contrain milc version

qrkourier · qrkourier · commit 6bb36766f6b0 · 2025-11-13T16:34:16.000-05:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -85,7 +85,7 @@ jobs:
           general.network=$(nfctl demo --echo-name --prefix 'gh-${{ github.run_id }}') \
           general.yes=True \
           general.verbose=yes || true # FIXME: sometimes config command exits with an error
-        nfctl demo \
+        nfctl --wait 3000 demo \
           --size medium \
           --regions us-west-2 us-east-1 \
           --provider AWS
diff --git a/netfoundry/ctl.py b/netfoundry/ctl.py
@@ -44,7 +44,7 @@
 
 # import milc cli
 from milc import cli, questions  # noqa: E402
-# set milc options using new API
+# set milc options (requires milc >= 1.8.0)
 cli.milc_options(name='nfctl', author='NetFoundry', version=f'v{netfoundry_version}')
 # this creates the config subcommand
 from milc.subcommand import config  # noqa: F401,E402
@@ -994,7 +994,7 @@ def demo(cli):
     spinner.text = f"Waiting for {len(hosted_edge_routers)} hosted router(s) to provision"
     with spinner:
         for router in hosted_edge_routers:
-            network.wait_for_statuses(expected_statuses=RESOURCES["edge-routers"].status_symbols["complete"], id=router['id'], type="edge-router", wait=2222, progress=False)
+            network.wait_for_statuses(expected_statuses=RESOURCES["edge-routers"].status_symbols["complete"], id=router['id'], type="edge-router", wait=cli.config.general.wait, progress=False)
             # ensure the router tunneler is available
             # network.wait_for_entity_name_exists(entity_name=router['name'], entity_type='endpoint')
             # router_tunneler = network.find_resources(type='endpoint', name=router['name'])[0]
@@ -1105,8 +1105,9 @@ def demo(cli):
             customer_router = network.edge_routers(name=customer_router_name)[0]
             spinner.succeed(sub("Finding", "Found", spinner.text))
 
-    spinner.text = f"Waiting for customer router {customer_router_name} to be ready for registration"
-    # wait for customer router to be PROVISIONED so that registration will be available
+    spinner.text = f"Getting registration key for customer router {customer_router_name}"
+    # Customer routers don't auto-provision - registration key is available immediately at status NEW
+    # The router will only reach PROVISIONED status after manual registration and connection
     with spinner:
         try:
             network.wait_for_statuses(expected_statuses=RESOURCES["edge-routers"].status_symbols["complete"], id=customer_router['id'], type="edge-router", wait=222, progress=False)
diff --git a/netfoundry/organization.py b/netfoundry/organization.py
@@ -159,6 +159,13 @@ def __init__(self,
                 self.expiry_seconds = round(self.expiry - epoch)
                 self.audience = token_cache['audience']
 
+                # Check if cached token is expired
+                if self.expiry_seconds < 0:
+                    self.logger.debug(f"cached token is expired ({self.expiry_seconds}s ago), forcing renewal")
+                    self.token = None
+                    self.expiry = None
+                    self.audience = None
+
         # if the token was found but not the expiry then try to parse to extract the expiry so we can enforce minimum lifespan seconds
         if self.token and not self.expiry:
             try:
@@ -280,14 +287,16 @@ def __init__(self,
                 self.expiry_seconds = round(self.expiry - epoch)
                 self.logger.debug(f"bearer token expiry in {self.expiry_seconds}s")
 
-        # renew token if not existing or imminent expiry, else continue
-        if not self.token or self.expiry_seconds < expiry_minimum:
+        # renew token if not existing, expired, or imminent expiry, else continue
+        if not self.token or self.expiry_seconds < 0 or self.expiry_seconds < expiry_minimum:
             # we've already done the work to determine the cached token is expired or imminently-expiring, might as well save other runs the same trouble
             self.logout()
             self.expiry = None
             self.audience = None
             if self.token and self.expiry_seconds < expiry_minimum:
                 self.logger.debug(f"token expiry {self.expiry_seconds}s is less than configured minimum {expiry_minimum}s")
+            if self.expiry_seconds < 0:
+                self.logger.debug(f"token is expired ({abs(self.expiry_seconds)}s ago), forcing renewal")
             if not credentials_configured:
                 raise NFAPINoCredentials("unable to renew because credentials are not configured")
             else:
@@ -430,7 +439,7 @@ def get_caller_identity(self):
             except Exception as e:
                 self.logger.debug(f"failed to get caller identity from url: '{url}', trying next until last, caught {e}")
             else:
-                return(caller)
+                return caller
         raise RuntimeError("failed to get caller identity from any url")
 
     def get_identity(self, identity_id: str):
@@ -444,7 +453,7 @@ def get_identity(self, identity_id: str):
         except Exception as e:
             raise RuntimeError(f"failed to get identity from url: '{url}', caught {e}")
         else:
-            return(identity)
+            return identity
 
     def find_identities(self, type: str = 'identities', **kwargs):
         """Get identities as a collection.
@@ -473,7 +482,7 @@ def find_identities(self, type: str = 'identities', **kwargs):
         except Exception as e:
             raise RuntimeError(f"failed to get identities from url: '{url}', caught {e}")
         else:
-            return(identities)
+            return identities
     get_identities = find_identities
 
     def find_roles(self, **kwargs):
@@ -503,7 +512,7 @@ def find_roles(self, **kwargs):
         except Exception as e:
             raise RuntimeError(f"failed to get roles from url: '{url}', caught {e}")
         else:
-            return(roles)
+            return roles
 
     def get_role(self, role_id: str):
         """Get roles as a collection."""
@@ -514,7 +523,7 @@ def get_role(self, role_id: str):
         except Exception as e:
             raise RuntimeError(f"failed to get role from url: '{url}', caught {e}")
         else:
-            return(role)
+            return role
 
     def find_organizations(self, **kwargs):
         """Find organizations as a collection.
@@ -536,7 +545,7 @@ def find_organizations(self, **kwargs):
         except Exception as e:
             raise RuntimeError(f"failed to get organizations from url: '{url}', caught {e}")
         else:
-            return(organizations)
+            return organizations
     get_organizations = find_organizations
 
     def get_organization(self, id):
@@ -551,7 +560,7 @@ def get_organization(self, id):
         except Exception as e:
             raise RuntimeError(f"failed to get organization from url: '{url}', caught {e}")
         else:
-            return(organization)
+            return organization
 
     def get_network_group(self, network_group_id):
         """
@@ -565,7 +574,7 @@ def get_network_group(self, network_group_id):
         except Exception as e:
             raise RuntimeError(f"failed to get network_group from url: '{url}', caught {e}")
         else:
-            return(network_group)
+            return network_group
 
     def get_network(self, network_id: str, embed: object = None, accept: str = None):
         """Describe a Network by ID.
@@ -593,7 +602,7 @@ def get_network(self, network_id: str, embed: object = None, accept: str = None)
 
         url = self.audience+'core/v2/networks/'+network_id
         network, status_symbol = get_generic_resource_by_url(setup=self, url=url, accept=accept, **params)
-        return(network)
+        return network
 
     def find_network_groups_by_organization(self, **kwargs):
         """Find network groups as a collection.
@@ -604,7 +613,7 @@ def find_network_groups_by_organization(self, **kwargs):
         network_groups = list()
         for i in find_generic_resources(setup=self, url=url, embedded=RESOURCES['network-groups']._embedded, **kwargs):
             network_groups.extend(i)
-        return(network_groups)
+        return network_groups
     get_network_groups_by_organization = find_network_groups_by_organization
     network_groups = get_network_groups_by_organization
 
@@ -631,7 +640,7 @@ def find_networks_by_organization(self, name: str = None, deleted: bool = False,
         except Exception as e:
             raise RuntimeError(f"failed to get networks from url: '{url}', caught {e}")
         else:
-            return(networks)
+            return networks
     get_networks_by_organization = find_networks_by_organization
 
     def network_exists(self, name: str, deleted: bool = False):
@@ -641,9 +650,9 @@ def network_exists(self, name: str, deleted: bool = False):
         :param deleted: include deleted networks in results
         """
         if self.count_networks_with_name(name=name, deleted=deleted) > 0:
-            return(True)
+            return True
         else:
-            return(False)
+            return False
 
     def count_networks_with_name(self, name: str, deleted: bool = False, unique: bool = True):
         """
@@ -686,5 +695,5 @@ def find_networks_by_group(self, network_group_id: str, deleted: bool = False, a
         except Exception as e:
             raise RuntimeError(f"failed to get networks from url: '{url}', caught {e}")
         else:
-            return(networks)
+            return networks
     get_networks_by_group = find_networks_by_group
diff --git a/netfoundry/utility.py b/netfoundry/utility.py
@@ -43,15 +43,15 @@ def plural(singular):
     # if already plural then return, else pluralize
     p = inflect.engine()
     if singular[-1:] == 's':
-        return(singular)
+        return singular
     else:
-        return(p.plural_noun(singular))
+        return p.plural_noun(singular)
 
 
 def singular(plural):
     """Singularize a plural form."""
     p = inflect.engine()
-    return(p.singular_noun(plural))
+    return p.singular_noun(plural)
 
 
 def kebab2camel(kebab: str, case: str = "lower"):          # "lower" dromedary or "upper" Pascal
@@ -485,12 +485,12 @@ def find_generic_resources(setup: object, url: str, headers: dict = dict(), embe
     )
     response.raise_for_status()
     resource_page = response.json()
-    
+
     # Handle non-paginated endpoints that return direct lists
     if isinstance(resource_page, list):
         yield resource_page
         return
-    
+
     if isinstance(resource_page, dict) and resource_page.get('page'):
         try:
             total_pages = resource_page['page']['totalPages']
@@ -623,9 +623,7 @@ class ResourceType(ResourceTypeParent):
     embeddable: bool                                        # legal to request embedding in a parent resource in same domain
     parent: str = field(default=str())                      # optional parent ResourceType instance name
     status: str = field(default='status')                   # name of property where symbolic status is expressed
-    _embedded: str = field(default='default')               # the key under which lists are found in the API
-                                                            #  e.g. networkControllerList (computed if not provided as dromedary
-                                                            #  case singular)
+    _embedded: str = field(default='default')               # the key under which lists are found in the API e.g. networkControllerList (computed if not provided as dromedary case singular)
     create_responses: list = field(default_factory=list)    # expected HTTP response codes for create operation
     no_update_props: list = field(default_factory=list)     # expected HTTP response codes for create operation
     create_template: dict = field(default_factory=lambda: {
@@ -932,7 +930,14 @@ def send(self, request, **kwargs):
 
 http = Session()   # no cache
 HTTP_CACHE_EXPIRE = 33
-http_cache = CachedSession(cache_name=f"{get_user_cache_dir()}/http_cache", backend='sqlite', expire_after=HTTP_CACHE_EXPIRE)
+http_cache = CachedSession(
+    cache_name=f"{get_user_cache_dir()}/http_cache_tz",
+    backend='sqlite',
+    expire_after=HTTP_CACHE_EXPIRE,
+    allowable_codes=(200, 203, 300, 301, 308),
+    timeout=DEFAULT_TIMEOUT,
+    stale_if_error=True
+)
 # Mount it for both http and https usage
 adapter = TimeoutHTTPAdapter(timeout=DEFAULT_TIMEOUT, max_retries=RETRY_STRATEGY)
 http.mount("https://", adapter)
diff --git a/setup.cfg b/setup.cfg
@@ -24,7 +24,7 @@ include_package_data = True
 packages = find:
 install_requires =
     inflect >= 5.3
-    milc >= 1.6.6
+    milc >= 1.8.0
     packaging >= 20.9
     platformdirs >= 2.4
     pygments >= 2.11
