outerbounds 0.3.183rc1__py3-none-any.whl → 0.3.185__py3-none-any.whl

outerbounds/apps/secrets.py

@@ -1,164 +0,0 @@
-from typing import Dict
-
-import base64
-import json
-import requests
-import random
-import time
-import sys
-
-from .utils import safe_requests_wrapper, TODOException
-
-
-class OuterboundsSecretsException(Exception):
-    pass
-
-
-class SecretNotFound(OuterboundsSecretsException):
-    pass
-
-
-class OuterboundsSecretsApiResponse:
-    def __init__(self, response):
-        self.response = response
-
-    @property
-    def secret_resource_id(self):
-        return self.response["secret_resource_id"]
-
-    @property
-    def secret_backend_type(self):
-        return self.response["secret_backend_type"]
-
-
-class SecretRetriever:
-    def get_secret_as_dict(self, secret_id, options={}, role=None):
-        """
-        Supports a special way of specifying secrets sources in outerbounds using the format:
-            @secrets(sources=["outerbounds.<integrations_name>"])
-
-        When invoked it makes a requests to the integrations secrets metadata endpoint on the
-        keywest server to get the cloud resource id for a secret. It then uses that to invoke
-        secrets manager on the core oss and returns the secrets.
-        """
-        headers = {"Content-Type": "application/json", "Connection": "keep-alive"}
-        perimeter, integrations_url = self._get_secret_configs()
-        integration_name = secret_id
-        request_payload = {
-            "perimeter_name": perimeter,
-            "integration_name": integration_name,
-        }
-        response = self._make_request(integrations_url, headers, request_payload)
-        secret_resource_id = response.secret_resource_id
-        secret_backend_type = response.secret_backend_type
-
-        from metaflow.plugins.secrets.secrets_decorator import (
-            get_secrets_backend_provider,
-        )
-
-        secrets_provider = get_secrets_backend_provider(secret_backend_type)
-        secret_dict = secrets_provider.get_secret_as_dict(
-            secret_resource_id, options={}, role=role
-        )
-
-        # Outerbounds stores secrets as binaries. Hence we expect the returned secret to be
-        # {<cloud-secret-name>: <base64 encoded full secret>}. We decode the secret here like:
-        # 1. decode the base64 encoded full secret
-        # 2. load the decoded secret as a json
-        # 3. decode the base64 encoded values in the dict
-        # 4. return the decoded dict
-        binary_secret = next(iter(secret_dict.values()))
-        return self._decode_secret(binary_secret)
-
-    def _is_base64_encoded(self, data):
-        try:
-            if isinstance(data, str):
-                # Check if the string can be base64 decoded
-                base64.b64decode(data).decode("utf-8")
-                return True
-            return False
-        except Exception:
-            return False
-
-    def _decode_secret(self, secret):
-        try:
-            result = {}
-            secret_str = secret
-            if self._is_base64_encoded(secret):
-                # we check if the secret string is base64 encoded because the returned secret from
-                # AWS secret manager is base64 encoded while the secret from GCP is not
-                secret_str = base64.b64decode(secret).decode("utf-8")
-
-            secret_dict = json.loads(secret_str)
-            for key, value in secret_dict.items():
-                result[key] = base64.b64decode(value).decode("utf-8")
-
-            return result
-        except Exception as e:
-            raise OuterboundsSecretsException(f"Error decoding secret: {e}")
-
-    def _get_secret_configs(self):
-        from metaflow_extensions.outerbounds.remote_config import init_config  # type: ignore
-        from os import environ
-
-        conf = init_config()
-        if "OBP_PERIMETER" in conf:
-            perimeter = conf["OBP_PERIMETER"]
-        else:
-            # if the perimeter is not in metaflow config, try to get it from the environment
-            perimeter = environ.get("OBP_PERIMETER", "")
-
-        if "OBP_INTEGRATIONS_URL" in conf:
-            integrations_url = conf["OBP_INTEGRATIONS_URL"]
-        else:
-            # if the integrations is not in metaflow config, try to get it from the environment
-            integrations_url = environ.get("OBP_INTEGRATIONS_URL", "")
-
-        if not perimeter:
-            raise OuterboundsSecretsException(
-                "No perimeter set. Please make sure to run `outerbounds configure <...>` command which can be found on the Ourebounds UI or reach out to your Outerbounds support team."
-            )
-
-        if not integrations_url:
-            raise OuterboundsSecretsException(
-                "No integrations url set. Please notify your Outerbounds support team about this issue."
-            )
-
-        integrations_secrets_metadata_url = f"{integrations_url}/secrets/metadata"
-        return perimeter, integrations_secrets_metadata_url
-
-    def _make_request(self, url, headers: Dict, payload: Dict):
-        try:
-            from metaflow.metaflow_config import SERVICE_HEADERS
-
-            request_headers = {**headers, **(SERVICE_HEADERS or {})}
-        except ImportError:
-            raise OuterboundsSecretsException(
-                "Failed to create app: No Metaflow service headers found"
-            )
-
-        response = safe_requests_wrapper(
-            requests.get,
-            url,
-            data=json.dumps(payload),
-            headers=request_headers,
-            conn_error_retries=5,
-            retryable_status_codes=[409],
-        )
-        self._handle_error_response(response)
-        return OuterboundsSecretsApiResponse(response.json())
-
-    @staticmethod
-    def _handle_error_response(response: requests.Response):
-        if response.status_code >= 500:
-            raise OuterboundsSecretsException(
-                f"Server error: {response.text}. Please reach out to your Outerbounds support team."
-            )
-        status_code = response.status_code
-        if status_code == 404:
-            raise SecretNotFound(f"Secret not found: {response.text}")
-
-        if status_code >= 400:
-            raise OuterboundsSecretsException(
-                f"status_code={status_code}\t\n\t\t{response.text}"
-            )

outerbounds/apps/utils.py

@@ -1,234 +0,0 @@
-import random
-import time
-import sys
-import json
-import requests
-from typing import Optional
-
-# This click import is not used to construct any ob
-# package cli. Its used only for printing stuff.
-# So we can use the static metaflow._vendor import path
-from metaflow._vendor import click
-from .app_config import CAPSULE_DEBUG
-import sys
-import threading
-import time
-import logging
-import itertools
-from typing import Union, Callable, Any, List
-
-# TODO: remove vendor'd dependency where.
-from outerbounds._vendor.spinner import (
-    Spinners,
-)
-
-
-class MultiStepSpinner:
-    """
-    A spinner that supports multi-step progress and configurable alignment.
-
-    Parameters
-    ----------
-    spinner : Spinners
-        Which spinner frames/interval to use.
-    text : str
-        Static text to display beside the spinner.
-    color : str, optional
-        Click color name.
-    align : {'left','right'}
-        Whether to render the spinner to the left (default) or right of the text.
-    """
-
-    def __init__(
-        self,
-        spinner: Spinners = Spinners.dots,
-        text: str = "",
-        color: Optional[str] = None,
-        align: str = "right",
-        file=sys.stdout,
-    ):
-        cfg = spinner.value
-        self.frames = cfg["frames"]
-        self.interval = float(cfg["interval"]) / 1000.0  # type: ignore
-        self.text = text
-        self.color = color
-        if align not in ("left", "right"):
-            raise ValueError("align must be 'left' or 'right'")
-        self.align = align
-        self._write_file = file
-        # precompute clear length: max frame width + space + text length
-        max_frame = max(self.frames, key=lambda x: len(x))  # type: ignore
-        self.clear_len = len(self.main_text) + len(max_frame) + 1
-
-        self._stop_evt = threading.Event()
-        self._pause_evt = threading.Event()
-        self._thread = None
-        self._write_lock = threading.Lock()
-
-    @property
-    def main_text(self):
-        # if self.text is a callable then call it
-        if callable(self.text):
-            return self.text()
-        return self.text
-
-    def _spin(self):
-        for frame in itertools.cycle(self.frames):
-            if self._stop_evt.is_set():
-                break
-            if self._pause_evt.is_set():
-                time.sleep(0.05)
-                continue
-
-            # ---- Core logging critical section ----
-            with self._write_lock:
-                symbol = click.style(frame, fg=self.color) if self.color else frame
-                if self.align == "left":
-                    msg = f"{symbol} {self.main_text}"
-                else:
-                    msg = f"{self.main_text} {symbol}"
-
-                click.echo(msg, nl=False, file=self._write_file)
-                click.echo("\r", nl=False, file=self._write_file)
-                self._write_file.flush()
-            # ---- End of critical section ----
-            time.sleep(self.interval)
-        # clear the line when done
-        self._clear_line()
-
-    def _clear_line(self):
-        with self._write_lock:
-            click.echo(" " * self.clear_len, nl=False, file=self._write_file)
-            click.echo("\r", nl=False, file=self._write_file)
-            self._write_file.flush()
-
-    def start(self):
-        if self._thread and self._thread.is_alive():
-            return
-        self._stop_evt.clear()
-        self._pause_evt.clear()
-        self._thread = threading.Thread(target=self._spin, daemon=True)
-        self._thread.start()
-
-    def stop(self):
-        self._stop_evt.set()
-        if self._thread:
-            self._thread.join()
-
-    def log(self, *messages: str):
-        """Pause the spinner, emit a ✔ + message, then resume."""
-        self._pause_evt.set()
-        self._clear_line()
-        # ---- Core logging critical section ----
-        with self._write_lock:
-            self._write_file.flush()
-            for message in messages:
-                click.echo(f"{message}", file=self._write_file, nl=True)
-            self._write_file.flush()
-        # ---- End of critical section ----
-        self._pause_evt.clear()
-
-    def __enter__(self):
-        self.start()
-        return self
-
-    def __exit__(self, exc_type, exc, tb):
-        self.stop()
-
-
-class SpinnerLogHandler(logging.Handler):
-    def __init__(self, spinner: MultiStepSpinner, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        self.spinner = spinner
-
-    def emit(self, record):
-        msg = self.format(record)
-        self.spinner.log(msg)
-
-
-class MaximumRetriesExceeded(Exception):
-    def __init__(self, url, method, status_code, text):
-        self.url = url
-        self.method = method
-        self.status_code = status_code
-        self.text = text
-
-    def __str__(self):
-        return f"Maximum retries exceeded for {self.url}[{self.method}] {self.status_code} {self.text}"
-
-
-class TODOException(Exception):
-    pass
-
-
-requests_funcs = [
-    requests.get,
-    requests.post,
-    requests.put,
-    requests.delete,
-    requests.patch,
-    requests.head,
-    requests.options,
-]
-
-
-def safe_requests_wrapper(
-    requests_module_fn,
-    *args,
-    conn_error_retries=2,
-    retryable_status_codes=[409],
-    logger_fn=None,
-    **kwargs,
-):
-    """
-    There are two categories of errors that we need to handle when dealing with any API server.
-    1. HTTP errors. These are are errors that are returned from the API server.
-        - How to handle retries for this case will be application specific.
-    2. Errors when the API server may not be reachable (DNS resolution / network issues)
-        - In this scenario, we know that something external to the API server is going wrong causing the issue.
-        - Failing pre-maturely in the case might not be the best course of action since critical user jobs might crash on intermittent issues.
-        - So in this case, we can just planely retry the request.
-
-    This function handles the second case. It's a simple wrapper to handle the retry logic for connection errors.
-    If this function is provided a `conn_error_retries` of 5, then the last retry will have waited 32 seconds.
-    Generally this is a safe enough number of retries after which we can assume that something is really broken. Until then,
-    there can be intermittent issues that would resolve themselves if we retry gracefully.
-    """
-    if requests_module_fn not in requests_funcs:
-        raise ValueError(
-            f"safe_requests_wrapper doesn't support {requests_module_fn.__name__}. You can only use the following functions: {requests_funcs}"
-        )
-
-    _num_retries = 0
-    noise = random.uniform(-0.5, 0.5)
-    response = None
-    while _num_retries < conn_error_retries:
-        try:
-            response = requests_module_fn(*args, **kwargs)
-            if response.status_code not in retryable_status_codes:
-                return response
-            if CAPSULE_DEBUG:
-                if logger_fn:
-                    logger_fn(
-                        f"[outerbounds-debug] safe_requests_wrapper: {response.url}[{requests_module_fn.__name__}] {response.status_code} {response.text}",
-                    )
-                else:
-                    print(
-                        f"[outerbounds-debug] safe_requests_wrapper: {response.url}[{requests_module_fn.__name__}] {response.status_code} {response.text}",
-                        file=sys.stderr,
-                    )
-            _num_retries += 1
-            time.sleep((2 ** (_num_retries + 1)) + noise)
-        except requests.exceptions.ConnectionError:
-            if _num_retries <= conn_error_retries - 1:
-                # Exponential backoff with 2^(_num_retries+1) seconds
-                time.sleep((2 ** (_num_retries + 1)) + noise)
-                _num_retries += 1
-            else:
-                raise
-    raise MaximumRetriesExceeded(
-        response.url,
-        requests_module_fn.__name__,
-        response.status_code,
-        response.text,
-    )

outerbounds/apps/validations.py

@@ -1,22 +0,0 @@
-import os
-from .app_config import AppConfig, AppConfigError
-from .secrets import SecretRetriever, SecretNotFound
-from .dependencies import bake_deployment_image
-
-
-def deploy_validations(app_config: AppConfig, cache_dir: str, logger):
-
-    # First check if the secrets for the app exist.
-    app_secrets = app_config.get("secrets", [])
-    secret_retriever = SecretRetriever()
-    for secret in app_secrets:
-        try:
-            secret_retriever.get_secret_as_dict(secret)
-        except SecretNotFound:
-            raise AppConfigError(f"Secret not found: {secret}")
-
-    # TODO: Next check if the compute pool exists.
-
-
-def run_validations(app_config: AppConfig):
-    pass

outerbounds-0.3.183rc1.dist-info/entry_points.txt

@@ -1,3 +0,0 @@
-[console_scripts]
-outerbounds=outerbounds.cli_main:cli
-