# AIR-GAP DEPLOYMENT MANIFEST
_Generated: 2026-02-12 06:21:14 UTC_  
_Build Machine: marc_  
_Method: uv export from uv.lock_  

---

## TARGET ENVIRONMENT:
  Python Version:     3.12  
  Platform:           x86_64-manylinux2014  
  Architecture:       x86_64  
  Requirements lines: 657  
  PyPI Packages:       (with hash verification)  
  VCS Packages:       0  0 (from git repositories)  
  Total Wheels:       52  

## BUILD TOOLS:
  UV Version:         uv 0.9.26  
  Pip Version:        pip 26.0.1 from python 3.12

## PACKAGE DIRECTORY:
  Location: ./pkg_deps/  
  Contents: 27M of wheel/tarball files  

## DEPLOYMENT INSTRUCTIONS:

1. Transfer the following to the air-gap environment:
   - ./pkg_deps/           (all wheel files)
   - ./requirements.txt (dependency list with hashes)

2. In the air-gap environment, install with:
   python -m pip install --no-index --find-links ././pkg_deps -r ./requirements.txt

3. Verify installation:
   pip list | head -20
   python -c "import fastapi, sqlmodel; print('Core packages OK')"

## SECURITY FEATURES:

  ✓ PyPI packages (): Hash-verified for integrity
  ✓ Exported from locked uv.lock file: Reproducible and verified
  ✓ VCS packages removed: Not suitable for air-gap (require network to clone)
  
  For production deployments with VCS dependencies:
  - Deploy VCS packages separately (git clone in docker, etc.)
  - Use a package mirror that supports git protocol
  - Pre-install VCS packages in base image
  - Lock file ensures exact versions and hashes
  - PyPI packages have full hash verification
  - VCS packages have git commit integrity

## VERIFICATION STEPS:

  1. Check requirements.txt format:
     head -30 requirements.txt  # Should show hashes and packages
     tail -10 requirements.txt  # Should show any VCS packages
     
  2. Verify all packages downloaded:
     ls -la ./pkg_deps/ | wc -l  # Should be 170+
     du -sh ./pkg_deps/          # Should be 1GB+

  3. Check VCS packages are included:
     grep '@ git\|@ hg\|@ svn\|@ bzr' ./requirements.txt

  4. Test installation locally (optional but recommended):
     python -m venv test_env
     source test_env/bin/activate
     pip install --no-index --find-links ././pkg_deps -r ./requirements.txt
     pip list | grep -E 'fyre|fastapi|sqlmodel'
     python -c "import fyre_toolkit; print('VCS package OK')"

## TROUBLESHOOTING:

  If pip download failed:
  - This approach uses the lock file for exact versions
  - Should work reliably without conflicts

  If installation in air-gap fails:
  1. Verify all files copied: ls ./pkg_deps | wc -l (should be 170+)
  2. Check Python version: python --version (should be 3.12+)
  3. Check Git installed for VCS packages: which git
  4. Try verbose: pip install --verbose --no-index --find-links ././pkg_deps -r ./requirements.txt

  If hash validation fails on a package:
  - File may be corrupted in transfer
  - Re-copy the package file

  If VCS package fails to install:
  - Verify git is installed: apt-get install git
  - The URL in requirements.txt includes the commit hash
  - Git will verify authenticity when cloning

## VERSION TRACKING:

  Generated with UV: uv 0.9.26
  Method:            uv export from uv.lock
  Python target:     3.12
  Architecture:      x86_64
  Generation date:   2026-02-12 06:21:14 UTC
  Lock file used:    ./uv.lock

## ADVANTAGES OF THIS APPROACH:

  ✓ Uses existing uv.lock (no recompilation needed)
  ✓ All versions already resolved and pinned
  ✓ All hashes verified from lock file
  ✓ Reproducible across different machines
  ✓ No temporary files or complex processing
  ✓ Separates PyPI (with hashes) from VCS (git integrity)
