rezabarkhordary commited on
Commit
1f303e0
·
verified ·
1 Parent(s): 6fb5642

Create sovereign_deployment_profile_.py

Browse files
Files changed (1) hide show
  1. sovereign_deployment_profile_.py +184 -0
sovereign_deployment_profile_.py ADDED
@@ -0,0 +1,184 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+
2
+ # sovereign_deployment_profile.py
3
+ from __future__ import annotations
4
+
5
+ import json
6
+ from datetime import datetime, timezone
7
+ from typing import Any, Dict, List, Optional
8
+
9
+ from sovereign_crypto_seal import SovereignCryptoSeal
10
+
11
+
12
+ def _utc_now() -> str:
13
+ return datetime.now(timezone.utc).isoformat()
14
+
15
+
16
+ class SovereignDeploymentProfileBuilder:
17
+ """
18
+ Builds a bank-grade deployment profile for Sovereign.
19
+
20
+ Purpose:
21
+ - Define supported deployment postures
22
+ - Make runtime entry and packaging posture explicit
23
+ - Clarify what 'low-friction deployment' means in technical terms
24
+ - Provide a sealed machine-readable deployment artifact
25
+ """
26
+
27
+ def __init__(self, sealer: Optional[SovereignCryptoSeal] = None) -> None:
28
+ self.sealer = sealer or SovereignCryptoSeal()
29
+
30
+ def _deployment_modes(self) -> List[Dict[str, Any]]:
31
+ return [
32
+ {
33
+ "mode": "on_prem_controlled_runtime",
34
+ "status": "supported_primary",
35
+ "description": "Primary target posture for banks and financial institutions. Runtime executes within customer-controlled environment.",
36
+ "intended_use": [
37
+ "bank internal runtime control",
38
+ "regulated AI workflow governance",
39
+ "controlled financial execution oversight",
40
+ ],
41
+ },
42
+ {
43
+ "mode": "evaluation_bundle_runtime",
44
+ "status": "supported_secondary",
45
+ "description": "Evaluation / pilot posture for controlled technical validation before broader rollout.",
46
+ "intended_use": [
47
+ "technical pilot",
48
+ "benchmark validation",
49
+ "artifact verification",
50
+ ],
51
+ },
52
+ {
53
+ "mode": "single_command_launcher_runtime",
54
+ "status": "in_progress",
55
+ "description": "Low-friction launch posture using the packaged runtime launcher and config-driven execution path.",
56
+ "intended_use": [
57
+ "reduced deployment friction",
58
+ "controlled packaged execution",
59
+ ],
60
+ },
61
+ {
62
+ "mode": "containerized_delivery",
63
+ "status": "planned_next",
64
+ "description": "Future packaging posture for stronger delivery ergonomics and runtime portability.",
65
+ "intended_use": [
66
+ "container delivery",
67
+ "controlled platform portability",
68
+ ],
69
+ },
70
+ ]
71
+
72
+ def _environment_requirements(self) -> Dict[str, Any]:
73
+ return {
74
+ "runtime_requirements": {
75
+ "python_runtime_required": True,
76
+ "filesystem_write_required": True,
77
+ "json_artifact_support_required": True,
78
+ "local_execution_supported": True,
79
+ },
80
+ "network_requirements": {
81
+ "internet_required": False,
82
+ "cloud_dependency_required": False,
83
+ "external_dns_required": False,
84
+ "offline_posture_supported": True,
85
+ },
86
+ "execution_requirements": {
87
+ "single_entrypoint_defined": True,
88
+ "runtime_entry_module": "sovereign_bank_runtime_entry",
89
+ "runtime_entry_function": "run_sovereign_bank_runtime",
90
+ "one_command_launcher_module": "sovereign_one_command_launcher",
91
+ "config_driven_launch_supported": True,
92
+ },
93
+ "artifact_requirements": {
94
+ "audit_chain_storage_required": True,
95
+ "crypto_seal_support_required": True,
96
+ "manifest_generation_required": True,
97
+ "verifier_compatibility_expected": True,
98
+ },
99
+ }
100
+
101
+ def _packaging_posture(self) -> Dict[str, Any]:
102
+ return {
103
+ "current_packaging_state": "structured_runtime_package_available",
104
+ "runtime_package_builder": "sovereign_packager",
105
+ "one_command_launcher_available": True,
106
+ "packaging_notes": [
107
+ "Current packaging posture provides structured runtime delivery with launcher config, manifest, integrity inventory, and documentation.",
108
+ "Single-command launch is supported through the one-command launcher and config-based execution path.",
109
+ "Packaging ergonomics can be further hardened later with containerization or additional installer tooling.",
110
+ ],
111
+ }
112
+
113
+ def _frictionless_deployment_claim(self) -> Dict[str, Any]:
114
+ return {
115
+ "claim_label": "low_friction_controlled_deployment",
116
+ "status": "qualified_claim",
117
+ "meaning": [
118
+ "A single runtime entrypoint is defined.",
119
+ "A one-command launcher exists for controlled execution modes.",
120
+ "A runtime package structure exists for delivery and review.",
121
+ "Deployment does not require external cloud dependency or internet connectivity.",
122
+ ],
123
+ "non_meaning": [
124
+ "This does not yet mean a universal zero-touch installer across all bank environments.",
125
+ "This does not yet imply environment-agnostic deployment without customer-side runtime prerequisites.",
126
+ "This does not replace environment-specific hardening, permissions, or integration review.",
127
+ ],
128
+ }
129
+
130
+ def _deployment_constraints(self) -> List[str]:
131
+ return [
132
+ "Current deployment profile is designed for controlled bank-grade runtime environments and technical review flows.",
133
+ "Single-command launch is available through launcher/config flow, but universal zero-touch installation is not yet the claimed end state.",
134
+ "Environment-specific integration, hardening, permissions, and operational review may still be required in customer deployment.",
135
+ "Containerized or installer-style delivery remains a future hardening/ergonomics path rather than the only current deployment mode.",
136
+ ]
137
+
138
+ def build(self) -> Dict[str, Any]:
139
+ profile = {
140
+ "profile_type": "Sovereign Deployment Profile",
141
+ "generated_at": _utc_now(),
142
+ "domain": "banking_and_financial_institutions",
143
+ "deployment_modes": self._deployment_modes(),
144
+ "environment_requirements": self._environment_requirements(),
145
+ "packaging_posture": self._packaging_posture(),
146
+ "frictionless_deployment_claim": self._frictionless_deployment_claim(),
147
+ "constraints": self._deployment_constraints(),
148
+ "summary": {
149
+ "supported_primary_mode": "on_prem_controlled_runtime",
150
+ "runtime_entrypoint_defined": True,
151
+ "one_command_launcher_present": True,
152
+ "internet_dependency_required": False,
153
+ "cloud_dependency_required": False,
154
+ },
155
+ }
156
+
157
+ sealed = self.sealer.seal_object(
158
+ profile,
159
+ object_type="deployment_profile",
160
+ metadata={
161
+ "domain": "banking",
162
+ "artifact_class": "deployment_profile",
163
+ },
164
+ )
165
+
166
+ return {
167
+ "ok": True,
168
+ "deployment_profile": profile,
169
+ "crypto_seal": sealed["seal"],
170
+ "sealed": True,
171
+ }
172
+
173
+
174
+ BUILDER = SovereignDeploymentProfileBuilder()
175
+
176
+
177
+ def generate_deployment_profile() -> Dict[str, Any]:
178
+ return BUILDER.build()
179
+
180
+
181
+ if __name__ == "__main__":
182
+ out = generate_deployment_profile()
183
+ print(json.dumps(out, indent=2, ensure_ascii=False))
184
+