hcs-core 0.1.288__py3-none-any.whl → 0.1.290__py3-none-any.whl

hcs_core/__init__.py

@@ -1 +1 @@
-__version__ = "0.1.288"
+__version__ = "0.1.290"

hcs_core/ctxp/built_in_cmds/profile.py

@@ -53,7 +53,7 @@ def use(name: str):
         if ret:
             if profile.use(ret) is None:
                 panic("No such profile: " + name)
-            return ret
+            return profile.current()
         else:
             # aborted
             return "", 1
@@ -103,9 +103,11 @@ def get(name: str):
 
 
 @profile_cmd_group.command()
-@click.argument("name")
+@click.argument("name", required=False)
 def delete(name: str):
     """Delete a profile by name."""
+    if not name:
+        name = profile.name()
     profile.delete(name)
 
 

hcs_core/ctxp/cli_options.py

@@ -27,7 +27,7 @@ verbose = click.option(
 output = click.option(
     "--output",
     "-o",
-    type=click.Choice(["json", "json-compact", "yaml", "text", "table"], case_sensitive=False),
+    type=click.Choice(["json", "json-compact", "yaml", "yml", "text", "table"], case_sensitive=False),
     default=None,
     hidden=True,
     help="Specify output format",
@@ -41,6 +41,14 @@ field = click.option(
     help="Specify fields to output, in comma separated field names.",
 )
 
+exclude_field = click.option(
+    "--exclude-field",
+    type=str,
+    required=False,
+    hidden=True,
+    help="Specify fields to exclude from output, in comma separated field names.",
+)
+
 wait = click.option(
     "--wait",
     "-w",

hcs_core/ctxp/cli_processor.py

@@ -75,6 +75,7 @@ def _ensure_sub_group(current: Group, mod_path: Path):
     meta = _read_group_meta(mod_path)
     help = meta.get("help")
     extension = meta.get("extension")
+    hidden = meta.get("hidden", False)
 
     subgroup = current.commands.get(name)
     if subgroup and isinstance(subgroup, Group):
@@ -82,7 +83,7 @@ def _ensure_sub_group(current: Group, mod_path: Path):
             subgroup.mod_path = mod_path
         return subgroup
 
-    subgroup = LazyGroup(extension=extension, name=name, help=help, mod_path=mod_path)
+    subgroup = LazyGroup(extension=extension, name=name, help=help, mod_path=mod_path, hidden=hidden)
     current.add_command(subgroup)
     return subgroup
 
@@ -166,13 +167,14 @@ def _import_cmd_file(mod_path: Path, parent: click.core.Group):
 # Create a new decorator that combines the individual decorators
 def _default_io(cmd: click.Command):
 
-    from .cli_options import field, first, ids, output
+    from .cli_options import exclude_field, field, first, ids, output
 
     cmd = output(cmd)
     # cmd = cli_options.verbose(cmd)
     cmd = field(cmd)
     cmd = ids(cmd)
     cmd = first(cmd)
+    cmd = exclude_field(cmd)
     callback = cmd.callback
 
     def inner(*args, **kwargs):
@@ -182,6 +184,7 @@ def _default_io(cmd: click.Command):
             "field": kwargs.pop("field"),
             "ids": kwargs.pop("ids"),
             "first": kwargs.pop("first"),
+            "exclude_field": kwargs.pop("exclude_field"),
         }
         if io_args["output"] == "table":
 

hcs_core/ctxp/data_util.py

@@ -1,4 +1,5 @@
 import json
+import os
 import re
 from io import TextIOWrapper
 from os import chmod, path
@@ -260,22 +261,26 @@ def process_variables(obj: dict, fn_get_var=None, use_env: bool = True):
         fn_get_var = _fn_get_var
 
     if use_env:
-        import os
 
         prev_fn_get_var = fn_get_var
 
         def _fn_get_var_from_env(name: str):
             if not name.startswith("env."):
                 return prev_fn_get_var(name)
-            v = None
             actual_name = name[4:]
-            v = os.environ.get(actual_name, None)
-            if v:
-                return v, True
-            v, found = prev_fn_get_var(name)
-            if found:
-                return v
-            raise CtxpException(f"Environment variable '{actual_name}' is used in template, but not found. ")
+            if actual_name.endswith("?"):
+                # optional
+                actual_name = actual_name[:-1]
+                required = False
+            else:
+                # required
+                required = True
+
+            if actual_name not in os.environ:
+                if required:
+                    raise CtxpException(f"Environment variable '{actual_name}' is used in template, but not found. ")
+                return None, True
+            return os.environ[actual_name], True
 
         fn_get_var = _fn_get_var_from_env
 

hcs_core/ctxp/fstore.py

@@ -199,7 +199,7 @@ class fstore:
                     outfile.write(str(data))
             elif format == "json-compact":
                 jsondot.save(data=data, file=file_path, pretty=False, lock=True)
-            elif format == "yaml":
+            elif format == "yaml" or format == "yml":
                 import yaml
 
                 with open(file_path, "w", encoding="utf-8") as outfile:

hcs_core/ctxp/profile.py

@@ -63,7 +63,7 @@ def create(name: str, data: dict, auto_use: bool = True, overwrite: bool = False
     save_data_file(data, file(name), "yaml", 0o600)
     if auto_use:
         use(name)
-    return get(name)
+    return get(name, reload=True)
 
 
 def copy(from_name: str, to_name: str, overwrite: bool = True):
@@ -126,6 +126,8 @@ def use(name: str) -> str:
         return
 
     _set_active_profile_name(name)
+    global _data
+    _data = _load_data_file_with_env_overrides(name, None)
     return name
 
 
@@ -223,10 +225,10 @@ class auth:
         if json.dumps(data) == json.dumps(_auth_cache):
             return
         _auth_cache = deepcopy(data)
-        file_name = auth._file_name()
         if os.environ.get("CTXP_AUTH_PERSIST", "true").lower() == "false":
             pass
         else:
+            file_name = auth._file_name()
             save_data_file(data, file_name, "yaml", 0o600)
 
     @staticmethod

hcs_core/ctxp/util.py

@@ -57,6 +57,7 @@ def validate_error_return(reason, return_code):
 def print_output(data: Any, args: dict, file=sys.stdout):
     output = args.get("output", "json")
     fields = args.get("field")
+    exclude_field = args.get("exclude_field")
     ids = args.get("ids", False)
     first = args.get("first", False)
 
@@ -74,14 +75,17 @@ def print_output(data: Any, args: dict, file=sys.stdout):
                 if fields:
                     raise CtxpException("--ids and --fields should not be used together.")
                 data = _convert_to_id_only(data)
-            elif fields:
-                data = _filter_fields(data, fields)
+            else:
+                if fields:
+                    data = _filter_fields(data, fields)
+                if exclude_field:
+                    data = _exclude_fields(data, exclude_field)
 
             if output is None or output == "json":
                 text = json.dumps(data, default=vars, indent=4)
             elif output == "json-compact":
                 text = json.dumps(data, default=vars)
-            elif output == "yaml":
+            elif output == "yaml" or output == "yml":
                 from . import jsondot
 
                 text = yaml.dump(jsondot.plain(data), sort_keys=False)
@@ -168,6 +172,22 @@ def _filter_fields(obj: Any, fields: str):
     return _filter_obj(obj)
 
 
+def _exclude_fields(obj: Any, fields_exclude: str):
+    parts = fields_exclude.split(",")
+
+    def _filter_obj(o):
+        if not isinstance(o, dict):
+            return o
+        for k in list(o.keys()):
+            if k in parts:
+                del o[k]
+        return o
+
+    if isinstance(obj, list):
+        return list(map(_filter_obj, obj))
+    return _filter_obj(obj)
+
+
 def panic(reason: Any = None, code: int = 1):
     if isinstance(reason, Exception):
         text = error_details(reason)

hcs_core/plan/__init__.py

@@ -5,6 +5,7 @@ from .core import clear as clear
 from .core import destroy as destroy
 from .core import get_deployment_data as get_deployment_data
 from .core import graph as graph
+from .core import resolve as resolve
 from .helper import PlanException as PlanException
 from .helper import PluginException as PluginException
 from .kop import attach_job_view as attach_job_view

hcs_core/plan/core.py

@@ -1,5 +1,5 @@
 """
-Copyright 2023-2023 VMware Inc.
+Copyright 2025-2025 Omnissa Inc.
 SPDX-License-Identifier: Apache-2.0
 
 Licensed under the Apache License, Version 2.0 (the "License");
@@ -93,6 +93,17 @@ def _prepare_data(data: dict, additional_context: dict, target_resource_name: st
 #             return True
 
 
+def resolve(data: dict, additional_context: dict = None, target_resource_name: str = None):
+    blueprint, state, state_file = _prepare_data(data, additional_context, None)
+    if target_resource_name:
+        if target_resource_name in blueprint["resource"]:
+            return blueprint["resource"][target_resource_name]["data"]
+        if target_resource_name in blueprint["runtime"]:
+            return blueprint["runtime"][target_resource_name]["data"]
+        raise PlanException("Target resource or runtime not found: " + target_resource_name)
+    return blueprint
+
+
 def apply(
     data: dict,
     additional_context: dict = None,
@@ -249,7 +260,7 @@ def _deploy_res(name, res, state):
             action = handler.decide(res_data, res_state)
 
         if action == actions.skip:
-            kop.skip("Already deployed")
+            kop.skip(_get_res_text(handler, res_state))
             return
 
         if action == actions.recreate:

hcs_core/plan/kop.py

@@ -1,5 +1,5 @@
 """
-Copyright 2023-2023 VMware Inc.
+Copyright 2025-2025 Omnissa Inc.
 SPDX-License-Identifier: Apache-2.0
 
 Licensed under the Apache License, Version 2.0 (the "License");

hcs_core/sglib/auth.py

@@ -30,96 +30,17 @@ from .csp import CspClient
 log = logging.getLogger(__name__)
 
 
-def _get_profile_auth_hash(effective_profile):
-    csp = effective_profile.csp
-    text = json.dumps(csp, default=vars)
-    return profile.name() + "#" + hashlib.md5(text.encode("ascii"), usedforsecurity=False).hexdigest()
-
-
-def _is_auth_valid(auth_data, effective_profile):
-    if not auth_data:
-        return
-    if not auth_data.token:
-        return
-    if auth_data.hash != _get_profile_auth_hash(effective_profile):
-        return
+def _is_auth_valid(auth_data):
     leeway = 60
-    if time.time() + leeway >= auth_data.token.expires_at:
-        return
-    return True
-
-
-def _decode_http_basic_auth_token(basic_token: str):
-    import base64
-
-    try:
-        decoded = base64.b64decode(basic_token).decode("utf-8")
-        client_id, client_secret = decoded.split(":")
-        return client_id, client_secret
-    except Exception as e:
-        raise CtxpException(f"Invalid basic http auth token: {e}")
+    return auth_data and time.time() + leeway < auth_data["expires_at"]
 
 
 _login_lock = threading.Lock()
 
 
-def login(force_refresh: bool = False, panic_on_failure: bool = True):
+def login(force_refresh: bool = False):
     """Ensure login state, using credentials from the current profile. Return oauth token."""
-
-    _login_lock.acquire()
-    try:
-        effective_profile = profile.current()
-
-        auth_data = profile.auth.get()
-        if force_refresh or not _is_auth_valid(auth_data, effective_profile):
-            oauth_token = _get_new_oauth_token(auth_data.token, effective_profile)
-            if oauth_token:
-                use_oauth_token(oauth_token, effective_profile)
-            elif panic_on_failure:
-                panic(
-                    "Login failed. If this is configured API key or client credential, refresh the credential from CSP and update profile config. If this is browser based interactive login, login again."
-                )
-            else:
-                return None
-        else:
-            oauth_token = auth_data.token
-        return oauth_token
-    finally:
-        _login_lock.release()
-
-
-def _get_new_oauth_token(old_oauth_token, effective_profile):
-    csp_config = effective_profile.csp
-
-    csp_client = CspClient(url=csp_config.url)
-
-    if csp_config.apiToken:
-        oauth_token = csp_client.login_with_api_token(csp_config.apiToken)
-    elif csp_config.clientId:
-        oauth_token = csp_client.login_with_client_id_and_secret(
-            csp_config.clientId, csp_config.clientSecret, csp_config.orgId
-        )
-    elif csp_config.basic:
-        client_id, client_secret = _decode_http_basic_auth_token(csp_config.basic)
-        oauth_token = csp_client.login_with_client_id_and_secret(client_id, client_secret, csp_config.orgId)
-    else:
-        # This should be a config from interactive login.
-        # Use existing oauth_token to refresh.
-        if not old_oauth_token:
-            old_oauth_token = profile.auth.get().token
-        if old_oauth_token:
-            try:
-                oauth_token = refresh_oauth_token(old_oauth_token, csp_config.url)
-            except Exception as e:
-                oauth_token = None
-                log.warning(e)
-        else:
-            oauth_token = None
-
-    if oauth_token and not oauth_token.get("expires_at"):
-        oauth_token["expires_at"] = int(time.time() + oauth_token["expires_in"])
-
-    return oauth_token
+    return _populate_token_with_cache(profile.current().csp, force_refresh)
 
 
 def refresh_oauth_token(old_oauth_token: dict, csp_url: str):
@@ -139,18 +60,102 @@ def refresh_oauth_token(old_oauth_token: dict, csp_url: str):
     return new_token
 
 
-class MyOAuth2Client(OAuth2Client):
-    def __init__(self):
+def _has_credential(auth_config: dict):
+    return (
+        auth_config.get("apiToken")
+        or auth_config.get("api_token")
+        or auth_config.get("clientId")
+        or auth_config.get("client_id")
+        or auth_config.get("basic")
+    )
+
+
+def get_auth_cache(auth_config: dict):
+    cache, hash, token = _get_auth_cache(auth_config)
+    return token
+
+
+def _get_auth_cache(auth_config: dict):
+    text = json.dumps(auth_config, default=vars)
+    hash = hashlib.md5(text.encode("ascii"), usedforsecurity=False).hexdigest()
+    auth_cache = profile.auth.get()
+    token = auth_cache.get(hash, None)
+    if token and not _is_auth_valid(token):
+        token = None
+    return auth_cache, hash, token
+
+
+def save_auth_cache(auth_config: dict, token: dict):
+    """Save the auth token to the profile auth cache."""
+    cache, hash, _ = _get_auth_cache(auth_config)
+    if not token:
+        if hash in cache:
+            del cache[hash]
+        return
+    if not token.get("expires_at"):
+        token["expires_at"] = int(time.time() + token["expires_in"])
+    cache[hash] = token
+    profile.auth.set(cache)
+
+
+def _populate_token_with_cache(auth_config: dict, force_refresh: bool = False):
+
+    with _login_lock:
+        cache, hash, token = _get_auth_cache(auth_config)
+        if token and not force_refresh:
+            return token
+
+        # invalid token. Refresh or recreate it.
+        if token:
+            # try using refresh token if possible
+            if auth_config.get("provider", "vmwarecsp") == "vmwarecsp":
+                try:
+                    token = refresh_oauth_token(token, auth_config.url)
+                except Exception as e:
+                    log.debug(f"Failed to refresh OAuth token: {e}")
+                    token = None
+            else:
+                # hcs auth-service. Does not support refresh token.
+                token = None
+
+        if not token:
+            if _has_credential(auth_config):
+                token = CspClient.create(**auth_config).oauth_token()
+            else:
+                if auth_config.get("browser"):
+                    from .login_support import login_via_browser
+
+                    token = login_via_browser(auth_config.url, auth_config.orgId)
+                    if not token:
+                        raise CtxpException("Browser auth failed.")
+                else:
+                    raise CtxpException(
+                        "Browser auth was never attempted and no client credentials or API token provided."
+                    )
+
+        if not token.get("expires_at"):
+            token["expires_at"] = int(time.time() + token["expires_in"])
+
+        cache[hash] = token
+        profile.auth.set(cache)
+    return token
+
+
+class CustomOAuth2Client(OAuth2Client):
+    def __init__(self, auth_config: dict):
         super().__init__()
+        self.auth_config = auth_config
 
     def ensure_token(self):
         # pylint: disable=access-member-before-definition
         if self.token is None or not super().ensure_active_token():
-            self.token = login()
+            self.token = _populate_token_with_cache(self.auth_config)
 
 
-def oauth_client():
-    return MyOAuth2Client()
+def oauth_client(auth_config: dict = None):
+    if not auth_config:
+        auth_config = profile.current().csp
+    return CustomOAuth2Client(auth_config)
 
 
 def details(get_org_details: bool = False) -> dotdict:
@@ -179,9 +184,3 @@ def details_from_token(oauth_token, get_org_details: bool = False):
 def get_org_id_from_token(oauth_token: str) -> str:
     decoded = jwt.decode(oauth_token["access_token"], options={"verify_signature": False})
     return decoded["context_name"]
-
-
-def use_oauth_token(oauth_token, effective_profile=None):
-    if effective_profile is None:
-        effective_profile = profile.current()
-    profile.auth.set({"token": oauth_token, "hash": _get_profile_auth_hash(effective_profile)})

hcs_core/sglib/client_util.py

@@ -14,95 +14,162 @@ limitations under the License.
 """
 
 import json
-import os
+import logging
 import sys
 import threading
 import time
 from typing import Callable, Iterator
 
 from hcs_core.ctxp import CtxpException, panic, profile
-from hcs_core.sglib import hcs_client
 from hcs_core.sglib.ez_client import EzClient
 from hcs_core.util import duration, exit
 from hcs_core.util.query_util import PageRequest, with_query
 
+log = logging.getLogger(__name__)
+
 _caches = {}
 
 _client_instance_lock = threading.RLock()
 
 
-def hdc_service_client(service_name: str) -> EzClient:
-    _client_instance_lock.acquire()
-    try:
-        instance = _caches.get(service_name)
-        if not instance:
-
-            def _get_url():  # make it deferred so no need to initialize profile
-                url = _get_hcs_url_considering_env_override(service_name)
-                if not url.endswith("/"):
-                    url += "/"
-                url += service_name
-                return url
-
-            instance = hcs_client(_get_url)
-            _caches[service_name] = instance
-        return instance
-    finally:
-        _client_instance_lock.release()
-
-
-def _get_hcs_url_considering_env_override(service_name: str):
-    # service_name = service_name.replace("-", "_")
-    # env_name = f"hcs_{service_name}_url"
-    # url = os.environ.get(env_name)
-    # if url:
-    #     print(f"Using env override for {env_name}: {url}")
-    #     return url
-    # env_name = env_name.upper()
-    # url = os.environ.get(env_name)
-    # if url:
-    #     print(f"Using env override for {env_name}: {url}")
-    #     return url
+def _lazy_init(
+    service_name: str, hdc: str = None, region: str = None
+):  # make it deferred so no need to initialize profile
+    if region and hdc:
+        raise Exception("region and hdc cannot be specified at the same time.")
 
     # check per-service override in profile
-    service_override = profile.current().get("overrides", {}).get(service_name, {})
+    profile_data = profile.current()
+    override = profile_data.get("override", {})
+    service_override = {}
+    for k, v in override.items():
+        if service_name == k.lower():
+            service_override = v
     service_override_url = service_override.get("url")
     if service_override_url:
-        print(f"Using per-service override for {service_name}: {service_override_url}")
-        return service_override_url
-    return profile.current().hcs.url
+        log.debug(f"Using per-service override for {service_name}: {service_override_url}")
+        url = service_override_url
+    else:
+        if hdc:
+            # prod only
+            hdc = hdc.upper()
+            if hdc == "US":
+                url = profile_data.hcs.url
+            elif hdc == "EU":
+                url = profile_data.hcs.url.replace("cloud-sg-us", "cloud-sg-eu")
+            elif hdc == "JP":
+                url = profile_data.hcs.url.replace("cloud-sg-us", "cloud-sg-jp")
+            else:
+                raise CtxpException(f"Invalid HDC name: {hdc}. Supported HDC names: US, EU, JP.")
+        elif region:
+            url = _get_region_url(region)
+            if not url:
+                panic("Missing profile property: hcs.regions")
+        else:
+            url = profile_data.hcs.url
+    url = url.rstrip("/") + "/" + service_name
+
+    # TODO
+    client_id = service_override.get("client-id", None)
+    if not client_id:
+        client_id = service_override.get("clientId", None)
+    client_secret = service_override.get("client-secret", None)
+    if not client_secret:
+        client_secret = service_override.get("clientSecret", None)
+    api_token = service_override.get("api-token", None)
+    if not api_token:
+        api_token = service_override.get("apiToken", None)
+    provider = service_override.get("provider", "vmwarecsp")
+    if provider == "vmwarecsp":
+        token_url = profile_data.csp.url
+    elif provider == "auth-service":
+        token_url = profile_data.auth.tokenUrl
+    else:
+        raise CtxpException(f"Unknown provider: {provider}. Supported providers: vmwarecsp, auth-service.")
+
+    if client_id:
+        if not client_secret:
+            panic(f"Client ID is specified but missing clientSecret for service {service_name} in profile override.")
+    else:
+        if client_secret:
+            panic(f"Client secret is specified but missing clientId for service {service_name} in profile override.")
+
+    if client_id:
+        auth_config = {
+            "url": token_url,
+            "client_id": client_id,
+            "client_secret": client_secret,
+        }
+    elif api_token:
+        auth_config = {
+            "url": token_url,
+            "api_token": api_token,
+        }
+    else:
+        auth_config = None
+
+    from hcs_core.sglib import auth
+
+    oauth_client = auth.oauth_client(auth_config=auth_config)
+    return url, oauth_client
 
 
-def _get_region_url(region_name: str):
+def hdc_service_client(service_name: str, hdc: str = None) -> EzClient:
+    """A client for HDC service. Cached per service name, thread-safe, lazy initialization."""
+    if hdc:
+        hdc = hdc.upper()
+        if hdc not in ["US", "EU", "JP"]:
+            panic(f"Invalid HDC name: {hdc}. Supported HDC names: US, EU, JP.")
+    else:
+        hdc = "US"
+
+    k = f"{service_name}#{hdc}"
+    with _client_instance_lock:
+        instance = _caches.get(k)
+        if not instance:
+            instance = EzClient(lazy_init=lambda: _lazy_init(service_name=service_name, hdc=hdc))
+            _caches[k] = instance
+        return instance
+
+
+def _get_region_url(region: str):
     regions = profile.current().hcs.regions
-    if not region_name:
+    if not region:
         return regions[0].url
     for r in regions:
-        if r.name.lower() == region_name.lower():
+        if r.name.lower() == region.lower():
             return r.url
     names = []
     for r in regions:
         names.append(r.name)
-    panic(f"Region not found: {region_name}. Available regions: {names}")
+    panic(f"Region not found: {region}. Available regions: {names}")
 
 
-def regional_service_client(region_name: str, service_name: str):
+def regional_service_client(service_name: str, region: str = None):
     # 'https://dev1b-westus2-cp103a.azcp.horizon.vmware.com/vmhub'
-    url = _get_region_url(region_name)
-    if not url:
-        panic("Missing profile property: hcs.regions")
-    if not url.endswith("/"):
-        url += "/"
-    url += service_name
-    return hcs_client(url)
-
-
-def _with_org_id(url: str, org_id: str):
-    if org_id:
-        if url.find("?") < 0:
-            url += "?"
-        url += "org_id=" + org_id
-    return url
+    region_names = [r.name.lower() for r in profile.current().hcs.regions]
+    if region:
+        region = region.lower()
+        if region not in region_names:
+            panic(f"Invalid region name: {region}. Available regions: {', '.join(region_names)}")
+    else:
+        region = region_names[0]
+
+    k = f"{service_name}#{region}"
+    with _client_instance_lock:
+        instance = _caches.get(k)
+        if not instance:
+            instance = EzClient(lazy_init=lambda: _lazy_init(service_name=service_name, region=region))
+            _caches[k] = instance
+        return instance
+
+
+def service_client(service_name: str, region: str = None, hdc: str = None):
+    regional_services = ["vmhub", "connection-service"]
+    if service_name in regional_services:
+        return regional_service_client(service_name, region)
+    else:
+        return hdc_service_client(service_name, hdc)
 
 
 class default_crud:

hcs_core/sglib/csp.py

@@ -65,8 +65,25 @@ def _log_response(response: httpx.Response):
     log.debug("\n")
 
 
+def _decode_http_basic_auth_token(basic_token: str):
+    import base64
+
+    try:
+        decoded = base64.b64decode(basic_token).decode("utf-8")
+        client_id, client_secret = decoded.split(":")
+        return client_id, client_secret
+    except Exception as e:
+        raise Exception(f"Invalid basic http auth token: {e}")
+
+
 class CspClient:
     def __init__(self, url: str, oauth_token: dict = None, org_id: str = None) -> None:
+        if url.endswith("/auth/v1/oauth/token"):
+            # To workaround that post with "" results "/" and fail the process.
+            url = url[: -len("/auth/v1/oauth/token")]
+            self._auth_mode = "hcs-auth-svc"
+        else:
+            self._auth_mode = "csp"
         self._base_url = url
         self._oauth_token = oauth_token
         self._org_id = org_id
@@ -81,6 +98,7 @@ class CspClient:
         )
 
     def login_with_api_token(self, api_token: str) -> dict:
+        log.debug(f"Logging in with api_token: {api_token}, url: {self._base_url}")
         # https://console-stg.cloud.vmware.com/csp/gateway/authn/api/swagger-ui.html#/Authentication/getAccessTokenByApiRefreshTokenUsingPOST
 
         # curl -X 'POST' \
@@ -88,7 +106,7 @@ class CspClient:
         # -H 'accept: application/json' \
         # -H 'Content-Type: application/x-www-form-urlencoded' \
         # -d 'refresh_token=<the-refresh-token>'
-
+        # print(f"Logging in with api_token: {api_token}, url: {self._base_url}")
         headers = {
             "Content-Type": "application/x-www-form-urlencoded",
             "Accept": "application/json",
@@ -101,6 +119,7 @@ class CspClient:
         return self._oauth_token
 
     def login_with_client_id_and_secret(self, client_id: str, client_secret: str, org_id: str) -> dict:
+        log.debug(f"Logging in with client_id: {client_id}, org_id: {org_id}, url: {self._base_url}")
         headers = {
             "Content-Type": "application/x-www-form-urlencoded",
             "Accept": "application/json",
@@ -110,8 +129,9 @@ class CspClient:
         }
         if org_id:
             params["orgId"] = org_id
+        url = "/auth/v1/oauth/token" if self._auth_mode == "hcs-auth-svc" else "/csp/gateway/am/api/auth/authorize"
         resp = self._client.post(
-            "/csp/gateway/am/api/auth/authorize",
+            url,
             auth=(client_id, client_secret),
             headers=headers,
             params=params,
@@ -119,6 +139,54 @@ class CspClient:
         self._oauth_token = resp.json()
         return self._oauth_token
 
+    @staticmethod
+    def create(
+        url: str,
+        org_id: str = None,
+        client_id: str = None,
+        client_secret: str = None,
+        api_token: str = None,
+        basic: str = None,
+        **kwargs,
+    ) -> "CspClient":
+        client = CspClient(url=url, org_id=org_id)
+
+        if not client_id:
+            client_id = kwargs.get("clientId")
+        if not client_secret:
+            client_secret = kwargs.get("clientSecret")
+        if not api_token:
+            api_token = kwargs.get("apiToken")
+
+        if client_id:
+            if not client_secret:
+                raise ValueError("client_secret is required when client_id is provided")
+            if api_token:
+                raise ValueError("api_token and client_id/client_secret cannot be used together")
+            if basic:
+                raise ValueError("basic auth and client_id/client_secret cannot be used together")
+            client.login_with_client_id_and_secret(client_id=client_id, client_secret=client_secret, org_id=org_id)
+        elif api_token:
+            if client_id or client_secret:
+                raise ValueError("api_token and client_id/client_secret cannot be used together")
+            if basic:
+                raise ValueError("api_token and basic auth cannot be used together")
+            client.login_with_api_token(api_token)
+        elif basic:
+            if client_id or client_secret:
+                raise ValueError("basic auth and client_id/client_secret cannot be used together")
+            if api_token:
+                raise ValueError("basic auth and api_token cannot be used together")
+            client_id, client_secret = _decode_http_basic_auth_token(basic)
+            client.login_with_client_id_and_secret(client_id=client_id, client_secret=client_secret, org_id=org_id)
+        else:
+            raise Exception("Unrecognized CSP authentication method.")
+
+        return client
+
+    def oauth_token(self) -> dict:
+        return self._oauth_token
+
     # def get_oauth_token(self, force=False):
     #     if self._oauth_token and not force:
     #         return self._oauth_token

hcs_core/sglib/ez_client.py

@@ -133,32 +133,47 @@ def _raise_http_error(e: httpx.HTTPStatusError):
 
 
 class EzClient:
-    def __init__(
-        self, base_url: Union[str, Callable], oauth_client: OAuth2Client = None, lazy_oauth_client: Callable = None
-    ) -> None:
+    def __init__(self, base_url: str = None, oauth_client: OAuth2Client = None, lazy_init: Callable = None) -> None:
         # self._client = httpx.Client(base_url=base_url, timeout=30, event_hooks=event_hooks)
-        self._base_url = base_url
-        self._client_impl = oauth_client
-        self._lazy_oauth_client = lazy_oauth_client
+
+        self._client_impl = None
+        self._lazy_init = lazy_init
         self._lock = threading.Lock()
 
+        if lazy_init:
+            if base_url:
+                raise ValueError("Cannot use both base_url and lazy_init")
+            if oauth_client:
+                raise ValueError("Cannot use both oauth_client and lazy_init")
+        else:
+            if not base_url:
+                raise ValueError("base_url must be provided if lazy_init is not used")
+            if not oauth_client:
+                raise ValueError("oauth_client must be provided if lazy_init is not used")
+            self._init_client(base_url, oauth_client)
+
+    def _init_client(self, base_url: str, client: OAuth2Client):
+        if base_url.endswith("/"):
+            base_url = base_url[:-1]
+        client.base_url = base_url
+        client.timeout = int(os.environ.get("HCS_TIMEOUT", 30))
+        request_hooks = client.event_hooks["request"]
+        response_hooks = client.event_hooks["response"]
+        if _log_request not in request_hooks:
+            request_hooks.append(_log_request)
+        if _log_response not in response_hooks:
+            response_hooks.append(_log_response)
+        if _raise_on_4xx_5xx not in response_hooks:
+            response_hooks.append(_raise_on_4xx_5xx)
+        self._client_impl = client
+
     def _client(self):
         self._lock.acquire()
         try:
-            if not self._client_impl:
-                client = self._lazy_oauth_client()
-                base_url = self._base_url() if callable(self._base_url) else self._base_url
-                client.base_url = base_url
-                client.timeout = int(os.environ.get("HCS_TIMEOUT", 30))
-                request_hooks = client.event_hooks["request"]
-                response_hooks = client.event_hooks["response"]
-                if _log_request not in request_hooks:
-                    request_hooks.append(_log_request)
-                if _log_response not in response_hooks:
-                    response_hooks.append(_log_response)
-                if _raise_on_4xx_5xx not in response_hooks:
-                    response_hooks.append(_raise_on_4xx_5xx)
-                self._client_impl = client
+            if self._lazy_init:
+                base_url, client = self._lazy_init()
+                self._init_client(base_url, client)
+                self._lazy_init = None
 
             self._client_impl.ensure_token()
             return self._client_impl

hcs_core/sglib/hcs_client.py

@@ -13,13 +13,9 @@ See the License for the specific language governing permissions and
 limitations under the License.
 """
 
-from typing import Callable, Union
-
 from . import auth as auth
 from .ez_client import EzClient
 
 
-def hcs_client(url: Union[str, Callable]) -> EzClient:
-    if isinstance(url, str) and url.endswith("/"):
-        url = url[:-1]
-    return EzClient(url, lazy_oauth_client=auth.oauth_client)
+def hcs_client(url: str, custom_auth: dict = None) -> EzClient:
+    return EzClient(base_url=url, oauth_client=auth.oauth_client(custom_auth))

hcs_core/util/job_view.py

@@ -206,9 +206,10 @@ class JobView:
     def skip(self, id: str, reason: str) -> None:
         self._ensure_started(id)
         task_id = self._map[id]
-        details = "skipped"
+        details = "<skipped>"
         if reason:
-            details += f": {reason}"
+            details = reason + " " + details
+
         self._job_ctl.update(task_id, completed=sys.float_info.max, details=details)
         self._todo.discard(id)
 

{hcs_core-0.1.288.dist-info → hcs_core-0.1.290.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: hcs-core
-Version: 0.1.288
+Version: 0.1.290
 Summary: Horizon Cloud Service CLI module.
 Project-URL: Homepage, https://github.com/euc-eng/hcs-cli
 Project-URL: Bug Tracker, https://github.com/euc-eng/hcs-cli/issues
@@ -26,6 +26,7 @@ Requires-Dist: psutil>=5.9.4
 Requires-Dist: pydantic>=2.0.0
 Requires-Dist: pyjwt>=2.8.0
 Requires-Dist: pyopenssl>=24.1.0
+Requires-Dist: python-dotenv>=1.1.0
 Requires-Dist: pyyaml>=6.0.1
 Requires-Dist: questionary>=2.0.1
 Requires-Dist: rel>=0.4.7

{hcs_core-0.1.288.dist-info → hcs_core-0.1.290.dist-info}/RECORD

@@ -1,52 +1,52 @@
-hcs_core/__init__.py,sha256=h2YaDwqNzDQolRs8e5QZZuOdmuGRXaYq2mLZASylOIc,24
+hcs_core/__init__.py,sha256=bwKnrwO9ZdAegnigTknEQxy0oRqb3ET-uKciKxJ5eh0,24
 hcs_core/ctxp/__init__.py,sha256=bHVHhJP10Luz1a3Kk3zFx14dAO4SY6Q20Lrv8rNWWGc,1075
 hcs_core/ctxp/_init.py,sha256=yq46VOty4zs_WcLt1SrtePxbW8S4RIz4YUCP3xIBvCA,2797
-hcs_core/ctxp/cli_options.py,sha256=5CkwKVIUNJxumBHUmrefawiIZR5Yf3bWEcpJBaEMuDU,2554
-hcs_core/ctxp/cli_processor.py,sha256=2RhBz7zFm2UDRwbMDwBpeAQQCt4sjZJzn1nePAcMA_o,7329
+hcs_core/ctxp/cli_options.py,sha256=j4LUukG1k6etJFATb8mGXvqB7DiEC-VOP23w7KVO9sY,2751
+hcs_core/ctxp/cli_processor.py,sha256=L4ai8ZAKBkhII_6dwehxNGPrrvFOrq0CFaMHav0F2Y0,7485
 hcs_core/ctxp/cmd_util.py,sha256=_-VwQSmkfi52qWC3uHQI06mSiIPfsZroDruTDYHXiMA,3119
 hcs_core/ctxp/config.py,sha256=vRdzPxi3Yrt04cnR6b5mJwEOtYBh21qvmlSSsgyGoI4,931
 hcs_core/ctxp/context.py,sha256=y0ouOzXyYTg9MOuWjzjls9WfOKYaO31_MGJJ2S-Y9p4,3375
-hcs_core/ctxp/data_util.py,sha256=v041qG3UH8ff4iLVY4oaeFDT1jBdFhUNOnGLraPMT-g,14812
+hcs_core/ctxp/data_util.py,sha256=ODVts-Hy8zB76dGv0KaPYVoVqqh214H3l_Ux7B1HOKA,14985
 hcs_core/ctxp/dispatcher.py,sha256=GAK-jGXDpyX0C88oRDtDi4yeM0qlvID96k98z_vqJkg,2261
 hcs_core/ctxp/duration.py,sha256=xmAw-nKnul3VeSXzvbGZ-W2ByBwyK23KxLLm3_aFW_M,2117
 hcs_core/ctxp/extension.py,sha256=UqlDCXJMRKXcoceVak8hVGI_7HggjUWYSgKOFbGVetU,1636
 hcs_core/ctxp/fn_util.py,sha256=bEYmj5WgUkRE5S4oQjT_zutuViXWYU9q5MR-MlTA_bY,1573
-hcs_core/ctxp/fstore.py,sha256=qgd4aDLrRWqSsB-7StBv1TAqd0wxIB-scvt6FZSTtyQ,8958
+hcs_core/ctxp/fstore.py,sha256=lU6et0-w_QPYpQNjdA0QGEdnn7lsmBVuw9XbDvLjwso,8977
 hcs_core/ctxp/jsondot.py,sha256=U2_ToR8j3-hex75X3OSqTgADiw5cqjRDVO38-IbvapM,11369
 hcs_core/ctxp/logger.py,sha256=6Sh1WXUrjrQNU7K6zUlBzE34fIS6o6oMU3eqSknUOEo,6321
-hcs_core/ctxp/profile.py,sha256=DQUQXThHNZa49tDcyGfh-w658CJBE1YIKmNHWXSDaiw,7673
+hcs_core/ctxp/profile.py,sha256=JgDhRQD00p4jIsiTEjDzpRfKyicA-TgAheXxMBiNCvw,7766
 hcs_core/ctxp/profile_store.py,sha256=v4RvKSaKSJhAt5rEGbC6v-NfaI3N67YffPm-qlrQWdg,1566
 hcs_core/ctxp/recent.py,sha256=uKSEdU4L2szbyl-5nYLa3bigZSvSPW8G24Tuk_wYMck,1797
 hcs_core/ctxp/state.py,sha256=gjcMRVONKBq7WiFQo-xca1726ngZe90mnPrF3vbXDrU,1634
 hcs_core/ctxp/task_schd.py,sha256=mvZMeKDSSo2p7VidSoZY1XZj433TQn_YF9SGJEzl9lg,4586
 hcs_core/ctxp/template_util.py,sha256=XslvIuRBlTVsUW0Y9M_D8gUPc1jWq6X2p4At2VAe1KU,731
 hcs_core/ctxp/timeutil.py,sha256=RyRrIRdFHbIghdB8wbC8VdABvc7hki2v51b1x2JvHgo,445
-hcs_core/ctxp/util.py,sha256=FnJMbKMCnGDGc579VSrGsnWy-0H1GEnLioLcFvH6UcM,10869
+hcs_core/ctxp/util.py,sha256=5RrAjSAM3GRu23a6mnKAnJ6X-WyW9NptngPEEDzm5QM,11434
 hcs_core/ctxp/var_template.py,sha256=cTjj1UJ58ac6s5z4Oh5hSDQwKixq-rdbCF1D8akjAo0,3219
 hcs_core/ctxp/built_in_cmds/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 hcs_core/ctxp/built_in_cmds/_ut.py,sha256=e50XBmPim2qRe0RYk_XAuRz1HWYyLJuMu-6dVxWR_fQ,3356
 hcs_core/ctxp/built_in_cmds/context.py,sha256=bU-BG60DyA8rpv1sw3LpHnPQb1wQiZQCoIMYLW_g5_c,2389
-hcs_core/ctxp/built_in_cmds/profile.py,sha256=4r1Yi9lR0oWXeVNzQTblYYkmX94s1aM8mYHV4u0Yfqw,4324
-hcs_core/plan/__init__.py,sha256=-aEHqDPQd9Noqwg8bV8YBKxE9xrY25PFp2pknFXZiIc,428
+hcs_core/ctxp/built_in_cmds/profile.py,sha256=XjFEIPBAgLJjOQpAPqL-HtTmycWZEps2_S6yY-0wT-k,4401
+hcs_core/plan/__init__.py,sha256=5klVuXXLQLn2Hj6Gz2Hc-1XSyDXKE9o-BjQ82oXekiI,465
 hcs_core/plan/actions.py,sha256=UvCynzApJUxi39HUoPIQ_uownlbvFbJ4aAs6pmulrLY,125
 hcs_core/plan/base_provider.py,sha256=CSJFN8lopWTUblw8CW78Epnef9BbJVLhPLk9bPfZceM,1299
 hcs_core/plan/context.py,sha256=5NI5Otk0jGKtBGvO8Sc1xdOHUCu_lXQYNrSctT3Hyq8,116
-hcs_core/plan/core.py,sha256=21pSOJPcJCidQwNkLDgILaYVOElUZmc0nEwDA5itP_U,21132
+hcs_core/plan/core.py,sha256=1hZ9Y8ltEFGAT1MbbxpxLSwMU3TwEEEcbRJeO_KrZ-Y,21722
 hcs_core/plan/dag.py,sha256=pyyoMSmbhCsS8BMZI6hW6YDkHqBgjmJOwys9CUDrIts,12926
 hcs_core/plan/helper.py,sha256=__b8tlzLBT1Rm3vgiS-pWnZImaoZbsmKSRJtt_1gj8E,7763
-hcs_core/plan/kop.py,sha256=rhA4L8PUqImUTLvqH94jGlh4gmFk1UElVJLjhtZP-jQ,5773
+hcs_core/plan/kop.py,sha256=iDnRbYHFCtS3Rs95UVvRgZdSzs-NMwdyr8SztIQQqyg,5774
 hcs_core/plan/provider/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 hcs_core/plan/provider/dev/__init__.py,sha256=WpPDB-h5z5uF2BhcRlsdeJyZxBU5dun6tCf5ZZeaTJU,30
 hcs_core/plan/provider/dev/_prepare.py,sha256=PvVnheEQwpj8sWYz2lDONQVTs4pHPYuo2c4VD2if-hc,34
 hcs_core/plan/provider/dev/dummy.py,sha256=zKEr9J4WHhlN5gFdmrFyEfCF0xlQlCJg0CC1dG9VaLA,1958
 hcs_core/plan/provider/dev/fibonacci.py,sha256=8WhDr5c9harNAlVPZomQJEqbWe0hUqbppO6ZkwEUcJ0,1104
 hcs_core/sglib/__init__.py,sha256=oT0etW7vsEbHlXiGL5x23ZXyyFqeLi81RxQQ5lfKSV0,654
-hcs_core/sglib/auth.py,sha256=otsiBEvKae3B0-bPt5Ggir7ceTRLWG1x7ZaSblHisdA,6443
+hcs_core/sglib/auth.py,sha256=axgzgTRsXPHEo9VvZ6FLF2uitvFf8vVgHXc3ITTtgkM,6297
 hcs_core/sglib/cli_options.py,sha256=NvdiHpX_o6IYPEM8cQYLb_R7T4aiXVvYLqn6Vk4Q2-Y,1761
-hcs_core/sglib/client_util.py,sha256=ZCXmNfmUL4_iry4yU2bPWL0dLLNIGu3zp541cFt6Or0,10876
-hcs_core/sglib/csp.py,sha256=anZqbQLIZw831PgW9Z4pweqfAeBH7rXPIAkwkyPkfGY,8054
-hcs_core/sglib/ez_client.py,sha256=iUhhKAeo-9Mm3JQdYJROXxvAkZypCLSNvraE5DaP3n8,7640
-hcs_core/sglib/hcs_client.py,sha256=pxRZQ79ABhOyihAI8oOeTxw2dXkce5-NyRkJAoo0OL0,888
+hcs_core/sglib/client_util.py,sha256=JvULJXwZzg0NBVEEfqbmiHA123KwGbWJevOO9X-0oj4,13551
+hcs_core/sglib/csp.py,sha256=o10XdRO1-vVzzgYcn8kvUJ6EMRsv6ruDh6Q_cqy4pvs,11013
+hcs_core/sglib/ez_client.py,sha256=_u9HvPXW5H8zDjaBr3bsTZqzveOlehq4EWDMeF_cwFY,8135
+hcs_core/sglib/hcs_client.py,sha256=pjrAVQDEy2tiQMypMpOzODFntT6aNHXjje8or_mkL2U,804
 hcs_core/sglib/init.py,sha256=w_0ZU70Q1TGbSZsqSi7ewKQqpExFlepOT7mIqH0wnho,310
 hcs_core/sglib/login_support.py,sha256=tSkfmThubbWDUFLfx0hzdHp_QW0TR3gYISzvw6FKpjs,7561
 hcs_core/sglib/payload_util.py,sha256=Hnj7rjzrQ1j5gpbrwZX34biN8MIZjy6dOJZ63ulmzdw,685
@@ -57,12 +57,12 @@ hcs_core/util/check_license.py,sha256=-ZBMVoVcEUwICZ0QRK-e2uMMla7gFbjP9upun93lPE
 hcs_core/util/duration.py,sha256=e7Nw22aYXJK-pLM59QDel5atLZxShKBiVILFgrtLJks,4194
 hcs_core/util/exit.py,sha256=UStMZKlfCFN7GBouc1y3pPFGPFQ66qfcRZ_fYQXFD0E,838
 hcs_core/util/hcs_constants.py,sha256=Ic1Tx_UNJiQchfsdnRDzgiOaCjKHnsWXx997nElppm4,1755
-hcs_core/util/job_view.py,sha256=DuFdcvIqmbiKrzTjlZycF32ndvQNhq-2CL4No-HHBCw,8397
+hcs_core/util/job_view.py,sha256=SsACAqHTXSCmKFDD0DDDNK2eKykGgjo_DlLw8CJbRxM,8408
 hcs_core/util/pki_util.py,sha256=Lt3-IzIoGcaQKNE7KUszxR7JSZkpXduVZJ262TszsIs,6685
 hcs_core/util/query_util.py,sha256=5bh3bUVIQuY9qerndfuyfyzkTExYJ8zD0_e3PSN7y-4,3142
 hcs_core/util/scheduler.py,sha256=bPpCmGUL1UctJMfLPAg-h4Hl2YZr96FiI78-G_Usn08,2958
 hcs_core/util/ssl_util.py,sha256=MvU102fGwWWh9hhSmLnn1qQIWuD6TjZnN0iH0MXUtW0,1239
 hcs_core/util/versions.py,sha256=urMtShfoBx_Eqq0D-450LP0i-rW447k9yX8q8j5H_qA,1721
-hcs_core-0.1.288.dist-info/METADATA,sha256=OfTNqAnTG99Mi9CeE9Sikd8DtFGU1BfNBjVb43CRM1M,1875
-hcs_core-0.1.288.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-hcs_core-0.1.288.dist-info/RECORD,,
+hcs_core-0.1.290.dist-info/METADATA,sha256=JsjF5lDDx6OWqmoe_8T2qZF5yRNEsPpNZ-N53y1r-po,1911
+hcs_core-0.1.290.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+hcs_core-0.1.290.dist-info/RECORD,,