external-systems 0.1.0__tar.gz → 0.3.0__tar.gz

{external_systems-0.1.0 → external_systems-0.3.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: external-systems
-Version: 0.1.0
+Version: 0.3.0
 Summary: A Python library for interacting with Foundry Sources
 License: Apache-2.0
 Keywords: Palantir,Foundry,Sources,Compute Modules,Python Functions,Transforms
@@ -22,7 +22,7 @@ Description-Content-Type: text/markdown
 ![PyPI - Python Version](https://img.shields.io/pypi/pyversions/external-systems)
 [![PyPI](https://img.shields.io/pypi/v/external-systems)](https://pypi.org/project/external-systems/)
 [![License](https://img.shields.io/badge/License-Apache%202.0-lightgrey.svg)](https://opensource.org/licenses/Apache-2.0)
-
+<a href="https://autorelease.general.dmz.palantir.tech/palantir/external-systems"><img src="https://img.shields.io/badge/Perform%20an-Autorelease-success.svg" alt="Autorelease"></a>
 
 > [!WARNING]
 > This SDK is incubating and subject to change.

{external_systems-0.1.0 → external_systems-0.3.0}/README.md

@@ -2,7 +2,7 @@
 ![PyPI - Python Version](https://img.shields.io/pypi/pyversions/external-systems)
 [![PyPI](https://img.shields.io/pypi/v/external-systems)](https://pypi.org/project/external-systems/)
 [![License](https://img.shields.io/badge/License-Apache%202.0-lightgrey.svg)](https://opensource.org/licenses/Apache-2.0)
-
+<a href="https://autorelease.general.dmz.palantir.tech/palantir/external-systems"><img src="https://img.shields.io/badge/Perform%20an-Autorelease-success.svg" alt="Autorelease"></a>
 
 > [!WARNING]
 > This SDK is incubating and subject to change.

{external_systems-0.1.0 → external_systems-0.3.0}/external_systems/_version.py

@@ -16,4 +16,4 @@
 # The version is set during the publishing step (since we can't know the version in advance)
 # using the autorelease bot
 
-__version__ = "0.1.0"
+__version__ = "0.3.0"

{external_systems-0.1.0 → external_systems-0.3.0}/external_systems/sources/_sockets.py

@@ -19,6 +19,7 @@ import re
 import socket
 import ssl
 import time
+from typing import Optional
 
 import urllib3
 
@@ -30,15 +31,20 @@ NUM_RETRIES = 10
 RETRYABLE_RESPONSE_CODES = {503, 429}
 
 
-def create_socket(https_proxy_uri: str, target_host: str, target_port: int) -> socket.socket:
+def create_socket(
+    https_proxy_uri: str, target_host: str, target_port: int, custom_ca_bundle_path: Optional[str] = None
+) -> socket.socket:
     """
     Establishes a socket connection through an HTTPS proxy to a target host and port.
-    Parameters:
+
+    Args:
         https_proxy_uri (str): The URI of the HTTPS proxy, must include auth if required.
         target_host (str): The hostname of the target server to connect to.
         target_port (int): The port number of the target server to connect to.
+
     Returns:
         socket.socket: A connected SSL socket to the target host and port through the proxy.
+
     Raises:
         ValueError: If the proxy URI does not specify a hostname or port, or if the connection fails after retrying, with an invalid response code.
         RuntimeError: If there is an exception during the socket creation process.
@@ -55,7 +61,7 @@ def create_socket(https_proxy_uri: str, target_host: str, target_port: int) -> s
     last_response_code = -1
     for _ in range(NUM_RETRIES):
         try:
-            proxy_socket = _create_ssl_socket(parsed_proxy_uri.hostname, parsed_proxy_uri.port)
+            proxy_socket = _create_ssl_socket(parsed_proxy_uri.hostname, parsed_proxy_uri.port, custom_ca_bundle_path)
             proxy_socket.sendall(f"CONNECT {target_host}:{target_port} HTTP/1.1\r\n".encode())
             proxy_socket.sendall(f"Host: {target_host}:{target_port}\r\n".encode())
 
@@ -88,14 +94,16 @@ def create_socket(https_proxy_uri: str, target_host: str, target_port: int) -> s
     raise ValueError(f"Failed to establish tunnel, invalid response code: {last_response_code}")
 
 
-def _create_ssl_socket(proxy_host: str, proxy_port: int) -> socket.socket:
-    ca_bundle_path = os.environ.get("REQUESTS_CA_BUNDLE")
+def _create_ssl_socket(proxy_host: str, proxy_port: int, custom_ca_bundle_path: Optional[str] = None) -> socket.socket:
+    ca_bundle_path = (
+        custom_ca_bundle_path if custom_ca_bundle_path is not None else os.environ.get("REQUESTS_CA_BUNDLE")
+    )
     if not ca_bundle_path or not os.path.isfile(ca_bundle_path):
-        log.warning("The REQUESTS_CA_BUNDLE environment variable does not exist or is not a file.")
-        raise ValueError("REQUESTS_CA_BUNDLE does not exist")
+        log.warning("The CA_BUNDLE environment variable does not exist or is not a file.")
+        raise ValueError("CA_BUNDLE does not exist")
     if not os.access(ca_bundle_path, os.R_OK):
-        log.warning("The REQUESTS_CA_BUNDLE file is not readable.")
-        raise ValueError("REQUESTS_CA_BUNDLE is not readable")
+        log.warning("The CA_BUNDLE file is not readable.")
+        raise ValueError("CA_BUNDLE is not readable")
     context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
     context.load_verify_locations(ca_bundle_path)
     sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

{external_systems-0.1.0 → external_systems-0.3.0}/external_systems/sources/_sources.py

@@ -29,6 +29,7 @@ from ._connections import HttpsConnection
 from ._proxies import create_proxy_session
 from ._refreshable import DefaultSessionCredentialsManager, Refreshable, RefreshHandler
 from ._sockets import create_socket
+from ._utils import read_file
 
 log = logging.getLogger(__name__)
 
@@ -46,6 +47,7 @@ class Source:
         egress_proxy_token: Optional[str],
         source_configuration: Optional[Any],
         credentials_refresh_handler: Optional[RefreshHandler[SourceCredentials]] = None,
+        ca_bundle_path: Optional[str] = None,
     ):
         self._source_parameters = source_parameters
         self._on_prem_proxy_service_uris = on_prem_proxy_service_uris
@@ -53,6 +55,7 @@ class Source:
         self._source_configuration = source_configuration
         self._egress_proxy_token = egress_proxy_token
         self._credentials_refresh_handler = credentials_refresh_handler
+        self._custom_ca_bundle_path = ca_bundle_path
 
     @cached_property
     def secrets(self) -> Mapping[str, str]:
@@ -84,11 +87,17 @@ class Source:
 
         new_ca_contents = []
 
-        # If requests env var is set, add all existing CAs
-        requests_ca_bundle_path = os.environ.get("REQUESTS_CA_BUNDLE")
-        if requests_ca_bundle_path is not None:
-            with open(requests_ca_bundle_path) as requests_ca_bundle_file:
-                new_ca_contents.append(requests_ca_bundle_file.read())
+        # If a custom CA bundle path is provided, use it.
+        # Otherwise, use the requests CA bundle path if it is set.
+        ca_bundle_path = (
+            self._custom_ca_bundle_path
+            if self._custom_ca_bundle_path is not None
+            else os.environ.get("REQUESTS_CA_BUNDLE")
+        )
+
+        # Copy the CA bundle contents to the new CA bundle file.
+        if ca_bundle_path:
+            new_ca_contents.append(read_file(ca_bundle_path))
 
         # Add all CAs for the source
         for required_ca in self._source_parameters.server_certificates.values():
@@ -232,4 +241,4 @@ class Source:
         if not self._https_proxy_url:
             raise ValueError("Only usable with Agent Proxy Sources")
 
-        return create_socket(self._https_proxy_url, target_host, target_port)
+        return create_socket(self._https_proxy_url, target_host, target_port, self._custom_ca_bundle_path)

{external_systems-0.1.0 → external_systems-0.3.0}/external_systems/sources/_utils.py

@@ -23,3 +23,8 @@ def has_expiration_property(source_credentials: SourceCredentials) -> bool:
     """
 
     return hasattr(source_credentials, "expiration")
+
+
+def read_file(path: str) -> str:
+    with open(path) as file:
+        return file.read()

{external_systems-0.1.0 → external_systems-0.3.0}/pyproject.toml

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "external-systems"
-version = "0.1.0"
+version = "0.3.0"
 description = "A Python library for interacting with Foundry Sources"
 authors = ["Palantir Technologies, Inc."]
 license = "Apache-2.0"