fix(litellm): remove pre-call hook, use native OAuth via ANTHROPIC_API_KEY#54
Merged
fix(litellm): remove pre-call hook, use native OAuth via ANTHROPIC_API_KEY#54
Conversation
…s OAuth PR #19912 (merged Feb 17) fixed optionally_handle_anthropic_oauth() to: - Detect sk-ant-oat* tokens in api_key - Remove x-api-key header - Set Authorization: Bearer <token> correctly The custom pre-call hook (from PR #51) is now redundant and causes 'Extra inputs are not permitted' errors. Removing it and relying on ANTHROPIC_API_KEY env var containing the OAuth token.
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
There was a problem hiding this comment.
1 issue found across 1 file
Prompt for AI agents (all issues)
Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.
<file name="infra/manifests/litellm/configmap.yaml">
<violation number="1" location="infra/manifests/litellm/configmap.yaml:46">
P2: The `litellm-hooks` ConfigMap (with `hooks.py`) and its deployment artifacts are now dead code. Since all `async_pre_call_hook` references have been removed, the following should also be cleaned up in this PR:
- The `litellm-hooks` ConfigMap in this file (lines ~183-218)
- The volume mount, volume definition, and `PYTHONPATH` env var in `deployment.yaml`
Leaving these behind adds confusion for future maintainers and needlessly mounts unused code into the container.</violation>
</file>
Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.
| @@ -42,20 +42,14 @@ data: | |||
| - model_name: claude-opus-4-6 | |||
There was a problem hiding this comment.
P2: The litellm-hooks ConfigMap (with hooks.py) and its deployment artifacts are now dead code. Since all async_pre_call_hook references have been removed, the following should also be cleaned up in this PR:
- The
litellm-hooksConfigMap in this file (lines ~183-218) - The volume mount, volume definition, and
PYTHONPATHenv var indeployment.yaml
Leaving these behind adds confusion for future maintainers and needlessly mounts unused code into the container.
Prompt for AI agents
Check if this issue is valid — if so, understand the root cause and fix it. At infra/manifests/litellm/configmap.yaml, line 46:
<comment>The `litellm-hooks` ConfigMap (with `hooks.py`) and its deployment artifacts are now dead code. Since all `async_pre_call_hook` references have been removed, the following should also be cleaned up in this PR:
- The `litellm-hooks` ConfigMap in this file (lines ~183-218)
- The volume mount, volume definition, and `PYTHONPATH` env var in `deployment.yaml`
Leaving these behind adds confusion for future maintainers and needlessly mounts unused code into the container.</comment>
<file context>
@@ -42,20 +42,14 @@ data:
- custom_llm_provider: anthropic
- async_pre_call_hook: hooks.async_pre_call_hook
- model_name: claude-sonnet-4-6
litellm_params:
model: anthropic/claude-sonnet-4-6
</file context>
binary64
added a commit
that referenced
this pull request
Feb 24, 2026
Remove leftover artifacts from the pre-call hook approach: - Delete litellm-hooks ConfigMap (hooks.py is no longer used) - Remove OAUTH_TOKEN env var from deployment - Remove PYTHONPATH=/hooks env var from deployment - Remove hooks volume mount and volume definition - Update comment to reflect native OAuth via ANTHROPIC_API_KEY Addresses Cubic review feedback on PR #54.
Owner
Author
|
Addressed Cubic's P2 feedback in 800c448:
All hook-related artifacts are now fully cleaned up. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Context
PR #51 added a custom
async_pre_call_hookto handle Anthropic OAuth tokens, working around upstream bug #19618.What changed upstream
PR #19912 was merged Feb 17 into LiteLLM, fixing
optionally_handle_anthropic_oauth()to correctly:sk-ant-oat*tokens inapi_keyx-api-keyheader automaticallyAuthorization: Bearer <token>correctlyThis is present in our current image (
v1.81.15-nightly), confirmed viakubectl exec.Fix
Remove
async_pre_call_hookandcustom_llm_providerfrom Anthropic models. LiteLLM now handles OAuth natively whenANTHROPIC_API_KEYcontains the OAuth token (sk-ant-oat*).The
ANTHROPIC_API_KEYsecret has been updated to contain the real OAuth token (patched directly on the cluster).Summary by cubic
Removed Anthropic pre-call hook and custom provider in LiteLLM to use native OAuth via ANTHROPIC_API_KEY, fixing call errors and simplifying config.
Written for commit fb3c7a0. Summary will update on new commits.