PyPI - arkitekt-next - Versions diffs - 0.7.37__py3-none-any.whl → 0.7.39__py3-none-any.whl - Mend

arkitekt-next 0.7.37py3-none-any.whl → 0.7.39py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of arkitekt-next might be problematic. Click here for more details.

Files changed (28) hide show

arkitekt_next/__blok__.py +6 -0
arkitekt_next/bloks/arkitekt.py +2 -1
arkitekt_next/bloks/fluss.py +10 -13
arkitekt_next/bloks/funcs.py +60 -12
arkitekt_next/bloks/gateway.py +52 -6
arkitekt_next/bloks/internal_docker.py +18 -16
arkitekt_next/bloks/kabinet.py +14 -14
arkitekt_next/bloks/livekit.py +10 -15
arkitekt_next/bloks/lok.py +62 -51
arkitekt_next/bloks/mikro.py +16 -15
arkitekt_next/bloks/minio.py +36 -43
arkitekt_next/bloks/namegen.py +34 -0
arkitekt_next/bloks/redis.py +1 -1
arkitekt_next/bloks/rekuest.py +16 -14
arkitekt_next/bloks/secret.py +33 -0
arkitekt_next/bloks/services/__init__.py +27 -0
arkitekt_next/bloks/services/gateway.py +14 -7
arkitekt_next/bloks/services/lok.py +4 -11
arkitekt_next/bloks/services/name.py +12 -0
arkitekt_next/bloks/services/redis.py +2 -11
arkitekt_next/bloks/services/s3.py +3 -8
arkitekt_next/bloks/services/secret.py +17 -0
arkitekt_next/bloks/tailscale.py +68 -0
{arkitekt_next-0.7.37.dist-info → arkitekt_next-0.7.39.dist-info}/METADATA +11 -11
{arkitekt_next-0.7.37.dist-info → arkitekt_next-0.7.39.dist-info}/RECORD +28 -23
{arkitekt_next-0.7.37.dist-info → arkitekt_next-0.7.39.dist-info}/LICENSE +0 -0
{arkitekt_next-0.7.37.dist-info → arkitekt_next-0.7.39.dist-info}/WHEEL +0 -0
{arkitekt_next-0.7.37.dist-info → arkitekt_next-0.7.39.dist-info}/entry_points.txt +0 -0

arkitekt_next/bloks/lok.py CHANGED Viewed

@@ -5,6 +5,7 @@ from cryptography.hazmat.primitives import serialization as crypto_serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.backends import default_backend as crypto_default_backend
 from typing import Dict
+from arkitekt_next.bloks.secret import SecretBlok
 from arkitekt_next.bloks.services.admin import AdminService
 from arkitekt_next.bloks.services.db import DBService
 from arkitekt_next.bloks.services.gateway import GatewayService
@@ -16,11 +17,11 @@ from dataclasses import asdict
 from arkitekt_next.bloks.services.redis import RedisService
 from blok import blok, InitContext, ExecutionContext, Option
+from blok.bloks.services.dns import DnsService
 from blok.tree import YamlFile, Repo
 from blok import blok, InitContext
 DEFAULT_ARKITEKT_URL = "http://localhost:8000"
@@ -131,45 +132,45 @@ class LokBlok:
         self.tokens = []
         self.groups = []
         self.secret_key = secrets.token_hex(16)
-        self.scopes = {"hallo": "welt"}
+        self.scopes = {"openid": "The open id connect scope"}
         self.key = None
         self.deployment_name = "default"
-        self.base_routes = [
-            "ht",
-            "o",
-            "graphql",
-            ".well-known",
-            "f",
-            "admin",
-            "static",
-            "accounts",
-        ]
         self.token_expiry_seconds = 700000
-    def get_dependencies(self):
-        return [
-            "io.livekit.livekit",
-            "live.arkitekt.postgres",
-            "live.arkitekt.redis",
-            "live.arkitekt.admin",
-            "live.arkitekt.gateway",
-        ]
+        self.preformed_redeem_tokens = [secrets.token_hex(16) for i in range(80)]
+        self.registered_tokens = {}
     def retrieve_credentials(self) -> LokCredentials:
         return LokCredentials(
             public_key=self.public_key, key_type="RS256", issuer="lok"
         )
-    def retrieve_labels(self, service_name: str) -> list[str]:
+    def retrieve_labels(self, service_name: str, builder_name: str) -> list[str]:
         return [
             f"fakts.service={service_name}",
-            f"fakts.builder=arkitekt.{service_name}",
+            f"fakts.builder={builder_name}",
         ]
+    def retrieve_token(self, user: str = "admin") -> str:
+        new_token = self.secret_blok.retrieve_secret()
+        self.registered_tokens[user] = new_token
+        return new_token
     def register_scopes(self, scopes_dict: Dict[str, str]) -> LokCredentials:
         self.scopes = self.scopes | scopes_dict
-    def preflight(self, init: InitContext, gateway: GatewayService, db: DBService, redis: RedisService, admin: AdminService, livekit: LivekitService, scopes: list[Dict[str, str]]):
+    def preflight(
+        self,
+        init: InitContext,
+        gateway: GatewayService,
+        db: DBService,
+        redis: RedisService,
+        admin: AdminService,
+        secrets: SecretBlok,
+        livekit: LivekitService,
+        dns: DnsService,
+        scopes: list[Dict[str, str]],
+    ):
         for key, value in init.kwargs.items():
             setattr(self, key, value)
@@ -178,15 +179,15 @@ class LokBlok:
         self.scopes = {scope["scope"]: scope["description"] for scope in scopes}
-        for i in self.base_routes:
-             gateway.expose(
-                i, 80, self.host, strip_prefix=False
-            )
+        gateway.expose("lok", 80, self.host, strip_prefix=False)
+        gateway.expose_mapped(".well-known", 80, self.host, "lok")
+        self.secret_blok = secrets
         self.postgress_access = db.register_db(self.host)
         self.redis_access = redis.register()
         self.admin_access = admin.retrieve()
         self.local_access = livekit.retrieve_access()
+        self.dns_result = dns.get_dns_result()
         self.initialized = True
     def build(self, context: ExecutionContext):
@@ -220,6 +221,12 @@ class LokBlok:
         db_service["command"] = self.command
+        trusted_origins = []
+        for i in self.dns_result.hostnames:
+            trusted_origins.append(f"http://{i}")
+            trusted_origins.append(f"https://{i}")
         configuration = YamlFile(
             **{
                 "db": asdict(self.postgress_access),
@@ -230,17 +237,22 @@ class LokBlok:
                     "hosts": ["*"],
                     "secret_key": self.secret_key,
                 },
-                "redis":  asdict(self.redis_access),
+                "redis": asdict(self.redis_access),
                 "lok": asdict(self.retrieve_credentials()),
                 "private_key": self.private_key,
                 "public_key": self.public_key,
                 "scopes": self.scopes,
-                "redeem_tokens": [token for token in self.tokens],
+                "redeem_tokens": [
+                    {"user": name, "token": token}
+                    for name, token in self.registered_tokens.items()
+                ],
                 "groups": [group for group in self.groups],
                 "deployment": {"name": self.deployment_name},
                 "livekit": asdict(self.local_access),
                 "token_expire_seconds": self.token_expiry_seconds,
                 "apps": [],
+                "force_script_name": "lok",
+                "csrf_trusted_origins": trusted_origins,
             }
         )
@@ -270,82 +282,82 @@ class LokBlok:
         with_fakts_url = Option(
             subcommand="db_name",
-            help="The fakts url for connection",
+            help="The name of the database",
             default="db_name",
+            show_default=True,
         )
         with_users = Option(
             subcommand="users",
-            help="The fakts url for connection",
+            help="Users that should be greated by default. Format is name:password",
             default=["admin:admin"],
             multiple=True,
             type=USER,
+            show_default=True,
         )
         with_groups = Option(
             subcommand="groups",
-            help="The fakts url for connection",
+            help="Groups that should be greated by default. Format is name:description",
             default=["admin:admin_group"],
             multiple=True,
             type=GROUP,
-        )
-        with_redeem_token = Option(
-            subcommand="tokens",
-            help="The fakts url for connection",
-            default=[],
-            multiple=True,
-            type=TOKEN,
+            show_default=True,
         )
         with_scopes = Option(
             subcommand="scopes",
-            help="The scopes",
+            help="Additional scopes that should be created (normally handled by the bloks)",
             default=[f"{key}:{value}" for key, value in self.scopes.items()],
             multiple=True,
             type=SCOPE,
         )
         with_repo = Option(
             subcommand="with_repo",
-            help="The fakts url for connection",
+            help="Which repo should we use when building the service? Only active if build_repo or mount_repo is active",
             default=self.repo,
+            show_default=True,
         )
         with_repo = Option(
             subcommand="command",
-            help="The fakts url for connection",
+            help="Which command should be run when starting the service?",
             default=self.command,
+            show_default=True,
         )
         mount_repo = Option(
             subcommand="mount_repo",
             help="The fakts url for connection",
-            is_flag=True,
+            type=bool,
             default=False,
         )
         build_repo = Option(
             subcommand="build_repo",
-            help="The fakts url for connection",
-            is_flag=True,
+            help="Should we build the container from the repo?",
+            type=bool,
             default=False,
+            show_default=True,
         )
         with_host = Option(
             subcommand="host",
-            help="The fakts url for connection",
+            help="Which internal hostname should be used",
             default=self.host,
+            show_default=True,
         )
         #
         with_public_key = Option(
             subcommand="public_key",
-            help="The fakts url for connection",
+            help="The public key for the JWT creation",
             default=public_key,
             required=True,
             callback=validate_public_key,
         )
         with_private_key = Option(
             subcommand="private_key",
-            help="The fakts url for connection",
+            help="The corresponding private key for the JWT creation",
             default=private_key,
             callback=validate_private_key,
             required=True,
         )
         with_secret_key = Option(
             subcommand="secret_key",
-            help="The fakts url for connection",
+            help="The secret key to use for the django service",
             default=self.secret_key,
         )
@@ -357,7 +369,6 @@ class LokBlok:
             with_groups,
             build_repo,
             with_host,
-            with_redeem_token,
             with_private_key,
             with_public_key,
             with_scopes,

arkitekt_next/bloks/mikro.py CHANGED Viewed

@@ -7,7 +7,11 @@ from blok import blok, InitContext
 from blok import blok, InitContext, ExecutionContext, Option
 from blok.tree import YamlFile, Repo
-from arkitekt_next.bloks.funcs import create_default_service_yaml
+from arkitekt_next.bloks.funcs import (
+    create_default_service_dependencies,
+    create_default_service_yaml,
+    DefaultService,
+)
 class AccessCredentials(BaseModel):
@@ -23,8 +27,11 @@ class MikroBlok:
     def __init__(self) -> None:
         self.host = "mikro"
         self.command = "bash run-debug.sh"
-        self.repo = "https://github.com/jhnnsrs/mikro-server-next"
-        self.scopes = {"read_image": "Read image from the database"}
+        self.repo = "https://github.com/arkitektio/mikro-server-next"
+        self.scopes = {
+            "mikro_read": "Read image from the database",
+            "mikro_write": "Write image to the database",
+        }
         self.image = "jhnnsrs/mikro:next"
         self.mount_repo = False
         self.build_repo = False
@@ -32,16 +39,10 @@ class MikroBlok:
         self.secret_key = secrets.token_hex(16)
     def get_dependencies(self):
-        return [
-            "live.arkitekt.mount",
-            "live.arkitekt.config",
-            "live.arkitekt.gateway",
-            "live.arkitekt.postgres",
-            "live.arkitekt.lok",
-            "live.arkitekt.admin",
-            "live.arkitekt.redis",
-            "live.arkitekt.s3",
-        ]
+        return create_default_service_dependencies()
+    def get_builder(self):
+        return "arkitekt.generic"
     def preflight(self, init: InitContext):
         for key, value in init.kwargs.items():
@@ -68,13 +69,13 @@ class MikroBlok:
         mount_repo = Option(
             subcommand="mount_repo",
             help="The fakts url for connection",
-            is_flag=True,
+            type=bool,
             default=self.mount_repo,
         )
         build_repo = Option(
             subcommand="build_repo",
             help="The fakts url for connection",
-            is_flag=True,
+            type=bool,
             default=self.build_repo,
         )
         with_host = Option(

arkitekt_next/bloks/minio.py CHANGED Viewed

@@ -1,5 +1,9 @@
 import click
+from arkitekt_next.bloks.services.config import ConfigService
+from arkitekt_next.bloks.services.gateway import GatewayService
+from arkitekt_next.bloks.services.name import NameService
+from arkitekt_next.bloks.services.secret import SecretService
 from blok import blok, InitContext, ExecutionContext, Option
 from blok.tree import YamlFile, Repo
 from pydantic import BaseModel
@@ -50,24 +54,21 @@ class MinioBlok:
         self.preformed_access_keys = [secrets.token_hex(16) for i in range(100)]
         self.preformed_secret_keys = [secrets.token_hex(16) for i in range(100)]
-    def get_identifier(self):
-        return "live.arkitekt.s3"
-    def get_dependencies(self):
-        return ["live.arkitekt.config", "live.arkitekt.gateway"]
     def create_buckets(self, buckets: list[str]) -> S3Credentials:
-        new_access_key = self.preformed_access_keys.pop()
-        new_secret_key = self.preformed_secret_keys.pop()
+        new_access_key = self.secret_service.retrieve_secret()
+        new_secret_key = self.secret_service.retrieve_secret()
         bucket_map = {}
         for bucket in buckets:
-            bucket_map[bucket] = self.preformed_bucket_names.pop()
+            bucket_name = self.name_service.retrieve_name()
+            bucket_map[bucket] = bucket_name
+            self.gateway_service.expose(bucket_name, 9000, self.host)
         self.buckets.extend(bucket_map.values())
         creds = S3Credentials(
+            name=self.name_service.retrieve_name(),
             access_key=new_access_key,
             buckets=bucket_map,
             host=self.host,
@@ -81,21 +82,22 @@ class MinioBlok:
         return creds
-    def preflight(self, init: InitContext):
+    def preflight(
+        self,
+        init: InitContext,
+        secret: SecretService,
+        name: NameService,
+        gateway: GatewayService,
+        config: ConfigService,
+    ):
         for key, value in init.kwargs.items():
             setattr(self, key, value)
-        self.preformed_bucket_names = list(
-            init.kwargs.get("preformed_bucket_names", [])
-        )
-        self.preformed_access_keys = list(init.kwargs.get("preformed_access_keys", []))
-        self.preformed_secret_keys = list(init.kwargs.get("preformed_secret_keys", []))
-        init.dependencies["live.arkitekt.gateway"].expose_default(9000, self.host)
+        self.secret_service = secret
+        self.name_service = name
+        self.gateway_service = gateway
-        self.config_path = init.dependencies["live.arkitekt.config"].get_path(
-            self.host + ".yaml"
-        )
+        self.config_path = config.get_path(self.host + ".yaml")
     def build(self, context: ExecutionContext):
         minio_service_init = {
@@ -107,7 +109,7 @@ class MinioBlok:
             "environment": {
                 "MINIO_ROOT_PASSWORD": self.password,
                 "MINIO_ROOT_USER": self.username,
-                "MINIO_HOST": f"{self.host}:9000",
+                "MINIO_HOST": f"http://{self.host}:9000",
             },
             "image": self.init_image,
             "volumes": [f"{self.config_path}:/workspace/config.yaml"],
@@ -132,7 +134,19 @@ class MinioBlok:
         )
         context.file_tree.set_nested(
-            *self.config_path.split("/"), YamlFile(**{"buckets": list(self.buckets)})
+            *self.config_path.split("/"),
+            YamlFile(
+                buckets=[{"name": i} for i in self.buckets],
+                users=[
+                    {
+                        "access_key": i.access_key,
+                        "secret_key": i.secret_key,
+                        "name": i.name,
+                        "policies": ["readwrite"],
+                    }
+                    for i in self.registered_clients
+                ],
+            ),
         )
     def get_options(self):
@@ -151,30 +165,9 @@ class MinioBlok:
             help="The fakts url for connection",
             default=self.password,
         )
-        with_preformed_bucket_names = Option(
-            subcommand="preformed_bucket_names",
-            help="The fakts url for connection",
-            multiple=True,
-            default=self.preformed_bucket_names,
-        )
-        with_preformed_acces_key = Option(
-            subcommand="preformed_access_keys",
-            help="The fakts url for connection",
-            multiple=True,
-            default=self.preformed_access_keys,
-        )
-        with_preformed_secret_keys = Option(
-            subcommand="preformed_secret_keys",
-            help="The fakts url for connection",
-            multiple=True,
-            default=self.preformed_secret_keys,
-        )
         return [
             with_host,
             with_password,
             with_username,
-            with_preformed_bucket_names,
-            with_preformed_acces_key,
-            with_preformed_secret_keys,
         ]

arkitekt_next/bloks/namegen.py ADDED Viewed

@@ -0,0 +1,34 @@
+from pydantic import BaseModel
+from typing import Dict, Any
+from arkitekt_next.bloks.services.name import NameService
+from blok import blok, InitContext, Option, ExecutionContext
+from blok.tree import YamlFile
+from arkitekt_next.bloks.services.secret import SecretService
+import secrets
+import namegenerator
+@blok(NameService)
+class PreformedNamesBlok:
+    def __init__(self) -> None:
+        self.preformed_names = [namegenerator.gen() for _ in range(100)]
+        self.used_names = []
+    def preflight(self, init: InitContext, preformed_names: list[str]):
+        self.preformed_names = list(preformed_names)
+        self.used_names = []
+    def retrieve_name(self) -> str:
+        name = self.preformed_names.pop()
+        self.used_names.append(name)
+        return name
+    def get_options(self):
+        config_path = Option(
+            subcommand="preformed_names",
+            help="A list of preformed names",
+            default=self.preformed_names,
+            multiple=True,
+        )
+        return [config_path]

arkitekt_next/bloks/redis.py CHANGED Viewed

@@ -65,7 +65,7 @@ class RedisBlok:
         with_skip = Option(
             subcommand="skip",
             help="Skip docker creation (if using external redis?)",
-            is_flag=True,
+           type=bool,
             default=self.skip,
         )
         with_image = Option(

arkitekt_next/bloks/rekuest.py CHANGED Viewed

@@ -1,7 +1,10 @@
 from typing import Dict, Any
 import secrets
-from arkitekt_next.bloks.funcs import create_default_service_yaml
+from arkitekt_next.bloks.funcs import (
+    create_default_service_dependencies,
+    create_default_service_yaml,
+)
 from blok import blok, InitContext, ExecutionContext, Option
 from blok.tree import Repo, YamlFile
@@ -12,7 +15,10 @@ class RekuestBlok:
         self.host = "rekuest"
         self.command = "bash run-debug.sh"
         self.repo = "https://github.com/jhnnsrs/rekuest-server_next"
-        self.scopes = {"read_image": "Read image from the database"}
+        self.scopes = {
+            "rekuest_agent": "Act as an agent",
+            "rekuest_call": "Call other apps with rekuest",
+        }
         self.mount_repo = False
         self.build_repo = False
         self.buckets = ["media"]
@@ -21,16 +27,10 @@ class RekuestBlok:
         self.image = "jhnnsrs/rekuest:next"
     def get_dependencies(self):
-        return [
-            "live.arkitekt.mount",
-            "live.arkitekt.config",
-            "live.arkitekt.gateway",
-            "live.arkitekt.postgres",
-            "live.arkitekt.lok",
-            "live.arkitekt.admin",
-            "live.arkitekt.redis",
-            "live.arkitekt.s3",
-        ]
+        return create_default_service_dependencies()
+    def get_builder(self):
+        return "arkitekt.rekuest"
     def preflight(self, init: InitContext):
         for key, value in init.kwargs.items():
@@ -47,23 +47,25 @@ class RekuestBlok:
         with_repo = Option(
             subcommand="with_repo",
             help="Which repo should we use when building the service? Only active if build_repo or mount_repo is active",
+            type=str,
             default=self.repo,
         )
         with_command = Option(
             subcommand="command",
             help="Which command should be run when starting the service",
+            type=str,
             default=self.command,
         )
         mount_repo = Option(
             subcommand="mount_repo",
             help="Should we mount the repo into the container?",
-            is_flag=True,
+            type=bool,
             default=self.mount_repo,
         )
         build_repo = Option(
             subcommand="build_repo",
             help="Should we build the container from the repo?",
-            is_flag=True,
+            type=bool,
             default=self.build_repo,
         )
         with_host = Option(

arkitekt_next/bloks/secret.py ADDED Viewed

@@ -0,0 +1,33 @@
+from pydantic import BaseModel
+from typing import Dict, Any
+from blok import blok, InitContext, Option, ExecutionContext
+from blok.tree import YamlFile
+from arkitekt_next.bloks.services.secret import SecretService
+import secrets
+@blok(SecretService)
+class SecretBlok:
+    def __init__(self) -> None:
+        self.preformed_secrets = [secrets.token_urlsafe(32) for _ in range(100)]
+        self.registered_secrets = []
+    def preflight(self, init: InitContext, preformed_secrets: list[str]):
+        self.preformed_secrets = list(preformed_secrets)
+    def retrieve_secret(self) -> str:
+        new_secret = self.preformed_secrets.pop()
+        self.registered_secrets.append(new_secret)
+        return new_secret
+    def get_options(self):
+        config_path = Option(
+            subcommand="preformed_secrets",
+            help="Which path to use for configs",
+            default=self.preformed_secrets,
+            multiple=True,
+            show_default=False,
+        )
+        return [config_path]

arkitekt_next/bloks/services/__init__.py CHANGED Viewed

@@ -0,0 +1,27 @@
+from .admin import AdminService
+from .lok import LokService
+from .db import DBService
+from .redis import RedisService
+from .s3 import S3Service
+from .config import ConfigService
+from .mount import MountService
+from .secret import SecretService
+from .gateway import GatewayService
+from .livekit import LivekitService
+__all__ = [
+    "AdminService",
+    "LokService",
+    "DBService",
+    "RedisService",
+    "S3Service",
+    "ConfigService",
+    "MountService",
+    "SecretService",
+    "GatewayService",
+    "LivekitService",
+    "MountService",
+    "ConfigService",
+    "SecretService",
+]

arkitekt_next/bloks/services/gateway.py CHANGED Viewed

@@ -8,13 +8,20 @@ from blok import blok, InitContext, service
 @blok("live.arkitekt.gateway")
 class GatewayService(Protocol):
+    def expose(
+        self, path_name: str, port: int, host: str, strip_prefix: bool = True
+    ): ...
-    def expose(self, path_name: str, port: int, host: str, strip_prefix: bool = True):
-       ...
+    def expose_mapped(self, path_name: str, port: int, host: str, to_name: str): ...
-    def expose_default(self, port: int, host: str):
-        ...
+    def expose_default(self, port: int, host: str): ...
-    def expose_port(self, port: int, host: str, tls: bool = False):
-        ...
+    def expose_port(self, port: int, host: str, tls: bool = False): ...
+    def expose_port_to(self, port: int, host: str, to_port: str, tls: bool = False): ...
+    def get_internal_host(self): ...
+    def get_https_port(self): ...
+    def get_http_port(self): ...

arkitekt-next 0.7.37__py3-none-any.whl → 0.7.39__py3-none-any.whl

Potentially problematic release.

arkitekt-next 0.7.37py3-none-any.whl → 0.7.39py3-none-any.whl