o RDiQ@sddlmZddlZddlZddlZddlmZddlmZ ddl m Z ddl m Z ddlmZddlmZd d lmZmZd d lmZmZmZerRejjZejjZd d lmZmZd d l m!Z!m"Z"e#e$Z%gdZ&e ddZ'GdddeZ(dgZ)d>ddZ*ddZ+d?ddZ,d>d d!Z-d@d$d%Z.d&d'Z/ (dAdBd)d*Z0d+d,Z1d@d-d.Z2d@d/d0Z3d1d2Z4d3d4Z5d@d5d6Z6d7d8Z7e dCdDdsz'is_valid_arn_for_wif..)any)rBpatternsrrKris_valid_arn_for_wif~s rOcCsts tdtjSz*t||ddid}tjd|d}|r#d|vr'tjWSt |dr1tj WStjWSt y@tjYSw)a Check if the current environment has a valid AWS identity for authentication. If we retrieve an ARN from the caller identity and it is a valid WIF ARN, then we assume we have a valid AWS identity for authentication. Args: platform_detection_timeout_seconds: Timeout value for AWS API calls. Returns: _DetectionState: DETECTED if valid AWS identity exists, NOT_DETECTED otherwise. z7boto3 is not installed, skipping AWS identity detectiontotal_max_attemptsr )connect_timeout read_timeoutretriessts)configArn) rr1r2r r*Configr clientget_caller_identityrOr)r7)r.rUcaller_identityrrrhas_aws_identitys(     r[session_managerrcC^z|jdddi|d}|jdkrtjWStjWSty#tjYSty.tjYSw)a  Check if the current environment is running on an Azure Virtual Machine. If we query the Azure Instance Metadata Service and receive an HTTP 200 response, then we assume we are running on an Azure VM. Args: platform_detection_timeout_seconds: Timeout value for the metadata service request. session_manager: SessionManager instance for making HTTP requests. Returns: _DetectionState: DETECTED if on Azure VM, HTTP_TIMEOUT if request times out, NOT_DETECTED otherwise. z?http://169.254.169.254/metadata/instance?api-version=2021-02-01MetadataTrueheadersr#get status_coder r)r*rr+r)r.r\ token_resprrr is_azure_vms      rgcC&gd}tdd|DrtjStjS)a Check if the current environment is running in Azure Functions. If we check for Azure Functions environment variables (FUNCTIONS_WORKER_RUNTIME, FUNCTIONS_EXTENSION_VERSION, AzureWebJobsStorage) and they all exist, then we assume we are running in Azure Functions. Returns: _DetectionState: DETECTED if all Azure Functions env vars are present, NOT_DETECTED otherwise. )FUNCTIONS_WORKER_RUNTIMEFUNCTIONS_EXTENSION_VERSIONAzureWebJobsStoragecs|]}|tjvVqdSrFr>r?rIvarrrrrLz$is_azure_function..allr r)r* service_varsrrris_azure_functions  ruhttps://management.azure.comcCsld|}ddi}z|j|||d}|jdkrtjWStjWSty*tjYSty5tjYSw)a Check if Azure Managed Identity is available and accessible on an Azure VM. If we attempt to mint an access token from the Azure Instance Metadata Service managed identity endpoint and receive an HTTP 200 response, then we assume managed identity is available. Args: platform_detection_timeout_seconds: Timeout value for the metadata service request. session_manager: SessionManager instance for making HTTP requests. resource: The Azure resource URI to request a token for. Returns: _DetectionState: DETECTED if managed identity is available, HTTP_TIMEOUT if request times out, NOT_DETECTED otherwise. zVhttp://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource=r^truer`rbrc)r.r\resourceendpointraresponserrr)is_managed_identity_available_on_azure_vms      r{cCsttjdS)NIDENTITY_HEADER)rEr>r?rdrrrr/is_managed_identity_available_on_azure_functionsr}cCs(ttjkrtr tjStjSt||S)aF Determine if Azure Managed Identity is available in the current environment. If we are on Azure Functions and the IDENTITY_HEADER environment variable exists, then we assume managed identity is available. If we are on an Azure VM and can mint an access token from the managed identity endpoint, then we assume managed identity is available. Handles Azure Functions first since the checks are faster Handles Azure VM checks second since they involve network calls. Args: platform_detection_timeout_seconds: Timeout value for managed identity checks. session_manager: SessionManager instance for making HTTP requests. Returns: _DetectionState: DETECTED if managed identity is available, HTTP_TIMEOUT if detection timed out, NOT_DETECTED otherwise. )rur r)r}r*r{)r.r\rrrhas_azure_managed_identitys r~cCsdz|jd|d}|jr|jddkrtjWStjWSty&tjYSty1tjYSw)a- Check if the current environment is running on Google Compute Engine (GCE). If we query the Google metadata server and receive a response with the "Metadata-Flavor: Google" header, then we assume we are running on GCE. Args: platform_detection_timeout_seconds: Timeout value for the metadata service request. session_manager: SessionManager instance for making HTTP requests. Returns: _DetectionState: DETECTED if on GCE, HTTP_TIMEOUT if request times out, NOT_DETECTED otherwise. zhttp://metadata.google.internalr#Metadata-FlavorGoogle)rdrar r)r*rr+rr.r\rzrrr is_gce_vm7s"    rcCrh)a Check if the current environment is running in Google Cloud Run service. If we check for Cloud Run service environment variables (K_SERVICE, K_REVISION, K_CONFIGURATION) and they all exist, then we assume we are running in Cloud Run service. Returns: _DetectionState: DETECTED if all Cloud Run service env vars are present, NOT_DETECTED otherwise. ) K_SERVICE K_REVISIONK_CONFIGURATIONcsrlrFrmrnrrrrLfrpz+is_gcp_cloud_run_service..rqrsrrris_gcp_cloud_run_serviceX  rcCs&ddg}tdd|DrtjStjS)a Check if the current environment is running in Google Cloud Run job. If we check for Cloud Run job environment variables (CLOUD_RUN_JOB, CLOUD_RUN_EXECUTION) and they both exist, then we assume we are running in a Cloud Run job. Returns: _DetectionState: DETECTED if all Cloud Run job env vars are present, NOT_DETECTED otherwise. CLOUD_RUN_JOBCLOUD_RUN_EXECUTIONcsrlrFrmrnrrrrLyrpz'is_gcp_cloud_run_job..rq)job_varsrrris_gcp_cloud_run_jobkrrcCr])aK Check if the current environment has a valid Google Cloud Platform identity. If we query the GCP metadata service for the default service account email and receive a non-empty response, then we assume we have a valid GCP identity. Args: platform_detection_timeout_seconds: Timeout value for the metadata service request. session_manager: SessionManager instance for making HTTP requests. Returns: _DetectionState: DETECTED if valid GCP identity exists, HTTP_TIMEOUT if request times out, NOT_DETECTED otherwise. zZhttp://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/emailrrr`rbrcrrrrhas_gcp_identity~s      rcCr;)a3 Check if the current environment is running in GitHub Actions. If we check for the GITHUB_ACTIONS environment variable and it exists, then we assume we are running in GitHub Actions. Returns: _DetectionState: DETECTED if GITHUB_ACTIONS env var exists, NOT_DETECTED otherwise. GITHUB_ACTIONSr=rrrris_github_actionrAr float | NoneSessionManager | None list[str]c CsztjtdtvrtdttWS|durd}|dur+tdt j ddd}d }|d |}|}t t t tttd }|d krtd d]}|t||t||t|||t|||t|||t||d}|D]+\}} z | j|d||<Wqyttfytj||<Yqytytj ||<YqywWdn1swYg} |D]\} } | tj!kr| "| q| tj#tjfvr| "| dqtd| | WdWS1swYWdStygYSw)a Detect all potential platforms that the current environment may be running on. Swallows all exceptions and returns an empty list if any exception occurs to not affect main driver functionality. Args: platform_detection_timeout_seconds: Timeout value for platform detection requests. Defaults to 0.2 seconds if None is provided. session_manager: SessionManager instance for making HTTP requests. If None, a new instance will be created. Returns: list[str]: List of detected platform names. Platforms that timed out (either HTTP timeout or thread timeout) will have "_timeout" suffix appended to their name. Returns _PLATFORM_DETECTION_DISABLED_RESULT if the ENV_VAR_DISABLE_PLATFORM_DETECTION environment variable is set to a value in ENV_VAR_BOOL_POSITIVE_VALUES_LOWERCASED (case-insensitive). Returns empty list if any exception occurs during detection. z7Platform detection disabled via %s environment variableNg?zONo session manager provided. HTTP settings may not be preserved. Using default.Fr) use_pooling max_retriesg?r )r@ruis_gce_cloud_run_serviceis_gce_cloud_run_jobrg) max_workers)r:r[rgr~rrr_timeoutz4Platform detection completed. Detected platforms: %s)$r>r?rdr lowerr r1r2#_PLATFORM_DETECTION_DISABLED_RESULTr get_managerrr@rurrrrsubmitr:r[rgr~rrrresultFutureTimeoutErrorFutureCancelledErrorr r,r7r*r)appendr+) r.r\http_timeout_epsilon http_timeoutthreads_timeout platformsexecutorfutureskeyfuturedetected_platforms platform_namedetection_staterrrdetect_platformss   *  ( Er)r.r/)rBrCrDrE)r.r/r\r)rv)r\rrF)r.rr\rrDr)9 __future__rrr>rGconcurrent.futuresrrrrconcurrent.futures.threadr contextlibrenumr functoolsr constantsr r optionsr r rrUrWutilsr3r\rrvendored.requestsrrrr%r1rrr rr:r@rOr[rgrur{r}r~rrrrrrrrrrsR          %   #" &  !! !