feat: optimize config valid for runtime auth

[innsd]

No description provided.

[cuericlee]

/lgtm

[Copilot]

Pull request overview

This PR enhances runtime authentication configuration by adding conditional validation and prompt control for JWT-based authentication fields. The changes introduce a new generic validate_dataclass method to validate any dataclass configuration, add conditional validation rules for JWT-related fields, and expose new CLI parameters for runtime authentication configuration.

Key changes:

• Added conditional validation for runtime_jwt_discovery_url and runtime_jwt_allowed_clients fields, requiring them only when runtime_auth_type is set to custom_jwt
• Introduced a generic validate_dataclass method in ConfigValidator to validate any dataclass, not just CommonConfig
• Added CLI parameters for cr_auto_create_instance_type, runtime_auth_type, runtime_jwt_discovery_url, and runtime_jwt_allowed_clients

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
agentkit/toolkit/config/strategy_configs.py	Added prompt_condition and validation metadata to JWT authentication fields, added choices metadata to cr_auto_create_instance_type
agentkit/toolkit/config/config_validator.py	Added generic validate_dataclass method, refactored _validate_conditional_fields to accept any dataclass, updated _apply_conditional_rule to handle required field validation
agentkit/toolkit/config/config_handler.py	Added new CLI parameters to collect_cli_params, integrated strategy-specific validation before saving config
agentkit/toolkit/cli/interactive_config.py	Added prompt_condition logic to skip prompting fields when dependencies aren't met, updated conditional validation to handle required field checks
agentkit/toolkit/cli/cli_config.py	Added new CLI options for cr_auto_create_instance_type, runtime_auth_type, runtime_jwt_discovery_url, and runtime_jwt_allowed_clients

Comments suppressed due to low confidence (2)

agentkit/toolkit/config/config_validator.py:204

• Choices validation should only be applied when value is not None or empty. If a field is optional and empty, this validation will incorrectly fail. Add a check to ensure value is not None before validating against choices.

        if "choices" in rule:
            if value not in rule["choices"]:
                msg = rule.get(
                    "message", f"Must be one of: {', '.join(rule['choices'])}"
                )
                errors.append(f"{desc}: {msg}")

agentkit/toolkit/cli/interactive_config.py:447

• Choices validation should only be applied when value is not None or empty. If the field is optional and the user doesn't provide a value, this validation will incorrectly fail. Add a check to ensure value is not None before validating against choices.

            if "choices" in rule and value not in rule["choices"]:
                msg = rule.get(
                    "message", f"Must be one of: {', '.join(rule['choices'])}"
                )
                errors.append(msg)

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The field runtime_jwt_allowed_clients has a prompt_condition but is missing a validation configuration. If this field is required when runtime_auth_type is custom_jwt (as indicated in the description), it should have a conditional validation rule similar to runtime_jwt_discovery_url. Consider adding a validation block to ensure this field is properly validated.

Suggested change

	},
	},
	"validation": {
	"type": "conditional",
	"depends_on": "runtime_auth_type",
	"rules": {
	AUTH_TYPE_CUSTOM_JWT: {
	"required": True,
	"min_items": 1,
	"message": "At least one allowed client ID must be specified when using custom_jwt authentication.",
	}
	},
	},

[Copilot]

The field runtime_jwt_allowed_clients has a prompt_condition but is missing a validation configuration. If this field is required when runtime_auth_type is custom_jwt (as indicated in the description), it should have a conditional validation rule similar to runtime_jwt_discovery_url. Consider adding a validation block to ensure this field is properly validated.

Suggested change

	},
	},
	"validation": {
	"type": "conditional",
	"depends_on": "runtime_auth_type",
	"rules": {
	AUTH_TYPE_CUSTOM_JWT: {
	"required": True,
	"min_items": 1,
	"message": "At least one allowed client ID must be specified when using custom_jwt authentication.",
	}
	},
	},

[Copilot]

The choices validation logic doesn't handle List type fields correctly. If the field type is a List, the value will be a list and checking "value not in valid_values" will fail because it's comparing a list to individual values. This validation should check if each element of the list is in valid_values when the field is a List type.

Suggested change

	if valid_values and value not in valid_values:
	desc = field.metadata.get("description", field.name)
	errors.append(
	f"{desc} must be one of: {', '.join(map(str, valid_values))}"
	)
	if valid_values:
	if isinstance(value, list):
	invalid_items = [v for v in value if v not in valid_values]
	if invalid_items:
	desc = field.metadata.get("description", field.name)
	errors.append(
	f"{desc} contains invalid value(s): {', '.join(map(str, invalid_items))}. "
	f"Allowed values are: {', '.join(map(str, valid_values))}"
	)
	else:
	if value not in valid_values:
	desc = field.metadata.get("description", field.name)
	errors.append(
	f"{desc} must be one of: {', '.join(map(str, valid_values))}"
	)

[Copilot]

The validation logic for required fields checks "not value" which will incorrectly treat empty lists, 0, False, and other falsy values as missing. Consider using "value is None" or "value is None or value == ''" for strings specifically to avoid false positives for legitimate falsy values.