Skip to content

auths-dev/example-python-sdk-enterprise

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.auths
.auths
 
 
.github/workflows
.github/workflows
 
 
agent
agent
 
 
app
app
 
 
tests
tests
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

Python SDK Enterprise Integration

This example demonstrates how to integrate Auths verification into a Python web service using FastAPI. It includes commit and artifact verification endpoints, agent identity workflows, and a pytest test suite.

Quick Start

# 1. Install dependencies
pip install -e ".[dev]"

# 2. Run the verification service
uvicorn app.main:app --reload

# 3. Test a verification request
curl -X POST http://localhost:8000/api/v1/verify-commit \
  -H "Content-Type: application/json" \
  -d '{"repo_path": ".", "commit_range": "HEAD~1..HEAD"}'

What's Included

Path Purpose
app/main.py FastAPI application with versioned API
app/routes/verify.py POST /api/v1/verify-commit and POST /api/v1/verify-artifact
app/routes/health.py GET /health with SDK version info
app/services/commit_verifier.py Wrapper around auths.git.verify_commit_range()
app/services/artifact_verifier.py Wrapper around Auths artifact verification
app/models.py Pydantic request/response models
agent/deploy_agent.py CI agent: sign artifacts during deployment
agent/audit_agent.py Audit agent: verify all commits in repo history
tests/ pytest suite with mock fixtures

Architecture

graph LR
    A[Client] -->|POST /api/v1/verify-commit| B[FastAPI App]
    A -->|POST /api/v1/verify-artifact| B
    B --> C[CommitVerifier]
    B --> D[ArtifactVerifier]
    C -->|auths.git.verify_commit_range| E[Auths SDK]
    D -->|auths.Auths.verify| E
    E --> F[allowed_signers / identity bundles]
Loading

Prerequisites

  • Python 3.11+
  • Auths CLI (brew install auths-dev/auths-cli/auths)
  • Docker (optional, for containerized deployment)

API Documentation

Start the server and visit http://localhost:8000/docs for interactive Swagger documentation.

Endpoints

Method Path Description
POST /api/v1/verify-commit Verify commit signatures in a git repository
POST /api/v1/verify-artifact Verify an artifact signature
GET /health Service health check

Running Tests

pytest -v

Docker

docker compose up --build
# Service available at http://localhost:8000

Agent Identity

The agent/ directory demonstrates how to use Auths agent identities in CI/CD pipelines:

  • deploy_agent.py — Sign artifacts during deployment using an agent identity
  • audit_agent.py — Batch-verify all commits in a repository

See the Auths Agent Documentation for more details.

About

Auths example: python-sdk-enterprise

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages