wafer-cli 0.2.16__tar.gz → 0.2.18__tar.gz

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: wafer-cli
-Version: 0.2.16
+Version: 0.2.18
 Summary: CLI tool for running commands on remote GPUs and GPU kernel optimization agent
 Requires-Python: >=3.11
 Requires-Dist: typer>=0.12.0

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "wafer-cli"
-version = "0.2.16"
+version = "0.2.18"
 description = "CLI tool for running commands on remote GPUs and GPU kernel optimization agent"
 requires-python = ">=3.11"
 dependencies = [

wafer_cli-0.2.18/tests/test_auth.py

@@ -0,0 +1,193 @@
+"""Tests for authentication and credential management.
+
+Tests the auth module's token verification and network error handling.
+
+Run with: PYTHONPATH=. uv run pytest tests/test_auth.py -v
+"""
+
+from unittest.mock import MagicMock, patch
+
+import httpx
+import pytest
+
+# =============================================================================
+# Unit Tests for get_valid_token Network Error Handling
+# =============================================================================
+
+
+class TestGetValidTokenNetworkErrors:
+    """Test that get_valid_token handles network errors gracefully."""
+
+    def test_returns_none_on_read_timeout(self) -> None:
+        """get_valid_token returns None when verify_token times out."""
+        from wafer.auth import Credentials, get_valid_token
+
+        mock_creds = Credentials(
+            access_token="test_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", side_effect=httpx.ReadTimeout("timeout")):
+                result = get_valid_token()
+
+        assert result is None
+
+    def test_returns_none_on_connect_timeout(self) -> None:
+        """get_valid_token returns None when connection times out."""
+        from wafer.auth import Credentials, get_valid_token
+
+        mock_creds = Credentials(
+            access_token="test_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", side_effect=httpx.ConnectTimeout("timeout")):
+                result = get_valid_token()
+
+        assert result is None
+
+    def test_returns_none_on_connection_error(self) -> None:
+        """get_valid_token returns None when connection is refused."""
+        from wafer.auth import Credentials, get_valid_token
+
+        mock_creds = Credentials(
+            access_token="test_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", side_effect=httpx.ConnectError("refused")):
+                result = get_valid_token()
+
+        assert result is None
+
+    def test_returns_none_on_refresh_timeout(self) -> None:
+        """get_valid_token returns None when refresh token request times out."""
+        from wafer.auth import Credentials, get_valid_token
+
+        mock_creds = Credentials(
+            access_token="expired_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        # Create a mock 401 response for verify_token
+        mock_response = MagicMock()
+        mock_response.status_code = 401
+        http_error = httpx.HTTPStatusError("401", request=MagicMock(), response=mock_response)
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", side_effect=http_error):
+                with patch("wafer.auth.refresh_access_token", side_effect=httpx.ReadTimeout("timeout")):
+                    result = get_valid_token()
+
+        assert result is None
+
+    def test_returns_token_when_verify_succeeds(self) -> None:
+        """get_valid_token returns token when verification succeeds."""
+        from wafer.auth import Credentials, UserInfo, get_valid_token
+
+        mock_creds = Credentials(
+            access_token="valid_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        mock_user_info = UserInfo(user_id="user123", email="test@example.com")
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", return_value=mock_user_info):
+                result = get_valid_token()
+
+        assert result == "valid_token"
+
+    def test_returns_none_when_no_credentials(self) -> None:
+        """get_valid_token returns None when no credentials are stored."""
+        from wafer.auth import get_valid_token
+
+        with patch("wafer.auth.load_credentials", return_value=None):
+            result = get_valid_token()
+
+        assert result is None
+
+
+class TestVerifyTokenRaisesOnNetworkError:
+    """Document that verify_token raises network errors (caller must handle)."""
+
+    def test_verify_token_raises_read_timeout(self) -> None:
+        """verify_token raises ReadTimeout when API times out."""
+        from wafer.auth import verify_token
+
+        with patch("wafer.auth.get_api_url", return_value="https://api.example.com"):
+            with patch("httpx.Client") as mock_client_class:
+                mock_client = MagicMock()
+                mock_client.__enter__ = MagicMock(return_value=mock_client)
+                mock_client.__exit__ = MagicMock(return_value=False)
+                mock_client.post.side_effect = httpx.ReadTimeout("timeout")
+                mock_client_class.return_value = mock_client
+
+                with pytest.raises(httpx.ReadTimeout):
+                    verify_token("test_token")
+
+    def test_verify_token_raises_connect_error(self) -> None:
+        """verify_token raises ConnectError when API is unreachable."""
+        from wafer.auth import verify_token
+
+        with patch("wafer.auth.get_api_url", return_value="https://api.example.com"):
+            with patch("httpx.Client") as mock_client_class:
+                mock_client = MagicMock()
+                mock_client.__enter__ = MagicMock(return_value=mock_client)
+                mock_client.__exit__ = MagicMock(return_value=False)
+                mock_client.post.side_effect = httpx.ConnectError("refused")
+                mock_client_class.return_value = mock_client
+
+                with pytest.raises(httpx.ConnectError):
+                    verify_token("test_token")
+
+
+# =============================================================================
+# Unit Tests for get_auth_headers
+# =============================================================================
+
+
+class TestGetAuthHeaders:
+    """Test get_auth_headers returns empty dict on network errors."""
+
+    def test_returns_empty_dict_on_network_error(self) -> None:
+        """get_auth_headers returns {} when network error occurs."""
+        from wafer.auth import Credentials, get_auth_headers
+
+        mock_creds = Credentials(
+            access_token="test_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", side_effect=httpx.ReadTimeout("timeout")):
+                result = get_auth_headers()
+
+        assert result == {}
+
+    def test_returns_headers_on_success(self) -> None:
+        """get_auth_headers returns Bearer token when successful."""
+        from wafer.auth import Credentials, UserInfo, get_auth_headers
+
+        mock_creds = Credentials(
+            access_token="valid_token",
+            refresh_token="test_refresh",
+            email="test@example.com",
+        )
+
+        mock_user_info = UserInfo(user_id="user123", email="test@example.com")
+
+        with patch("wafer.auth.load_credentials", return_value=mock_creds):
+            with patch("wafer.auth.verify_token", return_value=mock_user_info):
+                result = get_auth_headers()
+
+        assert result == {"Authorization": "Bearer valid_token"}

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/wafer/auth.py

@@ -191,6 +191,10 @@ def get_valid_token() -> str | None:
         if e.response.status_code != 401:
             # Not an auth error, re-raise
             raise
+    except httpx.RequestError:
+        # Network error (timeout, connection refused, DNS failure, etc.)
+        # Cannot verify token - return None to trigger re-login prompt
+        return None
 
     # Token expired, try refresh
     if not creds.refresh_token:
@@ -203,6 +207,9 @@ def get_valid_token() -> str | None:
     except httpx.HTTPStatusError:
         # Refresh failed, need to re-login
         return None
+    except httpx.RequestError:
+        # Network error during refresh - return None to trigger re-login prompt
+        return None
 
 
 def _find_free_port() -> int:

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/wafer/evaluate.py

@@ -354,7 +354,8 @@ def _build_docker_pip_install_cmd(target: BaremetalTarget | VMTarget) -> str:
     )
 
     # Install uv (fast, reliable) - use pip3 for compatibility
-    commands.append("pip3 install uv")
+    # Use --break-system-packages for Python 3.12+ with PEP 668 externally managed environments
+    commands.append("pip3 install --break-system-packages uv")
 
     # Install torch with custom index if specified (like Modal's two-phase install)
     # Use --system --break-system-packages to install to container's Python

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/wafer/workspaces.py

@@ -13,7 +13,7 @@ import httpx
 from .api_client import get_api_url
 from .auth import get_auth_headers
 
-VALID_STATUSES = {"creating", "running"}
+VALID_STATUSES = {"creating", "running", "error"}
 
 
 def _get_client() -> tuple[str, dict[str, str]]:
@@ -211,17 +211,39 @@ def list_workspaces(json_output: bool = False) -> str:
     lines = ["Workspaces:", ""]
     for ws in workspaces:
         status = ws.get("status", "unknown")
-        status_icon = {"running": "●", "creating": "◐"}.get(status, "?")
+        status_icon = {"running": "●", "creating": "◐", "error": "✗"}.get(status, "?")
         lines.append(f"  {status_icon} {ws['name']} ({ws['id']})")
         lines.append(f"    GPU: {ws.get('gpu_type', 'N/A')} | Image: {ws.get('image', 'N/A')}")
-        if ws.get("ssh_host") and ws.get("ssh_port") and ws.get("ssh_user"):
+
+        if status == "error":
+            lines.append(
+                f"    Status: Provisioning failed. Delete and recreate: wafer workspaces delete {ws['name']}"
+            )
+        elif ws.get("ssh_host") and ws.get("ssh_port") and ws.get("ssh_user"):
+            ssh_line = f"    SSH: ssh -p {ws['ssh_port']} {ws['ssh_user']}@{ws['ssh_host']}"
+            if status == "creating":
+                ssh_line += " (finalizing...)"
+            lines.append(ssh_line)
+        elif status == "running":
             lines.append(
-                f"    SSH: ssh -p {ws['ssh_port']} {ws['ssh_user']}@{ws['ssh_host']}"
+                f"    Status: Running but SSH not ready. Try: wafer workspaces delete {ws['name']} && wafer workspaces create {ws['name']} --wait"
             )
         else:
-            lines.append("    SSH: Not ready (run: wafer workspaces ssh <name>)")
+            lines.append("    SSH: Not ready (workspace is still creating)")
         lines.append("")
 
+    # Add SSH tip for users with running workspaces
+    has_running_with_ssh = any(
+        ws.get("status") == "running" and ws.get("ssh_host")
+        for ws in workspaces
+    )
+    if has_running_with_ssh:
+        lines.append("Tip: SSH directly for interactive work. 'exec' is for quick commands only.")
+    
+    has_error = any(ws.get("status") == "error" for ws in workspaces)
+    if has_error:
+        lines.append("Note: Error workspaces are auto-cleaned after 12 hours.")
+
     return "\n".join(lines)
 
 
@@ -441,6 +463,12 @@ def sync_files(
         f"Workspace {workspace_id} has invalid status '{workspace_status}'. "
         f"Valid statuses: {VALID_STATUSES}"
     )
+    if workspace_status == "error":
+        raise RuntimeError(
+            f"Workspace provisioning failed. Delete and recreate:\n"
+            f"  wafer workspaces delete {workspace_id}\n"
+            f"  wafer workspaces create {ws.get('name', workspace_id)} --wait"
+        )
     if workspace_status != "running":
         raise RuntimeError(
             f"Workspace is {workspace_status}. Wait for it to be running before syncing."
@@ -448,9 +476,14 @@ def sync_files(
     ssh_host = ws.get("ssh_host")
     ssh_port = ws.get("ssh_port")
     ssh_user = ws.get("ssh_user")
-    assert ssh_host, "Workspace missing ssh_host"
+    if not ssh_host or not ssh_port or not ssh_user:
+        # Workspace is running but SSH credentials are missing - unusual state
+        raise RuntimeError(
+            f"Workspace is running but SSH not ready.\n"
+            f"  Delete and recreate: wafer workspaces delete {workspace_id}\n"
+            f"  Then: wafer workspaces create {ws.get('name', workspace_id)} --wait"
+        )
     assert isinstance(ssh_port, int) and ssh_port > 0, "Workspace missing valid ssh_port"
-    assert ssh_user, "Workspace missing ssh_user"
 
     # Build rsync command
     # -a: archive mode (preserves permissions, etc.)
@@ -607,16 +640,34 @@ def get_workspace(workspace_id: str, json_output: bool = False) -> str:
         f"  Last Used: {workspace.get('last_used_at', 'N/A')}",
     ]
 
-    if workspace.get("ssh_host"):
+    if status == "error":
+        lines.extend([
+            "",
+            "Provisioning failed. Delete and recreate:",
+            f"  wafer workspaces delete {workspace['name']}",
+            f"  wafer workspaces create {workspace['name']} --wait",
+            "",
+            "Note: Error workspaces are auto-cleaned after 12 hours.",
+        ])
+    elif workspace.get("ssh_host"):
         lines.extend([
             "",
             "SSH Info:",
             f"  Host: {workspace['ssh_host']}",
             f"  Port: {workspace.get('ssh_port', 22)}",
             f"  User: {workspace.get('ssh_user', 'root')}",
+            "",
+            "Tip: SSH directly for interactive work. 'exec' is for quick commands only.",
         ])
     elif status == "creating":
         lines.extend(["", "SSH: available once workspace is running"])
+    elif status == "running":
+        # Running but no SSH credentials - unusual state
+        lines.extend([
+            "",
+            "Status: Running but SSH not ready.",
+            f"  Delete and recreate: wafer workspaces delete {workspace['name']}",
+        ])
 
     return "\n".join(lines)
 

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/wafer_cli.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: wafer-cli
-Version: 0.2.16
+Version: 0.2.18
 Summary: CLI tool for running commands on remote GPUs and GPU kernel optimization agent
 Requires-Python: >=3.11
 Requires-Dist: typer>=0.12.0

{wafer_cli-0.2.16 → wafer_cli-0.2.18}/wafer_cli.egg-info/SOURCES.txt

@@ -1,6 +1,7 @@
 README.md
 pyproject.toml
 tests/test_analytics.py
+tests/test_auth.py
 tests/test_billing.py
 tests/test_cli_coverage.py
 tests/test_cli_parity_integration.py