Skip to content

feat(config): add standalone and O11y deployment authentication#80

Open
pradystar wants to merge 1 commit into
mainfrom
feat/HYBIM-734-sdk-auth-config
Open

feat(config): add standalone and O11y deployment authentication#80
pradystar wants to merge 1 commit into
mainfrom
feat/HYBIM-734-sdk-auth-config

Conversation

@pradystar

Copy link
Copy Markdown
Collaborator

Summary

Add configuration detection for standalone and O11y deployments. This establishes the configuration and authentication foundation needed for the SDK's OTLP transition while preserving the existing standalone authentication flow.

Why

The SDK must select the correct endpoints and authentication mechanism without requiring users to set an explicit deployment-mode option. Standalone customers continue using their existing configuration, while O11y customers configure a realm and Splunk access token and do not perform the standalone JWT exchange.

What changed

  • Detect standalone or O11y deployment from the configured environment variables and reject ambiguous or incomplete configuration with actionable errors.
  • Add deployment-specific configuration models that derive CRUD, console, and OTLP endpoints from a realm or standalone console/API URL.
  • Add an O11y API client that authenticates CRUD requests with X-SF-Token and consistently applies the /v2/ao prefix to synchronous, asynchronous, and streaming requests.
  • Prefer SPLUNK_AO_SF_API_TOKEN for CRUD when provided and otherwise use SPLUNK_AO_SF_TOKEN.
  • Bypass standalone JWT creation and refresh for O11y while retaining the existing standalone validation and client behavior.
  • Export the new configuration exceptions from the public package API.
  • Declare httpx as a direct dependency because it is imported by the SDK.
  • Add unit coverage for deployment detection, endpoint derivation, validation failures, token selection, path prefixing, and standalone compatibility.

Configuration

Deployment Required Optional
O11y SPLUNK_AO_REALM, SPLUNK_AO_SF_TOKEN SPLUNK_AO_SF_API_TOKEN
Standalone SPLUNK_AO_API_KEY, SPLUNK_AO_CONSOLE_URL SPLUNK_AO_API_URL

Testing

HOME=/private/tmp/splunk-ao-pr1-test-home poetry run pytest -q — 125 passed; Ruff lint and format checks, mypy, and git diff --check also passed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant