agenta 0.12.3__py3-none-any.whl → 0.32.0a1__py3-none-any.whl

agenta/sdk/managers/variant.py

@@ -0,0 +1,182 @@
+from typing import Optional
+
+from agenta.sdk.managers.shared import SharedManager
+
+
+class VariantManager(SharedManager):
+    @classmethod
+    def create(
+        cls,
+        *,
+        parameters: dict,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variant = SharedManager.add(
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+
+        if variant:
+            variant = SharedManager.commit(
+                parameters=parameters,
+                app_id=app_id,
+                app_slug=app_slug,
+                variant_slug=variant_slug,
+            )
+
+        return variant
+
+    @classmethod
+    async def acreate(
+        cls,
+        *,
+        parameters: dict,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variant = await SharedManager.aadd(
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        if variant:
+            variant = await SharedManager.acommit(
+                parameters=parameters,
+                app_id=app_id,
+                app_slug=app_slug,
+                variant_slug=variant_slug,
+            )
+
+        return variant
+
+    @classmethod
+    def commit(
+        cls,
+        *,
+        parameters: dict,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variant = SharedManager.commit(
+            parameters=parameters,
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        return variant
+
+    @classmethod
+    async def acommit(
+        cls,
+        *,
+        parameters: dict,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variant = await SharedManager.acommit(
+            parameters=parameters,
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        return variant
+
+    @classmethod
+    def delete(
+        cls,
+        *,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        message = SharedManager.delete(
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        return message
+
+    @classmethod
+    async def adelete(
+        cls,
+        *,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        message = await SharedManager.adelete(
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        return message
+
+    @classmethod
+    def list(
+        cls,
+        *,
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variants = SharedManager.list(
+            app_id=app_id,
+            app_slug=app_slug,
+        )
+        return variants
+
+    @classmethod
+    async def alist(
+        cls,
+        *,
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variants = await SharedManager.alist(
+            app_id=app_id,
+            app_slug=app_slug,
+        )
+        return variants
+
+    @classmethod
+    def history(
+        cls,
+        *,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variants = SharedManager.history(
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        return variants
+
+    @classmethod
+    async def ahistory(
+        cls,
+        *,
+        variant_slug: str,
+        #
+        app_id: Optional[str] = None,
+        app_slug: Optional[str] = None,
+    ):
+        variants = await SharedManager.ahistory(
+            app_id=app_id,
+            app_slug=app_slug,
+            variant_slug=variant_slug,
+        )
+        return variants

agenta/sdk/managers/vault.py

@@ -0,0 +1,16 @@
+from typing import Optional, Dict, Any
+
+from agenta.sdk.context.routing import routing_context
+
+
+class VaultManager:
+    @staticmethod
+    def get_from_route() -> Optional[Dict[str, Any]]:
+        context = routing_context.get()
+
+        secrets = context.secrets
+
+        if not secrets:
+            return None
+
+        return secrets

agenta/sdk/middleware/auth.py

@@ -0,0 +1,180 @@
+from typing import Callable, Optional
+
+from os import getenv
+from json import dumps
+
+import httpx
+from starlette.middleware.base import BaseHTTPMiddleware
+from fastapi import FastAPI, Request
+from fastapi.responses import JSONResponse
+
+from agenta.sdk.middleware.cache import TTLLRUCache, CACHE_CAPACITY, CACHE_TTL
+from agenta.sdk.utils.constants import TRUTHY
+from agenta.sdk.utils.exceptions import display_exception
+
+import agenta as ag
+
+
+_SHARED_SERVICE = getenv("AGENTA_SHARED_SERVICE", "false").lower() in TRUTHY
+_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "true").lower() in TRUTHY
+_UNAUTHORIZED_ALLOWED = (
+    getenv("AGENTA_UNAUTHORIZED_EXECUTION_ALLOWED", "false").lower() in TRUTHY
+)
+_ALWAYS_ALLOW_LIST = ["/health"]
+
+_cache = TTLLRUCache(capacity=CACHE_CAPACITY, ttl=CACHE_TTL)
+
+
+class DenyResponse(JSONResponse):
+    def __init__(
+        self,
+        status_code: int = 401,
+        detail: str = "Unauthorized",
+    ) -> None:
+        super().__init__(
+            status_code=status_code,
+            content={"detail": detail},
+        )
+
+
+class DenyException(Exception):
+    def __init__(
+        self,
+        status_code: int = 401,
+        content: str = "Unauthorized",
+    ) -> None:
+        super().__init__()
+
+        self.status_code = status_code
+        self.content = content
+
+
+class AuthMiddleware(BaseHTTPMiddleware):
+    def __init__(self, app: FastAPI):
+        super().__init__(app)
+
+        self.host = ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.host
+        self.resource_id = (
+            ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.service_id
+            if not _SHARED_SERVICE
+            else None
+        )
+
+    async def dispatch(self, request: Request, call_next: Callable):
+        try:
+            if _UNAUTHORIZED_ALLOWED or request.url.path in _ALWAYS_ALLOW_LIST:
+                request.state.auth = {}
+
+            else:
+                credentials = await self._get_credentials(request)
+
+                request.state.auth = {"credentials": credentials}
+
+            return await call_next(request)
+
+        except DenyException as deny:
+            display_exception("Auth Middleware Exception")
+
+            return DenyResponse(
+                status_code=deny.status_code,
+                detail=deny.content,
+            )
+
+        except:  # pylint: disable=bare-except
+            display_exception("Auth Middleware Exception")
+
+            return DenyResponse(
+                status_code=500,
+                detail="Auth: Unexpected Error.",
+            )
+
+    async def _get_credentials(self, request: Request) -> Optional[str]:
+        try:
+            authorization = request.headers.get("authorization", None)
+
+            headers = {"Authorization": authorization} if authorization else None
+
+            access_token = request.cookies.get("sAccessToken", None)
+
+            cookies = {"sAccessToken": access_token} if access_token else None
+
+            baggage = request.state.otel.get("baggage") if request.state.otel else {}
+
+            project_id = (
+                # CLEANEST
+                baggage.get("project_id")
+                # ALTERNATIVE
+                or request.query_params.get("project_id")
+            )
+
+            params = {"action": "run_service", "resource_type": "service"}
+
+            if self.resource_id:
+                params["resource_id"] = self.resource_id
+
+            if project_id:
+                params["project_id"] = project_id
+
+            _hash = dumps(
+                {
+                    "headers": headers,
+                    "cookies": cookies,
+                    "params": params,
+                },
+                sort_keys=True,
+            )
+
+            if _CACHE_ENABLED:
+                credentials = _cache.get(_hash)
+
+                if credentials:
+                    return credentials
+
+            async with httpx.AsyncClient() as client:
+                response = await client.get(
+                    f"{self.host}/api/permissions/verify",
+                    headers=headers,
+                    cookies=cookies,
+                    params=params,
+                )
+
+                if response.status_code == 401:
+                    raise DenyException(
+                        status_code=401,
+                        content="Invalid credentials",
+                    )
+                elif response.status_code == 403:
+                    raise DenyException(
+                        status_code=403,
+                        content="Service execution not allowed.",
+                    )
+                elif response.status_code != 200:
+                    raise DenyException(
+                        status_code=400,
+                        content="Auth: Unexpected Error.",
+                    )
+
+                auth = response.json()
+
+                if auth.get("effect") != "allow":
+                    raise DenyException(
+                        status_code=403,
+                        content="Service execution not allowed.",
+                    )
+
+                credentials = auth.get("credentials")
+
+                _cache.put(_hash, credentials)
+
+                return credentials
+
+        except DenyException as deny:
+            raise deny
+
+        except Exception as exc:  # pylint: disable=bare-except
+            display_exception("Auth Middleware Exception (suppressed)")
+
+            raise DenyException(
+                status_code=500,
+                content="Auth: Unexpected Error.",
+            ) from exc

agenta/sdk/middleware/cache.py

@@ -0,0 +1,47 @@
+from os import getenv
+from time import time
+from collections import OrderedDict
+
+CACHE_CAPACITY = int(getenv("AGENTA_MIDDLEWARE_CACHE_CAPACITY", "512"))
+CACHE_TTL = int(getenv("AGENTA_MIDDLEWARE_CACHE_TTL", str(5 * 60)))  # 5 minutes
+
+
+class TTLLRUCache:
+    def __init__(self, capacity: int, ttl: int):
+        self.cache = OrderedDict()
+        self.capacity = capacity
+        self.ttl = ttl
+
+    def get(self, key):
+        # CACHE
+        if key not in self.cache:
+            return None
+
+        value, expiry = self.cache[key]
+        # -----
+
+        # TTL
+        if time() > expiry:
+            del self.cache[key]
+
+            return None
+        # ---
+
+        # LRU
+        self.cache.move_to_end(key)
+        # ---
+
+        return value
+
+    def put(self, key, value):
+        # CACHE
+        if key in self.cache:
+            del self.cache[key]
+        # CACHE & LRU
+        elif len(self.cache) >= self.capacity:
+            self.cache.popitem(last=False)
+        # -----------
+
+        # TTL
+        self.cache[key] = (value, time() + self.ttl)
+        # ---

agenta/sdk/middleware/config.py

@@ -0,0 +1,255 @@
+from typing import Callable, Optional, Tuple, Dict
+
+from os import getenv
+from json import dumps
+
+from pydantic import BaseModel
+
+from starlette.middleware.base import BaseHTTPMiddleware
+from fastapi import Request, FastAPI
+
+import httpx
+
+from agenta.sdk.middleware.cache import TTLLRUCache, CACHE_CAPACITY, CACHE_TTL
+from agenta.sdk.utils.constants import TRUTHY
+from agenta.sdk.utils.exceptions import suppress
+
+import agenta as ag
+
+
+_CACHE_ENABLED = getenv("AGENTA_MIDDLEWARE_CACHE_ENABLED", "true").lower() in TRUTHY
+
+_cache = TTLLRUCache(capacity=CACHE_CAPACITY, ttl=CACHE_TTL)
+
+
+class Reference(BaseModel):
+    id: Optional[str] = None
+    slug: Optional[str] = None
+    version: Optional[str] = None
+
+
+class ConfigMiddleware(BaseHTTPMiddleware):
+    def __init__(self, app: FastAPI):
+        super().__init__(app)
+
+        self.host = ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.host
+        self.application_id = ag.DEFAULT_AGENTA_SINGLETON_INSTANCE.app_id
+
+    async def dispatch(
+        self,
+        request: Request,
+        call_next: Callable,
+    ):
+        request.state.config = {"parameters": None, "references": None}
+
+        with suppress():
+            parameters, references = await self._get_config(request)
+
+            request.state.config = {
+                "parameters": parameters,
+                "references": references,
+            }
+
+        return await call_next(request)
+
+    # @atimeit
+    async def _get_config(self, request: Request) -> Optional[Tuple[Dict, Dict]]:
+        credentials = request.state.auth.get("credentials")
+
+        headers = None
+        if credentials:
+            headers = {"Authorization": credentials}
+
+        application_ref = await self._parse_application_ref(request)
+        variant_ref = await self._parse_variant_ref(request)
+        environment_ref = await self._parse_environment_ref(request)
+
+        refs = {}
+        if application_ref:
+            refs["application_ref"] = application_ref.model_dump()
+        if variant_ref:
+            refs["variant_ref"] = variant_ref.model_dump()
+        if environment_ref:
+            refs["environment_ref"] = environment_ref.model_dump()
+
+        if not refs:
+            return None, None
+
+        _hash = dumps(
+            {
+                "headers": headers,
+                "refs": refs,
+            },
+            sort_keys=True,
+        )
+
+        if _CACHE_ENABLED:
+            config_cache = _cache.get(_hash)
+
+            if config_cache:
+                parameters = config_cache.get("parameters")
+                references = config_cache.get("references")
+
+                return parameters, references
+
+        config = None
+        async with httpx.AsyncClient() as client:
+            response = await client.post(
+                f"{self.host}/api/variants/configs/fetch",
+                headers=headers,
+                json=refs,
+            )
+
+            if response.status_code != 200:
+                return None, None
+
+            config = response.json()
+
+        if not config:
+            _cache.put(_hash, {"parameters": None, "references": None})
+
+            return None, None
+
+        parameters = config.get("params")
+
+        references = {}
+
+        for ref_key in ["application_ref", "variant_ref", "environment_ref"]:
+            refs = config.get(ref_key)
+            if refs:
+                ref_prefix = ref_key.split("_", maxsplit=1)[0]
+
+                for ref_part_key in ["id", "slug", "version"]:
+                    ref_part = refs.get(ref_part_key)
+
+                    if ref_part:
+                        references[ref_prefix + "." + ref_part_key] = ref_part
+
+        _cache.put(_hash, {"parameters": parameters, "references": references})
+
+        return parameters, references
+
+    async def _parse_application_ref(
+        self,
+        request: Request,
+    ) -> Optional[Reference]:
+        baggage = request.state.otel.get("baggage") if request.state.otel else {}
+
+        body = {}
+        try:
+            body = await request.json()
+        except:  # pylint: disable=bare-except
+            pass
+
+        application_id = (
+            # CLEANEST
+            baggage.get("application_id")
+            # ALTERNATIVE
+            or request.query_params.get("application_id")
+            # LEGACY
+            or request.query_params.get("app_id")
+            or self.application_id
+        )
+        application_slug = (
+            # CLEANEST
+            baggage.get("application_slug")
+            # ALTERNATIVE
+            or request.query_params.get("application_slug")
+            # LEGACY
+            or request.query_params.get("app_slug")
+            or body.get("app")
+        )
+
+        if not any([application_id, application_slug]):
+            return None
+
+        return Reference(
+            id=application_id,
+            slug=application_slug,
+        )
+
+    async def _parse_variant_ref(
+        self,
+        request: Request,
+    ) -> Optional[Reference]:
+        baggage = request.state.otel.get("baggage") if request.state.otel else {}
+
+        body = {}
+        try:
+            body = await request.json()
+        except:  # pylint: disable=bare-except
+            pass
+
+        variant_id = (
+            # CLEANEST
+            baggage.get("variant_id")
+            # ALTERNATIVE
+            or request.query_params.get("variant_id")
+        )
+        variant_slug = (
+            # CLEANEST
+            baggage.get("variant_slug")
+            # ALTERNATIVE
+            or request.query_params.get("variant_slug")
+            # LEGACY
+            or request.query_params.get("config")
+            or body.get("config")
+        )
+        variant_version = (
+            # CLEANEST
+            baggage.get("variant_version")
+            # ALTERNATIVE
+            or request.query_params.get("variant_version")
+        )
+
+        if not any([variant_id, variant_slug, variant_version]):
+            return None
+
+        return Reference(
+            id=variant_id,
+            slug=variant_slug,
+            version=variant_version,
+        )
+
+    async def _parse_environment_ref(
+        self,
+        request: Request,
+    ) -> Optional[Reference]:
+        baggage = request.state.otel.get("baggage") if request.state.otel else {}
+
+        body = {}
+        try:
+            body = await request.json()
+        except:  # pylint: disable=bare-except
+            pass
+
+        environment_id = (
+            # CLEANEST
+            baggage.get("environment_id")
+            # ALTERNATIVE
+            or request.query_params.get("environment_id")
+        )
+        environment_slug = (
+            # CLEANEST
+            baggage.get("environment_slug")
+            # ALTERNATIVE
+            or request.query_params.get("environment_slug")
+            # LEGACY
+            or request.query_params.get("environment")
+            or body.get("environment")
+        )
+        environment_version = (
+            # CLEANEST
+            baggage.get("environment_version")
+            # ALTERNATIVE
+            or request.query_params.get("environment_version")
+        )
+
+        if not any([environment_id, environment_slug, environment_version]):
+            return None
+
+        return Reference(
+            id=environment_id,
+            slug=environment_slug,
+            version=environment_version,
+        )

agenta/sdk/middleware/cors.py

@@ -0,0 +1,29 @@
+from os import getenv
+
+from starlette.types import ASGIApp, Receive, Scope, Send
+from fastapi.middleware.cors import CORSMiddleware as _CORSMiddleware
+
+_TRUTHY = {"true", "1", "t", "y", "yes", "on", "enable", "enabled"}
+_USE_CORS = getenv("AGENTA_USE_CORS", "enable").lower() in _TRUTHY
+
+
+class CORSMiddleware(_CORSMiddleware):
+    def __init__(self, app: ASGIApp):
+        self.app = app
+
+        if _USE_CORS:
+            super().__init__(
+                app=app,
+                allow_origins=["*"],
+                allow_methods=["*"],
+                allow_headers=["*"],
+                allow_credentials=True,
+                expose_headers=None,
+                max_age=None,
+            )
+
+    async def __call__(self, scope: Scope, receive: Receive, send: Send) -> None:
+        if _USE_CORS:
+            return await super().__call__(scope, receive, send)
+
+        return await self.app(scope, receive, send)