90080c632a
NATS wildcards (node.*.capabilities.get) only work for subscriptions, not for publish. Switch to a dedicated broadcast subject (fabric.capabilities.discover) that all NCS instances subscribe to, enabling proper scatter-gather discovery across nodes. Made-with: Cursor
46 lines
1.2 KiB
Python
46 lines
1.2 KiB
Python
import json
|
||
import os
|
||
import time
|
||
import uuid
|
||
import hashlib
|
||
from pathlib import Path
|
||
from nats.aio.client import Client as NATS
|
||
import asyncio
|
||
|
||
NATS_URL = os.getenv('NATS_URL', 'nats://localhost:4222')
|
||
# Default: /app/logs (mounted rw volume) або /tmp як fallback
|
||
AUDIT_FILE = os.getenv('AGX_AUDIT_FILE', '/app/logs/stepan_audit.log.jsonl')
|
||
|
||
|
||
def _hash(text: str):
|
||
return hashlib.sha256(text.encode()).hexdigest()[:16]
|
||
|
||
|
||
async def _publish_nats(subject: str, payload: dict):
|
||
nc = NATS()
|
||
await nc.connect(servers=[NATS_URL], connect_timeout=2)
|
||
await nc.publish(subject, json.dumps(payload).encode())
|
||
await nc.flush(1)
|
||
await nc.drain()
|
||
|
||
|
||
def audit_event(event: dict):
|
||
try:
|
||
Path(AUDIT_FILE).parent.mkdir(parents=True, exist_ok=True)
|
||
with open(AUDIT_FILE, 'a', encoding='utf-8') as f:
|
||
f.write(json.dumps(event, ensure_ascii=False) + '\n')
|
||
except Exception:
|
||
pass
|
||
try:
|
||
asyncio.run(_publish_nats('agx.audit.delegation', event))
|
||
except Exception:
|
||
pass
|
||
|
||
|
||
def new_trace(user_request: str):
|
||
return {
|
||
'trace_id': str(uuid.uuid4()),
|
||
'user_request_hash': _hash(user_request),
|
||
'ts': int(time.time() * 1000)
|
||
}
|