agentstack-cli 0.4.0__py3-none-macosx_12_0_arm64.whl

agentstack_cli/commands/platform/__init__.py

@@ -0,0 +1,181 @@
+# Copyright 2025 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0
+
+import datetime
+import functools
+import importlib.resources
+import os
+import pathlib
+import platform
+import shutil
+import sys
+import textwrap
+import typing
+
+import httpx
+import typer
+from agentstack_sdk.platform import Provider
+from tenacity import AsyncRetrying, retry_if_exception_type, stop_after_delay, wait_fixed
+
+from agentstack_cli.async_typer import AsyncTyper
+from agentstack_cli.commands.platform.base_driver import BaseDriver
+from agentstack_cli.commands.platform.lima_driver import LimaDriver
+from agentstack_cli.commands.platform.wsl_driver import WSLDriver
+from agentstack_cli.console import console
+from agentstack_cli.utils import verbosity
+
+app = AsyncTyper()
+
+
+@functools.cache
+def get_driver(vm_name: str = "agentstack") -> BaseDriver:
+    has_lima = (importlib.resources.files("agentstack_cli") / "data" / "limactl").is_file() or shutil.which("limactl")
+    has_vz = os.path.exists("/System/Library/Frameworks/Virtualization.framework")
+    arch = "aarch64" if platform.machine().lower() == "arm64" else platform.machine().lower()
+    has_qemu = bool(shutil.which(f"qemu-system-{arch}"))
+
+    if platform.system() == "Windows" or shutil.which("wsl.exe"):
+        return WSLDriver(vm_name=vm_name)
+    elif has_lima and (has_vz or has_qemu):
+        return LimaDriver(vm_name=vm_name)
+    else:
+        console.error("Could not find a compatible VM runtime.")
+        if platform.system() == "Darwin":
+            console.hint("This version of macOS is unsupported, please update the system.")
+        elif platform.system() == "Linux":
+            if not has_lima:
+                console.hint(
+                    "This Linux distribution is not suppored by Lima VM binary releases (required: glibc>=2.34). Manually install Lima VM >=1.2.1 through either:\n"
+                    + "  - Your distribution's package manager, if available (https://repology.org/project/lima/versions)\n"
+                    + "  - Homebrew, which uses its own separate glibc on Linux (https://brew.sh)\n"
+                    + "  - Building it yourself, and ensuring that limactl is in PATH (https://lima-vm.io/docs/installation/source/)"
+                )
+            if not has_qemu:
+                console.hint(
+                    f"QEMU is needed on Linux, please install it and ensure that qemu-system-{arch} is in PATH. Refer to https://www.qemu.org/download/ for instructions."
+                )
+        sys.exit(1)
+
+
+@app.command("start")
+async def start(
+    set_values_list: typing.Annotated[
+        list[str], typer.Option("--set", help="Set Helm chart values using <key>=<value> syntax", default_factory=list)
+    ],
+    import_images: typing.Annotated[
+        list[str],
+        typer.Option(
+            "--import", help="Import an image from a local Docker CLI into Agent Stack platform", default_factory=list
+        ),
+    ],
+    values_file: typing.Annotated[
+        pathlib.Path | None, typer.Option("-f", help="Set Helm chart values using yaml values file")
+    ] = None,
+    vm_name: typing.Annotated[str, typer.Option(hidden=True)] = "agentstack",
+    verbose: typing.Annotated[bool, typer.Option("-v", help="Show verbose output")] = False,
+):
+    """Start Agent Stack platform."""
+    import agentstack_cli.commands.server
+
+    values_file_path = None
+    if values_file:
+        values_file_path = pathlib.Path(values_file)
+        if not values_file_path.is_file():
+            raise FileNotFoundError(f"Values file {values_file} not found.")
+
+    with verbosity(verbose):
+        driver = get_driver(vm_name=vm_name)
+        await driver.create_vm()
+        await driver.install_tools()
+        await driver.deploy(set_values_list=set_values_list, values_file=values_file_path, import_images=import_images)
+
+        with console.status("Waiting for Agent Stack platform to be ready...", spinner="dots"):
+            timeout = datetime.timedelta(minutes=20)
+            try:
+                async for attempt in AsyncRetrying(
+                    stop=stop_after_delay(timeout),
+                    wait=wait_fixed(datetime.timedelta(seconds=1)),
+                    retry=retry_if_exception_type((httpx.HTTPError, ConnectionError)),
+                    reraise=True,
+                ):
+                    with attempt:
+                        await Provider.list()
+            except Exception as ex:
+                raise ConnectionError(
+                    f"Server did not start in {timeout}. Please check your internet connection."
+                ) from ex
+
+        console.success("Agent Stack platform started successfully!")
+
+        if any("phoenix.enabled=true" in value.lower() for value in set_values_list):
+            console.print(
+                textwrap.dedent("""\
+
+                License Notice:
+                When you enable Phoenix, be aware that Arize Phoenix is licensed under the Elastic License v2 (ELv2),
+                which has specific terms regarding commercial use and distribution. By enabling Phoenix, you acknowledge
+                that you are responsible for ensuring compliance with the ELv2 license terms for your specific use case.
+                Please review the Phoenix license (https://github.com/Arize-ai/phoenix/blob/main/LICENSE) before enabling
+                this feature in production environments.
+                """),
+                style="dim",
+            )
+
+        await agentstack_cli.commands.server.server_login("http://localhost:8333")
+
+
+@app.command("stop")
+async def stop(
+    vm_name: typing.Annotated[str, typer.Option(hidden=True)] = "agentstack",
+    verbose: typing.Annotated[bool, typer.Option("-v", help="Show verbose output")] = False,
+):
+    """Stop Agent Stack platform."""
+    with verbosity(verbose):
+        driver = get_driver(vm_name=vm_name)
+        if not await driver.status():
+            console.info("Agent Stack platform not found. Nothing to stop.")
+            return
+        await driver.stop()
+        console.success("Agent Stack platform stopped successfully.")
+
+
+@app.command("delete")
+async def delete(
+    vm_name: typing.Annotated[str, typer.Option(hidden=True)] = "agentstack",
+    verbose: typing.Annotated[bool, typer.Option("-v", help="Show verbose output")] = False,
+):
+    """Delete Agent Stack platform."""
+    with verbosity(verbose):
+        driver = get_driver(vm_name=vm_name)
+        await driver.delete()
+        console.success("Agent Stack platform deleted successfully.")
+
+
+@app.command("import")
+async def import_image_cmd(
+    tag: typing.Annotated[str, typer.Argument(help="Docker image tag to import")],
+    vm_name: typing.Annotated[str, typer.Option(hidden=True)] = "agentstack",
+    verbose: typing.Annotated[bool, typer.Option("-v", help="Show verbose output")] = False,
+):
+    """Import a local docker image into the Agent Stack platform."""
+    with verbosity(verbose):
+        driver = get_driver(vm_name=vm_name)
+        if (await driver.status()) != "running":
+            console.error("Agent Stack platform is not running.")
+            sys.exit(1)
+        await driver.import_image(tag)
+
+
+@app.command("exec")
+async def exec_cmd(
+    command: typing.Annotated[list[str] | None, typer.Argument()] = None,
+    vm_name: typing.Annotated[str, typer.Option(hidden=True)] = "agentstack",
+    verbose: typing.Annotated[bool, typer.Option("-v", help="Show verbose output")] = False,
+):
+    """For debugging -- execute a command inside the Agent Stack platform VM."""
+    with verbosity(verbose, show_success_status=False):
+        driver = get_driver(vm_name=vm_name)
+        if (await driver.status()) != "running":
+            console.error("Agent Stack platform is not running.")
+            sys.exit(1)
+        await driver.exec(command or ["/bin/bash"])

agentstack_cli/commands/platform/base_driver.py

@@ -0,0 +1,222 @@
+# Copyright 2025 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0
+
+import abc
+import importlib.resources
+import pathlib
+import shlex
+import typing
+from subprocess import CompletedProcess
+from textwrap import dedent
+
+import anyio
+import pydantic
+import yaml
+from tenacity import AsyncRetrying, stop_after_attempt
+
+import agentstack_cli.commands.platform.istio
+from agentstack_cli.configuration import Configuration
+
+
+class BaseDriver(abc.ABC):
+    vm_name: str
+
+    def __init__(self, vm_name: str = "agentstack"):
+        self.vm_name = vm_name
+
+    @abc.abstractmethod
+    async def run_in_vm(
+        self,
+        command: list[str],
+        message: str,
+        env: dict[str, str] | None = None,
+        input: bytes | None = None,
+    ) -> CompletedProcess[bytes]: ...
+
+    @abc.abstractmethod
+    async def status(self) -> typing.Literal["running"] | str | None: ...
+
+    @abc.abstractmethod
+    async def create_vm(self) -> None: ...
+
+    @abc.abstractmethod
+    async def stop(self) -> None: ...
+
+    @abc.abstractmethod
+    async def delete(self) -> None: ...
+
+    @abc.abstractmethod
+    async def import_image(self, tag: str) -> None: ...
+
+    @abc.abstractmethod
+    async def exec(self, command: list[str]) -> None: ...
+
+    async def install_tools(self) -> None:
+        # Configure k3s registry for local registry access
+        registry_config = dedent(
+            """\
+            mirrors:
+              "agentstack-registry-svc.default:5001":
+                endpoint:
+                  - "http://localhost:30501"
+            configs:
+              "agentstack-registry-svc.default:5001":
+                tls:
+                  insecure_skip_verify: true
+            """
+        )
+
+        await self.run_in_vm(
+            [
+                "sh",
+                "-c",
+                (
+                    f"sudo mkdir -p /etc/rancher/k3s /registry-data && "
+                    f"echo '{registry_config}' | "
+                    "sudo tee /etc/rancher/k3s/registries.yaml > /dev/null"
+                ),
+            ],
+            "Configuring k3s registry",
+        )
+
+        await self.run_in_vm(
+            [
+                "sh",
+                "-c",
+                "which k3s || curl -sfL https://get.k3s.io | sh -s - --write-kubeconfig-mode 644 --https-listen-port=16443",
+            ],
+            "Installing k3s",
+        )
+        await self.run_in_vm(
+            [
+                "sh",
+                "-c",
+                "which helm || curl -sfL https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash",
+            ],
+            "Installing Helm",
+        )
+
+    async def deploy(
+        self,
+        set_values_list: list[str],
+        values_file: pathlib.Path | None = None,
+        import_images: list[str] | None = None,
+    ) -> None:
+        await self.run_in_vm(
+            ["sh", "-c", "mkdir -p /tmp/agentstack && cat >/tmp/agentstack/chart.tgz"],
+            "Preparing Helm chart",
+            input=(importlib.resources.files("agentstack_cli") / "data" / "helm-chart.tgz").read_bytes(),
+        )
+        values = {
+            **{svc: {"service": {"type": "LoadBalancer"}} for svc in ["collector", "docling", "ui", "phoenix"]},
+            "hostNetwork": True,
+            "externalRegistries": {"public_github": str(Configuration().agent_registry)},
+            "encryptionKey": "Ovx8qImylfooq4-HNwOzKKDcXLZCB3c_m0JlB9eJBxc=",
+            "features": {
+                "uiNavigation": True,
+                "selfRegistration": True,
+                "localSetup": True,
+                "generateConversationTitle": False,  # TODO: enable when UI implementation is ready
+            },
+            "auth": {"enabled": False},
+        }
+        if values_file:
+            values.update(yaml.safe_load(values_file.read_text()))
+        await self.run_in_vm(
+            ["sh", "-c", "cat >/tmp/agentstack/values.yaml"],
+            "Preparing Helm values",
+            input=yaml.dump(values).encode("utf-8"),
+        )
+
+        images_str = (
+            await self.run_in_vm(
+                [
+                    "/bin/bash",
+                    "-c",
+                    "helm template agentstack /tmp/agentstack/chart.tgz --values=/tmp/agentstack/values.yaml "
+                    + " ".join(shlex.quote(f"--set={value}") for value in set_values_list)
+                    + " | sed -n '/^\\s*image:/{ /{{/!{ s/.*image:\\s*//p } }'",
+                ],
+                "Listing necessary images",
+            )
+        ).stdout.decode()
+        for image in import_images or []:
+            await self.import_image(image)
+        for image in {typing.cast(str, yaml.safe_load(line)) for line in images_str.splitlines()} - set(
+            import_images or []
+        ):
+            async for attempt in AsyncRetrying(stop=stop_after_attempt(5)):
+                with attempt:
+                    attempt_num = attempt.retry_state.attempt_number
+                    await self.run_in_vm(
+                        [
+                            "k3s",
+                            "ctr",
+                            "image",
+                            "pull",
+                            image if "." in image.split("/")[0] else f"docker.io/{image}",
+                        ],
+                        f"Pulling image {image}" + (f" (attempt {attempt_num})" if attempt_num > 1 else ""),
+                    )
+
+        if any("auth.oidc.enabled=true" in value.lower() for value in set_values_list):
+            await agentstack_cli.commands.platform.istio.install(driver=self)
+
+        kubeconfig_path = anyio.Path(Configuration().lima_home) / self.vm_name / "copied-from-guest" / "kubeconfig.yaml"
+        await kubeconfig_path.parent.mkdir(parents=True, exist_ok=True)
+        await kubeconfig_path.write_text(
+            (
+                await self.run_in_vm(
+                    ["/bin/cat", "/etc/rancher/k3s/k3s.yaml"],
+                    "Copying kubeconfig from Agent Stack platform",
+                )
+            ).stdout.decode()
+        )
+
+        await self.run_in_vm(
+            [
+                "helm",
+                "upgrade",
+                "--install",
+                "agentstack",
+                "/tmp/agentstack/chart.tgz",
+                "--namespace=default",
+                "--create-namespace",
+                "--values=/tmp/agentstack/values.yaml",
+                "--timeout=20m",
+                "--wait",
+                "--kubeconfig=/etc/rancher/k3s/k3s.yaml",
+                *(f"--set={value}" for value in set_values_list),
+            ],
+            "Deploying Agent Stack platform with Helm",
+        )
+
+        if import_images:
+            await self.run_in_vm(
+                ["k3s", "kubectl", "rollout", "restart", "deployment"],
+                "Restarting deployments to load imported images",
+            )
+
+    async def version(self) -> str | None:
+        if (await self.status()) != "running":
+            return None
+        HelmStatus = typing.TypedDict("HelmStatus", {"status": str, "app_version": str})
+        helm_status = pydantic.TypeAdapter(list[HelmStatus]).validate_json(
+            (
+                await self.run_in_vm(
+                    [
+                        "/usr/local/bin/helm",
+                        "--kubeconfig=/etc/rancher/k3s/k3s.yaml",
+                        "ls",
+                        "--namespace=default",
+                        "--filter=^agentstack$",
+                        "-o",
+                        "json",
+                    ],
+                    "Getting Agent Stack platform version",
+                )
+            ).stdout
+        )
+        if helm_status[0]["status"] != "deployed":
+            return None
+        return helm_status[0]["app_version"]

agentstack_cli/commands/platform/istio.py

@@ -0,0 +1,186 @@
+# Copyright 2025 © BeeAI a Series of LF Projects, LLC
+# SPDX-License-Identifier: Apache-2.0
+
+import typing
+
+import yaml
+
+if typing.TYPE_CHECKING:
+    from agentstack_cli.commands.platform.base_driver import BaseDriver
+
+
+async def install(driver: "BaseDriver"):
+    # Gateway API
+    await driver.run_in_vm(
+        [
+            "k3s",
+            "kubectl",
+            "apply",
+            "-f",
+            "https://github.com/kubernetes-sigs/gateway-api/releases/download/v1.3.0/standard-install.yaml",
+        ],
+        "Installing gateway CRDs",
+    )
+
+    # Cert Manager
+    await driver.run_in_vm(
+        [
+            "helm",
+            "--kubeconfig=/etc/rancher/k3s/k3s.yaml",
+            "install",
+            "cert-manager",
+            "oci://quay.io/jetstack/charts/cert-manager",
+            "--version",
+            "v1.18.2",
+            "--namespace",
+            "cert-manager",
+            "--create-namespace",
+            "--set",
+            "crds.enabled=true",
+            "--wait",
+        ],
+        "Installing cert-manager",
+    )
+
+    # Istio
+    await driver.run_in_vm(
+        ["helm", "repo", "add", "istio", "https://istio-release.storage.googleapis.com/charts"],
+        "Adding Istio repo to Helm",
+    )
+    await driver.run_in_vm(["helm", "repo", "update"], "Updating Helm repos")
+    for component in ["base", "istiod", "cni", "ztunnel"]:
+        await driver.run_in_vm(
+            [
+                "helm",
+                "--kubeconfig=/etc/rancher/k3s/k3s.yaml",
+                "install",
+                f"istio-{component}",
+                f"istio/{component}",
+                "--namespace",
+                "istio-system",
+                "--create-namespace",
+                "--set=profile=ambient",
+                "--set=global.platform=k3s",
+                "--wait",
+            ],
+            f"Installing Istio ({component})",
+        )
+    await driver.run_in_vm(
+        ["k3s", "kubectl", "label", "namespace", "default", "istio.io/dataplane-mode=ambient"],
+        "Labeling the default namespace",
+    )
+
+    # Configuration
+    Resource = typing.TypedDict(
+        "Resource", {"apiVersion": str, "kind": str, "metadata": dict[str, str], "spec": dict[str, typing.Any]}
+    )
+    resources: list[Resource] = [
+        {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Issuer",
+            "metadata": {"name": "default-issuer", "namespace": "default"},
+            "spec": {"selfSigned": {}},
+        },
+        {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Issuer",
+            "metadata": {"name": "istio-system-issuer", "namespace": "istio-system"},
+            "spec": {"selfSigned": {}},
+        },
+        {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Certificate",
+            "metadata": {"name": "agentstack-tls", "namespace": "istio-system"},
+            "spec": {
+                "secretName": "agentstack-tls",
+                "commonName": "agentstack",
+                "dnsNames": ["agentstack", "agentstack.localhost"],
+                "issuerRef": {"name": "istio-system-issuer", "kind": "Issuer"},
+            },
+        },
+        {
+            "apiVersion": "cert-manager.io/v1",
+            "kind": "Certificate",
+            "metadata": {"name": "ingestion-svc", "namespace": "default"},
+            "spec": {
+                "secretName": "ingestion-svc-tls",
+                "commonName": "ingestion-svc",
+                "dnsNames": [
+                    "ingestion-svc",
+                    "ingestion-svc.default",
+                    "ingestion-svc.default.svc",
+                    "ingestion-svc.default.svc.cluster.local",
+                ],
+                "issuerRef": {"name": "default-issuer", "kind": "Issuer"},
+            },
+        },
+        {
+            "apiVersion": "gateway.networking.k8s.io/v1",
+            "kind": "Gateway",
+            "metadata": {"name": "agentstack-gateway", "namespace": "istio-system"},
+            "spec": {
+                "gatewayClassName": "istio",
+                "listeners": [
+                    {
+                        "name": "https",
+                        "hostname": "agentstack.localhost",
+                        "port": 8336,
+                        "protocol": "HTTPS",
+                        "tls": {"mode": "Terminate", "certificateRefs": [{"name": "agentstack-tls"}]},
+                        "allowedRoutes": {"namespaces": {"from": "All"}},
+                    }
+                ],
+            },
+        },
+        {
+            "apiVersion": "gateway.networking.k8s.io/v1",
+            "kind": "HTTPRoute",
+            "metadata": {"name": "agentstack-ui"},
+            "spec": {
+                "parentRefs": [{"name": "agentstack-gateway", "namespace": "istio-system"}],
+                "hostnames": ["agentstack.testing", "agentstack.localhost"],
+                "rules": [
+                    {
+                        "matches": [{"path": {"type": "PathPrefix", "value": "/"}}],
+                        "backendRefs": [{"name": "agentstack-ui-svc", "port": 8334}],
+                    }
+                ],
+            },
+        },
+    ]
+    for resource in resources:
+        await driver.run_in_vm(
+            ["k3s", "kubectl", "apply", "-f", "-"],
+            f"Applying {resource['metadata']['name']} ({resource['kind']})",
+            input=yaml.dump(resource, sort_keys=False).encode("utf-8"),
+        )
+
+    # Extra services
+    for addon in ["prometheus", "kiali"]:
+        await driver.run_in_vm(
+            [
+                "k3s",
+                "kubectl",
+                "apply",
+                "-f",
+                f"https://raw.githubusercontent.com/istio/istio/master/samples/addons/{addon}.yaml",
+            ],
+            f"Installing {addon.capitalize()}",
+        )
+    await driver.run_in_vm(
+        [
+            "k3s",
+            "kubectl",
+            "-n",
+            "istio-system",
+            "expose",
+            "deployment",
+            "kiali",
+            "--protocol=TCP",
+            "--port=20001",
+            "--target-port=20001",
+            "--type=LoadBalancer",
+            "--name=kiali-external",
+        ],
+        "Exposing Kiali service",
+    )