reasoning-deployment-service 0.7.5__py3-none-any.whl → 0.8.4__py3-none-any.whl

reasoning_deployment_service/reasoning_deployment_service.py

@@ -1,4 +1,5 @@
 import json, os, subprocess, yaml, sys
+import uuid
 import urllib.parse, vertexai, google.auth
 import requests as _requests
 from typing import Dict, Optional, Tuple
@@ -17,7 +18,6 @@ DISCOVERY_ENGINE_URL = "https://discoveryengine.googleapis.com/v1alpha"
 
 class ReasoningEngineDeploymentService:
     def __init__(self, root_agent: BaseAgent, deployment_environment: str="DEV"):
-        # Setup logging
         self._setup_logging()
         
         self._check_required_files_exist()
@@ -35,6 +35,7 @@ class ReasoningEngineDeploymentService:
         self._oauth_client_id = None
         self._oauth_client_secret = None
         self._agent_space_engine = None
+        self._authorization_id = None
 
 
         self._load_agent_definition()
@@ -98,10 +99,16 @@ class ReasoningEngineDeploymentService:
     def info(self, message: str):
         self.logger.info(f"[DEPLOYMENT SERVICE: INFO]: {message}")
 
-    def _generate_authorization_id(self) -> str:
+    def _generate_authorization_id(self) -> Optional[str]:
         get_deployment_environment = os.getenv('AGENT_DEPLOYMENT_PIPELINE_ID', "LOCAL_RUN")
 
-        return f"{get_deployment_environment}-{self._reasoning_engine_name}-{self._agent_space_engine}-auth".lower()
+        if self._authorization_override:
+            return self._authorization_override.lower()
+        
+        if not self._authorization_override:
+            return None
+
+        return f"{get_deployment_environment}-{self._reasoning_engine_name}-{str(uuid.uuid4())}-auth".lower()
         
     def _load_runtime_variables(self):
         load_dotenv(dotenv_path=".env", override=True)
@@ -112,9 +119,15 @@ class ReasoningEngineDeploymentService:
                 runtime_vars[key] = os.environ[key]
         
         runtime_vars.update(self._runtime_variable_definitions or {})
-        runtime_vars.update({'AUTHORIZATION_ID': self._generate_authorization_id()})
+        local_auth_id = self._generate_authorization_id()
+
+        if self._use_authorization and local_auth_id:
+            runtime_vars.update({'AUTHORIZATION_ID': local_auth_id})
+            self._authorization_id = local_auth_id
+        runtime_vars.update({f"DEPLOYED_PROJECT_NUMBER": self._project_number})
+        runtime_vars.update({f"DEPLOYED_PROJECT_ID": self._project_id})
+        runtime_vars.update({f"AGENT_DEPLOYMENT_PIPELINE_ID": self._deployed_environment})
 
-        self._authorization_id = runtime_vars.get('AUTHORIZATION_ID')
         self._environment_variables = runtime_vars
 
     def _check_required_files_exist(self):
@@ -213,8 +226,6 @@ class ReasoningEngineDeploymentService:
         DEV_OAUTH_CLIENT_SECRET="""
 
         path.write_text(template.strip() + "\n")
-        
-        # Also update .gitignore to include logs
         self._update_gitignore()
         
         return path
@@ -256,7 +267,6 @@ class ReasoningEngineDeploymentService:
 
         config = {
             "defaults": {
-                "deployment_service": "0.7",
                 "reasoning_engine": {
                     "name": "reasoning-engine-dev",
                     "description": "A reasoning engine for development"
@@ -295,11 +305,6 @@ class ReasoningEngineDeploymentService:
 
         try:
             config = config['defaults']
-            deployment_service_version = config.get('deployment_service')
-            version = float(deployment_service_version)
-            if version < 0.7:
-                raise RuntimeError(f"Unsupported deployment_service version: {version}. Expected minimum '0.7'")
-            
             authorization = config['authorization']
             gemini_enterprise = config['gemini_enterprise']
             reasoning_engine = config['reasoning_engine']
@@ -308,14 +313,17 @@ class ReasoningEngineDeploymentService:
 
             reasoning_engine_name = reasoning_engine.get('name')
             reasoning_engine_description = reasoning_engine.get('description')
+            reasoning_engine_bypass = reasoning_engine.get('skip_build', False)
 
             gemini_enterprise_name = gemini_enterprise.get('name')
             gemini_enterprise_description = gemini_enterprise.get('description')
             gemini_enterprise_tool_description = gemini_enterprise.get('tool_description')
             gemini_enterprise_engine_id = gemini_enterprise.get('target_deployment_engine_id')
+            gemini_enterprise_icon_uri = gemini_enterprise.get('icon_uri')
 
-            print(gemini_enterprise)
 
+            self._reasoning_engine_bypass = reasoning_engine_bypass
+            self._icon_uri = gemini_enterprise_icon_uri
             self._agent_space_engine = gemini_enterprise_engine_id or os.getenv(f"{self.deployment_env}_AGENT_SPACE_ENGINE")
             self._required_scopes = authorization.get('scopes', [])
             self._agent_folder = "agent"
@@ -325,8 +333,9 @@ class ReasoningEngineDeploymentService:
             self._agent_space_description = gemini_enterprise_description
             self._agent_space_tool_description = gemini_enterprise_tool_description
             self._use_authorization = authorization.get('enabled', False)
+            self._authorization_override = authorization.get('authorization_id_override', None)
         except KeyError as e:
-             raise RuntimeError(f"Missing required key in agent.yaml: {e}")
+             raise RuntimeError(f"Missing required key in agent.yaml: {e}. Your agent.yaml file is not valid for this deployment service version.")
         
     def _load_deployment_environment_variables(self, deployment_environment: str):
         required_vars = ['PROJECT_ID', 'PROJECT_NUMBER', 'PROJECT_LOCATION', 'STAGING_BUCKET']
@@ -351,6 +360,8 @@ class ReasoningEngineDeploymentService:
 
                 setattr(self, f"_{var.lower()}", os.getenv(env_var))
 
+        self._deployed_environment = os.getenv(f"AGENT_DEPLOYMENT_PIPELINE_ID", "unregistered_environment")
+
     def _check_requirements_file_present(self):
         if not os.path.exists("requirements.txt"):
             raise RuntimeError("Missing requirements.txt file")
@@ -427,7 +438,10 @@ class ReasoningEngineDeploymentService:
             },
         }
 
-        if self._authorization_id:
+        if self._icon_uri:
+            payload["icon"] = {"uri": self._icon_uri}
+
+        if self._use_authorization and self._authorization_id:
             payload["adk_agent_definition"]["authorizations"] = [
                 f"projects/{self._project_number}/locations/global/authorizations/{self._authorization_id}"
             ]
@@ -530,7 +544,7 @@ class ReasoningEngineDeploymentService:
     def _create_authorization(self) -> dict:
         read_authorizations = self._read_engine_deployment_record()
 
-        if not self._authorization_id:
+        if not self._authorization_id or not self._use_authorization:
             self.warning("No authorization ID provided; skipping authorization creation.")
 
             return
@@ -613,8 +627,10 @@ class ReasoningEngineDeploymentService:
 
         return True
     
-    def _delete_authorization(self):
-        if not self._authorization_id:
+    def _delete_authorization(self, drop_authorization_for_refresh: Optional[str] = None):
+        auth_to_drop = drop_authorization_for_refresh or self._authorization_id
+
+        if not auth_to_drop:
             self.warning("No authorization ID provided; skipping deletion.")
             return
 
@@ -627,18 +643,21 @@ class ReasoningEngineDeploymentService:
 
         url = (
             f"{discovery_engine_url}/projects/{self._project_id}/locations/global/authorizations"
-            f"?authorizationId={self._authorization_id}"
+            f"?authorizationId={auth_to_drop}"
         )
 
         r = self._http.delete(url, headers=headers, timeout=60)
 
         if r.status_code < 400:
+            if drop_authorization_for_refresh:
+                self.info(f"Authorization {drop_authorization_for_refresh} deleted successfully for refresh.")
+                return True
+            
             self.info("Authorization deleted successfully.")
             self._authorization_id = None
             self._update_in_agent_space()
             return True
 
-        # Log API failure details to file only
         with open(self.log_filename, 'a') as f:
             timestamp = datetime.now().strftime('%Y-%m-%d %H:%M:%S,%f')[:-3]
             f.write(f"{timestamp} - ReasoningEngineDeployment - ERROR - Failed to delete authorization with status {r.status_code} {r.reason}\n")
@@ -651,9 +670,8 @@ class ReasoningEngineDeploymentService:
                 except:
                     pass
         
-        # Terminal message - simple
+
         self.error("Failed to delete authorization")
-        # This will also log the record file
         return False
 
     def one_deployment_with_everything_on_it(self, skip_engine_step=False):
@@ -791,6 +809,7 @@ class ReasoningEngineDeploymentService:
         new_description: Optional[str] = None,
         new_reasoning_engine: Optional[str] = None,
         new_authorizations: Optional[list[str]] = None,
+        icon_uri: Optional[str] = None,
     ) -> dict:
         """
         Safely patch metadata (displayName, description) and linkage fields
@@ -817,12 +836,15 @@ class ReasoningEngineDeploymentService:
             }
         }
 
+        if icon_uri:
+            agent_updates_body["icon"] = {"uri": icon_uri}
+
         self.info(agent_updates_body)
 
         headers = self._get_headers()
 
         update_mask = ["displayName", "description", "adk_agent_definition.tool_settings.tool_description", 
-                       "adk_agent_definition.provisioned_reasoning_engine.reasoning_engine", "adk_agent_definition.authorizations"]
+                       "adk_agent_definition.provisioned_reasoning_engine.reasoning_engine", "adk_agent_definition.authorizations", 'icon.uri']
         params = {"update_mask": ",".join(update_mask)}
         resp = self._http.patch(url, headers=headers, params=params, json=agent_updates_body, timeout=60)
 
@@ -856,6 +878,42 @@ class ReasoningEngineDeploymentService:
         r = self._http.patch(url, headers=headers, json=payload, timeout=60)
         r.raise_for_status()
         return r.json()
+    
+    def detect_scope_change(self, auth_full_name, want_scopes) -> Optional[bool]:
+        auth_url = f"{DISCOVERY_ENGINE_URL}/{auth_full_name}"
+        hdrs = self._get_headers().copy()
+
+        if "Authorization" in hdrs:
+            hdrs["Authorization"] = "Bearer ***"
+        
+        self.info(f"[AUTH] GET {auth_url} headers={json.dumps(hdrs)}")
+        r = self._http.get(auth_url, headers=self._get_headers(), timeout=60)
+        self.info(f"[AUTH] GET status={r.status_code} ct={r.headers.get('content-type','')}")
+        
+        try:
+            self.info(f"[AUTH] GET body={json.dumps(r.json(), indent=2)[:4000]}")
+        except Exception:
+            self.info(f"[AUTH] GET text={(r.text or '')[:1000]}")
+        r.raise_for_status()
+
+        data = r.json() or {}
+        existing_uri = (((data.get("serverSideOauth2") or {}).get("authorizationUri")) or "")
+        self.info(f"[AUTH] existing authorizationUri={existing_uri!r}")
+        existing_scopes = set()
+        
+        if existing_uri:
+            parsed = urlparse(existing_uri)
+            qs = parse_qs(parsed.query)
+            scope_str = (qs.get("scope", [""])[0] or "")
+            existing_scopes = set(scope_str.split())
+
+        self.info(
+            f"[AUTH] scopes existing={sorted(existing_scopes)} want={sorted(want_scopes)} "
+            f"missing={sorted(want_scopes - existing_scopes)} extra={sorted(existing_scopes - want_scopes)}"
+        )
+
+        if existing_scopes != want_scopes:
+            return True
 
     def one_github_deployment_to_go(self, skip_engine=False):
         """
@@ -873,6 +931,7 @@ class ReasoningEngineDeploymentService:
         )
 
         self._cicd_deploy = True
+        delete_old_authorization = False
         self.info(f"[INIT] vertexai.init(project={self._project_id}, location={self._project_location}, staging_bucket={self._staging_bucket})")
         vertexai.init(
             project=self._project_id,
@@ -884,7 +943,7 @@ class ReasoningEngineDeploymentService:
         engine_rn = self.find_engine_by_name(self._reasoning_engine_name)
         self.info(f"[ENGINE] find_engine_by_name -> {engine_rn}")
 
-        if not skip_engine:
+        if not skip_engine and not self._reasoning_engine_bypass:
             if not engine_rn:
                 self.info(f"[ENGINE] '{self._reasoning_engine_name}' not found. Creating...")
                 self.create_reasoning_engine()
@@ -901,58 +960,34 @@ class ReasoningEngineDeploymentService:
 
         self.info(f"[ENGINE] final engine_rn={engine_rn}")
 
+        if not engine_rn:
+            self.error("[ENGINE] Reasoning engine required for Agent Space deployment.")
+            raise RuntimeError("Reasoning engine resolution failed.")
+
         auth_full_name = None
-        if self._authorization_id:
+        if self._authorization_id and self._use_authorization:
             want_scopes = set(self._required_scopes or [])
             self.info(f"[AUTH] id={self._authorization_id} want_scopes={sorted(want_scopes)}")
             auth_full_name = self.find_authorization_by_id(self._authorization_id)
             self.info(f"[AUTH] find_authorization_by_id -> {auth_full_name}")
 
+            if auth_full_name and self.detect_scope_change(auth_full_name, want_scopes):
+                self.info(f"[AUTH] Scopes changed; patching authorization {self._authorization_id}...")
+                delete_old_authorization = auth_full_name
+                self._authorization_id = self._generate_authorization_id()
+                auth_full_name = None
+
             if not auth_full_name:
                 self.info(f"[AUTH] '{self._authorization_id}' not found. Creating...")
                 ok = self._create_authorization()
                 self.info(f"[AUTH] _create_authorization -> {ok}")
                 auth_full_name = self.find_authorization_by_id(self._authorization_id)
                 self.info(f"[AUTH] post-create resolve -> {auth_full_name}")
+
                 if not ok or not auth_full_name:
                     self.error("[AUTH] Creation failed or did not resolve.")
+
                     raise RuntimeError("Authorization creation failed.")
-            else:
-                auth_url = f"{DISCOVERY_ENGINE_URL}/{auth_full_name}"
-                hdrs = self._get_headers().copy()
-                if "Authorization" in hdrs:
-                    hdrs["Authorization"] = "Bearer ***"
-                self.info(f"[AUTH] GET {auth_url} headers={json.dumps(hdrs)}")
-                r = self._http.get(auth_url, headers=self._get_headers(), timeout=60)
-                self.info(f"[AUTH] GET status={r.status_code} ct={r.headers.get('content-type','')}")
-                try:
-                    self.info(f"[AUTH] GET body={json.dumps(r.json(), indent=2)[:4000]}")
-                except Exception:
-                    self.info(f"[AUTH] GET text={(r.text or '')[:1000]}")
-                r.raise_for_status()
-
-                data = r.json() or {}
-                existing_uri = (((data.get("serverSideOauth2") or {}).get("authorizationUri")) or "")
-                self.info(f"[AUTH] existing authorizationUri={existing_uri!r}")
-
-                existing_scopes = set()
-                if existing_uri:
-                    parsed = urlparse(existing_uri)
-                    qs = parse_qs(parsed.query)
-                    scope_str = (qs.get("scope", [""])[0] or "")
-                    existing_scopes = set(scope_str.split())
-
-                self.info(
-                    f"[AUTH] scopes existing={sorted(existing_scopes)} want={sorted(want_scopes)} "
-                    f"missing={sorted(want_scopes - existing_scopes)} extra={sorted(existing_scopes - want_scopes)}"
-                )
-
-                if existing_scopes != want_scopes:
-                    self.info("[AUTH] Scopes changed. Patching authorization...")
-                    self.update_authorization_scopes(self._authorization_id, list(want_scopes), self._oauth_client_id)
-                    self.info("[AUTH] Authorization updated.")
-                else:
-                    self.info("[AUTH] Scopes unchanged; no update needed.")
         else:
             self.info("[AUTH] No authorization_id configured; skipping authorization step.")
 
@@ -985,7 +1020,13 @@ class ReasoningEngineDeploymentService:
                 new_authorizations=[
                     f"projects/{self._project_number}/locations/global/authorizations/{self._authorization_id}"
                 ] if self._authorization_id else None,
+                icon_uri=self._icon_uri,
             )
             self.info(f"[AGENT] PATCH result -> {json.dumps(patched, indent=2)[:2000]}")
 
+
+        if delete_old_authorization:
+            self.info(f"[AUTH] Deleting old authorization {delete_old_authorization}...")
+            self._delete_authorization(delete_old_authorization)
+
         self.info("GitHub deployment completed successfully.")

{reasoning_deployment_service-0.7.5.dist-info → reasoning_deployment_service-0.8.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: reasoning-deployment-service
-Version: 0.7.5
+Version: 0.8.4
 Summary: Deployment helper for Vertex AI Reasoning Engines & Agent Spaces
 Author-email: Sergio Estrada <sergio.estrada@accenture.com>
 License: Apache-2.0

{reasoning_deployment_service-0.7.5.dist-info → reasoning_deployment_service-0.8.4.dist-info}/RECORD

@@ -1,5 +1,5 @@
 reasoning_deployment_service/__init__.py,sha256=xDuKt9gGviQiTV6vXBdkBvygnlAOIrwnUjVaMGZy0L4,670
-reasoning_deployment_service/reasoning_deployment_service.py,sha256=s_I6PYzTDhsmncnj0I5A1B3s3judboBJssz1FTZ62Ko,43774
+reasoning_deployment_service/reasoning_deployment_service.py,sha256=7hf5VYvAFuKXworJO_fVOLUU0v5LNJ40vRJJqdWpZaQ,45336
 reasoning_deployment_service/runner.py,sha256=A88IhRPPAWtqedWPWOVne3Lg16uXhXuqARKGD5ORsWc,5597
 reasoning_deployment_service/cli_editor/__init__.py,sha256=bN8NPkw8riB92pj2lAwJZuEMOQIO_RRuge0ehnJTW1I,118
 reasoning_deployment_service/cli_editor/api_client.py,sha256=bcuV0kEHxyNobqJ1k2Iwp73EaFjuOWa4XJ77MRrWQr0,33106
@@ -21,8 +21,8 @@ reasoning_deployment_service/gui_editor/src/ui/authorization_view.py,sha256=BoNc
 reasoning_deployment_service/gui_editor/src/ui/reasoning_engine_view.py,sha256=T_kBop74wHv8W7tk9aY17ty44rLu8Dc-vRZdRvhmeH0,13317
 reasoning_deployment_service/gui_editor/src/ui/reasoning_engines_view.py,sha256=IRjFlBbY98usAZa0roOonjvWQOsF6NBW4bBg_k8KnKI,7860
 reasoning_deployment_service/gui_editor/src/ui/ui_components.py,sha256=HdQHy-oSZ3GobQ3FNdH7y_w3ANbFiuf2rMoflAmff0A,55366
-reasoning_deployment_service-0.7.5.dist-info/METADATA,sha256=ZrVyhbEK7_QcEISP5966g529gOFC8TTS8edDs9Ug6zg,5302
-reasoning_deployment_service-0.7.5.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-reasoning_deployment_service-0.7.5.dist-info/entry_points.txt,sha256=onGKjR5ONTtRv3aqEtK863iw9Ty1kLcjfZlsplkRZrA,84
-reasoning_deployment_service-0.7.5.dist-info/top_level.txt,sha256=GKuQS1xHUYLZbatw9DmcYdBxxLhWhhGkV4FmFxgKdp0,29
-reasoning_deployment_service-0.7.5.dist-info/RECORD,,
+reasoning_deployment_service-0.8.4.dist-info/METADATA,sha256=3ylGfj_4YjvBThijeiUh1EhS2dKqTF46h9xmsWDAA-o,5302
+reasoning_deployment_service-0.8.4.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+reasoning_deployment_service-0.8.4.dist-info/entry_points.txt,sha256=onGKjR5ONTtRv3aqEtK863iw9Ty1kLcjfZlsplkRZrA,84
+reasoning_deployment_service-0.8.4.dist-info/top_level.txt,sha256=GKuQS1xHUYLZbatw9DmcYdBxxLhWhhGkV4FmFxgKdp0,29
+reasoning_deployment_service-0.8.4.dist-info/RECORD,,