PyPI - zenml-nightly - Versions diffs - 0.73.0.dev20250204__py3-none-any.whl → 0.73.0.dev20250206__py3-none-any.whl - Mend

zenml-nightly 0.73.0.dev20250204py3-none-any.whl → 0.73.0.dev20250206py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (46) hide show

zenml/VERSION +1 -1
zenml/cli/utils.py +42 -53
zenml/client.py +6 -2
zenml/constants.py +1 -0
zenml/integrations/gcp/image_builders/gcp_image_builder.py +5 -8
zenml/models/__init__.py +4 -2
zenml/models/v2/base/filter.py +34 -11
zenml/models/v2/base/scoped.py +4 -4
zenml/models/v2/core/artifact.py +3 -3
zenml/models/v2/core/artifact_version.py +22 -5
zenml/models/v2/core/model.py +13 -3
zenml/models/v2/core/model_version.py +13 -3
zenml/models/v2/core/pipeline.py +11 -4
zenml/models/v2/core/pipeline_run.py +20 -7
zenml/models/v2/core/run_template.py +13 -3
zenml/models/v2/core/step_run.py +9 -2
zenml/pipelines/pipeline_definition.py +28 -12
zenml/stack/stack.py +5 -0
zenml/zen_stores/schemas/artifact_schemas.py +31 -4
zenml/zen_stores/schemas/model_schemas.py +31 -6
zenml/zen_stores/schemas/pipeline_run_schemas.py +1 -1
zenml/zen_stores/schemas/pipeline_schemas.py +35 -8
zenml/zen_stores/schemas/run_template_schemas.py +42 -14
zenml/zen_stores/sql_zen_store.py +22 -56
{zenml_nightly-0.73.0.dev20250204.dist-info → zenml_nightly-0.73.0.dev20250206.dist-info}/METADATA +1 -1
{zenml_nightly-0.73.0.dev20250204.dist-info → zenml_nightly-0.73.0.dev20250206.dist-info}/RECORD +29 -46
zenml/zen_server/deploy/helm/.helmignore +0 -23
zenml/zen_server/deploy/helm/Chart.yaml +0 -12
zenml/zen_server/deploy/helm/README.md +0 -50
zenml/zen_server/deploy/helm/templates/NOTES.txt +0 -52
zenml/zen_server/deploy/helm/templates/_environment.tpl +0 -511
zenml/zen_server/deploy/helm/templates/_helpers.tpl +0 -70
zenml/zen_server/deploy/helm/templates/cert-secret.yaml +0 -45
zenml/zen_server/deploy/helm/templates/hpa.yaml +0 -32
zenml/zen_server/deploy/helm/templates/server-db-job.yaml +0 -121
zenml/zen_server/deploy/helm/templates/server-db-pvc.yaml +0 -25
zenml/zen_server/deploy/helm/templates/server-deployment.yaml +0 -132
zenml/zen_server/deploy/helm/templates/server-ingress.yaml +0 -59
zenml/zen_server/deploy/helm/templates/server-secret.yaml +0 -60
zenml/zen_server/deploy/helm/templates/server-service.yaml +0 -15
zenml/zen_server/deploy/helm/templates/serviceaccount.yaml +0 -27
zenml/zen_server/deploy/helm/templates/tests/test-connection.yaml +0 -15
zenml/zen_server/deploy/helm/values.yaml +0 -1008
{zenml_nightly-0.73.0.dev20250204.dist-info → zenml_nightly-0.73.0.dev20250206.dist-info}/LICENSE +0 -0
{zenml_nightly-0.73.0.dev20250204.dist-info → zenml_nightly-0.73.0.dev20250206.dist-info}/WHEEL +0 -0
{zenml_nightly-0.73.0.dev20250204.dist-info → zenml_nightly-0.73.0.dev20250206.dist-info}/entry_points.txt +0 -0

zenml/zen_server/deploy/helm/values.yaml DELETED Viewed

@@ -1,1008 +0,0 @@
-# Default values for zenml.
-imagePullSecrets: []
-nameOverride: ""
-fullnameOverride: ""
-# ZenML server related options.
-zenml:
-  replicaCount: 1
-  # The number of ZenML server worker threads to use. This controls the number
-  # of concurrent requests that each ZenML server pod/replica can handle at a
-  # time. If not specified, the default value is 40.
-  #
-  # NOTE: this value should be coordinated with the `zenml.database.poolSize`
-  # and `zenml.database.maxOverflow` values to ensure that the ZenML server
-  # workers do not block on database connections (i.e. the sum of the pool size
-  # and max overflow should be greater than or equal to the thread pool size).
-  #
-  # threadPoolSize: 40
-  image:
-    repository: zenmldocker/zenml-server
-    pullPolicy: Always
-    # Overrides the image tag whose default is the chart appVersion.
-    tag:
-  # ZenML Pro related options.
-  pro:
-    # Set `enabled` to true to enable ZenML Pro servers. If set, some of the
-    # configuration options in the `zenml` section will be overridden with
-    # values specific to ZenML Pro servers computed from the values set in the
-    # `pro` section.
-    enabled: false
-    # The URL where the ZenML Pro server API is reachable
-    apiURL: https://cloudapi.zenml.io
-    # The URL where the ZenML Pro dashboard is reachable.
-    dashboardURL: https://cloud.zenml.io
-    # Additional origins to allow in the CORS policy.
-    extraCorsOrigins:
-    # The ID of the ZenML Pro tenant to use.
-    tenantID:
-    # The name of the ZenML Pro tenant to use.
-    tenantName:
-    # The ID of the ZenML Pro organization to use.
-    organizationID:
-    # The name of the ZenML Pro organization to use.
-    organizationName:
-    # The enrollment key to use for the ZenML Pro tenant. If not specified,
-    # an enrollment key will be auto-generated.
-    enrollmentKey:
-  # The URL where the ZenML server API is reachable. If not specified, the
-  # clients will use the same URL used to connect them to the ZenML server.
-  #
-  # IMPORTANT: this value must be set for ZenML Pro servers.
-  serverURL:
-  # The URL where the ZenML dashboard is reachable.
-  # If not specified, the `serverURL` value is used. This should be
-  # configured if the dashboard is served from a different URL than the
-  # ZenML server.
-  #
-  # This is value is used to compute the dashboard URLs during the web login
-  # authentication workflow, to print dashboard URLs in log messages when
-  # running a pipeline and for other similar tasks.
-  #
-  # This value is overridden if the `zenml.pro.enabled` value is set.
-  dashboardURL:
-  debug: true
-  # Flag to enable/disable the tracking process of the analytics
-  analyticsOptIn: true
-  # ZenML server deployment type. This field is used for telemetry purposes.
-  # Example values are "local", "kubernetes", "aws", "gcp", "azure".
-  #
-  # This value is overridden if the `zenml.pro.enabled` value is set.
-  deploymentType:
-  # Authentication settings that control how the ZenML server authenticates
-  # its users.
-  auth:
-    # The ZenML authentication scheme. Use one of:
-    #
-    # NO_AUTH - No authentication
-    # HTTP_BASIC - HTTP Basic authentication
-    # OAUTH2_PASSWORD_BEARER - OAuth2 password bearer
-    # EXTERNAL - External authentication (e.g. via a remote authenticator)
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    authType: OAUTH2_PASSWORD_BEARER
-    # The secret key used to sign JWT tokens. This should be set to
-    # a random string with a recommended length of at least 32 characters, e.g.:
-    #
-    #   ```python
-    #   from secrets import token_hex
-    #   token_hex(32)
-    #   ```
-    #
-    # or:
-    #
-    #   ```shell
-    #   openssl rand -hex 32
-    #   ```
-    #
-    # If not explicitly set, a random key will be generated when the helm
-    # chart is installed and reused for all subsequent upgrades.
-    jwtSecretKey:
-    # The JWT token algorithm to use. Use one of:
-    #
-    # HS256 - HMAC using SHA-256 hash algorithm
-    # HS384 - HMAC using SHA-384 hash algorithm
-    # HS512 - HMAC using SHA-512 hash algorithm
-    jwtTokenAlgorithm: HS256
-    # The issuer of the JWT tokens. If not specified, the issuer is set to the
-    # ZenML Server ID.
-    jwtTokenIssuer:
-    # The audience of the JWT tokens. If not specified, the audience is set to
-    # the ZenML Server ID.
-    jwtTokenAudience:
-    # The leeway in seconds allowed when verifying the expiration time of JWT
-    # tokens.
-    jwtTokenLeewaySeconds: 10
-    # The expiration time of JWT tokens in minutes. If not specified, generated
-    # JWT tokens will not be set to expire.
-    #
-    # This value is automatically set if the `zenml.pro.enabled` value is set.
-    jwtTokenExpireMinutes:
-    # The name of the http-only cookie used to store the JWT tokens used to
-    # authenticate web clients. If not specified, the cookie name is set to a
-    # value computed from the ZenML server ID.
-    authCookieName:
-    # The domain of the http-only cookie used to store the JWT tokens used to
-    # authenticate web clients. If not specified, the cookie domain is set to
-    # the domain of the ZenML server.
-    authCookieDomain:
-    # The origins allowed to make cross-origin requests to the ZenML server. If
-    # not specified, all origins are allowed. Set this when the ZenML dashboard
-    # is hosted on a different domain than the ZenML server.
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    corsAllowOrigins:
-      - "*"
-    # The maximum number of failed authentication attempts allowed for an OAuth
-    # 2.0 device before the device is locked.
-    #
-    # This value is ignored if the `zenml.auth.authType` is set to `EXTERNAL` or
-    # `NO_AUTH`.
-    maxFailedDeviceAuthAttempts: 3
-    # The timeout in seconds after which a pending OAuth 2.0 device
-    # authorization request expires.
-    #
-    # This value is ignored if the `zenml.auth.authType` is set to `EXTERNAL` or
-    # `NO_AUTH`.
-    deviceAuthTimeout: 300
-    # The polling interval in seconds used by clients to poll the OAuth 2.0
-    # device authorization endpoint for the status of a pending device
-    # authorization request.
-    #
-    # This value is ignored if the `zenml.auth.authType` is set to `EXTERNAL` or
-    # `NO_AUTH`.
-    deviceAuthPollingInterval: 5
-    # The time in minutes that an OAuth 2.0 device is allowed to be used to
-    # authenticate with the ZenML server. If not set or if
-    # `zenml.auth.jwtTokenExpireMinutes` is not set, the devices are allowed to
-    # be used indefinitely. This controls the expiration time of the JWT tokens
-    # issued to clients after they have authenticated with the ZenML server
-    # using an OAuth 2.0 device.
-    #
-    # This value is ignored if the `zenml.auth.authType` is set to `EXTERNAL` or
-    # `NO_AUTH`.
-    deviceExpirationMinutes:
-    # The time in minutes that a trusted OAuth 2.0 device is allowed to be used
-    # to authenticate with the ZenML server. If not set or if
-    # `zenml.auth.jwtTokenExpireMinutes` is not set, the devices are allowed to
-    # be used indefinitely. This controls the expiration time of the JWT tokens
-    # issued to clients after they have authenticated with the ZenML server
-    # using an OAuth 2.0 device that was previously trusted by the user.
-    #
-    # This value is ignored if the `zenml.auth.authType` is set to `EXTERNAL` or
-    # `NO_AUTH`.
-    trustedDeviceExpirationMinutes:
-    # The login URL of an external authenticator service to use with the
-    # `EXTERNAL` authentication scheme. Only relevant if `zenml.auth.authType`
-    # is set to `EXTERNAL`.
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    externalLoginURL:
-    # The user info URL of an external authenticator service to use with the
-    # `EXTERNAL` authentication scheme. Only relevant if `zenml.auth.authType`
-    # is set to `EXTERNAL`.
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    externalUserInfoURL:
-    # The UUID of the ZenML server to use with the `EXTERNAL` authentication
-    # scheme. If not specified, the regular ZenML server ID (deployment ID) is
-    # used.
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    externalServerID:
-    # Source pointing to a class implementing the RBAC interface defined by
-    # `zenml.zen_server.rbac.rbac_interface.RBACInterface`. If not specified,
-    # RBAC will not be enabled for this server.
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    rbacImplementationSource:
-    # Source pointing to a class implementing the feature gate interface defined
-    # by `zenml.zen_server.feature_gate.feature_gate_interface.FeatureGateInterface`.
-    # If not specified, feature gating will not be enabled for this server.
-    #
-    # This value is overridden if the `zenml.pro.enabled` value is set.
-    featureGateImplementationSource:
-  # The root URL path to use when behind a proxy. This is useful when the
-  # `rewrite-target` annotation is used in the ingress controller, e.g.:
-  #
-  # ```yaml
-  # rootUrlPath: /zenml
-  #
-  # ingress:
-  #   enabled: true
-  #   className: "nginx"
-  #   annotations:
-  #     nginx.ingress.kubernetes.io/rewrite-target: /$1
-  #   host:
-  #   path: /zenml/?(.*)
-  # ```
-  rootUrlPath:
-  defaultProject: default
-  # Implicit authentication methods featured by service connectors that support
-  # them are disabled by default, for security reasons. This is because they
-  # allow users to authenticate to the cloud provider where ZenML is running
-  # without having to provide any credentials.
-  enableImplicitAuthMethods: false
-  # MySQL database configuration. If not set, a local sqlite database will be
-  # used, which will not be persisted across pod restarts.
-  # NOTE: the certificate files need to be copied in the helm chart folder and
-  # the paths configured here need to be relative to the root of the helm chart.
-  database:
-    # url: "mysql://admin:password@zenml-mysql:3306/database"
-    # sslCa: /path/to/ca.pem
-    # sslCert: /path/to/client-cert.pem
-    # sslKey: /path/to/client-key.pem
-    # sslVerifyServerCert: True
-    # Connection pool settings (only relevant for MySQL databases).
-    #
-    # NOTE: these values should be coordinated with the `zenml.threadPoolSize`
-    # to ensure that the ZenML server workers do not block on database
-    # connections (i.e. the sum of the pool size and max overflow should be
-    # greater than or equal to the thread pool size).
-    #
-    # poolSize: 20
-    # maxOverflow: 20
-    # ZenML supports backing up the database before DB migrations are performed
-    # and restoring it in case of a DB migration failure. For more information,
-    # see the following documentation:
-    # https://docs.zenml.io/getting-started/deploying-zenml/deploy-with-helm#database-backup-and-recovery
-    #
-    # Several backup strategies are supported:
-    #
-    # disabled - no backup is performed
-    # in-memory - the database schema and data are stored in memory. This is
-    #             the fastest backup strategy, but the backup is not persisted
-    #             across pod restarts, so no manual intervention is possible
-    #             in case the automatic DB recovery fails after a failed DB
-    #             migration. Adequate memory resources should be allocated to
-    #             the ZenML server pod when using this backup strategy with
-    #             large databases.
-    #             This is the default backup strategy.
-    # dump-file - the database schema and data are dumped to a local file.
-    #             Users may optionally configure a persistent volume where
-    #             the dump file will be stored by setting the
-    #             `backupPVStorageSize` and optionally the
-    #             `backupPVStorageClass` options. If a
-    #             persistent volume is not configured, the dump file will be
-    #             stored in an emptyDir volume, which is not persisted.
-    #             NOTE: you should set the podSecurityContext.fsGroup option
-    #             if you are using a persistent volume to store the dump file.
-    # database - the database is copied to a backup database in the same
-    #            database server. This requires the `backupDatabase`
-    #            option to be set to the name of the backup database.
-    #            This backup strategy is only supported for MySQL
-    #            compatible databases and the user specified in the
-    #            database URL must have permissions to manage (create, drop, and
-    #            modify) the backup database in addition to the main
-    #            database.
-    backupStrategy: in-memory
-    # backupPVStorageClass: standard
-    # backupPVStorageSize: 1Gi
-    # backupDatabase: "zenml_backup"
-  # Secrets store settings. This is used to store centralized secrets.
-  secretsStore:
-    # Set to false to disable the secrets store.
-    enabled: true
-    # The type of secrets store to use. Use one of:
-    #
-    # sql - Use the same SQL database as the ZenML server
-    # aws - Use the AWS Secrets Manager as a secrets store
-    # gcp - Use the GCP Secrets Manager as a secrets store
-    # azure - Use the Azure Key Vault as a secrets store
-    # hashicorp - Use the HashiCorp Vault as a secrets store
-    # custom - Use a custom secrets store implementation (needs a custom
-    #          ZenML server image with the custom secrets store implementation
-    #          installed)
-    #
-    # Depending on the type, additional configuration options may be required
-    # under the respective sections.
-    #
-    type: sql
-    # SQL secrets store configuration. Only relevant if the `sql` secrets store
-    # type is configured.
-    sql:
-      # The secret key used to encrypt secrets in the SQL database. Only relevant
-      # if the SQL secrets store type is used. This should be set to a random
-      # string with a recommended length of at least 32 characters, e.g.:
-      #
-      #   ```python
-      #   from secrets import token_hex
-      #   token_hex(32)
-      #   ```
-      #
-      # or:
-      #
-      #   ```shell
-      #   openssl rand -hex 32
-      #   ```
-      #
-      # If not set, database secret encryption will be disabled.
-      #
-      # IMPORTANT: If you configure encryption for your SQL database secrets
-      # store, you should keep this value somewhere safe and secure, as it will be
-      # required to decrypt the secrets in the database. If you lose the
-      # encryption key, you will not be able to decrypt the secrets in the
-      # database and will have to reset them. You should not change this value
-      # after you have already configured encryption for your SQL database
-      # secrets store.
-      encryptionKey:
-    # AWS secrets store configuration. Only relevant if the `aws` secrets store
-    # type is configured.
-    #
-    # The AWS secrets store uses the AWS Service Connector under the hood to
-    # authenticate with the AWS Secrets Manager API. This means that you can
-    # use the same authentication methods and configuration as you would use for
-    # the AWS Service Connector. Just set the `authMethod` field to the
-    # authentication method that you want to use and set the required
-    # configuration attributes under the `authConfig` field.
-    #
-    # For a list of supported authentication methods and their configuration
-    # options, see the following documentation:
-    # https://docs.zenml.io/how-to/auth-management/aws-service-connector#authentication-methods
-    #
-    # You can also use the ZenML CLI to get the list of supported authentication
-    # methods and their configuration options, e.g.:
-    #
-    #   ```shell
-    #   zenml service-connector describe-type aws
-    #   zenml service-connector describe-type aws --auth-method secret-key
-    #   ```
-    aws:
-      # The AWS Service Connector authentication method to use. The currently
-      # supported authentication methods are:
-      #
-      # - implicit - Use the IAM role attached to the ZenML server pod or
-      #              environment variables to authenticate with the AWS Secrets
-      #              Manager API
-      # - secret-key - Use an AWS secret key
-      # - iam-role - Use an IAM role
-      # - session-token - Use an AWS session token derived from an AWS secret
-      #                   key
-      # - federation-token - Use an AWS federation token derived from an AWS
-      #                      secret key
-      authMethod: secret-key
-      # The AWS Service Connector authentication configuration. This should
-      # include the corresponding authentication configuration attributes for
-      # the `authMethod` that you have chosen above.
-      authConfig:
-        # The AWS region to use. This must be set to the region where the AWS
-        # Secrets Manager service that you want to use is located. Mandatory
-        # for all authentication methods.
-        region:
-        # The AWS access key and secret key to use to authenticate with the AWS
-        # Secrets Manager instance. Both are required if the `authMethod` is set
-        # to `secret-key`, `sts-token`, `iam-role`, or `federation-token`.
-        aws_access_key_id:
-        aws_secret_access_key:
-        # The AWS role ARN to use to authenticate with the AWS Secrets Manager
-        # instance. Required if the `authMethod` is set to `iam-role`. Optional
-        # if the `authMethod` is set to `implicit`.
-        role_arn:
-      # The AWS region to use. This must be set to the region where the AWS
-      # Secrets Manager service that you want to use is located.
-      #
-      # NOTE: deprecated; use `authConfig.region` instead.
-      region_name:
-      # The AWS credentials to use to authenticate with the AWS Secrets
-      # Manager instance. You can omit these if you are running the ZenML server
-      # in an AWS EKS cluster that has an IAM role attached to it that has
-      # permissions to access the AWS Secrets Manager instance.
-      #
-      # NOTE: deprecated; use `authConfig.aws_access_key_id`,
-      # and `authConfig.aws_secret_access_key` instead.
-      aws_access_key_id:
-      aws_secret_access_key:
-      aws_session_token:
-    # GCP secrets store configuration. Only relevant if the `gcp` secrets store
-    # type is configured.
-    #
-    # The GCP secrets store uses the GCP Service Connector under the hood to
-    # authenticate with the GCP Secrets Manager API. This means that you can
-    # use the same authentication methods and configuration as you would use for
-    # the GCP Service Connector. Just set the `authMethod` field to the
-    # authentication method that you want to use and set the required
-    # configuration attributes under the `authConfig` field.
-    #
-    # For a list of supported authentication methods and their configuration
-    # options, see the following documentation:
-    # https://docs.zenml.io/how-to/auth-management/gcp-service-connector#authentication-methods
-    #
-    # You can also use the ZenML CLI to get the list of supported authentication
-    # methods and their configuration options, e.g.:
-    #
-    #   ```shell
-    #   zenml service-connector describe-type gcp
-    #   zenml service-connector describe-type gcp --auth-method service-account
-    #   ```
-    gcp:
-      # The GCP Service Connector authentication method to use. The currently
-      # supported authentication methods are:
-      #
-      # - implicit - Use the GCP service account attached to the ZenML server
-      #              pod or environment variables to authenticate with the GCP
-      #              Secrets Manager API
-      # - user-account - Use a GCP user account
-      # - service-account - Use a GCP service account
-      # - impersonation - Use the GCP service account impersonation feature
-      authMethod: service-account
-      # The GCP Service Connector authentication configuration. This should
-      # include the corresponding authentication configuration attributes for
-      # the `authMethod` that you have chosen above.
-      authConfig:
-        # The GCP project ID to use. This must be set to the project ID where
-        # the GCP Secrets Manager service that you want to use is located.
-        # Mandatory for all authentication methods.
-        project_id:
-        # The GCP user account credentials to use to authenticate with the GCP
-        # Secrets Manager instance. Required if the `authMethod` is set to
-        # `user-account`.
-        user_account_json:
-        # The GCP service account credentials to use to authenticate with the
-        # GCP Secrets Manager instance. Required if the `authMethod` is set to
-        # `service-account` or `impersonation`.
-        service_account_json:
-        # The GCP service account to impersonate when authenticating with the
-        # GCP Secrets Manager instance. Required if the `authMethod` is set to
-        # `impersonation`.
-        target_principal:
-      # The GCP project ID to use. This must be set to the project ID where the
-      # GCP Secrets Manager service that you want to use is located.
-      #
-      # NOTE: deprecated; use `authConfig.project_id` instead.
-      project_id:
-      # The JSON content of the GCP credentials file to use to authenticate with
-      # the GCP Secrets Manager instance. You can omit this if you are running
-      # the ZenML server in a GCP GKE cluster that uses workload identity to
-      # authenticate with GCP services without the need for credentials.
-      #
-      # NOTE: deprecated; use `authConfig.service_account_json` instead.
-      google_application_credentials:
-    # Azure Key Vault secrets store configuration. Only relevant if the `azure`
-    # secrets store type is configured.
-    #
-    # The Azure secrets store uses the Azure Service Connector under the hood to
-    # authenticate with the Azure Key Vault API. This means that you can
-    # use the same authentication methods and configuration as you would use for
-    # the Azure Service Connector. Just set the `authMethod` field to the
-    # authentication method that you want to use and set the required
-    # configuration attributes under the `authConfig` field.
-    #
-    # For a list of supported authentication methods and their configuration
-    # options, see the following documentation:
-    # https://docs.zenml.io/how-to/auth-management/azure-service-connector#authentication-methods
-    #
-    # You can also use the ZenML CLI to get the list of supported authentication
-    # methods and their configuration options, e.g.:
-    #
-    #   ```shell
-    #   zenml service-connector describe-type azure
-    #   zenml service-connector describe-type azure --auth-method service-principal
-    #   ```
-    azure:
-      # The Azure Service Connector authentication method to use. The currently
-      # supported authentication methods are:
-      #
-      # - implicit - Use the Azure managed identity attached to the ZenML server
-      #              pod or environment variables to authenticate with the Azure
-      #              Key Vault API
-      # - service-principal - Use an Azure service principal
-      authMethod: service-principal
-      # The Azure Service Connector authentication configuration. This should
-      # include the corresponding authentication configuration attributes for
-      # the `authMethod` that you have chosen above.
-      authConfig:
-        # The Azure service principal credentials to use to authenticate with
-        # the Azure Key Vault API. All three are Required if the `authMethod` is
-        # set to `service-principal`.
-        client_id:
-        client_secret:
-        tenant_id:
-      # The name of the Azure Key Vault. This must be set to point to the Azure
-      # Key Vault instance that you want to use.
-      key_vault_name:
-      # The Azure application service principal credentials to use to
-      # authenticate with the Azure Key Vault API. You can omit these if you are
-      # running the ZenML server hosted in Azure and are using a managed
-      # identity to access the Azure Key Vault service.
-      #
-      # NOTE: deprecated; use `authConfig.client_id`, `authConfig.client_secret`,
-      # and `authConfig.tenant_id` instead.
-      azure_client_id:
-      azure_client_secret:
-      azure_tenant_id:
-    # HashiCorp Vault secrets store configuration. Only relevant if the `hashicorp`
-    # secrets store type is configured
-    hashicorp:
-      # The url of the HashiCorp Vault server
-      vault_addr: https://vault.example.com
-      # The token used to authenticate with the Vault server
-      vault_token:
-      # The Vault Enterprise namespace. Not required for Vault OSS.
-      vault_namespace:
-      # The maximum number of secret versions to keep. If not set, the default
-      # value of 1 will be used (only the latest version will be kept).
-      max_versions:
-    # Custom secrets store configuration. Only relevant if the `custom` secrets
-    # store type is configured.
-    custom:
-      # The class path of the custom secrets store implementation. This should
-      # point to a full Python class that extends the
-      # `zenml.zen_stores.secrets_stores.base_secrets_store.BaseSecretsStore`
-      # base class. The class should be importable from the container image
-      # that you are using for the ZenML server.
-      #
-      # Any additional configuration options for the custom secrets store
-      # implementation should be passed through the `environment` and the
-      # `secretEnvironment` variables and using the `ZENML_SECRETS_STORE_<OPTION_NAME>`
-      # environment variable naming convention. For example, if the custom
-      # secrets store implementation expects an `aws_access_key_id` option, you
-      # should set the `ZENML_SECRETS_STORE_AWS_ACCESS_KEY_ID` environment
-      # variable in the `zenml.secretEnvironment` variable.
-      class_path: my.custom.secrets.store.MyCustomSecretsStore
-  # Backup secrets store settings. This is used as a backup to the primary
-  # secrets store. Secret values for newly created and updated secrets are also
-  # saved in the secondary secrets store and there are management commands to
-  # migrate secret values individually or in bulk from the primary to the
-  # secondary secrets store and vice versa.
-  # A backup secrets store is is useful for high availability and disaster
-  # recovery scenarios where the primary secrets store is unavailable. It is
-  # also useful as a temporary setup for migrating secrets from one secrets
-  # store to another.
-  backupSecretsStore:
-    # Set to true to enable a backup secrets store.
-    enabled: false
-    # The type of secrets store to use. Use one of:
-    #
-    # sql - Use the same SQL database as the ZenML server
-    # aws - Use the AWS Secrets Manager as a secrets store
-    # gcp - Use the GCP Secrets Manager as a secrets store
-    # azure - Use the Azure Key Vault as a secrets store
-    # hashicorp - Use the HashiCorp Vault as a secrets store
-    # custom - Use a custom secrets store implementation (needs a custom
-    #          ZenML server image with the custom secrets store implementation
-    #          installed)
-    #
-    # Depending on the type, additional configuration options may be required
-    # under the respective sections.
-    #
-    type: sql
-    # SQL backup secrets store configuration. Only relevant if the `sql` backup
-    # secrets store type is configured.
-    sql:
-      # The secret key used to encrypt secrets in the SQL database. Only relevant
-      # if the SQL secrets store type is used. This should be set to a random
-      # string with a recommended length of at least 32 characters, e.g.:
-      #
-      #   ```python
-      #   from secrets import token_hex
-      #   token_hex(32)
-      #   ```
-      #
-      # or:
-      #
-      #   ```shell
-      #   openssl rand -hex 32
-      #   ```
-      #
-      # If not set, database secret encryption will be disabled.
-      #
-      # IMPORTANT: If you configure encryption for your SQL database secrets
-      # store, you should keep this value somewhere safe and secure, as it will be
-      # required to decrypt the secrets in the database. If you lose the
-      # encryption key, you will not be able to decrypt the secrets in the
-      # database and will have to reset them. You should not change this value
-      # after you have already configured encryption for your SQL database
-      # secrets store.
-      encryptionKey:
-    # AWS backup secrets store configuration. Only relevant if the `aws` backup
-    # secrets store type is configured.
-    #
-    # The AWS secrets store uses the AWS Service Connector under the hood to
-    # authenticate with the AWS Secrets Manager API. This means that you can
-    # use the same authentication methods and configuration as you would use for
-    # the AWS Service Connector. Just set the `authMethod` field to the
-    # authentication method that you want to use and set the required
-    # configuration attributes under the `authConfig` field.
-    #
-    # For a list of supported authentication methods and their configuration
-    # options, see the following documentation:
-    # https://docs.zenml.io/how-to/auth-management/aws-service-connector#authentication-methods
-    #
-    # You can also use the ZenML CLI to get the list of supported authentication
-    # methods and their configuration options, e.g.:
-    #
-    #   ```shell
-    #   zenml service-connector describe-type aws
-    #   zenml service-connector describe-type aws --auth-method secret-key
-    #   ```
-    aws:
-      # The AWS Service Connector authentication method to use. The currently
-      # supported authentication methods are:
-      #
-      # - implicit - Use the IAM role attached to the ZenML server pod or
-      #              environment variables to authenticate with the AWS Secrets
-      #              Manager API
-      # - secret-key - Use an AWS secret key
-      # - iam-role - Use an IAM role
-      # - session-token - Use an AWS session token derived from an AWS secret
-      #                   key
-      # - federation-token - Use an AWS federation token derived from an AWS
-      #                      secret key
-      authMethod: secret-key
-      # The AWS Service Connector authentication configuration. This should
-      # include the corresponding authentication configuration attributes for
-      # the `authMethod` that you have chosen above.
-      authConfig:
-        # The AWS region to use. This must be set to the region where the AWS
-        # Secrets Manager service that you want to use is located. Mandatory
-        # for all authentication methods.
-        region:
-        # The AWS access key and secret key to use to authenticate with the AWS
-        # Secrets Manager instance. Both are required if the `authMethod` is set
-        # to `secret-key`, `sts-token`, `iam-role`, or `federation-token`.
-        aws_access_key_id:
-        aws_secret_access_key:
-        # The AWS role ARN to use to authenticate with the AWS Secrets Manager
-        # instance. Required if the `authMethod` is set to `iam-role`.
-        role_arn:
-    # GCP backup secrets store configuration. Only relevant if the `gcp` backup
-    # secrets store type is configured.
-    #
-    # The GCP secrets store uses the GCP Service Connector under the hood to
-    # authenticate with the GCP Secrets Manager API. This means that you can
-    # use the same authentication methods and configuration as you would use for
-    # the GCP Service Connector. Just set the `authMethod` field to the
-    # authentication method that you want to use and set the required
-    # configuration attributes under the `authConfig` field.
-    #
-    # For a list of supported authentication methods and their configuration
-    # options, see the following documentation:
-    # https://docs.zenml.io/how-to/auth-management/gcp-service-connector#authentication-methods
-    #
-    # You can also use the ZenML CLI to get the list of supported authentication
-    # methods and their configuration options, e.g.:
-    #
-    #   ```shell
-    #   zenml service-connector describe-type gcp
-    #   zenml service-connector describe-type gcp --auth-method service-account
-    #   ```
-    gcp:
-      # The GCP Service Connector authentication method to use. The currently
-      # supported authentication methods are:
-      #
-      # - implicit - Use the GCP service account attached to the ZenML server
-      #              pod or environment variables to authenticate with the GCP
-      #              Secrets Manager API
-      # - user-account - Use a GCP user account
-      # - service-account - Use a GCP service account
-      # - impersonation - Use the GCP service account impersonation feature
-      # - external-account - Use workload identity federation to authenticate
-      #                      with the GCP Secrets Manager API
-      authMethod: service-account
-      # The GCP Service Connector authentication configuration. This should
-      # include the corresponding authentication configuration attributes for
-      # the `authMethod` that you have chosen above.
-      authConfig:
-        # The GCP project ID to use. This must be set to the project ID where
-        # the GCP Secrets Manager service that you want to use is located.
-        # Mandatory for all authentication methods.
-        project_id:
-        # The GCP user account credentials to use to authenticate with the GCP
-        # Secrets Manager instance. Required if the `authMethod` is set to
-        # `user-account`.
-        user_account_json:
-        # The GCP service account credentials to use to authenticate with the
-        # GCP Secrets Manager instance. Required if the `authMethod` is set to
-        # `service-account` or `impersonation`.
-        service_account_json:
-        # The GCP service account to impersonate when authenticating with the
-        # GCP Secrets Manager instance. Required if the `authMethod` is set to
-        # `impersonation`.
-        target_principal:
-        # The GCP workload identity credentials to use to authenticate with the
-        # GCP Secrets Manager instance. Required if the `authMethod` is set to
-        # `external-account`.
-        external_account_json:
-    # Azure backup Key Vault secrets store configuration. Only relevant if the
-    # `azure` backup secrets store type is configured.
-    #
-    # The Azure secrets store uses the Azure Service Connector under the hood to
-    # authenticate with the Azure Key Vault API. This means that you can
-    # use the same authentication methods and configuration as you would use for
-    # the Azure Service Connector. Just set the `authMethod` field to the
-    # authentication method that you want to use and set the required
-    # configuration attributes under the `authConfig` field.
-    #
-    # For a list of supported authentication methods and their configuration
-    # options, see the following documentation:
-    # https://docs.zenml.io/how-to/auth-management/azure-service-connector#authentication-methods
-    #
-    # You can also use the ZenML CLI to get the list of supported authentication
-    # methods and their configuration options, e.g.:
-    #
-    #   ```shell
-    #   zenml service-connector describe-type azure
-    #   zenml service-connector describe-type azure --auth-method service-principal
-    #   ```
-    azure:
-      # The Azure Service Connector authentication method to use. The currently
-      # supported authentication methods are:
-      #
-      # - implicit - Use the Azure managed identity attached to the ZenML server
-      #              pod or environment variables to authenticate with the Azure
-      #              Key Vault API
-      # - service-principal - Use an Azure service principal
-      authMethod: service-principal
-      # The Azure Service Connector authentication configuration. This should
-      # include the corresponding authentication configuration attributes for
-      # the `authMethod` that you have chosen above.
-      authConfig:
-        # The Azure service principal credentials to use to authenticate with
-        # the Azure Key Vault API. All three are Required if the `authMethod` is
-        # set to `service-principal`.
-        client_id:
-        client_secret:
-        tenant_id:
-      # The name of the Azure Key Vault. This must be set to point to the Azure
-      # Key Vault instance that you want to use.
-      key_vault_name:
-    # HashiCorp Vault backup secrets store configuration. Only relevant if the
-    # `hashicorp` backup secrets store type is configured
-    hashicorp:
-      # The url of the HashiCorp Vault server
-      vault_addr: https://vault.example.com
-      # The token used to authenticate with the Vault server
-      vault_token:
-      # The Vault Enterprise namespace. Not required for Vault OSS.
-      vault_namespace:
-      # The maximum number of secret versions to keep. If not set, the default
-      # value of 1 will be used (only the latest version will be kept).
-      max_versions:
-    # Custom backup secrets store configuration. Only relevant if the `custom`
-    # backup secrets store type is configured.
-    custom:
-      # The class path of the custom secrets store implementation. This should
-      # point to a full Python class that extends the
-      # `zenml.zen_stores.secrets_stores.base_secrets_store.BaseSecretsStore`
-      # base class. The class should be importable from the container image
-      # that you are using for the ZenML server.
-      #
-      # Any additional configuration options for the custom secrets store
-      # implementation should be passed through the `environment` and the
-      # `secretEnvironment` variables and using the `ZENML_SECRETS_STORE_<OPTION_NAME>`
-      # environment variable naming convention. For example, if the custom
-      # secrets store implementation expects an `aws_access_key_id` option, you
-      # should set the `ZENML_SECRETS_STORE_AWS_ACCESS_KEY_ID` environment
-      # variable in the `zenml.secretEnvironment` variable.
-      class_path: my.custom.secrets.store.MyCustomSecretsStore
-  # The ZenML server's secure headers configuration. This can be used to
-  # enable, disable or set custom values for security headers in the ZenML
-  # server's HTTP responses. The following values can be set for any of the
-  # supported secure headers configuration options:
-  #
-  # - `enabled`, `on`, `true` or `yes` - enables the secure header with the
-  # default value.
-  # - `disabled`, `off`, `false`, `none` or `no` - disables the secure header
-  # entirely, so that it is not set in the ZenML server's HTTP responses.
-  # - any other value - sets the secure header to the specified value.
-  secure_headers:
-    # The `Server` HTTP header value used to identify the server. The default
-    # value is the ZenML server ID.
-    server: enabled
-    # The `Strict-Transport-Security` HTTP header value. The default value is
-    # `max-age=63072000; includeSubDomains`.
-    hsts: enabled
-    # The `X-Frame-Options` HTTP header value. The default value is `SAMEORIGIN`.
-    xfo: enabled
-    # The `X-XSS-Protection` HTTP header value. The default value is `0`.
-    # NOTE: this header is deprecated and should not be customized anymore. The
-    # `Content-Security-Policy` header should be used instead.
-    xxp: enabled
-    # The `X-Content-Type-Options` HTTP header value. The default value is
-    # `nosniff`.
-    content: enabled
-    # The `Content-Security-Policy` HTTP header value. This is by default set
-    # to a strict CSP policy that only allows content from the origins required
-    # by the ZenML dashboard.
-    # NOTE: customizing this header is discouraged, as it may cause the ZenML
-    # dashboard to malfunction.
-    csp: enabled
-    # The `Referrer-Policy` HTTP header value. The default value is
-    # `no-referrer-when-downgrade`.
-    referrer: enabled
-    # The `Cache-Control` HTTP header value. The default value is
-    # `no-store, no-cache, must-revalidate`.
-    cache: enabled
-    # The `Permissions-Policy` HTTP header value. The default value is
-    # `accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()`.
-    permissions: enabled
-  # Extra environment variables to set in the ZenML server container.
-  environment: {}
-  # Extra environment variables to set in the ZenML server container that
-  # should be kept secret. These will be set as Kubernetes secrets and
-  # mounted as environment variables in the ZenML server container.
-  secretEnvironment: {}
-  service:
-    type: ClusterIP
-    port: 80
-  ingress:
-    enabled: true
-    className: "nginx"
-    annotations:
-      # nginx.ingress.kubernetes.io/ssl-redirect: "true"
-      # nginx.ingress.kubernetes.io/rewrite-target: /$1
-      # kubernetes.io/ingress.class: nginx
-      # kubernetes.io/tls-acme: "true"
-      # cert-manager.io/cluster-issuer: "letsencrypt"
-    # hint: you can use a service like nip.io to get a wildcard DNS for your
-    # ingress IP address. For example, if your ingress IP is 192.168.0.1, you
-    # can use a host name like zenml.192.168.0.1.nip.io. This allows you to
-    # reuse the same ingress for multiple deployments and/or services.
-    host:
-    path: /
-    tls:
-      enabled: false
-      # NOTE: if enabled, this will generate self-signed certificates during
-      # installation. This also requires that the ingress host be set to the
-      # domain name or IP address used to access the ZenML server from outside
-      # the cluster.
-      generateCerts: false
-      secretName: zenml-tls-certs
-serviceAccount:
-  # Specifies whether a service account should be created
-  create: true
-  # Annotations to add to the service account
-  annotations: {}
-  # The name of the service account to use.
-  # If not set and create is true, a name is generated using the fullname template
-  name: "zenml"
-podAnnotations: {}
-podSecurityContext: {}
-  # fsGroup: 1000 # if you're using a PVC for backup, this should necessarily be set.
-securityContext:
-  runAsNonRoot: true
-  runAsUser: 1000
-  # capabilities:
-  #   drop:
-  #   - ALL
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #   cpu: 100m
-  #   memory: 128Mi
-  # requests:
-  #   cpu: 100m
-  #   memory: 128Mi
-resourcesMigrationPod: {}
-  # Resource requests and limits for the database migration pod.
-  # If not set, falls back to the global resources configuration defined in .Values.resources
-autoscaling:
-  enabled: false
-  minReplicas: 1
-  maxReplicas: 100
-  targetCPUUtilizationPercentage: 80
-  # targetMemoryUtilizationPercentage: 80
-nodeSelector: {}
-tolerations: []
-affinity: {}

zenml-nightly 0.73.0.dev20250204__py3-none-any.whl → 0.73.0.dev20250206__py3-none-any.whl

zenml-nightly 0.73.0.dev20250204py3-none-any.whl → 0.73.0.dev20250206py3-none-any.whl