chore: initial open source release (v0.1.0)

[sainathsapa]

PR: KeyNetra v0.1.0 Initial Release Hardening (Headless-First, API+CLI+Embedded)

Summary

This PR finalizes KeyNetra v0.1.0 as a production-ready, headless authorization platform that
works in three modes without UI dependency:

1. HTTP Server mode
2. CLI mode
3. Embedded Python engine mode

It also standardizes config-driven startup, policy/model file loading, admin login flow, Docker
runtime behavior, and terminal startup/log UX.

---

Why

To ensure KeyNetra can be operated in real environments where UI may not exist and can be integrated
into backend systems directly with stable API/CLI/embedded interfaces.

---

Scope

1) Headless engine and embedded usage

• Added/validated direct embedded facade:
  • from keynetra import KeyNetra
  • KeyNetra.from_config(...)
  • load_policies(...)
  • load_model(...)
  • check_access(...)
• Ensured pure engine remains usable directly:
  • from keynetra.engine import KeyNetraEngine

Files

• keynetra/__init__.py
• keynetra/headless.py
• keynetra/engine/__init__.py
• keynetra/engine/keynetra_engine.py

---

2) Config file loader (YAML/JSON/TOML)

• Implemented config loader and env mapping for file-driven operation.
• Supports database, redis, policy paths, model paths, seed flag, server host/port.
• CLI supports global --config flow.

Files

• keynetra/config/config_loader.py
• keynetra/config/settings.py
• keynetra/cli.py

---

3) Policy/model file support

• Policy file loading support for:
  • .yaml/.yml
  • .json
  • .polar
• Authorization model loading support for:
  • .yaml/.yml
  • .json
  • .toml
  • raw schema files
• Startup bootstrap loads file-backed policies/models when configured.

Files

• keynetra/config/file_loaders.py
• keynetra/api/main.py

---

4) CLI extensions for headless operation

• Added/validated commands:
  • serve
  • start (compat alias)
  • check
  • simulate
  • impact
  • compile-policies
  • doctor
  • version
  • help-cli
  • admin-login
  • ACL + model subcommands
• Config file handling integrated across commands.

Files

• keynetra/cli.py
• keynetra/version.py

---

5) Admin login (username/password)

• Added admin token issuance endpoint:
  • POST /admin/login
• Validates configured KEYNETRA_ADMIN_USERNAME + KEYNETRA_ADMIN_PASSWORD
• Returns JWT with admin role claims for management APIs.

Files

• keynetra/api/routes/admin_auth.py
• keynetra/config/admin_auth.py
• keynetra/config/settings.py
• contracts/openapi/keynetra-v0.1.0.yaml (parity update)

---

6) Startup terminal UX + colored logs

• Added startup dashboard rendering with pyfiglet (slant) + Rich layout.
• Added mode/config/runtime/security/storage info in startup output.
• Enabled rich-colored logs with env controls:
  • KEYNETRA_LOG_FORMAT=rich
  • KEYNETRA_FORCE_COLOR=1
• Added warning suppression for Pydantic non-fatal schema field shadowing noise in CLI startup.

Files

• keynetra/cli.py
• keynetra/infrastructure/logging.py

---

7) Docker runtime and compose modernization

• Standardized v0 compose setup (no legacy split).
• Added/updated:
  • docker-compose.yml (main stack)
  • docker-compose.dev.yml (dev stack)
• Docker startup script now:
  • runs migrations (optional)
  • renders startup screen in container too
  • enables rich/color logs by default
  • starts uvicorn workers

Files

• docker-compose.yml
• docker-compose.dev.yml
• Dockerfile
• infra/docker/start.sh
• .env.example

---

8) Examples and operational config

• Added/updated example configs and sample policy/model files for config-driven and embedded usage.

Files

• examples/keynetra.yaml
• examples/auth-model.yaml
• examples/policies/*
• examples/policy_tests.yaml

---

API Changes

Added

• POST /admin/login

Confirmed available

• POST /check-access
• POST /check-access-batch
• POST /simulate
• POST /simulate-policy
• POST /impact-analysis
• POST /auth-model
• GET /auth-model
• POST /acl
• GET /acl/{resource_type}/{resource_id}
• DELETE /acl/{acl_id}
• GET /metrics
• GET /health
• GET /health/live
• GET /health/ready

---

Backward Compatibility

• start command retained as alias for serve.
• Existing API and layered architecture preserved.
• No UI dependency introduced; UI remains optional.
• No breaking schema behavior intended for existing consumers.

---

Risk Assessment

Low/medium risk areas

• CLI startup rendering and logging behavior
• Docker startup UX path and worker startup semantics
• Admin login credential handling configuration

Mitigations

• Defaults remain safe and env-driven.
• Fallback logging path remains JSON if Rich unavailable.
• Admin login can be disabled by unsetting admin credentials.
• OpenAPI parity update included for new route visibility.

---

Validation Performed

• Route and command surfaces verified in code.
• OpenAPI contract updated for /admin/login.
• Headless config/policy/model loading paths validated at code level.
• Docker startup path includes startup screen + color log enablement.

---

Release Checklist (v0.1.0)

• Version aligned (pyproject.toml, keynetra/version.py, OpenAPI info)
• Headless operation (API, CLI, embedded)
• Config-driven startup (YAML/JSON/TOML)
• Policy/model file loaders wired
• Admin login route implemented and documented in contract
• Docker main + dev compose available
• Startup UX and colored logging enabled

---

[keynetra-admin]

Approved