mirror of
https://github.com/azaion/gps-denied-onboard.git
synced 2026-06-21 10:31:13 +00:00
Oleksandr Bezdieniezhnykh
811b04e605
Adapt C11 HttpTileDownloader to the AZ-505 v1.0.0 tile-inventory
contract (POST /api/satellite/tiles/inventory + GET /tiles/{z}/{x}/{y})
and wire the Jetson e2e harness against the real parent-suite
satellite-provider service. Closes Phase 1 of 5 for AZ-777; STOP
gate before Phase 2 (Derkachi catalog seed).
C11 changes:
- _LIST_PATH / _GET_PATH replaced with _INVENTORY_PATH + _TILES_PATH.
- _do_enumerate enumerates bbox tile coords client-side and posts
chunked inventory requests (5000-entry cap per the contract).
- _download_one_tile parses tile_id_str into (z,x,y) and fetches
the slippy-map URL.
- Common GET / POST retry+auth ladder consolidated into _send_request.
- New module helpers: _enumerate_bbox_tile_coords,
_tile_center_latlon, _tile_size_meters_at, _format_tile_id_str,
_parse_tile_id_str, _chunk_iter.
- _DEFAULT_ESTIMATED_TILE_BYTES (50 KiB) replaces the inventory-side
estimatedBytes field the v1.0.0 contract dropped.
Tests:
- 14/14 unit tests in tests/unit/c11_tile_manager/test_tile_downloader.py
rewritten for the new POST inventory + slippy-map GET handler.
_StubTileWriter rekeyed by call-index (the downloader now derives
lat/lon from the slippy-map coord, so fixtures can't fabricate
arbitrary positions).
- New Tier-2 smoke at tests/e2e/satellite_provider/test_smoke.py:
validates inventory POST schema + drives HttpTileDownloader against
the real service. Gated by RUN_REPLAY_E2E=1 + tier2.
Compose / env:
- e2e-runner SATELLITE_PROVIDER_URL switched from mock-sat:5100 to
https://satellite-provider:8080; TLS_INSECURE + Bearer JWT env +
depends_on satellite-provider added.
- .env.test.example documents SATELLITE_PROVIDER_API_KEY + dev TLS
bypass security note.
- scripts/mint_dev_jwt.py mints HS256 dev JWTs from env / .env.test.
- pyjwt added to dev extras.
Tracker hygiene:
- AZ-777 row in _dependencies_table.md bumped 5pt -> 8pt to match
the 2026-05-21 override decision log.
Code review: PASS_WITH_WARNINGS (3 medium/low findings, all deferred
to later AZ-777 phases) -- see batch_104_review.md. Batch report at
batch_104_cycle3_report.md.
Co-authored-by: Cursor <cursoragent@cursor.com>
217 lines
8.9 KiB
TOML
217 lines
8.9 KiB
TOML
[build-system]
|
|
requires = ["setuptools>=68", "wheel"]
|
|
build-backend = "setuptools.build_meta"
|
|
|
|
[project]
|
|
name = "gps-denied-onboard"
|
|
version = "0.1.0"
|
|
description = "Companion onboard system for GPS-denied UAV navigation"
|
|
readme = "README.md"
|
|
requires-python = ">=3.10,<3.12"
|
|
license = {text = "Proprietary"}
|
|
authors = [{name = "AZAION onboard team"}]
|
|
|
|
dependencies = [
|
|
"numpy>=1.26,<2.0",
|
|
"scipy>=1.11,<2.0",
|
|
"pyyaml>=6.0",
|
|
"pydantic>=2.5,<3.0",
|
|
# OpenCV pin gate originally enforced >= 4.12.0 (D-CROSS-CVE-1). Held to
|
|
# 4.11.x while gtsam (4.2 on PyPI) only ships numpy-1.x wheels and
|
|
# opencv-python>=4.12 mandates numpy>=2. See
|
|
# _docs/_process_leftovers/<dated>_d_cross_cve_1_deferred.md — the gate
|
|
# will be restored to >=4.12.0 once a numpy-2-compatible gtsam wheel is
|
|
# available.
|
|
"opencv-python>=4.11.0.86,<4.12",
|
|
"psycopg[binary]>=3.1",
|
|
# AZ-305 / E-C6: `PostgresFilesystemStore` uses ConnectionPool to amortise
|
|
# pool startup across the read-heavy `read_tile_pixels` path. Pinned to the
|
|
# 3.x line in lockstep with `psycopg` itself.
|
|
"psycopg-pool>=3.2,<4.0",
|
|
"sqlalchemy>=2.0",
|
|
"alembic>=1.13",
|
|
"pymavlink>=2.4",
|
|
# iNav MSP2 wire decoder for C8 inbound (AZ-391). MSPy is request-response
|
|
# on a serial transport; AP uses pymavlink for the same role.
|
|
"yamspy>=0.3.3,<0.4",
|
|
"pyserial>=3.5",
|
|
"requests>=2.31",
|
|
"structlog>=24.1",
|
|
"click>=8.1",
|
|
# SE(3) math backend for helpers.se3_utils + C1/C2.5/C3/C3.5/C4/C5/C8 consumers (AZ-264 / AZ-277).
|
|
"gtsam>=4.2,<5.0",
|
|
# Atomic-rename backend for helpers.sha256_sidecar (D-C10-3, AZ-280).
|
|
"atomicwrites>=1.4,<2.0",
|
|
# WGS84 geodesy backend for helpers.wgs_converter (AZ-264 / AZ-279).
|
|
"pyproj>=3.6,<4.0",
|
|
# FDR wire format for fdr_client.records (E-CC-FDR-CLIENT / AZ-272).
|
|
"orjson>=3.9,<4.0",
|
|
# HTTPS client for C12 FlightsApiClient (AZ-489 / ADR-010). Picked over
|
|
# `requests` because httpx ships `MockTransport` natively, so the
|
|
# FlightsApi unit tests need no extra HTTP-mocking dep.
|
|
"httpx>=0.28,<1.0",
|
|
# AZ-307 / E-C6: FreshnessGate uses an in-memory R-tree to look up
|
|
# the sector classification for a (lat, lon) at every write_tile
|
|
# call. `rtree` is the libspatialindex Python wrapper — small,
|
|
# stable, sub-microsecond point-in-rect queries at the few-hundred-
|
|
# sector scale operators ship per flight (NFR p99 ≤ 100 µs).
|
|
"rtree>=1.0,<2.0",
|
|
# Ed25519 keypair generation + detached signing for AZ-323 C10
|
|
# ManifestBuilder + AZ-318 C11 per-flight signing key. Pinned here
|
|
# because AZ-323 is the first concrete consumer; AZ-318 inherits
|
|
# the pin when it lands. Major-version bound (<46) follows the
|
|
# standard "two majors of compatibility" pattern other deps in
|
|
# this file use.
|
|
"cryptography>=43.0,<46.0",
|
|
# AZ-306 / E-C6: production-default `DescriptorIndex` strategy.
|
|
# `FaissDescriptorIndex` builds `IndexHNSWFlat` + `IndexIDMap2`,
|
|
# serialises via `faiss.write_index`, and mmap-loads via
|
|
# `faiss.read_index(..., IO_FLAG_MMAP | IO_FLAG_READ_ONLY)`.
|
|
# Promoted from the legacy `[indexing]` extras to main deps because
|
|
# the production airborne binary ALWAYS needs the descriptor index
|
|
# (no "Tier-0 dev runtime can ship without faiss" path remains).
|
|
# Major-version bound (<2.0) follows the same pattern as other
|
|
# third-party deps in this file. Research fact #92 + arch tech-stack
|
|
# both pin upstream FAISS via this PyPI distribution.
|
|
"faiss-cpu>=1.7,<2.0",
|
|
# AZ-325 / E-C10: `CacheProvisioner` acquires a fcntl-based file
|
|
# lock at `cache_root/.c10.lock` to enforce CP-INV-4 (concurrent
|
|
# `build_cache_artifacts` invocations are mutually exclusive on the
|
|
# same cache root). `filelock` provides the cross-platform
|
|
# acquisition primitive with timeout + auto-release on process
|
|
# exit. Major-version bound (<4) follows the same pattern as other
|
|
# third-party deps in this file.
|
|
"filelock>=3.13,<4.0",
|
|
# AZ-327 / E-C12: `CompanionBringup` opens an SSH session against the
|
|
# operator-side companion to verify pre-flight artifacts. Shell-out
|
|
# to `ssh ...` is forbidden by the spec (security + reliability), so
|
|
# paramiko is the only allowed transport. Major-version bound (<4)
|
|
# follows the same pattern as other third-party deps in this file;
|
|
# the `MissingHostKeyPolicy` subclass surface (RejectPolicy /
|
|
# AutoAddPolicy) is stable across paramiko 3.x.
|
|
"paramiko>=3.4,<4.0",
|
|
]
|
|
|
|
[project.optional-dependencies]
|
|
dev = [
|
|
"pytest>=7.4",
|
|
"pytest-cov>=4.1",
|
|
"pytest-asyncio>=0.23",
|
|
"ruff>=0.4",
|
|
"mypy>=1.8",
|
|
"types-PyYAML",
|
|
"types-requests",
|
|
# AZ-777: mint Bearer JWTs for the satellite-provider Jetson e2e smoke
|
|
# test. Test-only because the production C11 path receives a token
|
|
# minted by the admin API (AZ-690) — never mints its own.
|
|
"pyjwt>=2.8,<3.0",
|
|
# AZ-406 (blackbox harness internals): the mock-suite-sat-service unit
|
|
# test exercises a FastAPI app via fastapi.testclient.TestClient. The
|
|
# production runtime of the mock lives inside its own Docker image so
|
|
# the SUT does not depend on FastAPI; this is a test-only dep.
|
|
"fastapi>=0.111,<0.120",
|
|
# AZ-407 (blackbox tile-cache + age-injector + cve-jpeg fixtures): the
|
|
# tile-cache-builder re-encodes paired _gmaps.png references into
|
|
# deterministic JPEG bodies and emits stub tiles via PIL. The
|
|
# production builder runs inside its own Docker image (which installs
|
|
# Pillow itself); this Pillow pin is only the test-time dep used by
|
|
# `e2e/_unit_tests/fixtures/test_tile_cache_builder.py`. Pin range
|
|
# tracks the Pillow that torchvision (project's inference extra)
|
|
# already accepts — currently 11.x / 12.x.
|
|
"Pillow>=10.4,<13.0",
|
|
]
|
|
inference = [
|
|
"torch>=2.2",
|
|
"torchvision>=0.17",
|
|
"onnxruntime>=1.17",
|
|
# tensorrt is installed out-of-band on Jetson — not a pip dep
|
|
]
|
|
# AZ-302: thermal telemetry backends used by C7's ThermalStatePublisher.
|
|
# Both are Jetson / NVIDIA-host-only and not import-required for Tier-1;
|
|
# the publisher selects whichever is importable at start() time and
|
|
# raises TelemetryUnavailableError if neither is present.
|
|
telemetry = [
|
|
"jetson-stats>=4.2",
|
|
"pynvml>=11.5",
|
|
]
|
|
# AZ-700 / AZ-701: operator-side post-flight analysis tools. NOT
|
|
# installed on the airborne binary (folium + FastAPI + uvicorn add
|
|
# ~30 MB of deps + Leaflet assets that regress the cold-start NFR
|
|
# if pulled into the runtime image). Activate with
|
|
# `pip install gps-denied-onboard[operator-tools]` on a developer
|
|
# / analyst workstation, or build the `docker/replay-api.Dockerfile`
|
|
# image which installs this extra by default.
|
|
operator-tools = [
|
|
"folium>=0.16,<1.0",
|
|
"fastapi>=0.111,<0.120",
|
|
"uvicorn>=0.30,<1.0",
|
|
"python-multipart>=0.0.9,<1.0",
|
|
]
|
|
|
|
[project.scripts]
|
|
gps-denied-replay = "gps_denied_onboard.cli.replay:main"
|
|
gps-denied-render-map = "gps_denied_onboard.cli.render_map:main"
|
|
replay-api = "gps_denied_onboard.cli.replay_api_entrypoint:main"
|
|
operator-orchestrator = "gps_denied_onboard.components.c12_operator_orchestrator.cli:main"
|
|
|
|
[tool.setuptools]
|
|
package-dir = {"" = "src"}
|
|
|
|
[tool.setuptools.packages.find]
|
|
where = ["src"]
|
|
include = ["gps_denied_onboard*"]
|
|
|
|
[tool.pytest.ini_options]
|
|
minversion = "7.0"
|
|
# `tests` is the in-process unit / integration / contract / perf test tree
|
|
# owned by per-component module-layout entries. `e2e/_unit_tests` is the
|
|
# OUT-OF-CONTAINER unit tree owned by the `blackbox_tests` cross-cutting
|
|
# entry — exercises the harness internals (CSV reporter, helpers, parsers,
|
|
# mock app, conftest skip rules) without Docker / SITL. The Docker-bound
|
|
# blackbox tree at `e2e/tests/` is intentionally NOT in testpaths: it runs
|
|
# inside the e2e-runner image via its own pytest.ini.
|
|
testpaths = ["tests", "e2e/_unit_tests"]
|
|
pythonpath = ["src", "e2e"]
|
|
# log_schema.py is the contract-mandated file name (AZ-245 AC-4); kept
|
|
# in python_files so the contract test is discovered alongside the
|
|
# standard `test_*.py` pattern.
|
|
python_files = ["test_*.py", "*_test.py", "log_schema.py"]
|
|
addopts = [
|
|
"--strict-markers",
|
|
"-ra",
|
|
]
|
|
markers = [
|
|
"tier2: tests that require Jetson hardware (auto-skipped on Tier-1)",
|
|
"gpu: tests that require an NVIDIA GPU",
|
|
"docker: tests that require Docker compose services",
|
|
"ardupilot_sitl: tests that require ArduPilot SITL container",
|
|
"slow: tests slower than ~5s",
|
|
"contract: contract-suite test (frozen public surfaces)",
|
|
]
|
|
|
|
[tool.coverage.run]
|
|
source = ["src/gps_denied_onboard"]
|
|
branch = true
|
|
|
|
[tool.coverage.report]
|
|
show_missing = true
|
|
skip_covered = false
|
|
|
|
[tool.ruff]
|
|
line-length = 100
|
|
target-version = "py310"
|
|
src = ["src", "tests"]
|
|
|
|
[tool.ruff.lint]
|
|
select = ["E", "F", "W", "I", "B", "UP", "RUF"]
|
|
ignore = ["E501"]
|
|
|
|
[tool.mypy]
|
|
python_version = "3.10"
|
|
strict = true
|
|
warn_unused_ignores = true
|
|
warn_return_any = true
|
|
ignore_missing_imports = true
|
|
mypy_path = "src"
|
|
packages = ["gps_denied_onboard"]
|