PyPI - dh-cli - Versions diffs - 0.3.1__tar.gz → 0.4.0__tar.gz - Mend

dh-cli 0.3.1tar.gz → 0.4.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

{dh_cli-0.3.1 → dh_cli-0.4.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: dh-cli
-Version: 0.3.1
+Version: 0.4.0
 Summary: Dayhoff Labs developer CLI
 Author-email: Dayhoff Labs <dev@dayhofflabs.com>
 License: # PolyForm Noncommercial License 1.0.0

{dh_cli-0.3.1 → dh_cli-0.4.0}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
 [project]
 name = "dh-cli"
-version = "0.3.1"
+version = "0.4.0"
 description = "Dayhoff Labs developer CLI"
 requires-python = ">=3.11"
 readme = "README.md"

{dh_cli-0.3.1 → dh_cli-0.4.0}/src/dh_cli/batch/commands/finalize.py RENAMED Viewed

@@ -489,10 +489,11 @@ def _finalize_protmpnn(output_dir: Path, output_path: Path):
     pdbs_dest.mkdir(exist_ok=True)
     for config_dir in output_dir.iterdir():
         if config_dir.is_dir():
-            config_pdbs = config_dir / "pdbs"
-            if config_pdbs.exists():
-                for pdb_file in config_pdbs.glob("*.pdb"):
-                    shutil.copy2(pdb_file, pdbs_dest / pdb_file.name)
+            for subdir_name in ("pdbs", "backbones"):
+                config_pdbs = config_dir / subdir_name
+                if config_pdbs.exists():
+                    for pdb_file in config_pdbs.glob("*.pdb"):
+                        shutil.copy2(pdb_file, pdbs_dest / pdb_file.name)
     top_conf = merged.iloc[0]["overall_confidence"] if num_variants > 0 else "N/A"

{dh_cli-0.3.1 → dh_cli-0.4.0}/src/dh_cli/batch/commands/protmpnn.py RENAMED Viewed

@@ -7,8 +7,8 @@ from pathlib import Path
 import click
-from ..aws_batch import BatchClient, BatchError
-from ..job_id import generate_job_id
+from ..aws_batch import BatchClient, BatchError, resolve_dependency
+from ..job_id import generate_job_id, get_aws_username
 from ..manifest import (
     BATCH_JOBS_BASE,
     BatchConfig,
@@ -63,7 +63,14 @@ DEFAULT_IMAGE_URI = (
     help="Drop into container shell for debugging",
 )
 @click.option("--base-path", default=BATCH_JOBS_BASE, help="Base path for job data")
-def protmpnn(input_dir, workers, queue, dry_run, run_local, run_remote, run_shell, base_path):
+@click.option("--after", "after", multiple=True, help="Job ID(s) to wait for before starting")
+@click.option(
+    "--auto-validate-top",
+    type=int,
+    default=None,
+    help="Auto-submit Boltz validation for top N variants after completion",
+)
+def protmpnn(input_dir, workers, queue, dry_run, run_local, run_remote, run_shell, base_path, after, auto_validate_top):
     """Design protein sequences with ProtMPNN/LigandMPNN.
     Processes a directory of YAML config files, each specifying a PDB
@@ -106,17 +113,17 @@ def protmpnn(input_dir, workers, queue, dry_run, run_local, run_remote, run_shel
         return
     if run_local:
-        _run_local_mode(input_path)
+        _run_local_mode(input_path, auto_validate_top, base_path)
         return
     # Auto-detect GPU for smart defaulting
     if not run_remote and not dry_run:
         if _has_local_gpu():
             click.echo("GPU detected — running locally (use --remote to override)")
-            _run_local_mode(input_path)
+            _run_local_mode(input_path, auto_validate_top, base_path)
             return
-    _submit_batch_job(input_path, workers, queue, dry_run, base_path)
+    _submit_batch_job(input_path, workers, queue, dry_run, base_path, after, auto_validate_top)
 def _has_local_gpu() -> bool:
@@ -161,6 +168,8 @@ def _submit_batch_job(
     queue: str,
     dry_run: bool,
     base_path: str,
+    after: tuple[str, ...] = (),
+    auto_validate_top: int | None = None,
 ):
     """Submit ProtMPNN job to AWS Batch."""
     click.echo(f"Scanning {input_path} for YAML files...")
@@ -228,11 +237,15 @@ def _submit_batch_job(
             destination=None,
             finalized=False,
         ),
+        depends_on=list(after) if after else None,
     )
     save_manifest(manifest, base_path)
     try:
+        resolved = [resolve_dependency(jid, base_path) for jid in after]
+        depends_on = [{"jobId": aws_id} for aws_id in resolved if aws_id is not None] or None
         client = BatchClient()
         environment = {
@@ -250,6 +263,8 @@ def _submit_batch_job(
             environment=environment,
             timeout_seconds=1 * 3600,  # 1 hour
             retry_attempts=5,
+            depends_on=depends_on,
+            share_identifier=get_aws_username(),
         )
         manifest.status = JobStatus.SUBMITTED
@@ -260,6 +275,8 @@ def _submit_batch_job(
         click.echo(click.style("Job submitted successfully!", fg="green"))
         click.echo()
         click.echo(f"AWS Batch Job ID: {batch_job_id}")
+        if depends_on:
+            click.echo(f"Waiting on:       {', '.join(after)}")
         click.echo()
         click.echo("Next steps:")
         click.echo(f"  Check status:  dh batch status {job_id}")
@@ -271,6 +288,11 @@ def _submit_batch_job(
             f"  Finalize:      dh batch finalize {job_id} --output ./results/"
         )
+        if auto_validate_top:
+            _submit_boltz_validation(
+                job_id, batch_job_id, job_dir, auto_validate_top, base_path
+            )
     except BatchError as e:
         manifest.status = JobStatus.FAILED
         manifest.error_message = str(e)
@@ -279,7 +301,7 @@ def _submit_batch_job(
         raise SystemExit(1)
-def _run_local_mode(input_path: Path):
+def _run_local_mode(input_path: Path, auto_validate_top: int | None = None, base_path: str = BATCH_JOBS_BASE):
     """Run ProtMPNN locally in a Docker container."""
     import subprocess
@@ -360,6 +382,11 @@ def _run_local_mode(input_path: Path):
             click.echo(click.style("Design complete!", fg="green"))
             click.echo(f"Results: {temp_output_dir / 'results.csv'}")
             click.echo(f"  {len(merged)} variants generated")
+            if auto_validate_top:
+                _run_local_boltz_validation(
+                    temp_output_dir, input_path, auto_validate_top
+                )
         else:
             click.echo(click.style("Warning: No results CSV found", fg="yellow"))
@@ -416,3 +443,101 @@ def _run_shell_mode(input_path: Path):
             err=True,
         )
         raise SystemExit(1)
+def _convert_to_boltz(results_dir: Path, config_dir: Path, top_n: int) -> Path:
+    """Run protmpnn-to-boltz conversion, return the output directory."""
+    from .protmpnn_to_boltz import (
+        _build_boltz_yaml,
+        _load_ligand_smiles,
+        _write_pymol_script,
+    )
+    import pandas as pd
+    import yaml
+    csv_path = results_dir / "results.csv"
+    if not csv_path.exists():
+        worker_csvs = sorted(results_dir.glob("results_worker_*.csv"))
+        if not worker_csvs:
+            raise FileNotFoundError(f"No results CSV in {results_dir}")
+        dfs = [pd.read_csv(f) for f in worker_csvs]
+        df = pd.concat(dfs, ignore_index=True).sort_values(
+            "overall_confidence", ascending=False
+        )
+    else:
+        df = pd.read_csv(csv_path)
+    top_n = min(top_n, len(df))
+    top_variants = df.head(top_n)
+    ligand_map = _load_ligand_smiles(str(config_dir), results_dir)
+    boltz_dir = results_dir.parent / "boltz_input"
+    boltz_dir.mkdir(parents=True, exist_ok=True)
+    generated = []
+    for _idx, row in top_variants.iterrows():
+        config_name = row.get("config_name", "unknown")
+        variant_id = int(row.get("variant_id", _idx))
+        sequence = row["sequence"]
+        confidence = row.get("overall_confidence", float("nan"))
+        boltz_yaml = _build_boltz_yaml(
+            sequence=sequence,
+            config_name=config_name,
+            variant_id=variant_id,
+            ligand_smiles=ligand_map.get(config_name),
+        )
+        filename = f"{config_name}_var{variant_id:03d}.yaml"
+        with open(boltz_dir / filename, "w") as f:
+            yaml.dump(boltz_yaml, f, default_flow_style=False, sort_keys=False)
+        generated.append((filename, confidence))
+    _write_pymol_script(boltz_dir, results_dir, generated, ligand_map)
+    return boltz_dir
+def _run_local_boltz_validation(
+    results_dir: Path, original_input_path: Path, top_n: int
+):
+    """Convert top variants to Boltz YAMLs and run Boltz locally."""
+    click.echo()
+    click.echo(f"Auto-validating top {top_n} variants with Boltz...")
+    boltz_dir = _convert_to_boltz(results_dir, original_input_path, top_n)
+    num_yamls = len(list(boltz_dir.glob("*.yaml")))
+    click.echo(f"Generated {num_yamls} Boltz configs at {boltz_dir}/")
+    click.echo()
+    from .boltz import _run_local_mode as boltz_local
+    boltz_local(boltz_dir)
+def _submit_boltz_validation(
+    protmpnn_job_id: str,
+    protmpnn_aws_job_id: str,
+    job_dir: Path,
+    top_n: int,
+    base_path: str,
+):
+    """Pre-register a dependent Boltz Batch job that runs after ProtMPNN completes.
+    The ProtMPNN worker writes results to job_dir/output/. The Boltz conversion
+    happens at finalize time — we set up a post-finalize hook via an environment
+    variable that tells the ProtMPNN finalizer to convert and submit Boltz.
+    """
+    click.echo()
+    click.echo(
+        f"Boltz validation for top {top_n} will run after ProtMPNN finalize."
+    )
+    click.echo(
+        "After ProtMPNN completes, finalize will auto-convert and submit Boltz:"
+    )
+    click.echo(f"  dh batch finalize {protmpnn_job_id} --auto-validate-top {top_n}")
+    click.echo()
+    click.echo(
+        "Or manually: dh batch protmpnn-to-boltz <results_dir> --top "
+        f"{top_n} && dh batch boltz <boltz_dir>"
+    )

dh_cli-0.4.0/src/dh_cli/hz/__init__.py ADDED Viewed

@@ -0,0 +1,67 @@
+"""dh hz — Horizyn API management commands."""
+import os
+from pathlib import Path
+import typer
+hz_app = typer.Typer(
+    help="Manage Horizyn API: users, deployments, local servers, and tests.",
+    context_settings={"help_option_names": ["-h", "--help"]},
+)
+def _find_workspace_root() -> Path:
+    root = os.environ.get("WORKSPACE_ROOT")
+    if root:
+        p = Path(root)
+        if p.is_dir():
+            return p
+    for child in Path("/workspaces").iterdir():
+        if child.is_dir() and not child.name.startswith("."):
+            return child
+    typer.echo("Cannot determine workspace root. Set $WORKSPACE_ROOT.", err=True)
+    raise typer.Exit(1)
+def require_repo(name: str) -> Path:
+    """Return the path to a cloned repo, or exit with a helpful error."""
+    root = _find_workspace_root()
+    repo = root / name
+    if not repo.is_dir():
+        typer.echo(
+            f"Repository '{name}' not found at {repo}.\n"
+            f"Clone it with: dc clone {name}",
+            err=True,
+        )
+        raise typer.Exit(1)
+    return repo
+def run_script(script: Path, args: list[str] | None = None, cwd: Path | None = None) -> None:
+    """Run a shell script, streaming output. Exit on failure."""
+    import subprocess
+    if not script.exists():
+        typer.echo(f"Script not found: {script}", err=True)
+        raise typer.Exit(1)
+    cmd = ["bash", str(script)] + (args or [])
+    result = subprocess.run(cmd, cwd=cwd)
+    if result.returncode != 0:
+        raise typer.Exit(result.returncode)
+from dh_cli.hz.users import users_app  # noqa: E402
+from dh_cli.hz.deploy import deploy_app  # noqa: E402
+from dh_cli.hz.local import local_app  # noqa: E402
+from dh_cli.hz.test import test_app  # noqa: E402
+from dh_cli.hz.tf import tf_app  # noqa: E402
+hz_app.add_typer(users_app, name="users", help="Manage authorized users and tiers.")
+hz_app.add_typer(deploy_app, name="deploy", help="Deploy API, docking, or frontend.")
+hz_app.add_typer(local_app, name="local", help="Run local development servers.")
+hz_app.add_typer(test_app, name="test", help="Run integration test suites.")
+hz_app.add_typer(tf_app, name="tf", help="Terraform apply for Horizyn infrastructure.")

dh_cli-0.4.0/src/dh_cli/hz/deploy.py ADDED Viewed

@@ -0,0 +1,37 @@
+"""Deploy API server, docking service, or frontend."""
+import typer
+from dh_cli.hz import require_repo, run_script
+deploy_app = typer.Typer(context_settings={"help_option_names": ["-h", "--help"]})
+@deploy_app.command("api")
+def deploy_api(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+):
+    """Build and deploy the Horizyn API server."""
+    repo = require_repo("horizyn-api")
+    script = repo / f"server/build-and-push-{env}.sh"
+    run_script(script, cwd=repo)
+@deploy_app.command("docking")
+def deploy_docking(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+):
+    """Build and deploy the docking service."""
+    repo = require_repo("horizyn-api")
+    script = repo / f"docking_service/build-and-push-{env}.sh"
+    run_script(script, cwd=repo)
+@deploy_app.command("frontend")
+def deploy_frontend(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+):
+    """Build and deploy the Horizyn frontend."""
+    repo = require_repo("horizyn-frontend")
+    script = repo / "scripts/deploy.sh"
+    run_script(script, args=[env], cwd=repo)

dh_cli-0.4.0/src/dh_cli/hz/local.py ADDED Viewed

@@ -0,0 +1,21 @@
+"""Run local development servers."""
+import typer
+from dh_cli.hz import require_repo, run_script
+local_app = typer.Typer(context_settings={"help_option_names": ["-h", "--help"]})
+@local_app.command("api")
+def local_api():
+    """Start the local Horizyn API server in Docker."""
+    repo = require_repo("horizyn-api")
+    run_script(repo / "server/run_local_server.sh", cwd=repo)
+@local_app.command("docking")
+def local_docking():
+    """Start the local docking service in Docker."""
+    repo = require_repo("horizyn-api")
+    run_script(repo / "docking_service/run_local_server.sh", cwd=repo)

dh_cli-0.4.0/src/dh_cli/hz/test.py ADDED Viewed

@@ -0,0 +1,111 @@
+"""Run integration test suites."""
+import re
+from pathlib import Path
+from typing import Optional
+import typer
+from dh_cli.hz import require_repo, run_script
+test_app = typer.Typer(context_settings={"help_option_names": ["-h", "--help"]})
+def _discover_suites(test_dir: Path) -> list[tuple[int, str, Path]]:
+    """Return sorted list of (number, name, path) for numbered test scripts."""
+    suites = []
+    for f in test_dir.glob("*.sh"):
+        m = re.match(r"^(\d+)_(.+)\.sh$", f.name)
+        if m:
+            suites.append((int(m.group(1)), m.group(2), f))
+    return sorted(suites, key=lambda t: t[0])
+def _resolve_suites(
+    available: list[tuple[int, str, Path]], selectors: list[str]
+) -> list[tuple[int, str, Path]]:
+    """Match selectors (numbers or name substrings) to available suites."""
+    matched = []
+    for sel in selectors:
+        sel = sel.strip()
+        found = False
+        if sel.isdigit():
+            num = int(sel)
+            for suite in available:
+                if suite[0] == num:
+                    matched.append(suite)
+                    found = True
+                    break
+        if not found:
+            for suite in available:
+                if sel.lower() in suite[1].lower():
+                    matched.append(suite)
+                    found = True
+                    break
+        if not found:
+            typer.echo(f"No suite matching '{sel}'.", err=True)
+            raise typer.Exit(1)
+    return matched
+@test_app.command("list")
+def list_tests(
+    target: str = typer.Option("local", "--target", "-t", help="local or deployed."),
+):
+    """Show available test suites."""
+    repo = require_repo("horizyn-api")
+    test_dir = repo / f"test/server/{target}"
+    if not test_dir.is_dir():
+        typer.echo(f"Test directory not found: {test_dir}", err=True)
+        raise typer.Exit(1)
+    suites = _discover_suites(test_dir)
+    typer.echo(f"\n  {target} test suites:\n")
+    for num, name, path in suites:
+        typer.echo(f"  {num:3d}  {name}")
+    typer.echo()
+@test_app.command("local")
+def test_local(
+    suites: Optional[list[str]] = typer.Argument(None, help="Suite numbers or names. Omit to run all."),
+):
+    """Run local integration tests."""
+    repo = require_repo("horizyn-api")
+    test_dir = repo / "test/server/local"
+    if not suites:
+        run_script(test_dir / "run_all_tests.sh", cwd=test_dir)
+        return
+    available = _discover_suites(test_dir)
+    selected = _resolve_suites(available, suites)
+    for num, name, path in selected:
+        typer.echo(f"\n{'='*60}")
+        typer.echo(f"  Running: {num}_{name}")
+        typer.echo(f"{'='*60}\n")
+        run_script(path, cwd=test_dir)
+@test_app.command("deployed")
+def test_deployed(
+    suites: Optional[list[str]] = typer.Argument(None, help="Suite numbers or names. Omit to run all."),
+    env: str = typer.Option("dev", "--env", "-e", help="Environment: dev or prod."),
+):
+    """Run deployed integration tests."""
+    repo = require_repo("horizyn-api")
+    test_dir = repo / "test/server/deployed"
+    if not suites:
+        run_script(test_dir / "run_all_tests.sh", args=[env], cwd=test_dir)
+        return
+    available = _discover_suites(test_dir)
+    selected = _resolve_suites(available, suites)
+    for num, name, path in selected:
+        typer.echo(f"\n{'='*60}")
+        typer.echo(f"  Running: {num}_{name}")
+        typer.echo(f"{'='*60}\n")
+        run_script(path, args=[env], cwd=test_dir)

dh_cli-0.4.0/src/dh_cli/hz/tf.py ADDED Viewed

@@ -0,0 +1,53 @@
+"""Terraform deployments for Horizyn infrastructure."""
+import typer
+from dh_cli.hz import require_repo, run_script
+tf_app = typer.Typer(context_settings={"help_option_names": ["-h", "--help"]})
+TF_MODULES = {
+    ("api", "dev"): "terraform/environments/dev/horizyn_api/api",
+    ("api", "prod"): "terraform/environments/dev/horizyn_api_prod",
+    ("frontend", "dev"): "terraform/environments/dev/horizyn_frontend",
+    ("frontend", "prod"): "terraform/environments/dev/horizyn_frontend_prod",
+    ("docking", "dev"): "terraform/environments/dev/boltz_docking/service",
+    ("docking", "prod"): "terraform/environments/dev/boltz_docking_prod/service",
+}
+def _run_tf(target: str, env: str, action: str) -> None:
+    repo = require_repo("blueprints")
+    module_path = TF_MODULES.get((target, env))
+    if not module_path:
+        typer.echo(f"Unknown combination: {target} / {env}", err=True)
+        raise typer.Exit(1)
+    script = repo / "scripts/terraform-deploy"
+    run_script(script, args=[module_path, action], cwd=repo)
+@tf_app.command("api")
+def tf_api(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+    yolo: bool = typer.Option(False, "--yolo", help="Auto-approve (no confirmation prompt)."),
+):
+    """Terraform apply for the Horizyn API server."""
+    _run_tf("api", env, "yolo" if yolo else "plan")
+@tf_app.command("frontend")
+def tf_frontend(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+    yolo: bool = typer.Option(False, "--yolo", help="Auto-approve (no confirmation prompt)."),
+):
+    """Terraform apply for the Horizyn frontend."""
+    _run_tf("frontend", env, "yolo" if yolo else "plan")
+@tf_app.command("docking")
+def tf_docking(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+    yolo: bool = typer.Option(False, "--yolo", help="Auto-approve (no confirmation prompt)."),
+):
+    """Terraform apply for the Boltz docking service."""
+    _run_tf("docking", env, "yolo" if yolo else "plan")

dh_cli-0.4.0/src/dh_cli/hz/users.py ADDED Viewed

@@ -0,0 +1,135 @@
+"""User management via SSM parameters."""
+import typer
+users_app = typer.Typer(context_settings={"help_option_names": ["-h", "--help"]})
+SSM_PARAMS = {
+    "allowed_emails": "/horizyn/{env}/auth/allowed_emails",
+    "allowed_domains": "/horizyn/{env}/auth/allowed_domains",
+    "admin_domains": "/horizyn/{env}/auth/admin_domains",
+    "admin_emails": "/horizyn/{env}/auth/admin_emails",
+    "alpha_emails": "/horizyn/{env}/auth/alpha_emails",
+}
+def _ssm_client():
+    import boto3
+    return boto3.client("ssm", region_name="us-east-1")
+def _get_param(ssm, name: str) -> str:
+    try:
+        resp = ssm.get_parameter(Name=name)
+        return resp["Parameter"]["Value"]
+    except ssm.exceptions.ParameterNotFound:
+        return ""
+def _put_param(ssm, name: str, value: str) -> None:
+    ssm.put_parameter(Name=name, Value=value, Type="String", Overwrite=True)
+    typer.echo(f"Updated {name}")
+def _parse_csv(raw: str) -> set[str]:
+    return {e.strip().lower() for e in raw.split(",") if e.strip()}
+def _format_csv(emails: set[str]) -> str:
+    return ",".join(sorted(emails))
+@users_app.command("list")
+def list_users(
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+):
+    """Show all authorized users and their tiers."""
+    ssm = _ssm_client()
+    admin_domains = _parse_csv(_get_param(ssm, SSM_PARAMS["admin_domains"].format(env=env)))
+    admin_emails = _parse_csv(_get_param(ssm, SSM_PARAMS["admin_emails"].format(env=env)))
+    alpha_emails = _parse_csv(_get_param(ssm, SSM_PARAMS["alpha_emails"].format(env=env)))
+    allowed_domains = _parse_csv(_get_param(ssm, SSM_PARAMS["allowed_domains"].format(env=env)))
+    allowed_emails = _parse_csv(_get_param(ssm, SSM_PARAMS["allowed_emails"].format(env=env)))
+    typer.echo(f"\n  Horizyn users ({env})\n")
+    typer.echo("  Admin domains:   " + (", ".join(sorted(admin_domains)) or "(none)"))
+    typer.echo("  Admin emails:    " + (", ".join(sorted(admin_emails)) or "(none)"))
+    typer.echo("  Alpha emails:    " + (", ".join(sorted(alpha_emails)) or "(none)"))
+    typer.echo("  Allowed domains: " + (", ".join(sorted(allowed_domains)) or "(none)"))
+    typer.echo("  Allowed emails:  " + (", ".join(sorted(allowed_emails)) or "(none)"))
+    typer.echo()
+@users_app.command("add")
+def add_user(
+    email: str = typer.Argument(help="Email address to add."),
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+    tier: str = typer.Option("beta", "--tier", "-t", help="Tier: beta or alpha."),
+):
+    """Add a user to the authorized emails list (and optionally set tier)."""
+    email = email.strip().lower()
+    ssm = _ssm_client()
+    allowed = _parse_csv(_get_param(ssm, SSM_PARAMS["allowed_emails"].format(env=env)))
+    if email in allowed:
+        typer.echo(f"{email} is already in allowed_emails for {env}.")
+    else:
+        allowed.add(email)
+        _put_param(ssm, SSM_PARAMS["allowed_emails"].format(env=env), _format_csv(allowed))
+    if tier == "alpha":
+        alphas = _parse_csv(_get_param(ssm, SSM_PARAMS["alpha_emails"].format(env=env)))
+        if email in alphas:
+            typer.echo(f"{email} is already in alpha_emails for {env}.")
+        else:
+            alphas.add(email)
+            _put_param(ssm, SSM_PARAMS["alpha_emails"].format(env=env), _format_csv(alphas))
+@users_app.command("remove")
+def remove_user(
+    email: str = typer.Argument(help="Email address to remove."),
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+):
+    """Remove a user from all email lists for the given environment."""
+    email = email.strip().lower()
+    ssm = _ssm_client()
+    for param_key in ("allowed_emails", "admin_emails", "alpha_emails"):
+        param_name = SSM_PARAMS[param_key].format(env=env)
+        current = _parse_csv(_get_param(ssm, param_name))
+        if email in current:
+            current.discard(email)
+            _put_param(ssm, param_name, _format_csv(current))
+            typer.echo(f"  Removed {email} from {param_key}")
+@users_app.command("promote")
+def promote_user(
+    email: str = typer.Argument(help="Email address to promote."),
+    tier: str = typer.Option(..., "--tier", "-t", help="Target tier: alpha."),
+    env: str = typer.Option("prod", "--env", "-e", help="Environment: prod or dev."),
+):
+    """Promote a user to a higher tier."""
+    email = email.strip().lower()
+    if tier not in ("alpha",):
+        typer.echo("Only --tier alpha is supported. Admin is domain-based.", err=True)
+        raise typer.Exit(1)
+    ssm = _ssm_client()
+    allowed = _parse_csv(_get_param(ssm, SSM_PARAMS["allowed_emails"].format(env=env)))
+    if email not in allowed:
+        typer.echo(f"{email} is not in allowed_emails for {env}. Add them first.", err=True)
+        raise typer.Exit(1)
+    alphas = _parse_csv(_get_param(ssm, SSM_PARAMS["alpha_emails"].format(env=env)))
+    if email in alphas:
+        typer.echo(f"{email} is already alpha in {env}.")
+    else:
+        alphas.add(email)
+        _put_param(ssm, SSM_PARAMS["alpha_emails"].format(env=env), _format_csv(alphas))

{dh_cli-0.3.1 → dh_cli-0.4.0}/src/dh_cli/main.py RENAMED Viewed

@@ -33,6 +33,11 @@ app.add_typer(gcp_app, name="gcp", help="Manage GCP authentication and impersona
 app.add_typer(aws_app, name="aws", help="Manage AWS SSO authentication.")
 app.add_typer(gh_app, name="gh", help="Manage GitHub authentication.")
+# Horizyn API management
+from dh_cli.hz import hz_app
+app.add_typer(hz_app, name="hz", help="Manage Horizyn API: users, deployments, tests.")
 # Engine and Studio commands (v2 - Click-based, passthrough wrapper)
 @app.command(

dh_cli-0.4.0/tests/hz/test_init.py ADDED Viewed

@@ -0,0 +1,68 @@
+"""Tests for dh hz workspace discovery and repo resolution."""
+from pathlib import Path
+from unittest.mock import patch
+import pytest
+from click.exceptions import Exit
+from dh_cli.hz import _find_workspace_root, require_repo
+class TestFindWorkspaceRoot:
+    def test_uses_workspace_root_env_var(self, tmp_path):
+        with patch.dict("os.environ", {"WORKSPACE_ROOT": str(tmp_path)}):
+            assert _find_workspace_root() == tmp_path
+    def test_falls_back_to_scanning_workspaces(self, tmp_path):
+        user_dir = tmp_path / "alice"
+        user_dir.mkdir()
+        with (
+            patch.dict("os.environ", {"WORKSPACE_ROOT": ""}),
+            patch("dh_cli.hz.Path") as mock_path,
+        ):
+            # WORKSPACE_ROOT="" → falsy, so it hits the scan branch
+            # Make Path("/workspaces") return something that iterates to user_dir
+            def path_factory(arg):
+                if arg == "/workspaces":
+                    p = Path(tmp_path)
+                    return p
+                return Path(arg)
+            mock_path.side_effect = path_factory
+            result = _find_workspace_root()
+            assert result == user_dir
+    def test_exits_when_nothing_found(self, tmp_path):
+        empty_ws = tmp_path / "empty_workspaces"
+        empty_ws.mkdir()
+        with (
+            patch.dict("os.environ", {"WORKSPACE_ROOT": ""}),
+            patch("dh_cli.hz.Path") as mock_path,
+        ):
+            def path_factory(arg):
+                if arg == "/workspaces":
+                    return Path(empty_ws)
+                return Path(arg)
+            mock_path.side_effect = path_factory
+            with pytest.raises(Exit):
+                _find_workspace_root()
+class TestRequireRepo:
+    def test_returns_repo_path(self, tmp_path):
+        repo = tmp_path / "horizyn-api"
+        repo.mkdir()
+        with patch("dh_cli.hz._find_workspace_root", return_value=tmp_path):
+            assert require_repo("horizyn-api") == repo
+    def test_exits_when_repo_missing(self, tmp_path):
+        with patch("dh_cli.hz._find_workspace_root", return_value=tmp_path):
+            with pytest.raises(Exit):
+                require_repo("horizyn-api")

dh_cli-0.4.0/tests/hz/test_suites.py ADDED Viewed

@@ -0,0 +1,102 @@
+"""Tests for dh hz test suite discovery and resolution."""
+from pathlib import Path
+import pytest
+from click.exceptions import Exit
+from dh_cli.hz.test import _discover_suites, _resolve_suites
+@pytest.fixture
+def test_dir(tmp_path):
+    """Create a fake test directory with numbered scripts."""
+    scripts = [
+        "1_fast.sh",
+        "2_full_sets.sh",
+        "3_custom_sets.sh",
+        "10_error_handling.sh",
+        "20_feature_bundle.sh",
+        "common.sh",
+        "run_all_tests.sh",
+    ]
+    for name in scripts:
+        (tmp_path / name).write_text("#!/bin/bash\necho test")
+    return tmp_path
+class TestDiscoverSuites:
+    def test_finds_numbered_scripts(self, test_dir):
+        suites = _discover_suites(test_dir)
+        numbers = [s[0] for s in suites]
+        assert numbers == [1, 2, 3, 10, 20]
+    def test_extracts_names(self, test_dir):
+        suites = _discover_suites(test_dir)
+        names = [s[1] for s in suites]
+        assert "fast" in names
+        assert "full_sets" in names
+        assert "feature_bundle" in names
+    def test_excludes_non_numbered_scripts(self, test_dir):
+        suites = _discover_suites(test_dir)
+        names = [s[1] for s in suites]
+        assert "common" not in names
+        assert "run_all_tests" not in names
+    def test_returns_correct_paths(self, test_dir):
+        suites = _discover_suites(test_dir)
+        for num, name, path in suites:
+            assert path.exists()
+            assert path.name == f"{num}_{name}.sh"
+    def test_sorted_by_number(self, test_dir):
+        suites = _discover_suites(test_dir)
+        numbers = [s[0] for s in suites]
+        assert numbers == sorted(numbers)
+    def test_empty_directory(self, tmp_path):
+        assert _discover_suites(tmp_path) == []
+class TestResolveSuites:
+    @pytest.fixture
+    def available(self, test_dir):
+        return _discover_suites(test_dir)
+    def test_resolve_by_number(self, available):
+        result = _resolve_suites(available, ["1"])
+        assert len(result) == 1
+        assert result[0][0] == 1
+    def test_resolve_multiple_numbers(self, available):
+        result = _resolve_suites(available, ["1", "3", "20"])
+        assert [s[0] for s in result] == [1, 3, 20]
+    def test_resolve_by_name(self, available):
+        result = _resolve_suites(available, ["fast"])
+        assert len(result) == 1
+        assert result[0][1] == "fast"
+    def test_resolve_by_name_substring(self, available):
+        result = _resolve_suites(available, ["error"])
+        assert len(result) == 1
+        assert result[0][1] == "error_handling"
+    def test_resolve_mixed_numbers_and_names(self, available):
+        result = _resolve_suites(available, ["1", "error"])
+        assert len(result) == 2
+        assert result[0][0] == 1
+        assert result[1][1] == "error_handling"
+    def test_unknown_selector_exits(self, available):
+        with pytest.raises(Exit):
+            _resolve_suites(available, ["999"])
+    def test_unknown_name_exits(self, available):
+        with pytest.raises(Exit):
+            _resolve_suites(available, ["nonexistent"])
+    def test_name_match_is_case_insensitive(self, available):
+        result = _resolve_suites(available, ["FAST"])
+        assert result[0][1] == "fast"

dh_cli-0.4.0/tests/hz/test_users.py ADDED Viewed

@@ -0,0 +1,208 @@
+"""Tests for dh hz users SSM management."""
+from unittest.mock import MagicMock, patch
+import pytest
+from click.exceptions import Exit
+from dh_cli.hz.users import _format_csv, _parse_csv
+class TestParseCSV:
+    def test_parses_comma_separated(self):
+        assert _parse_csv("alice@x.com,bob@y.com") == {"alice@x.com", "bob@y.com"}
+    def test_strips_whitespace(self):
+        assert _parse_csv(" alice@x.com , bob@y.com ") == {"alice@x.com", "bob@y.com"}
+    def test_lowercases(self):
+        assert _parse_csv("Alice@X.COM") == {"alice@x.com"}
+    def test_empty_string(self):
+        assert _parse_csv("") == set()
+    def test_trailing_comma(self):
+        assert _parse_csv("alice@x.com,") == {"alice@x.com"}
+    def test_deduplicates(self):
+        assert _parse_csv("a@x.com,a@x.com") == {"a@x.com"}
+class TestFormatCSV:
+    def test_sorts_alphabetically(self):
+        assert _format_csv({"bob@y.com", "alice@x.com"}) == "alice@x.com,bob@y.com"
+    def test_empty_set(self):
+        assert _format_csv(set()) == ""
+    def test_single_email(self):
+        assert _format_csv({"alice@x.com"}) == "alice@x.com"
+class TestAddUser:
+    def _make_ssm(self, params: dict[str, str]):
+        """Create a mock SSM client with given param values."""
+        ssm = MagicMock()
+        not_found = type("ParameterNotFound", (Exception,), {})
+        ssm.exceptions.ParameterNotFound = not_found
+        def get_parameter(Name):
+            if Name in params:
+                return {"Parameter": {"Value": params[Name]}}
+            raise not_found()
+        ssm.get_parameter.side_effect = get_parameter
+        def put_parameter(Name, Value, Type, Overwrite):
+            params[Name] = Value
+        ssm.put_parameter.side_effect = put_parameter
+        return ssm
+    def test_add_beta_user(self):
+        params = {"/horizyn/prod/auth/allowed_emails": "existing@x.com"}
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import add_user
+            # Invoke the typer command's underlying logic
+            ctx = MagicMock()
+            add_user("new@y.com", env="prod", tier="beta")
+        assert "new@y.com" in params["/horizyn/prod/auth/allowed_emails"]
+        assert "existing@x.com" in params["/horizyn/prod/auth/allowed_emails"]
+    def test_add_alpha_user(self):
+        params = {
+            "/horizyn/prod/auth/allowed_emails": "existing@x.com",
+            "/horizyn/prod/auth/alpha_emails": "",
+        }
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import add_user
+            add_user("new@y.com", env="prod", tier="alpha")
+        assert "new@y.com" in params["/horizyn/prod/auth/allowed_emails"]
+        assert "new@y.com" in params["/horizyn/prod/auth/alpha_emails"]
+    def test_add_existing_user_is_idempotent(self):
+        params = {"/horizyn/prod/auth/allowed_emails": "existing@x.com"}
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import add_user
+            add_user("existing@x.com", env="prod", tier="beta")
+        ssm.put_parameter.assert_not_called()
+class TestRemoveUser:
+    def _make_ssm(self, params: dict[str, str]):
+        ssm = MagicMock()
+        not_found = type("ParameterNotFound", (Exception,), {})
+        ssm.exceptions.ParameterNotFound = not_found
+        def get_parameter(Name):
+            if Name in params:
+                return {"Parameter": {"Value": params[Name]}}
+            raise not_found()
+        ssm.get_parameter.side_effect = get_parameter
+        def put_parameter(Name, Value, Type, Overwrite):
+            params[Name] = Value
+        ssm.put_parameter.side_effect = put_parameter
+        return ssm
+    def test_remove_from_all_lists(self):
+        params = {
+            "/horizyn/prod/auth/allowed_emails": "alice@x.com,bob@y.com",
+            "/horizyn/prod/auth/admin_emails": "alice@x.com",
+            "/horizyn/prod/auth/alpha_emails": "alice@x.com",
+        }
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import remove_user
+            remove_user("alice@x.com", env="prod")
+        assert "alice@x.com" not in params["/horizyn/prod/auth/allowed_emails"]
+        assert "bob@y.com" in params["/horizyn/prod/auth/allowed_emails"]
+        assert "alice@x.com" not in params["/horizyn/prod/auth/admin_emails"]
+        assert "alice@x.com" not in params["/horizyn/prod/auth/alpha_emails"]
+    def test_remove_nonexistent_user_is_noop(self):
+        params = {
+            "/horizyn/prod/auth/allowed_emails": "bob@y.com",
+            "/horizyn/prod/auth/admin_emails": "",
+            "/horizyn/prod/auth/alpha_emails": "",
+        }
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import remove_user
+            remove_user("ghost@z.com", env="prod")
+        ssm.put_parameter.assert_not_called()
+class TestPromoteUser:
+    def _make_ssm(self, params: dict[str, str]):
+        ssm = MagicMock()
+        not_found = type("ParameterNotFound", (Exception,), {})
+        ssm.exceptions.ParameterNotFound = not_found
+        def get_parameter(Name):
+            if Name in params:
+                return {"Parameter": {"Value": params[Name]}}
+            raise not_found()
+        ssm.get_parameter.side_effect = get_parameter
+        def put_parameter(Name, Value, Type, Overwrite):
+            params[Name] = Value
+        ssm.put_parameter.side_effect = put_parameter
+        return ssm
+    def test_promote_to_alpha(self):
+        params = {
+            "/horizyn/prod/auth/allowed_emails": "alice@x.com",
+            "/horizyn/prod/auth/alpha_emails": "",
+        }
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import promote_user
+            promote_user("alice@x.com", tier="alpha", env="prod")
+        assert "alice@x.com" in params["/horizyn/prod/auth/alpha_emails"]
+    def test_promote_nonexistent_user_exits(self):
+        params = {
+            "/horizyn/prod/auth/allowed_emails": "bob@y.com",
+        }
+        ssm = self._make_ssm(params)
+        with patch("dh_cli.hz.users._ssm_client", return_value=ssm):
+            from dh_cli.hz.users import promote_user
+            with pytest.raises(Exit):
+                promote_user("ghost@z.com", tier="alpha", env="prod")
+    def test_promote_invalid_tier_exits(self):
+        with pytest.raises(Exit):
+            from dh_cli.hz.users import promote_user
+            promote_user("alice@x.com", tier="superadmin", env="prod")