fluyenta-ruby 0.1.14

data/lib/brainzlab/vault.rb

@@ -0,0 +1,262 @@
+# frozen_string_literal: true
+
+require_relative 'vault/client'
+require_relative 'vault/cache'
+require_relative 'vault/provisioner'
+
+module BrainzLab
+  module Vault
+    class << self
+      # Load all secrets into ENV like dotenv
+      # This is the main method to use at app startup
+      #
+      # @param environment [String, Symbol] Environment to load (defaults to current)
+      # @param overwrite [Boolean] Whether to overwrite existing ENV vars (default: false)
+      # @param provider_keys [Boolean] Also load provider keys like OPENAI_API_KEY (default: true)
+      # @return [Hash] The secrets that were loaded
+      #
+      # @example
+      #   # In config/application.rb or an initializer
+      #   BrainzLab::Vault.load!
+      #
+      #   # Load with options
+      #   BrainzLab::Vault.load!(environment: :production, overwrite: true)
+      #
+      def load!(environment: nil, overwrite: false, provider_keys: true)
+        return {} unless enabled?
+
+        ensure_provisioned!
+        return {} unless BrainzLab.configuration.vault_valid?
+
+        env = environment&.to_s || BrainzLab.configuration.environment
+        loaded = {}
+
+        # Load regular secrets
+        secrets = export(environment: env, format: :json)
+        secrets.each do |key, value|
+          key_str = key.to_s
+          next unless overwrite || !ENV.key?(key_str)
+
+          ENV[key_str] = value.to_s
+          loaded[key_str] = value
+          BrainzLab.debug_log("[Vault] Loaded #{key_str}")
+        end
+
+        # Load provider keys (OpenAI, Anthropic, etc.)
+        if provider_keys
+          provider_secrets = load_provider_keys!(overwrite: overwrite)
+          loaded.merge!(provider_secrets)
+        end
+
+        BrainzLab.debug_log("[Vault] Loaded #{loaded.size} secrets into ENV")
+        loaded
+      rescue StandardError => e
+        BrainzLab.debug_log("[Vault] Failed to load secrets: #{e.message}")
+        {}
+      end
+
+      # Load provider keys (API keys for LLMs, etc.) into ENV
+      #
+      # @param overwrite [Boolean] Whether to overwrite existing ENV vars
+      # @return [Hash] Provider keys that were loaded
+      def load_provider_keys!(overwrite: false)
+        return {} unless enabled? && BrainzLab.configuration.vault_valid?
+
+        loaded = {}
+        provider_keys = client.get_provider_keys
+
+        provider_keys.each do |provider, key|
+          env_var = "#{provider.to_s.upcase}_API_KEY"
+          next unless overwrite || !ENV.key?(env_var)
+
+          ENV[env_var] = key
+          loaded[env_var] = key
+          BrainzLab.debug_log("[Vault] Loaded provider key: #{env_var}")
+        end
+
+        loaded
+      rescue StandardError => e
+        BrainzLab.debug_log("[Vault] Failed to load provider keys: #{e.message}")
+        {}
+      end
+
+      # Get a specific provider key
+      # @param provider [String, Symbol] Provider name (openai, anthropic, etc.)
+      # @param model_type [String] Model type (llm, embedding, etc.)
+      # @return [String, nil] The API key
+      def provider_key(provider, model_type: 'llm')
+        return nil unless enabled?
+
+        ensure_provisioned!
+        return nil unless BrainzLab.configuration.vault_valid?
+
+        # Check ENV first
+        env_var = "#{provider.to_s.upcase}_API_KEY"
+        return ENV[env_var] if ENV[env_var] && !ENV[env_var].empty?
+
+        # Fetch from Vault
+        client.get_provider_key(provider: provider.to_s, model_type: model_type)
+      end
+
+      # Get a secret value
+      # @param key [String] The secret key
+      # @param environment [String, Symbol] Optional environment (defaults to current environment)
+      # @param default [Object] Default value if secret not found
+      # @return [String, nil] The secret value
+      def get(key, environment: nil, default: nil)
+        return default unless enabled?
+
+        ensure_provisioned!
+        return default unless BrainzLab.configuration.vault_valid?
+
+        env = environment&.to_s || BrainzLab.configuration.environment
+        cache_key = "#{env}:#{key}"
+
+        # Check cache first
+        return cache.get(cache_key) if BrainzLab.configuration.vault_cache_enabled && cache.has?(cache_key)
+
+        value = client.get(key, environment: env)
+
+        if value.nil?
+          default
+        else
+          cache.set(cache_key, value) if BrainzLab.configuration.vault_cache_enabled
+          value
+        end
+      end
+
+      # Set a secret value
+      # @param key [String] The secret key
+      # @param value [String] The secret value
+      # @param environment [String, Symbol] Optional environment (defaults to current environment)
+      # @param description [String] Optional description
+      # @param note [String] Optional version note
+      # @return [Boolean] True if successful
+      def set(key, value, environment: nil, description: nil, note: nil)
+        return false unless enabled?
+
+        ensure_provisioned!
+        return false unless BrainzLab.configuration.vault_valid?
+
+        env = environment&.to_s || BrainzLab.configuration.environment
+        result = client.set(key, value, environment: env, description: description, note: note)
+
+        # Invalidate cache
+        cache.delete("#{env}:#{key}") if result && BrainzLab.configuration.vault_cache_enabled
+
+        result
+      end
+
+      # List all secret keys
+      # @param environment [String, Symbol] Optional environment
+      # @return [Array<Hash>] List of secret metadata
+      def list(environment: nil)
+        return [] unless enabled?
+
+        ensure_provisioned!
+        return [] unless BrainzLab.configuration.vault_valid?
+
+        env = environment&.to_s || BrainzLab.configuration.environment
+        client.list(environment: env)
+      end
+
+      # Delete (archive) a secret
+      # @param key [String] The secret key
+      # @return [Boolean] True if successful
+      def delete(key)
+        return false unless enabled?
+
+        ensure_provisioned!
+        return false unless BrainzLab.configuration.vault_valid?
+
+        result = client.delete(key)
+
+        # Invalidate all environment caches for this key
+        cache.delete_pattern("*:#{key}") if result && BrainzLab.configuration.vault_cache_enabled
+
+        result
+      end
+
+      # Export all secrets for an environment
+      # @param environment [String, Symbol] Environment to export
+      # @param format [Symbol] Output format (:json, :dotenv, :shell)
+      # @return [Hash, String] Exported secrets
+      def export(environment: nil, format: :json)
+        return {} unless enabled?
+
+        ensure_provisioned!
+        return {} unless BrainzLab.configuration.vault_valid?
+
+        env = environment&.to_s || BrainzLab.configuration.environment
+        client.export(environment: env, format: format)
+      end
+
+      # Fetch a secret with automatic fallback
+      # @param key [String] The secret key
+      # @param env_var [String] Environment variable to fall back to
+      # @return [String, nil] The secret value
+      def fetch(key, env_var: nil)
+        value = get(key)
+        return value if value && !value.to_s.empty?
+
+        # Fall back to environment variable
+        if env_var
+          ENV.fetch(env_var, nil)
+        else
+          ENV.fetch(key, nil)
+        end
+      end
+
+      # Clear the secret cache
+      def clear_cache!
+        cache.clear!
+      end
+
+      # Warm the cache with all secrets
+      def warm_cache!(environment: nil)
+        return unless enabled? && BrainzLab.configuration.vault_cache_enabled
+
+        env = environment&.to_s || BrainzLab.configuration.environment
+        secrets = export(environment: env, format: :json)
+
+        secrets.each do |key, value|
+          cache.set("#{env}:#{key}", value)
+        end
+      end
+
+      # === INTERNAL ===
+
+      def ensure_provisioned!
+        return if @provisioned
+
+        @provisioned = true
+        provisioner.ensure_project!
+      end
+
+      def provisioner
+        @provisioner ||= Provisioner.new(BrainzLab.configuration)
+      end
+
+      def client
+        @client ||= Client.new(BrainzLab.configuration)
+      end
+
+      def cache
+        @cache ||= Cache.new(BrainzLab.configuration.vault_cache_ttl)
+      end
+
+      def reset!
+        @client = nil
+        @provisioner = nil
+        @cache = nil
+        @provisioned = false
+      end
+
+      private
+
+      def enabled?
+        BrainzLab.configuration.vault_enabled
+      end
+    end
+  end
+end

data/lib/brainzlab/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module BrainzLab
+  VERSION = '0.1.14'
+end

data/lib/brainzlab/vision/client.rb

@@ -0,0 +1,175 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'uri'
+require 'json'
+
+module BrainzLab
+  module Vision
+    class Client
+      def initialize(config)
+        @config = config
+      end
+
+      # Execute an autonomous AI task
+      def execute_task(instruction:, start_url:, model: nil, browser_provider: nil, max_steps: 50, timeout: 300)
+        payload = {
+          instruction: instruction,
+          start_url: start_url,
+          max_steps: max_steps,
+          timeout: timeout
+        }
+        payload[:model] = model if model
+        payload[:browser_provider] = browser_provider if browser_provider
+
+        post('/mcp/tools/vision_task', payload)
+      end
+
+      # Create a browser session
+      def create_session(url: nil, viewport: nil, browser_provider: nil)
+        payload = {}
+        payload[:url] = url if url
+        payload[:viewport] = viewport if viewport
+        payload[:browser_provider] = browser_provider if browser_provider
+
+        post('/mcp/tools/vision_session_create', payload)
+      end
+
+      # Perform an AI-powered action
+      def ai_action(session_id:, instruction:, model: nil)
+        payload = {
+          session_id: session_id,
+          instruction: instruction
+        }
+        payload[:model] = model if model
+
+        post('/mcp/tools/vision_ai_action', payload)
+      end
+
+      # Perform a direct browser action
+      def perform(session_id:, action:, selector: nil, value: nil)
+        payload = {
+          session_id: session_id,
+          action: action.to_s
+        }
+        payload[:selector] = selector if selector
+        payload[:value] = value if value
+
+        post('/mcp/tools/vision_perform', payload)
+      end
+
+      # Extract structured data
+      def extract(session_id:, schema:, instruction: nil)
+        payload = {
+          session_id: session_id,
+          schema: schema
+        }
+        payload[:instruction] = instruction if instruction
+
+        post('/mcp/tools/vision_extract', payload)
+      end
+
+      # Close a session
+      def close_session(session_id:)
+        post('/mcp/tools/vision_session_close', { session_id: session_id })
+      end
+
+      # Take a screenshot
+      def screenshot(session_id:, full_page: true)
+        post('/mcp/tools/vision_screenshot', {
+               session_id: session_id,
+               full_page: full_page
+             })
+      end
+
+      private
+
+      def post(path, payload)
+        uri = URI.parse("#{@config.vision_url}#{path}")
+        request = Net::HTTP::Post.new(uri)
+        request['Content-Type'] = 'application/json'
+        request['Authorization'] = "Bearer #{auth_key}"
+        request['User-Agent'] = "brainzlab-sdk-ruby/#{BrainzLab::VERSION}"
+        request.body = JSON.generate(payload)
+
+        response = execute(uri, request)
+
+        case response
+        when Net::HTTPSuccess
+          JSON.parse(response.body, symbolize_names: true)
+        when Net::HTTPUnauthorized
+          structured_error = AuthenticationError.new(
+            'Invalid API key',
+            hint: 'Verify your Vision API key is correct and has not expired.',
+            code: 'vision_unauthorized'
+          )
+          log_error(path, structured_error)
+          { error: structured_error.message, brainzlab_error: structured_error }
+        when Net::HTTPForbidden
+          structured_error = AuthenticationError.new(
+            'Vision is not enabled for this project',
+            hint: 'Enable Vision in your project settings or check your permissions.',
+            code: 'vision_forbidden'
+          )
+          log_error(path, structured_error)
+          { error: structured_error.message, brainzlab_error: structured_error }
+        when Net::HTTPNotFound
+          structured_error = NotFoundError.new(
+            "Vision endpoint not found: #{path}",
+            hint: 'Verify the Vision service is properly configured.',
+            code: 'vision_not_found',
+            resource_type: 'endpoint',
+            resource_id: path
+          )
+          log_error(path, structured_error)
+          { error: structured_error.message, brainzlab_error: structured_error }
+        when Net::HTTPTooManyRequests
+          structured_error = RateLimitError.new(
+            'Vision rate limit exceeded',
+            retry_after: response['Retry-After']&.to_i,
+            code: 'vision_rate_limit'
+          )
+          log_error(path, structured_error)
+          { error: structured_error.message, brainzlab_error: structured_error }
+        else
+          structured_error = ErrorHandler.from_response(response, service: 'Vision', operation: path)
+          log_error(path, structured_error)
+          { error: structured_error.message, brainzlab_error: structured_error }
+        end
+      rescue JSON::ParserError => e
+        structured_error = ServerError.new(
+          "Invalid JSON response from Vision: #{e.message}",
+          hint: 'The Vision service returned an unexpected response format.',
+          code: 'vision_invalid_response'
+        )
+        log_error(path, structured_error)
+        { error: structured_error.message, brainzlab_error: structured_error }
+      rescue StandardError => e
+        structured_error = ErrorHandler.wrap(e, service: 'Vision', operation: path)
+        log_error(path, structured_error)
+        { error: structured_error.message, brainzlab_error: structured_error }
+      end
+
+      def log_error(operation, error)
+        BrainzLab.debug_log("[Vision::Client] #{operation} failed: #{error.message}")
+
+        # Call on_error callback if configured
+        if @config.on_error
+          @config.on_error.call(error, { service: 'Vision', operation: operation })
+        end
+      end
+
+      def auth_key
+        @config.vision_ingest_key || @config.vision_api_key || @config.secret_key
+      end
+
+      def execute(uri, request)
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = uri.scheme == 'https'
+        http.open_timeout = 10
+        http.read_timeout = 300 # Long timeout for AI tasks
+        http.request(request)
+      end
+    end
+  end
+end

data/lib/brainzlab/vision/provisioner.rb

@@ -0,0 +1,136 @@
+# frozen_string_literal: true
+
+require 'net/http'
+require 'uri'
+require 'json'
+require 'fileutils'
+
+module BrainzLab
+  module Vision
+    class Provisioner
+      CACHE_DIR = ENV.fetch('BRAINZLAB_CACHE_DIR') { File.join(Dir.home, '.brainzlab') }
+
+      def initialize(config)
+        @config = config
+      end
+
+      def ensure_project!
+        return unless should_provision?
+
+        # Try cached credentials first
+        if (cached = load_cached_credentials)
+          apply_credentials(cached)
+          return cached
+        end
+
+        # Provision new project
+        project = provision_project
+        return unless project
+
+        # Cache and apply credentials
+        cache_credentials(project)
+        apply_credentials(project)
+
+        project
+      end
+
+      private
+
+      def should_provision?
+        if @config.debug
+          log_debug('Checking Vision provision conditions:')
+          log_debug("  vision_auto_provision: #{@config.vision_auto_provision}")
+          log_debug("  app_name: '#{@config.app_name}'")
+          log_debug("  vision_api_key set: #{@config.vision_api_key.to_s.strip.length.positive?}")
+          log_debug("  vision_ingest_key set: #{@config.vision_ingest_key.to_s.strip.length.positive?}")
+          log_debug("  vision_master_key set: #{@config.vision_master_key.to_s.strip.length.positive?}")
+        end
+
+        return false unless @config.vision_auto_provision
+        return false unless @config.app_name.to_s.strip.length.positive?
+        return false if @config.vision_api_key.to_s.strip.length.positive?
+        return false if @config.vision_ingest_key.to_s.strip.length.positive?
+        return false unless @config.vision_master_key.to_s.strip.length.positive?
+
+        log_debug('Will provision Vision project') if @config.debug
+        true
+      end
+
+      def log_debug(message)
+        if @config.logger
+          @config.logger.info("[BrainzLab::Debug] #{message}")
+        else
+          puts "[BrainzLab::Debug] #{message}"
+        end
+      end
+
+      def provision_project
+        uri = URI.parse("#{@config.vision_url}/api/v1/projects/provision")
+        request = Net::HTTP::Post.new(uri)
+        request['Content-Type'] = 'application/json'
+        request['X-Master-Key'] = @config.vision_master_key
+        request['User-Agent'] = "brainzlab-sdk-ruby/#{BrainzLab::VERSION}"
+        request.body = JSON.generate({
+                                       name: @config.app_name,
+                                       environment: @config.environment
+                                     })
+
+        response = execute(uri, request)
+        return nil unless response.is_a?(Net::HTTPSuccess)
+
+        JSON.parse(response.body, symbolize_names: true)
+      rescue StandardError => e
+        log_error("Failed to provision Vision project: #{e.message}")
+        nil
+      end
+
+      def load_cached_credentials
+        path = cache_file_path
+        return nil unless File.exist?(path)
+
+        data = JSON.parse(File.read(path), symbolize_names: true)
+
+        # Validate cached data has required keys
+        return nil unless data[:ingest_key] || data[:api_key]
+
+        data
+      rescue StandardError => e
+        log_error("Failed to load cached Vision credentials: #{e.message}")
+        nil
+      end
+
+      def cache_credentials(project)
+        FileUtils.mkdir_p(CACHE_DIR)
+        File.write(cache_file_path, JSON.generate(project))
+      rescue StandardError => e
+        log_error("Failed to cache Vision credentials: #{e.message}")
+      end
+
+      def cache_file_path
+        File.join(CACHE_DIR, "#{@config.app_name}.vision.json")
+      end
+
+      def apply_credentials(project)
+        @config.vision_ingest_key = project[:ingest_key]
+        @config.vision_api_key = project[:api_key]
+
+        # Also set service name from app_name if not already set
+        @config.service ||= @config.app_name
+      end
+
+      def execute(uri, request)
+        http = Net::HTTP.new(uri.host, uri.port)
+        http.use_ssl = uri.scheme == 'https'
+        http.open_timeout = 5
+        http.read_timeout = 10
+        http.request(request)
+      end
+
+      def log_error(message)
+        return unless @config.logger
+
+        @config.logger.error("[BrainzLab] #{message}")
+      end
+    end
+  end
+end