PyPI - hcs-core - Versions diffs - 0.1.289__tar.gz → 0.1.290__tar.gz - Mend

hcs-core 0.1.289tar.gz → 0.1.290tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (71) hide show

{hcs_core-0.1.289 → hcs_core-0.1.290}/.gitignore RENAMED Viewed

@@ -169,7 +169,6 @@ state/
 t.py
 logs/*.log
 lab/
-*.plan.yml
 *.state.yml
 hcsenv/

{hcs_core-0.1.289 → hcs_core-0.1.290}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: hcs-core
-Version: 0.1.289
+Version: 0.1.290
 Summary: Horizon Cloud Service CLI module.
 Project-URL: Homepage, https://github.com/euc-eng/hcs-cli
 Project-URL: Bug Tracker, https://github.com/euc-eng/hcs-cli/issues
@@ -26,6 +26,7 @@ Requires-Dist: psutil>=5.9.4
 Requires-Dist: pydantic>=2.0.0
 Requires-Dist: pyjwt>=2.8.0
 Requires-Dist: pyopenssl>=24.1.0
+Requires-Dist: python-dotenv>=1.1.0
 Requires-Dist: pyyaml>=6.0.1
 Requires-Dist: questionary>=2.0.1
 Requires-Dist: rel>=0.4.7

hcs_core-0.1.290/hcs_core/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ __version__ = "0.1.290"

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/built_in_cmds/profile.py RENAMED Viewed

@@ -53,7 +53,7 @@ def use(name: str):
         if ret:
             if profile.use(ret) is None:
                 panic("No such profile: " + name)
-            return ret
+            return profile.current()
         else:
             # aborted
             return "", 1
@@ -103,9 +103,11 @@ def get(name: str):
 @profile_cmd_group.command()
-@click.argument("name")
+@click.argument("name", required=False)
 def delete(name: str):
     """Delete a profile by name."""
+    if not name:
+        name = profile.name()
     profile.delete(name)

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/cli_options.py RENAMED Viewed

@@ -27,7 +27,7 @@ verbose = click.option(
 output = click.option(
     "--output",
     "-o",
-    type=click.Choice(["json", "json-compact", "yaml", "text", "table"], case_sensitive=False),
+    type=click.Choice(["json", "json-compact", "yaml", "yml", "text", "table"], case_sensitive=False),
     default=None,
     hidden=True,
     help="Specify output format",
@@ -41,6 +41,14 @@ field = click.option(
     help="Specify fields to output, in comma separated field names.",
 )
+exclude_field = click.option(
+    "--exclude-field",
+    type=str,
+    required=False,
+    hidden=True,
+    help="Specify fields to exclude from output, in comma separated field names.",
+)
 wait = click.option(
     "--wait",
     "-w",

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/cli_processor.py RENAMED Viewed

@@ -75,6 +75,7 @@ def _ensure_sub_group(current: Group, mod_path: Path):
     meta = _read_group_meta(mod_path)
     help = meta.get("help")
     extension = meta.get("extension")
+    hidden = meta.get("hidden", False)
     subgroup = current.commands.get(name)
     if subgroup and isinstance(subgroup, Group):
@@ -82,7 +83,7 @@ def _ensure_sub_group(current: Group, mod_path: Path):
             subgroup.mod_path = mod_path
         return subgroup
-    subgroup = LazyGroup(extension=extension, name=name, help=help, mod_path=mod_path)
+    subgroup = LazyGroup(extension=extension, name=name, help=help, mod_path=mod_path, hidden=hidden)
     current.add_command(subgroup)
     return subgroup
@@ -166,13 +167,14 @@ def _import_cmd_file(mod_path: Path, parent: click.core.Group):
 # Create a new decorator that combines the individual decorators
 def _default_io(cmd: click.Command):
-    from .cli_options import field, first, ids, output
+    from .cli_options import exclude_field, field, first, ids, output
     cmd = output(cmd)
     # cmd = cli_options.verbose(cmd)
     cmd = field(cmd)
     cmd = ids(cmd)
     cmd = first(cmd)
+    cmd = exclude_field(cmd)
     callback = cmd.callback
     def inner(*args, **kwargs):
@@ -182,6 +184,7 @@ def _default_io(cmd: click.Command):
             "field": kwargs.pop("field"),
             "ids": kwargs.pop("ids"),
             "first": kwargs.pop("first"),
+            "exclude_field": kwargs.pop("exclude_field"),
         }
         if io_args["output"] == "table":

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/data_util.py RENAMED Viewed

@@ -1,4 +1,5 @@
 import json
+import os
 import re
 from io import TextIOWrapper
 from os import chmod, path
@@ -260,22 +261,26 @@ def process_variables(obj: dict, fn_get_var=None, use_env: bool = True):
         fn_get_var = _fn_get_var
     if use_env:
-        import os
         prev_fn_get_var = fn_get_var
         def _fn_get_var_from_env(name: str):
             if not name.startswith("env."):
                 return prev_fn_get_var(name)
-            v = None
             actual_name = name[4:]
-            v = os.environ.get(actual_name, None)
-            if v:
-                return v, True
-            v, found = prev_fn_get_var(name)
-            if found:
-                return v
-            raise CtxpException(f"Environment variable '{actual_name}' is used in template, but not found. ")
+            if actual_name.endswith("?"):
+                # optional
+                actual_name = actual_name[:-1]
+                required = False
+            else:
+                # required
+                required = True
+            if actual_name not in os.environ:
+                if required:
+                    raise CtxpException(f"Environment variable '{actual_name}' is used in template, but not found. ")
+                return None, True
+            return os.environ[actual_name], True
         fn_get_var = _fn_get_var_from_env

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/fstore.py RENAMED Viewed

@@ -199,7 +199,7 @@ class fstore:
                     outfile.write(str(data))
             elif format == "json-compact":
                 jsondot.save(data=data, file=file_path, pretty=False, lock=True)
-            elif format == "yaml":
+            elif format == "yaml" or format == "yml":
                 import yaml
                 with open(file_path, "w", encoding="utf-8") as outfile:

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/profile.py RENAMED Viewed

@@ -63,7 +63,7 @@ def create(name: str, data: dict, auto_use: bool = True, overwrite: bool = False
     save_data_file(data, file(name), "yaml", 0o600)
     if auto_use:
         use(name)
-    return get(name)
+    return get(name, reload=True)
 def copy(from_name: str, to_name: str, overwrite: bool = True):
@@ -126,6 +126,8 @@ def use(name: str) -> str:
         return
     _set_active_profile_name(name)
+    global _data
+    _data = _load_data_file_with_env_overrides(name, None)
     return name
@@ -223,10 +225,10 @@ class auth:
         if json.dumps(data) == json.dumps(_auth_cache):
             return
         _auth_cache = deepcopy(data)
-        file_name = auth._file_name()
         if os.environ.get("CTXP_AUTH_PERSIST", "true").lower() == "false":
             pass
         else:
+            file_name = auth._file_name()
             save_data_file(data, file_name, "yaml", 0o600)
     @staticmethod

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/ctxp/util.py RENAMED Viewed

@@ -57,6 +57,7 @@ def validate_error_return(reason, return_code):
 def print_output(data: Any, args: dict, file=sys.stdout):
     output = args.get("output", "json")
     fields = args.get("field")
+    exclude_field = args.get("exclude_field")
     ids = args.get("ids", False)
     first = args.get("first", False)
@@ -74,14 +75,17 @@ def print_output(data: Any, args: dict, file=sys.stdout):
                 if fields:
                     raise CtxpException("--ids and --fields should not be used together.")
                 data = _convert_to_id_only(data)
-            elif fields:
-                data = _filter_fields(data, fields)
+            else:
+                if fields:
+                    data = _filter_fields(data, fields)
+                if exclude_field:
+                    data = _exclude_fields(data, exclude_field)
             if output is None or output == "json":
                 text = json.dumps(data, default=vars, indent=4)
             elif output == "json-compact":
                 text = json.dumps(data, default=vars)
-            elif output == "yaml":
+            elif output == "yaml" or output == "yml":
                 from . import jsondot
                 text = yaml.dump(jsondot.plain(data), sort_keys=False)
@@ -168,6 +172,22 @@ def _filter_fields(obj: Any, fields: str):
     return _filter_obj(obj)
+def _exclude_fields(obj: Any, fields_exclude: str):
+    parts = fields_exclude.split(",")
+    def _filter_obj(o):
+        if not isinstance(o, dict):
+            return o
+        for k in list(o.keys()):
+            if k in parts:
+                del o[k]
+        return o
+    if isinstance(obj, list):
+        return list(map(_filter_obj, obj))
+    return _filter_obj(obj)
 def panic(reason: Any = None, code: int = 1):
     if isinstance(reason, Exception):
         text = error_details(reason)

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/plan/__init__.py RENAMED Viewed

@@ -5,6 +5,7 @@ from .core import clear as clear
 from .core import destroy as destroy
 from .core import get_deployment_data as get_deployment_data
 from .core import graph as graph
+from .core import resolve as resolve
 from .helper import PlanException as PlanException
 from .helper import PluginException as PluginException
 from .kop import attach_job_view as attach_job_view

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/plan/core.py RENAMED Viewed

@@ -1,5 +1,5 @@
 """
-Copyright 2023-2023 VMware Inc.
+Copyright 2025-2025 Omnissa Inc.
 SPDX-License-Identifier: Apache-2.0
 Licensed under the Apache License, Version 2.0 (the "License");
@@ -93,6 +93,17 @@ def _prepare_data(data: dict, additional_context: dict, target_resource_name: st
 #             return True
+def resolve(data: dict, additional_context: dict = None, target_resource_name: str = None):
+    blueprint, state, state_file = _prepare_data(data, additional_context, None)
+    if target_resource_name:
+        if target_resource_name in blueprint["resource"]:
+            return blueprint["resource"][target_resource_name]["data"]
+        if target_resource_name in blueprint["runtime"]:
+            return blueprint["runtime"][target_resource_name]["data"]
+        raise PlanException("Target resource or runtime not found: " + target_resource_name)
+    return blueprint
 def apply(
     data: dict,
     additional_context: dict = None,
@@ -249,7 +260,7 @@ def _deploy_res(name, res, state):
             action = handler.decide(res_data, res_state)
         if action == actions.skip:
-            kop.skip("Already deployed")
+            kop.skip(_get_res_text(handler, res_state))
             return
         if action == actions.recreate:

{hcs_core-0.1.289 → hcs_core-0.1.290}/hcs_core/plan/kop.py RENAMED Viewed

@@ -1,5 +1,5 @@
 """
-Copyright 2023-2023 VMware Inc.
+Copyright 2025-2025 Omnissa Inc.
 SPDX-License-Identifier: Apache-2.0
 Licensed under the Apache License, Version 2.0 (the "License");

hcs_core-0.1.290/hcs_core/sglib/auth.py ADDED Viewed

@@ -0,0 +1,186 @@
+"""
+Copyright 2023-2023 VMware Inc.
+SPDX-License-Identifier: Apache-2.0
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+import hashlib
+import json
+import logging
+import threading
+import time
+import jwt
+from authlib.integrations.httpx_client import OAuth2Client
+from hcs_core.ctxp import CtxpException, panic, profile
+from hcs_core.ctxp.jsondot import dotdict, dotify
+from .csp import CspClient
+log = logging.getLogger(__name__)
+def _is_auth_valid(auth_data):
+    leeway = 60
+    return auth_data and time.time() + leeway < auth_data["expires_at"]
+_login_lock = threading.Lock()
+def login(force_refresh: bool = False):
+    """Ensure login state, using credentials from the current profile. Return oauth token."""
+    return _populate_token_with_cache(profile.current().csp, force_refresh)
+def refresh_oauth_token(old_oauth_token: dict, csp_url: str):
+    with OAuth2Client(token=old_oauth_token) as client:
+        log.debug("Refresh auth token...")
+        token_url = csp_url + "/csp/gateway/am/api/auth/token"
+        from .login_support import identify_client_id
+        csp_specific_req_not_oauth_standard = (identify_client_id(csp_url), "")
+        new_token = client.refresh_token(token_url, auth=csp_specific_req_not_oauth_standard)
+        log.debug(f"New auth token: {new_token}")
+        if not new_token:
+            raise Exception("CSP auth refresh failed.")
+        if "cspErrorCode" in new_token:
+            raise Exception(f"CSP auth failed: {new_token.get('message')}")
+    return new_token
+def _has_credential(auth_config: dict):
+    return (
+        auth_config.get("apiToken")
+        or auth_config.get("api_token")
+        or auth_config.get("clientId")
+        or auth_config.get("client_id")
+        or auth_config.get("basic")
+    )
+def get_auth_cache(auth_config: dict):
+    cache, hash, token = _get_auth_cache(auth_config)
+    return token
+def _get_auth_cache(auth_config: dict):
+    text = json.dumps(auth_config, default=vars)
+    hash = hashlib.md5(text.encode("ascii"), usedforsecurity=False).hexdigest()
+    auth_cache = profile.auth.get()
+    token = auth_cache.get(hash, None)
+    if token and not _is_auth_valid(token):
+        token = None
+    return auth_cache, hash, token
+def save_auth_cache(auth_config: dict, token: dict):
+    """Save the auth token to the profile auth cache."""
+    cache, hash, _ = _get_auth_cache(auth_config)
+    if not token:
+        if hash in cache:
+            del cache[hash]
+        return
+    if not token.get("expires_at"):
+        token["expires_at"] = int(time.time() + token["expires_in"])
+    cache[hash] = token
+    profile.auth.set(cache)
+def _populate_token_with_cache(auth_config: dict, force_refresh: bool = False):
+    with _login_lock:
+        cache, hash, token = _get_auth_cache(auth_config)
+        if token and not force_refresh:
+            return token
+        # invalid token. Refresh or recreate it.
+        if token:
+            # try using refresh token if possible
+            if auth_config.get("provider", "vmwarecsp") == "vmwarecsp":
+                try:
+                    token = refresh_oauth_token(token, auth_config.url)
+                except Exception as e:
+                    log.debug(f"Failed to refresh OAuth token: {e}")
+                    token = None
+            else:
+                # hcs auth-service. Does not support refresh token.
+                token = None
+        if not token:
+            if _has_credential(auth_config):
+                token = CspClient.create(**auth_config).oauth_token()
+            else:
+                if auth_config.get("browser"):
+                    from .login_support import login_via_browser
+                    token = login_via_browser(auth_config.url, auth_config.orgId)
+                    if not token:
+                        raise CtxpException("Browser auth failed.")
+                else:
+                    raise CtxpException(
+                        "Browser auth was never attempted and no client credentials or API token provided."
+                    )
+        if not token.get("expires_at"):
+            token["expires_at"] = int(time.time() + token["expires_in"])
+        cache[hash] = token
+        profile.auth.set(cache)
+    return token
+class CustomOAuth2Client(OAuth2Client):
+    def __init__(self, auth_config: dict):
+        super().__init__()
+        self.auth_config = auth_config
+    def ensure_token(self):
+        # pylint: disable=access-member-before-definition
+        if self.token is None or not super().ensure_active_token():
+            self.token = _populate_token_with_cache(self.auth_config)
+def oauth_client(auth_config: dict = None):
+    if not auth_config:
+        auth_config = profile.current().csp
+    return CustomOAuth2Client(auth_config)
+def details(get_org_details: bool = False) -> dotdict:
+    """Get the auth details, for the current profile"""
+    oauth_token = login()
+    if not oauth_token:
+        return
+    return details_from_token(oauth_token, get_org_details)
+def details_from_token(oauth_token, get_org_details: bool = False):
+    decoded = jwt.decode(oauth_token["access_token"], options={"verify_signature": False})
+    org_id = decoded["context_name"]
+    ret = {"token": oauth_token, "jwt": decoded, "org": {"id": org_id}}
+    if get_org_details:
+        csp_client = CspClient(url=profile.current().csp.url, oauth_token=oauth_token)
+        try:
+            org_details = csp_client.get_org_details(org_id)
+        except Exception as e:
+            org_details = {"error": f"Fail retrieving org details: {e}"}
+        ret["org"].update(org_details)
+    return dotify(ret)
+def get_org_id_from_token(oauth_token: str) -> str:
+    decoded = jwt.decode(oauth_token["access_token"], options={"verify_signature": False})
+    return decoded["context_name"]

hcs-core 0.1.289__tar.gz → 0.1.290__tar.gz

hcs-core 0.1.289tar.gz → 0.1.290tar.gz