gmakstutis/LightRAG
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
LightRAG/e2e
History
Raphael MANSUY fe9b8ec02a
tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 
* feat: Implement multi-tenant architecture with tenant and knowledge base models

- Added data models for tenants, knowledge bases, and related configurations.
- Introduced role and permission management for users in the multi-tenant system.
- Created a service layer for managing tenants and knowledge bases, including CRUD operations.
- Developed a tenant-aware instance manager for LightRAG with caching and isolation features.
- Added a migration script to transition existing workspace-based deployments to the new multi-tenant architecture.

* chore: ignore lightrag/api/webui/assets/ directory

* chore: stop tracking lightrag/api/webui/assets (ignore in .gitignore)

* feat: Initialize LightRAG Multi-Tenant Stack with PostgreSQL

- Added README.md for project overview, setup instructions, and architecture details.
- Created docker-compose.yml to define services: PostgreSQL, Redis, LightRAG API, and Web UI.
- Introduced env.example for environment variable configuration.
- Implemented init-postgres.sql for PostgreSQL schema initialization with multi-tenant support.
- Added reproduce_issue.py for testing default tenant access via API.

* feat: Enhance TenantSelector and update related components for improved multi-tenant support

* feat: Enhance testing capabilities and update documentation

- Updated Makefile to include new test commands for various modes (compatibility, isolation, multi-tenant, security, coverage, and dry-run).
- Modified API health check endpoint in Makefile to reflect new port configuration.
- Updated QUICK_START.md and README.md to reflect changes in service URLs and ports.
- Added environment variables for testing modes in env.example.
- Introduced run_all_tests.sh script to automate testing across different modes.
- Created conftest.py for pytest configuration, including database fixtures and mock services.
- Implemented database helper functions for streamlined database operations in tests.
- Added test collection hooks to skip tests based on the current MULTITENANT_MODE.

* feat: Implement multi-tenant support with demo mode enabled by default

- Added multi-tenant configuration to the environment and Docker setup.
- Created pre-configured demo tenants (acme-corp and techstart) for testing.
- Updated API endpoints to support tenant-specific data access.
- Enhanced Makefile commands for better service management and database operations.
- Introduced user-tenant membership system with role-based access control.
- Added comprehensive documentation for multi-tenant setup and usage.
- Fixed issues with document visibility in multi-tenant environments.
- Implemented necessary database migrations for user memberships and legacy support.

* feat(audit): Add final audit report for multi-tenant implementation

- Documented overall assessment, architecture overview, test results, security findings, and recommendations.
- Included detailed findings on critical security issues and architectural concerns.

fix(security): Implement security fixes based on audit findings

- Removed global RAG fallback and enforced strict tenant context.
- Configured super-admin access and required user authentication for tenant access.
- Cleared localStorage on logout and improved error handling in WebUI.

chore(logs): Create task logs for audit and security fixes implementation

- Documented actions, decisions, and next steps for both audit and security fixes.
- Summarized test results and remaining recommendations.

chore(scripts): Enhance development stack management scripts

- Added scripts for cleaning, starting, and stopping the development stack.
- Improved output messages and ensured graceful shutdown of services.

feat(starter): Initialize PostgreSQL with AGE extension support

- Created initialization scripts for PostgreSQL extensions including uuid-ossp, vector, and AGE.
- Ensured successful installation and verification of extensions.

* feat: Implement auto-select for first tenant and KB on initial load in WebUI

- Removed WEBUI_INITIAL_STATE_FIX.md as the issue is resolved.
- Added useTenantInitialization hook to automatically select the first available tenant and KB on app load.
- Integrated the new hook into the Root component of the WebUI.
- Updated RetrievalTesting component to ensure a KB is selected before allowing user interaction.
- Created end-to-end tests for multi-tenant isolation and real service interactions.
- Added scripts for starting, stopping, and cleaning the development stack.
- Enhanced API and tenant routes to support tenant-specific pipeline status initialization.
- Updated constants for backend URL to reflect the correct port.
- Improved error handling and logging in various components.

* feat: Add multi-tenant support with enhanced E2E testing scripts and client functionality

* update client

* Add integration and unit tests for multi-tenant API, models, security, and storage

- Implement integration tests for tenant and knowledge base management endpoints in `test_tenant_api_routes.py`.
- Create unit tests for tenant isolation, model validation, and role permissions in `test_tenant_models.py`.
- Add security tests to enforce role-based permissions and context validation in `test_tenant_security.py`.
- Develop tests for tenant-aware storage operations and context isolation in `test_tenant_storage_phase3.py`.

* feat(e2e): Implement OpenAI model support and database reset functionality

* Add comprehensive test suite for gpt-5-nano compatibility

- Introduced tests for parameter normalization, embeddings, and entity extraction.
- Implemented direct API testing for gpt-5-nano.
- Validated .env configuration loading and OpenAI API connectivity.
- Analyzed reasoning token overhead with various token limits.
- Documented test procedures and expected outcomes in README files.
- Ensured all tests pass for production readiness.

* kg(postgres_impl): ensure AGE extension is loaded in session and configure graph initialization

* dev: add hybrid dev helper scripts, Makefile, docker-compose.dev-db and local development docs

* feat(dev): add dev helper scripts and local development documentation for hybrid setup

* feat(multi-tenant): add detailed specifications and logs for multi-tenant improvements, including UX, backend handling, and ingestion pipeline

* feat(migration): add generated tenant/kb columns, indexes, triggers; drop unused tables; update schema and docs

* test(backward-compat): adapt tests to new StorageNameSpace/TenantService APIs (use concrete dummy storages)

* chore: multi-tenant and UX updates — docs, webui, storage, tenant service adjustments

* tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency

- gpt5_nano_compatibility: add pytest-asyncio markers, skip when OPENAI key missing, prevent module-level asyncio.run collection, add conftest
- Ollama tests: add server availability check and skip markers; avoid pytest collection warnings by renaming helper classes
- Graph storage tests: rename interactive test functions to avoid pytest collection
- Document & Tenant routes: support external_ids for idempotency; ensure HTTPExceptions are re-raised
- LightRAG core: support external_ids in apipeline_enqueue_documents and idempotent logic
- Tests updated to match API changes (tenant routes & document routes)
- Add logs and scripts for inspection and audit
2025-12-04 16:04:21 +08:00
..
client.py tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
docker-compose.e2e.yml tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
README.md tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
run_isolation_test.sh tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
run_tests.sh tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
test_deletion.py tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
test_mixed_operations.py tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00
test_multitenant_isolation.py tests: stabilize integration tests + skip external services; fix multi-tenant API behavior and idempotency (#4) 2025-12-04 16:04:21 +08:00

README.md

E2E Multi-Tenant Isolation Tests

This directory contains end-to-end tests to verify the isolation of data and processing pipelines in the multi-tenant LightRAG implementation.

Quick Start

# Run all tests with file backend (default)
./e2e/run_tests.sh

# Interactive mode - guided test selection
./e2e/run_tests.sh -i

# Show help
./e2e/run_tests.sh --help

Test Runner Features

The enhanced test runner (run_tests.sh) provides:

  • 🎮 Interactive Mode: Menu-driven selection of backends and tests
  • 💾 Multiple Backends: Support for file, postgres, or all backends
  • 🧪 Test Selection: Run specific tests or all tests
  • 🔍 Dry Run: Preview configuration without executing
  • 📊 Verbose/Quiet Modes: Control output verbosity
  • 🎨 Colored Output: Easy-to-read results with emojis

Available Tests

Test File Description
isolation test_multitenant_isolation.py Tests data isolation between tenants
deletion test_deletion.py Tests document deletion and cleanup
mixed test_mixed_operations.py Tests interleaved tenant operations

Available Backends

Backend Description
file File-based storage (JSON, NetworkX, NanoVectorDB) - Default
postgres PostgreSQL with pgvector for production storage
all Run tests on both backends

Usage Examples

Basic Usage

# Run all tests with file backend (default)
./e2e/run_tests.sh

# Run all tests with PostgreSQL backend
./e2e/run_tests.sh -b postgres

# Run tests on all backends
./e2e/run_tests.sh -b all

# Run with OpenAI models (requires OPENAI_API_KEY)
./e2e/run_tests.sh --openai

# Reset database/storage before running tests
./e2e/run_tests.sh --reset-db

Test Selection

# Run only isolation test
./e2e/run_tests.sh -t isolation

# Run isolation and deletion tests
./e2e/run_tests.sh -t isolation,deletion

# Run specific test with postgres backend
./e2e/run_tests.sh -b postgres -t isolation

Interactive Mode

# Launch interactive menu
./e2e/run_tests.sh -i

The interactive mode guides you through:

  1. Backend selection
  2. Test selection
  3. Advanced options (verbose, keep server)
  4. LLM model configuration

Preview Configuration

# Dry run to see configuration without executing
./e2e/run_tests.sh --dry-run -b postgres -t isolation,deletion

Custom Model Configuration

# Use OpenAI models (gpt-4o-mini + text-embedding-3-small)
./e2e/run_tests.sh --openai

# Use custom LLM model (Ollama)
./e2e/run_tests.sh -m llama3.1:8b

# Use custom embedding model (Ollama)
./e2e/run_tests.sh -e nomic-embed-text:latest -d 768

# Combined: OpenAI with reset and postgres backend
./e2e/run_tests.sh --openai --reset-db -b postgres

Server Management

# Keep server running after tests (for debugging)
./e2e/run_tests.sh --keep-server

# Skip server management (use existing server)
./e2e/run_tests.sh --skip-server

# Use custom port
./e2e/run_tests.sh -p 8080

Output Control

# Verbose output with debug info
./e2e/run_tests.sh -v

# Quiet mode (minimal output)
./e2e/run_tests.sh -q

# Show live server logs during test execution
./e2e/run_tests.sh --logs

# Full example with logs, OpenAI, reset, and postgres
./e2e/run_tests.sh --openai --reset-db -b postgres --logs

OpenAI Configuration

# Use OpenAI models (requires OPENAI_API_KEY environment variable)
export OPENAI_API_KEY="sk-..."
./e2e/run_tests.sh --openai

# The --openai flag sets:
# - LLM: gpt-5-nano (OpenAI's fast model)
# - Embedding: text-embedding-3-small (1536 dimensions)

Database Reset

# Reset storage before running tests (clean slate)
./e2e/run_tests.sh --reset-db

# For file backend: clears rag_storage/ directory
# For postgres: Docker volume is removed and recreated

# Combined with OpenAI for a fresh run
./e2e/run_tests.sh --openai --reset-db -b postgres

Command Line Options

Option Description Default
-b, --backend Storage backend (file, postgres, all) file
-t, --tests Comma-separated test list all
-m, --llm-model LLM model name gpt-oss:20b
--llm-binding LLM binding type ollama
-e, --embedding-model Embedding model bge-m3:latest
--embedding-binding Embedding binding type ollama
-d, --dim Embedding dimension 1024
-p, --port Server port 9621
-i, --interactive Interactive mode -
-v, --verbose Verbose output -
-q, --quiet Quiet mode -
--dry-run Preview without executing -
--skip-server Don't manage server -
--keep-server Keep server running -
-l, --list List tests and backends -
--openai Use OpenAI models (gpt-5-nano + text-embedding-3-small) -
--reset-db Reset database/storage before tests -
--skip-docker Don't manage Docker containers -
--keep-docker Keep Docker containers running -
--logs Show live server logs during tests -
-h, --help Show help -
--version Show version -

Environment Variables

Variable Description Default
OPENAI_API_KEY OpenAI API key (required for --openai) -
LIGHTRAG_API_URL API URL http://localhost:9621
AUTH_USER Admin username admin
AUTH_PASS Admin password admin123
POSTGRES_HOST PostgreSQL host localhost
POSTGRES_PORT PostgreSQL port 5432
POSTGRES_USER PostgreSQL user lightrag
POSTGRES_PASSWORD PostgreSQL password -
POSTGRES_DATABASE PostgreSQL database lightrag_multitenant

Test Details

Multi-Tenant Isolation Test (isolation)

Tests data isolation between tenants:

  1. Creates two distinct tenants (Tenant A and Tenant B)
  2. Creates a Knowledge Base (KB) for each tenant
  3. Ingests a unique "secret" document into each tenant's KB
  4. Waits for indexing to complete
  5. Verifies that Tenant A can retrieve its secret but not Tenant B's secret
  6. Verifies that Tenant B can retrieve its secret but not Tenant A's secret

Document Deletion Test (deletion)

Tests document deletion functionality:

  1. Creates a tenant and knowledge base
  2. Ingests two documents
  3. Verifies both documents are queryable
  4. Deletes one document
  5. Verifies deleted document is no longer retrievable
  6. Verifies the other document still exists

Mixed Operations Test (mixed)

Tests interleaved operations across tenants:

  1. Creates two tenants with separate KBs
  2. Performs interleaved ingestion operations
  3. Verifies cross-tenant isolation during concurrent operations
  4. Tests deletion in one tenant doesn't affect the other
  5. Verifies data integrity throughout

Prerequisites

  • Python 3.10+
  • requests library installed (pip install requests)
  • LightRAG installed in the environment
  • Ollama running locally (or configured via environment variables)
  • For PostgreSQL tests: PostgreSQL with pgvector extension

Exit Codes

Code Meaning
0 All tests passed
1 One or more tests failed
2 Configuration or setup error

Troubleshooting

Server Issues

  • Check server.log in the project root if the server fails to start
  • Use --verbose flag to see detailed server startup logs
  • Try --keep-server to inspect server state after tests

Timeout Issues

  • If indexing takes too long, check if LLM/Embedding service is responsive
  • Increase timeout by modifying SERVER_TIMEOUT in the script

PostgreSQL Issues

  • Ensure PostgreSQL is running with pgvector extension
  • Verify connection settings in environment variables
  • Check that the database exists and user has proper permissions

Legacy Script

The original run_isolation_test.sh is still available for backward compatibility but run_tests.sh is recommended for new usage.