omnibase_infra 0.2.6__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- omnibase_infra/__init__.py +101 -0
- omnibase_infra/adapters/adapter_onex_tool_execution.py +451 -0
- omnibase_infra/capabilities/__init__.py +15 -0
- omnibase_infra/capabilities/capability_inference_rules.py +211 -0
- omnibase_infra/capabilities/contract_capability_extractor.py +221 -0
- omnibase_infra/capabilities/intent_type_extractor.py +160 -0
- omnibase_infra/cli/__init__.py +1 -0
- omnibase_infra/cli/commands.py +216 -0
- omnibase_infra/clients/__init__.py +0 -0
- omnibase_infra/configs/widget_mapping.yaml +176 -0
- omnibase_infra/constants_topic_patterns.py +26 -0
- omnibase_infra/contracts/handlers/filesystem/handler_contract.yaml +264 -0
- omnibase_infra/contracts/handlers/mcp/handler_contract.yaml +141 -0
- omnibase_infra/decorators/__init__.py +29 -0
- omnibase_infra/decorators/allow_any.py +109 -0
- omnibase_infra/dlq/__init__.py +90 -0
- omnibase_infra/dlq/constants_dlq.py +57 -0
- omnibase_infra/dlq/models/__init__.py +26 -0
- omnibase_infra/dlq/models/enum_replay_status.py +37 -0
- omnibase_infra/dlq/models/model_dlq_replay_record.py +135 -0
- omnibase_infra/dlq/models/model_dlq_tracking_config.py +184 -0
- omnibase_infra/dlq/service_dlq_tracking.py +611 -0
- omnibase_infra/enums/__init__.py +132 -0
- omnibase_infra/enums/enum_any_type_violation.py +104 -0
- omnibase_infra/enums/enum_backend_type.py +27 -0
- omnibase_infra/enums/enum_capture_outcome.py +42 -0
- omnibase_infra/enums/enum_capture_state.py +88 -0
- omnibase_infra/enums/enum_chain_violation_type.py +119 -0
- omnibase_infra/enums/enum_circuit_state.py +51 -0
- omnibase_infra/enums/enum_confirmation_event_type.py +27 -0
- omnibase_infra/enums/enum_consumer_group_purpose.py +92 -0
- omnibase_infra/enums/enum_contract_type.py +84 -0
- omnibase_infra/enums/enum_dedupe_strategy.py +46 -0
- omnibase_infra/enums/enum_dispatch_status.py +191 -0
- omnibase_infra/enums/enum_environment.py +46 -0
- omnibase_infra/enums/enum_execution_shape_violation.py +103 -0
- omnibase_infra/enums/enum_handler_error_type.py +111 -0
- omnibase_infra/enums/enum_handler_loader_error.py +178 -0
- omnibase_infra/enums/enum_handler_source_mode.py +86 -0
- omnibase_infra/enums/enum_handler_source_type.py +87 -0
- omnibase_infra/enums/enum_handler_type.py +77 -0
- omnibase_infra/enums/enum_handler_type_category.py +61 -0
- omnibase_infra/enums/enum_infra_transport_type.py +73 -0
- omnibase_infra/enums/enum_introspection_reason.py +154 -0
- omnibase_infra/enums/enum_kafka_acks.py +99 -0
- omnibase_infra/enums/enum_message_category.py +213 -0
- omnibase_infra/enums/enum_node_archetype.py +74 -0
- omnibase_infra/enums/enum_node_output_type.py +185 -0
- omnibase_infra/enums/enum_non_retryable_error_category.py +224 -0
- omnibase_infra/enums/enum_policy_type.py +32 -0
- omnibase_infra/enums/enum_registration_state.py +261 -0
- omnibase_infra/enums/enum_registration_status.py +33 -0
- omnibase_infra/enums/enum_registry_response_status.py +28 -0
- omnibase_infra/enums/enum_response_status.py +26 -0
- omnibase_infra/enums/enum_retry_error_category.py +98 -0
- omnibase_infra/enums/enum_security_rule_id.py +103 -0
- omnibase_infra/enums/enum_selection_strategy.py +91 -0
- omnibase_infra/enums/enum_topic_standard.py +42 -0
- omnibase_infra/enums/enum_validation_severity.py +78 -0
- omnibase_infra/errors/__init__.py +160 -0
- omnibase_infra/errors/error_architecture_violation.py +152 -0
- omnibase_infra/errors/error_binding_resolution.py +128 -0
- omnibase_infra/errors/error_chain_propagation.py +188 -0
- omnibase_infra/errors/error_compute_registry.py +95 -0
- omnibase_infra/errors/error_consul.py +132 -0
- omnibase_infra/errors/error_container_wiring.py +243 -0
- omnibase_infra/errors/error_event_bus_registry.py +105 -0
- omnibase_infra/errors/error_infra.py +610 -0
- omnibase_infra/errors/error_message_type_registry.py +101 -0
- omnibase_infra/errors/error_policy_registry.py +115 -0
- omnibase_infra/errors/error_vault.py +123 -0
- omnibase_infra/event_bus/__init__.py +72 -0
- omnibase_infra/event_bus/configs/kafka_event_bus_config.yaml +84 -0
- omnibase_infra/event_bus/event_bus_inmemory.py +797 -0
- omnibase_infra/event_bus/event_bus_kafka.py +1716 -0
- omnibase_infra/event_bus/mixin_kafka_broadcast.py +180 -0
- omnibase_infra/event_bus/mixin_kafka_dlq.py +771 -0
- omnibase_infra/event_bus/models/__init__.py +29 -0
- omnibase_infra/event_bus/models/config/__init__.py +20 -0
- omnibase_infra/event_bus/models/config/model_kafka_event_bus_config.py +693 -0
- omnibase_infra/event_bus/models/model_dlq_event.py +206 -0
- omnibase_infra/event_bus/models/model_dlq_metrics.py +304 -0
- omnibase_infra/event_bus/models/model_event_headers.py +115 -0
- omnibase_infra/event_bus/models/model_event_message.py +60 -0
- omnibase_infra/event_bus/testing/__init__.py +26 -0
- omnibase_infra/event_bus/testing/adapter_protocol_event_publisher_inmemory.py +418 -0
- omnibase_infra/event_bus/testing/model_publisher_metrics.py +64 -0
- omnibase_infra/event_bus/topic_constants.py +376 -0
- omnibase_infra/handlers/__init__.py +82 -0
- omnibase_infra/handlers/filesystem/__init__.py +48 -0
- omnibase_infra/handlers/filesystem/enum_file_system_operation.py +35 -0
- omnibase_infra/handlers/filesystem/model_file_system_request.py +298 -0
- omnibase_infra/handlers/filesystem/model_file_system_result.py +166 -0
- omnibase_infra/handlers/handler_consul.py +795 -0
- omnibase_infra/handlers/handler_db.py +1046 -0
- omnibase_infra/handlers/handler_filesystem.py +1478 -0
- omnibase_infra/handlers/handler_graph.py +2015 -0
- omnibase_infra/handlers/handler_http.py +926 -0
- omnibase_infra/handlers/handler_intent.py +387 -0
- omnibase_infra/handlers/handler_manifest_persistence.contract.yaml +184 -0
- omnibase_infra/handlers/handler_manifest_persistence.py +1539 -0
- omnibase_infra/handlers/handler_mcp.py +1430 -0
- omnibase_infra/handlers/handler_qdrant.py +1076 -0
- omnibase_infra/handlers/handler_vault.py +428 -0
- omnibase_infra/handlers/mcp/__init__.py +19 -0
- omnibase_infra/handlers/mcp/adapter_onex_to_mcp.py +446 -0
- omnibase_infra/handlers/mcp/protocols.py +178 -0
- omnibase_infra/handlers/mcp/transport_streamable_http.py +352 -0
- omnibase_infra/handlers/mixins/__init__.py +47 -0
- omnibase_infra/handlers/mixins/mixin_consul_initialization.py +349 -0
- omnibase_infra/handlers/mixins/mixin_consul_kv.py +338 -0
- omnibase_infra/handlers/mixins/mixin_consul_service.py +542 -0
- omnibase_infra/handlers/mixins/mixin_consul_topic_index.py +585 -0
- omnibase_infra/handlers/mixins/mixin_vault_initialization.py +338 -0
- omnibase_infra/handlers/mixins/mixin_vault_retry.py +412 -0
- omnibase_infra/handlers/mixins/mixin_vault_secrets.py +450 -0
- omnibase_infra/handlers/mixins/mixin_vault_token.py +365 -0
- omnibase_infra/handlers/models/__init__.py +286 -0
- omnibase_infra/handlers/models/consul/__init__.py +81 -0
- omnibase_infra/handlers/models/consul/enum_consul_operation_type.py +57 -0
- omnibase_infra/handlers/models/consul/model_consul_deregister_payload.py +51 -0
- omnibase_infra/handlers/models/consul/model_consul_handler_config.py +153 -0
- omnibase_infra/handlers/models/consul/model_consul_handler_payload.py +89 -0
- omnibase_infra/handlers/models/consul/model_consul_kv_get_found_payload.py +55 -0
- omnibase_infra/handlers/models/consul/model_consul_kv_get_not_found_payload.py +49 -0
- omnibase_infra/handlers/models/consul/model_consul_kv_get_recurse_payload.py +50 -0
- omnibase_infra/handlers/models/consul/model_consul_kv_item.py +33 -0
- omnibase_infra/handlers/models/consul/model_consul_kv_put_payload.py +41 -0
- omnibase_infra/handlers/models/consul/model_consul_register_payload.py +53 -0
- omnibase_infra/handlers/models/consul/model_consul_retry_config.py +66 -0
- omnibase_infra/handlers/models/consul/model_payload_consul.py +66 -0
- omnibase_infra/handlers/models/consul/registry_payload_consul.py +214 -0
- omnibase_infra/handlers/models/graph/__init__.py +35 -0
- omnibase_infra/handlers/models/graph/enum_graph_operation_type.py +20 -0
- omnibase_infra/handlers/models/graph/model_graph_execute_payload.py +38 -0
- omnibase_infra/handlers/models/graph/model_graph_handler_config.py +54 -0
- omnibase_infra/handlers/models/graph/model_graph_handler_payload.py +44 -0
- omnibase_infra/handlers/models/graph/model_graph_query_payload.py +40 -0
- omnibase_infra/handlers/models/graph/model_graph_record.py +22 -0
- omnibase_infra/handlers/models/http/__init__.py +50 -0
- omnibase_infra/handlers/models/http/enum_http_operation_type.py +29 -0
- omnibase_infra/handlers/models/http/model_http_body_content.py +45 -0
- omnibase_infra/handlers/models/http/model_http_get_payload.py +88 -0
- omnibase_infra/handlers/models/http/model_http_handler_payload.py +90 -0
- omnibase_infra/handlers/models/http/model_http_post_payload.py +88 -0
- omnibase_infra/handlers/models/http/model_payload_http.py +66 -0
- omnibase_infra/handlers/models/http/registry_payload_http.py +212 -0
- omnibase_infra/handlers/models/mcp/__init__.py +23 -0
- omnibase_infra/handlers/models/mcp/enum_mcp_operation_type.py +24 -0
- omnibase_infra/handlers/models/mcp/model_mcp_handler_config.py +40 -0
- omnibase_infra/handlers/models/mcp/model_mcp_tool_call.py +32 -0
- omnibase_infra/handlers/models/mcp/model_mcp_tool_result.py +45 -0
- omnibase_infra/handlers/models/model_consul_handler_response.py +96 -0
- omnibase_infra/handlers/models/model_db_describe_response.py +83 -0
- omnibase_infra/handlers/models/model_db_query_payload.py +95 -0
- omnibase_infra/handlers/models/model_db_query_response.py +60 -0
- omnibase_infra/handlers/models/model_filesystem_config.py +98 -0
- omnibase_infra/handlers/models/model_filesystem_delete_payload.py +54 -0
- omnibase_infra/handlers/models/model_filesystem_delete_result.py +77 -0
- omnibase_infra/handlers/models/model_filesystem_directory_entry.py +75 -0
- omnibase_infra/handlers/models/model_filesystem_ensure_directory_payload.py +54 -0
- omnibase_infra/handlers/models/model_filesystem_ensure_directory_result.py +60 -0
- omnibase_infra/handlers/models/model_filesystem_list_directory_payload.py +60 -0
- omnibase_infra/handlers/models/model_filesystem_list_directory_result.py +68 -0
- omnibase_infra/handlers/models/model_filesystem_read_payload.py +62 -0
- omnibase_infra/handlers/models/model_filesystem_read_result.py +61 -0
- omnibase_infra/handlers/models/model_filesystem_write_payload.py +70 -0
- omnibase_infra/handlers/models/model_filesystem_write_result.py +55 -0
- omnibase_infra/handlers/models/model_graph_handler_response.py +98 -0
- omnibase_infra/handlers/models/model_handler_response.py +103 -0
- omnibase_infra/handlers/models/model_http_handler_response.py +101 -0
- omnibase_infra/handlers/models/model_manifest_metadata.py +75 -0
- omnibase_infra/handlers/models/model_manifest_persistence_config.py +62 -0
- omnibase_infra/handlers/models/model_manifest_query_payload.py +90 -0
- omnibase_infra/handlers/models/model_manifest_query_result.py +97 -0
- omnibase_infra/handlers/models/model_manifest_retrieve_payload.py +44 -0
- omnibase_infra/handlers/models/model_manifest_retrieve_result.py +98 -0
- omnibase_infra/handlers/models/model_manifest_store_payload.py +47 -0
- omnibase_infra/handlers/models/model_manifest_store_result.py +67 -0
- omnibase_infra/handlers/models/model_operation_context.py +187 -0
- omnibase_infra/handlers/models/model_qdrant_handler_response.py +98 -0
- omnibase_infra/handlers/models/model_retry_state.py +162 -0
- omnibase_infra/handlers/models/model_vault_handler_response.py +98 -0
- omnibase_infra/handlers/models/qdrant/__init__.py +44 -0
- omnibase_infra/handlers/models/qdrant/enum_qdrant_operation_type.py +26 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_collection_payload.py +42 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_delete_payload.py +36 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_handler_config.py +42 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_handler_payload.py +54 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_search_payload.py +42 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_search_result.py +30 -0
- omnibase_infra/handlers/models/qdrant/model_qdrant_upsert_payload.py +36 -0
- omnibase_infra/handlers/models/vault/__init__.py +69 -0
- omnibase_infra/handlers/models/vault/enum_vault_operation_type.py +35 -0
- omnibase_infra/handlers/models/vault/model_payload_vault.py +66 -0
- omnibase_infra/handlers/models/vault/model_vault_delete_payload.py +57 -0
- omnibase_infra/handlers/models/vault/model_vault_handler_config.py +148 -0
- omnibase_infra/handlers/models/vault/model_vault_handler_payload.py +101 -0
- omnibase_infra/handlers/models/vault/model_vault_list_payload.py +58 -0
- omnibase_infra/handlers/models/vault/model_vault_renew_token_payload.py +67 -0
- omnibase_infra/handlers/models/vault/model_vault_retry_config.py +66 -0
- omnibase_infra/handlers/models/vault/model_vault_secret_payload.py +106 -0
- omnibase_infra/handlers/models/vault/model_vault_write_payload.py +66 -0
- omnibase_infra/handlers/models/vault/registry_payload_vault.py +213 -0
- omnibase_infra/handlers/registration_storage/__init__.py +43 -0
- omnibase_infra/handlers/registration_storage/handler_registration_storage_mock.py +392 -0
- omnibase_infra/handlers/registration_storage/handler_registration_storage_postgres.py +922 -0
- omnibase_infra/handlers/registration_storage/models/__init__.py +23 -0
- omnibase_infra/handlers/registration_storage/models/model_delete_registration_request.py +58 -0
- omnibase_infra/handlers/registration_storage/models/model_update_registration_request.py +73 -0
- omnibase_infra/handlers/registration_storage/protocol_registration_persistence.py +191 -0
- omnibase_infra/handlers/service_discovery/__init__.py +43 -0
- omnibase_infra/handlers/service_discovery/handler_service_discovery_consul.py +1051 -0
- omnibase_infra/handlers/service_discovery/handler_service_discovery_mock.py +258 -0
- omnibase_infra/handlers/service_discovery/models/__init__.py +22 -0
- omnibase_infra/handlers/service_discovery/models/model_discovery_result.py +64 -0
- omnibase_infra/handlers/service_discovery/models/model_registration_result.py +138 -0
- omnibase_infra/handlers/service_discovery/models/model_service_info.py +109 -0
- omnibase_infra/handlers/service_discovery/protocol_discovery_operations.py +170 -0
- omnibase_infra/idempotency/__init__.py +94 -0
- omnibase_infra/idempotency/models/__init__.py +43 -0
- omnibase_infra/idempotency/models/model_idempotency_check_result.py +85 -0
- omnibase_infra/idempotency/models/model_idempotency_guard_config.py +130 -0
- omnibase_infra/idempotency/models/model_idempotency_record.py +86 -0
- omnibase_infra/idempotency/models/model_idempotency_store_health_check_result.py +81 -0
- omnibase_infra/idempotency/models/model_idempotency_store_metrics.py +140 -0
- omnibase_infra/idempotency/models/model_postgres_idempotency_store_config.py +299 -0
- omnibase_infra/idempotency/protocol_idempotency_store.py +184 -0
- omnibase_infra/idempotency/store_inmemory.py +265 -0
- omnibase_infra/idempotency/store_postgres.py +923 -0
- omnibase_infra/infrastructure/__init__.py +0 -0
- omnibase_infra/migrations/001_create_event_ledger.sql +166 -0
- omnibase_infra/migrations/001_drop_event_ledger.sql +18 -0
- omnibase_infra/mixins/__init__.py +71 -0
- omnibase_infra/mixins/mixin_async_circuit_breaker.py +656 -0
- omnibase_infra/mixins/mixin_dict_like_accessors.py +146 -0
- omnibase_infra/mixins/mixin_envelope_extraction.py +119 -0
- omnibase_infra/mixins/mixin_node_introspection.py +2670 -0
- omnibase_infra/mixins/mixin_retry_execution.py +386 -0
- omnibase_infra/mixins/protocol_circuit_breaker_aware.py +133 -0
- omnibase_infra/models/__init__.py +144 -0
- omnibase_infra/models/bindings/__init__.py +59 -0
- omnibase_infra/models/bindings/constants.py +144 -0
- omnibase_infra/models/bindings/model_binding_resolution_result.py +103 -0
- omnibase_infra/models/bindings/model_operation_binding.py +44 -0
- omnibase_infra/models/bindings/model_operation_bindings_subcontract.py +152 -0
- omnibase_infra/models/bindings/model_parsed_binding.py +52 -0
- omnibase_infra/models/corpus/__init__.py +17 -0
- omnibase_infra/models/corpus/model_capture_config.py +133 -0
- omnibase_infra/models/corpus/model_capture_result.py +86 -0
- omnibase_infra/models/discovery/__init__.py +42 -0
- omnibase_infra/models/discovery/model_dependency_spec.py +319 -0
- omnibase_infra/models/discovery/model_discovered_capabilities.py +50 -0
- omnibase_infra/models/discovery/model_introspection_config.py +330 -0
- omnibase_infra/models/discovery/model_introspection_performance_metrics.py +169 -0
- omnibase_infra/models/discovery/model_introspection_task_config.py +116 -0
- omnibase_infra/models/dispatch/__init__.py +155 -0
- omnibase_infra/models/dispatch/model_debug_trace_snapshot.py +114 -0
- omnibase_infra/models/dispatch/model_dispatch_context.py +439 -0
- omnibase_infra/models/dispatch/model_dispatch_error.py +336 -0
- omnibase_infra/models/dispatch/model_dispatch_log_context.py +400 -0
- omnibase_infra/models/dispatch/model_dispatch_metadata.py +228 -0
- omnibase_infra/models/dispatch/model_dispatch_metrics.py +496 -0
- omnibase_infra/models/dispatch/model_dispatch_outcome.py +317 -0
- omnibase_infra/models/dispatch/model_dispatch_outputs.py +231 -0
- omnibase_infra/models/dispatch/model_dispatch_result.py +436 -0
- omnibase_infra/models/dispatch/model_dispatch_route.py +279 -0
- omnibase_infra/models/dispatch/model_dispatcher_metrics.py +275 -0
- omnibase_infra/models/dispatch/model_dispatcher_registration.py +352 -0
- omnibase_infra/models/dispatch/model_materialized_dispatch.py +141 -0
- omnibase_infra/models/dispatch/model_parsed_topic.py +135 -0
- omnibase_infra/models/dispatch/model_topic_parser.py +725 -0
- omnibase_infra/models/dispatch/model_tracing_context.py +285 -0
- omnibase_infra/models/errors/__init__.py +45 -0
- omnibase_infra/models/errors/model_handler_validation_error.py +594 -0
- omnibase_infra/models/errors/model_infra_error_context.py +99 -0
- omnibase_infra/models/errors/model_message_type_registry_error_context.py +71 -0
- omnibase_infra/models/errors/model_timeout_error_context.py +110 -0
- omnibase_infra/models/handlers/__init__.py +80 -0
- omnibase_infra/models/handlers/model_bootstrap_handler_descriptor.py +162 -0
- omnibase_infra/models/handlers/model_contract_discovery_result.py +82 -0
- omnibase_infra/models/handlers/model_handler_descriptor.py +200 -0
- omnibase_infra/models/handlers/model_handler_identifier.py +215 -0
- omnibase_infra/models/handlers/model_handler_source_config.py +220 -0
- omnibase_infra/models/health/__init__.py +9 -0
- omnibase_infra/models/health/model_health_check_result.py +40 -0
- omnibase_infra/models/lifecycle/__init__.py +39 -0
- omnibase_infra/models/logging/__init__.py +51 -0
- omnibase_infra/models/logging/model_log_context.py +756 -0
- omnibase_infra/models/mcp/__init__.py +15 -0
- omnibase_infra/models/mcp/model_mcp_contract_config.py +80 -0
- omnibase_infra/models/mcp/model_mcp_server_config.py +67 -0
- omnibase_infra/models/mcp/model_mcp_tool_definition.py +73 -0
- omnibase_infra/models/mcp/model_mcp_tool_parameter.py +35 -0
- omnibase_infra/models/model_node_identity.py +126 -0
- omnibase_infra/models/model_retry_error_classification.py +78 -0
- omnibase_infra/models/projection/__init__.py +43 -0
- omnibase_infra/models/projection/model_capability_fields.py +112 -0
- omnibase_infra/models/projection/model_registration_projection.py +434 -0
- omnibase_infra/models/projection/model_registration_snapshot.py +322 -0
- omnibase_infra/models/projection/model_sequence_info.py +182 -0
- omnibase_infra/models/projection/model_snapshot_topic_config.py +591 -0
- omnibase_infra/models/projectors/__init__.py +41 -0
- omnibase_infra/models/projectors/model_projector_column.py +289 -0
- omnibase_infra/models/projectors/model_projector_discovery_result.py +65 -0
- omnibase_infra/models/projectors/model_projector_index.py +270 -0
- omnibase_infra/models/projectors/model_projector_schema.py +415 -0
- omnibase_infra/models/projectors/model_projector_validation_error.py +63 -0
- omnibase_infra/models/projectors/util_sql_identifiers.py +115 -0
- omnibase_infra/models/registration/__init__.py +68 -0
- omnibase_infra/models/registration/commands/__init__.py +15 -0
- omnibase_infra/models/registration/commands/model_node_registration_acked.py +108 -0
- omnibase_infra/models/registration/events/__init__.py +56 -0
- omnibase_infra/models/registration/events/model_node_became_active.py +103 -0
- omnibase_infra/models/registration/events/model_node_liveness_expired.py +103 -0
- omnibase_infra/models/registration/events/model_node_registration_accepted.py +98 -0
- omnibase_infra/models/registration/events/model_node_registration_ack_received.py +98 -0
- omnibase_infra/models/registration/events/model_node_registration_ack_timed_out.py +112 -0
- omnibase_infra/models/registration/events/model_node_registration_initiated.py +107 -0
- omnibase_infra/models/registration/events/model_node_registration_rejected.py +104 -0
- omnibase_infra/models/registration/model_event_bus_topic_entry.py +59 -0
- omnibase_infra/models/registration/model_introspection_metrics.py +253 -0
- omnibase_infra/models/registration/model_node_capabilities.py +190 -0
- omnibase_infra/models/registration/model_node_event_bus_config.py +99 -0
- omnibase_infra/models/registration/model_node_heartbeat_event.py +126 -0
- omnibase_infra/models/registration/model_node_introspection_event.py +195 -0
- omnibase_infra/models/registration/model_node_metadata.py +79 -0
- omnibase_infra/models/registration/model_node_registration.py +162 -0
- omnibase_infra/models/registration/model_node_registration_record.py +162 -0
- omnibase_infra/models/registry/__init__.py +29 -0
- omnibase_infra/models/registry/model_domain_constraint.py +202 -0
- omnibase_infra/models/registry/model_message_type_entry.py +271 -0
- omnibase_infra/models/resilience/__init__.py +9 -0
- omnibase_infra/models/resilience/model_circuit_breaker_config.py +227 -0
- omnibase_infra/models/routing/__init__.py +25 -0
- omnibase_infra/models/routing/model_routing_entry.py +52 -0
- omnibase_infra/models/routing/model_routing_subcontract.py +70 -0
- omnibase_infra/models/runtime/__init__.py +49 -0
- omnibase_infra/models/runtime/model_contract_security_config.py +41 -0
- omnibase_infra/models/runtime/model_discovery_error.py +81 -0
- omnibase_infra/models/runtime/model_discovery_result.py +162 -0
- omnibase_infra/models/runtime/model_discovery_warning.py +74 -0
- omnibase_infra/models/runtime/model_failed_plugin_load.py +63 -0
- omnibase_infra/models/runtime/model_handler_contract.py +296 -0
- omnibase_infra/models/runtime/model_loaded_handler.py +129 -0
- omnibase_infra/models/runtime/model_plugin_load_context.py +93 -0
- omnibase_infra/models/runtime/model_plugin_load_summary.py +124 -0
- omnibase_infra/models/security/__init__.py +50 -0
- omnibase_infra/models/security/classification_levels.py +99 -0
- omnibase_infra/models/security/model_environment_policy.py +145 -0
- omnibase_infra/models/security/model_handler_security_policy.py +107 -0
- omnibase_infra/models/security/model_security_error.py +81 -0
- omnibase_infra/models/security/model_security_validation_result.py +328 -0
- omnibase_infra/models/security/model_security_warning.py +67 -0
- omnibase_infra/models/snapshot/__init__.py +27 -0
- omnibase_infra/models/snapshot/model_field_change.py +65 -0
- omnibase_infra/models/snapshot/model_snapshot.py +270 -0
- omnibase_infra/models/snapshot/model_snapshot_diff.py +203 -0
- omnibase_infra/models/snapshot/model_subject_ref.py +81 -0
- omnibase_infra/models/types/__init__.py +71 -0
- omnibase_infra/models/validation/__init__.py +89 -0
- omnibase_infra/models/validation/model_any_type_validation_result.py +118 -0
- omnibase_infra/models/validation/model_any_type_violation.py +141 -0
- omnibase_infra/models/validation/model_category_match_result.py +345 -0
- omnibase_infra/models/validation/model_chain_violation.py +166 -0
- omnibase_infra/models/validation/model_coverage_metrics.py +316 -0
- omnibase_infra/models/validation/model_execution_shape_rule.py +159 -0
- omnibase_infra/models/validation/model_execution_shape_validation.py +208 -0
- omnibase_infra/models/validation/model_execution_shape_validation_result.py +294 -0
- omnibase_infra/models/validation/model_execution_shape_violation.py +122 -0
- omnibase_infra/models/validation/model_localhandler_validation_result.py +139 -0
- omnibase_infra/models/validation/model_localhandler_violation.py +100 -0
- omnibase_infra/models/validation/model_output_validation_params.py +74 -0
- omnibase_infra/models/validation/model_validate_and_raise_params.py +84 -0
- omnibase_infra/models/validation/model_validation_error_params.py +84 -0
- omnibase_infra/models/validation/model_validation_outcome.py +287 -0
- omnibase_infra/nodes/__init__.py +57 -0
- omnibase_infra/nodes/architecture_validator/__init__.py +79 -0
- omnibase_infra/nodes/architecture_validator/contract.yaml +252 -0
- omnibase_infra/nodes/architecture_validator/contract_architecture_validator.yaml +203 -0
- omnibase_infra/nodes/architecture_validator/mixins/__init__.py +16 -0
- omnibase_infra/nodes/architecture_validator/mixins/mixin_file_path_rule.py +92 -0
- omnibase_infra/nodes/architecture_validator/models/__init__.py +36 -0
- omnibase_infra/nodes/architecture_validator/models/model_architecture_validation_request.py +56 -0
- omnibase_infra/nodes/architecture_validator/models/model_architecture_validation_result.py +311 -0
- omnibase_infra/nodes/architecture_validator/models/model_architecture_violation.py +163 -0
- omnibase_infra/nodes/architecture_validator/models/model_rule_check_result.py +265 -0
- omnibase_infra/nodes/architecture_validator/models/model_validation_request.py +105 -0
- omnibase_infra/nodes/architecture_validator/models/model_validation_result.py +314 -0
- omnibase_infra/nodes/architecture_validator/node.py +262 -0
- omnibase_infra/nodes/architecture_validator/node_architecture_validator.py +383 -0
- omnibase_infra/nodes/architecture_validator/protocols/__init__.py +9 -0
- omnibase_infra/nodes/architecture_validator/protocols/protocol_architecture_rule.py +225 -0
- omnibase_infra/nodes/architecture_validator/registry/__init__.py +28 -0
- omnibase_infra/nodes/architecture_validator/registry/registry_infra_architecture_validator.py +106 -0
- omnibase_infra/nodes/architecture_validator/validators/__init__.py +104 -0
- omnibase_infra/nodes/architecture_validator/validators/validator_no_direct_dispatch.py +422 -0
- omnibase_infra/nodes/architecture_validator/validators/validator_no_handler_publishing.py +481 -0
- omnibase_infra/nodes/architecture_validator/validators/validator_no_orchestrator_fsm.py +491 -0
- omnibase_infra/nodes/contract_registry_reducer/__init__.py +29 -0
- omnibase_infra/nodes/contract_registry_reducer/contract.yaml +255 -0
- omnibase_infra/nodes/contract_registry_reducer/models/__init__.py +38 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_contract_registry_state.py +266 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_payload_cleanup_topic_references.py +55 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_payload_deactivate_contract.py +58 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_payload_mark_stale.py +49 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_payload_update_heartbeat.py +71 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_payload_update_topic.py +66 -0
- omnibase_infra/nodes/contract_registry_reducer/models/model_payload_upsert_contract.py +92 -0
- omnibase_infra/nodes/contract_registry_reducer/node.py +121 -0
- omnibase_infra/nodes/contract_registry_reducer/reducer.py +784 -0
- omnibase_infra/nodes/contract_registry_reducer/registry/__init__.py +9 -0
- omnibase_infra/nodes/contract_registry_reducer/registry/registry_infra_contract_registry_reducer.py +101 -0
- omnibase_infra/nodes/effects/README.md +358 -0
- omnibase_infra/nodes/effects/__init__.py +26 -0
- omnibase_infra/nodes/effects/contract.yaml +167 -0
- omnibase_infra/nodes/effects/models/__init__.py +32 -0
- omnibase_infra/nodes/effects/models/model_backend_result.py +190 -0
- omnibase_infra/nodes/effects/models/model_effect_idempotency_config.py +92 -0
- omnibase_infra/nodes/effects/models/model_registry_request.py +132 -0
- omnibase_infra/nodes/effects/models/model_registry_response.py +263 -0
- omnibase_infra/nodes/effects/protocol_consul_client.py +89 -0
- omnibase_infra/nodes/effects/protocol_effect_idempotency_store.py +143 -0
- omnibase_infra/nodes/effects/protocol_postgres_adapter.py +96 -0
- omnibase_infra/nodes/effects/registry_effect.py +525 -0
- omnibase_infra/nodes/effects/store_effect_idempotency_inmemory.py +425 -0
- omnibase_infra/nodes/handlers/consul/contract.yaml +85 -0
- omnibase_infra/nodes/handlers/db/contract.yaml +72 -0
- omnibase_infra/nodes/handlers/graph/contract.yaml +127 -0
- omnibase_infra/nodes/handlers/http/contract.yaml +74 -0
- omnibase_infra/nodes/handlers/intent/contract.yaml +66 -0
- omnibase_infra/nodes/handlers/mcp/contract.yaml +69 -0
- omnibase_infra/nodes/handlers/vault/contract.yaml +91 -0
- omnibase_infra/nodes/node_intent_storage_effect/__init__.py +50 -0
- omnibase_infra/nodes/node_intent_storage_effect/contract.yaml +194 -0
- omnibase_infra/nodes/node_intent_storage_effect/models/__init__.py +24 -0
- omnibase_infra/nodes/node_intent_storage_effect/models/model_intent_storage_input.py +141 -0
- omnibase_infra/nodes/node_intent_storage_effect/models/model_intent_storage_output.py +130 -0
- omnibase_infra/nodes/node_intent_storage_effect/node.py +94 -0
- omnibase_infra/nodes/node_intent_storage_effect/registry/__init__.py +35 -0
- omnibase_infra/nodes/node_intent_storage_effect/registry/registry_infra_intent_storage.py +294 -0
- omnibase_infra/nodes/node_ledger_projection_compute/__init__.py +50 -0
- omnibase_infra/nodes/node_ledger_projection_compute/contract.yaml +104 -0
- omnibase_infra/nodes/node_ledger_projection_compute/node.py +284 -0
- omnibase_infra/nodes/node_ledger_projection_compute/registry/__init__.py +29 -0
- omnibase_infra/nodes/node_ledger_projection_compute/registry/registry_infra_ledger_projection.py +118 -0
- omnibase_infra/nodes/node_ledger_write_effect/__init__.py +82 -0
- omnibase_infra/nodes/node_ledger_write_effect/contract.yaml +200 -0
- omnibase_infra/nodes/node_ledger_write_effect/handlers/__init__.py +22 -0
- omnibase_infra/nodes/node_ledger_write_effect/handlers/handler_ledger_append.py +372 -0
- omnibase_infra/nodes/node_ledger_write_effect/handlers/handler_ledger_query.py +597 -0
- omnibase_infra/nodes/node_ledger_write_effect/models/__init__.py +31 -0
- omnibase_infra/nodes/node_ledger_write_effect/models/model_ledger_append_result.py +54 -0
- omnibase_infra/nodes/node_ledger_write_effect/models/model_ledger_entry.py +92 -0
- omnibase_infra/nodes/node_ledger_write_effect/models/model_ledger_query.py +53 -0
- omnibase_infra/nodes/node_ledger_write_effect/models/model_ledger_query_result.py +41 -0
- omnibase_infra/nodes/node_ledger_write_effect/node.py +89 -0
- omnibase_infra/nodes/node_ledger_write_effect/protocols/__init__.py +13 -0
- omnibase_infra/nodes/node_ledger_write_effect/protocols/protocol_ledger_persistence.py +127 -0
- omnibase_infra/nodes/node_ledger_write_effect/registry/__init__.py +9 -0
- omnibase_infra/nodes/node_ledger_write_effect/registry/registry_infra_ledger_write.py +121 -0
- omnibase_infra/nodes/node_registration_orchestrator/README.md +542 -0
- omnibase_infra/nodes/node_registration_orchestrator/__init__.py +120 -0
- omnibase_infra/nodes/node_registration_orchestrator/contract.yaml +482 -0
- omnibase_infra/nodes/node_registration_orchestrator/dispatchers/__init__.py +53 -0
- omnibase_infra/nodes/node_registration_orchestrator/dispatchers/dispatcher_node_introspected.py +376 -0
- omnibase_infra/nodes/node_registration_orchestrator/dispatchers/dispatcher_node_registration_acked.py +376 -0
- omnibase_infra/nodes/node_registration_orchestrator/dispatchers/dispatcher_runtime_tick.py +373 -0
- omnibase_infra/nodes/node_registration_orchestrator/handlers/__init__.py +62 -0
- omnibase_infra/nodes/node_registration_orchestrator/handlers/handler_node_heartbeat.py +376 -0
- omnibase_infra/nodes/node_registration_orchestrator/handlers/handler_node_introspected.py +694 -0
- omnibase_infra/nodes/node_registration_orchestrator/handlers/handler_node_registration_acked.py +458 -0
- omnibase_infra/nodes/node_registration_orchestrator/handlers/handler_runtime_tick.py +364 -0
- omnibase_infra/nodes/node_registration_orchestrator/introspection_event_router.py +544 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/__init__.py +75 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_consul_intent_payload.py +194 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_consul_registration_intent.py +67 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_intent_execution_result.py +50 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_node_liveness_expired.py +107 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_orchestrator_config.py +67 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_orchestrator_input.py +41 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_orchestrator_output.py +166 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_postgres_intent_payload.py +235 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_postgres_upsert_intent.py +68 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_reducer_execution_result.py +384 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_reducer_state.py +60 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_registration_intent.py +177 -0
- omnibase_infra/nodes/node_registration_orchestrator/models/model_registry_intent.py +247 -0
- omnibase_infra/nodes/node_registration_orchestrator/node.py +195 -0
- omnibase_infra/nodes/node_registration_orchestrator/plugin.py +909 -0
- omnibase_infra/nodes/node_registration_orchestrator/protocols.py +439 -0
- omnibase_infra/nodes/node_registration_orchestrator/registry/__init__.py +41 -0
- omnibase_infra/nodes/node_registration_orchestrator/registry/registry_infra_node_registration_orchestrator.py +528 -0
- omnibase_infra/nodes/node_registration_orchestrator/timeout_coordinator.py +393 -0
- omnibase_infra/nodes/node_registration_orchestrator/wiring.py +743 -0
- omnibase_infra/nodes/node_registration_reducer/__init__.py +15 -0
- omnibase_infra/nodes/node_registration_reducer/contract.yaml +301 -0
- omnibase_infra/nodes/node_registration_reducer/models/__init__.py +38 -0
- omnibase_infra/nodes/node_registration_reducer/models/model_validation_result.py +113 -0
- omnibase_infra/nodes/node_registration_reducer/node.py +139 -0
- omnibase_infra/nodes/node_registration_reducer/registry/__init__.py +9 -0
- omnibase_infra/nodes/node_registration_reducer/registry/registry_infra_node_registration_reducer.py +79 -0
- omnibase_infra/nodes/node_registration_storage_effect/__init__.py +41 -0
- omnibase_infra/nodes/node_registration_storage_effect/contract.yaml +220 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/__init__.py +44 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_delete_result.py +132 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_registration_record.py +199 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_registration_update.py +155 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_storage_health_check_details.py +123 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_storage_health_check_result.py +117 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_storage_query.py +100 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_storage_result.py +136 -0
- omnibase_infra/nodes/node_registration_storage_effect/models/model_upsert_result.py +127 -0
- omnibase_infra/nodes/node_registration_storage_effect/node.py +112 -0
- omnibase_infra/nodes/node_registration_storage_effect/protocols/__init__.py +22 -0
- omnibase_infra/nodes/node_registration_storage_effect/protocols/protocol_registration_persistence.py +333 -0
- omnibase_infra/nodes/node_registration_storage_effect/registry/__init__.py +23 -0
- omnibase_infra/nodes/node_registration_storage_effect/registry/registry_infra_registration_storage.py +215 -0
- omnibase_infra/nodes/node_registry_effect/__init__.py +85 -0
- omnibase_infra/nodes/node_registry_effect/contract.yaml +677 -0
- omnibase_infra/nodes/node_registry_effect/handlers/__init__.py +70 -0
- omnibase_infra/nodes/node_registry_effect/handlers/handler_consul_deregister.py +211 -0
- omnibase_infra/nodes/node_registry_effect/handlers/handler_consul_register.py +212 -0
- omnibase_infra/nodes/node_registry_effect/handlers/handler_partial_retry.py +417 -0
- omnibase_infra/nodes/node_registry_effect/handlers/handler_postgres_deactivate.py +215 -0
- omnibase_infra/nodes/node_registry_effect/handlers/handler_postgres_upsert.py +208 -0
- omnibase_infra/nodes/node_registry_effect/models/__init__.py +43 -0
- omnibase_infra/nodes/node_registry_effect/models/model_partial_retry_request.py +92 -0
- omnibase_infra/nodes/node_registry_effect/node.py +165 -0
- omnibase_infra/nodes/node_registry_effect/registry/__init__.py +27 -0
- omnibase_infra/nodes/node_registry_effect/registry/registry_infra_registry_effect.py +196 -0
- omnibase_infra/nodes/node_service_discovery_effect/__init__.py +111 -0
- omnibase_infra/nodes/node_service_discovery_effect/contract.yaml +246 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/__init__.py +67 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/enum_health_status.py +72 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/enum_service_discovery_operation.py +58 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_discovery_query.py +99 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_discovery_result.py +98 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_health_check_config.py +121 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_query_metadata.py +63 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_registration_result.py +130 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_service_discovery_health_check_details.py +111 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_service_discovery_health_check_result.py +119 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_service_info.py +106 -0
- omnibase_infra/nodes/node_service_discovery_effect/models/model_service_registration.py +121 -0
- omnibase_infra/nodes/node_service_discovery_effect/node.py +111 -0
- omnibase_infra/nodes/node_service_discovery_effect/protocols/__init__.py +14 -0
- omnibase_infra/nodes/node_service_discovery_effect/protocols/protocol_discovery_operations.py +279 -0
- omnibase_infra/nodes/node_service_discovery_effect/registry/__init__.py +13 -0
- omnibase_infra/nodes/node_service_discovery_effect/registry/registry_infra_service_discovery.py +222 -0
- omnibase_infra/nodes/reducers/__init__.py +30 -0
- omnibase_infra/nodes/reducers/models/__init__.py +37 -0
- omnibase_infra/nodes/reducers/models/model_payload_consul_register.py +87 -0
- omnibase_infra/nodes/reducers/models/model_payload_ledger_append.py +133 -0
- omnibase_infra/nodes/reducers/models/model_payload_postgres_upsert_registration.py +60 -0
- omnibase_infra/nodes/reducers/models/model_registration_confirmation.py +166 -0
- omnibase_infra/nodes/reducers/models/model_registration_state.py +433 -0
- omnibase_infra/nodes/reducers/registration_reducer.py +1138 -0
- omnibase_infra/observability/__init__.py +143 -0
- omnibase_infra/observability/constants_metrics.py +91 -0
- omnibase_infra/observability/factory_observability_sink.py +525 -0
- omnibase_infra/observability/handlers/__init__.py +118 -0
- omnibase_infra/observability/handlers/handler_logging_structured.py +967 -0
- omnibase_infra/observability/handlers/handler_metrics_prometheus.py +1120 -0
- omnibase_infra/observability/handlers/model_logging_handler_config.py +71 -0
- omnibase_infra/observability/handlers/model_logging_handler_response.py +77 -0
- omnibase_infra/observability/handlers/model_metrics_handler_config.py +172 -0
- omnibase_infra/observability/handlers/model_metrics_handler_payload.py +135 -0
- omnibase_infra/observability/handlers/model_metrics_handler_response.py +101 -0
- omnibase_infra/observability/hooks/__init__.py +74 -0
- omnibase_infra/observability/hooks/hook_observability.py +1223 -0
- omnibase_infra/observability/models/__init__.py +30 -0
- omnibase_infra/observability/models/enum_required_log_context_key.py +77 -0
- omnibase_infra/observability/models/model_buffered_log_entry.py +117 -0
- omnibase_infra/observability/models/model_logging_sink_config.py +73 -0
- omnibase_infra/observability/models/model_metrics_sink_config.py +156 -0
- omnibase_infra/observability/sinks/__init__.py +69 -0
- omnibase_infra/observability/sinks/sink_logging_structured.py +809 -0
- omnibase_infra/observability/sinks/sink_metrics_prometheus.py +710 -0
- omnibase_infra/plugins/__init__.py +27 -0
- omnibase_infra/plugins/examples/__init__.py +28 -0
- omnibase_infra/plugins/examples/plugin_json_normalizer.py +271 -0
- omnibase_infra/plugins/examples/plugin_json_normalizer_error_handling.py +210 -0
- omnibase_infra/plugins/models/__init__.py +21 -0
- omnibase_infra/plugins/models/model_plugin_context.py +76 -0
- omnibase_infra/plugins/models/model_plugin_input_data.py +58 -0
- omnibase_infra/plugins/models/model_plugin_output_data.py +62 -0
- omnibase_infra/plugins/plugin_compute_base.py +449 -0
- omnibase_infra/projectors/__init__.py +30 -0
- omnibase_infra/projectors/contracts/__init__.py +63 -0
- omnibase_infra/projectors/contracts/registration_projector.yaml +370 -0
- omnibase_infra/projectors/projection_reader_registration.py +1559 -0
- omnibase_infra/projectors/snapshot_publisher_registration.py +1329 -0
- omnibase_infra/protocols/__init__.py +104 -0
- omnibase_infra/protocols/protocol_capability_projection.py +253 -0
- omnibase_infra/protocols/protocol_capability_query.py +251 -0
- omnibase_infra/protocols/protocol_container_aware.py +200 -0
- omnibase_infra/protocols/protocol_dispatch_engine.py +152 -0
- omnibase_infra/protocols/protocol_event_bus_like.py +127 -0
- omnibase_infra/protocols/protocol_event_projector.py +96 -0
- omnibase_infra/protocols/protocol_idempotency_store.py +142 -0
- omnibase_infra/protocols/protocol_message_dispatcher.py +247 -0
- omnibase_infra/protocols/protocol_message_type_registry.py +306 -0
- omnibase_infra/protocols/protocol_plugin_compute.py +368 -0
- omnibase_infra/protocols/protocol_projector_schema_validator.py +82 -0
- omnibase_infra/protocols/protocol_registry_metrics.py +215 -0
- omnibase_infra/protocols/protocol_snapshot_publisher.py +396 -0
- omnibase_infra/protocols/protocol_snapshot_store.py +567 -0
- omnibase_infra/runtime/__init__.py +445 -0
- omnibase_infra/runtime/binding_config_resolver.py +2771 -0
- omnibase_infra/runtime/binding_resolver.py +753 -0
- omnibase_infra/runtime/chain_aware_dispatch.py +467 -0
- omnibase_infra/runtime/constants_notification.py +75 -0
- omnibase_infra/runtime/constants_security.py +70 -0
- omnibase_infra/runtime/contract_handler_discovery.py +587 -0
- omnibase_infra/runtime/contract_loaders/__init__.py +51 -0
- omnibase_infra/runtime/contract_loaders/handler_routing_loader.py +464 -0
- omnibase_infra/runtime/contract_loaders/operation_bindings_loader.py +789 -0
- omnibase_infra/runtime/dispatch_context_enforcer.py +427 -0
- omnibase_infra/runtime/emit_daemon/__init__.py +97 -0
- omnibase_infra/runtime/emit_daemon/cli.py +844 -0
- omnibase_infra/runtime/emit_daemon/client.py +811 -0
- omnibase_infra/runtime/emit_daemon/config.py +535 -0
- omnibase_infra/runtime/emit_daemon/daemon.py +812 -0
- omnibase_infra/runtime/emit_daemon/event_registry.py +477 -0
- omnibase_infra/runtime/emit_daemon/model_daemon_request.py +139 -0
- omnibase_infra/runtime/emit_daemon/model_daemon_response.py +191 -0
- omnibase_infra/runtime/emit_daemon/queue.py +618 -0
- omnibase_infra/runtime/enums/__init__.py +18 -0
- omnibase_infra/runtime/enums/enum_config_ref_scheme.py +33 -0
- omnibase_infra/runtime/enums/enum_scheduler_status.py +170 -0
- omnibase_infra/runtime/envelope_validator.py +179 -0
- omnibase_infra/runtime/event_bus_subcontract_wiring.py +466 -0
- omnibase_infra/runtime/handler_bootstrap_source.py +507 -0
- omnibase_infra/runtime/handler_contract_config_loader.py +603 -0
- omnibase_infra/runtime/handler_contract_source.py +750 -0
- omnibase_infra/runtime/handler_identity.py +81 -0
- omnibase_infra/runtime/handler_plugin_loader.py +2046 -0
- omnibase_infra/runtime/handler_registry.py +329 -0
- omnibase_infra/runtime/handler_source_resolver.py +367 -0
- omnibase_infra/runtime/invocation_security_enforcer.py +427 -0
- omnibase_infra/runtime/kafka_contract_source.py +984 -0
- omnibase_infra/runtime/kernel.py +40 -0
- omnibase_infra/runtime/mixin_policy_validation.py +522 -0
- omnibase_infra/runtime/mixin_semver_cache.py +402 -0
- omnibase_infra/runtime/mixins/__init__.py +24 -0
- omnibase_infra/runtime/mixins/mixin_projector_notification_publishing.py +566 -0
- omnibase_infra/runtime/mixins/mixin_projector_sql_operations.py +778 -0
- omnibase_infra/runtime/models/__init__.py +229 -0
- omnibase_infra/runtime/models/model_batch_lifecycle_result.py +217 -0
- omnibase_infra/runtime/models/model_binding_config.py +168 -0
- omnibase_infra/runtime/models/model_binding_config_cache_stats.py +135 -0
- omnibase_infra/runtime/models/model_binding_config_resolver_config.py +329 -0
- omnibase_infra/runtime/models/model_cached_secret.py +138 -0
- omnibase_infra/runtime/models/model_compute_key.py +138 -0
- omnibase_infra/runtime/models/model_compute_registration.py +97 -0
- omnibase_infra/runtime/models/model_config_cache_entry.py +61 -0
- omnibase_infra/runtime/models/model_config_ref.py +331 -0
- omnibase_infra/runtime/models/model_config_ref_parse_result.py +125 -0
- omnibase_infra/runtime/models/model_contract_load_result.py +224 -0
- omnibase_infra/runtime/models/model_domain_plugin_config.py +92 -0
- omnibase_infra/runtime/models/model_domain_plugin_result.py +270 -0
- omnibase_infra/runtime/models/model_duplicate_response.py +54 -0
- omnibase_infra/runtime/models/model_enabled_protocols_config.py +61 -0
- omnibase_infra/runtime/models/model_event_bus_config.py +54 -0
- omnibase_infra/runtime/models/model_failed_component.py +55 -0
- omnibase_infra/runtime/models/model_health_check_response.py +168 -0
- omnibase_infra/runtime/models/model_health_check_result.py +229 -0
- omnibase_infra/runtime/models/model_lifecycle_result.py +245 -0
- omnibase_infra/runtime/models/model_logging_config.py +42 -0
- omnibase_infra/runtime/models/model_optional_correlation_id.py +167 -0
- omnibase_infra/runtime/models/model_optional_string.py +94 -0
- omnibase_infra/runtime/models/model_optional_uuid.py +110 -0
- omnibase_infra/runtime/models/model_policy_context.py +100 -0
- omnibase_infra/runtime/models/model_policy_key.py +138 -0
- omnibase_infra/runtime/models/model_policy_registration.py +139 -0
- omnibase_infra/runtime/models/model_policy_result.py +103 -0
- omnibase_infra/runtime/models/model_policy_type_filter.py +157 -0
- omnibase_infra/runtime/models/model_projector_notification_config.py +171 -0
- omnibase_infra/runtime/models/model_projector_plugin_loader_config.py +47 -0
- omnibase_infra/runtime/models/model_protocol_registration_config.py +65 -0
- omnibase_infra/runtime/models/model_retry_policy.py +105 -0
- omnibase_infra/runtime/models/model_runtime_config.py +150 -0
- omnibase_infra/runtime/models/model_runtime_contract_config.py +268 -0
- omnibase_infra/runtime/models/model_runtime_scheduler_config.py +625 -0
- omnibase_infra/runtime/models/model_runtime_scheduler_metrics.py +233 -0
- omnibase_infra/runtime/models/model_runtime_tick.py +193 -0
- omnibase_infra/runtime/models/model_secret_cache_stats.py +82 -0
- omnibase_infra/runtime/models/model_secret_mapping.py +63 -0
- omnibase_infra/runtime/models/model_secret_resolver_config.py +107 -0
- omnibase_infra/runtime/models/model_secret_resolver_metrics.py +111 -0
- omnibase_infra/runtime/models/model_secret_source_info.py +72 -0
- omnibase_infra/runtime/models/model_secret_source_spec.py +66 -0
- omnibase_infra/runtime/models/model_security_config.py +109 -0
- omnibase_infra/runtime/models/model_shutdown_batch_result.py +75 -0
- omnibase_infra/runtime/models/model_shutdown_config.py +94 -0
- omnibase_infra/runtime/models/model_transition_notification_outbox_config.py +112 -0
- omnibase_infra/runtime/models/model_transition_notification_outbox_metrics.py +140 -0
- omnibase_infra/runtime/models/model_transition_notification_publisher_metrics.py +357 -0
- omnibase_infra/runtime/projector_plugin_loader.py +1462 -0
- omnibase_infra/runtime/projector_schema_manager.py +565 -0
- omnibase_infra/runtime/projector_shell.py +1330 -0
- omnibase_infra/runtime/protocol_contract_descriptor.py +92 -0
- omnibase_infra/runtime/protocol_contract_source.py +92 -0
- omnibase_infra/runtime/protocol_domain_plugin.py +474 -0
- omnibase_infra/runtime/protocol_handler_discovery.py +221 -0
- omnibase_infra/runtime/protocol_handler_plugin_loader.py +327 -0
- omnibase_infra/runtime/protocol_lifecycle_executor.py +435 -0
- omnibase_infra/runtime/protocol_policy.py +366 -0
- omnibase_infra/runtime/protocols/__init__.py +37 -0
- omnibase_infra/runtime/protocols/protocol_runtime_scheduler.py +468 -0
- omnibase_infra/runtime/publisher_topic_scoped.py +294 -0
- omnibase_infra/runtime/registry/__init__.py +93 -0
- omnibase_infra/runtime/registry/mixin_message_type_query.py +326 -0
- omnibase_infra/runtime/registry/mixin_message_type_registration.py +354 -0
- omnibase_infra/runtime/registry/registry_event_bus_binding.py +268 -0
- omnibase_infra/runtime/registry/registry_message_type.py +542 -0
- omnibase_infra/runtime/registry/registry_protocol_binding.py +445 -0
- omnibase_infra/runtime/registry_compute.py +1143 -0
- omnibase_infra/runtime/registry_contract_source.py +693 -0
- omnibase_infra/runtime/registry_dispatcher.py +678 -0
- omnibase_infra/runtime/registry_policy.py +1185 -0
- omnibase_infra/runtime/runtime_contract_config_loader.py +406 -0
- omnibase_infra/runtime/runtime_scheduler.py +1070 -0
- omnibase_infra/runtime/secret_resolver.py +2112 -0
- omnibase_infra/runtime/security_metadata_validator.py +776 -0
- omnibase_infra/runtime/service_kernel.py +1651 -0
- omnibase_infra/runtime/service_message_dispatch_engine.py +2350 -0
- omnibase_infra/runtime/service_runtime_host_process.py +3493 -0
- omnibase_infra/runtime/transition_notification_outbox.py +1190 -0
- omnibase_infra/runtime/transition_notification_publisher.py +765 -0
- omnibase_infra/runtime/util_container_wiring.py +1124 -0
- omnibase_infra/runtime/util_validation.py +314 -0
- omnibase_infra/runtime/util_version.py +98 -0
- omnibase_infra/runtime/util_wiring.py +723 -0
- omnibase_infra/schemas/schema_registration_projection.sql +320 -0
- omnibase_infra/schemas/schema_transition_notification_outbox.sql +245 -0
- omnibase_infra/services/__init__.py +89 -0
- omnibase_infra/services/corpus_capture.py +684 -0
- omnibase_infra/services/mcp/__init__.py +31 -0
- omnibase_infra/services/mcp/mcp_server_lifecycle.py +449 -0
- omnibase_infra/services/mcp/service_mcp_tool_discovery.py +411 -0
- omnibase_infra/services/mcp/service_mcp_tool_registry.py +329 -0
- omnibase_infra/services/mcp/service_mcp_tool_sync.py +565 -0
- omnibase_infra/services/registry_api/__init__.py +40 -0
- omnibase_infra/services/registry_api/main.py +261 -0
- omnibase_infra/services/registry_api/models/__init__.py +66 -0
- omnibase_infra/services/registry_api/models/model_capability_widget_mapping.py +38 -0
- omnibase_infra/services/registry_api/models/model_pagination_info.py +48 -0
- omnibase_infra/services/registry_api/models/model_registry_discovery_response.py +73 -0
- omnibase_infra/services/registry_api/models/model_registry_health_response.py +49 -0
- omnibase_infra/services/registry_api/models/model_registry_instance_view.py +88 -0
- omnibase_infra/services/registry_api/models/model_registry_node_view.py +88 -0
- omnibase_infra/services/registry_api/models/model_registry_summary.py +60 -0
- omnibase_infra/services/registry_api/models/model_response_list_instances.py +43 -0
- omnibase_infra/services/registry_api/models/model_response_list_nodes.py +51 -0
- omnibase_infra/services/registry_api/models/model_warning.py +49 -0
- omnibase_infra/services/registry_api/models/model_widget_defaults.py +28 -0
- omnibase_infra/services/registry_api/models/model_widget_mapping.py +51 -0
- omnibase_infra/services/registry_api/routes.py +371 -0
- omnibase_infra/services/registry_api/service.py +837 -0
- omnibase_infra/services/service_capability_query.py +945 -0
- omnibase_infra/services/service_health.py +898 -0
- omnibase_infra/services/service_node_selector.py +530 -0
- omnibase_infra/services/service_timeout_emitter.py +699 -0
- omnibase_infra/services/service_timeout_scanner.py +394 -0
- omnibase_infra/services/session/__init__.py +56 -0
- omnibase_infra/services/session/config_consumer.py +137 -0
- omnibase_infra/services/session/config_store.py +139 -0
- omnibase_infra/services/session/consumer.py +1007 -0
- omnibase_infra/services/session/protocol_session_aggregator.py +117 -0
- omnibase_infra/services/session/store.py +997 -0
- omnibase_infra/services/snapshot/__init__.py +31 -0
- omnibase_infra/services/snapshot/service_snapshot.py +647 -0
- omnibase_infra/services/snapshot/store_inmemory.py +637 -0
- omnibase_infra/services/snapshot/store_postgres.py +1279 -0
- omnibase_infra/shared/__init__.py +8 -0
- omnibase_infra/testing/__init__.py +10 -0
- omnibase_infra/testing/utils.py +23 -0
- omnibase_infra/topics/__init__.py +45 -0
- omnibase_infra/topics/platform_topic_suffixes.py +140 -0
- omnibase_infra/topics/util_topic_composition.py +95 -0
- omnibase_infra/types/__init__.py +48 -0
- omnibase_infra/types/type_cache_info.py +49 -0
- omnibase_infra/types/type_dsn.py +173 -0
- omnibase_infra/types/type_infra_aliases.py +60 -0
- omnibase_infra/types/typed_dict/__init__.py +29 -0
- omnibase_infra/types/typed_dict/typed_dict_envelope_build_params.py +115 -0
- omnibase_infra/types/typed_dict/typed_dict_introspection_cache.py +128 -0
- omnibase_infra/types/typed_dict/typed_dict_performance_metrics_cache.py +140 -0
- omnibase_infra/types/typed_dict_capabilities.py +64 -0
- omnibase_infra/utils/__init__.py +117 -0
- omnibase_infra/utils/correlation.py +208 -0
- omnibase_infra/utils/util_atomic_file.py +261 -0
- omnibase_infra/utils/util_consumer_group.py +232 -0
- omnibase_infra/utils/util_datetime.py +372 -0
- omnibase_infra/utils/util_db_transaction.py +239 -0
- omnibase_infra/utils/util_dsn_validation.py +333 -0
- omnibase_infra/utils/util_env_parsing.py +264 -0
- omnibase_infra/utils/util_error_sanitization.py +457 -0
- omnibase_infra/utils/util_pydantic_validators.py +477 -0
- omnibase_infra/utils/util_retry_optimistic.py +281 -0
- omnibase_infra/utils/util_semver.py +233 -0
- omnibase_infra/validation/__init__.py +307 -0
- omnibase_infra/validation/contracts/security.validation.yaml +114 -0
- omnibase_infra/validation/enums/__init__.py +11 -0
- omnibase_infra/validation/enums/enum_contract_violation_severity.py +13 -0
- omnibase_infra/validation/infra_validators.py +1514 -0
- omnibase_infra/validation/linter_contract.py +907 -0
- omnibase_infra/validation/mixin_any_type_classification.py +120 -0
- omnibase_infra/validation/mixin_any_type_exemption.py +580 -0
- omnibase_infra/validation/mixin_any_type_reporting.py +106 -0
- omnibase_infra/validation/mixin_execution_shape_violation_checks.py +596 -0
- omnibase_infra/validation/mixin_node_archetype_detection.py +254 -0
- omnibase_infra/validation/models/__init__.py +15 -0
- omnibase_infra/validation/models/model_contract_lint_result.py +101 -0
- omnibase_infra/validation/models/model_contract_violation.py +41 -0
- omnibase_infra/validation/service_validation_aggregator.py +395 -0
- omnibase_infra/validation/validation_exemptions.yaml +2033 -0
- omnibase_infra/validation/validator_any_type.py +715 -0
- omnibase_infra/validation/validator_chain_propagation.py +839 -0
- omnibase_infra/validation/validator_execution_shape.py +465 -0
- omnibase_infra/validation/validator_localhandler.py +261 -0
- omnibase_infra/validation/validator_registration_security.py +410 -0
- omnibase_infra/validation/validator_routing_coverage.py +1020 -0
- omnibase_infra/validation/validator_runtime_shape.py +915 -0
- omnibase_infra/validation/validator_security.py +513 -0
- omnibase_infra/validation/validator_topic_category.py +1152 -0
- omnibase_infra-0.2.6.dist-info/METADATA +197 -0
- omnibase_infra-0.2.6.dist-info/RECORD +833 -0
- omnibase_infra-0.2.6.dist-info/WHEEL +4 -0
- omnibase_infra-0.2.6.dist-info/entry_points.txt +5 -0
- omnibase_infra-0.2.6.dist-info/licenses/LICENSE +21 -0
|
@@ -0,0 +1,261 @@
|
|
|
1
|
+
# SPDX-License-Identifier: MIT
|
|
2
|
+
# Copyright (c) 2025 OmniNode Team
|
|
3
|
+
"""LocalHandler Import Validator for ONEX Production Code Policy.
|
|
4
|
+
|
|
5
|
+
This module provides validation to detect forbidden LocalHandler imports
|
|
6
|
+
in production code. LocalHandler is a test-only handler that must NEVER
|
|
7
|
+
be imported in src/omnibase_infra/.
|
|
8
|
+
|
|
9
|
+
Policy:
|
|
10
|
+
- BLOCKED: Any import of LocalHandler in src/omnibase_infra/
|
|
11
|
+
- ALLOWED: Imports in tests/ directory for comparison tests
|
|
12
|
+
|
|
13
|
+
The validator uses regex-based line scanning to detect import patterns.
|
|
14
|
+
|
|
15
|
+
Import Patterns Detected:
|
|
16
|
+
- ``from omnibase_core.handlers import LocalHandler``
|
|
17
|
+
- ``from omnibase_core.handlers.handler_local import LocalHandler``
|
|
18
|
+
- ``from omnibase_core.handlers.local_handler import LocalHandler``
|
|
19
|
+
- ``import omnibase_core.handlers.LocalHandler``
|
|
20
|
+
- Any other pattern containing 'LocalHandler' in an import statement
|
|
21
|
+
|
|
22
|
+
Usage:
|
|
23
|
+
>>> from omnibase_infra.validation.validator_localhandler import (
|
|
24
|
+
... validate_localhandler,
|
|
25
|
+
... validate_localhandler_ci,
|
|
26
|
+
... )
|
|
27
|
+
>>> violations = validate_localhandler(Path("src/omnibase_infra"))
|
|
28
|
+
>>> result = validate_localhandler_ci(Path("src/omnibase_infra"))
|
|
29
|
+
>>> if not result.passed:
|
|
30
|
+
... print(result.format_summary())
|
|
31
|
+
... sys.exit(1)
|
|
32
|
+
"""
|
|
33
|
+
|
|
34
|
+
from __future__ import annotations
|
|
35
|
+
|
|
36
|
+
import logging
|
|
37
|
+
import re
|
|
38
|
+
from pathlib import Path
|
|
39
|
+
|
|
40
|
+
from omnibase_infra.models.validation.model_localhandler_validation_result import (
|
|
41
|
+
ModelLocalHandlerValidationResult,
|
|
42
|
+
)
|
|
43
|
+
from omnibase_infra.models.validation.model_localhandler_violation import (
|
|
44
|
+
ModelLocalHandlerViolation,
|
|
45
|
+
)
|
|
46
|
+
|
|
47
|
+
logger = logging.getLogger(__name__)
|
|
48
|
+
|
|
49
|
+
# Regex pattern to detect LocalHandler imports (line-by-line matching)
|
|
50
|
+
# Matches both:
|
|
51
|
+
# - from ... import LocalHandler (with optional alias)
|
|
52
|
+
# - import statement with LocalHandler in path
|
|
53
|
+
_PATTERN_LOCALHANDLER_IMPORT = re.compile(
|
|
54
|
+
r"^\s*(?:from\s+[\w.]+\s+import\s+.*\bLocalHandler\b|import\s+[\w.]*LocalHandler)"
|
|
55
|
+
)
|
|
56
|
+
|
|
57
|
+
# Maximum file size to process (in bytes).
|
|
58
|
+
# Files larger than this are skipped to prevent hangs on auto-generated code.
|
|
59
|
+
_MAX_FILE_SIZE_BYTES: int = 1_000_000 # 1MB
|
|
60
|
+
|
|
61
|
+
# Directories to skip (exact name matching)
|
|
62
|
+
_SKIP_DIRECTORIES: frozenset[str] = frozenset(
|
|
63
|
+
{
|
|
64
|
+
"tests", # Test files are allowed to use LocalHandler
|
|
65
|
+
"__pycache__", # Python bytecode cache
|
|
66
|
+
".git", # Git directory
|
|
67
|
+
".venv", # Virtual environment
|
|
68
|
+
"venv", # Virtual environment
|
|
69
|
+
"node_modules", # Node modules (unlikely but safe)
|
|
70
|
+
}
|
|
71
|
+
)
|
|
72
|
+
|
|
73
|
+
|
|
74
|
+
def _should_skip_file(filepath: Path) -> bool:
|
|
75
|
+
"""Check if a file should be skipped based on directory matching.
|
|
76
|
+
|
|
77
|
+
Uses exact parent directory matching to prevent false positives.
|
|
78
|
+
|
|
79
|
+
Note:
|
|
80
|
+
__init__.py files are NOT skipped because they can contain
|
|
81
|
+
LocalHandler imports that must be validated.
|
|
82
|
+
|
|
83
|
+
Args:
|
|
84
|
+
filepath: Path to check.
|
|
85
|
+
|
|
86
|
+
Returns:
|
|
87
|
+
True if the file should be skipped.
|
|
88
|
+
"""
|
|
89
|
+
parts = filepath.parts
|
|
90
|
+
|
|
91
|
+
# Check parent directories for exact matches (exclude filename)
|
|
92
|
+
for part in parts[:-1]:
|
|
93
|
+
if part in _SKIP_DIRECTORIES:
|
|
94
|
+
return True
|
|
95
|
+
|
|
96
|
+
# Skip private modules (underscore prefix) but NOT __init__.py
|
|
97
|
+
# __init__.py files CAN contain LocalHandler imports and must be validated
|
|
98
|
+
filename = filepath.name
|
|
99
|
+
if filename.startswith("_") and filename != "__init__.py":
|
|
100
|
+
return True
|
|
101
|
+
|
|
102
|
+
return False
|
|
103
|
+
|
|
104
|
+
|
|
105
|
+
def validate_localhandler_in_file(filepath: Path) -> list[ModelLocalHandlerViolation]:
|
|
106
|
+
"""Validate a single Python file for LocalHandler import violations.
|
|
107
|
+
|
|
108
|
+
Args:
|
|
109
|
+
filepath: Path to the Python file to validate.
|
|
110
|
+
|
|
111
|
+
Returns:
|
|
112
|
+
List of detected violations. Empty list if no violations found.
|
|
113
|
+
"""
|
|
114
|
+
try:
|
|
115
|
+
content = filepath.read_text(encoding="utf-8")
|
|
116
|
+
except OSError as e:
|
|
117
|
+
logger.warning(
|
|
118
|
+
"Failed to read file",
|
|
119
|
+
extra={"file": str(filepath), "error": str(e)},
|
|
120
|
+
)
|
|
121
|
+
return []
|
|
122
|
+
|
|
123
|
+
violations: list[ModelLocalHandlerViolation] = []
|
|
124
|
+
lines = content.split("\n")
|
|
125
|
+
|
|
126
|
+
for line_number, line in enumerate(lines, start=1):
|
|
127
|
+
# Skip comment lines
|
|
128
|
+
stripped = line.strip()
|
|
129
|
+
if stripped.startswith("#"):
|
|
130
|
+
continue
|
|
131
|
+
|
|
132
|
+
# Check if line contains LocalHandler import
|
|
133
|
+
if _PATTERN_LOCALHANDLER_IMPORT.match(stripped):
|
|
134
|
+
violations.append(
|
|
135
|
+
ModelLocalHandlerViolation(
|
|
136
|
+
file_path=filepath,
|
|
137
|
+
line_number=line_number,
|
|
138
|
+
import_line=stripped,
|
|
139
|
+
)
|
|
140
|
+
)
|
|
141
|
+
|
|
142
|
+
return violations
|
|
143
|
+
|
|
144
|
+
|
|
145
|
+
def _validate_localhandler_with_count(
|
|
146
|
+
directory: Path,
|
|
147
|
+
recursive: bool = True,
|
|
148
|
+
) -> tuple[list[ModelLocalHandlerViolation], int]:
|
|
149
|
+
"""Internal function to validate files and count them in a single traversal.
|
|
150
|
+
|
|
151
|
+
This avoids double traversal by combining file counting with validation.
|
|
152
|
+
|
|
153
|
+
Args:
|
|
154
|
+
directory: Path to the directory to validate.
|
|
155
|
+
recursive: If True, recursively validate subdirectories.
|
|
156
|
+
|
|
157
|
+
Returns:
|
|
158
|
+
Tuple of (violations list, files_checked count).
|
|
159
|
+
"""
|
|
160
|
+
violations: list[ModelLocalHandlerViolation] = []
|
|
161
|
+
files_checked = 0
|
|
162
|
+
py_files = directory.rglob("*.py") if recursive else directory.glob("*.py")
|
|
163
|
+
|
|
164
|
+
for filepath in py_files:
|
|
165
|
+
if filepath.is_file() and not _should_skip_file(filepath):
|
|
166
|
+
# Skip very large files
|
|
167
|
+
try:
|
|
168
|
+
file_size = filepath.stat().st_size
|
|
169
|
+
if file_size > _MAX_FILE_SIZE_BYTES:
|
|
170
|
+
logger.debug(
|
|
171
|
+
"Skipping large file",
|
|
172
|
+
extra={"file": str(filepath), "size_bytes": file_size},
|
|
173
|
+
)
|
|
174
|
+
continue
|
|
175
|
+
except OSError as e:
|
|
176
|
+
logger.warning(
|
|
177
|
+
"Failed to stat file",
|
|
178
|
+
extra={"file": str(filepath), "error": str(e)},
|
|
179
|
+
)
|
|
180
|
+
continue
|
|
181
|
+
|
|
182
|
+
# Count this file as checked
|
|
183
|
+
files_checked += 1
|
|
184
|
+
|
|
185
|
+
try:
|
|
186
|
+
file_violations = validate_localhandler_in_file(filepath)
|
|
187
|
+
violations.extend(file_violations)
|
|
188
|
+
except Exception as e: # catch-all-ok: validation continues on file errors
|
|
189
|
+
logger.warning(
|
|
190
|
+
"Failed to validate file",
|
|
191
|
+
extra={
|
|
192
|
+
"file": str(filepath),
|
|
193
|
+
"error_type": type(e).__name__,
|
|
194
|
+
"error": str(e),
|
|
195
|
+
},
|
|
196
|
+
)
|
|
197
|
+
continue
|
|
198
|
+
|
|
199
|
+
return violations, files_checked
|
|
200
|
+
|
|
201
|
+
|
|
202
|
+
def validate_localhandler(
|
|
203
|
+
directory: Path,
|
|
204
|
+
recursive: bool = True,
|
|
205
|
+
) -> list[ModelLocalHandlerViolation]:
|
|
206
|
+
"""Validate all Python files in a directory for LocalHandler import violations.
|
|
207
|
+
|
|
208
|
+
This is the main entry point for batch validation.
|
|
209
|
+
|
|
210
|
+
Args:
|
|
211
|
+
directory: Path to the directory to validate.
|
|
212
|
+
recursive: If True, recursively validate subdirectories.
|
|
213
|
+
|
|
214
|
+
Returns:
|
|
215
|
+
List of all detected violations across all files.
|
|
216
|
+
|
|
217
|
+
Example:
|
|
218
|
+
>>> violations = validate_localhandler(Path("src/omnibase_infra"))
|
|
219
|
+
>>> for v in violations:
|
|
220
|
+
... print(v.format_human_readable())
|
|
221
|
+
"""
|
|
222
|
+
violations, _ = _validate_localhandler_with_count(directory, recursive)
|
|
223
|
+
return violations
|
|
224
|
+
|
|
225
|
+
|
|
226
|
+
def validate_localhandler_ci(
|
|
227
|
+
directory: Path,
|
|
228
|
+
recursive: bool = True,
|
|
229
|
+
) -> ModelLocalHandlerValidationResult:
|
|
230
|
+
"""CI gate for LocalHandler validation.
|
|
231
|
+
|
|
232
|
+
This function is designed for CI pipeline integration. It returns a
|
|
233
|
+
structured result model containing the pass/fail status and all violations
|
|
234
|
+
for reporting.
|
|
235
|
+
|
|
236
|
+
Args:
|
|
237
|
+
directory: Path to the directory to validate.
|
|
238
|
+
recursive: If True, recursively validate subdirectories.
|
|
239
|
+
|
|
240
|
+
Returns:
|
|
241
|
+
ModelLocalHandlerValidationResult containing pass/fail status and violations.
|
|
242
|
+
|
|
243
|
+
Example:
|
|
244
|
+
>>> result = validate_localhandler_ci(Path("src/omnibase_infra"))
|
|
245
|
+
>>> if not result.passed:
|
|
246
|
+
... print(result.format_summary())
|
|
247
|
+
... for line in result.format_for_ci():
|
|
248
|
+
... print(line)
|
|
249
|
+
... sys.exit(1)
|
|
250
|
+
"""
|
|
251
|
+
violations, files_checked = _validate_localhandler_with_count(directory, recursive)
|
|
252
|
+
return ModelLocalHandlerValidationResult.from_violations(violations, files_checked)
|
|
253
|
+
|
|
254
|
+
|
|
255
|
+
__all__ = [
|
|
256
|
+
"ModelLocalHandlerValidationResult",
|
|
257
|
+
"ModelLocalHandlerViolation",
|
|
258
|
+
"validate_localhandler",
|
|
259
|
+
"validate_localhandler_ci",
|
|
260
|
+
"validate_localhandler_in_file",
|
|
261
|
+
]
|
|
@@ -0,0 +1,410 @@
|
|
|
1
|
+
# SPDX-License-Identifier: MIT
|
|
2
|
+
# Copyright (c) 2025 OmniNode Team
|
|
3
|
+
"""Registration-time security validation for handlers.
|
|
4
|
+
|
|
5
|
+
Validates handler security policies against environment constraints
|
|
6
|
+
at registration time. Part of the two-layer security validation
|
|
7
|
+
system (OMN-1098).
|
|
8
|
+
|
|
9
|
+
Security Rules Enforced:
|
|
10
|
+
SECURITY-300: Secret scope not permitted by environment
|
|
11
|
+
SECURITY-301: Data classification exceeds environment maximum
|
|
12
|
+
SECURITY-302: Adapter handler requesting secrets
|
|
13
|
+
SECURITY-303: Adapter with non-EFFECT handler category
|
|
14
|
+
SECURITY-304: Adapter missing explicit domain allowlist
|
|
15
|
+
|
|
16
|
+
Architecture:
|
|
17
|
+
This validator operates at registration time, before handlers are
|
|
18
|
+
permitted to execute. It validates handler-declared security policies
|
|
19
|
+
against environment-level constraints. Runtime enforcement (invocation-time
|
|
20
|
+
validation) is handled separately.
|
|
21
|
+
|
|
22
|
+
The validator is stateless for the convenience function pattern, but also
|
|
23
|
+
supports a stateful pattern where the environment policy is bound at
|
|
24
|
+
construction time.
|
|
25
|
+
|
|
26
|
+
See Also:
|
|
27
|
+
- ModelHandlerSecurityPolicy: Handler-declared security requirements
|
|
28
|
+
- ModelEnvironmentPolicy: Environment-level security constraints
|
|
29
|
+
- EnumSecurityRuleId: Security validation rule identifiers
|
|
30
|
+
|
|
31
|
+
"""
|
|
32
|
+
|
|
33
|
+
from __future__ import annotations
|
|
34
|
+
|
|
35
|
+
from omnibase_infra.enums import EnumHandlerTypeCategory, EnumSecurityRuleId
|
|
36
|
+
from omnibase_infra.models.errors import ModelHandlerValidationError
|
|
37
|
+
from omnibase_infra.models.handlers import ModelHandlerIdentifier
|
|
38
|
+
from omnibase_infra.models.security import (
|
|
39
|
+
ModelEnvironmentPolicy,
|
|
40
|
+
ModelHandlerSecurityPolicy,
|
|
41
|
+
get_security_level,
|
|
42
|
+
)
|
|
43
|
+
|
|
44
|
+
|
|
45
|
+
class RegistrationSecurityValidator:
|
|
46
|
+
"""Validates handler security policies at registration time.
|
|
47
|
+
|
|
48
|
+
This validator checks handler-declared security policies against
|
|
49
|
+
environment-level constraints. It can be used in two patterns:
|
|
50
|
+
|
|
51
|
+
1. Stateful pattern (bind environment policy at construction):
|
|
52
|
+
>>> validator = RegistrationSecurityValidator(env_policy)
|
|
53
|
+
>>> errors = validator.validate(handler_policy)
|
|
54
|
+
>>> if validator.is_valid(handler_policy): ...
|
|
55
|
+
|
|
56
|
+
2. Stateless pattern (use module-level convenience function):
|
|
57
|
+
>>> errors = validate_handler_registration(handler_policy, env_policy)
|
|
58
|
+
|
|
59
|
+
The validator is itself stateless (no mutable state), but binding the
|
|
60
|
+
environment policy at construction provides a convenient interface when
|
|
61
|
+
validating multiple handlers against the same environment.
|
|
62
|
+
|
|
63
|
+
Attributes:
|
|
64
|
+
environment_policy: The environment policy bound at construction.
|
|
65
|
+
|
|
66
|
+
Security Rules:
|
|
67
|
+
SECURITY-300: Secret scope not permitted by environment
|
|
68
|
+
SECURITY-301: Data classification exceeds environment maximum
|
|
69
|
+
SECURITY-302: Adapter handler requesting secrets
|
|
70
|
+
SECURITY-303: Adapter with non-EFFECT handler category
|
|
71
|
+
SECURITY-304: Adapter missing explicit domain allowlist
|
|
72
|
+
|
|
73
|
+
"""
|
|
74
|
+
|
|
75
|
+
def __init__(self, environment_policy: ModelEnvironmentPolicy) -> None:
|
|
76
|
+
"""Initialize the validator with environment policy.
|
|
77
|
+
|
|
78
|
+
Args:
|
|
79
|
+
environment_policy: Environment-level security constraints.
|
|
80
|
+
"""
|
|
81
|
+
self._environment_policy = environment_policy
|
|
82
|
+
|
|
83
|
+
@property
|
|
84
|
+
def environment_policy(self) -> ModelEnvironmentPolicy:
|
|
85
|
+
"""Get the environment policy bound to this validator."""
|
|
86
|
+
return self._environment_policy
|
|
87
|
+
|
|
88
|
+
def validate(
|
|
89
|
+
self,
|
|
90
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
91
|
+
handler_identity: ModelHandlerIdentifier | None = None,
|
|
92
|
+
) -> list[ModelHandlerValidationError]:
|
|
93
|
+
"""Validate handler security policy against environment constraints.
|
|
94
|
+
|
|
95
|
+
Args:
|
|
96
|
+
handler_policy: Handler-declared security policy.
|
|
97
|
+
handler_identity: Optional handler identity for error context.
|
|
98
|
+
Defaults to "unknown" if not provided.
|
|
99
|
+
|
|
100
|
+
Returns:
|
|
101
|
+
List of validation errors (empty if valid).
|
|
102
|
+
"""
|
|
103
|
+
return _validate_policies(
|
|
104
|
+
handler_policy, self._environment_policy, handler_identity
|
|
105
|
+
)
|
|
106
|
+
|
|
107
|
+
def is_valid(
|
|
108
|
+
self,
|
|
109
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
110
|
+
handler_identity: ModelHandlerIdentifier | None = None,
|
|
111
|
+
) -> bool:
|
|
112
|
+
"""Check if handler security policy is valid for this environment.
|
|
113
|
+
|
|
114
|
+
Args:
|
|
115
|
+
handler_policy: Handler-declared security policy.
|
|
116
|
+
handler_identity: Optional handler identity for error context.
|
|
117
|
+
Defaults to "unknown" if not provided.
|
|
118
|
+
|
|
119
|
+
Returns:
|
|
120
|
+
True if valid (no errors), False otherwise.
|
|
121
|
+
"""
|
|
122
|
+
return len(self.validate(handler_policy, handler_identity)) == 0
|
|
123
|
+
|
|
124
|
+
|
|
125
|
+
def _validate_policies(
|
|
126
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
127
|
+
env_policy: ModelEnvironmentPolicy,
|
|
128
|
+
handler_identity: ModelHandlerIdentifier | None = None,
|
|
129
|
+
) -> list[ModelHandlerValidationError]:
|
|
130
|
+
"""Core validation logic for handler security policy against environment.
|
|
131
|
+
|
|
132
|
+
This function implements all validation rules. It is used by both the
|
|
133
|
+
RegistrationSecurityValidator class and the convenience function.
|
|
134
|
+
|
|
135
|
+
Args:
|
|
136
|
+
handler_policy: Handler-declared security policy.
|
|
137
|
+
env_policy: Environment-level security constraints.
|
|
138
|
+
handler_identity: Optional handler identity for error context.
|
|
139
|
+
Defaults to "unknown" if not provided.
|
|
140
|
+
|
|
141
|
+
Returns:
|
|
142
|
+
List of validation errors (empty if valid).
|
|
143
|
+
"""
|
|
144
|
+
# Use default "unknown" if no identity provided
|
|
145
|
+
identity = handler_identity or ModelHandlerIdentifier.from_handler_id("unknown")
|
|
146
|
+
errors: list[ModelHandlerValidationError] = []
|
|
147
|
+
|
|
148
|
+
# 1. Check secret scopes (SECURITY-300)
|
|
149
|
+
errors.extend(_validate_secret_scopes(handler_policy, env_policy, identity))
|
|
150
|
+
|
|
151
|
+
# 2. Check data classification (SECURITY-301)
|
|
152
|
+
errors.extend(_validate_classification(handler_policy, env_policy, identity))
|
|
153
|
+
|
|
154
|
+
# 3. Check adapter constraints (SECURITY-302, 303, 304)
|
|
155
|
+
if handler_policy.is_adapter:
|
|
156
|
+
errors.extend(
|
|
157
|
+
_validate_adapter_constraints(handler_policy, env_policy, identity)
|
|
158
|
+
)
|
|
159
|
+
|
|
160
|
+
return errors
|
|
161
|
+
|
|
162
|
+
|
|
163
|
+
def _validate_secret_scopes(
|
|
164
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
165
|
+
env_policy: ModelEnvironmentPolicy,
|
|
166
|
+
handler_identity: ModelHandlerIdentifier,
|
|
167
|
+
) -> list[ModelHandlerValidationError]:
|
|
168
|
+
"""Validate secret scopes against environment permissions.
|
|
169
|
+
|
|
170
|
+
SECURITY-300: Secret scope not permitted by environment.
|
|
171
|
+
|
|
172
|
+
Wildcard Support:
|
|
173
|
+
If permitted_secret_scopes contains "*", all secret scopes are allowed.
|
|
174
|
+
This is intended for development environments where secret isolation
|
|
175
|
+
is less critical.
|
|
176
|
+
|
|
177
|
+
Args:
|
|
178
|
+
handler_policy: Handler-declared security policy.
|
|
179
|
+
env_policy: Environment-level security constraints.
|
|
180
|
+
handler_identity: Handler identity for error context.
|
|
181
|
+
|
|
182
|
+
Returns:
|
|
183
|
+
List of errors for unpermitted secret scopes.
|
|
184
|
+
"""
|
|
185
|
+
errors: list[ModelHandlerValidationError] = []
|
|
186
|
+
|
|
187
|
+
# If "*" is in permitted_secret_scopes, all scopes are allowed
|
|
188
|
+
if "*" in env_policy.permitted_secret_scopes:
|
|
189
|
+
return errors
|
|
190
|
+
|
|
191
|
+
# Find unpermitted scopes
|
|
192
|
+
unpermitted = handler_policy.secret_scopes - env_policy.permitted_secret_scopes
|
|
193
|
+
|
|
194
|
+
# Create error for each unpermitted scope
|
|
195
|
+
for scope in sorted(unpermitted): # Sort for deterministic output
|
|
196
|
+
error = ModelHandlerValidationError.from_security_violation(
|
|
197
|
+
rule_id=EnumSecurityRuleId.SECRET_SCOPE_NOT_PERMITTED,
|
|
198
|
+
message=(
|
|
199
|
+
f"Secret scope '{scope}' not permitted in "
|
|
200
|
+
f"{env_policy.environment.value} environment"
|
|
201
|
+
),
|
|
202
|
+
remediation_hint=(
|
|
203
|
+
f"Remove the '{scope}' secret scope from handler policy "
|
|
204
|
+
"or update environment policy to permit this scope"
|
|
205
|
+
),
|
|
206
|
+
handler_identity=handler_identity,
|
|
207
|
+
)
|
|
208
|
+
errors.append(error)
|
|
209
|
+
|
|
210
|
+
return errors
|
|
211
|
+
|
|
212
|
+
|
|
213
|
+
def _validate_classification(
|
|
214
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
215
|
+
env_policy: ModelEnvironmentPolicy,
|
|
216
|
+
handler_identity: ModelHandlerIdentifier,
|
|
217
|
+
) -> list[ModelHandlerValidationError]:
|
|
218
|
+
"""Validate data classification against environment maximum.
|
|
219
|
+
|
|
220
|
+
SECURITY-301: Data classification exceeds environment maximum.
|
|
221
|
+
|
|
222
|
+
Args:
|
|
223
|
+
handler_policy: Handler-declared security policy.
|
|
224
|
+
env_policy: Environment-level security constraints.
|
|
225
|
+
handler_identity: Handler identity for error context.
|
|
226
|
+
|
|
227
|
+
Returns:
|
|
228
|
+
List containing error if classification exceeds max, else empty.
|
|
229
|
+
"""
|
|
230
|
+
errors: list[ModelHandlerValidationError] = []
|
|
231
|
+
|
|
232
|
+
# Get security levels for comparison
|
|
233
|
+
handler_level = get_security_level(handler_policy.data_classification)
|
|
234
|
+
max_level = get_security_level(env_policy.max_data_classification)
|
|
235
|
+
|
|
236
|
+
# Check if handler classification exceeds environment maximum
|
|
237
|
+
if handler_level > max_level:
|
|
238
|
+
error = ModelHandlerValidationError.from_security_violation(
|
|
239
|
+
rule_id=EnumSecurityRuleId.CLASSIFICATION_EXCEEDS_MAX,
|
|
240
|
+
message=(
|
|
241
|
+
f"Handler data classification '{handler_policy.data_classification.value}' "
|
|
242
|
+
f"exceeds environment maximum '{env_policy.max_data_classification.value}' "
|
|
243
|
+
f"in {env_policy.environment.value} environment"
|
|
244
|
+
),
|
|
245
|
+
remediation_hint=(
|
|
246
|
+
f"Reduce handler data classification to "
|
|
247
|
+
f"'{env_policy.max_data_classification.value}' or below, "
|
|
248
|
+
"or deploy to an environment with higher classification limits"
|
|
249
|
+
),
|
|
250
|
+
handler_identity=handler_identity,
|
|
251
|
+
)
|
|
252
|
+
errors.append(error)
|
|
253
|
+
|
|
254
|
+
return errors
|
|
255
|
+
|
|
256
|
+
|
|
257
|
+
def _validate_adapter_constraints(
|
|
258
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
259
|
+
env_policy: ModelEnvironmentPolicy,
|
|
260
|
+
handler_identity: ModelHandlerIdentifier,
|
|
261
|
+
) -> list[ModelHandlerValidationError]:
|
|
262
|
+
"""Validate adapter-specific security constraints.
|
|
263
|
+
|
|
264
|
+
Adapters are special handlers that interact with external systems.
|
|
265
|
+
They have stricter security constraints:
|
|
266
|
+
SECURITY-302: Adapter requesting secrets (unless override allowed)
|
|
267
|
+
SECURITY-303: Adapter with non-EFFECT category
|
|
268
|
+
SECURITY-304: Adapter missing domain allowlist (if required)
|
|
269
|
+
|
|
270
|
+
Args:
|
|
271
|
+
handler_policy: Handler-declared security policy (must have is_adapter=True).
|
|
272
|
+
env_policy: Environment-level security constraints.
|
|
273
|
+
handler_identity: Handler identity for error context.
|
|
274
|
+
|
|
275
|
+
Returns:
|
|
276
|
+
List of errors for adapter constraint violations.
|
|
277
|
+
"""
|
|
278
|
+
errors: list[ModelHandlerValidationError] = []
|
|
279
|
+
|
|
280
|
+
# SECURITY-302: Adapter requesting secrets
|
|
281
|
+
if handler_policy.secret_scopes and not env_policy.adapter_secrets_override_allowed:
|
|
282
|
+
error = ModelHandlerValidationError.from_security_violation(
|
|
283
|
+
rule_id=EnumSecurityRuleId.ADAPTER_REQUESTING_SECRETS,
|
|
284
|
+
message=(
|
|
285
|
+
"Adapter handler is requesting secret scopes "
|
|
286
|
+
f"({', '.join(sorted(handler_policy.secret_scopes))}) "
|
|
287
|
+
"but adapters should not have direct secret access"
|
|
288
|
+
),
|
|
289
|
+
remediation_hint=(
|
|
290
|
+
"Remove secret scopes from adapter handler policy and use "
|
|
291
|
+
"platform secret management (Vault) instead, or enable "
|
|
292
|
+
"adapter_secrets_override_allowed in environment policy"
|
|
293
|
+
),
|
|
294
|
+
handler_identity=handler_identity,
|
|
295
|
+
)
|
|
296
|
+
errors.append(error)
|
|
297
|
+
|
|
298
|
+
# SECURITY-303: Adapter with non-EFFECT category (or missing category)
|
|
299
|
+
# Adapters MUST explicitly set handler_type_category=EFFECT
|
|
300
|
+
if handler_policy.handler_type_category is None:
|
|
301
|
+
error = ModelHandlerValidationError.from_security_violation(
|
|
302
|
+
rule_id=EnumSecurityRuleId.ADAPTER_NON_EFFECT_CATEGORY,
|
|
303
|
+
message=(
|
|
304
|
+
"Invalid adapter handler configuration: "
|
|
305
|
+
"expected handler_type_category=EFFECT, got None"
|
|
306
|
+
),
|
|
307
|
+
remediation_hint=(
|
|
308
|
+
"Set handler_type_category=EnumHandlerTypeCategory.EFFECT for adapter handlers, "
|
|
309
|
+
"or remove is_adapter=True if this is not an adapter"
|
|
310
|
+
),
|
|
311
|
+
handler_identity=handler_identity,
|
|
312
|
+
)
|
|
313
|
+
errors.append(error)
|
|
314
|
+
elif handler_policy.handler_type_category != EnumHandlerTypeCategory.EFFECT:
|
|
315
|
+
error = ModelHandlerValidationError.from_security_violation(
|
|
316
|
+
rule_id=EnumSecurityRuleId.ADAPTER_NON_EFFECT_CATEGORY,
|
|
317
|
+
message=(
|
|
318
|
+
f"Adapter handler has category '{handler_policy.handler_type_category.value}' "
|
|
319
|
+
"but adapters must be EFFECT category (external I/O handlers)"
|
|
320
|
+
),
|
|
321
|
+
remediation_hint=(
|
|
322
|
+
"Change handler_type_category to EFFECT for adapter handlers, "
|
|
323
|
+
"or remove is_adapter=True if this is not an adapter"
|
|
324
|
+
),
|
|
325
|
+
handler_identity=handler_identity,
|
|
326
|
+
)
|
|
327
|
+
errors.append(error)
|
|
328
|
+
|
|
329
|
+
# SECURITY-304: Adapter missing domain allowlist
|
|
330
|
+
# Empty allowed_domains or containing "*" wildcard is treated as missing
|
|
331
|
+
# when explicit domain allowlist is required
|
|
332
|
+
has_explicit_domains = (
|
|
333
|
+
bool(handler_policy.allowed_domains)
|
|
334
|
+
and "*" not in handler_policy.allowed_domains
|
|
335
|
+
)
|
|
336
|
+
if env_policy.require_explicit_domain_allowlist and not has_explicit_domains:
|
|
337
|
+
# Determine appropriate message based on violation type
|
|
338
|
+
if not handler_policy.allowed_domains:
|
|
339
|
+
violation_detail = "missing explicit domain allowlist"
|
|
340
|
+
else:
|
|
341
|
+
violation_detail = (
|
|
342
|
+
"using wildcard '*' in domain allowlist (explicit domains required)"
|
|
343
|
+
)
|
|
344
|
+
|
|
345
|
+
error = ModelHandlerValidationError.from_security_violation(
|
|
346
|
+
rule_id=EnumSecurityRuleId.ADAPTER_MISSING_DOMAIN_ALLOWLIST,
|
|
347
|
+
message=(
|
|
348
|
+
f"Adapter handler {violation_detail} "
|
|
349
|
+
f"which is required in {env_policy.environment.value} environment"
|
|
350
|
+
),
|
|
351
|
+
remediation_hint=(
|
|
352
|
+
"Add allowed_domains to handler policy specifying which "
|
|
353
|
+
"external domains the adapter may communicate with. "
|
|
354
|
+
"Wildcard '*' is not permitted when explicit domain allowlist is required."
|
|
355
|
+
),
|
|
356
|
+
handler_identity=handler_identity,
|
|
357
|
+
)
|
|
358
|
+
errors.append(error)
|
|
359
|
+
|
|
360
|
+
return errors
|
|
361
|
+
|
|
362
|
+
|
|
363
|
+
def validate_handler_registration(
|
|
364
|
+
handler_policy: ModelHandlerSecurityPolicy,
|
|
365
|
+
env_policy: ModelEnvironmentPolicy,
|
|
366
|
+
handler_identity: ModelHandlerIdentifier | None = None,
|
|
367
|
+
) -> list[ModelHandlerValidationError]:
|
|
368
|
+
"""Validate handler security policy against environment constraints.
|
|
369
|
+
|
|
370
|
+
Convenience function for one-shot validation without creating a
|
|
371
|
+
validator instance. For validating multiple handlers against the
|
|
372
|
+
same environment, consider using RegistrationSecurityValidator directly.
|
|
373
|
+
|
|
374
|
+
Args:
|
|
375
|
+
handler_policy: Handler-declared security policy.
|
|
376
|
+
env_policy: Environment-level security constraints.
|
|
377
|
+
handler_identity: Optional handler identity for error context.
|
|
378
|
+
Defaults to "unknown" if not provided.
|
|
379
|
+
|
|
380
|
+
Returns:
|
|
381
|
+
List of validation errors (empty if valid).
|
|
382
|
+
|
|
383
|
+
Example:
|
|
384
|
+
>>> from omnibase_infra.models.security import (
|
|
385
|
+
... ModelHandlerSecurityPolicy,
|
|
386
|
+
... ModelEnvironmentPolicy,
|
|
387
|
+
... )
|
|
388
|
+
>>> from omnibase_core.enums import EnumDataClassification
|
|
389
|
+
>>> from omnibase_infra.enums import EnumEnvironment
|
|
390
|
+
>>>
|
|
391
|
+
>>> handler_policy = ModelHandlerSecurityPolicy(
|
|
392
|
+
... secret_scopes=frozenset({"database-creds"}),
|
|
393
|
+
... data_classification=EnumDataClassification.INTERNAL,
|
|
394
|
+
... )
|
|
395
|
+
>>> env_policy = ModelEnvironmentPolicy(
|
|
396
|
+
... environment=EnumEnvironment.PRODUCTION,
|
|
397
|
+
... permitted_secret_scopes=frozenset({"api-keys"}),
|
|
398
|
+
... max_data_classification=EnumDataClassification.CONFIDENTIAL,
|
|
399
|
+
... )
|
|
400
|
+
>>> errors = validate_handler_registration(handler_policy, env_policy)
|
|
401
|
+
>>> len(errors) # 1 error for unpermitted secret scope
|
|
402
|
+
1
|
|
403
|
+
"""
|
|
404
|
+
return _validate_policies(handler_policy, env_policy, handler_identity)
|
|
405
|
+
|
|
406
|
+
|
|
407
|
+
__all__ = [
|
|
408
|
+
"RegistrationSecurityValidator",
|
|
409
|
+
"validate_handler_registration",
|
|
410
|
+
]
|