orchestr8-platform 3.0.0__tar.gz

orchestr8_platform-3.0.0/PKG-INFO

@@ -0,0 +1,164 @@
+Metadata-Version: 2.4
+Name: orchestr8-platform
+Version: 3.0.0
+Summary: Orchestr8 - Enterprise GitOps platform for Kubernetes orchestration
+Author-email: Orchestr8 Team <dev@agenticinsights.com>
+License: MIT
+Project-URL: Homepage, https://github.com/killerapp/orchestr8
+Project-URL: Documentation, https://orchestr8.agenticinsights.com
+Project-URL: Repository, https://github.com/killerapp/orchestr8
+Project-URL: Issues, https://github.com/killerapp/orchestr8/issues
+Keywords: kubernetes,gitops,argocd,platform,orchestration
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Software Development :: Libraries :: Python Modules
+Classifier: Topic :: System :: Systems Administration
+Requires-Python: >=3.11
+Description-Content-Type: text/markdown
+Requires-Dist: typer>=0.9.0
+Requires-Dist: rich>=13.7.0
+Requires-Dist: boto3>=1.34.0
+Requires-Dist: google-cloud-secret-manager>=2.16.0
+Requires-Dist: google-cloud-container>=2.35.0
+Requires-Dist: kubernetes>=29.0.0
+Requires-Dist: pyyaml>=6.0.1
+Requires-Dist: pydantic>=2.5.0
+Requires-Dist: pygithub>=2.1.1
+Requires-Dist: requests>=2.31.0
+Requires-Dist: requests-oauthlib>=2.0.0
+Requires-Dist: httpx>=0.28.1
+Requires-Dist: bcrypt>=4.1.0
+Requires-Dist: pyjwt>=2.8.0
+Requires-Dist: azure-keyvault-secrets>=4.10.0
+Requires-Dist: azure-identity>=1.24.0
+
+# Orchestr8
+
+A unified SDK and CLI for automated Kubernetes platform management using GitOps principles.
+
+## Features
+
+- 🚀 **Zero-touch cluster bootstrapping** - Automated setup with minimal manual steps
+- 🔐 **Integrated secrets management** - AWS/GCP Secrets Manager support with automatic generation
+- 🤖 **Multiple interfaces** - Use as CLI or SDK for programmatic access
+- ☁️ **Multi-cloud ready** - Support for AWS, GCP, Azure, and local development
+- 🔄 **GitOps native** - Built on ArgoCD with the app-of-apps pattern
+- 🩺 **Built-in diagnostics** - Auto-running health checks and environment validation
+
+## Installation
+
+```bash
+# Install from PyPI
+uv tool install orchestr8-platform
+
+# Or add to your project
+uv add orchestr8-platform
+```
+
+## Quick Start
+
+### CLI Usage
+
+```bash
+# Interactive setup
+o8 setup
+
+# Non-interactive setup
+o8 setup \
+  --provider aws \
+  --cluster my-cluster \
+  --domain platform.example.com \
+  --github-org my-org \
+  --region us-east-1
+
+# Check status and validate environment
+o8 status
+o8 doctor
+
+# Validate prerequisites
+o8 validate
+```
+
+### SDK Usage
+
+```python
+from orchestr8 import Orchestr8SDK, Config, CloudProvider
+from orchestr8.core.config import GitHubConfig
+
+# Create configuration
+config = Config(
+    provider=CloudProvider.AWS,
+    region="us-east-1",
+    cluster_name="my-cluster",
+    domain="platform.example.com",
+    github=GitHubConfig(
+        org="my-org",
+        token="ghp_..."
+    )
+)
+
+# Initialize SDK
+sdk = Orchestr8SDK(config)
+
+# Run setup
+await sdk.setup()
+
+# Check status
+status = await sdk.get_status()
+```
+
+## Architecture
+
+Orchestr8 sets up:
+
+- **ArgoCD** - GitOps continuous delivery
+- **Istio** - Service mesh for traffic management
+- **Keycloak** - Identity and access management
+- **Prometheus/Grafana** - Monitoring and observability
+- **Cert-Manager** - Automatic TLS certificate management
+
+## Migration from Orchestr8
+
+If you're migrating from Orchestr8 Orchestrator (Orchestr8):
+
+1. **Install Orchestr8**: `uv tool install orchestr8-platform`
+2. **Update scripts**: Replace `orchestr8` commands with `o8`
+3. **Validate setup**: Run `o8 doctor` to check your environment
+4. **Update repositories**: Change repo references from `orchestr8` to `orchestr8`
+
+Your existing configurations will be automatically detected and migration prompts provided.
+
+## Development
+
+```bash
+# Clone the repository
+git clone https://github.com/killerapp/orchestr8
+cd orchestr8/o8-cli
+
+# Install dependencies
+uv sync
+
+# Run tests
+uv run pytest
+
+# Run CLI in development
+uv run python -m orchestr8.cli
+```
+
+## Publishing to PyPI
+
+```bash
+# Build the package
+uv build
+
+# Publish to PyPI
+uv publish
+```
+
+## License
+
+MIT

orchestr8_platform-3.0.0/README.md

@@ -0,0 +1,126 @@
+# Orchestr8
+
+A unified SDK and CLI for automated Kubernetes platform management using GitOps principles.
+
+## Features
+
+- 🚀 **Zero-touch cluster bootstrapping** - Automated setup with minimal manual steps
+- 🔐 **Integrated secrets management** - AWS/GCP Secrets Manager support with automatic generation
+- 🤖 **Multiple interfaces** - Use as CLI or SDK for programmatic access
+- ☁️ **Multi-cloud ready** - Support for AWS, GCP, Azure, and local development
+- 🔄 **GitOps native** - Built on ArgoCD with the app-of-apps pattern
+- 🩺 **Built-in diagnostics** - Auto-running health checks and environment validation
+
+## Installation
+
+```bash
+# Install from PyPI
+uv tool install orchestr8-platform
+
+# Or add to your project
+uv add orchestr8-platform
+```
+
+## Quick Start
+
+### CLI Usage
+
+```bash
+# Interactive setup
+o8 setup
+
+# Non-interactive setup
+o8 setup \
+  --provider aws \
+  --cluster my-cluster \
+  --domain platform.example.com \
+  --github-org my-org \
+  --region us-east-1
+
+# Check status and validate environment
+o8 status
+o8 doctor
+
+# Validate prerequisites
+o8 validate
+```
+
+### SDK Usage
+
+```python
+from orchestr8 import Orchestr8SDK, Config, CloudProvider
+from orchestr8.core.config import GitHubConfig
+
+# Create configuration
+config = Config(
+    provider=CloudProvider.AWS,
+    region="us-east-1",
+    cluster_name="my-cluster",
+    domain="platform.example.com",
+    github=GitHubConfig(
+        org="my-org",
+        token="ghp_..."
+    )
+)
+
+# Initialize SDK
+sdk = Orchestr8SDK(config)
+
+# Run setup
+await sdk.setup()
+
+# Check status
+status = await sdk.get_status()
+```
+
+## Architecture
+
+Orchestr8 sets up:
+
+- **ArgoCD** - GitOps continuous delivery
+- **Istio** - Service mesh for traffic management
+- **Keycloak** - Identity and access management
+- **Prometheus/Grafana** - Monitoring and observability
+- **Cert-Manager** - Automatic TLS certificate management
+
+## Migration from Orchestr8
+
+If you're migrating from Orchestr8 Orchestrator (Orchestr8):
+
+1. **Install Orchestr8**: `uv tool install orchestr8-platform`
+2. **Update scripts**: Replace `orchestr8` commands with `o8`
+3. **Validate setup**: Run `o8 doctor` to check your environment
+4. **Update repositories**: Change repo references from `orchestr8` to `orchestr8`
+
+Your existing configurations will be automatically detected and migration prompts provided.
+
+## Development
+
+```bash
+# Clone the repository
+git clone https://github.com/killerapp/orchestr8
+cd orchestr8/o8-cli
+
+# Install dependencies
+uv sync
+
+# Run tests
+uv run pytest
+
+# Run CLI in development
+uv run python -m orchestr8.cli
+```
+
+## Publishing to PyPI
+
+```bash
+# Build the package
+uv build
+
+# Publish to PyPI
+uv publish
+```
+
+## License
+
+MIT

orchestr8_platform-3.0.0/pyproject.toml

@@ -0,0 +1,105 @@
+[build-system]
+requires = ["setuptools>=61.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "orchestr8-platform"
+version = "3.0.0"
+description = "Orchestr8 - Enterprise GitOps platform for Kubernetes orchestration"
+readme = "README.md"
+authors = [
+    {name = "Orchestr8 Team", email = "dev@agenticinsights.com"},
+]
+license = {text = "MIT"}
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: Developers",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Topic :: Software Development :: Libraries :: Python Modules",
+    "Topic :: System :: Systems Administration",
+]
+keywords = ["kubernetes", "gitops", "argocd", "platform", "orchestration"]
+requires-python = ">=3.11"
+dependencies = [
+    "typer>=0.9.0",
+    "rich>=13.7.0",
+    "boto3>=1.34.0",
+    "google-cloud-secret-manager>=2.16.0",
+    "google-cloud-container>=2.35.0",
+    "kubernetes>=29.0.0",
+    "pyyaml>=6.0.1",
+    "pydantic>=2.5.0",
+    "pygithub>=2.1.1",
+    "requests>=2.31.0",
+    "requests-oauthlib>=2.0.0",
+    "httpx>=0.28.1",
+    "bcrypt>=4.1.0",
+    "pyjwt>=2.8.0",
+    "azure-keyvault-secrets>=4.10.0",
+    "azure-identity>=1.24.0",
+]
+
+[project.urls]
+Homepage = "https://github.com/killerapp/orchestr8"
+Documentation = "https://orchestr8.agenticinsights.com"
+Repository = "https://github.com/killerapp/orchestr8"
+Issues = "https://github.com/killerapp/orchestr8/issues"
+
+[project.scripts]
+o8 = "orchestr8.cli:app"
+
+[project.optional-dependencies]
+# mcp = ["mcp>=0.1.0", "websockets>=12.0"]  # TODO: Enable when MCP is implemented
+
+[tool.uv]
+dev-dependencies = [
+    "pytest>=7.4.0",
+    "pytest-asyncio>=0.21.0",
+    "pytest-cov>=4.1.0",
+    "ruff>=0.1.0",
+    "mypy>=1.8.0",
+    "black>=23.12.0",
+    "python-semantic-release>=9.0.0",
+]
+
+[tool.semantic_release]
+version_variables = [
+    "src/orchestr8/__init__.py:__version__",
+]
+version_toml = [
+    "pyproject.toml:project.version",
+]
+build_command = "python -m build"
+commit_message = "chore(release): {version} [skip ci]\n\nAutomatically generated by python-semantic-release"
+tag_format = "v{version}"
+
+[tool.semantic_release.branches.main]
+match = "main"
+
+[tool.semantic_release.commit_parser_options]
+major_tags = ["BREAKING CHANGE", "BREAKING-CHANGE"]
+minor_tags = ["feat"]
+patch_tags = ["fix", "perf"]
+allowed_tags = ["build", "chore", "ci", "docs", "feat", "fix", "perf", "style", "refactor", "test"]
+
+[tool.pytest.ini_options]
+minversion = "3.0.0"
+addopts = "-ra -q --tb=short"
+testpaths = ["tests"]
+markers = [
+    "smoke: Quick smoke tests (unit tests, mocked APIs)",
+    "integration: Integration tests that may make real API calls",
+    "slow: Slow tests that set up/tear down infrastructure",
+    "cluster: Tests requiring actual Kubernetes cluster access",
+    "external: Tests requiring external services (AWS, GCP, Azure)",
+    "local: Tests for local development (Docker Desktop, minikube, kind)",
+    "docker: Tests requiring Docker Desktop Kubernetes",
+    "minikube: Tests requiring minikube cluster",
+    "kind: Tests requiring kind cluster",
+    "aws: Tests specific to AWS provider",
+    "gcp: Tests specific to GCP provider",
+    "azure: Tests specific to Azure provider"
+]

orchestr8_platform-3.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

orchestr8_platform-3.0.0/src/orchestr8/__init__.py

@@ -0,0 +1 @@
+__version__ = "3.0.0"

orchestr8_platform-3.0.0/src/orchestr8/auth/__init__.py

@@ -0,0 +1,16 @@
+"""Authentication module for Orchestr8."""
+
+from .github_oauth import GitHubDeviceFlow, GitHubAuthResult
+from .keycloak_idp import (
+    KeycloakIdentityProviderManager,
+    IdentityProviderType,
+    IdentityProviderConfig,
+)
+
+__all__ = [
+    "GitHubDeviceFlow",
+    "GitHubAuthResult",
+    "KeycloakIdentityProviderManager",
+    "IdentityProviderType",
+    "IdentityProviderConfig",
+]

orchestr8_platform-3.0.0/src/orchestr8/auth/github_oauth.py

@@ -0,0 +1,215 @@
+"""GitHub OAuth Device Flow implementation for Orchestr8."""
+
+import time
+import webbrowser
+from typing import Dict, Optional
+from dataclasses import dataclass
+import requests
+from rich.console import Console
+from rich.panel import Panel
+from rich.progress import Progress, SpinnerColumn, TextColumn
+
+
+@dataclass
+class GitHubAuthResult:
+    """Result of GitHub authentication."""
+
+    access_token: str
+    token_type: str
+    scope: str
+
+
+class GitHubDeviceFlow:
+    """GitHub OAuth Device Flow implementation."""
+
+    # GitHub OAuth endpoints
+    DEVICE_CODE_URL = "https://github.com/login/device/code"
+    TOKEN_URL = "https://github.com/login/oauth/access_token"
+
+    # Default Orchestr8 OAuth App Client ID
+    DEFAULT_CLIENT_ID = "Ov23liefXYUwEpx4AMWz"
+
+    def __init__(
+        self, console: Optional[Console] = None, client_id: Optional[str] = None
+    ):
+        self.console = console or Console()
+        self.client_id = client_id or self.DEFAULT_CLIENT_ID
+
+    def authenticate(self, scopes: Optional[str] = None) -> Optional[GitHubAuthResult]:
+        """
+        Perform GitHub OAuth device flow authentication.
+
+        Args:
+            scopes: OAuth scopes to request (e.g., "repo", "user:email")
+
+        Returns:
+            GitHubAuthResult with access token if successful, None otherwise
+        """
+        # Request device code
+        device_code_data = self._request_device_code(scopes)
+        if not device_code_data:
+            return None
+
+        # Show user instructions
+        self._display_auth_instructions(
+            device_code_data["user_code"], device_code_data["verification_uri"]
+        )
+
+        # Poll for token
+        token_data = self._poll_for_token(
+            device_code_data["device_code"], device_code_data["interval"]
+        )
+
+        if token_data:
+            return GitHubAuthResult(
+                access_token=token_data["access_token"],
+                token_type=token_data.get("token_type", "bearer"),
+                scope=token_data.get("scope", ""),
+            )
+
+        return None
+
+    def _request_device_code(self, scopes: Optional[str]) -> Optional[Dict]:
+        """Request device and user codes from GitHub."""
+        headers = {"Accept": "application/json"}
+        data = {"client_id": self.client_id}
+
+        if scopes:
+            data["scope"] = scopes
+
+        try:
+            response = requests.post(self.DEVICE_CODE_URL, headers=headers, data=data)
+            response.raise_for_status()
+            return response.json()
+        except requests.exceptions.RequestException as e:
+            self.console.print(f"[red]Failed to request device code: {e}[/red]")
+            return None
+
+    def _display_auth_instructions(self, user_code: str, verification_uri: str):
+        """Display authentication instructions to the user."""
+        self.console.print()
+        panel = Panel(
+            f"[bold cyan]Please visit:[/bold cyan] {verification_uri}\n"
+            f"[bold cyan]Enter code:[/bold cyan] [bold yellow]{user_code}[/bold yellow]",
+            title="🔐 GitHub Authentication Required",
+            border_style="cyan",
+        )
+        self.console.print(panel)
+
+        # Try to open browser automatically
+        try:
+            webbrowser.open(verification_uri)
+        except Exception:
+            pass
+
+    def _poll_for_token(self, device_code: str, interval: int) -> Optional[Dict]:
+        """Poll GitHub for access token."""
+        headers = {"Accept": "application/json"}
+        data = {
+            "client_id": self.client_id,
+            "device_code": device_code,
+            "grant_type": "urn:ietf:params:oauth:grant-type:device_code",
+        }
+
+        with Progress(
+            SpinnerColumn(),
+            TextColumn("[progress.description]{task.description}"),
+            console=self.console,
+            transient=True,
+        ) as progress:
+            task = progress.add_task("Waiting for authentication...", total=None)
+
+            while True:
+                try:
+                    response = requests.post(self.TOKEN_URL, headers=headers, data=data)
+                    response_data = response.json()
+
+                    if "access_token" in response_data:
+                        progress.update(task, completed=True)
+                        return response_data
+
+                    error = response_data.get("error")
+
+                    if error == "authorization_pending":
+                        # Still waiting for user to authorize
+                        time.sleep(interval)
+
+                    elif error == "slow_down":
+                        # Rate limited, increase interval
+                        interval = response_data.get("interval", interval + 5)
+                        time.sleep(interval)
+
+                    elif error == "expired_token":
+                        progress.update(
+                            task, description="[red]❌ Authentication expired[/red]"
+                        )
+                        self.console.print(
+                            "[red]The device code has expired. Please try again.[/red]"
+                        )
+                        return None
+
+                    elif error == "access_denied":
+                        progress.update(task, description="[red]❌ Access denied[/red]")
+                        self.console.print("[red]Authentication was denied.[/red]")
+                        return None
+
+                    else:
+                        # Unknown error
+                        progress.update(
+                            task, description=f"[red]❌ Error: {error}[/red]"
+                        )
+                        return None
+
+                except requests.exceptions.RequestException as e:
+                    progress.update(task, description="[red]❌ Network error[/red]")
+                    self.console.print(f"[red]Network error: {e}[/red]")
+                    return None
+
+    @staticmethod
+    def recommend_scopes(private_repos: bool = True) -> str:
+        """
+        Recommend OAuth scopes based on usage.
+
+        Args:
+            private_repos: Whether access to private repositories is needed
+
+        Returns:
+            Recommended scope string
+        """
+        if private_repos:
+            return "repo"  # Full repo access including private repos
+        else:
+            return ""  # No scope needed for public repos
+
+    def validate_token(self, token: str) -> bool:
+        """
+        Validate that a token has access to the required repository.
+
+        Args:
+            token: GitHub access token to validate
+
+        Returns:
+            True if token is valid and has repo access
+        """
+        headers = {
+            "Authorization": f"token {token}",
+            "Accept": "application/vnd.github.v3+json",
+        }
+
+        try:
+            # Check token validity and scopes
+            response = requests.get("https://api.github.com/user", headers=headers)
+
+            if response.status_code == 200:
+                # Check scopes from response headers (for debugging)
+                # scopes = response.headers.get("X-OAuth-Scopes", "")
+                return True
+            else:
+                self.console.print(
+                    f"[red]Token validation failed: {response.status_code}[/red]"
+                )
+                return False
+
+        except requests.exceptions.RequestException as e:
+            self.console.print(f"[red]Error validating token: {e}[/red]")
+            return False