Merge branch 'main' into auto-update-trans-text-20250131-002900

src/py/flwr/client/supernode/app.py

@@ -41,7 +41,7 @@
 )
 from flwr.common.exit import ExitCode, flwr_exit
 from flwr.common.exit_handlers import register_exit_handlers
-from flwr.common.logger import log, warn_deprecated_feature
+from flwr.common.logger import log
 
 from ..app import start_client_internal
 from ..clientapp.utils import get_load_client_app_fn
@@ -50,7 +50,6 @@
 def run_supernode() -> None:
     """Run Flower SuperNode."""
     args = _parse_args_run_supernode().parse_args()
-    _warn_deprecated_server_arg(args)
 
     log(INFO, "Starting Flower SuperNode")
 
@@ -109,26 +108,6 @@ def run_client_app() -> None:
     register_exit_handlers(event_type=EventType.RUN_CLIENT_APP_LEAVE)
 
 
-def _warn_deprecated_server_arg(args: argparse.Namespace) -> None:
-    """Warn about the deprecated argument `--server`."""
-    if args.server != FLEET_API_GRPC_RERE_DEFAULT_ADDRESS:
-        warn = "Passing flag --server is deprecated. Use --superlink instead."
-        warn_deprecated_feature(warn)
-
-        if args.superlink != FLEET_API_GRPC_RERE_DEFAULT_ADDRESS:
-            # if `--superlink` also passed, then
-            # warn user that this argument overrides what was passed with `--server`
-            log(
-                WARN,
-                "Both `--server` and `--superlink` were passed. "
-                "`--server` will be ignored. Connecting to the Superlink Fleet API "
-                "at %s.",
-                args.superlink,
-            )
-        else:
-            args.superlink = args.server
-
-
 def _parse_args_run_supernode() -> argparse.ArgumentParser:
     """Parse flower-supernode command line arguments."""
     parser = argparse.ArgumentParser(
@@ -206,15 +185,12 @@ def _parse_args_common(parser: argparse.ArgumentParser) -> None:
         help="Specifies the path to the PEM-encoded root certificate file for "
         "establishing secure HTTPS connections.",
     )
-    parser.add_argument(
-        "--server",
-        default=FLEET_API_GRPC_RERE_DEFAULT_ADDRESS,
-        help="Server address",
-    )
     parser.add_argument(
         "--superlink",
         default=FLEET_API_GRPC_RERE_DEFAULT_ADDRESS,
-        help="SuperLink Fleet API (gRPC-rere) address (IPv4, IPv6, or a domain name)",
+        help="SuperLink Fleet API address (IPv4, IPv6, or a domain name). If using the "
+        "REST (experimental) transport, ensure your address is in the form "
+        "`http://...` or `https://...` when TLS is enabled.",
     )
     parser.add_argument(
         "--max-retries",

src/py/flwr/common/args.py

@@ -20,13 +20,9 @@
 from logging import DEBUG, ERROR, WARN
 from os.path import isfile
 from pathlib import Path
-from typing import Optional
+from typing import Optional, Union
 
-from flwr.common.constant import (
-    TRANSPORT_TYPE_GRPC_ADAPTER,
-    TRANSPORT_TYPE_GRPC_RERE,
-    TRANSPORT_TYPE_REST,
-)
+from flwr.common.constant import TRANSPORT_TYPE_REST
 from flwr.common.logger import log
 
 
@@ -55,9 +51,9 @@ def add_args_flwr_app_common(parser: argparse.ArgumentParser) -> None:
 def try_obtain_root_certificates(
     args: argparse.Namespace,
     grpc_server_address: str,
-) -> Optional[bytes]:
+) -> Optional[Union[bytes, str]]:
     """Validate and return the root certificates."""
-    root_cert_path = args.root_certificates
+    root_cert_path: Optional[str] = args.root_certificates
     if args.insecure:
         if root_cert_path is not None:
             sys.exit(
@@ -93,56 +89,38 @@ def try_obtain_root_certificates(
             grpc_server_address,
             root_cert_path,
         )
+    if args.transport == TRANSPORT_TYPE_REST:
+        return root_cert_path
     return root_certificates
 
 
 def try_obtain_server_certificates(
     args: argparse.Namespace,
-    transport_type: str,
 ) -> Optional[tuple[bytes, bytes, bytes]]:
     """Validate and return the CA cert, server cert, and server private key."""
     if args.insecure:
         log(WARN, "Option `--insecure` was set. Starting insecure HTTP server.")
         return None
     # Check if certificates are provided
-    if transport_type in [TRANSPORT_TYPE_GRPC_RERE, TRANSPORT_TYPE_GRPC_ADAPTER]:
-        if args.ssl_certfile and args.ssl_keyfile and args.ssl_ca_certfile:
-            if not isfile(args.ssl_ca_certfile):
-                sys.exit("Path argument `--ssl-ca-certfile` does not point to a file.")
-            if not isfile(args.ssl_certfile):
-                sys.exit("Path argument `--ssl-certfile` does not point to a file.")
-            if not isfile(args.ssl_keyfile):
-                sys.exit("Path argument `--ssl-keyfile` does not point to a file.")
-            certificates = (
-                Path(args.ssl_ca_certfile).read_bytes(),  # CA certificate
-                Path(args.ssl_certfile).read_bytes(),  # server certificate
-                Path(args.ssl_keyfile).read_bytes(),  # server private key
-            )
-            return certificates
-        if args.ssl_certfile or args.ssl_keyfile or args.ssl_ca_certfile:
-            sys.exit(
-                "You need to provide valid file paths to `--ssl-certfile`, "
-                "`--ssl-keyfile`, and `—-ssl-ca-certfile` to create a secure "
-                "connection in Fleet API server (gRPC-rere)."
-            )
-    if transport_type == TRANSPORT_TYPE_REST:
-        if args.ssl_certfile and args.ssl_keyfile:
-            if not isfile(args.ssl_certfile):
-                sys.exit("Path argument `--ssl-certfile` does not point to a file.")
-            if not isfile(args.ssl_keyfile):
-                sys.exit("Path argument `--ssl-keyfile` does not point to a file.")
-            certificates = (
-                b"",
-                Path(args.ssl_certfile).read_bytes(),  # server certificate
-                Path(args.ssl_keyfile).read_bytes(),  # server private key
-            )
-            return certificates
-        if args.ssl_certfile or args.ssl_keyfile:
-            sys.exit(
-                "You need to provide valid file paths to `--ssl-certfile` "
-                "and `--ssl-keyfile` to create a secure connection "
-                "in Fleet API server (REST, experimental)."
-            )
+    if args.ssl_certfile and args.ssl_keyfile and args.ssl_ca_certfile:
+        if not isfile(args.ssl_ca_certfile):
+            sys.exit("Path argument `--ssl-ca-certfile` does not point to a file.")
+        if not isfile(args.ssl_certfile):
+            sys.exit("Path argument `--ssl-certfile` does not point to a file.")
+        if not isfile(args.ssl_keyfile):
+            sys.exit("Path argument `--ssl-keyfile` does not point to a file.")
+        certificates = (
+            Path(args.ssl_ca_certfile).read_bytes(),  # CA certificate
+            Path(args.ssl_certfile).read_bytes(),  # server certificate
+            Path(args.ssl_keyfile).read_bytes(),  # server private key
+        )
+        return certificates
+    if args.ssl_certfile or args.ssl_keyfile or args.ssl_ca_certfile:
+        sys.exit(
+            "You need to provide valid file paths to `--ssl-certfile`, "
+            "`--ssl-keyfile`, and `—-ssl-ca-certfile` to create a secure "
+            "connection in Fleet API server (gRPC-rere)."
+        )
     log(
         ERROR,
         "Certificates are required unless running in insecure mode. "

src/py/flwr/server/app.py

@@ -265,7 +265,7 @@ def run_superlink() -> None:
     simulationio_address, _, _ = _format_address(args.simulationio_api_address)
 
     # Obtain certificates
-    certificates = try_obtain_server_certificates(args, args.fleet_api_type)
+    certificates = try_obtain_server_certificates(args)
 
     # Disable the user auth TLS check if args.disable_oidc_tls_cert_verification is
     # provided
@@ -353,17 +353,13 @@ def run_superlink() -> None:
             ) is None:
                 flwr_exit(ExitCode.COMMON_MISSING_EXTRA_REST)
 
-            _, ssl_certfile, ssl_keyfile = (
-                certificates if certificates is not None else (None, None, None)
-            )
-
             fleet_thread = threading.Thread(
                 target=_run_fleet_api_rest,
                 args=(
                     host,
                     port,
-                    ssl_keyfile,
-                    ssl_certfile,
+                    args.ssl_keyfile,
+                    args.ssl_certfile,
                     state_factory,
                     ffs_factory,
                     num_workers,