Some checks failed
CI / build (push) Failing after 3s
PHASE 2.3 (AUDIT-2026-Q3.md):
Task 1 — Wire-in Wave 3 (1 router mounted, 2 deferred):
- app.routers.unified_scanner_router mounted at /api/v2/scanner/* (2 routes:
POST /api/v2/scanner/token/scan, POST /api/v2/scanner/wallet/scan).
Refactored prefix from /api/v2 -> /api/v2/scanner to avoid future conflicts
with the v1 /api/v1/scanner/ stub.
- app.routers.unified_wallet_scanner DEFERRED (no router APIRouter attribute;
library module consumed by unified_scanner_router via get_wallet_scanner()).
- app.routers.admin_extensions DEFERRED (DORMANT per audit; 25 routes at
/api/v1/admin/* would shadow /api/v1/admin/alerts_webhook).
Task 2 — Archive 136 dead-code files to app/_archive/legacy_2026_07/:
- 73 routers in app/routers/ (reach graph showed zero reach into mount.py).
- 63 flat app/*.py (domain modules never imported by live code).
- 1 file RESTORED post-archive: app/routers/x402_bridge_health.py (caught by
tests/unit/test_bridge_health.py which directly imports it; reach graph
considered tests/ only as transitive reach — to be patched in next cycle).
Forced-LIVE (NOT archived per user directive):
- app/ai_pipeline_v3.py (3 importers in audit window, importers themselves DEAD)
- app/splade_bm25.py (LIVE via app.rag_service)
- app/wallet_manager_v2.py (LIVE via x402_enforcement, x402_tools, sweep_all, sweep_now)
- app/crypto_embeddings.py (NOT in audit ARCHIVE list; heavy import graph)
Verification (forward-import closure from mount.py + main.py + factory.py + lifespan.py):
- imports = 348 app.* modules
- reached = 194 files reachable from roots
- archive set = audit_dead (186) - reached - forced_live (4) - test_live (1) = 136
- Net delta: 136 files moved, 44,932 LOC reduction, 293->295 active routes (+2 from Wave 3)
pyproject.toml updates:
- setuptools.packages.find: added exclude for app._archive*
- ruff.extend-exclude: added "app/_archive/"
- mypy.exclude: added "app/_archive/"
Smoke test: pytest tests/ — 817 passed, 3 pre-existing failures unchanged
(0 new failures; 0 routes lost; all 4 forced-LIVE files still importable).
Restoration: git mv app/_archive/legacy_2026_07/<name>.py <original-path>
and add the import to app/mount.py ROUTER_MODULES.
Refs: AUDIT-2026-Q3.md /home/dev/pry/rmi-final-deadcode-2026-07-06.md
64 lines
1.9 KiB
Python
64 lines
1.9 KiB
Python
"""
|
|
Universal API key loader with cascading fallbacks.
|
|
Resolves Docker env-loading issues by checking multiple sources.
|
|
Pattern: env var → /tmp/{name}_key.txt → /root/.secrets/sentinel_enrichment_keys.env → None
|
|
"""
|
|
|
|
import os
|
|
|
|
|
|
def load_key(name: str) -> str:
|
|
"""Load an API key with multiple fallback sources.
|
|
|
|
Checks in order:
|
|
1. Environment variable (os.getenv)
|
|
2. File-based fallback at /tmp/{name}_key.txt (Docker workaround)
|
|
3. Secrets file at /root/.secrets/sentinel_enrichment_keys.env
|
|
|
|
Returns empty string if not found.
|
|
"""
|
|
# 1. Environment variable
|
|
key = os.getenv(name, "")
|
|
if key:
|
|
return key
|
|
|
|
# 2. File-based fallback (works around Docker env sanitization)
|
|
file_path = f"/tmp/{name.lower().replace('_api_key', '')}_key.txt"
|
|
try:
|
|
if os.path.exists(file_path):
|
|
with open(file_path) as f:
|
|
key = f.read().strip()
|
|
if key:
|
|
return key
|
|
except Exception:
|
|
pass
|
|
|
|
# 3. Central secrets file
|
|
secrets_path = "/root/.secrets/sentinel_enrichment_keys.env"
|
|
try:
|
|
if os.path.exists(secrets_path):
|
|
with open(secrets_path) as f:
|
|
for line in f:
|
|
if line.startswith(f"{name}="):
|
|
key = line.split("=", 1)[1].split("#")[0].strip()
|
|
if key:
|
|
return key
|
|
except Exception:
|
|
pass
|
|
|
|
return ""
|
|
|
|
|
|
# Enrichment key service name → env var mapping
|
|
SERVICE_KEYS = {
|
|
"nansen": "NANSEN_API_KEY",
|
|
"chainaware": "CHAIN_AWARE_API_KEY",
|
|
"dune": "DUNE_API_KEY",
|
|
"santiment": "SANTIMENT_API_KEY",
|
|
"thegraph": "THEGRAPH_API_KEY",
|
|
"defi": "DEFI_API_KEY",
|
|
"webacy": "WEBACY_API_KEY",
|
|
"lunarcrush": "LUNARCRUSH_API_KEY",
|
|
"arkham": "ARKHAM_API_KEY",
|
|
"blowfish": "BLOWFISH_API_KEY",
|
|
}
|