goosebit 0.1.0__py3-none-any.whl → 0.1.2__py3-none-any.whl

goosebit/models.py

@@ -1,21 +1,140 @@
+from enum import IntEnum
+from pathlib import Path
+from typing import Self
+from urllib.parse import unquote, urlparse
+from urllib.request import url2pathname
+
+import semver
 from tortoise import Model, fields
 
+from goosebit.telemetry import devices_count
+
+
+class UpdateModeEnum(IntEnum):
+    NONE = 0
+    LATEST = 1
+    PINNED = 2
+    ROLLOUT = 3
+    ASSIGNED = 4
+
+    def __str__(self):
+        return self.name.capitalize()
+
+    @classmethod
+    def from_str(cls, name):
+        try:
+            return cls[name.upper()]
+        except KeyError:
+            return cls.NONE
+
+
+class UpdateStateEnum(IntEnum):
+    NONE = 0
+    UNKNOWN = 1
+    REGISTERED = 2
+    RUNNING = 3
+    ERROR = 4
+    FINISHED = 5
+
+    def __str__(self):
+        return self.name.capitalize()
+
+    @classmethod
+    def from_str(cls, name):
+        try:
+            return cls[name.upper()]
+        except KeyError:
+            return cls.NONE
+
 
 class Tag(Model):
-    id = fields.IntField(pk=True)
+    id = fields.IntField(primary_key=True)
     name = fields.CharField(max_length=255)
 
 
 class Device(Model):
-    uuid = fields.CharField(max_length=255, pk=True)
+    uuid = fields.CharField(max_length=255, primary_key=True)
     name = fields.CharField(max_length=255, null=True)
-    fw_file = fields.CharField(max_length=255, default="latest")
+    assigned_firmware = fields.ForeignKeyField("models.Firmware", related_name="assigned_devices", null=True)
+    force_update = fields.BooleanField(default=False)
     fw_version = fields.CharField(max_length=255, null=True)
-    last_state = fields.CharField(max_length=255, null=True)
+    hardware = fields.ForeignKeyField("models.Hardware", related_name="devices")
+    feed = fields.CharField(max_length=255, default="default")
+    flavor = fields.CharField(max_length=255, default="default")
+    update_mode = fields.IntEnumField(UpdateModeEnum, default=UpdateModeEnum.ROLLOUT)
+    last_state = fields.IntEnumField(UpdateStateEnum, default=UpdateStateEnum.UNKNOWN)
+    progress = fields.IntField(null=True)
+    log_complete = fields.BooleanField(default=False)
     last_log = fields.TextField(null=True)
     last_seen = fields.BigIntField(null=True)
     last_ip = fields.CharField(max_length=15, null=True)
     last_ipv6 = fields.CharField(max_length=40, null=True)
-    tags = fields.ManyToManyField(
-        "models.Tag", related_name="devices", through="device_tags"
+    tags = fields.ManyToManyField("models.Tag", related_name="devices", through="device_tags")
+
+    async def save(self, *args, **kwargs):
+        is_new = self._saved_in_db is False
+        await super().save(*args, **kwargs)
+        if is_new:
+            await self.notify_created()
+
+    async def delete(self, *args, **kwargs):
+        await super().delete(*args, **kwargs)
+        await self.notify_deleted()
+
+    @staticmethod
+    async def notify_created():
+        devices_count.set(await Device.all().count())
+
+    @staticmethod
+    async def notify_deleted():
+        devices_count.set(await Device.all().count())
+
+
+class Rollout(Model):
+    id = fields.IntField(primary_key=True)
+    created_at = fields.DatetimeField(auto_now_add=True)
+    name = fields.CharField(max_length=255, null=True)
+    feed = fields.CharField(max_length=255, default="default")
+    flavor = fields.CharField(max_length=255, default="default")
+    firmware = fields.ForeignKeyField("models.Firmware", related_name="rollouts")
+    paused = fields.BooleanField(default=False)
+    success_count = fields.IntField(default=0)
+    failure_count = fields.IntField(default=0)
+
+
+class Hardware(Model):
+    id = fields.IntField(primary_key=True)
+    model = fields.CharField(max_length=255)
+    revision = fields.CharField(max_length=255)
+
+
+class Firmware(Model):
+    id = fields.IntField(primary_key=True)
+    uri = fields.CharField(max_length=255)
+    size = fields.BigIntField()
+    hash = fields.CharField(max_length=255)
+    version = fields.CharField(max_length=255)
+    compatibility = fields.ManyToManyField(
+        "models.Hardware",
+        related_name="firmwares",
+        through="firmware_compatibility",
     )
+
+    @classmethod
+    async def latest(cls, device: Device) -> Self | None:
+        updates = await cls.filter(compatibility__devices__uuid=device.uuid)
+        if len(updates) == 0:
+            return None
+        return sorted(
+            updates,
+            key=lambda x: semver.Version.parse(x.version),
+            reverse=True,
+        )[0]
+
+    @property
+    def path(self):
+        return Path(url2pathname(unquote(urlparse(self.uri).path)))
+
+    @property
+    def local(self):
+        return urlparse(self.uri).scheme == "file"

goosebit/permissions.py

@@ -1,10 +1,16 @@
 from enum import Enum
+from typing import TypeVar, cast
+
+T = TypeVar("T", bound="PermissionsBase")
 
 
 class PermissionsBase(str, Enum):
     @classmethod
-    def full(cls) -> list:
-        return [i for i in cls]
+    def full(cls) -> set[T]:
+        all_items = set[T]()
+        for permission in cls:
+            all_items.add(cast(T, permission))
+        return all_items
 
     def __str__(self):
         return self.value
@@ -17,15 +23,15 @@ class FirmwarePermissions(PermissionsBase):
 
 
 class DevicePermissions(PermissionsBase):
-    READ = "devices.read"
-    WRITE = "devices.write"
-    DELETE = "devices.delete"
+    READ = "device.read"
+    WRITE = "device.write"
+    DELETE = "device.delete"
 
 
-class TunnelPermissions(PermissionsBase):
-    READ = "tunnels.read"
-    WRITE = "tunnels.write"
-    DELETE = "tunnels.delete"
+class RolloutPermissions(PermissionsBase):
+    READ = "rollout.read"
+    WRITE = "rollout.write"
+    DELETE = "rollout.delete"
 
 
 class HomePermissions(PermissionsBase):
@@ -36,14 +42,28 @@ class Permissions:
     HOME = HomePermissions
     FIRMWARE = FirmwarePermissions
     DEVICE = DevicePermissions
-    TUNNEL = TunnelPermissions
+    ROLLOUT = RolloutPermissions
 
     @classmethod
-    def full(cls):
+    def full(cls) -> set[T]:
         all_items = set()
-        for item in [cls.HOME, cls.FIRMWARE, cls.DEVICE, cls.TUNNEL]:
+        for item in [cls.HOME, cls.FIRMWARE, cls.DEVICE, cls.ROLLOUT]:
             all_items.update(item.full())
-        return list(all_items)
+        return all_items
+
+    @classmethod
+    def from_str(cls, permission: str) -> set[T]:
+        if permission == "*":
+            return cls.full()
+        area, action = permission.upper().split(".")
+        if area == "FIRMWARE":
+            return {FirmwarePermissions[action]}
+        if area == "DEVICE":
+            return {DevicePermissions[action]}
+        if area == "ROLLOUT":
+            return {RolloutPermissions[action]}
+        if area == "HOME":
+            return {HomePermissions[action]}
 
 
 ADMIN = Permissions.full()

goosebit/realtime/__init__.py

@@ -1 +1 @@
-from .routes import router
+from .routes import router  # noqa: F401

goosebit/realtime/logs.py

@@ -1,5 +1,3 @@
-from __future__ import annotations
-
 from fastapi import APIRouter, Security
 from fastapi.websockets import WebSocket, WebSocketDisconnect
 from pydantic import BaseModel
@@ -14,22 +12,22 @@ router = APIRouter(prefix="/logs")
 
 class RealtimeLogModel(BaseModel):
     log: str | None
+    progress: int | None
     clear: bool = False
 
 
 @router.websocket(
     "/{dev_id}",
-    dependencies=[
-        Security(validate_ws_user_permissions, scopes=[Permissions.HOME.READ])
-    ],
+    dependencies=[Security(validate_ws_user_permissions, scopes=[Permissions.HOME.READ])],
 )
 async def device_logs(websocket: WebSocket, dev_id: str):
     await websocket.accept()
 
     manager = await get_update_manager(dev_id)
+    device = await manager.get_device()
 
     async def callback(log_update):
-        data = RealtimeLogModel(log=log_update)
+        data = RealtimeLogModel(log=log_update, progress=device.progress)
         if log_update is None:
             data.clear = True
             data.log = ""

goosebit/settings.py

@@ -1,55 +1,64 @@
+import secrets
 from dataclasses import dataclass
 from pathlib import Path
 
-from passlib.context import CryptContext
+import yaml
+from argon2 import PasswordHasher
+from joserfc.rfc7518.oct_key import OctKey
 
-from goosebit import permissions
+from goosebit.permissions import Permissions
 
-POLL_SECONDS = 0
-POLL_MINUTES = 1
-POLL_HOURS = 0
-POLL_TIME = ":".join(
-    [
-        str(POLL_HOURS).rjust(2, "0"),
-        str(POLL_MINUTES).rjust(2, "0"),
-        str(POLL_SECONDS).rjust(2, "0"),
-    ]
-)
-
-BASE_DIR = Path(__file__).resolve().parent
+BASE_DIR = Path(__file__).resolve().parent.parent
 TOKEN_SWU_DIR = BASE_DIR.joinpath("swugen")
 SWUPDATE_FILES_DIR = BASE_DIR.joinpath("swupdate")
 UPDATES_DIR = BASE_DIR.joinpath("updates")
-DB_LOC = BASE_DIR.joinpath("db.sqlite3")
 DB_MIGRATIONS_LOC = BASE_DIR.joinpath("migrations")
-DB_URI = f"sqlite:///{DB_LOC}"
 
-SECRET = "123456789"
-PWD_CXT = CryptContext(schemes=["bcrypt"], deprecated="auto")
+SECRET = OctKey.import_key(secrets.token_hex(16))
+PWD_CXT = PasswordHasher()
+
+with open(BASE_DIR.joinpath("settings.yaml"), "r") as f:
+    config = yaml.safe_load(f.read())
+
+LOGGING = config.get("logging", {})
+
+TENANT = config.get("tenant", "DEFAULT")
 
-users = {}
+POLL_TIME = config.get("poll_time_default", "00:01:00")
+POLL_TIME_UPDATING = config.get("poll_time_updating", "00:00:05")
+POLL_TIME_REGISTRATION = config.get("poll_time_registration", "00:00:10")
+
+DB_LOC = BASE_DIR.joinpath(config.get("db_location", "db.sqlite3"))
+DB_URI = f"sqlite:///{DB_LOC}"
 
 
 @dataclass
 class User:
     username: str
     hashed_pwd: str
-    permissions: list
+    permissions: set
 
     def get_json_permissions(self):
         return [str(p) for p in self.permissions]
 
 
-def add_user(user: User):
-    users[user.username] = user
+users: dict[str, User] = {}
+
 
+def add_user(u: User):
+    users[u.username] = u
 
-# User configuration
-add_user(
-    User(
-        username="admin@goosebit.local",
-        hashed_pwd=PWD_CXT.hash("admin"),
-        permissions=permissions.ADMIN,
+
+for user in config.get("users", []):
+    permissions = set()
+    for p in user["permissions"]:
+        permissions.update(Permissions.from_str(p))
+    add_user(
+        User(
+            username=user["email"],
+            hashed_pwd=PWD_CXT.hash(user["password"]),
+            permissions=permissions,
+        )
     )
-)
+
 USERS = users

goosebit/telemetry/__init__.py

@@ -0,0 +1,28 @@
+from opentelemetry import metrics
+from opentelemetry.sdk.metrics import MeterProvider
+from opentelemetry.sdk.resources import SERVICE_NAME, Resource
+
+from goosebit import settings
+
+from . import prometheus
+
+resource = Resource(attributes={SERVICE_NAME: "goosebit"})
+
+provider = MeterProvider(resource=resource, metric_readers=[prometheus.reader])
+metrics.set_meter_provider(provider)
+
+meter = metrics.get_meter("goosebit.meter")
+
+devices_count = meter.create_gauge(
+    "devices.count",
+    description="The number of connected devices",
+)
+
+users_count = meter.create_gauge(
+    "users.count",
+    description="The number of registered users",
+)
+
+
+async def init():
+    users_count.set(len(settings.USERS))

goosebit/telemetry/prometheus.py

@@ -0,0 +1,10 @@
+from opentelemetry.exporter.prometheus import PrometheusMetricReader
+from prometheus_client import start_http_server
+
+from goosebit import settings
+
+PROMETHEUS_PORT = settings.config.get("metrics", {}).get("prometheus", {}).get("port", 9090)
+
+# separate file to enable it as a feature later.
+reader = PrometheusMetricReader()
+start_http_server(port=PROMETHEUS_PORT, addr="0.0.0.0")

goosebit/ui/__init__.py

@@ -1 +1 @@
-from .routes import router
+from .routes import router  # noqa: F401

goosebit/ui/routes.py

@@ -5,15 +5,15 @@ from fastapi.responses import RedirectResponse
 from fastapi.security import OAuth2PasswordBearer
 
 from goosebit.auth import authenticate_session, validate_user_permissions
+from goosebit.models import Firmware
 from goosebit.permissions import Permissions
 from goosebit.settings import UPDATES_DIR
 from goosebit.ui.templates import templates
+from goosebit.updates import create_firmware_update
 
 oauth2_scheme = OAuth2PasswordBearer(tokenUrl="login")
 
-router = APIRouter(
-    prefix="/ui", dependencies=[Depends(authenticate_session)], include_in_schema=False
-)
+router = APIRouter(prefix="/ui", dependencies=[Depends(authenticate_session)], include_in_schema=False)
 
 
 @router.get("/")
@@ -23,23 +23,17 @@ async def ui_root(request: Request):
 
 @router.get(
     "/firmware",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.READ])],
 )
 async def firmware_ui(request: Request):
-    return templates.TemplateResponse(
-        "firmware.html", context={"request": request, "title": "Firmware"}
-    )
+    return templates.TemplateResponse(request, "firmware.html", context={"title": "Firmware"})
 
 
 @router.post(
-    "/upload",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.WRITE])
-    ],
+    "/upload/local",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.WRITE])],
 )
-async def upload_update(
+async def upload_update_local(
     request: Request,
     chunk: UploadFile = Form(...),
     init: bool = Form(...),
@@ -47,6 +41,10 @@ async def upload_update(
     filename: str = Form(...),
 ):
     file = UPDATES_DIR.joinpath(filename)
+    firmware = await Firmware.get_or_none(uri=file.absolute().as_uri())
+    if firmware is not None:
+        await firmware.delete()
+
     tmpfile = file.with_suffix(".tmp")
     contents = await chunk.read()
     if init:
@@ -56,6 +54,19 @@ async def upload_update(
         await f.write(contents)
     if done:
         tmpfile.replace(file)
+        await create_firmware_update(file.absolute().as_uri())
+
+
+@router.post(
+    "/upload/remote",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.FIRMWARE.WRITE])],
+)
+async def upload_update_remote(request: Request, url: str = Form(...)):
+    firmware = await Firmware.get_or_none(uri=url)
+    if firmware is not None:
+        await firmware.delete()
+
+    await create_firmware_update(url)
 
 
 @router.get(
@@ -63,42 +74,28 @@ async def upload_update(
     dependencies=[Security(validate_user_permissions, scopes=[Permissions.HOME.READ])],
 )
 async def home_ui(request: Request):
-    return templates.TemplateResponse(
-        "index.html", context={"request": request, "title": "Home"}
-    )
+    return templates.TemplateResponse(request, "index.html", context={"title": "Home"})
 
 
 @router.get(
     "/devices",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.DEVICE.READ])
-    ],
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.READ])],
 )
 async def devices_ui(request: Request):
-    return templates.TemplateResponse(
-        "devices.html", context={"request": request, "title": "Devices"}
-    )
+    return templates.TemplateResponse(request, "devices.html", context={"title": "Devices"})
 
 
 @router.get(
-    "/logs/{dev_id}",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.DEVICE.READ])
-    ],
+    "/rollouts",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.ROLLOUT.READ])],
 )
-async def logs_ui(request: Request, dev_id: str):
-    return templates.TemplateResponse(
-        "logs.html", context={"request": request, "title": "Log", "device": dev_id}
-    )
+async def rollouts_ui(request: Request):
+    return templates.TemplateResponse(request, "rollouts.html", context={"title": "Rollouts"})
 
 
 @router.get(
-    "/tunnels",
-    dependencies=[
-        Security(validate_user_permissions, scopes=[Permissions.TUNNEL.READ])
-    ],
+    "/logs/{dev_id}",
+    dependencies=[Security(validate_user_permissions, scopes=[Permissions.DEVICE.READ])],
 )
-async def tunnels_ui(request: Request):
-    return templates.TemplateResponse(
-        "tunnels.html", context={"request": request, "title": "Tunnels"}
-    )
+async def logs_ui(request: Request, dev_id: str):
+    return templates.TemplateResponse(request, "logs.html", context={"title": "Log", "device": dev_id})