|
|
| |
| from __future__ import annotations |
|
|
| import json |
| import os |
| from datetime import datetime, timezone |
| from typing import Any, Dict, List, Optional |
|
|
| from sovereign_deployment_profile import generate_deployment_profile |
|
|
|
|
| DEPLOYMENT_OUTPUT_DIR = "sovereign_deployment_outputs" |
|
|
|
|
| def _utc_now() -> str: |
| return datetime.now(timezone.utc).isoformat() |
|
|
|
|
| def _ensure_dir(path: str) -> None: |
| os.makedirs(path, exist_ok=True) |
|
|
|
|
| def _safe(v: Any, default: Any = "") -> Any: |
| return v if v is not None else default |
|
|
|
|
| def _bool_text(v: Any) -> str: |
| return "True" if bool(v) else "False" |
|
|
|
|
| def _render_header(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
|
|
| return f"""# Sovereign Deployment Report |
| |
| Generated at: {_safe((profile or {}).get("generated_at"), _utc_now())} |
| |
| ## 1. Profile Identity |
| - Profile Type: {_safe(profile.get("profile_type"), "Sovereign Deployment Profile")} |
| - Domain: {_safe(profile.get("domain"), "banking_and_financial_institutions")} |
| """ |
|
|
|
|
| def _render_summary(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| summary = profile.get("summary", {}) if isinstance(profile, dict) else {} |
|
|
| return f"""## 2. Executive Summary |
| - Supported Primary Mode: {_safe(summary.get("supported_primary_mode"), "unknown")} |
| - Runtime Entrypoint Defined: {_bool_text(summary.get("runtime_entrypoint_defined"))} |
| - One-Command Launcher Present: {_bool_text(summary.get("one_command_launcher_present"))} |
| - Internet Dependency Required: {_bool_text(summary.get("internet_dependency_required"))} |
| - Cloud Dependency Required: {_bool_text(summary.get("cloud_dependency_required"))} |
| |
| ### Practical Interpretation |
| - Sovereign is currently positioned for controlled bank-grade runtime deployment. |
| - On-prem / customer-controlled execution is the primary intended deployment posture. |
| - One-command launch is available in qualified form through the launcher/config path. |
| - Low-friction deployment does not mean universal zero-touch installation across all bank environments. |
| """ |
|
|
|
|
| def _render_modes(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| modes = profile.get("deployment_modes", []) if isinstance(profile, dict) else [] |
|
|
| lines: List[str] = ["## 3. Deployment Modes"] |
|
|
| if not modes: |
| lines.append("- No deployment modes recorded.") |
| return "\n".join(lines) |
|
|
| for item in modes: |
| intended = item.get("intended_use", []) |
| lines.append(f"### {item.get('mode', 'unknown_mode')}") |
| lines.append(f"- Status: {_safe(item.get('status'))}") |
| lines.append(f"- Description: {_safe(item.get('description'))}") |
| if intended: |
| lines.append("- Intended Use:") |
| for x in intended: |
| lines.append(f" - {x}") |
| lines.append("") |
|
|
| return "\n".join(lines).rstrip() + "\n" |
|
|
|
|
| def _render_environment_requirements(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| env = profile.get("environment_requirements", {}) if isinstance(profile, dict) else {} |
|
|
| runtime_req = env.get("runtime_requirements", {}) if isinstance(env, dict) else {} |
| network_req = env.get("network_requirements", {}) if isinstance(env, dict) else {} |
| execution_req = env.get("execution_requirements", {}) if isinstance(env, dict) else {} |
| artifact_req = env.get("artifact_requirements", {}) if isinstance(env, dict) else {} |
|
|
| return f"""## 4. Environment Requirements |
| |
| ### Runtime Requirements |
| - Python Runtime Required: {_bool_text(runtime_req.get("python_runtime_required"))} |
| - Filesystem Write Required: {_bool_text(runtime_req.get("filesystem_write_required"))} |
| - JSON Artifact Support Required: {_bool_text(runtime_req.get("json_artifact_support_required"))} |
| - Local Execution Supported: {_bool_text(runtime_req.get("local_execution_supported"))} |
| |
| ### Network Requirements |
| - Internet Required: {_bool_text(network_req.get("internet_required"))} |
| - Cloud Dependency Required: {_bool_text(network_req.get("cloud_dependency_required"))} |
| - External DNS Required: {_bool_text(network_req.get("external_dns_required"))} |
| - Offline Posture Supported: {_bool_text(network_req.get("offline_posture_supported"))} |
| |
| ### Execution Requirements |
| - Single Entrypoint Defined: {_bool_text(execution_req.get("single_entrypoint_defined"))} |
| - Runtime Entry Module: {_safe(execution_req.get("runtime_entry_module"))} |
| - Runtime Entry Function: {_safe(execution_req.get("runtime_entry_function"))} |
| - Launcher Module: {_safe(execution_req.get("one_command_launcher_module"))} |
| - Config-Driven Launch Supported: {_bool_text(execution_req.get("config_driven_launch_supported"))} |
| |
| ### Artifact Requirements |
| - Audit Chain Storage Required: {_bool_text(artifact_req.get("audit_chain_storage_required"))} |
| - Crypto Seal Support Required: {_bool_text(artifact_req.get("crypto_seal_support_required"))} |
| - Manifest Generation Required: {_bool_text(artifact_req.get("manifest_generation_required"))} |
| - Verifier Compatibility Expected: {_bool_text(artifact_req.get("verifier_compatibility_expected"))} |
| """ |
|
|
|
|
| def _render_packaging_posture(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| packaging = profile.get("packaging_posture", {}) if isinstance(profile, dict) else {} |
|
|
| notes = packaging.get("packaging_notes", []) if isinstance(packaging, dict) else [] |
|
|
| lines = [ |
| "## 5. Packaging Posture", |
| f"- Current Packaging State: {_safe(packaging.get('current_packaging_state'))}", |
| f"- Runtime Package Builder: {_safe(packaging.get('runtime_package_builder'))}", |
| f"- One-Command Launcher Available: {_bool_text(packaging.get('one_command_launcher_available'))}", |
| ] |
|
|
| if notes: |
| lines.append("- Packaging Notes:") |
| for item in notes: |
| lines.append(f" - {item}") |
|
|
| return "\n".join(lines) |
|
|
|
|
| def _render_frictionless_claim(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| claim = profile.get("frictionless_deployment_claim", {}) if isinstance(profile, dict) else {} |
|
|
| meaning = claim.get("meaning", []) if isinstance(claim, dict) else [] |
| non_meaning = claim.get("non_meaning", []) if isinstance(claim, dict) else [] |
|
|
| lines = [ |
| "## 6. Low-Friction Deployment Claim", |
| f"- Claim Label: {_safe(claim.get('claim_label'))}", |
| f"- Status: {_safe(claim.get('status'))}", |
| ] |
|
|
| if meaning: |
| lines.append("- Meaning:") |
| for item in meaning: |
| lines.append(f" - {item}") |
|
|
| if non_meaning: |
| lines.append("- Non-Meaning / Explicit Limits:") |
| for item in non_meaning: |
| lines.append(f" - {item}") |
|
|
| return "\n".join(lines) |
|
|
|
|
| def _render_constraints(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| constraints = profile.get("constraints", []) if isinstance(profile, dict) else [] |
|
|
| lines = ["## 7. Constraints"] |
|
|
| if not constraints: |
| lines.append("- No constraints recorded.") |
| return "\n".join(lines) |
|
|
| for item in constraints: |
| lines.append(f"- {item}") |
|
|
| return "\n".join(lines) |
|
|
|
|
| def _render_artifact_status(bundle: Dict[str, Any]) -> str: |
| seal = bundle.get("crypto_seal", {}) if isinstance(bundle, dict) else {} |
|
|
| return f"""## 8. Artifact Status |
| - Sealed: {bool(bundle.get("sealed", False))} |
| - Seal Digest: {_safe(seal.get("seal_digest"), "")} |
| - Seal Scheme: {_safe(seal.get("scheme"), "")} |
| - Seal Algorithm: {_safe(seal.get("algorithm"), "")} |
| - Signer Hint: {_safe(seal.get("signer_hint"), "")} |
| """ |
|
|
|
|
| def _render_verdict(bundle: Dict[str, Any]) -> str: |
| profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} |
| constraints = profile.get("constraints", []) if isinstance(profile, dict) else [] |
|
|
| verdict = ( |
| "Sovereign currently presents a credible controlled deployment posture for bank-grade runtime use: " |
| "primary positioning is on-prem / customer-controlled runtime, offline-compatible execution is supported, " |
| "and one-command launch exists in qualified form through the launcher/config path." |
| ) |
|
|
| lines = [ |
| "## 9. Preliminary Bank-Facing Verdict", |
| verdict, |
| "", |
| "## 10. Notes", |
| ] |
|
|
| if constraints: |
| for item in constraints: |
| lines.append(f"- {item}") |
| else: |
| lines.append("- No additional notes provided.") |
|
|
| return "\n".join(lines) |
|
|
|
|
| def build_deployment_markdown(bundle: Dict[str, Any]) -> str: |
| parts = [ |
| _render_header(bundle), |
| _render_summary(bundle), |
| _render_modes(bundle), |
| _render_environment_requirements(bundle), |
| _render_packaging_posture(bundle), |
| _render_frictionless_claim(bundle), |
| _render_constraints(bundle), |
| _render_artifact_status(bundle), |
| _render_verdict(bundle), |
| ] |
| return "\n\n".join(parts).strip() + "\n" |
|
|
|
|
| def save_deployment_report( |
| bundle: Dict[str, Any], |
| output_dir: str = DEPLOYMENT_OUTPUT_DIR, |
| base_name: Optional[str] = None, |
| ) -> Dict[str, str]: |
| _ensure_dir(output_dir) |
|
|
| ts = datetime.now(timezone.utc).strftime("%Y%m%dT%H%M%SZ") |
| base = base_name or f"sovereign_deployment_report_{ts}" |
|
|
| json_path = os.path.join(output_dir, f"{base}.json") |
| md_path = os.path.join(output_dir, f"{base}.md") |
|
|
| with open(json_path, "w", encoding="utf-8") as f: |
| json.dump(bundle, f, ensure_ascii=False, indent=2) |
|
|
| markdown = build_deployment_markdown(bundle) |
| with open(md_path, "w", encoding="utf-8") as f: |
| f.write(markdown) |
|
|
| return { |
| "json_report": json_path, |
| "markdown_report": md_path, |
| } |
|
|
|
|
| def generate_deployment_report( |
| output_dir: str = DEPLOYMENT_OUTPUT_DIR, |
| base_name: Optional[str] = None, |
| ) -> Dict[str, Any]: |
| bundle = generate_deployment_profile() |
|
|
| files = save_deployment_report( |
| bundle=bundle, |
| output_dir=output_dir, |
| base_name=base_name, |
| ) |
|
|
| return { |
| "ok": True, |
| "generated_at": _utc_now(), |
| "bundle": bundle, |
| "files": files, |
| } |
|
|
|
|
| if __name__ == "__main__": |
| out = generate_deployment_report() |
| print(json.dumps(out, indent=2, ensure_ascii=False)) |
|
|
|
|