hcs-core 0.1.289__tar.gz → 0.1.291__tar.gz

{hcs_core-0.1.289 → hcs_core-0.1.291}/.gitignore

@@ -169,7 +169,6 @@ state/
 t.py
 logs/*.log
 lab/
-*.plan.yml
 *.state.yml
 
 hcsenv/

{hcs_core-0.1.289 → hcs_core-0.1.291}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: hcs-core
-Version: 0.1.289
+Version: 0.1.291
 Summary: Horizon Cloud Service CLI module.
 Project-URL: Homepage, https://github.com/euc-eng/hcs-cli
 Project-URL: Bug Tracker, https://github.com/euc-eng/hcs-cli/issues
@@ -26,6 +26,7 @@ Requires-Dist: psutil>=5.9.4
 Requires-Dist: pydantic>=2.0.0
 Requires-Dist: pyjwt>=2.8.0
 Requires-Dist: pyopenssl>=24.1.0
+Requires-Dist: python-dotenv>=1.1.0
 Requires-Dist: pyyaml>=6.0.1
 Requires-Dist: questionary>=2.0.1
 Requires-Dist: rel>=0.4.7

hcs_core-0.1.291/hcs_core/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.291"

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/_init.py

@@ -19,7 +19,7 @@ from pathlib import Path
 
 import click
 
-from . import cli_processor, config, profile, state
+from . import cli_processor, config, profile, state, telemetry
 
 
 def _get_store_path():
@@ -79,8 +79,11 @@ def app_name():
 
 def init_cli(main_cli: click.Group, commands_dir: str = "./cmds"):
     try:
-        return cli_processor.init(main_cli, commands_dir)
-    except Exception as e:
+        ret = cli_processor.init(main_cli, commands_dir)
+        telemetry.end()
+        return ret
+    except BaseException as e:
+        telemetry.end(error=e)
         if _need_stack_trace(e):
             raise e
         else:

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/built_in_cmds/profile.py

@@ -53,7 +53,7 @@ def use(name: str):
         if ret:
             if profile.use(ret) is None:
                 panic("No such profile: " + name)
-            return ret
+            return profile.current()
         else:
             # aborted
             return "", 1
@@ -103,9 +103,11 @@ def get(name: str):
 
 
 @profile_cmd_group.command()
-@click.argument("name")
+@click.argument("name", required=False)
 def delete(name: str):
     """Delete a profile by name."""
+    if not name:
+        name = profile.name()
     profile.delete(name)
 
 

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/cli_options.py

@@ -27,7 +27,7 @@ verbose = click.option(
 output = click.option(
     "--output",
     "-o",
-    type=click.Choice(["json", "json-compact", "yaml", "text", "table"], case_sensitive=False),
+    type=click.Choice(["json", "json-compact", "yaml", "yml", "text", "table"], case_sensitive=False),
     default=None,
     hidden=True,
     help="Specify output format",
@@ -41,6 +41,14 @@ field = click.option(
     help="Specify fields to output, in comma separated field names.",
 )
 
+exclude_field = click.option(
+    "--exclude-field",
+    type=str,
+    required=False,
+    hidden=True,
+    help="Specify fields to exclude from output, in comma separated field names.",
+)
+
 wait = click.option(
     "--wait",
     "-w",

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/cli_processor.py

@@ -24,7 +24,6 @@ from pathlib import Path
 import click
 from click.core import Group
 
-from .extension import ensure_extension
 from .util import avoid_trace_for_ctrl_c, print_error, print_output, validate_error_return
 
 _eager_loading = os.environ.get("_CTXP_EAGER_LOAD")
@@ -61,6 +60,8 @@ class LazyGroup(click.Group):
 
     def _ensure_extension(self):
         if self._extension:
+            from .extension import ensure_extension
+
             ensure_extension(self._extension)
 
 
@@ -75,6 +76,7 @@ def _ensure_sub_group(current: Group, mod_path: Path):
     meta = _read_group_meta(mod_path)
     help = meta.get("help")
     extension = meta.get("extension")
+    hidden = meta.get("hidden", False)
 
     subgroup = current.commands.get(name)
     if subgroup and isinstance(subgroup, Group):
@@ -82,7 +84,7 @@ def _ensure_sub_group(current: Group, mod_path: Path):
             subgroup.mod_path = mod_path
         return subgroup
 
-    subgroup = LazyGroup(extension=extension, name=name, help=help, mod_path=mod_path)
+    subgroup = LazyGroup(extension=extension, name=name, help=help, mod_path=mod_path, hidden=hidden)
     current.add_command(subgroup)
     return subgroup
 
@@ -166,13 +168,14 @@ def _import_cmd_file(mod_path: Path, parent: click.core.Group):
 # Create a new decorator that combines the individual decorators
 def _default_io(cmd: click.Command):
 
-    from .cli_options import field, first, ids, output
+    from .cli_options import exclude_field, field, first, ids, output
 
     cmd = output(cmd)
     # cmd = cli_options.verbose(cmd)
     cmd = field(cmd)
     cmd = ids(cmd)
     cmd = first(cmd)
+    cmd = exclude_field(cmd)
     callback = cmd.callback
 
     def inner(*args, **kwargs):
@@ -182,7 +185,13 @@ def _default_io(cmd: click.Command):
             "field": kwargs.pop("field"),
             "ids": kwargs.pop("ids"),
             "first": kwargs.pop("first"),
+            "exclude_field": kwargs.pop("exclude_field"),
         }
+        ctx = click.get_current_context()
+        from .telemetry import start as telemetry_start
+
+        telemetry_start(ctx.command_path, ctx.params)
+
         if io_args["output"] == "table":
 
             def _format(data):

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/data_util.py

@@ -1,4 +1,5 @@
 import json
+import os
 import re
 from io import TextIOWrapper
 from os import chmod, path
@@ -260,22 +261,26 @@ def process_variables(obj: dict, fn_get_var=None, use_env: bool = True):
         fn_get_var = _fn_get_var
 
     if use_env:
-        import os
 
         prev_fn_get_var = fn_get_var
 
         def _fn_get_var_from_env(name: str):
             if not name.startswith("env."):
                 return prev_fn_get_var(name)
-            v = None
             actual_name = name[4:]
-            v = os.environ.get(actual_name, None)
-            if v:
-                return v, True
-            v, found = prev_fn_get_var(name)
-            if found:
-                return v
-            raise CtxpException(f"Environment variable '{actual_name}' is used in template, but not found. ")
+            if actual_name.endswith("?"):
+                # optional
+                actual_name = actual_name[:-1]
+                required = False
+            else:
+                # required
+                required = True
+
+            if actual_name not in os.environ:
+                if required:
+                    raise CtxpException(f"Environment variable '{actual_name}' is used in template, but not found. ")
+                return None, True
+            return os.environ[actual_name], True
 
         fn_get_var = _fn_get_var_from_env
 

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/fstore.py

@@ -199,7 +199,7 @@ class fstore:
                     outfile.write(str(data))
             elif format == "json-compact":
                 jsondot.save(data=data, file=file_path, pretty=False, lock=True)
-            elif format == "yaml":
+            elif format == "yaml" or format == "yml":
                 import yaml
 
                 with open(file_path, "w", encoding="utf-8") as outfile:

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/profile.py

@@ -63,7 +63,7 @@ def create(name: str, data: dict, auto_use: bool = True, overwrite: bool = False
     save_data_file(data, file(name), "yaml", 0o600)
     if auto_use:
         use(name)
-    return get(name)
+    return get(name, reload=True)
 
 
 def copy(from_name: str, to_name: str, overwrite: bool = True):
@@ -126,6 +126,8 @@ def use(name: str) -> str:
         return
 
     _set_active_profile_name(name)
+    global _data
+    _data = _load_data_file_with_env_overrides(name, None)
     return name
 
 
@@ -223,10 +225,10 @@ class auth:
         if json.dumps(data) == json.dumps(_auth_cache):
             return
         _auth_cache = deepcopy(data)
-        file_name = auth._file_name()
         if os.environ.get("CTXP_AUTH_PERSIST", "true").lower() == "false":
             pass
         else:
+            file_name = auth._file_name()
             save_data_file(data, file_name, "yaml", 0o600)
 
     @staticmethod

hcs_core-0.1.291/hcs_core/ctxp/telemetry.py

@@ -0,0 +1,88 @@
+import json
+import logging
+import sys
+import time
+from datetime import datetime, timezone
+
+import click
+import httpx
+from yumako import env
+
+log = logging.getLogger(__name__)
+
+_record = None
+_enabled = None
+
+
+def disable():
+    global _enabled
+    _enabled = False
+
+
+def _is_disabled():
+    global _enabled
+    if _enabled is None:
+        _enabled = env.bool("HCS_CLI_TELEMETRY", True)
+    return not _enabled
+
+
+def start(cmd_path: str, params: dict):
+    if _is_disabled():
+        return
+
+    global _record
+    _record = {
+        "@timestamp": datetime.now(timezone.utc).isoformat(timespec="milliseconds"),
+        "command": cmd_path,
+        "options": [k.replace("_", "-") for k, v in params.items() if v],
+        "return": -1,
+        "error": None,
+        "time_ms": -1,
+        "env": {
+            "python_version": sys.version,
+            "platform": sys.platform,
+            "executable": sys.executable,
+        },
+    }
+
+
+def end(return_code: int = 0, error: Exception = None):
+    if _is_disabled():
+        return
+
+    if _record is None:
+        return
+
+    if error:
+        if isinstance(error, click.exceptions.Exit):
+            return_code = error.exit_code
+        elif isinstance(error, SystemExit):
+            return_code = error.code
+        else:
+            _record["error"] = str(error)
+            if return_code == 0:
+                return_code = 1
+    _record["return"] = return_code
+    _record["time_ms"] = int((time.time() - datetime.fromisoformat(_record["@timestamp"]).timestamp()) * 1000)
+
+    # print('TELEMETRY end', json.dumps(_record, indent=4), flush=True)
+
+    _injest(_record)
+    return _record
+
+
+def _injest(doc):
+    try:
+        response = httpx.post(
+            f"https://collie.omnissa.com/es/hcs-cli/_doc",
+            auth=("append_user", "public"),
+            headers={"Content-Type": "application/json"},
+            content=json.dumps(doc),
+            timeout=4,
+        )
+        response.raise_for_status()
+    except Exception as e:
+        log.debug(f"Telemetry ingestion failed: {e}", exc_info=True)
+        return
+
+    log.debug(f"Telemetry ingestion successful: {response.status_code}")

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/ctxp/util.py

@@ -57,6 +57,7 @@ def validate_error_return(reason, return_code):
 def print_output(data: Any, args: dict, file=sys.stdout):
     output = args.get("output", "json")
     fields = args.get("field")
+    exclude_field = args.get("exclude_field")
     ids = args.get("ids", False)
     first = args.get("first", False)
 
@@ -74,14 +75,17 @@ def print_output(data: Any, args: dict, file=sys.stdout):
                 if fields:
                     raise CtxpException("--ids and --fields should not be used together.")
                 data = _convert_to_id_only(data)
-            elif fields:
-                data = _filter_fields(data, fields)
+            else:
+                if fields:
+                    data = _filter_fields(data, fields)
+                if exclude_field:
+                    data = _exclude_fields(data, exclude_field)
 
             if output is None or output == "json":
                 text = json.dumps(data, default=vars, indent=4)
             elif output == "json-compact":
                 text = json.dumps(data, default=vars)
-            elif output == "yaml":
+            elif output == "yaml" or output == "yml":
                 from . import jsondot
 
                 text = yaml.dump(jsondot.plain(data), sort_keys=False)
@@ -168,7 +172,27 @@ def _filter_fields(obj: Any, fields: str):
     return _filter_obj(obj)
 
 
+def _exclude_fields(obj: Any, fields_exclude: str):
+    parts = fields_exclude.split(",")
+
+    def _filter_obj(o):
+        if not isinstance(o, dict):
+            return o
+        for k in list(o.keys()):
+            if k in parts:
+                del o[k]
+        return o
+
+    if isinstance(obj, list):
+        return list(map(_filter_obj, obj))
+    return _filter_obj(obj)
+
+
 def panic(reason: Any = None, code: int = 1):
+    if isinstance(reason, SystemExit):
+        os._exit(reason.code)
+    if isinstance(reason, click.exceptions.Exit):
+        os._exit(reason.exit_code)
     if isinstance(reason, Exception):
         text = error_details(reason)
     else:

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/plan/__init__.py

@@ -5,6 +5,7 @@ from .core import clear as clear
 from .core import destroy as destroy
 from .core import get_deployment_data as get_deployment_data
 from .core import graph as graph
+from .core import resolve as resolve
 from .helper import PlanException as PlanException
 from .helper import PluginException as PluginException
 from .kop import attach_job_view as attach_job_view

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/plan/core.py

@@ -1,5 +1,5 @@
 """
-Copyright 2023-2023 VMware Inc.
+Copyright 2025-2025 Omnissa Inc.
 SPDX-License-Identifier: Apache-2.0
 
 Licensed under the Apache License, Version 2.0 (the "License");
@@ -93,6 +93,17 @@ def _prepare_data(data: dict, additional_context: dict, target_resource_name: st
 #             return True
 
 
+def resolve(data: dict, additional_context: dict = None, target_resource_name: str = None):
+    blueprint, state, state_file = _prepare_data(data, additional_context, None)
+    if target_resource_name:
+        if target_resource_name in blueprint["resource"]:
+            return blueprint["resource"][target_resource_name]["data"]
+        if target_resource_name in blueprint["runtime"]:
+            return blueprint["runtime"][target_resource_name]["data"]
+        raise PlanException("Target resource or runtime not found: " + target_resource_name)
+    return blueprint
+
+
 def apply(
     data: dict,
     additional_context: dict = None,
@@ -249,7 +260,7 @@ def _deploy_res(name, res, state):
             action = handler.decide(res_data, res_state)
 
         if action == actions.skip:
-            kop.skip("Already deployed")
+            kop.skip(_get_res_text(handler, res_state))
             return
 
         if action == actions.recreate:

{hcs_core-0.1.289 → hcs_core-0.1.291}/hcs_core/plan/kop.py

@@ -1,5 +1,5 @@
 """
-Copyright 2023-2023 VMware Inc.
+Copyright 2025-2025 Omnissa Inc.
 SPDX-License-Identifier: Apache-2.0
 
 Licensed under the Apache License, Version 2.0 (the "License");

hcs_core-0.1.291/hcs_core/sglib/auth.py

@@ -0,0 +1,186 @@
+"""
+Copyright 2023-2023 VMware Inc.
+SPDX-License-Identifier: Apache-2.0
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+
+import hashlib
+import json
+import logging
+import threading
+import time
+
+import jwt
+from authlib.integrations.httpx_client import OAuth2Client
+
+from hcs_core.ctxp import CtxpException, panic, profile
+from hcs_core.ctxp.jsondot import dotdict, dotify
+
+from .csp import CspClient
+
+log = logging.getLogger(__name__)
+
+
+def _is_auth_valid(auth_data):
+    leeway = 60
+    return auth_data and time.time() + leeway < auth_data["expires_at"]
+
+
+_login_lock = threading.Lock()
+
+
+def login(force_refresh: bool = False):
+    """Ensure login state, using credentials from the current profile. Return oauth token."""
+    return _populate_token_with_cache(profile.current().csp, force_refresh)
+
+
+def refresh_oauth_token(old_oauth_token: dict, csp_url: str):
+    with OAuth2Client(token=old_oauth_token) as client:
+        log.debug("Refresh auth token...")
+        token_url = csp_url + "/csp/gateway/am/api/auth/token"
+        from .login_support import identify_client_id
+
+        csp_specific_req_not_oauth_standard = (identify_client_id(csp_url), "")
+        new_token = client.refresh_token(token_url, auth=csp_specific_req_not_oauth_standard)
+        log.debug(f"New auth token: {new_token}")
+        if not new_token:
+            raise Exception("CSP auth refresh failed.")
+        if "cspErrorCode" in new_token:
+            raise Exception(f"CSP auth failed: {new_token.get('message')}")
+
+    return new_token
+
+
+def _has_credential(auth_config: dict):
+    return (
+        auth_config.get("apiToken")
+        or auth_config.get("api_token")
+        or auth_config.get("clientId")
+        or auth_config.get("client_id")
+        or auth_config.get("basic")
+    )
+
+
+def get_auth_cache(auth_config: dict):
+    cache, hash, token = _get_auth_cache(auth_config)
+    return token
+
+
+def _get_auth_cache(auth_config: dict):
+    text = json.dumps(auth_config, default=vars)
+    hash = hashlib.md5(text.encode("ascii"), usedforsecurity=False).hexdigest()
+    auth_cache = profile.auth.get()
+    token = auth_cache.get(hash, None)
+    if token and not _is_auth_valid(token):
+        token = None
+    return auth_cache, hash, token
+
+
+def save_auth_cache(auth_config: dict, token: dict):
+    """Save the auth token to the profile auth cache."""
+    cache, hash, _ = _get_auth_cache(auth_config)
+    if not token:
+        if hash in cache:
+            del cache[hash]
+        return
+    if not token.get("expires_at"):
+        token["expires_at"] = int(time.time() + token["expires_in"])
+    cache[hash] = token
+    profile.auth.set(cache)
+
+
+def _populate_token_with_cache(auth_config: dict, force_refresh: bool = False):
+
+    with _login_lock:
+        cache, hash, token = _get_auth_cache(auth_config)
+        if token and not force_refresh:
+            return token
+
+        # invalid token. Refresh or recreate it.
+        if token:
+            # try using refresh token if possible
+            if auth_config.get("provider", "vmwarecsp") == "vmwarecsp":
+                try:
+                    token = refresh_oauth_token(token, auth_config.url)
+                except Exception as e:
+                    log.debug(f"Failed to refresh OAuth token: {e}")
+                    token = None
+            else:
+                # hcs auth-service. Does not support refresh token.
+                token = None
+
+        if not token:
+            if _has_credential(auth_config):
+                token = CspClient.create(**auth_config).oauth_token()
+            else:
+                if auth_config.get("browser"):
+                    from .login_support import login_via_browser
+
+                    token = login_via_browser(auth_config.url, auth_config.orgId)
+                    if not token:
+                        raise CtxpException("Browser auth failed.")
+                else:
+                    raise CtxpException(
+                        "Browser auth was never attempted and no client credentials or API token provided."
+                    )
+
+        if not token.get("expires_at"):
+            token["expires_at"] = int(time.time() + token["expires_in"])
+
+        cache[hash] = token
+        profile.auth.set(cache)
+    return token
+
+
+class CustomOAuth2Client(OAuth2Client):
+    def __init__(self, auth_config: dict):
+        super().__init__()
+        self.auth_config = auth_config
+
+    def ensure_token(self):
+        # pylint: disable=access-member-before-definition
+        if self.token is None or not super().ensure_active_token():
+            self.token = _populate_token_with_cache(self.auth_config)
+
+
+def oauth_client(auth_config: dict = None):
+    if not auth_config:
+        auth_config = profile.current().csp
+    return CustomOAuth2Client(auth_config)
+
+
+def details(get_org_details: bool = False) -> dotdict:
+    """Get the auth details, for the current profile"""
+    oauth_token = login()
+    if not oauth_token:
+        return
+    return details_from_token(oauth_token, get_org_details)
+
+
+def details_from_token(oauth_token, get_org_details: bool = False):
+    decoded = jwt.decode(oauth_token["access_token"], options={"verify_signature": False})
+    org_id = decoded["context_name"]
+    ret = {"token": oauth_token, "jwt": decoded, "org": {"id": org_id}}
+
+    if get_org_details:
+        csp_client = CspClient(url=profile.current().csp.url, oauth_token=oauth_token)
+        try:
+            org_details = csp_client.get_org_details(org_id)
+        except Exception as e:
+            org_details = {"error": f"Fail retrieving org details: {e}"}
+        ret["org"].update(org_details)
+    return dotify(ret)
+
+
+def get_org_id_from_token(oauth_token: str) -> str:
+    decoded = jwt.decode(oauth_token["access_token"], options={"verify_signature": False})
+    return decoded["context_name"]