PyPI - sovereign - Versions diffs - 0.26.0__tar.gz → 0.28.0__tar.gz - Mend

sovereign 0.26.0tar.gz → 0.28.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of sovereign might be problematic. Click here for more details.

Files changed (61) hide show

{sovereign-0.26.0 → sovereign-0.28.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: sovereign
-Version: 0.26.0
+Version: 0.28.0
 Summary: Envoy Proxy control-plane written in Python
 Home-page: https://pypi.org/project/sovereign/
 License: Apache-2.0
@@ -44,13 +44,15 @@ Requires-Dist: glom (>=23.3.0,<24.0.0)
 Requires-Dist: gunicorn (>=22.0.0,<23.0.0)
 Requires-Dist: httptools (>=0.6.0,<0.7.0) ; extra == "httptools"
 Requires-Dist: orjson (>=3.9.15,<4.0.0) ; extra == "orjson"
+Requires-Dist: pydantic (>=2.7.2,<3.0.0)
+Requires-Dist: pydantic-settings (>=2.3.1,<3.0.0)
 Requires-Dist: redis (<=5.0.0)
 Requires-Dist: requests (>=2.31.0,<3.0.0)
 Requires-Dist: sentry-sdk (>=1.23.1,<2.0.0) ; extra == "sentry"
 Requires-Dist: structlog (>=23.1.0,<24.0.0)
 Requires-Dist: ujson (>=5.8.0,<6.0.0) ; extra == "ujson"
 Requires-Dist: uvicorn (>=0.23.2,<0.24.0)
-Requires-Dist: uvloop (>=0.17.0,<0.18.0)
+Requires-Dist: uvloop (>=0.19.0,<0.20.0)
 Project-URL: Documentation, https://vsyrakis.bitbucket.io/sovereign/docs/
 Project-URL: Repository, https://bitbucket.org/atlassian/sovereign/src/master/
 Description-Content-Type: text/markdown

{sovereign-0.26.0 → sovereign-0.28.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "sovereign"
-version = "0.26.0"
+version = "0.28.0"
 description = "Envoy Proxy control-plane written in Python"
 license = "Apache-2.0"
 packages = [
@@ -55,7 +55,7 @@ cachelib = "^0.10.2"
 glom = "^23.3.0"
 cryptography = "^42.0.5"
 fastapi = "^0.110.0"
-uvloop = "^0.17.0"
+uvloop = "^0.19.0"
 sentry-sdk = "^1.23.1"
 boto3 = {version = "^1.28.62", optional = true}
 datadog = {version = "^0.47.0", optional = true}
@@ -66,6 +66,8 @@ cashews = {extras = ["redis"], version = "^6.3.0", optional = true}
 redis = {version = "<= 5.0.0", optional = true}
 httptools = {version = "^0.6.0", optional = true}
 cachetools = "^5.3.2"
+pydantic = "^2.7.2"
+pydantic-settings = "^2.3.1"
 [tool.poetry.extras]
 sentry = ["sentry-sdk"]
@@ -114,6 +116,12 @@ lint        = { cmd = "pylint src/sovereign", help = "Run linter checks" }
 [tool.black]
 target-version = ['py311']
+[tool.mypy]
+plugins = [
+    "pydantic.mypy"
+]
+ignore_missing_imports = true
 [tool.coverage.run]
 omit = ["test/*"]

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/__init__.py RENAMED Viewed

@@ -4,7 +4,7 @@ from importlib.metadata import version
 from typing import Any, Mapping, Type
 from fastapi.responses import JSONResponse
-from pydantic.error_wrappers import ValidationError
+from pydantic import ValidationError
 from starlette.templating import Jinja2Templates
 from sovereign import config_loader

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/configuration.py RENAMED Viewed

@@ -1,7 +1,7 @@
 import os
 from typing import Any, Mapping
-from pydantic.error_wrappers import ValidationError
+from pydantic import ValidationError
 from sovereign import config_loader
 from sovereign.context import TemplateContext

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/discovery.py RENAMED Viewed

@@ -163,6 +163,8 @@ def filter_resources(
     that does not match the name of the resource.
     If Envoy did not specifically request anything, every resource is retained.
     """
+    if len(requested) == 0:
+        return generated
     return [resource for resource in generated if resource_name(resource) in requested]

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/schemas.py RENAMED Viewed

@@ -5,19 +5,20 @@ from dataclasses import dataclass
 from enum import Enum
 from os import getenv
 from types import ModuleType
-from typing import Any, Dict, List, Optional, Tuple, Type, Union
+from typing import Any, Dict, List, Optional, Self, Tuple, Type, Union
 from croniter import CroniterBadCronError, croniter
 from fastapi.responses import JSONResponse
 from jinja2 import Template, meta
 from pydantic import (
     BaseModel,
-    BaseSettings,
+    ConfigDict,
     Field,
     SecretStr,
-    root_validator,
-    validator,
+    model_validator,
+    field_validator,
 )
+from pydantic_settings import BaseSettings, SettingsConfigDict
 from sovereign.config_loader import Loadable, Serialization, jinja_env
 from sovereign.utils.crypto.suites import EncryptionType
@@ -65,11 +66,13 @@ class StatsdConfig(BaseModel):
     enabled: bool = False
     use_ms: bool = True
-    @validator("host", pre=True)
+    @field_validator("host", mode="before")
+    @classmethod
     def load_host(cls, v: str) -> Any:
         return Loadable.from_legacy_fmt(v).load()
-    @validator("port", pre=True)
+    @field_validator("port", mode="before")
+    @classmethod
     def load_port(cls, v: Union[int, str]) -> Any:
         if isinstance(v, int):
             return v
@@ -78,7 +81,8 @@ class StatsdConfig(BaseModel):
         else:
             raise ValueError(f"Received an invalid port: {v}")
-    @validator("tags", pre=True)
+    @field_validator("tags", mode="before")
+    @classmethod
     def load_tags(cls, v: Dict[str, Union[Loadable, str]]) -> Dict[str, Any]:
         ret = dict()
         for key, value in v.items():
@@ -108,14 +112,14 @@ class DiscoveryCacheConfig(BaseModel):
     socket_keepalive: bool = True  # Try to keep connections to redis around.
     ttl: int = 60
-    @root_validator
-    def set_default_protocol(cls, values: Dict[str, Any]) -> Dict[str, Any]:
-        secure = values.get("secure")
-        if secure:
-            values["protocol"] = "rediss://"
-        return values
+    @model_validator(mode="after")
+    def set_default_protocol(self) -> Self:
+        if self.secure:
+            self.protocol = "rediss://"
+        return self
-    @root_validator
+    @model_validator(mode="before")
+    @classmethod
     def set_environmental_variables(cls, values: Dict[str, Any]) -> Dict[str, Any]:
         if host := getenv("SOVEREIGN_DISCOVERY_CACHE_REDIS_HOST"):
             values["host"] = host
@@ -221,9 +225,9 @@ class ProcessedTemplate:
 class Locality(BaseModel):
-    region: str = Field(None)
-    zone: str = Field(None)
-    sub_zone: str = Field(None)
+    region: Optional[str] = Field(None)
+    zone: Optional[str] = Field(None)
+    sub_zone: Optional[str] = Field(None)
 class SemanticVersion(BaseModel):
@@ -255,8 +259,8 @@ class Node(BaseModel):
         description="The ``--service-cluster`` configured by the Envoy client",
     )
     metadata: Dict[str, Any] = Field(default_factory=dict, title="Key:value metadata")
-    locality: Locality = Field(Locality(), title="Locality")  # type: ignore
-    build_version: str = Field(
+    locality: Locality = Field(Locality(), title="Locality")
+    build_version: Optional[str] = Field(
         None,  # Optional in the v3 Envoy API
         title="Envoy build/release version string",
         description="Used to identify what version of Envoy the "
@@ -269,7 +273,7 @@ class Node(BaseModel):
     client_features: List[str] = []
     @property
-    def common(self) -> Tuple[str, str, str, BuildVersion, Locality]:
+    def common(self) -> Tuple[str, Optional[str], str, BuildVersion, Locality]:
         """
         Returns fields that are the same in adjacent proxies
         ie. proxies that are part of the same logical group
@@ -290,9 +294,11 @@ class Resources(List[str]):
     """
     def __contains__(self, item: object) -> bool:
-        if len(self) == 0:
+        if (
+            len(self) == 0
+        ):  # TODO: refactor to remove overriding __contains__; its being used in multiple places
             return True
-        return item in list(self)
+        return super().__contains__(item)
 class Status(BaseModel):
@@ -301,24 +307,29 @@ class Status(BaseModel):
     details: List[Any]
+def resources_factory() -> Resources:
+    return Resources()
 class DiscoveryRequest(BaseModel):
     node: Node = Field(..., title="Node information about the envoy proxy")
     version_info: str = Field(
         "0", title="The version of the envoy clients current configuration"
     )
     resource_names: Resources = Field(
-        Resources(), title="List of requested resource names"
+        default_factory=resources_factory, title="List of requested resource names"
     )
     hide_private_keys: bool = False
     type_url: Optional[str] = Field(
         None, title="The corresponding type_url for the requested resource"
     )
-    desired_controlplane: str = Field(
+    desired_controlplane: Optional[str] = Field(
         None, title="The host header provided in the Discovery Request"
     )
-    error_detail: Status = Field(
+    error_detail: Optional[Status] = Field(
         None, title="Error details from the previous xDS request"
     )
+    model_config = ConfigDict(arbitrary_types_allowed=True)
     @property
     def envoy_version(self) -> str:
@@ -328,6 +339,8 @@ class DiscoveryRequest(BaseModel):
         except AssertionError:
             try:
                 build_version = self.node.build_version
+                if build_version is None:
+                    return "default"
                 _, version, *_ = build_version.split("/")
             except (AttributeError, ValueError):
                 # TODO: log/metric this?
@@ -346,6 +359,11 @@ class DiscoveryRequest(BaseModel):
             self.desired_controlplane,
         )
+    @field_validator("resource_names", mode="before")
+    @classmethod
+    def validate_resources(cls, v: Union[Resources, List[str]]) -> Resources:
+        return Resources(v)
 class DiscoveryResponse(BaseModel):
     version_info: str = Field(
@@ -355,33 +373,35 @@ class DiscoveryResponse(BaseModel):
 class SovereignAsgiConfig(BaseSettings):
-    host: str = "0.0.0.0"
-    port: int = 8080
-    keepalive: int = 5
-    workers: int = multiprocessing.cpu_count() * 2 + 1
-    threads: int = 1
+    host: str = Field("0.0.0.0", alias="SOVEREIGN_HOST")
+    port: int = Field(8080, alias="SOVEREIGN_PORT")
+    keepalive: int = Field(5, alias="SOVEREIGN_KEEPALIVE")
+    workers: int = Field(
+        default_factory=lambda: multiprocessing.cpu_count() * 2 + 1,
+        alias="SOVEREIGN_WORKERS",
+    )
+    threads: int = Field(1, alias="SOVEREIGN_THREADS")
     reuse_port: bool = True
-    preload_app: bool = True
+    preload_app: bool = Field(True, alias="SOVEREIGN_PRELOAD")
     log_level: str = "warning"
     worker_class: str = "uvicorn.workers.UvicornWorker"
-    worker_timeout: int = 30
+    worker_timeout: int = Field(30, alias="SOVEREIGN_WORKER_TIMEOUT")
     worker_tmp_dir: str = "/dev/shm"
-    graceful_timeout: int = worker_timeout * 2
-    max_requests: int = 0
-    max_requests_jitter: int = 0
-    class Config:
-        fields = {
-            "host": {"env": "SOVEREIGN_HOST"},
-            "port": {"env": "SOVEREIGN_PORT"},
-            "keepalive": {"env": "SOVEREIGN_KEEPALIVE"},
-            "workers": {"env": "SOVEREIGN_WORKERS"},
-            "threads": {"env": "SOVEREIGN_THREADS"},
-            "preload_app": {"env": "SOVEREIGN_PRELOAD"},
-            "worker_timeout": {"env": "SOVEREIGN_WORKER_TIMEOUT"},
-            "max_requests": {"env": "SOVEREIGN_MAX_REQUESTS"},
-            "max_requests_jitter": {"env": "SOVEREIGN_MAX_REQUESTS_JITTER"},
-        }
+    graceful_timeout: Optional[int] = Field(None)
+    max_requests: int = Field(0, alias="SOVEREIGN_MAX_REQUESTS")
+    max_requests_jitter: int = Field(0, alias="SOVEREIGN_MAX_REQUESTS_JITTER")
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
+    @model_validator(mode="after")
+    def validate_graceful_timeout(self) -> Self:
+        if self.graceful_timeout is None:
+            self.graceful_timeout = self.worker_timeout * 2
+        return self
     def as_gunicorn_conf(self) -> Dict[str, Any]:
         return {
@@ -405,54 +425,45 @@ class SovereignConfig(BaseSettings):
     sources: List[ConfiguredSource]
     templates: Dict[str, Dict[str, Union[str, Loadable]]]
     template_context: Dict[str, Any] = {}
-    eds_priority_matrix: Dict[str, Dict[str, str]] = {}
+    eds_priority_matrix: Dict[str, Dict[str, int]] = {}
     modifiers: List[str] = []
     global_modifiers: List[str] = []
     regions: List[str] = []
     statsd: StatsdConfig = StatsdConfig()
-    auth_enabled: bool = False
-    auth_passwords: str = ""
-    encryption_key: str = ""
-    environment: str = "local"
-    debug_enabled: bool = False
-    sentry_dsn: str = ""
-    node_match_key: str = "cluster"
-    node_matching: bool = True
-    source_match_key: str = "service_clusters"
-    sources_refresh_rate: int = 30
-    cache_strategy: str = "context"
-    refresh_context: bool = False
-    context_refresh_rate: Optional[int]
-    context_refresh_cron: Optional[str]
-    dns_hard_fail: bool = False
-    enable_application_logs: bool = True
-    enable_access_logs: bool = True
-    log_fmt: Optional[str] = ""
-    ignore_empty_log_fields: bool = False
+    auth_enabled: bool = Field(False, alias="SOVEREIGN_AUTH_ENABLED")
+    auth_passwords: str = Field("", alias="SOVEREIGN_AUTH_PASSWORDS")
+    encryption_key: str = Field("", alias="SOVEREIGN_ENCRYPTION_KEY")
+    environment: str = Field("local", alias="SOVEREIGN_ENVIRONMENT")
+    debug_enabled: bool = Field(False, alias="SOVEREIGN_DEBUG_ENABLED")
+    sentry_dsn: str = Field("", alias="SOVEREIGN_SENTRY_DSN")
+    node_match_key: str = Field("cluster", alias="SOVEREIGN_NODE_MATCH_KEY")
+    node_matching: bool = Field(True, alias="SOVEREIGN_NODE_MATCHING")
+    source_match_key: str = Field(
+        "service_clusters", alias="SOVEREIGN_SOURCE_MATCH_KEY"
+    )
+    sources_refresh_rate: int = Field(30, alias="SOVEREIGN_SOURCES_REFRESH_RATE")
+    cache_strategy: str = Field("context", alias="SOVEREIGN_CACHE_STRATEGY")
+    refresh_context: bool = Field(False, alias="SOVEREIGN_REFRESH_CONTEXT")
+    context_refresh_rate: Optional[int] = Field(
+        None, alias="SOVEREIGN_CONTEXT_REFRESH_RATE"
+    )
+    context_refresh_cron: Optional[str] = Field(
+        None, alias="SOVEREIGN_CONTEXT_REFRESH_CRON"
+    )
+    dns_hard_fail: bool = Field(False, alias="SOVEREIGN_DNS_HARD_FAIL")
+    enable_application_logs: bool = Field(
+        True, alias="SOVEREIGN_ENABLE_APPLICATION_LOGS"
+    )
+    enable_access_logs: bool = Field(True, alias="SOVEREIGN_ENABLE_ACCESS_LOGS")
+    log_fmt: Optional[str] = Field("", alias="SOVEREIGN_LOG_FORMAT")
+    ignore_empty_log_fields: bool = Field(False, alias="SOVEREIGN_LOG_IGNORE_EMPTY")
     discovery_cache: DiscoveryCacheConfig = DiscoveryCacheConfig()
-    class Config:
-        fields = {
-            "auth_enabled": {"env": "SOVEREIGN_AUTH_ENABLED"},
-            "auth_passwords": {"env": "SOVEREIGN_AUTH_PASSWORDS"},
-            "encryption_key": {"env": "SOVEREIGN_ENCRYPTION_KEY"},
-            "environment": {"env": "SOVEREIGN_ENVIRONMENT"},
-            "debug_enabled": {"env": "SOVEREIGN_DEBUG_ENABLED"},
-            "sentry_dsn": {"env": "SOVEREIGN_SENTRY_DSN"},
-            "node_match_key": {"env": "SOVEREIGN_NODE_MATCH_KEY"},
-            "node_matching": {"env": "SOVEREIGN_NODE_MATCHING"},
-            "source_match_key": {"env": "SOVEREIGN_SOURCE_MATCH_KEY"},
-            "sources_refresh_rate": {"env": "SOVEREIGN_SOURCES_REFRESH_RATE"},
-            "cache_strategy": {"env": "SOVEREIGN_CACHE_STRATEGY"},
-            "refresh_context": {"env": "SOVEREIGN_REFRESH_CONTEXT"},
-            "context_refresh_rate": {"env": "SOVEREIGN_CONTEXT_REFRESH_RATE"},
-            "context_refresh_cron": {"env": "SOVEREIGN_CONTEXT_REFRESH_CRON"},
-            "dns_hard_fail": {"env": "SOVEREIGN_DNS_HARD_FAIL"},
-            "enable_application_logs": {"env": "SOVEREIGN_ENABLE_APPLICATION_LOGS"},
-            "enable_access_logs": {"env": "SOVEREIGN_ENABLE_ACCESS_LOGS"},
-            "log_fmt": {"env": "SOVEREIGN_LOG_FORMAT"},
-            "ignore_empty_fields": {"env": "SOVEREIGN_LOG_IGNORE_EMPTY"},
-        }
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
     @property
     def passwords(self) -> List[str]:
@@ -492,16 +503,15 @@ class TemplateSpecification(BaseModel):
 class NodeMatching(BaseSettings):
-    enabled: bool = True
-    source_key: str = "service_clusters"
-    node_key: str = "cluster"
-    class Config:
-        fields = {
-            "enabled": {"env": "SOVEREIGN_NODE_MATCHING_ENABLED"},
-            "source_key": {"env": "SOVEREIGN_SOURCE_MATCH_KEY"},
-            "node_key": {"env": "SOVEREIGN_NODE_MATCH_KEY"},
-        }
+    enabled: bool = Field(True, alias="SOVEREIGN_NODE_MATCHING_ENABLED")
+    source_key: str = Field("service_clusters", alias="SOVEREIGN_SOURCE_MATCH_KEY")
+    node_key: str = Field("cluster", alias="SOVEREIGN_NODE_MATCH_KEY")
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
 @dataclass
@@ -511,9 +521,15 @@ class EncryptionConfig:
 class AuthConfiguration(BaseSettings):
-    enabled: bool = False
-    auth_passwords: SecretStr = SecretStr("")
-    encryption_key: SecretStr = SecretStr("")
+    enabled: bool = Field(False, alias="SOVEREIGN_AUTH_ENABLED")
+    auth_passwords: SecretStr = Field(SecretStr(""), alias="SOVEREIGN_AUTH_PASSWORDS")
+    encryption_key: SecretStr = Field(SecretStr(""), alias="SOVEREIGN_ENCRYPTION_KEY")
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
     @staticmethod
     def _create_encryption_config(encryption_key_setting: str) -> EncryptionConfig:
@@ -534,37 +550,29 @@ class AuthConfiguration(BaseSettings):
         )
         return configs
-    class Config:
-        fields = {
-            "enabled": {"env": "SOVEREIGN_AUTH_ENABLED"},
-            "auth_passwords": {"env": "SOVEREIGN_AUTH_PASSWORDS"},
-            "encryption_key": {"env": "SOVEREIGN_ENCRYPTION_KEY"},
-        }
 class ApplicationLogConfiguration(BaseSettings):
-    enabled: bool = False
-    log_fmt: Optional[str] = None
+    enabled: bool = Field(False, alias="SOVEREIGN_ENABLE_APPLICATION_LOGS")
+    log_fmt: Optional[str] = Field(None, alias="SOVEREIGN_APPLICATION_LOG_FORMAT")
     # currently only support /dev/stdout as JSON
-    class Config:
-        fields = {
-            "enabled": {"env": "SOVEREIGN_ENABLE_APPLICATION_LOGS"},
-            "log_fmt": {"env": "SOVEREIGN_APPLICATION_LOG_FORMAT"},
-        }
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
 class AccessLogConfiguration(BaseSettings):
-    enabled: bool = True
-    log_fmt: Optional[str] = None
-    ignore_empty_fields: bool = False
-    class Config:
-        fields = {
-            "enabled": {"env": "SOVEREIGN_ENABLE_ACCESS_LOGS"},
-            "log_fmt": {"env": "SOVEREIGN_LOG_FORMAT"},
-            "ignore_empty_fields": {"env": "SOVEREIGN_LOG_IGNORE_EMPTY"},
-        }
+    enabled: bool = Field(True, alias="SOVEREIGN_ENABLE_ACCESS_LOGS")
+    log_fmt: Optional[str] = Field(None, alias="SOVEREIGN_LOG_FORMAT")
+    ignore_empty_fields: bool = Field(False, alias="SOVEREIGN_LOG_IGNORE_EMPTY")
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
 class LoggingConfiguration(BaseSettings):
@@ -574,11 +582,19 @@ class LoggingConfiguration(BaseSettings):
 class ContextConfiguration(BaseSettings):
     context: Dict[str, Loadable] = {}
-    refresh: bool = False
-    refresh_rate: Optional[int] = None
-    refresh_cron: Optional[str] = None
-    refresh_num_retries: int = 3
-    refresh_retry_interval_secs: int = 10
+    refresh: bool = Field(False, alias="SOVEREIGN_REFRESH_CONTEXT")
+    refresh_rate: Optional[int] = Field(None, alias="SOVEREIGN_CONTEXT_REFRESH_RATE")
+    refresh_cron: Optional[str] = Field(None, alias="SOVEREIGN_CONTEXT_REFRESH_CRON")
+    refresh_num_retries: int = Field(3, alias="SOVEREIGN_CONTEXT_REFRESH_NUM_RETRIES")
+    refresh_retry_interval_secs: int = Field(
+        10, alias="SOVEREIGN_CONTEXT_REFRESH_RETRY_INTERVAL_SECS"
+    )
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
     @staticmethod
     def context_from_legacy(context: Dict[str, str]) -> Dict[str, Loadable]:
@@ -587,20 +603,16 @@ class ContextConfiguration(BaseSettings):
             ret[key] = Loadable.from_legacy_fmt(value)
         return ret
-    @root_validator(pre=False)
-    def validate_single_use_refresh_method(
-        cls, values: Dict[str, Any]
-    ) -> Dict[str, Any]:
-        refresh_rate = values.get("refresh_rate")
-        refresh_cron = values.get("refresh_cron")
-        if (refresh_rate is not None) and (refresh_cron is not None):
+    @model_validator(mode="after")
+    def validate_single_use_refresh_method(self) -> Self:
+        if (self.refresh_rate is not None) and (self.refresh_cron is not None):
             raise RuntimeError(
-                f"Only one of SOVEREIGN_CONTEXT_REFRESH_RATE or SOVEREIGN_CONTEXT_REFRESH_CRON can be defined. Got {refresh_rate=} and {refresh_cron=}"
+                f"Only one of SOVEREIGN_CONTEXT_REFRESH_RATE or SOVEREIGN_CONTEXT_REFRESH_CRON can be defined. Got {self.refresh_rate=} and {self.refresh_cron=}"
             )
-        return values
+        return self
-    @root_validator
+    @model_validator(mode="before")
+    @classmethod
     def set_default_refresh_rate(cls, values: Dict[str, Any]) -> Dict[str, Any]:
         refresh_rate = values.get("refresh_rate")
         refresh_cron = values.get("refresh_cron")
@@ -609,7 +621,8 @@ class ContextConfiguration(BaseSettings):
             values["refresh_rate"] = 3600
         return values
-    @validator("refresh_cron")
+    @field_validator("refresh_cron")
+    @classmethod
     def validate_refresh_cron(cls, v: Optional[str]) -> Optional[str]:
         if v is None:
             return v
@@ -617,36 +630,34 @@ class ContextConfiguration(BaseSettings):
             raise CroniterBadCronError(f"'{v}' is not a valid cron expression")
         return v
-    class Config:
-        fields = {
-            "refresh": {"env": "SOVEREIGN_REFRESH_CONTEXT"},
-            "refresh_rate": {"env": "SOVEREIGN_CONTEXT_REFRESH_RATE"},
-            "refresh_cron": {"env": "SOVEREIGN_CONTEXT_REFRESH_CRON"},
-            "refresh_num_retries": {"env": "SOVEREIGN_CONTEXT_REFRESH_NUM_RETRIES"},
-            "refresh_retry_interval_secs": {
-                "env": "SOVEREIGN_CONTEXT_REFRESH_RETRY_INTERVAL_SECS"
-            },
-        }
 class SourcesConfiguration(BaseSettings):
-    refresh_rate: int = 30
-    cache_strategy: CacheStrategy = CacheStrategy.context
-    class Config:
-        fields = {
-            "refresh_rate": {"env": "SOVEREIGN_SOURCES_REFRESH_RATE"},
-            "cache_strategy": {"env": "SOVEREIGN_CACHE_STRATEGY"},
-        }
+    refresh_rate: int = Field(30, alias="SOVEREIGN_SOURCES_REFRESH_RATE")
+    cache_strategy: CacheStrategy = Field(
+        CacheStrategy.context, alias="SOVEREIGN_CACHE_STRATEGY"
+    )
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
 class LegacyConfig(BaseSettings):
     regions: Optional[List[str]] = None
-    eds_priority_matrix: Optional[Dict[str, Dict[str, str]]] = None
-    dns_hard_fail: Optional[bool] = None
-    environment: Optional[str] = None
+    eds_priority_matrix: Optional[Dict[str, Dict[str, int]]] = None
+    dns_hard_fail: Optional[bool] = Field(None, alias="SOVEREIGN_DNS_HARD_FAIL")
+    environment: Optional[str] = Field(None, alias="SOVEREIGN_ENVIRONMENT")
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
-    @validator("regions")
+    @field_validator("regions")
+    @classmethod
     def regions_is_set(cls, v: Optional[List[str]]) -> List[str]:
         if v is not None:
             warnings.warn(
@@ -659,7 +670,8 @@ class LegacyConfig(BaseSettings):
         else:
             return []
-    @validator("eds_priority_matrix")
+    @field_validator("eds_priority_matrix")
+    @classmethod
     def eds_priority_matrix_is_set(
         cls, v: Optional[Dict[str, Dict[str, Any]]]
     ) -> Dict[str, Dict[str, Any]]:
@@ -674,7 +686,8 @@ class LegacyConfig(BaseSettings):
         else:
             return {}
-    @validator("dns_hard_fail")
+    @field_validator("dns_hard_fail")
+    @classmethod
     def dns_hard_fail_is_set(cls, v: Optional[bool]) -> bool:
         if v is not None:
             warnings.warn(
@@ -688,7 +701,8 @@ class LegacyConfig(BaseSettings):
         else:
             return False
-    @validator("environment")
+    @field_validator("environment")
+    @classmethod
     def environment_is_set(cls, v: Optional[str]) -> Optional[str]:
         if v is not None:
             warnings.warn(
@@ -701,12 +715,6 @@ class LegacyConfig(BaseSettings):
         else:
             return None
-    class Config:
-        fields = {
-            "dns_hard_fail": {"env": "SOVEREIGN_DNS_HARD_FAIL"},
-            "environment": {"env": "SOVEREIGN_ENVIRONMENT"},
-        }
 class SovereignConfigv2(BaseSettings):
     sources: List[ConfiguredSource]
@@ -719,16 +727,16 @@ class SovereignConfigv2(BaseSettings):
     authentication: AuthConfiguration = AuthConfiguration()
     logging: LoggingConfiguration = LoggingConfiguration()
     statsd: StatsdConfig = StatsdConfig()
-    sentry_dsn: SecretStr = SecretStr("")
-    debug: bool = False
+    sentry_dsn: SecretStr = Field(SecretStr(""), alias="SOVEREIGN_SENTRY_DSN")
+    debug: bool = Field(False, alias="SOVEREIGN_DEBUG")
     legacy_fields: LegacyConfig = LegacyConfig()
     discovery_cache: DiscoveryCacheConfig = DiscoveryCacheConfig()
-    class Config:
-        fields = {
-            "sentry_dsn": {"env": "SOVEREIGN_SENTRY_DSN"},
-            "debug": {"env": "SOVEREIGN_DEBUG"},
-        }
+    model_config = SettingsConfigDict(
+        env_file=".env",
+        extra="ignore",
+        env_file_encoding="utf-8",
+        populate_by_name=True,
+    )
     @property
     def passwords(self) -> List[str]:
@@ -751,10 +759,10 @@ class SovereignConfigv2(BaseSettings):
         return self.__repr__()
     def __repr__(self) -> str:
-        return f"SovereignConfigv2({self.dict()})"
+        return f"SovereignConfigv2({self.model_dump()})"
     def show(self) -> Dict[str, Any]:
-        return self.dict()
+        return self.model_dump()
     @staticmethod
     def from_legacy_config(other: SovereignConfig) -> "SovereignConfigv2":

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/templates/resources.html RENAMED Viewed

@@ -88,14 +88,24 @@
             1: 'resource'
         } %}
         {% for resource in res %}
+            {% if "sovereign_error" in resource %}
+                <span class="panel-icon">
+                    <i class="fas fa-arrow-right" aria-hidden="true"></i>
+                </span>
+                <div class="notification is-danger">
+                    {{ resource["sovereign_error"] }}
+                </div>
+                {{ resource["sovereign_error"] }}
+            {% else %}
             {% set name = resource.get('name') or resource['cluster_name'] %}
             <a class="panel-block has-text-weight-medium"
-               href="/ui/resources/{{ resource_type }}/{{ name }}">
-        <span class="panel-icon">
-            <i class="fas fa-arrow-right" aria-hidden="true"></i>
-        </span>
-                {{ name }}
-            </a>
+                   href="/ui/resources/{{ resource_type }}/{{ name }}">
+                    <span class="panel-icon">
+                        <i class="fas fa-arrow-right" aria-hidden="true"></i>
+                    </span>
+                    {{ name }}
+                </a>
+            {% endif %}
         {% endfor %}
         <div class="panel-block">
             <p class="content is-small">

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/crypto.py RENAMED Viewed

@@ -79,6 +79,8 @@ class CipherContainer:
     @property
     def key_available(self) -> bool:
+        if not self.suites:
+            return False
         return self.suites[0].key_available
     AVAILABLE_CIPHERS: dict[EncryptionType | Literal["default"], type[CipherSuite]] = {

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/views/admin.py RENAMED Viewed

@@ -16,7 +16,7 @@ router = APIRouter()
 @router.get("/xds_dump", summary="Displays all xDS resources as JSON")
 async def display_config(
     xds_type: str = Query(
-        ..., title="xDS type", description="The type of request", example="clusters"
+        ..., title="xDS type", description="The type of request", examples=["clusters"]
     ),
     service_cluster: str = Query(
         "*", title="The clients service cluster to emulate in this XDS request"
@@ -48,7 +48,7 @@ async def display_config(
 )
 async def debug_template(
     xds_type: str = Query(
-        ..., title="xDS type", description="The type of request", example="clusters"
+        ..., title="xDS type", description="The type of request", examples=["clusters"]
     ),
     service_cluster: str = Query(
         "*", title="The clients service cluster to emulate in this XDS request"

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/views/interface.py RENAMED Viewed

@@ -103,8 +103,8 @@ async def resources(
             resource_type=xds_type,
             skip_auth=True,
         )
-    except KeyError:
-        ret["resources"] = []
+    except KeyError as e:
+        ret["resources"] = [{"sovereign_error": str(e)}]
     else:
         ret["resources"] += response.deserialize_resources()
     return html_templates.TemplateResponse(

{sovereign-0.26.0 → sovereign-0.28.0}/LICENSE.txt RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/README.md RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/app.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/config_loader.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/constants.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/context.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/error_info.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/logging/access_logger.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/logging/application_logger.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/logging/base_logger.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/logging/bootstrapper.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/logging/types.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/middlewares.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/modifiers/__init__.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/modifiers/lib.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/response_class.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/server.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/sources/__init__.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/sources/file.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/sources/inline.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/sources/lib.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/sources/poller.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/static/sass/style.scss RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/static/style.css RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/statistics.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/templates/base.html RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/templates/err.html RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/templates/ul_filter.html RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/testing/loaders.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/testing/modifiers.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/__init__.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/auth.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/__init__.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/suites/__init__.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/suites/aes_gcm_cipher.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/suites/base_cipher.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/suites/disabled_cipher.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/crypto/suites/fernet_cipher.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/dictupdate.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/eds.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/entry_point_loader.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/mock.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/resources.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/templates.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/timer.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/version_info.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/utils/weighted_clusters.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/views/__init__.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/views/crypto.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/views/discovery.py RENAMED Viewed

File without changes

{sovereign-0.26.0 → sovereign-0.28.0}/src/sovereign/views/healthchecks.py RENAMED Viewed

File without changes

sovereign 0.26.0__tar.gz → 0.28.0__tar.gz

Potentially problematic release.

sovereign 0.26.0tar.gz → 0.28.0tar.gz