PyPI - keboola-cli - Versions diffs - 0.63.4__py3-none-any.whl - Mend

keboola-cli 0.63.4__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (306) hide show

keboola_agent_cli/__init__.py +34 -0
keboola_agent_cli/__main__.py +5 -0
keboola_agent_cli/_ui_dist/assets/arc-DhFYIddx.js +2 -0
keboola_agent_cli/_ui_dist/assets/arc-DhFYIddx.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/architecture-7EHR7CIX-hNCijx_H.js +1 -0
keboola_agent_cli/_ui_dist/assets/architectureDiagram-3BPJPVTR-C6hUlprM.js +37 -0
keboola_agent_cli/_ui_dist/assets/architectureDiagram-3BPJPVTR-C6hUlprM.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/array-BifhSqXX.js +2 -0
keboola_agent_cli/_ui_dist/assets/array-BifhSqXX.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/blockDiagram-GPEHLZMM-DC7qY9i4.js +133 -0
keboola_agent_cli/_ui_dist/assets/blockDiagram-GPEHLZMM-DC7qY9i4.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/c4Diagram-AAUBKEIU-5Lh44evt.js +11 -0
keboola_agent_cli/_ui_dist/assets/c4Diagram-AAUBKEIU-5Lh44evt.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/channel-DBMrXlxx.js +2 -0
keboola_agent_cli/_ui_dist/assets/channel-DBMrXlxx.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-2J33WTMH-Coy82EBh.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-2J33WTMH-Coy82EBh.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-3OPIFGDE-BQC5CRHI.js +63 -0
keboola_agent_cli/_ui_dist/assets/chunk-3OPIFGDE-BQC5CRHI.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-4BX2VUAB-DUuEt70o.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-4BX2VUAB-DUuEt70o.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-55IACEB6-BvR-6chF.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-55IACEB6-BvR-6chF.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-5ZQYHXKU-BjcTN7ul.js +3 -0
keboola_agent_cli/_ui_dist/assets/chunk-5ZQYHXKU-BjcTN7ul.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-727SXJPM-C0zxqqRN.js +207 -0
keboola_agent_cli/_ui_dist/assets/chunk-727SXJPM-C0zxqqRN.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-AQP2D5EJ-CXf7rIlZ.js +232 -0
keboola_agent_cli/_ui_dist/assets/chunk-AQP2D5EJ-CXf7rIlZ.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-BSJP7CBP-Oj_FO9Q7.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-BSJP7CBP-Oj_FO9Q7.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-CSCIHK7Q-CcTsLrFc.js +124 -0
keboola_agent_cli/_ui_dist/assets/chunk-CSCIHK7Q-CcTsLrFc.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-FMBD7UC4-FH-zLkkW.js +16 -0
keboola_agent_cli/_ui_dist/assets/chunk-FMBD7UC4-FH-zLkkW.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-L5ZTLDWV-B1Ky_e7O.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-L5ZTLDWV-B1Ky_e7O.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-ND2GUHAM-BHz1rpbm.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-ND2GUHAM-BHz1rpbm.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-NNHCCRGN-DlpIbxXb.js +160 -0
keboola_agent_cli/_ui_dist/assets/chunk-NNHCCRGN-DlpIbxXb.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-NZK2D7GU-tnrSoegS.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-NZK2D7GU-tnrSoegS.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-O5CBEL6O-DxxqDH0l.js +71 -0
keboola_agent_cli/_ui_dist/assets/chunk-O5CBEL6O-DxxqDH0l.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/chunk-QZHKN3VN-CSjc2gjj.js +2 -0
keboola_agent_cli/_ui_dist/assets/chunk-QZHKN3VN-CSjc2gjj.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/classDiagram-4FO5ZUOK-BuZcZu85.js +2 -0
keboola_agent_cli/_ui_dist/assets/classDiagram-4FO5ZUOK-BuZcZu85.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/classDiagram-v2-Q7XG4LA2-BuZcZu85.js +2 -0
keboola_agent_cli/_ui_dist/assets/classDiagram-v2-Q7XG4LA2-BuZcZu85.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/cose-bilkent-S5V4N54A-Y0L8LDMa.js +2 -0
keboola_agent_cli/_ui_dist/assets/cose-bilkent-S5V4N54A-Y0L8LDMa.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/cytoscape.esm-C8YCVR3_.js +322 -0
keboola_agent_cli/_ui_dist/assets/cytoscape.esm-C8YCVR3_.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/dagre-BM42HDAG-UZ-9BTqF.js +5 -0
keboola_agent_cli/_ui_dist/assets/dagre-BM42HDAG-UZ-9BTqF.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/dagre-Bx709z4p.js +2 -0
keboola_agent_cli/_ui_dist/assets/dagre-Bx709z4p.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/defaultLocale-C8Fc0cco.js +2 -0
keboola_agent_cli/_ui_dist/assets/defaultLocale-C8Fc0cco.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/diagram-2AECGRRQ-DoDQ60wi.js +44 -0
keboola_agent_cli/_ui_dist/assets/diagram-2AECGRRQ-DoDQ60wi.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/diagram-5GNKFQAL-CMGFxpUs.js +11 -0
keboola_agent_cli/_ui_dist/assets/diagram-5GNKFQAL-CMGFxpUs.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/diagram-KO2AKTUF-1uGDa-Iu.js +4 -0
keboola_agent_cli/_ui_dist/assets/diagram-KO2AKTUF-1uGDa-Iu.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/diagram-LMA3HP47-XtFH7B51.js +25 -0
keboola_agent_cli/_ui_dist/assets/diagram-LMA3HP47-XtFH7B51.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/diagram-OG6HWLK6-B4_Te1T5.js +25 -0
keboola_agent_cli/_ui_dist/assets/diagram-OG6HWLK6-B4_Te1T5.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/dist-Di6zmlv0.js +2 -0
keboola_agent_cli/_ui_dist/assets/dist-Di6zmlv0.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/erDiagram-TEJ5UH35-NjQkrdFt.js +86 -0
keboola_agent_cli/_ui_dist/assets/erDiagram-TEJ5UH35-NjQkrdFt.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/eventmodeling-FCH6USID-BrJMIks8.js +1 -0
keboola_agent_cli/_ui_dist/assets/flowDiagram-I6XJVG4X-CIr8DWl7.js +163 -0
keboola_agent_cli/_ui_dist/assets/flowDiagram-I6XJVG4X-CIr8DWl7.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/ganttDiagram-6RSMTGT7-C1VY_xbQ.js +293 -0
keboola_agent_cli/_ui_dist/assets/ganttDiagram-6RSMTGT7-C1VY_xbQ.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/gitGraph-WXDBUCRP-COacYjo-.js +1 -0
keboola_agent_cli/_ui_dist/assets/gitGraphDiagram-PVQCEYII-DQT8-kg2.js +107 -0
keboola_agent_cli/_ui_dist/assets/gitGraphDiagram-PVQCEYII-DQT8-kg2.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/graphlib-B8gBHxth.js +2 -0
keboola_agent_cli/_ui_dist/assets/graphlib-B8gBHxth.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/index-CMq50kkV.css +1 -0
keboola_agent_cli/_ui_dist/assets/index-D8W97DAz.js +118 -0
keboola_agent_cli/_ui_dist/assets/index-D8W97DAz.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/info-J43DQDTF-DdCTRIzU.js +1 -0
keboola_agent_cli/_ui_dist/assets/infoDiagram-5YYISTIA-C77rsoTp.js +3 -0
keboola_agent_cli/_ui_dist/assets/infoDiagram-5YYISTIA-C77rsoTp.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/init-D6jRqBbL.js +2 -0
keboola_agent_cli/_ui_dist/assets/init-D6jRqBbL.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/ishikawaDiagram-YF4QCWOH-BcTbXaLy.js +71 -0
keboola_agent_cli/_ui_dist/assets/ishikawaDiagram-YF4QCWOH-BcTbXaLy.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/journeyDiagram-JHISSGLW-BejeAJQ_.js +140 -0
keboola_agent_cli/_ui_dist/assets/journeyDiagram-JHISSGLW-BejeAJQ_.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/kanban-definition-UN3LZRKU-BRNz_UrH.js +90 -0
keboola_agent_cli/_ui_dist/assets/kanban-definition-UN3LZRKU-BRNz_UrH.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/katex-C4eR7coU.js +258 -0
keboola_agent_cli/_ui_dist/assets/katex-C4eR7coU.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/line-CzAQKFbJ.js +2 -0
keboola_agent_cli/_ui_dist/assets/line-CzAQKFbJ.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/linear-DUNFFdck.js +2 -0
keboola_agent_cli/_ui_dist/assets/linear-DUNFFdck.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/mermaid-parser.core-CpuBOkFa.js +5 -0
keboola_agent_cli/_ui_dist/assets/mermaid-parser.core-CpuBOkFa.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/mindmap-definition-RKZ34NQL-9EJQNjH0.js +97 -0
keboola_agent_cli/_ui_dist/assets/mindmap-definition-RKZ34NQL-9EJQNjH0.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/ordinal-hYBb2elL.js +2 -0
keboola_agent_cli/_ui_dist/assets/ordinal-hYBb2elL.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/packet-YPE3B663-DLiiw_B2.js +1 -0
keboola_agent_cli/_ui_dist/assets/path-BWPyau1x.js +2 -0
keboola_agent_cli/_ui_dist/assets/path-BWPyau1x.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/pie-LRSECV5Y-CRoO8G1g.js +1 -0
keboola_agent_cli/_ui_dist/assets/pieDiagram-4H26LBE5-XH4cy6Cb.js +31 -0
keboola_agent_cli/_ui_dist/assets/pieDiagram-4H26LBE5-XH4cy6Cb.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/quadrantDiagram-W4KKPZXB-fdhc93U8.js +8 -0
keboola_agent_cli/_ui_dist/assets/quadrantDiagram-W4KKPZXB-fdhc93U8.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/radar-GUYGQ44K-DAlLVJHm.js +1 -0
keboola_agent_cli/_ui_dist/assets/requirementDiagram-4Y6WPE33-a94eP3R9.js +85 -0
keboola_agent_cli/_ui_dist/assets/requirementDiagram-4Y6WPE33-a94eP3R9.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/rough.esm-CSKSodPl.js +2 -0
keboola_agent_cli/_ui_dist/assets/rough.esm-CSKSodPl.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/sankeyDiagram-5OEKKPKP-jcBa02sp.js +41 -0
keboola_agent_cli/_ui_dist/assets/sankeyDiagram-5OEKKPKP-jcBa02sp.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/sequenceDiagram-3UESZ5HK-A5-GGM-e.js +163 -0
keboola_agent_cli/_ui_dist/assets/sequenceDiagram-3UESZ5HK-A5-GGM-e.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/src-ZI-V_AF0.js +2 -0
keboola_agent_cli/_ui_dist/assets/src-ZI-V_AF0.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/stateDiagram-AJRCARHV-BKAA5rqE.js +2 -0
keboola_agent_cli/_ui_dist/assets/stateDiagram-AJRCARHV-BKAA5rqE.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/stateDiagram-v2-BHNVJYJU-DnJwJBsE.js +2 -0
keboola_agent_cli/_ui_dist/assets/stateDiagram-v2-BHNVJYJU-DnJwJBsE.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/timeline-definition-PNZ67QCA-Cy39jp8b.js +121 -0
keboola_agent_cli/_ui_dist/assets/timeline-definition-PNZ67QCA-Cy39jp8b.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/treeView-BLDUP644-DbLYl23-.js +1 -0
keboola_agent_cli/_ui_dist/assets/treemap-LRROVOQU-Bp0eGlOt.js +1 -0
keboola_agent_cli/_ui_dist/assets/vennDiagram-CIIHVFJN-BGECKubd.js +35 -0
keboola_agent_cli/_ui_dist/assets/vennDiagram-CIIHVFJN-BGECKubd.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/wardley-L42UT6IY-D4yH4jqS.js +1 -0
keboola_agent_cli/_ui_dist/assets/wardleyDiagram-YWT4CUSO-D6XRG3cZ.js +79 -0
keboola_agent_cli/_ui_dist/assets/wardleyDiagram-YWT4CUSO-D6XRG3cZ.js.map +1 -0
keboola_agent_cli/_ui_dist/assets/xychartDiagram-2RQKCTM6-DRre-pfZ.js +8 -0
keboola_agent_cli/_ui_dist/assets/xychartDiagram-2RQKCTM6-DRre-pfZ.js.map +1 -0
keboola_agent_cli/_ui_dist/index.html +50 -0
keboola_agent_cli/ai_client.py +83 -0
keboola_agent_cli/auto_update.py +550 -0
keboola_agent_cli/changelog.py +1198 -0
keboola_agent_cli/cli.py +448 -0
keboola_agent_cli/client.py +3422 -0
keboola_agent_cli/commands/__init__.py +0 -0
keboola_agent_cli/commands/_data_app_git.py +343 -0
keboola_agent_cli/commands/_helpers.py +377 -0
keboola_agent_cli/commands/_metadata_input.py +49 -0
keboola_agent_cli/commands/_semantic_layer_crud.py +632 -0
keboola_agent_cli/commands/_semantic_layer_helpers.py +44 -0
keboola_agent_cli/commands/_semantic_layer_reference_data.py +247 -0
keboola_agent_cli/commands/agent.py +968 -0
keboola_agent_cli/commands/branch.py +423 -0
keboola_agent_cli/commands/changelog.py +168 -0
keboola_agent_cli/commands/component.py +216 -0
keboola_agent_cli/commands/config.py +2442 -0
keboola_agent_cli/commands/context.py +1481 -0
keboola_agent_cli/commands/data_app.py +1279 -0
keboola_agent_cli/commands/dev_portal.py +584 -0
keboola_agent_cli/commands/doctor.py +37 -0
keboola_agent_cli/commands/encrypt.py +145 -0
keboola_agent_cli/commands/feature.py +311 -0
keboola_agent_cli/commands/flow.py +948 -0
keboola_agent_cli/commands/http_client.py +157 -0
keboola_agent_cli/commands/init.py +279 -0
keboola_agent_cli/commands/job.py +661 -0
keboola_agent_cli/commands/kai.py +301 -0
keboola_agent_cli/commands/lineage.py +1464 -0
keboola_agent_cli/commands/org.py +292 -0
keboola_agent_cli/commands/permissions.py +360 -0
keboola_agent_cli/commands/project.py +1192 -0
keboola_agent_cli/commands/repl.py +243 -0
keboola_agent_cli/commands/schedule.py +340 -0
keboola_agent_cli/commands/search.py +178 -0
keboola_agent_cli/commands/semantic_layer.py +939 -0
keboola_agent_cli/commands/serve.py +272 -0
keboola_agent_cli/commands/sharing.py +340 -0
keboola_agent_cli/commands/storage.py +2630 -0
keboola_agent_cli/commands/stream.py +266 -0
keboola_agent_cli/commands/sync.py +1277 -0
keboola_agent_cli/commands/tool.py +206 -0
keboola_agent_cli/commands/version.py +186 -0
keboola_agent_cli/commands/workspace.py +635 -0
keboola_agent_cli/config_store.py +582 -0
keboola_agent_cli/constants.py +528 -0
keboola_agent_cli/data_science_client.py +342 -0
keboola_agent_cli/dev_portal_client.py +323 -0
keboola_agent_cli/errors.py +248 -0
keboola_agent_cli/http_base.py +315 -0
keboola_agent_cli/json_utils.py +126 -0
keboola_agent_cli/lib.py +536 -0
keboola_agent_cli/manage_client.py +324 -0
keboola_agent_cli/metastore_client.py +214 -0
keboola_agent_cli/models.py +427 -0
keboola_agent_cli/output.py +1084 -0
keboola_agent_cli/permissions.py +469 -0
keboola_agent_cli/py.typed +3 -0
keboola_agent_cli/result_models.py +271 -0
keboola_agent_cli/server/__init__.py +34 -0
keboola_agent_cli/server/agent_runner.py +1289 -0
keboola_agent_cli/server/agents_store.py +325 -0
keboola_agent_cli/server/app.py +764 -0
keboola_agent_cli/server/auth.py +117 -0
keboola_agent_cli/server/dependencies.py +149 -0
keboola_agent_cli/server/pricing.py +303 -0
keboola_agent_cli/server/routers/__init__.py +1 -0
keboola_agent_cli/server/routers/agents.py +616 -0
keboola_agent_cli/server/routers/ai_chat.py +129 -0
keboola_agent_cli/server/routers/branches.py +133 -0
keboola_agent_cli/server/routers/components.py +48 -0
keboola_agent_cli/server/routers/configs.py +507 -0
keboola_agent_cli/server/routers/data_apps.py +384 -0
keboola_agent_cli/server/routers/dev_portal.py +67 -0
keboola_agent_cli/server/routers/encrypt.py +35 -0
keboola_agent_cli/server/routers/feature.py +179 -0
keboola_agent_cli/server/routers/flows.py +204 -0
keboola_agent_cli/server/routers/health.py +53 -0
keboola_agent_cli/server/routers/jobs.py +175 -0
keboola_agent_cli/server/routers/kai.py +80 -0
keboola_agent_cli/server/routers/lineage.py +226 -0
keboola_agent_cli/server/routers/mcp.py +70 -0
keboola_agent_cli/server/routers/members.py +170 -0
keboola_agent_cli/server/routers/org.py +96 -0
keboola_agent_cli/server/routers/projects.py +106 -0
keboola_agent_cli/server/routers/schedules.py +54 -0
keboola_agent_cli/server/routers/search.py +30 -0
keboola_agent_cli/server/routers/semantic_layer.py +650 -0
keboola_agent_cli/server/routers/sharing.py +86 -0
keboola_agent_cli/server/routers/storage.py +574 -0
keboola_agent_cli/server/routers/stream.py +100 -0
keboola_agent_cli/server/routers/workspaces.py +302 -0
keboola_agent_cli/server/run_broadcaster.py +329 -0
keboola_agent_cli/server/sse.py +25 -0
keboola_agent_cli/services/__init__.py +0 -0
keboola_agent_cli/services/_encryption.py +217 -0
keboola_agent_cli/services/_semantic_layer_cascade.py +147 -0
keboola_agent_cli/services/_semantic_layer_crud.py +382 -0
keboola_agent_cli/services/_semantic_layer_internals.py +1078 -0
keboola_agent_cli/services/_semantic_layer_lookup.py +181 -0
keboola_agent_cli/services/_semantic_layer_reference_data.py +217 -0
keboola_agent_cli/services/_sync_bindings.py +456 -0
keboola_agent_cli/services/_sync_branch.py +191 -0
keboola_agent_cli/services/_sync_bulk.py +228 -0
keboola_agent_cli/services/_sync_clone.py +163 -0
keboola_agent_cli/services/_sync_models.py +97 -0
keboola_agent_cli/services/_sync_push_ops.py +369 -0
keboola_agent_cli/services/_sync_storage.py +376 -0
keboola_agent_cli/services/_sync_writeback.py +167 -0
keboola_agent_cli/services/agent_service.py +458 -0
keboola_agent_cli/services/base.py +175 -0
keboola_agent_cli/services/branch_service.py +588 -0
keboola_agent_cli/services/component_service.py +694 -0
keboola_agent_cli/services/config_service.py +2099 -0
keboola_agent_cli/services/data_app_git_service.py +224 -0
keboola_agent_cli/services/data_app_service.py +2082 -0
keboola_agent_cli/services/deep_lineage_service.py +1322 -0
keboola_agent_cli/services/dev_portal_service.py +345 -0
keboola_agent_cli/services/doctor_service.py +445 -0
keboola_agent_cli/services/encrypt_service.py +87 -0
keboola_agent_cli/services/feature_service.py +268 -0
keboola_agent_cli/services/flow_service.py +769 -0
keboola_agent_cli/services/flow_validation.py +188 -0
keboola_agent_cli/services/http_forwarder_service.py +236 -0
keboola_agent_cli/services/job_idempotency_store.py +285 -0
keboola_agent_cli/services/job_service.py +797 -0
keboola_agent_cli/services/kai_service.py +367 -0
keboola_agent_cli/services/lineage_service.py +274 -0
keboola_agent_cli/services/mcp_service.py +1498 -0
keboola_agent_cli/services/mcp_transport.py +259 -0
keboola_agent_cli/services/member_service.py +593 -0
keboola_agent_cli/services/org_service.py +619 -0
keboola_agent_cli/services/project_service.py +947 -0
keboola_agent_cli/services/repo_validate_service.py +767 -0
keboola_agent_cli/services/schedule_service.py +731 -0
keboola_agent_cli/services/search_service.py +331 -0
keboola_agent_cli/services/semantic_layer_service.py +1497 -0
keboola_agent_cli/services/sharing_service.py +307 -0
keboola_agent_cli/services/storage_service.py +2524 -0
keboola_agent_cli/services/stream_service.py +395 -0
keboola_agent_cli/services/sync_service.py +2244 -0
keboola_agent_cli/services/variables_service.py +447 -0
keboola_agent_cli/services/version_service.py +1038 -0
keboola_agent_cli/services/workspace_service.py +1103 -0
keboola_agent_cli/stream_client.py +217 -0
keboola_agent_cli/sync/__init__.py +1 -0
keboola_agent_cli/sync/branch_mapping.py +174 -0
keboola_agent_cli/sync/clone.py +211 -0
keboola_agent_cli/sync/code_extraction.py +655 -0
keboola_agent_cli/sync/config_format.py +290 -0
keboola_agent_cli/sync/diff_engine.py +566 -0
keboola_agent_cli/sync/git_utils.py +93 -0
keboola_agent_cli/sync/manifest.py +162 -0
keboola_agent_cli/sync/naming.py +90 -0
keboola_agent_cli/sync/secrets.py +62 -0
keboola_agent_cli/sync/sql_split.py +134 -0
keboola_cli-0.63.4.dist-info/METADATA +308 -0
keboola_cli-0.63.4.dist-info/RECORD +306 -0
keboola_cli-0.63.4.dist-info/WHEEL +4 -0
keboola_cli-0.63.4.dist-info/entry_points.txt +2 -0

keboola_agent_cli/permissions.py ADDED Viewed

@@ -0,0 +1,469 @@
+"""Firewall-style permission engine for CLI commands and MCP tools.
+Provides an operation registry mapping every CLI command and MCP tool category
+to a risk level, and a PermissionEngine that evaluates allow/deny policies
+with pattern matching (exact, glob, category).
+"""
+import fnmatch
+from .errors import PermissionDeniedError
+from .models import PermissionPolicy
+# Risk categories for all CLI operations.
+# read = no side effects, write = creates/modifies, destructive = deletes, admin = org-level
+OPERATION_REGISTRY: dict[str, str] = {
+    # Project management
+    "project.add": "admin",
+    "project.list": "read",
+    "project.remove": "admin",
+    "project.edit": "admin",
+    "project.status": "read",
+    "project.refresh": "admin",
+    "project.description-get": "read",
+    "project.description-set": "write",
+    "project.use": "write",
+    "project.current": "read",
+    "project.info": "read",
+    "project.invite": "admin",
+    "project.member-list": "read",
+    "project.invitation-list": "read",
+    "project.invitation-cancel": "admin",
+    "project.member-remove": "destructive",
+    "project.member-set-role": "admin",
+    # Feature flags (super-admin manage token). Reads are safe; enabling a
+    # feature is an org-level decision (admin); removing one is destructive.
+    "feature.list": "read",
+    "feature.project-show": "read",
+    "feature.project-add": "admin",
+    "feature.project-remove": "destructive",
+    "feature.user-show": "read",
+    "feature.user-add": "admin",
+    "feature.user-remove": "destructive",
+    # Data Streams (OTLP). Listing/inspecting sources is read-only; creating a
+    # source provisions ingest infrastructure (write); deleting one is destructive.
+    "stream.list": "read",
+    "stream.detail": "read",
+    "stream.create-source": "write",
+    "stream.delete": "destructive",
+    # Config browsing & management
+    "config.list": "read",
+    "config.detail": "read",
+    "config.search": "read",
+    "config.update": "write",
+    "config.set-default-bucket": "write",
+    "config.rename": "write",
+    "config.delete": "destructive",
+    "config.new": "write",
+    "config.variables-set": "write",
+    "config.variables-get": "read",
+    "config.variables-clear": "destructive",
+    "config.metadata-list": "read",
+    "config.get-metadata": "read",
+    "config.set-metadata": "write",
+    "config.delete-metadata": "destructive",
+    "config.set-folder": "write",
+    "config.row-create": "write",
+    "config.row-update": "write",
+    "config.row-delete": "destructive",
+    "config.oauth-url": "read",
+    # Job history
+    "job.list": "read",
+    "job.detail": "read",
+    "job.run": "write",
+    "job.terminate": "destructive",
+    # Lineage
+    "lineage.build": "read",
+    "lineage.info": "read",
+    "lineage.show": "read",
+    "lineage.server": "read",
+    # Sharing
+    "sharing.list": "read",
+    "sharing.edges": "read",
+    "sharing.share": "write",
+    "sharing.unshare": "write",
+    "sharing.link": "write",
+    "sharing.unlink": "write",
+    # Organization
+    "org.setup": "admin",
+    # Branch lifecycle
+    "branch.list": "read",
+    "branch.create": "write",
+    "branch.use": "write",
+    "branch.reset": "write",
+    "branch.delete": "destructive",
+    "branch.merge": "write",
+    "branch.metadata-list": "read",
+    "branch.metadata-get": "read",
+    "branch.metadata-set": "write",
+    "branch.metadata-delete": "destructive",
+    # Workspace lifecycle
+    "workspace.create": "write",
+    "workspace.list": "read",
+    "workspace.detail": "read",
+    "workspace.delete": "destructive",
+    "workspace.password": "read",
+    "workspace.load": "write",
+    "workspace.query": "write",
+    "workspace.from-transformation": "write",
+    "workspace.gc": "destructive",
+    # Scheduled agent tasks (kbagent agent ...; touches only local
+    # agents.json + spawns subprocesses via the runner).
+    "agent.list": "read",
+    "agent.show": "read",
+    "agent.create": "write",
+    "agent.update": "write",
+    "agent.delete": "destructive",
+    # Run is classified write -- ai_agent/cli_command actions can mutate
+    # external state via subprocesses; deny-writes should block this.
+    "agent.run": "write",
+    "agent.runs": "read",
+    "agent.run-detail": "read",
+    "agent.run-events": "read",
+    "agent.test": "write",
+    "agent.cron-preview": "read",
+    "agent.prompt-improve": "write",
+    # MCP tools
+    "tool.list": "read",
+    "tool.call": "write",
+    # Kai (Keboola AI Assistant)
+    "kai.ping": "read",
+    "kai.preflight": "read",
+    "kai.ask": "read",
+    "kai.chat": "write",
+    "kai.chat-detail": "read",
+    "kai.history": "read",
+    # Component discovery
+    "component.list": "read",
+    "component.detail": "read",
+    # Developer Portal (since 0.48.0)
+    # Developer Portal — top-level commands on `dev-portal` (the identity
+    # sub-app's leaves are listed separately below under dev-portal.identity.*).
+    # Categories follow data-app.secrets-* precedent: credential add/edit are
+    # `write`, not `admin` (admin is reserved for org-level operations).
+    "dev-portal.identity": "read",  # parent-callback descent (allow into sub-app)
+    "dev-portal.list": "read",
+    "dev-portal.get": "read",
+    "dev-portal.create": "write",
+    "dev-portal.patch": "write",
+    "dev-portal.upload-icon": "write",
+    "dev-portal.publish": "admin",
+    "dev-portal.deprecate": "destructive",
+    # Data apps (Data Science API + keboola.data-apps Storage component)
+    "data-app.list": "read",
+    "data-app.detail": "read",
+    "data-app.password": "read",
+    "data-app.logs": "read",
+    "data-app.create": "write",
+    "data-app.deploy": "write",
+    "data-app.start": "write",
+    "data-app.stop": "write",
+    "data-app.delete": "destructive",
+    # Data apps - secrets + validate-repo (new in 0.28.0)
+    "data-app.secrets-set": "write",
+    "data-app.secrets-list": "read",
+    "data-app.secrets-get": "read",
+    "data-app.secrets-remove": "destructive",
+    "data-app.validate-repo": "read",
+    # Data apps - git-repo introspection + managed-repo credentials
+    "data-app.git-repo": "read",
+    "data-app.git-branches": "read",
+    "data-app.git-entrypoints": "read",
+    "data-app.git-credentials": "read",
+    "data-app.git-credentials-create": "write",
+    # Developer Portal — identity sub-app leaves (composed by the
+    # identity_app callback as "dev-portal.identity.<subcommand>")
+    "dev-portal.identity.add": "write",
+    "dev-portal.identity.list": "read",
+    "dev-portal.identity.remove": "write",
+    "dev-portal.identity.edit": "write",
+    "dev-portal.identity.use": "write",
+    "dev-portal.identity.current": "read",
+    "dev-portal.identity.verify": "read",
+    # Storage browsing
+    "storage.buckets": "read",
+    "storage.bucket-detail": "read",
+    "storage.tables": "read",
+    "storage.table-detail": "read",
+    "storage.download-table": "read",
+    # Storage write
+    "storage.create-bucket": "write",
+    "storage.create-table": "write",
+    "storage.add-column": "write",
+    "storage.upload-table": "write",
+    # clone-table pulls a prod table into a dev branch (materialization); it
+    # creates a branch-local copy and never deletes -- write, not destructive.
+    "storage.clone-table": "write",
+    # Storage files
+    "storage.files": "read",
+    "storage.file-detail": "read",
+    "storage.file-download": "read",
+    "storage.file-upload": "write",
+    "storage.file-tag": "write",
+    "storage.load-file": "write",
+    "storage.unload-table": "read",
+    # Storage destructive
+    "storage.delete-table": "destructive",
+    "storage.delete-column": "destructive",
+    "storage.delete-bucket": "destructive",
+    "storage.file-delete": "destructive",
+    "storage.swap-tables": "destructive",
+    "storage.truncate-table": "destructive",
+    # Storage descriptions
+    "storage.describe-bucket": "write",
+    "storage.describe-table": "write",
+    "storage.describe-column": "write",
+    "storage.describe-batch": "write",
+    # Encryption
+    "encrypt.values": "write",
+    # Semantic layer (metastore) — new in 0.41.0
+    "semantic-layer.show": "read",
+    "semantic-layer.validate": "read",
+    "semantic-layer.export": "read",
+    "semantic-layer.diff": "read",
+    "semantic-layer.search-context": "read",
+    "semantic-layer.get-context": "read",
+    # The `model` sub-app: the parent `semantic-layer` callback fires first
+    # with ctx.invoked_subcommand == "model" and synthesizes operation key
+    # ``semantic-layer.model``. We expose that key at the LEAST-privileged
+    # leaf risk (read) so the parent permits descent — the model sub-app's
+    # own callback then runs with the per-leaf keys below and enforces the
+    # actual gate. Without the parent-level key the fail-closed default
+    # treats ``semantic-layer.model`` as ``write`` and denies even
+    # ``model list`` under ``--deny-writes``.
+    "semantic-layer.model": "read",
+    "semantic-layer.model.list": "read",
+    "semantic-layer.model.create": "write",
+    "semantic-layer.model.delete": "destructive",
+    # The add/edit/remove sub-apps: same parent-callback pattern as `model`
+    # above -- the parent semantic-layer callback fires with the collapsed
+    # key, then the sub-app callback composes per-leaf operation keys via
+    # the standard ``check_cli_permission`` helper. Every leaf inside one
+    # sub-app shares the same risk class (add=write, edit=write,
+    # remove=destructive), so the per-leaf keys all carry that class.
+    "semantic-layer.add": "write",
+    "semantic-layer.add.metric": "write",
+    "semantic-layer.add.dataset": "write",
+    "semantic-layer.add.relationship": "write",
+    "semantic-layer.add.constraint": "write",
+    "semantic-layer.add.glossary": "write",
+    "semantic-layer.edit": "write",
+    "semantic-layer.edit.metric": "write",
+    "semantic-layer.edit.dataset": "write",
+    "semantic-layer.edit.constraint": "write",
+    "semantic-layer.edit.relationship": "write",
+    "semantic-layer.edit.glossary": "write",
+    "semantic-layer.import": "write",
+    "semantic-layer.promote": "write",
+    "semantic-layer.build": "write",
+    # `token --encrypt` calls EncryptService, same blast radius as
+    # `encrypt.values` which is `write`. Classified `write` for parity:
+    # users opting out via --deny-writes block both consistently.
+    "semantic-layer.token": "write",
+    "semantic-layer.remove": "destructive",
+    "semantic-layer.remove.metric": "destructive",
+    "semantic-layer.remove.dataset": "destructive",
+    "semantic-layer.remove.constraint": "destructive",
+    "semantic-layer.remove.relationship": "destructive",
+    "semantic-layer.remove.glossary": "destructive",
+    # `reference-data` sub-app: dimension-member records (e.g. a Chart of
+    # Accounts). Parent key at the least-privileged level (read) so the
+    # top-level `semantic-layer` callback does not over-block `list` / `get`;
+    # per-leaf keys carry the real classification.
+    "semantic-layer.reference-data": "read",
+    "semantic-layer.reference-data.list": "read",
+    "semantic-layer.reference-data.get": "read",
+    "semantic-layer.reference-data.set": "write",
+    "semantic-layer.reference-data.delete": "destructive",
+    # Raw HTTP client against `kbagent serve` (used by AI subprocesses).
+    # Categorised by the underlying HTTP method: GET = read, mutating verbs
+    # = write. The serve's own routes enforce their own permissions on top.
+    "http.get": "read",
+    "http.post": "write",
+    "http.patch": "write",
+    "http.delete": "destructive",
+    # Sync / git workflow
+    "sync.init": "read",
+    "sync.pull": "read",
+    "sync.status": "read",
+    "sync.diff": "read",
+    "sync.push": "write",
+    "sync.clone": "write",
+    "sync.branch-link": "write",
+    "sync.branch-unlink": "write",
+    "sync.branch-status": "read",
+    # Flow operations
+    "flow.list": "read",
+    "flow.detail": "read",
+    "flow.schema": "read",
+    "flow.validate": "read",
+    "flow.new": "write",
+    "flow.update": "write",
+    "flow.delete": "destructive",
+    "flow.schedule": "write",
+    "flow.schedule-remove": "destructive",
+    # Schedule discovery / audit (read-only)
+    "schedule.list": "read",
+    "schedule.detail": "read",
+    "schedule.find": "read",
+    # Top-level commands
+    "search": "read",
+    "init": "admin",
+    "doctor": "read",
+    "version": "read",
+    "update": "admin",
+    "changelog": "read",
+    "context": "read",
+    "repl": "read",
+    "serve": "admin",
+    # Permissions (always allowed -- listed for completeness)
+    "permissions.list": "read",
+    "permissions.show": "read",
+    "permissions.set": "admin",
+    "permissions.reset": "admin",
+    "permissions.check": "read",
+}
+# Prefixes for classifying MCP tools (mirrors mcp_service.py WRITE_PREFIXES)
+_MCP_WRITE_PREFIXES = ("create_", "update_", "add_", "set_")
+_MCP_DESTRUCTIVE_PREFIXES = ("delete_", "remove_")
+def classify_mcp_tool(tool_name: str) -> str:
+    """Classify an MCP tool by its name prefix.
+    Returns:
+        Risk category: 'read', 'write', or 'destructive'.
+    """
+    if tool_name.startswith(_MCP_DESTRUCTIVE_PREFIXES):
+        return "destructive"
+    if tool_name.startswith(_MCP_WRITE_PREFIXES):
+        return "write"
+    return "read"
+def _matches_pattern(operation: str, pattern: str) -> bool:
+    """Check if an operation matches a permission pattern.
+    Supports:
+    - Exact: 'branch.delete' matches 'branch.delete'
+    - Glob: 'sync.*' matches 'sync.push', 'tool:create_*' matches 'tool:create_config'
+    - Category 'cli:read' matches all CLI ops with category 'read'
+    - Category 'cli:write' matches all CLI ops with category 'write' or 'destructive' or 'admin'
+    - Category 'tool:read' matches all MCP tools (tool:*) with read classification
+    - Category 'tool:write' matches all MCP tools (tool:*) with write or destructive classification
+    """
+    # Category patterns: cli:read, cli:write, tool:read, tool:write
+    if pattern in ("cli:read", "cli:write", "cli:destructive", "cli:admin"):
+        # cli:* patterns only match CLI operations, never MCP tools
+        if operation.startswith("tool:"):
+            return False
+        target_category = pattern.split(":")[1]
+        # Fail-closed: unknown CLI ops default to 'write' so they are
+        # blocked by cli:write policies. This prevents new commands from
+        # bypassing restrictions if OPERATION_REGISTRY is not updated.
+        op_category = OPERATION_REGISTRY.get(operation, "write")
+        if target_category == "write":
+            # cli:write matches write, destructive, and admin
+            return op_category in ("write", "destructive", "admin")
+        return op_category == target_category
+    if pattern in ("tool:read", "tool:write", "tool:destructive"):
+        target_category = pattern.split(":")[1]
+        if not operation.startswith("tool:"):
+            return False
+        tool_name = operation[5:]  # strip 'tool:' prefix
+        tool_category = classify_mcp_tool(tool_name)
+        if target_category == "write":
+            # tool:write matches write and destructive
+            return tool_category in ("write", "destructive")
+        return tool_category == target_category
+    # Exact or glob match
+    return fnmatch.fnmatch(operation, pattern)
+class PermissionEngine:
+    """Evaluates permission policies against operations.
+    Thread-safe and stateless per call -- safe to share across contexts.
+    """
+    def __init__(self, policy: PermissionPolicy | None) -> None:
+        self._policy = policy
+    @property
+    def active(self) -> bool:
+        """Whether a permission policy is configured."""
+        return self._policy is not None
+    def is_allowed(self, operation: str) -> bool:
+        """Check if an operation is allowed by the active policy.
+        Returns True if no policy is configured (no restrictions).
+        Fail-closed: CLI operations not in OPERATION_REGISTRY are treated as
+        'write' for category matching. This ensures new commands added without
+        updating the registry are blocked by policies like 'deny cli:write'.
+        """
+        if self._policy is None:
+            return True
+        # permissions.* commands are always allowed (prevent lockout)
+        if operation.startswith("permissions."):
+            return True
+        denied = any(_matches_pattern(operation, p) for p in self._policy.deny)
+        allowed = any(_matches_pattern(operation, p) for p in self._policy.allow)
+        if self._policy.mode == "allow":
+            # Default-allow: blocked only if deny matches (and allow doesn't override)
+            return not (denied and not allowed)
+        # Default-deny: allowed only if allow matches (and deny doesn't override)
+        return bool(allowed and not denied)
+    def check_or_raise(self, operation: str) -> None:
+        """Check if an operation is allowed, raising PermissionDeniedError if not."""
+        if not self.is_allowed(operation):
+            raise PermissionDeniedError(operation)
+    def list_operations(self) -> list[dict[str, str]]:
+        """List all known operations with their category and allowed/denied status.
+        Returns a list of dicts with keys: name, category, status ('allowed' or 'denied').
+        Includes both CLI operations and MCP tool category summaries.
+        """
+        ops: list[dict[str, str]] = []
+        # CLI operations
+        for name, category in sorted(OPERATION_REGISTRY.items()):
+            status = "allowed" if self.is_allowed(name) else "denied"
+            ops.append({"name": name, "type": "cli", "category": category, "status": status})
+        # MCP tool categories (virtual entries for reference)
+        mcp_categories = [
+            ("tool:read", "read", "All MCP read tools (get_*, list_*, search, find_*, docs_query)"),
+            ("tool:write", "write", "All MCP write tools (create_*, update_*, add_*, set_*)"),
+            (
+                "tool:destructive",
+                "destructive",
+                "All MCP destructive tools (delete_*, remove_*)",
+            ),
+        ]
+        for name, category, description in mcp_categories:
+            # Check a representative tool for status
+            representative = "tool:get_buckets" if category == "read" else "tool:create_config"
+            if category == "destructive":
+                representative = "tool:delete_config"
+            status = "allowed" if self.is_allowed(representative) else "denied"
+            ops.append(
+                {
+                    "name": name,
+                    "type": "mcp",
+                    "category": category,
+                    "status": status,
+                    "description": description,
+                }
+            )
+        return ops

keboola_agent_cli/py.typed ADDED Viewed

@@ -0,0 +1,3 @@
+# PEP 561 marker: keboola_agent_cli ships inline type annotations.
+# Downstream mypy / ty / IDEs treat the importable SDK (Client, the
+# result_models.* contracts) as typed. See issue #428.