (#1363)

    * Changed factory-reset and env manager references to opensearch-data

    * deleted opensearch data references

    * Fixed review comments

commit 7b9737fe2f7377cdac7245e3602b2d481acdc337
Author: Mike Fortman <[email protected]>
Date:   Thu Apr 9 13:54:10 2026 -0500

    feat: MCP SaaS updates for new headers (#1365)

    * sdk saas updates

    * mcp changes for saas headers

    * update to 0.3.0rc1

    * chore: update uv.lock files after version bump

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

commit cb9d35e5b027b80963070104195bfebb84c6875e
Author: Mike Fortman <[email protected]>
Date:   Thu Apr 9 13:49:59 2026 -0500

    feat: Update sdk for SaaS env handling (#1364)

    * sdk saas updates

    * update versions

    * chore: update uv.lock files after version bump

    * Require API key or headers; add auth tests

    Enforce authentication at OpenRAGClient construction by raising AuthenticationError when neither api_key nor extra_headers (nor OPENRAG_API_KEY env var) are provided. Also lightweight formatting cleanups in client request/header construction. Expanded tests: updated the missing-key test and added coverage for extra_headers-only auth, env-var-only auth, and explicit api_key precedence to ensure various auth modes (e.g. IBM headers) are supported and prioritized correctly.

    * tag as rc1 for testing purposes

    * chore: update uv.lock files after version bump

    ---------

    Co-authored-by: Edwin Jose <[email protected]>
    Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

commit a172794a40f2768d58b673a03b6fa9c9b01961c1
Author: Lucas Oliveira <[email protected]>
Date:   Thu Apr 9 15:17:28 2026 -0300

    feat: upgraded Langflow version to 1.9.0, upgraded Docling version (#1355)

    * updated ingestion flow with new version of docling

    * updated version

    * changeed docling manager to not have errors regarding broken pipes with make commands

    * update flows for 1.9

    * updated flows with newest opensearch

    * updated openrag agent

    * Updated settings rollback error and flows, updated dockerfile with latest Langflow nightly

    * add mcp enabled to openrag url mcp

commit dca72a36caad7a0728360f2e0d368570bbdfb4ad
Merge: 8571cfa9 7c5f832b
Author: Mike Pawlowski <[email protected]>
Date:   Thu Apr 9 13:40:48 2026 -0400

    Merge pull request #1329 from langflow-ai/mp/fix/GH-1322-backend-app-running-as-root

    fix(security): Containerized Backend application is running as root

commit 7c5f832be786d86c49c77bd3b6d1ab8a1b01f73e
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 8 12:39:33 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

commit 94606d19583c1a7d0d29cf17bdb4fc1f3168a0ff
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 8 08:55:26 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

commit 87b2c829cbada64859d185c99da2471e739890a8
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 8 07:02:41 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

    Summary

    - Introduced a host ownership reclaim mechanism — both in the Makefile and the TUI startup path — to recover volume directories chowned to `appuser` (UID 1000) by the non-root backend container's entrypoint, restoring host-user read/write access for local development and subsequent TUI runs.

    Makefile

    - Defined `HOST_UID` and `HOST_GID` variables at parse time using `id -u` / `id -g` for use in Docker-assisted `chown` commands.
    - Rewrote `ensure-backend-volumes` to re-own `flows`, `keys`, `config`, and `data` directories to the host user via an Alpine container (with a native `chown` fallback), replacing the previous `chmod 775`-only approach.
    - Updated `factory-reset` to remove JWT key files via an Alpine container when native `rm` fails due to root ownership.
    - Added `ensure-backend-volumes` as a prerequisite of the `backend` target so local dev runs always correct directory ownership before starting.

    TUI (`src/tui/main.py`)

    - Added `_reclaim_host_ownership()` helper that detects directories owned by a UID other than the current host user and re-owns them via a short-lived Alpine container using the available container runtime (`docker` or `podman`).
    - Called `_reclaim_host_ownership()` at the start of `setup_host_directories()` before any `chmod` calls, so ownership is corrected before permissions are set.
    - Wrapped `os.chmod()` calls for backend writable directories and `langflow-data` in `try/except PermissionError` to handle the case where reclaim was skipped (no runtime available) without crashing startup.

commit dacf0a2340ef01393d1f415e5ac036da4d211c9e
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 8 05:51:02 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

    Summary

    - Added a JWT key ownership fixup step to the `test-ci` and `test-ci-local` Makefile targets so that RSA keys generated inside the non-root container are re-owned to the host user before tests run, preventing permission errors when the test runner accesses key files on the host filesystem.

    Makefile CI Target Fix

    - Added a post-startup step in `test-ci` that runs an ephemeral Alpine container to `chown` `private_key.pem` and `public_key.pem` in the `keys/` volume to the host user's UID/GID, and sets correct permissions (`600`/`644`).
    - Applied the same JWT key ownership fixup step to `test-ci-local` for consistency.
    - Both steps are non-fatal (`|| true`) to avoid blocking CI if keys have not yet been generated.

commit 2a218d132528bfc5c7def968c339b34d836efab2
Author: Mike Pawlowski <[email protected]>
Date:   Mon Apr 6 07:30:05 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

    Summary

    - Removed manual RSA key generation and file permission setup from CI Makefile targets, and dropped the `chmod 777 langflow-data` workaround, as these concerns are now handled by the containerized application running as a non-root user.

    Makefile CI Target Cleanup

    - Removed `chmod 777 langflow-data` from both `test-ci` and `test-ci-local` targets; the broad permission grant was a workaround for the container running as root.
    - Removed the RSA key generation block (`keys/private_key.pem` check, `generate_jwt_keys()` invocation, and `chmod 600/644` permission fixups) from both `test-ci` and `test-ci-local` targets; key generation and permissions are now managed inside the container under the correct non-root user context.

commit f24f2d415e116f04b5c1fb99eff8c0664ab7714a
Author: Mike Pawlowski <[email protected]>
Date:   Thu Apr 2 19:37:15 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

    Summary

    - Extended CI cleanup steps in E2E and integration test workflows to remove additional root-owned directories (`keys`, `data`, `flows`, `openrag-documents`) created by the containerized frontend fix.

    CI Workflow Cleanup

    - Updated the "Cleanup root-owned files" step in `.github/workflows/test-e2e.yml` to delete `keys`, `data`, `flows`, and `openrag-documents` directories in addition to the previously cleaned `opensearch-data`, `config`, and `langflow-data`.
    - Updated the same cleanup step in `.github/workflows/test-integration.yml` with the identical expanded directory list.
    - Updated step labels in both workflows to reflect the broader set of root-owned paths being removed.

commit 8cf3d8c735345792b12171a05cd68c2192217281
Author: Mike Pawlowski <[email protected]>
Date:   Thu Apr 2 14:52:32 2026 -0700

    fix(security): Containerized Backend application is running as root

    Issue

    - #1322

    Summary

    - Configured the backend container to run as a non-root user (appuser, UID/GID 1000) by introducing a dedicated entrypoint script, updating the Dockerfile, and ensuring host volume directories are pre-created with correct permissions.

    Dockerfile Changes

    - Installed `gosu` to enable privilege dropping from root to appuser at container startup.
    - Created the `appuser` group (GID 1000) and user (UID 1000) in the image.
    - Added `COPY entrypoint.sh /entrypoint.sh` and set it as the `ENTRYPOINT`.
    - Pre-created all runtime-writable directories (`keys/`, `data/`, `config/`, `flows/backup/`, `openrag-documents/`) and `chown`-ed them to `appuser` in the image layer so defaults are correct when no volume is attached.

    New: entrypoint.sh

    - Added `entrypoint.sh` that runs as root on container start.
    - Re-`chown`s all volume-mounted directories (`keys`, `flows`, `config`, `data`, `openrag-documents`) to `appuser:appuser` to handle Docker hosts where `:U` remapping is not supported.
    - Execs the application process as `appuser` via `gosu`, dropping root privileges before `src/main.py` starts.

    Makefile Changes

    - Added `ensure-backend-volumes` target that creates and sets `775` permissions on `flows/`, `keys/`, `config/`, and `data/` on the host before Docker mounts them.
    - Added `ensure-backend-volumes` as a prerequisite to all `dev`, `dev-cpu`, `dev-local`, `dev-local-cpu`, `dev-local-build-lf`, `dev-local-build-lf-cpu`, `dev-branch`, `dev-branch-cpu`, `restart-dev`, `test-ci`, and `test-ci-local` targets.

    TUI (src/tui/main.py)

    - Extended `setup_host_directories()` to apply `chmod 0o775` on all backend volume-mounted directories (`documents/`, `flows/`, `keys/`, `config/`, `data/`) so the container's `appuser` (UID 1000) can write to them even on Docker hosts that do not remap UIDs.

commit 8571cfa9b3ae72de52d27e4cb607a0f91d6a8209
Author: Edwin Jose <[email protected]>
Date:   Thu Apr 9 11:09:15 2026 -0500

    chore: merge Saas features to main (#1359)

    Co-authored-by: Lucas Oliveira <[email protected]>
    Co-authored-by: Lucas Oliveira <[email protected]>
    Co-authored-by: rodageve <[email protected]>
    Co-authored-by: Mike Fortman <[email protected]>

commit 5f3de615e55a147b4bc6cc60b8cec8793b2f69b1
Author: Mike Fortman <[email protected]>
Date:   Tue Apr 7 16:31:01 2026 -0500

    refactor: Improve SaaS styles (#1356)

    * fix saas styles for the chunks page

    * refactor: Update SaaS table theming (#1350)

    * update colors

    * checkbox

    * refactor: Update function call section (#1354)

    * update function call section

    * input buttons

commit 0cefaacc64fa7e982759de12140cf75cb5ab65c1
Author: Lucas Oliveira <[email protected]>
Date:   Tue Apr 7 17:23:24 2026 -0300

    fix: centralize backend paths and accept env var to define them, change deployments to centralize read only and writable volumes (#1353)

    * Added paths config that gets paths from env variables

    * Changed settings to use paths provided

    * Changed backend services to use the unified paths

    * Added data and shared volume, centralize volumes in read-only and writable storages

    * update backend sc

    * Made paths be configurable

    * Added openrag paths into example

    * changed deployment and langflow dotenv

    * added new ver and migration

    * Updated paths.py documentation

    * Added note to notes.txt

    * Removed loading flows from langflow and put it in the backend

    * fixed helm bugs

    * fixed shared pvc

    * delete migration job and include docs on how to do the manual upgrade

commit 43426128b25affb06d9b94acbc18953f39334af5
Merge: fb694634 74ef0184
Author: April I. Murphy <[email protected]>
Date:   Mon Apr 6 13:42:46 2026 -0700

    Merge pull request #1348 from langflow-ai/docs-fix-partials-export-flows

    docs: Update export flows partial because the backup option is only for upgrades.

commit 74ef0184959cef4f11b30b47d6104e2785668f4d
Author: April M <[email protected]>
Date:   Mon Apr 6 13:16:55 2026 -0700

    Update _partial-export-flows.mdx

commit fb69463494b09026e74f148204ef9ee88c98363f
Merge: 87dfd2d8 7d8184f5
Author: Mike Pawlowski <[email protected]>
Date:   Mon Apr 6 11:53:56 2026 -0400

    Merge pull request #1321 from langflow-ai/mp/fix/GH-1320-frontend-app-running-as-root

    fix(security): Containerized Frontend application is running as root

commit 7d8184f52ed0014925a92dd961744ebec95f64cb
Author: Mike Pawlowski <[email protected]>
Date:   Thu Apr 2 09:00:09 2026 -0700

    fix: Security: Containerized Frontend application is running as root

    Issue

    - #1320

    Summary

    - Fixed the frontend Docker container running as root by switching to the built-in non-root `node` user for all build and runtime steps.

    Security: Run frontend container as non-root user

    - Added `chown node:node /app` after `WORKDIR` so the working directory is owned by the non-root user before the user switch.
    - Added `USER node` directive to switch to the non-root `node` user for all subsequent Dockerfile instructions.
    - Updated `COPY` instructions to use `--chown=node:node` so copied files are owned by the `node` user rather than root.
    - Removed trailing whitespace from `npm run build` line.
    - Added missing newline at end of file.

commit 87dfd2d849516993b407070d7d67d56c6f41f9b2
Author: Lucas Oliveira <[email protected]>
Date:   Thu Apr 2 16:19:45 2026 -0300

    fix: changed opensearch startup to turn opensearch into main process (#1326)

    * added graceful shutdown and entrypoint wrapper

    * fix: added graceful shutdown and entrypoint wrapper

    Issue

    - #1170

    Summary

    - Improved OpenSearch graceful shutdown reliability by flushing pending writes, adding a force-kill fallback in the entrypoint wrapper, and preventing double-close of the client connection.
    - Hardened the Docker Compose healthcheck to verify authenticated cluster health status rather than bare connectivity.

    OpenSearch Shutdown Improvements

    - Replaced `cluster.health()` call with `indices.flush(index="_all", wait_if_ongoing=True)` in `graceful_opensearch_shutdown` to ensure pending write operations are persisted before the client closes.
    - Set `clients.opensearch = None` after graceful shutdown in `src/main.py` to prevent a redundant double-close during `clients.cleanup()`.
    - Added a 90-second wait loop with `kill -0` polling in `opensearch-entrypoint-wrapper.sh` before issuing a force `SIGKILL`, ensuring the process has time to stop cleanly before being forcibly terminated.
    - Removed stale "Made with Bob" comment from `opensearch-entrypoint-wrapper.sh`.

    Docker Compose Healthcheck

    - Updated the OpenSearch healthcheck command to authenticate with `admin:$OPENSEARCH_PASSWORD` and query `/_cluster/health`, asserting the cluster status is `green` or `yellow` rather than only checking for a successful TCP connection.

    * fix commented out build image

    * Revert changes

    ---------

    Co-authored-by: Mike Pawlowski <[email protected]>

commit 455832b6c9b3f065a1c27a913e4ed2b03ecd1cce
Merge: dda7bcd7 971b5784
Author: Mike Fortman <[email protected]>
Date:   Thu Apr 2 11:37:09 2026 -0500

    Merge pull request #1324 from langflow-ai/toggle-off-mcp-api

    feat: toggle off api key generation for mcp in SaaS

commit 971b57849a9879f4f19e1e1482965808180b0b82
Author: Mike Fortman <[email protected]>
Date:   Thu Apr 2 10:52:09 2026 -0500

    toggle off api key generation for mcp in SaaS

commit dda7bcd785fca1ad1e1054ebbdaff85a1b8c3c50
Merge: 3114c1e6 a7cc19e7
Author: Edwin Jose <[email protected]>
Date:   Wed Apr 1 13:44:05 2026 -0500

    Merge pull request #1289 from langflow-ai/fix-google-auth

commit a7cc19e7e7684de7c6310c61743636c62b7c5e68
Merge: 9b18f2b0 3114c1e6
Author: Edwin Jose <[email protected]>
Date:   Wed Apr 1 13:17:46 2026 -0500

    Merge branch 'main' into fix-google-auth

commit 9b18f2b0a4e5f05bb24e58ace22b08470262f72f
Author: Edwin Jose <[email protected]>
Date:   Wed Apr 1 13:17:21 2026 -0500

    Update session_manager.py

commit 3114c1e6268939150f8e2070a552ed6b4e4055f0
Author: Lucas Oliveira <[email protected]>
Date:   Wed Apr 1 14:46:41 2026 -0300

    fix: added number_of_replicas as 0 to not create unused nodes in OpenSearch (#1304)

    * Added number_of_replicas as 0 to not create unused nodes in OpenSearch

    * Added number of replicas changing

    * updated number of replicas to be on the same level of number of shards

    * added number of shards

    * changed to put settings just if it wasnt applied

    * removed number of shards from put settings

commit eaa6cd8c400674f56577b4167af0a9e91070acec
Merge: c1200298 4d68d52f
Author: April I. Murphy <[email protected]>
Date:   Wed Apr 1 09:32:59 2026 -0700

    Merge pull request #1316 from langflow-ai/docs-elite-support

    docs: Add IBM Elite Support page

commit 4d68d52fc518afd28b6b10e0aca08001f8a15b5a
Merge: e1b8029b c1200298
Author: April I. Murphy <[email protected]>
Date:   Wed Apr 1 09:20:50 2026 -0700

    Merge branch 'main' into docs-elite-support

commit c1200298dfee9ec406afe37abf6680f2dced5d2b
Merge: 650f3b77 6ca763fc
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 1 12:14:04 2026 -0400

    Merge pull request #1317 from langflow-ai/mp/fix/GH-1307-integration-test-failures

    fix: Integration tests are failing: test_chat_with_sources, test_full_rag_pipeline

commit 6ca763fc5f9e0d8891c0034ecc2188ea5dcfcd6d
Author: Mike Pawlowski <[email protected]>
Date:   Wed Apr 1 07:53:26 2026 -0700

    fix: Integration tests are failing: test_chat_with_sources, test_full_rag_pipeline

    Issue

    - #1307

    Summary

    - Disabled flaky end-to-end RAG pipeline test that was producing indeterministic results

    Testing

    - Added `@pytest.mark.skip` decorator to `test_full_rag_pipeline` in `tests/integration/sdk/test_e2e.py`
    - Documented skip reason as "Test scenario is returning indeterministic or flaky results resulting in random failures"

commit f7abc733b0da64485f07bdcd2268d4ef83f30772
Author: Mike Pawlowski <[email protected]>
Date:   Tue Mar 31 11:44:53 2026 -0700

    fix: Integration tests are failing: test_chat_with_sources, test_full_rag_pipeline

    Issue

    - #1307

    Summary

    - Fixed two integration tests (test_chat_with_sources, test_full_rag_pipeline) that were failing due to a race condition between task completion signaling and OpenSearch index refresh, and fragile
    source-citation assertions.

    Bug Fixes

    - src/services/task_service.py: Reordered index refresh to occur before marking the task as COMPLETED, so callers polling for completion can immediately query or delete newly indexed chunks without hitting the
    near-real-time refresh window.
    - src/agent.py: Moved import re to the citation-fallback code path (lazy import) where it is actually used, eliminating the top-level import; also cleaned up trailing whitespace throughout the file.

    Test Improvements

    - tests/integration/sdk/test_e2e.py: Added a retry loop (up to 5 attempts, 2 s apart) after ingestion to verify the document is searchable before proceeding, absorbing residual index refresh latency.
    - Replaced the fragile source-filename assertion with a content-based assertion: checks that the unique fictional terms "Zephyr" or "Xylox" appear in the LLM response, confirming the correct document was
    retrieved regardless of how the LLM formats its citation.
    - Refined the chat prompt to be more specific, improving retrieval reliability.

commit e1b8029b39753feac31941eed62236e87f5b839f
Author: April M <[email protected]>
Date:   Tue Mar 31 14:12:20 2026 -0700

    add elite support page

commit 650f3b77ee28a0fccd2836874d752ac9459c757d
Merge: da590752 045fe0b0
Author: Mike Fortman <[email protected]>
Date:   Tue Mar 31 13:43:13 2026 -0500

    Merge pull request #1227 from langflow-ai/watsonx.data

    feat: Add Carbon esque theme

commit 045fe0b05929b312b3aa62074145473451eb7d75
Author: Mike Fortman <[email protected]>
Date:   Tue Mar 31 13:31:51 2026 -0500

    fix file icons

commit da590752a5d197644f2fbd9655dc455f2156fa7d
Merge: 153a408d 3ed90110
Author: Mike Pawlowski <[email protected]>
Date:   Tue Mar 31 13:05:29 2026 -0400

    Merge pull request #1308 from langflow-ai/mp/fix/GH-1307-integration-test-failures

    fix: Integration tests are failing: test_chat_with_sources, test_full_rag_pipeline

commit 3ed901103b10de4f9dd410e09366f39312e816a2
Author: Mike Pawlowski <[email protected]>
Date:   Mon Mar 30 18:00:42 2026 -0700

    fix: Integration tests are failing: test_chat_with_sources, test_full_rag_pipeline

    Issue

    - #1307

    Summary

    - Fixed three integration test failures by repairing the non-streaming RAG sources extraction path in async_langflow_chat, eliminating a post-ingest indexing race condition, and hardening the e2e test query to
    reliably trigger OpenSearch retrieval.

    Backend: Sources Extraction (src/agent.py)

    - Removed the item_type in ("tool_call", "retrieval_call") type guard that caused sources to always be []; Langflow's OpenAI-compatible API does not populate response.output with typed retrieval items.
    - Added Layer 2 fallback: inspects top-level dict keys (results, outputs, retrieved_documents, retrieval_results) on the serialised response object, mirroring the existing streaming middleware logic.
    - Added Layer 3 fallback: regex-parses (Source: filename) citation patterns emitted by the LLM as a guaranteed last resort.

    Backend: Post-Ingest Index Refresh (src/services/task_service.py)

    - Called clients.opensearch.indices.refresh() immediately after a task completed with successful_files > 0, closing the near-real-time indexing window that caused delete_by_query to find zero chunks right
    after a successful ingest.
    - Treated the refresh as non-fatal: exceptions are caught and logged at DEBUG level.

    Test: E2E Query Phrasing (tests/integration/sdk/test_e2e.py)

    - Prefixed the test_full_rag_pipeline chat message with "According to the documents in my knowledge base, ..." so the LLM is forced to invoke the OpenSearch retrieval tool rather than answering from general
    training knowledge.

commit bad8494ffa31dda9d5d22788582df763739efc33
Merge: 27a04c65 153a408d
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 30 16:15:48 2026 -0500

    Merge branch 'main' into watsonx.data

commit 27a04c65d1a819b41fc14cfb108976daf4e9e828
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 30 16:09:37 2026 -0500

    PR comments

commit 153a408d56975939dc190ab3fad5d16d2dab0c39
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 17:31:52 2026 -0300

    fix: added langflow_opensearch_host as env variable (#1294)

    * Added langflow_opensearch_host as env variable

    * Added https back

    * Changed docker compose and deployment to pass langflow opensearch host and port to backend

    * Fixed helm chart for opensearch host

    * added deployment annotations

    * remove templates from the annotations

commit ce074308bba90e2c99347787805e745a1d950c89
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 17:31:13 2026 -0300

    added encryption key to docker compose and helm charts (#1302)

commit 42460c47156438640ac0efb87d81d77de573f049
Merge: 0769bf58 ecd4e665
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 17:02:55 2026 -0300

    Merge remote-tracking branch 'origin/fix/opensearch_local_dev' into watsonx.data

commit 76f3e1d38ed4dc73ae19cd9552c1386cdca9f09b
Merge: db67c620 c77834c3
Author: Mike Pawlowski <[email protected]>
Date:   Mon Mar 30 14:49:39 2026 -0400

    Merge pull request #1299 from langflow-ai/langflow-hostname-resolution-linux

    fix: Unable to resolve Docling URL via Langflow on Linux

commit c77834c3d04a874bc9056b8b814635bc28a035c8
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 15:19:51 2026 -0300

    Changed health check to work with macOS

commit de43aa66d431818127e4a7511a94443bb01aafbd
Author: Mike Pawlowski <[email protected]>
Date:   Mon Mar 30 11:08:49 2026 -0700

    fix: Unable to resolve Docling URL via Langflow on Linux

    Issues

    - #1267
    - #1298
    - #1297

    Makefile

    - Fix `make health` for OpenSearch on MacOS

commit bbfa9270114a620141f62024b1e5b911dd61fdc9
Author: Mike Pawlowski <[email protected]>
Date:   Mon Mar 30 08:43:05 2026 -0700

    fix: Unable to resolve Docling URL via Langflow on Linux

    Issues

    - #1267
    - #1298
    - #1297

    Summary

    - Improved health check output and fixed host resolution config in Docker Compose

    Docker Compose Fixes
    - Moved `volumes` and `extra_hosts` definitions for the `langflow` service to appear after `ports`, restoring the intended ordering
    - Moved `extra_hosts: host.docker.internal:host-gateway` from the `langflow` service to the `openrag-backend` service to correctly fix hostname resolution on Linux

    Makefile Health Check Improvements
    - Updated the OpenSearch health check to query `/_cluster/health` instead of the root endpoint, returning structured `{status}` JSON for clearer output
    - Switched the OpenSearch health check to use `OPENSEARCH_USERNAME` instead of the hardcoded `admin` value
    - Added a Docling health check entry targeting `http://localhost:5001/health`

commit 0898fb40dae4eedde0ed29ae03f3bcf271780e7b
Author: bekzodrakhmonov7 <[email protected]>
Date:   Fri Mar 27 13:56:24 2026 +0200

    fix: add extra_hosts for hostname resolution in Langflow on Linux

commit ecd4e665f90138d6b16cb7a648814731617ac66c
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 15:05:06 2026 -0300

    remove templates from the annotations

commit b023a9a8fa50e713d52a95e168b13ca257f1da50
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 15:04:03 2026 -0300

    added deployment annotations

commit 59dfd489a31e9cc35f65bbacf57efb54c5cd12e2
Merge: 2f89bdb0 db67c620
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 14:52:38 2026 -0300

    Merge main and resolve conflicts by migrating env vars to .env secret templates

commit 2f89bdb0a7eb543d6bb52027ecebd4e2abc9f2b0
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 14:38:56 2026 -0300

    Fixed helm chart for opensearch host

commit db67c62088bd1569434bc8bacce379d3e1fe76c9
Merge: 9e1ebaec e36f9f75
Author: rodageve <[email protected]>
Date:   Mon Mar 30 13:26:44 2026 -0400

    Merge pull request #1251 from langflow-ai/rgeve_helm_chart_env_vars_mar5

    feat: Enable Postgres deployment and switch to Env defined in .env file

commit 0769bf58c981be66cff6cfbff930578659afdc86
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 30 11:13:31 2026 -0500

    feature flag toggle

commit c0b00eaf6d6f49ba4b6997ad49eeaf48ba2e9dc1
Merge: 71d306a8 9e1ebaec
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 30 10:29:52 2026 -0500

    Merge branch 'main' of github.com:langflow-ai/openrag into watsonx.data

commit e36f9f75ba658b3851b41565995cffa8cac0bacf
Author: rodageve <[email protected]>
Date:   Mon Mar 30 08:59:09 2026 -0400

    Add OAUTH broker URL to dotenv for backend, Include a Storage class template for persistence with wait-for-first-consumer attribute - allows PV placement on backend nodes

commit 794919822b33ca6ec8fa3e94c6becf95fdcc2a3a
Author: Lucas Oliveira <[email protected]>
Date:   Mon Mar 30 09:46:55 2026 -0300

    Changed docker compose and deployment to pass langflow opensearch host and port to backend

commit 9e1ebaec141c005d50ad0b7f9c3fe77456a4c568
Merge: 2e2da511 2f136ef7
Author: Edwin Jose <[email protected]>
Date:   Fri Mar 27 17:10:18 2026 -0500

    Merge pull request #1295 from langflow-ai/fix-googledrive-async-main

commit 62a6cb9f7ca71ec7ef2a7da3b5b00104fa5e1d97
Author: Lucas Oliveira <[email protected]>
Date:   Fri Mar 27 18:11:34 2026 -0300

    Added https back

commit 472f5fcf668e17396b965629dc843a3a6f1befab
Author: Lucas Oliveira <[email protected]>
Date:   Fri Mar 27 18:06:47 2026 -0300

    Added langflow_opensearch_host as env variable

commit 2e2da51179170c7e4553f07ade9c6e1264ca8b3e
Author: Lucas Oliveira <[email protected]>
Date:   Fri Mar 27 18:06:27 2026 -0300

    Revert "Added langflow_opensearch_host as env variable"

    This reverts commit cb09ddd40fa1ee9da5d868dd6822e38438bbe328.

commit cb09ddd40fa1ee9da5d868dd6822e38438bbe328
Author: Lucas Oliveira <[email protected]>
Date:   Fri Mar 27 18:04:20 2026 -0300

    Added langflow_opensearch_host as env variable

commit 71d306a82dda08f2d89d0e007bbf389584825443
Author: Mike Fortman <[email protected]>
Date:   Fri Mar 27 15:08:59 2026 -0500

    add refetch docs button

commit 15a6a3b13066959bfdc562df3c30a2b63ff3abe3
Author: Edwin Jose <[email protected]>
Date:   Fri Mar 27 10:36:33 2026 -0500

    Forward Set-Cookie and strip Bearer token

    frontend/app/api/[...path]/route.ts: Ensure Set-Cookie headers from proxied responses are forwarded explicitly by iterating response.headers.getSetCookie() and appending each cookie to responseHeaders (entries() may omit them). This preserves cookies for proxied streaming responses.

    src/session_manager.py: Accept Authorization headers with a "Bearer " prefix by stripping the prefix before calling jwt.decode. This prevents passing the literal "Bearer ..." string to the decoder and fixes token verification failures when Bearer tokens are used.

commit 7434defa67b35361561c089d471aa7d84988a1cc
Merge: 24ca75cb 01b1b1f5
Author: Mike Fortman <[email protected]>
Date:   Thu Mar 26 14:58:26 2026 -0500

    Merge branch 'main' of github.com:langflow-ai/openrag into watsonx.data

commit 24ca75cb38074e571ad0c1f78da44201bffd6b40
Author: Mrunal Salunke <[email protected]>
Date:   Thu Mar 26 13:54:48 2026 -0400

    Remove border radius

commit 967d99ab83cacc2c8dfdac9981f8b9e6e8911399
Author: Mike Fortman <[email protected]>
Date:   Thu Mar 26 11:15:12 2026 -0500

    tie into IBM_AUTH

commit 99f89a464ceefab991fc32aa17e78a5fe6dde12a
Author: Mike Fortman <[email protected]>
Date:   Thu Mar 26 10:06:23 2026 -0500

    table updates

commit 18d33e7f505d118680b0b12937a883514667f1f9
Author: rodageve <[email protected]>
Date:   Wed Mar 25 17:39:55 2026 -0400

    Include OPENRAG_ENCRYPTION_KEY secret, and Langflow env on backend pod/deployment to indicate Langflow auto_login setting

commit 8161cda2c3e29e7ada13952b9a6554a8c1cd194a
Merge: 2dc4cc2b 7d8f0e66
Author: Mike Fortman <[email protected]>
Date:   Wed Mar 25 16:28:16 2026 -0500

    Merge branch 'main' of github.com:langflow-ai/openrag into watsonx.data

commit 2dc4cc2b0aa2bb61f6a2d7f610a149782bdc5ba7
Merge: 05afb18c 543ccc60
Author: Mrunal Salunke <[email protected]>
Date:   Wed Mar 25 17:00:27 2026 -0400

    Merge pull request #1264 from langflow-ai/feature/knowledge-redesign2

    Adding header changes

commit 543ccc600d3295b6432ee1acf6ed52326b2d2d35
Merge: 58ada941 05afb18c
Author: Mrunal Salunke <[email protected]>
Date:   Wed Mar 25 17:00:11 2026 -0400

    Merge branch 'watsonx.data' into feature/knowledge-redesign2

commit 58ada9418ff49bf013565aaadef9ec561536fd49
Author: Mrunal Salunke <[email protected]>
Date:   Wed Mar 25 16:59:39 2026 -0400

    remove fileicon

commit abdfc8f6963aa372a80cb2591d738ab6e56ebf3b
Author: rodageve <[email protected]>
Date:   Tue Mar 24 15:45:28 2026 -0400

    Add skip-auth on auto-login env var setting to allow for external API authentication, remove opensearch and docling health from orag backend readiness probe checks, Remove AWS Access/Secret Key env vars for backend, these are supplied by the Orag UI

commit b6edab46720c06c31f5de23c6893a98755760194
Author: rodageve <[email protected]>
Date:   Fri Mar 6 14:43:25 2026 -0500

    Add support for external langflow db using postgres

commit 993778cbece3959dbacd31075b4fa025202b4c78
Author: rodageve <[email protected]>
Date:   Thu Mar 5 11:08:47 2026 -0500

    Move environment variable dependencies for backend and langflow from process env to .env file loaded by dotenv lib in both cases

commit 05afb18cf76e26c4363af7b2f6f679438688c2ee
Merge: 6847584d d05598e2
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 23 16:59:11 2026 -0500

    Merge branch 'watsonx.data' of github.com:langflow-ai/openrag into watsonx.data

commit 6847584d54d3cb6c781ff3cf716df106605c2f08
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 23 15:03:52 2026 -0500

    missing import

commit d05598e23f0a84603f9e2814dfbfd67fdf0c5202
Merge: 18da2413 57bf783a
Author: Mrunal Salunke <[email protected]>
Date:   Mon Mar 23 16:00:32 2026 -0400

    Merge pull request #1191 from langflow-ai/feature/knowledge-redesign

    Feature/knowledge redesign

commit 57bf783a2a313e594a0ec7cf08ca5cdc41037e16
Merge: b5e12b41 18da2413
Author: Mrunal Salunke <[email protected]>
Date:   Mon Mar 23 16:00:21 2026 -0400

    Merge branch 'watsonx.data' into feature/knowledge-redesign

commit 18da241382164122457e9a5fff9097b96f0d9b81
Merge: 843d2db0 3a7dc94b
Author: Mike Fortman <[email protected]>
Date:   Mon Mar 23 15:00:11 2026 -0500

    Merge branch 'main' of github.com:langflow-ai/openrag into watsonx.data

commit 1717aaf4b45322d547dafb24e01ff1cd67012d77
Author: Mrunal Salunke <[email protected]>
Date:   Thu Mar 19 16:02:51 2026 -0400

    Adding header changes

commit b5e12b41f877b82715a6d6c81966642fd00624a5
Author: Mrunal Salunke <[email protected]>
Date:   Thu Mar 19 14:04:47 2026 -0400

    correcting functionality and design tokens

commit 90b4b0e4df4d44ce6b5d3c746b262f5d26…
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

backend 🔷 Issues related to backend services (OpenSearch, Langflow, APIs) enhancement 🔵 New feature or request lgtm

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants