appmesh 1.6.13__py3-none-any.whl → 1.6.14__py3-none-any.whl

appmesh/app.py

@@ -134,75 +134,85 @@ class App:
 
         # Application configuration
         self.name = _get_str(data, "name")
-        """application name (unique)"""
+        """app name (unique)"""
         self.command = _get_str(data, "command")
         """full command line with arguments"""
         self.shell = _get_bool(data, "shell")
-        """use shell mode, cmd can be more shell commands with string format"""
+        """Whether run command in shell mode (enables shell syntax such as pipes and compound commands)"""
         self.session_login = _get_bool(data, "session_login")
-        """app run in session login mode"""
+        """Whether to run the app in session login mode (inheriting the user's full login environment)"""
         self.description = _get_str(data, "description")
-        """application description string"""
+        """app description string"""
         self.metadata = _get_item(data, "metadata")
-        """metadata string/JSON (input for application, pass to process stdin)"""
+        """metadata string/JSON (input for app, pass to process stdin)"""
         self.working_dir = _get_str(data, "working_dir")
         """working directory"""
         self.status = _get_int(data, "status")
-        """initial application status (true is enable, false is disabled)"""
+        """app status: 1 for enabled, 0 for disabled"""
         self.docker_image = _get_str(data, "docker_image")
-        """docker image which used to run command line (for docker container application)"""
+        """Docker image for containerized execution"""
         self.stdout_cache_num = _get_int(data, "stdout_cache_num")
-        """stdout file cache number"""
+        """maximum number of stdout log files to retain"""
         self.start_time = _get_int(data, "start_time")
         """start date time for app (ISO8601 time format, e.g., '2020-10-11T09:22:05')"""
         self.end_time = _get_int(data, "end_time")
         """end date time for app (ISO8601 time format, e.g., '2020-10-11T10:22:05')"""
-        self.interval = _get_int(data, "interval")
+        self.start_interval_seconds = _get_int(data, "start_interval_seconds")
         """start interval seconds for short running app, support ISO 8601 durations and cron expression (e.g., 'P1Y2M3DT4H5M6S' 'P5W' '* */5 * * * *')"""
         self.cron = _get_bool(data, "cron")
-        """indicate interval parameter use cron expression or not"""
+        """Whether the interval is specified as a cron expression"""
         self.daily_limitation = App.DailyLimitation(_get_item(data, "daily_limitation"))
         self.retention = _get_str(data, "retention")
         """extra timeout seconds for stopping current process, support ISO 8601 durations (e.g., 'P1Y2M3DT4H5M6S' 'P5W')."""
         self.health_check_cmd = _get_str(data, "health_check_cmd")
         """health check script command (e.g., sh -x 'curl host:port/health', return 0 is health)"""
         self.permission = _get_int(data, "permission")
-        """application user permission, value is 2 bit integer: [group & other], each bit can be deny:1, read:2, write: 3."""
+        """app user permission, value is 2 bit integer: [group & other], each bit can be deny:1, read:2, write: 3."""
         self.behavior = App.Behavior(_get_item(data, "behavior"))
 
         self.env = data.get("env", {}) if data else {}
         """environment variables (e.g., -e env1=value1 -e env2=value2, APP_DOCKER_OPTS is used to input docker run parameters)"""
         self.sec_env = data.get("sec_env", {}) if data else {}
-        """security environment variables, encrypt in server side with application owner's cipher"""
+        """security environment variables, encrypt in server side with app owner's cipher"""
         self.pid = _get_int(data, "pid")
         """process id used to attach to the running process"""
         self.resource_limit = App.ResourceLimitation(_get_item(data, "resource_limit"))
 
         # Read-only attributes
+        self.register_time = _get_int(data, "register_time")
+        """app register time"""
+        self.starts = _get_int(data, "starts")
+        """number of times started"""
         self.owner = _get_str(data, "owner")
-        """owner name"""
+        """owner name of app mesh user who created the app"""
         self.user = _get_str(data, "pid_user")
-        """process user name"""
+        """process OS user name"""
         self.pstree = _get_str(data, "pstree")
         """process tree"""
         self.container_id = _get_str(data, "container_id")
-        """container id"""
+        """docker container id"""
         self.memory = _get_int(data, "memory")
         """memory usage"""
         self.cpu = _get_int(data, "cpu")
         """cpu usage"""
         self.fd = _get_int(data, "fd")
         """file descriptor usage"""
+        self.stdout_cache_size = _get_int(data, "stdout_cache_size")
+        """number of stdout log files currently retained"""
         self.last_start_time = _get_int(data, "last_start_time")
         """last start time"""
         self.last_exit_time = _get_int(data, "last_exit_time")
         """last exit time"""
+        self.last_error = _get_str(data, "last_error")
+        """last error message"""
+        self.next_start_time = _get_int(data, "next_start_time")
+        """next start time"""
         self.health = _get_int(data, "health")
-        """health status"""
+        """health status: 0 for healthy, 1 for unhealthy"""
         self.version = _get_int(data, "version")
-        """version number"""
+        """app version"""
         self.return_code = _get_int(data, "return_code")
-        """last exit code"""
+        """last process exit code"""
         self.task_id = _get_int(data, "task_id")
         """current task id"""
         self.task_status = _get_str(data, "task_status")

appmesh/client_http.py

@@ -12,6 +12,7 @@ import os
 import sys
 import threading
 import time
+from pathlib import Path
 from datetime import datetime
 from enum import Enum, unique
 from http import HTTPStatus
@@ -39,17 +40,6 @@ class AppMeshClient(metaclass=abc.ABCMeta):
 
     This client is designed for direct usage in applications that require access to App Mesh services over HTTP-based REST.
 
-    Usage:
-        - Install the App Mesh Python package:
-            python3 -m pip install --upgrade appmesh
-        - Import the client module:
-            from appmesh import AppMeshClient
-
-    Example:
-        client = AppMeshClient()
-        client.login("your-name", "your-password")
-        response = client.app_view(app_name='ping')
-
     Attributes:
         - TLS (Transport Layer Security): Supports secure connections between the client and App Mesh service,
           ensuring encrypted communication.
@@ -112,6 +102,13 @@ class AppMeshClient(metaclass=abc.ABCMeta):
         - update_role()
         - view_roles()
         - view_groups()
+
+    Example:
+        >>> python -m pip install --upgrade appmesh
+        >>> from appmesh import AppMeshClient
+        >>> client = AppMeshClient()
+        >>> client.login("your-name", "your-password")
+        >>> response = client.app_view(app_name='ping')
     """
 
     DURATION_ONE_WEEK_ISO = "P1W"
@@ -121,10 +118,10 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     TOKEN_REFRESH_OFFSET = 30  # 30s before token expire to refresh token
 
     # Platform-aware default SSL paths
-    _DEFAULT_SSL_DIR = "c:/local/appmesh/ssl" if os.name == "nt" else "/opt/appmesh/ssl"
-    DEFAULT_SSL_CA_CERT_PATH = os.path.join(_DEFAULT_SSL_DIR, "ca.pem")
-    DEFAULT_SSL_CLIENT_CERT_PATH = os.path.join(_DEFAULT_SSL_DIR, "client.pem")
-    DEFAULT_SSL_CLIENT_KEY_PATH = os.path.join(_DEFAULT_SSL_DIR, "client-key.pem")
+    _DEFAULT_SSL_DIR = Path("C:/local/appmesh/ssl") if os.name == "nt" else Path("/opt/appmesh/ssl")
+    DEFAULT_SSL_CA_CERT_PATH = str(_DEFAULT_SSL_DIR / "ca.pem")
+    DEFAULT_SSL_CLIENT_CERT_PATH = str(_DEFAULT_SSL_DIR / "client.pem")
+    DEFAULT_SSL_CLIENT_KEY_PATH = str(_DEFAULT_SSL_DIR / "client-key.pem")
 
     DEFAULT_JWT_AUDIENCE = "appmesh-service"
 
@@ -199,39 +196,28 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     def __init__(
         self,
         rest_url: str = "https://127.0.0.1:6060",
-        rest_ssl_verify=DEFAULT_SSL_CA_CERT_PATH if os.path.exists(DEFAULT_SSL_CA_CERT_PATH) else False,
-        rest_ssl_client_cert=(DEFAULT_SSL_CLIENT_CERT_PATH, DEFAULT_SSL_CLIENT_KEY_PATH) if os.path.exists(DEFAULT_SSL_CLIENT_CERT_PATH) else None,
-        rest_timeout=(60, 300),
+        rest_ssl_verify: Union[bool, str] = DEFAULT_SSL_CA_CERT_PATH,
+        rest_ssl_client_cert: Optional[Union[str, Tuple[str, str]]] = (DEFAULT_SSL_CLIENT_CERT_PATH, DEFAULT_SSL_CLIENT_KEY_PATH),
+        rest_timeout: Tuple[float, float] = (60, 300),
         jwt_token: Optional[str] = None,
         rest_cookie_file: Optional[str] = None,
-        auto_refresh_token=False,
+        auto_refresh_token: bool = False,
     ):
         """Initialize an App Mesh HTTP client for interacting with the App Mesh server via secure HTTPS.
 
         Args:
-            rest_url (str, optional): The server's base URI, including protocol, hostname, and port. Defaults to `"https://127.0.0.1:6060"`.
-
-            rest_ssl_verify (Union[bool, str], optional): Configures SSL certificate verification for HTTPS requests:
-                - `True`: Uses system CA certificates to verify the server's identity.
-                - `False`: Disables SSL verification (insecure, use cautiously for development).
-                - `str`: Path to a custom CA certificate or directory for verification. This option allows custom CA configuration,
-                which may be necessary in environments requiring specific CA chains that differ from the default system CAs.
-                To use both a custom CA and the system's default CAs, create a combined CA bundle by concatenating them into a single file. (e.g., `cat custom_ca.pem /etc/ssl/certs/ca-certificates.crt > combined_ca.pem`).
-
-            rest_ssl_client_cert (Union[str, Tuple[str, str]], optional): Path to the SSL client certificate and key. Can be:
-                - `str`: A path to a single PEM file containing both the client certificate and private key.
-                - `tuple`: A pair of paths (`cert_file`, `key_file`), where `cert_file` is the client certificate file path and `key_file` is the private key file path.
-
-            rest_timeout (tuple, optional): HTTP connection timeouts for API requests, as `(connect_timeout, read_timeout)`.
-                The default is `(60, 300)`, where `60` seconds is the maximum time to establish a connection and `300` seconds for the maximum read duration.
-
-            rest_cookie_file (str, optional): Path to a file for storing session cookies.
-                If provided, cookies will be saved to and loaded from this file to maintain session state across client instances instead of keep jwt_token.
-
-            jwt_token (str, optional): JWT token for API authentication, used in headers to authorize requests where required.
-            auto_refresh_token (bool, optional): Enable automatic token refresh before expiration.
-                When enabled, a background timer will monitor token expiration and attempt to refresh
-                the token before it expires. This works with both native App Mesh tokens and Keycloak tokens.
+            rest_url: Base server URI (protocol, host, port). Default: `"https://127.0.0.1:6060"`.
+            rest_ssl_verify: SSL verification mode for HTTPS requests:
+              - True: Use system CAs.
+              - False: Disable verification (insecure).
+              - str: Path to custom CA or directory. To include system CAs, combine them into one file (e.g., cat custom_ca.pem /etc/ssl/certs/ca-certificates.crt > combined_ca.pem).
+            rest_ssl_client_cert: SSL client certificate:
+              - str: Path to single PEM with cert+key
+              - tuple: (cert_path, key_path)
+            rest_timeout: Timeouts `(connect, read)` in seconds.  Default `(60, 300)`.
+            rest_cookie_file: Cookie file path for session persistence (alternative to jwt_token).
+            jwt_token: JWT token for API authentication, overrides cookie file if both provided.
+            auto_refresh_token: Auto-refresh JWT before expiry (supports App Mesh and Keycloak tokens).
         """
         self._ensure_logging_configured()
         self.auth_server_url = rest_url
@@ -1202,13 +1188,13 @@ class AppMeshClient(metaclass=abc.ABCMeta):
     ########################################
     # File management
     ########################################
-    def download_file(self, remote_file: str, local_file: str, apply_file_attributes: bool = True) -> None:
+    def download_file(self, remote_file: str, local_file: str, preserve_permissions: bool = True) -> None:
         """Download a remote file to the local system. Optionally, the local file will have the same permission as the remote file.
 
         Args:
             remote_file (str): the remote file path.
             local_file (str): the local file path to be downloaded.
-            apply_file_attributes (bool): whether to apply file attributes (permissions, owner, group) to the local file.
+            preserve_permissions (bool): whether to apply file attributes (permissions, owner, group) to the local file.
         """
         resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/file/download", header={self.HTTP_HEADER_KEY_X_FILE_PATH: remote_file})
         resp.raise_for_status()
@@ -1220,7 +1206,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
                     fp.write(chunk)
 
         # Apply file attributes (permissions, owner, group) if requested
-        if apply_file_attributes and sys.platform != "win32":
+        if preserve_permissions and sys.platform != "win32":
             if "X-File-Mode" in resp.headers:
                 os.chmod(path=local_file, mode=int(resp.headers["X-File-Mode"]))
             if "X-File-User" in resp.headers and "X-File-Group" in resp.headers:
@@ -1231,7 +1217,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
                 except PermissionError:
                     logging.warning(f"Warning: Unable to change owner/group of {local_file}. Operation requires elevated privileges.")
 
-    def upload_file(self, local_file: str, remote_file: str, apply_file_attributes: bool = True) -> None:
+    def upload_file(self, local_file: str, remote_file: str, preserve_permissions: bool = True) -> None:
         """Upload a local file to the remote server. Optionally, the remote file will have the same permission as the local file.
 
         Dependency:
@@ -1241,7 +1227,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
         Args:
             local_file (str): the local file path.
             remote_file (str): the target remote file to be uploaded.
-            apply_file_attributes (bool): whether to upload file attributes (permissions, owner, group) along with the file.
+            preserve_permissions (bool): whether to upload file attributes (permissions, owner, group) along with the file.
         """
         if not os.path.exists(local_file):
             raise FileNotFoundError(f"Local file not found: {local_file}")
@@ -1253,7 +1239,7 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             header = {self.HTTP_HEADER_KEY_X_FILE_PATH: parse.quote(remote_file), "Content-Type": encoder.content_type}
 
             # Include file attributes (permissions, owner, group) if requested
-            if apply_file_attributes:
+            if preserve_permissions:
                 file_stat = os.stat(local_file)
                 header["X-File-Mode"] = str(file_stat.st_mode & 0o777)  # Mask to keep only permission bits
                 header["X-File-User"] = str(file_stat.st_uid)
@@ -1486,24 +1472,24 @@ class AppMeshClient(metaclass=abc.ABCMeta):
             header.setdefault("Content-Type", "application/json")
 
         try:
+            request_kwargs = {
+                "url": rest_url,
+                "headers": header,
+                "cert": self.ssl_client_cert,
+                "verify": self.ssl_verify,
+                "timeout": self.rest_timeout,
+            }
+
             if method is AppMeshClient.Method.GET:
-                resp = self.session.get(url=rest_url, params=query, headers=header, cert=self.ssl_client_cert, verify=self.ssl_verify, timeout=self.rest_timeout)
+                resp = self.session.get(params=query, **request_kwargs)
             elif method is AppMeshClient.Method.POST:
-                resp = self.session.post(
-                    url=rest_url,
-                    params=query,
-                    headers=header,
-                    data=body,
-                    cert=self.ssl_client_cert,
-                    verify=self.ssl_verify,
-                    timeout=self.rest_timeout,
-                )
+                resp = self.session.post(params=query, data=body, **request_kwargs)
             elif method is AppMeshClient.Method.POST_STREAM:
-                resp = self.session.post(url=rest_url, params=query, headers=header, data=body, cert=self.ssl_client_cert, verify=self.ssl_verify, stream=True, timeout=self.rest_timeout)
+                resp = self.session.post(params=query, data=body, stream=True, **request_kwargs)
             elif method is AppMeshClient.Method.DELETE:
-                resp = self.session.delete(url=rest_url, headers=header, cert=self.ssl_client_cert, verify=self.ssl_verify, timeout=self.rest_timeout)
+                resp = self.session.delete(**request_kwargs)
             elif method is AppMeshClient.Method.PUT:
-                resp = self.session.put(url=rest_url, params=query, headers=header, data=body, cert=self.ssl_client_cert, verify=self.ssl_verify, timeout=self.rest_timeout)
+                resp = self.session.put(params=query, data=body, **request_kwargs)
             else:
                 raise Exception("Invalid http method", method)
 

appmesh/client_http_oauth.py

@@ -18,8 +18,8 @@ class AppMeshClientOAuth(AppMeshClient):
         self,
         oauth2: dict,  # Required for Keycloak
         rest_url: str = "https://127.0.0.1:6060",
-        rest_ssl_verify=AppMeshClient.DEFAULT_SSL_CA_CERT_PATH if os.path.exists(AppMeshClient.DEFAULT_SSL_CA_CERT_PATH) else False,
-        rest_ssl_client_cert=(AppMeshClient.DEFAULT_SSL_CLIENT_CERT_PATH, AppMeshClient.DEFAULT_SSL_CLIENT_KEY_PATH) if os.path.exists(AppMeshClient.DEFAULT_SSL_CLIENT_CERT_PATH) else None,
+        rest_ssl_verify=AppMeshClient.DEFAULT_SSL_CA_CERT_PATH,
+        rest_ssl_client_cert=AppMeshClient.DEFAULT_SSL_CLIENT_CERT_PATH,
         rest_timeout=(60, 300),
         jwt_token=None,  # Keycloak dict
         auto_refresh_token: bool = True,  # Default to True for Keycloak

appmesh/client_tcp.py

@@ -7,6 +7,7 @@ import os
 import socket
 import sys
 import uuid
+from typing import Optional, Tuple, Union
 
 # Third-party imports
 import requests
@@ -18,8 +19,7 @@ from .tcp_transport import TCPTransport
 
 
 class AppMeshClientTCP(AppMeshClient):
-    """
-    Client SDK for interacting with the App Mesh service over TCP, with enhanced support for large file transfers.
+    """Client SDK for interacting with the App Mesh service over TCP.
 
     The `AppMeshClientTCP` class extends the functionality of `AppMeshClient` by offering a TCP-based communication layer
     for the App Mesh REST API. It overrides the file download and upload methods to support large file transfers with
@@ -28,30 +28,23 @@ class AppMeshClientTCP(AppMeshClient):
     This client is suitable for applications requiring efficient data transfers and high-throughput operations within the
     App Mesh ecosystem, while maintaining compatibility with all other attributes and methods from `AppMeshClient`.
 
-    Dependency:
-        - Install the required package for message serialization:
-            pip3 install msgpack
-
-    Usage:
-        - Import the client module:
-            from appmesh import AppMeshClientTCP
-
-    Example:
-        client = AppMeshClientTCP()
-        client.login("your-name", "your-password")
-        client.file_download("/tmp/os-release", "os-release")
-
     Attributes:
-        - Inherits all attributes from `AppMeshClient`, including TLS secure connections and JWT-based authentication.
-        - Optimized for TCP-based communication to provide better performance for large file transfers.
+        Inherits all attributes from `AppMeshClient`, including TLS secure connections and JWT-based authentication.
 
     Methods:
-        - file_download()
-        - file_upload()
+        - download_file()
+        - upload_file()
         - Inherits all other methods from `AppMeshClient`, providing a consistent interface for managing applications within App Mesh.
+
+    Example:
+        >>> from appmesh import AppMeshClientTCP
+        >>> client = AppMeshClientTCP()
+        >>> client.login("your-name", "your-password")
+        >>> client.download_file("/tmp/os-release", "os-release")
     """
 
-    TCP_BLOCK_SIZE = 16 * 1024 - 128  # TLS-optimized chunk size, leaves some room for TLS overhead (like headers) within the 16 KB limit.
+    # TLS-optimized chunk size, leaves room for TLS overhead within the 16 KB limit
+    TCP_BLOCK_SIZE = 16 * 1024 - 128
     ENCODING_UTF8 = "utf-8"
     HTTP_USER_AGENT_TCP = "appmesh/python/tcp"
     HTTP_HEADER_KEY_X_SEND_FILE_SOCKET = "X-Send-File-Socket"
@@ -59,32 +52,27 @@ class AppMeshClientTCP(AppMeshClient):
 
     def __init__(
         self,
-        rest_ssl_verify=AppMeshClient.DEFAULT_SSL_CA_CERT_PATH if os.path.exists(AppMeshClient.DEFAULT_SSL_CA_CERT_PATH) else False,
-        rest_ssl_client_cert=None,
-        jwt_token=None,
-        tcp_address=("127.0.0.1", 6059),
+        rest_ssl_verify: Union[bool, str] = AppMeshClient.DEFAULT_SSL_CA_CERT_PATH,
+        rest_ssl_client_cert: Optional[Union[str, Tuple[str, str]]] = None,
+        jwt_token: Optional[str] = None,
+        tcp_address: Tuple[str, int] = ("127.0.0.1", 6059),
     ):
         """Construct an App Mesh client TCP object to communicate securely with an App Mesh server over TLS.
 
         Args:
-            rest_ssl_verify (Union[bool, str], optional): Specifies SSL certificate verification behavior. Can be:
-                - `True`: Uses the system’s default CA certificates to verify the server’s identity.
-                - `False`: Disables SSL certificate verification (insecure, intended for development).
-                - `str`: Specifies a custom CA bundle or directory for server certificate verification. If a string is provided,
-                it should either be a file path to a custom CA certificate (CA bundle) or a directory path containing multiple
-                certificates (CA directory).
-
-                **Note**: Unlike HTTP requests, TCP connections cannot automatically retrieve intermediate or public CA certificates.
-                When `rest_ssl_verify` is a path, it explicitly identifies a CA issuer to ensure certificate validation.
-
-            rest_ssl_client_cert (Union[str, Tuple[str, str]], optional): Path to the SSL client certificate and key. If a `str`,
-                it should be the path to a PEM file containing both the client certificate and private key. If a `tuple`, it should
-                be a pair of paths: (`cert`, `key`), where `cert` is the client certificate file and `key` is the private key file.
-
-            jwt_token (str, optional): JWT token for authentication. Used in methods requiring login and user authorization.
-
-            tcp_address (Tuple[str, int], optional): Address and port for establishing a TCP connection to the server.
-                Defaults to `("127.0.0.1", 6059)`.
+            rest_ssl_verify: SSL certificate verification behavior. Can be True, False, or a path to CA bundle.
+              - True: Use system CA certificates (e.g., /etc/ssl/certs/ on Linux)
+              - False:  Disable verification (insecure)
+              - str: Path to custom CA bundle or directory
+            ssl_client_cert: SSL client certificate:
+              - str: Path to single PEM with cert+key
+              - tuple: (cert_path, key_path)
+            jwt_token: Pre-configured JWT Token for authenticating requests.
+            tcp_address: Server address as (host, port) tuple, defaults to ("127.0.0.1", 6059).
+
+        Note:
+            TCP connections require an explicit full-chain CA specification for certificate validation,
+            unlike HTTP, which can retrieve intermediate certificates automatically.
         """
         self.tcp_transport = TCPTransport(address=tcp_address, ssl_verify=rest_ssl_verify, ssl_client_cert=rest_ssl_client_cert)
         super().__init__(rest_ssl_verify=rest_ssl_verify, rest_ssl_client_cert=rest_ssl_client_cert, jwt_token=jwt_token)
@@ -102,93 +90,159 @@ class AppMeshClientTCP(AppMeshClient):
             self.close()
         except Exception:
             pass  # Never raise in __del__
-        super().__del__()
 
-    def _request_http(self, method: AppMeshClient.Method, path: str, query: dict = None, header: dict = None, body=None) -> requests.Response:
+    def _covert_bytes(self, body) -> bytes:
+        """Prepare request body for transmission."""
+        if body is None:
+            return b""
+
+        if isinstance(body, (bytes, bytearray, memoryview)):
+            return body
+
+        if isinstance(body, str):
+            return body.encode(self.ENCODING_UTF8)
+
+        if isinstance(body, (dict, list)):
+            return json.dumps(body).encode(self.ENCODING_UTF8)
+
+        raise TypeError(f"Unsupported body type: {type(body)}")
+
+    def _request_http(self, method: AppMeshClient.Method, path: str, query: Optional[dict] = None, header: Optional[dict] = None, body=None) -> requests.Response:
         """Send HTTP request over TCP transport.
 
         Args:
-            method (Method): HTTP method.
-            path (str): URI path.
-            query (dict, optional): Query parameters.
-            header (dict, optional): HTTP headers.
+            method: HTTP method.
+            path: URI path.
+            query: Query parameters.
+            header: HTTP headers.
             body: Request body.
 
         Returns:
-            requests.Response: Simulated HTTP response.
+            Simulated HTTP response.
         """
+
+        # Check for unsupported features
+        if super().forward_to:
+            raise RuntimeError("Forward request is not supported in TCP mode")
+
         if not self.tcp_transport.connected():
             self.tcp_transport.connect()
 
+        # Prepare request message (ensure no fields are assigned None!)
         appmesh_request = RequestMessage()
-        token = self._get_access_token()
-        if token:
-            appmesh_request.headers[self.HTTP_HEADER_KEY_AUTH] = token
-        if super().forward_to and len(super().forward_to) > 0:
-            raise Exception("Not support forward request in TCP mode")
-        appmesh_request.headers[self.HTTP_HEADER_KEY_USER_AGENT] = self.HTTP_USER_AGENT_TCP
         appmesh_request.uuid = str(uuid.uuid1())
         appmesh_request.http_method = method.value
         appmesh_request.request_uri = path
         appmesh_request.client_addr = socket.gethostname()
+        appmesh_request.headers[self.HTTP_HEADER_KEY_USER_AGENT] = self.HTTP_USER_AGENT_TCP
 
-        if body:
-            if isinstance(body, (dict, list)):
-                appmesh_request.body = bytes(json.dumps(body, indent=2), self.ENCODING_UTF8)
-            elif isinstance(body, str):
-                appmesh_request.body = bytes(body, self.ENCODING_UTF8)
-            elif isinstance(body, bytes):
-                appmesh_request.body = body
-            else:
-                raise Exception(f"UnSupported body type: {type(body)}")
+        # Add authentication token
+        token = self._get_access_token()
+        if token:
+            appmesh_request.headers[self.HTTP_HEADER_KEY_AUTH] = token
 
+        # Add custom headers
         if header:
-            for k, v in header.items():
-                appmesh_request.headers[k] = v
+            appmesh_request.headers.update(header)
+
+        # Add query parameters
         if query:
-            for k, v in query.items():
-                appmesh_request.query[k] = v
+            appmesh_request.query.update(query)
+
+        # Prepare body
+        body_bytes = self._covert_bytes(body)
+        if body_bytes:
+            appmesh_request.body = body_bytes
 
+        # Send request
         data = appmesh_request.serialize()
         self.tcp_transport.send_message(data)
 
+        # Receive response
         resp_data = self.tcp_transport.receive_message()
         if not resp_data:  # Covers None and empty bytes
             self.tcp_transport.close()
-            raise Exception("socket connection broken")
+            raise ConnectionError("Socket connection broken")
 
+        # Parse response
         appmesh_resp = ResponseMessage().deserialize(resp_data)
         response = requests.Response()
         response.status_code = appmesh_resp.http_status
-        # response.encoding = self.ENCODING_UTF8 # only need when charset not in appmesh_resp.body_msg_type
-        response._content = appmesh_resp.body if isinstance(appmesh_resp.body, bytes) else str(appmesh_resp.body).encode(self.ENCODING_UTF8)
         response.headers = appmesh_resp.headers
+
+        # Set response content
+        # response.encoding = self.ENCODING_UTF8 # only need when charset not in appmesh_resp.body_msg_type
+        if isinstance(appmesh_resp.body, bytes):
+            response._content = appmesh_resp.body
+        else:
+            response._content = str(appmesh_resp.body).encode(self.ENCODING_UTF8)
+
+        # Set content type
         if appmesh_resp.body_msg_type:
             response.headers["Content-Type"] = appmesh_resp.body_msg_type
 
         return AppMeshClient.EncodingResponse(response)
 
-    ########################################
-    # File management
-    ########################################
-    def download_file(self, remote_file: str, local_file: str, apply_file_attributes: bool = True) -> None:
+    def _apply_file_attributes(self, local_file: str, headers: dict) -> None:
+        """Apply file attributes from headers to local file."""
+        if sys.platform == "win32":
+            return
+
+        # Apply file mode
+        if "X-File-Mode" in headers:
+            try:
+                os.chmod(local_file, int(headers["X-File-Mode"]))
+            except (ValueError, OSError) as e:
+                self._logger.warning("Failed to set file mode: %s", e)
+
+        # Apply file ownership
+        if "X-File-User" in headers and "X-File-Group" in headers:
+            try:
+                file_uid = int(headers["X-File-User"])
+                file_gid = int(headers["X-File-Group"])
+                os.chown(local_file, uid=file_uid, gid=file_gid)
+            except (ValueError, PermissionError, OSError) as e:
+                if isinstance(e, PermissionError):
+                    print(f"Warning: Unable to change owner/group of {local_file}. " "Operation requires elevated privileges.")
+                else:
+                    self._logger.warning("Failed to set file ownership: %s", e)
+
+    def _get_file_attributes(self, local_file: str) -> dict:
+        """Get file attributes as header dictionary."""
+        if sys.platform == "win32":
+            return {}
+
+        try:
+            file_stat = os.stat(local_file)
+            return {
+                "X-File-Mode": str(file_stat.st_mode & 0o777),
+                "X-File-User": str(file_stat.st_uid),
+                "X-File-Group": str(file_stat.st_gid),
+            }
+        except OSError as e:
+            self._logger.warning("Failed to get file attributes: %s", e)
+            return {}
+
+    def download_file(self, remote_file: str, local_file: str, preserve_permissions: bool = True) -> None:
         """Copy a remote file to local, preserving file attributes if requested.
 
         Args:
-            remote_file (str): Remote file path.
-            local_file (str): Local destination path.
-            apply_file_attributes (bool): Apply remote file permissions/ownership locally.
+            remote_file: Remote file path.
+            local_file: Local destination path.
+            preserve_permissions: Apply remote file permissions/ownership locally.
         """
         header = {
             AppMeshClient.HTTP_HEADER_KEY_X_FILE_PATH: remote_file,
             self.HTTP_HEADER_KEY_X_RECV_FILE_SOCKET: "true",
         }
+
         resp = self._request_http(AppMeshClient.Method.GET, path="/appmesh/file/download", header=header)
         resp.raise_for_status()
 
         if self.HTTP_HEADER_KEY_X_RECV_FILE_SOCKET not in resp.headers:
-            raise ValueError(f"Server did not respond with socket transfer option: {self.HTTP_HEADER_KEY_X_RECV_FILE_SOCKET}")
+            raise ValueError(f"Server did not respond with socket transfer option: " f"{self.HTTP_HEADER_KEY_X_RECV_FILE_SOCKET}")
 
+        # Download file chunks
         with open(local_file, "wb") as fp:
             while True:
                 chunk_data = self.tcp_transport.receive_message()
@@ -196,50 +250,43 @@ class AppMeshClientTCP(AppMeshClient):
                     break
                 fp.write(chunk_data)
 
-        if apply_file_attributes and sys.platform != "win32":
-            if "X-File-Mode" in resp.headers:
-                os.chmod(path=local_file, mode=int(resp.headers["X-File-Mode"]))
-            if "X-File-User" in resp.headers and "X-File-Group" in resp.headers:
-                file_uid = int(resp.headers["X-File-User"])
-                file_gid = int(resp.headers["X-File-Group"])
-                try:
-                    os.chown(path=local_file, uid=file_uid, gid=file_gid)
-                except PermissionError:
-                    print(f"Warning: Unable to change owner/group of {local_file}. Operation requires elevated privileges.")
-
-    def upload_file(self, local_file: str, remote_file: str, apply_file_attributes: bool = True) -> None:
+        # Apply file attributes if requested
+        if preserve_permissions:
+            self._apply_file_attributes(local_file, resp.headers)
+
+    def upload_file(self, local_file: str, remote_file: str, preserve_permissions: bool = True) -> None:
         """Upload a local file to remote server, preserving file attributes if requested.
 
         Args:
-            local_file (str): Local file path.
-            remote_file (str): Remote destination path.
-            apply_file_attributes (bool): Upload file permissions/ownership metadata.
+            local_file: Local file path.
+            remote_file: Remote destination path.
+            preserve_permissions: Upload file permissions/ownership metadata.
         """
         if not os.path.exists(local_file):
             raise FileNotFoundError(f"Local file not found: {local_file}")
 
-        with open(file=local_file, mode="rb") as fp:
-            header = {
-                AppMeshClient.HTTP_HEADER_KEY_X_FILE_PATH: remote_file,
-                "Content-Type": "text/plain",
-                self.HTTP_HEADER_KEY_X_SEND_FILE_SOCKET: "true",
-            }
+        # Prepare headers
+        header = {
+            AppMeshClient.HTTP_HEADER_KEY_X_FILE_PATH: remote_file,
+            "Content-Type": "text/plain",
+            self.HTTP_HEADER_KEY_X_SEND_FILE_SOCKET: "true",
+        }
 
-            if apply_file_attributes:
-                file_stat = os.stat(local_file)
-                header["X-File-Mode"] = str(file_stat.st_mode & 0o777)  # Mask to keep only permission bits
-                header["X-File-User"] = str(file_stat.st_uid)
-                header["X-File-Group"] = str(file_stat.st_gid)
+        # Add file attributes if requested
+        if preserve_permissions:
+            header.update(self._get_file_attributes(local_file))
 
-            resp = self._request_http(AppMeshClient.Method.POST, path="/appmesh/file/upload", header=header)
-            resp.raise_for_status()
+        # Initiate upload
+        resp = self._request_http(AppMeshClient.Method.POST, path="/appmesh/file/upload", header=header)
+        resp.raise_for_status()
 
-            if self.HTTP_HEADER_KEY_X_SEND_FILE_SOCKET not in resp.headers:
-                raise ValueError(f"Server did not respond with socket transfer option: {self.HTTP_HEADER_KEY_X_SEND_FILE_SOCKET}")
+        if self.HTTP_HEADER_KEY_X_SEND_FILE_SOCKET not in resp.headers:
+            raise ValueError(f"Server did not respond with socket transfer option: " f"{self.HTTP_HEADER_KEY_X_SEND_FILE_SOCKET}")
 
-            chunk_size = self.TCP_BLOCK_SIZE
+        # Upload file chunks
+        with open(local_file, "rb") as fp:
             while True:
-                chunk_data = fp.read(chunk_size)
+                chunk_data = fp.read(self.TCP_BLOCK_SIZE)
                 if not chunk_data:
                     self.tcp_transport.send_message([])  # EOF signal
                     break

appmesh/server_http.py

@@ -1,6 +1,8 @@
 # server_http.py
 # pylint: disable=line-too-long,broad-exception-raised,broad-exception-caught,import-outside-toplevel,protected-access
 
+"""HTTP server SDK implementation for App Mesh."""
+
 # Standard library imports
 import abc
 import logging
@@ -16,8 +18,7 @@ logger = logging.getLogger(__name__)
 
 
 class AppMeshServer(metaclass=abc.ABCMeta):
-    """
-    Server SDK for App Mesh application interacting with the local App Mesh REST service over HTTPS.
+    """Server SDK for App Mesh application interacting with the local App Mesh REST service over HTTPS.
 
     Build-in runtime environment variables required:
       - APP_MESH_PROCESS_KEY
@@ -34,18 +35,13 @@ class AppMeshServer(metaclass=abc.ABCMeta):
         context.task_return(result)
     """
 
+    _RETRY_DELAY_SECONDS = 0.1
+
     def __init__(
         self,
         rest_url: str = "https://127.0.0.1:6060",
-        rest_ssl_verify=AppMeshClient.DEFAULT_SSL_CA_CERT_PATH if os.path.exists(AppMeshClient.DEFAULT_SSL_CA_CERT_PATH) else False,
-        rest_ssl_client_cert=(
-            (
-                AppMeshClient.DEFAULT_SSL_CLIENT_CERT_PATH,
-                AppMeshClient.DEFAULT_SSL_CLIENT_KEY_PATH,
-            )
-            if os.path.exists(AppMeshClient.DEFAULT_SSL_CLIENT_CERT_PATH)
-            else None
-        ),
+        rest_ssl_verify: Union[bool, str] = AppMeshClient.DEFAULT_SSL_CA_CERT_PATH,
+        rest_ssl_client_cert: Optional[Union[str, Tuple[str, str]]] = None,
         rest_timeout: Tuple[float, float] = (60, 300),
         *,
         logger_: Optional[logging.Logger] = None,
@@ -63,6 +59,7 @@ class AppMeshServer(metaclass=abc.ABCMeta):
         """Read and validate required runtime environment variables."""
         process_key = os.getenv("APP_MESH_PROCESS_KEY")
         app_name = os.getenv("APP_MESH_APPLICATION_NAME")
+
         if not process_key:
             raise Exception("Missing environment variable: APP_MESH_PROCESS_KEY. This must be set by App Mesh service.")
         if not app_name:
@@ -75,43 +72,43 @@ class AppMeshServer(metaclass=abc.ABCMeta):
         Used by App Mesh application process to obtain the payload from App Mesh service
         that a client pushed to it.
 
-
         Returns:
-            Union[str, bytes]: The payload provided by the client as returned by the service.
+            The payload provided by the client as returned by the service.
         """
         pkey, app_name = self._get_runtime_env()
         path = f"/appmesh/app/{app_name}/task"
+        query_params = {"process_key": pkey}
 
         while True:
             resp = self._client._request_http(
                 AppMeshClient.Method.GET,
                 path=path,
-                query={"process_key": pkey},
+                query=query_params,
             )
 
-            if resp.status_code != HTTPStatus.OK:
-                self._logger.warning(f"task_fetch failed with status {resp.status_code}: {resp.text}, retrying...")
-                time.sleep(0.1)
-                continue
+            if resp.status_code == HTTPStatus.OK:
+                return resp.content
 
-            return resp.content
+            self._logger.warning("task_fetch failed with status %d: %s, retrying...", resp.status_code, resp.text)
+            time.sleep(self._RETRY_DELAY_SECONDS)
 
     def task_return(self, result: Union[str, bytes]) -> None:
         """Return the result of a server-side invocation back to the original client.
 
-        Used by App Mesh application process to posts the `result` to App Mesh service
-        after processed payload data so the invoking client can retrieve it.
+        Used by App Mesh application process to post the `result` to App Mesh service
+        after processing payload data so the invoking client can retrieve it.
 
         Args:
-            result (Union[str, bytes]): Result payload to be delivered back to the client.
+            result: Result payload to be delivered back to the client.
         """
         pkey, app_name = self._get_runtime_env()
         path = f"/appmesh/app/{app_name}/task"
+        query_params = {"process_key": pkey}
 
         resp = self._client._request_http(
             AppMeshClient.Method.PUT,
             path=path,
-            query={"process_key": pkey},
+            query=query_params,
             body=result,
         )
 

appmesh/server_tcp.py

@@ -3,8 +3,7 @@
 
 # Standard library imports
 import logging
-import os
-from typing import Optional, Tuple
+from typing import Optional, Tuple, Union
 
 # Local imports
 from .client_http import AppMeshClient
@@ -15,14 +14,12 @@ logger = logging.getLogger(__name__)
 
 
 class AppMeshServerTCP(AppMeshServer):
-    """
-    Server SDK for interacting with the local App Mesh service over TCP (TLS).
-    """
+    """Server SDK for interacting with the local App Mesh service over TCP (TLS)."""
 
     def __init__(
         self,
-        rest_ssl_verify=AppMeshClient.DEFAULT_SSL_CA_CERT_PATH if os.path.exists(AppMeshClient.DEFAULT_SSL_CA_CERT_PATH) else False,
-        rest_ssl_client_cert=None,
+        rest_ssl_verify: Union[bool, str] = AppMeshClient.DEFAULT_SSL_CA_CERT_PATH,
+        rest_ssl_client_cert: Optional[Union[str, Tuple[str, str]]] = None,
         tcp_address: Tuple[str, int] = ("127.0.0.1", 6059),
         *,
         logger_: Optional[logging.Logger] = None,
@@ -34,6 +31,5 @@ class AppMeshServerTCP(AppMeshServer):
         """
         # Deliberately avoid calling super().__init__ to inject a TCP client while keeping the same public API.
         object.__init__(self)
-        # super().__init__(rest_ssl_verify=rest_ssl_verify, rest_ssl_client_cert=rest_ssl_client_cert)
         self._client = AppMeshClientTCP(rest_ssl_verify=rest_ssl_verify, rest_ssl_client_cert=rest_ssl_client_cert, tcp_address=tcp_address)
         self._logger = logger_ or logger

appmesh/tcp_transport.py

@@ -29,12 +29,10 @@ class TCPTransport:
 
         Args:
             address: Server address as (host, port) tuple.
-
             ssl_verify: SSL server verification mode:
                 - True: Use system CA certificates
                 - False:  Disable verification (insecure)
                 - str: Path to custom CA bundle or directory
-
             ssl_client_cert: SSL client certificate:
                 - str: Path to PEM file with cert and key
                 - tuple: (cert_path, key_path)

{appmesh-1.6.13.dist-info → appmesh-1.6.14.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: appmesh
-Version: 1.6.13
+Version: 1.6.14
 Summary: Client SDK for App Mesh
 Home-page: https://github.com/laoshanxi/app-mesh
 Author: laoshanxi

appmesh-1.6.14.dist-info/RECORD

@@ -0,0 +1,16 @@
+appmesh/__init__.py,sha256=on6GmTTwo6mrRbw_XUuf8sZdl5zBYsGT4CSf8l__NnI,2488
+appmesh/app.py,sha256=bJyv_uOSMj5esMgkFWuvpMPS5ayFTBJLVll2Tvw8xB4,11213
+appmesh/app_output.py,sha256=s6eqevFxETTVXSPTJX6JyGNpHHILv4ZyM7YWvlkuqQs,741
+appmesh/app_run.py,sha256=m3ihaacx84o1rl2Oc3EbnppW8D-PTxdehftbWRe8rPk,1732
+appmesh/appmesh_client.py,sha256=ywB2222PtJUffdfdxZcBfdhZs1KYyc7JvzMxwuK2qyI,378
+appmesh/client_http.py,sha256=BsFgafrk4iUJlmrz21hlovyN5XAPYTGKjLNMt6aH8nM,58986
+appmesh/client_http_oauth.py,sha256=zES-f6AnG6dUo754zd-HM6Pvu4vp_64vTKT61npY6HE,5934
+appmesh/client_tcp.py,sha256=K3IneOSl8xiOIC9z4jHK_4Mhq2n8eeUDASvXJQiRjfQ,11817
+appmesh/server_http.py,sha256=g2NYREF-f-vnSFVntAJDc0H43v_kNEqS7M4y7Q_DpEY,4193
+appmesh/server_tcp.py,sha256=GXEVDmYwM19ZUKkRXm8eEzBep9rE1vzV-PwaTlROpFU,1364
+appmesh/tcp_messages.py,sha256=E0cKWUta7NjuLoTGk-Z9CvbdZyakwG7hO8st_07E5L4,1991
+appmesh/tcp_transport.py,sha256=nkml2hqSkyeJrGDKGAYjWDgOnSyYMEImVT1PQ6jeudk,8163
+appmesh-1.6.14.dist-info/METADATA,sha256=2LZhu1Rp50ERLUa9DxhS-zQNM5om3-aLwtlcB4zNrUw,11814
+appmesh-1.6.14.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+appmesh-1.6.14.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
+appmesh-1.6.14.dist-info/RECORD,,

appmesh-1.6.13.dist-info/RECORD

@@ -1,16 +0,0 @@
-appmesh/__init__.py,sha256=on6GmTTwo6mrRbw_XUuf8sZdl5zBYsGT4CSf8l__NnI,2488
-appmesh/app.py,sha256=5kzQCvGH3LRRUTHsI2_MKEPD3M2qs8kvTxLhbNUqit4,10601
-appmesh/app_output.py,sha256=s6eqevFxETTVXSPTJX6JyGNpHHILv4ZyM7YWvlkuqQs,741
-appmesh/app_run.py,sha256=m3ihaacx84o1rl2Oc3EbnppW8D-PTxdehftbWRe8rPk,1732
-appmesh/appmesh_client.py,sha256=ywB2222PtJUffdfdxZcBfdhZs1KYyc7JvzMxwuK2qyI,378
-appmesh/client_http.py,sha256=FXCldfTZVU_5RSuSknlH1K2UiC6gOeotj-4NDQzdEhY,60752
-appmesh/client_http_oauth.py,sha256=1d51o0JX_xtB8d2bEuM7_XJHcwMnhcjkbIq7GE1Zxm8,6120
-appmesh/client_tcp.py,sha256=RX3T3OG4iOAju8ZPOnTjI_y97Y23_kWoNDjmKjtrBeU,11524
-appmesh/server_http.py,sha256=wfyiIa2zC-uJR2ZNTGMjYWheqAfSRl0aAv5b_GYcwpE,4343
-appmesh/server_tcp.py,sha256=J65kmN7DJftyW1LlF--S3keQ6VGmqXb778E79I1R0_k,1488
-appmesh/tcp_messages.py,sha256=E0cKWUta7NjuLoTGk-Z9CvbdZyakwG7hO8st_07E5L4,1991
-appmesh/tcp_transport.py,sha256=oUpcBXOaJhG5Hs6yqt9UG8_eENu0cEdNZIyC87LqI7Q,8165
-appmesh-1.6.13.dist-info/METADATA,sha256=BJJB6M94Sz2yytdr9WRxCf56q1-LCzQ-2zQAfP5_1eU,11814
-appmesh-1.6.13.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-appmesh-1.6.13.dist-info/top_level.txt,sha256=-y0MNQOGJxUzLdHZ6E_Rfv5_LNCkV-GTmOBME_b6pg8,8
-appmesh-1.6.13.dist-info/RECORD,,