Official Python SDK for the Velerian governed-run + evidence APIs.
Project description
Velerian Python SDK
Official Python client for the Velerian governed-run + evidence APIs. A
thin, fully typed wrapper over httpx that
bakes in the three things every integration re-implements:
- Auth — your API key is attached as a Bearer token on every request.
- Pagination — generators walk the API's
limit/offsetpages for you. - Error handling — HTTP 4xx/5xx map to typed exceptions, with first-class
429/Retry-Afterhandling and optional automatic backoff.
The SDK is generated from the checked-in OpenAPI contract (
docs/api/openapi.json) — see Versioning andscripts/gen_sdks.py. The Python client is hand-written (not codegen) because the contract uses FastAPI's module-namespaced model names, which most Python OpenAPI generators reject as "duplicate models"; a small typed client is more robust and has no codegen-version churn.
Install
From this repo (until published to a registry — see Publishing):
pip install ./sdks/python
# or, for development:
pip install -e ./sdks/python
Requires Python 3.10+. The only runtime dependency is httpx.
Authenticate
The platform issues tenant-scoped API keys of the form vk_live_...
(VPLAT-529 / ADR-025). A tenant admin (or owner) mints one via
POST /api/v2/api-keys from an interactive session — the full secret is
returned exactly once at mint (only its SHA-256 hash is stored). Keys
carry scopes (runs:read, runs:write, evidence:read, audit:read,
plus coarse read/write) and act with the minting user's current role.
Revoke any time with DELETE /api/v2/api-keys/{id}.
Mint a key and pass it to the client. Read the key from the environment — never hard-code it.
import os
from velerian_sdk import VelerianClient
client = VelerianClient(
api_key=os.environ["VELERIAN_API_KEY"], # vk_live_...
base_url=os.environ.get("VELERIAN_BASE_URL", "https://api.velerian.ai"),
)
The key is sent as Authorization: Bearer <key>. A missing/invalid/expired key
raises VelerianAuthError (401); a key lacking a required scope raises
VelerianForbiddenError (403).
Quickstart — run a governed pack + fetch its evidence
import os
from velerian_sdk import VelerianClient, VelerianError
with VelerianClient(
api_key=os.environ["VELERIAN_API_KEY"],
base_url=os.environ.get("VELERIAN_BASE_URL", "https://api.velerian.ai"),
) as client:
# 1. Run a governed invocation of a DEPLOYED ABP (needs runs:write).
result = client.invoke_abp(
os.environ["VELERIAN_ABP_ID"],
payload={"prompt": "Summarize the attached filing."},
)
print("outcome:", result.outcome, "allowed:", result.is_allowed)
if result.requires_human:
print("held for human approval:", result.approval_id)
# 2. Fetch a presigned evidence export for that invocation (needs evidence:read).
if result.evidence_pack_id:
export = client.invocation_evidence(
os.environ["VELERIAN_ABP_ID"], result.invocation_id
)
print("evidence download URL (expires", export.expires_at, "):")
print(export.download_url)
See examples/run_governed_pack.py for a
runnable version with error handling.
Pagination
List endpoints use limit/offset. The SDK gives you both a single-page
accessor and an auto-iterating generator:
# One page:
page = client.list_audit_log(action="abp.invoke", limit=50)
print(len(page), "of", page.total or "?", "entries; next offset", page.offset + page.limit)
# Every entry, transparently across pages:
for entry in client.iter_audit_log(action="abp.invoke"):
print(entry["created_at"], entry["action"])
For any list route the SDK does not wrap, use the generic paginator:
for row in client.iter_paginated("approvals", page_size=100):
...
# Prefixed limit/offset params (e.g. the usage summary's evidence list):
for pack in client.iter_paginated(
"usage/summary",
limit_param="evidence_limit", offset_param="evidence_offset",
items_key="evidence_packs",
):
...
Error handling
Every non-2xx response raises a typed exception (all subclasses of
VelerianError):
| Exception | HTTP | Meaning |
|---|---|---|
VelerianAuthError |
401 | Missing/invalid/expired/revoked key |
VelerianForbiddenError |
403 | Authenticated but missing a scope |
VelerianNotFoundError |
404 | Resource not found / not visible |
VelerianConflictError |
409 | State conflict (e.g. ABP not deployed) |
VelerianValidationError |
422 | Request failed schema validation |
VelerianRateLimitError |
429 | Rate limited (.retry_after in seconds) |
VelerianServerError |
5xx | Server-side error |
VelerianAPIError |
other | Any other non-2xx (base of the above) |
from velerian_sdk import VelerianRateLimitError, VelerianForbiddenError
try:
client.invoke_abp(abp_id, payload={...})
except VelerianForbiddenError as e:
print("missing scope:", e.detail)
except VelerianRateLimitError as e:
print("retry after", e.retry_after, "seconds")
Automatic retries
By default the client retries 429 and 5xx up to 3 times, honoring the
server's Retry-After on 429 and using full-jitter exponential backoff
otherwise. Tune or disable it:
client = VelerianClient(api_key=..., base_url=..., max_retries=0) # never retry
When retries are exhausted the final typed exception is raised.
Escape hatch
The typed methods cover the governed-run + evidence + usage + audit surface. For
any other route, client.get(path) / client.post(path, json=...) /
client.request(...) issue an authenticated, error-mapped, retried request and
return the raw httpx.Response:
plans = client.get("plans").json()
Versioning
The SDK version tracks the API contract it was built against. The API is
versioned by URL path (/api/v2, see
docs/api/versioning-and-deprecation.md);
the SDK targets v2. Regenerate after a contract change with:
python scripts/gen_sdks.py
Publishing
Building a wheel:
pip install build && python -m build ./sdks/python
Publishing to PyPI is a follow-on that requires registry credentials (gated on
account setup); the package metadata (name = velerian-sdk) is ready.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file velerian_sdk-0.1.0.tar.gz.
File metadata
- Download URL: velerian_sdk-0.1.0.tar.gz
- Upload date:
- Size: 16.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7149efd81cc3401361481582d2f86cbcf1b5f56cc84874901930be3005d94dfd
|
|
| MD5 |
eb8d5464ef45cd3f85d8c72e9fe6e5a9
|
|
| BLAKE2b-256 |
e6a940d9ebe722c59d2131e680ac031f95e1dfc081ddbdd4defbe7aa19b5d72b
|
Provenance
The following attestation bundles were made for velerian_sdk-0.1.0.tar.gz:
Publisher:
sdk-publish.yml on Velerian-Inc/velerian-platform
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
velerian_sdk-0.1.0.tar.gz -
Subject digest:
7149efd81cc3401361481582d2f86cbcf1b5f56cc84874901930be3005d94dfd - Sigstore transparency entry: 1914856195
- Sigstore integration time:
-
Permalink:
Velerian-Inc/velerian-platform@56369cb2836cfa0c7eef7cd29193bc669f623a8a -
Branch / Tag:
refs/tags/sdk-v0.1.0 - Owner: https://github.com/Velerian-Inc
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
sdk-publish.yml@56369cb2836cfa0c7eef7cd29193bc669f623a8a -
Trigger Event:
push
-
Statement type:
File details
Details for the file velerian_sdk-0.1.0-py3-none-any.whl.
File metadata
- Download URL: velerian_sdk-0.1.0-py3-none-any.whl
- Upload date:
- Size: 15.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.12
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8d581b4aa777634b3178bffb22f944500df9f15d9cc3e83e30e598aa2a4e29e6
|
|
| MD5 |
770a4065dbecdbf6bbc0135e07bbe724
|
|
| BLAKE2b-256 |
dbeecb473b0d6ac8e72921cdf99b5d3f52e131c1a402a260f8a95144da02618c
|
Provenance
The following attestation bundles were made for velerian_sdk-0.1.0-py3-none-any.whl:
Publisher:
sdk-publish.yml on Velerian-Inc/velerian-platform
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
velerian_sdk-0.1.0-py3-none-any.whl -
Subject digest:
8d581b4aa777634b3178bffb22f944500df9f15d9cc3e83e30e598aa2a4e29e6 - Sigstore transparency entry: 1914856271
- Sigstore integration time:
-
Permalink:
Velerian-Inc/velerian-platform@56369cb2836cfa0c7eef7cd29193bc669f623a8a -
Branch / Tag:
refs/tags/sdk-v0.1.0 - Owner: https://github.com/Velerian-Inc
-
Access:
private
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
sdk-publish.yml@56369cb2836cfa0c7eef7cd29193bc669f623a8a -
Trigger Event:
push
-
Statement type: