[PLAT-416] ensure bounded time range for mv query tool call

[pjain1]

To prevent LLMs to run unbounded queries

Checklist:

• Covered by tests
• Ran it and it works as intended
• Reviewed the diff before requesting a review
• Checked for unhandled edge cases
• Linked the issues it closes
• Checked if the docs need to be updated. If so, create a separate Linear DOCS issue
• Intend to cherry-pick into the release branch
• I'm proud of this work!

[begelundmuller]

Two thoughts:

1. It might be nice to be able to disable this for projects that run into problems. So maybe add it as a rill.ai.name instance-level flag? So it can be overridden at runtime if someone has problems.
2. I'm wondering if the AI will just get the full time range using the summary tool call and then use that, which will have similar bad performance. Do you think it would make sense to instead support a bounding by a number of days, e.g. rill.ai.max_time_range_days? So e.g. users with large clusters could bound AI queries to max 30 days of data.

[pjain1]

IMO we should definitely ensure that a valid time range is set, absence of it just means LLM is not able to some how use it, may be this can be also behind a flag and default is ensure time range, what do you think? I agree we can have rill.ai.max_time_range_days and have a default of 0 means no restriction as some projects having less data might want to actually use full time range and in those cases LLM can specify the full time range retrieved from summary tool call.

[pjain1]

put this behind feature flag?

[begelundmuller]

I'm okay with keeping it required for AI initially – but try running the evals in analyst_agent_test.go and check they still pass

[pjain1]

They pass (has to disable enforcing of time range for tests directly doing query_metrics_view tool call) except from CanvasContext test which fails here and I think its a genuine failure as I am not sure why app_or_site = 'App' this filter would be present in where clause.

[begelundmuller]

Then it's flaky. The filter is because the contextual canvas component has it:

rill/runtime/testruntime/projects.go

Line 215 in dae94e6

dimension_filters: app_or_site IN ('App')

[begelundmuller]

The problem with this is that there is also comparison_time_range.expression (and expressions are usually most useful for comparisons)

[begelundmuller]

Is there a reason not to expose this?

Suggested change

	QueryLimit *QueryLimits `json:"-" mapstructure:"query_limits"`
	QueryLimit *QueryLimits `json:"limits,omitempty" mapstructure:"query_limits"`

[pjain1]

Yes, this will be used only during AI tool calls and resolvers use mapstructure to decode the args, also query limits are not exposed through any proto requests so didn't felt need to expose it.

[begelundmuller]

I think we should just expose it. I'm not sure, but I think we may have some places that use JSON instead of mapstructure for serialization/deserialization, or if not, we might add that in the future. So since it would not be harmful to expose, I think it might just be simpler/safer.

[pjain1]

ok why use limits as key instead of query_limits, seems confusing with already present limit key.

[pjain1]

added json tags

[begelundmuller]

Was just typing quickly, query_limits also seems fine by me

[begelundmuller]

Same question about exposing it.

Is it a problem to consider it as part of the query? From the metricsview package perspective, I guess it is part of the query? It is only from the API/tool perspective that it may overwrite it (i.e. not allow the user to set it).

[begelundmuller]

LGTM!