# sovereign_deployment_report.py from __future__ import annotations import json import os from datetime import datetime, timezone from typing import Any, Dict, List, Optional from sovereign_deployment_profile import generate_deployment_profile DEPLOYMENT_OUTPUT_DIR = "sovereign_deployment_outputs" def _utc_now() -> str: return datetime.now(timezone.utc).isoformat() def _ensure_dir(path: str) -> None: os.makedirs(path, exist_ok=True) def _safe(v: Any, default: Any = "") -> Any: return v if v is not None else default def _bool_text(v: Any) -> str: return "True" if bool(v) else "False" def _render_header(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} return f"""# Sovereign Deployment Report Generated at: {_safe((profile or {}).get("generated_at"), _utc_now())} ## 1. Profile Identity - Profile Type: {_safe(profile.get("profile_type"), "Sovereign Deployment Profile")} - Domain: {_safe(profile.get("domain"), "banking_and_financial_institutions")} """ def _render_summary(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} summary = profile.get("summary", {}) if isinstance(profile, dict) else {} return f"""## 2. Executive Summary - Supported Primary Mode: {_safe(summary.get("supported_primary_mode"), "unknown")} - Runtime Entrypoint Defined: {_bool_text(summary.get("runtime_entrypoint_defined"))} - One-Command Launcher Present: {_bool_text(summary.get("one_command_launcher_present"))} - Internet Dependency Required: {_bool_text(summary.get("internet_dependency_required"))} - Cloud Dependency Required: {_bool_text(summary.get("cloud_dependency_required"))} ### Practical Interpretation - Sovereign is currently positioned for controlled bank-grade runtime deployment. - On-prem / customer-controlled execution is the primary intended deployment posture. - One-command launch is available in qualified form through the launcher/config path. - Low-friction deployment does not mean universal zero-touch installation across all bank environments. """ def _render_modes(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} modes = profile.get("deployment_modes", []) if isinstance(profile, dict) else [] lines: List[str] = ["## 3. Deployment Modes"] if not modes: lines.append("- No deployment modes recorded.") return "\n".join(lines) for item in modes: intended = item.get("intended_use", []) lines.append(f"### {item.get('mode', 'unknown_mode')}") lines.append(f"- Status: {_safe(item.get('status'))}") lines.append(f"- Description: {_safe(item.get('description'))}") if intended: lines.append("- Intended Use:") for x in intended: lines.append(f" - {x}") lines.append("") return "\n".join(lines).rstrip() + "\n" def _render_environment_requirements(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} env = profile.get("environment_requirements", {}) if isinstance(profile, dict) else {} runtime_req = env.get("runtime_requirements", {}) if isinstance(env, dict) else {} network_req = env.get("network_requirements", {}) if isinstance(env, dict) else {} execution_req = env.get("execution_requirements", {}) if isinstance(env, dict) else {} artifact_req = env.get("artifact_requirements", {}) if isinstance(env, dict) else {} return f"""## 4. Environment Requirements ### Runtime Requirements - Python Runtime Required: {_bool_text(runtime_req.get("python_runtime_required"))} - Filesystem Write Required: {_bool_text(runtime_req.get("filesystem_write_required"))} - JSON Artifact Support Required: {_bool_text(runtime_req.get("json_artifact_support_required"))} - Local Execution Supported: {_bool_text(runtime_req.get("local_execution_supported"))} ### Network Requirements - Internet Required: {_bool_text(network_req.get("internet_required"))} - Cloud Dependency Required: {_bool_text(network_req.get("cloud_dependency_required"))} - External DNS Required: {_bool_text(network_req.get("external_dns_required"))} - Offline Posture Supported: {_bool_text(network_req.get("offline_posture_supported"))} ### Execution Requirements - Single Entrypoint Defined: {_bool_text(execution_req.get("single_entrypoint_defined"))} - Runtime Entry Module: {_safe(execution_req.get("runtime_entry_module"))} - Runtime Entry Function: {_safe(execution_req.get("runtime_entry_function"))} - Launcher Module: {_safe(execution_req.get("one_command_launcher_module"))} - Config-Driven Launch Supported: {_bool_text(execution_req.get("config_driven_launch_supported"))} ### Artifact Requirements - Audit Chain Storage Required: {_bool_text(artifact_req.get("audit_chain_storage_required"))} - Crypto Seal Support Required: {_bool_text(artifact_req.get("crypto_seal_support_required"))} - Manifest Generation Required: {_bool_text(artifact_req.get("manifest_generation_required"))} - Verifier Compatibility Expected: {_bool_text(artifact_req.get("verifier_compatibility_expected"))} """ def _render_packaging_posture(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} packaging = profile.get("packaging_posture", {}) if isinstance(profile, dict) else {} notes = packaging.get("packaging_notes", []) if isinstance(packaging, dict) else [] lines = [ "## 5. Packaging Posture", f"- Current Packaging State: {_safe(packaging.get('current_packaging_state'))}", f"- Runtime Package Builder: {_safe(packaging.get('runtime_package_builder'))}", f"- One-Command Launcher Available: {_bool_text(packaging.get('one_command_launcher_available'))}", ] if notes: lines.append("- Packaging Notes:") for item in notes: lines.append(f" - {item}") return "\n".join(lines) def _render_frictionless_claim(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} claim = profile.get("frictionless_deployment_claim", {}) if isinstance(profile, dict) else {} meaning = claim.get("meaning", []) if isinstance(claim, dict) else [] non_meaning = claim.get("non_meaning", []) if isinstance(claim, dict) else [] lines = [ "## 6. Low-Friction Deployment Claim", f"- Claim Label: {_safe(claim.get('claim_label'))}", f"- Status: {_safe(claim.get('status'))}", ] if meaning: lines.append("- Meaning:") for item in meaning: lines.append(f" - {item}") if non_meaning: lines.append("- Non-Meaning / Explicit Limits:") for item in non_meaning: lines.append(f" - {item}") return "\n".join(lines) def _render_constraints(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} constraints = profile.get("constraints", []) if isinstance(profile, dict) else [] lines = ["## 7. Constraints"] if not constraints: lines.append("- No constraints recorded.") return "\n".join(lines) for item in constraints: lines.append(f"- {item}") return "\n".join(lines) def _render_artifact_status(bundle: Dict[str, Any]) -> str: seal = bundle.get("crypto_seal", {}) if isinstance(bundle, dict) else {} return f"""## 8. Artifact Status - Sealed: {bool(bundle.get("sealed", False))} - Seal Digest: {_safe(seal.get("seal_digest"), "")} - Seal Scheme: {_safe(seal.get("scheme"), "")} - Seal Algorithm: {_safe(seal.get("algorithm"), "")} - Signer Hint: {_safe(seal.get("signer_hint"), "")} """ def _render_verdict(bundle: Dict[str, Any]) -> str: profile = bundle.get("deployment_profile", {}) if isinstance(bundle, dict) else {} constraints = profile.get("constraints", []) if isinstance(profile, dict) else [] verdict = ( "Sovereign currently presents a credible controlled deployment posture for bank-grade runtime use: " "primary positioning is on-prem / customer-controlled runtime, offline-compatible execution is supported, " "and one-command launch exists in qualified form through the launcher/config path." ) lines = [ "## 9. Preliminary Bank-Facing Verdict", verdict, "", "## 10. Notes", ] if constraints: for item in constraints: lines.append(f"- {item}") else: lines.append("- No additional notes provided.") return "\n".join(lines) def build_deployment_markdown(bundle: Dict[str, Any]) -> str: parts = [ _render_header(bundle), _render_summary(bundle), _render_modes(bundle), _render_environment_requirements(bundle), _render_packaging_posture(bundle), _render_frictionless_claim(bundle), _render_constraints(bundle), _render_artifact_status(bundle), _render_verdict(bundle), ] return "\n\n".join(parts).strip() + "\n" def save_deployment_report( bundle: Dict[str, Any], output_dir: str = DEPLOYMENT_OUTPUT_DIR, base_name: Optional[str] = None, ) -> Dict[str, str]: _ensure_dir(output_dir) ts = datetime.now(timezone.utc).strftime("%Y%m%dT%H%M%SZ") base = base_name or f"sovereign_deployment_report_{ts}" json_path = os.path.join(output_dir, f"{base}.json") md_path = os.path.join(output_dir, f"{base}.md") with open(json_path, "w", encoding="utf-8") as f: json.dump(bundle, f, ensure_ascii=False, indent=2) markdown = build_deployment_markdown(bundle) with open(md_path, "w", encoding="utf-8") as f: f.write(markdown) return { "json_report": json_path, "markdown_report": md_path, } def generate_deployment_report( output_dir: str = DEPLOYMENT_OUTPUT_DIR, base_name: Optional[str] = None, ) -> Dict[str, Any]: bundle = generate_deployment_profile() files = save_deployment_report( bundle=bundle, output_dir=output_dir, base_name=base_name, ) return { "ok": True, "generated_at": _utc_now(), "bundle": bundle, "files": files, } if __name__ == "__main__": out = generate_deployment_report() print(json.dumps(out, indent=2, ensure_ascii=False))