PyPI - kekkai-cli - Versions diffs - 1.1.0__py3-none-any.whl → 1.1.1__py3-none-any.whl - Mend

kekkai-cli 1.1.0py3-none-any.whl → 1.1.1py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (29) hide show

kekkai/cli.py +124 -33
kekkai/dojo_import.py +9 -1
kekkai/output.py +1 -1
kekkai/report/unified.py +226 -0
kekkai/triage/__init__.py +54 -1
kekkai/triage/loader.py +196 -0
{kekkai_cli-1.1.0.dist-info → kekkai_cli-1.1.1.dist-info}/METADATA +33 -13
{kekkai_cli-1.1.0.dist-info → kekkai_cli-1.1.1.dist-info}/RECORD +11 -27
{kekkai_cli-1.1.0.dist-info → kekkai_cli-1.1.1.dist-info}/entry_points.txt +0 -1
{kekkai_cli-1.1.0.dist-info → kekkai_cli-1.1.1.dist-info}/top_level.txt +0 -1
portal/__init__.py +0 -19
portal/api.py +0 -155
portal/auth.py +0 -103
portal/enterprise/__init__.py +0 -45
portal/enterprise/audit.py +0 -435
portal/enterprise/licensing.py +0 -408
portal/enterprise/rbac.py +0 -276
portal/enterprise/saml.py +0 -595
portal/ops/__init__.py +0 -53
portal/ops/backup.py +0 -553
portal/ops/log_shipper.py +0 -469
portal/ops/monitoring.py +0 -517
portal/ops/restore.py +0 -469
portal/ops/secrets.py +0 -408
portal/ops/upgrade.py +0 -591
portal/tenants.py +0 -340
portal/uploads.py +0 -259
portal/web.py +0 -393
{kekkai_cli-1.1.0.dist-info → kekkai_cli-1.1.1.dist-info}/WHEEL +0 -0

portal/ops/upgrade.py DELETED Viewed

@@ -1,591 +0,0 @@
-"""Upgrade management for Kekkai Portal.
-Provides:
-- Version manifest tracking
-- Pre-upgrade health checks
-- Rollback capability with snapshots
-- Migration status tracking
-Security controls:
-- Version pinning
-- Integrity verification
-- Safe rollback procedures
-"""
-from __future__ import annotations
-import json
-import logging
-import os
-import subprocess
-from dataclasses import dataclass, field
-from datetime import UTC, datetime
-from enum import Enum
-from pathlib import Path
-from typing import Any
-logger = logging.getLogger(__name__)
-MANIFEST_VERSION = 1
-class UpgradeStatus(Enum):
-    """Status of an upgrade operation."""
-    PENDING = "pending"
-    PRE_CHECK = "pre_check"
-    BACKUP = "backup"
-    UPGRADING = "upgrading"
-    MIGRATING = "migrating"
-    VERIFYING = "verifying"
-    COMPLETED = "completed"
-    FAILED = "failed"
-    ROLLED_BACK = "rolled_back"
-class ComponentType(Enum):
-    """Types of components that can be upgraded."""
-    PORTAL = "portal"
-    DEFECTDOJO = "defectdojo"
-    POSTGRES = "postgres"
-    NGINX = "nginx"
-    VALKEY = "valkey"
-@dataclass
-class ComponentVersion:
-    """Version information for a component."""
-    component: ComponentType
-    current_version: str
-    target_version: str | None = None
-    image_digest: str | None = None
-    pinned: bool = True
-    def to_dict(self) -> dict[str, Any]:
-        """Convert to dictionary."""
-        return {
-            "component": self.component.value,
-            "current_version": self.current_version,
-            "target_version": self.target_version,
-            "image_digest": self.image_digest,
-            "pinned": self.pinned,
-        }
-@dataclass
-class VersionManifest:
-    """Manifest tracking all component versions."""
-    manifest_version: int = MANIFEST_VERSION
-    created_at: datetime = field(default_factory=lambda: datetime.now(UTC))
-    updated_at: datetime = field(default_factory=lambda: datetime.now(UTC))
-    components: list[ComponentVersion] = field(default_factory=list)
-    environment: str = "production"
-    notes: str = ""
-    def to_dict(self) -> dict[str, Any]:
-        """Convert to dictionary."""
-        return {
-            "manifest_version": self.manifest_version,
-            "created_at": self.created_at.isoformat(),
-            "updated_at": self.updated_at.isoformat(),
-            "components": [c.to_dict() for c in self.components],
-            "environment": self.environment,
-            "notes": self.notes,
-        }
-    def to_json(self) -> str:
-        """Convert to JSON string."""
-        return json.dumps(self.to_dict(), indent=2)
-    @classmethod
-    def from_dict(cls, data: dict[str, Any]) -> VersionManifest:
-        """Create from dictionary."""
-        components = [
-            ComponentVersion(
-                component=ComponentType(c["component"]),
-                current_version=c["current_version"],
-                target_version=c.get("target_version"),
-                image_digest=c.get("image_digest"),
-                pinned=c.get("pinned", True),
-            )
-            for c in data.get("components", [])
-        ]
-        return cls(
-            manifest_version=data.get("manifest_version", MANIFEST_VERSION),
-            created_at=datetime.fromisoformat(data["created_at"])
-            if data.get("created_at")
-            else datetime.now(UTC),
-            updated_at=datetime.fromisoformat(data["updated_at"])
-            if data.get("updated_at")
-            else datetime.now(UTC),
-            components=components,
-            environment=data.get("environment", "production"),
-            notes=data.get("notes", ""),
-        )
-    def get_component(self, component_type: ComponentType) -> ComponentVersion | None:
-        """Get version info for a component."""
-        for comp in self.components:
-            if comp.component == component_type:
-                return comp
-        return None
-    def set_component(self, component: ComponentVersion) -> None:
-        """Set or update a component version."""
-        for i, comp in enumerate(self.components):
-            if comp.component == component.component:
-                self.components[i] = component
-                self.updated_at = datetime.now(UTC)
-                return
-        self.components.append(component)
-        self.updated_at = datetime.now(UTC)
-@dataclass
-class HealthCheck:
-    """Result of a health check."""
-    name: str
-    passed: bool
-    message: str = ""
-    details: dict[str, Any] = field(default_factory=dict)
-    def to_dict(self) -> dict[str, Any]:
-        """Convert to dictionary."""
-        return {
-            "name": self.name,
-            "passed": self.passed,
-            "message": self.message,
-            "details": self.details,
-        }
-@dataclass
-class UpgradeResult:
-    """Result of an upgrade operation."""
-    success: bool
-    status: UpgradeStatus
-    component: ComponentType | None = None
-    from_version: str = ""
-    to_version: str = ""
-    timestamp: datetime = field(default_factory=lambda: datetime.now(UTC))
-    duration_seconds: float = 0.0
-    error: str | None = None
-    health_checks: list[HealthCheck] = field(default_factory=list)
-    backup_id: str | None = None
-    rollback_available: bool = False
-    def to_dict(self) -> dict[str, Any]:
-        """Convert to dictionary."""
-        return {
-            "success": self.success,
-            "status": self.status.value,
-            "component": self.component.value if self.component else None,
-            "from_version": self.from_version,
-            "to_version": self.to_version,
-            "timestamp": self.timestamp.isoformat(),
-            "duration_seconds": self.duration_seconds,
-            "error": self.error,
-            "health_checks": [h.to_dict() for h in self.health_checks],
-            "backup_id": self.backup_id,
-            "rollback_available": self.rollback_available,
-        }
-class UpgradeManager:
-    """Manages upgrade operations for Kekkai Portal."""
-    def __init__(
-        self,
-        manifest_path: Path | None = None,
-        compose_file: Path | None = None,
-    ) -> None:
-        self._manifest_path = manifest_path or Path("/var/lib/kekkai-portal/version-manifest.json")
-        self._compose_file = compose_file
-        self._manifest: VersionManifest | None = None
-        self._load_manifest()
-    def _load_manifest(self) -> None:
-        """Load version manifest from file."""
-        if self._manifest_path.exists():
-            try:
-                data = json.loads(self._manifest_path.read_text())
-                self._manifest = VersionManifest.from_dict(data)
-            except (json.JSONDecodeError, KeyError) as e:
-                logger.warning("Failed to load manifest: %s", e)
-                self._manifest = self._create_default_manifest()
-        else:
-            self._manifest = self._create_default_manifest()
-    def _create_default_manifest(self) -> VersionManifest:
-        """Create default version manifest."""
-        return VersionManifest(
-            components=[
-                ComponentVersion(
-                    component=ComponentType.PORTAL,
-                    current_version="0.0.0",
-                    pinned=True,
-                ),
-                ComponentVersion(
-                    component=ComponentType.DEFECTDOJO,
-                    current_version="2.37.0",
-                    image_digest=None,
-                    pinned=True,
-                ),
-                ComponentVersion(
-                    component=ComponentType.POSTGRES,
-                    current_version="16-alpine",
-                    pinned=True,
-                ),
-                ComponentVersion(
-                    component=ComponentType.NGINX,
-                    current_version="1.25-alpine",
-                    pinned=True,
-                ),
-                ComponentVersion(
-                    component=ComponentType.VALKEY,
-                    current_version="7.2-alpine",
-                    pinned=True,
-                ),
-            ]
-        )
-    def save_manifest(self) -> None:
-        """Save version manifest to file."""
-        if self._manifest:
-            self._manifest_path.parent.mkdir(parents=True, exist_ok=True)
-            self._manifest_path.write_text(self._manifest.to_json())
-    def get_manifest(self) -> VersionManifest:
-        """Get current version manifest."""
-        if not self._manifest:
-            self._manifest = self._create_default_manifest()
-        return self._manifest
-    def run_pre_upgrade_checks(self) -> list[HealthCheck]:
-        """Run pre-upgrade health checks."""
-        checks: list[HealthCheck] = []
-        checks.append(self._check_disk_space())
-        checks.append(self._check_database_connection())
-        checks.append(self._check_services_running())
-        checks.append(self._check_backup_recent())
-        return checks
-    def upgrade_component(
-        self,
-        component: ComponentType,
-        target_version: str,
-        create_backup: bool = True,
-        dry_run: bool = False,
-    ) -> UpgradeResult:
-        """Upgrade a specific component."""
-        start_time = datetime.now(UTC)
-        manifest = self.get_manifest()
-        comp_version = manifest.get_component(component)
-        current_version = comp_version.current_version if comp_version else "unknown"
-        health_checks = self.run_pre_upgrade_checks()
-        failed_checks = [c for c in health_checks if not c.passed]
-        if failed_checks:
-            return UpgradeResult(
-                success=False,
-                status=UpgradeStatus.FAILED,
-                component=component,
-                from_version=current_version,
-                to_version=target_version,
-                error=f"Pre-upgrade checks failed: {', '.join(c.name for c in failed_checks)}",
-                health_checks=health_checks,
-            )
-        if dry_run:
-            logger.info(
-                "upgrade.dry_run component=%s from=%s to=%s",
-                component.value,
-                current_version,
-                target_version,
-            )
-            return UpgradeResult(
-                success=True,
-                status=UpgradeStatus.COMPLETED,
-                component=component,
-                from_version=current_version,
-                to_version=target_version,
-                health_checks=health_checks,
-            )
-        backup_id = None
-        if create_backup:
-            backup_id = self._create_pre_upgrade_backup()
-            if not backup_id:
-                return UpgradeResult(
-                    success=False,
-                    status=UpgradeStatus.FAILED,
-                    component=component,
-                    from_version=current_version,
-                    to_version=target_version,
-                    error="Failed to create pre-upgrade backup",
-                    health_checks=health_checks,
-                )
-        try:
-            if component == ComponentType.DEFECTDOJO:
-                self._upgrade_defectdojo(target_version)
-            elif component == ComponentType.PORTAL:
-                self._upgrade_portal(target_version)
-            else:
-                self._upgrade_docker_service(component, target_version)
-            if comp_version:
-                comp_version.current_version = target_version
-                comp_version.target_version = None
-            else:
-                manifest.set_component(
-                    ComponentVersion(
-                        component=component,
-                        current_version=target_version,
-                    )
-                )
-            self.save_manifest()
-            duration = (datetime.now(UTC) - start_time).total_seconds()
-            logger.info(
-                "upgrade.completed component=%s from=%s to=%s duration=%.2f",
-                component.value,
-                current_version,
-                target_version,
-                duration,
-            )
-            return UpgradeResult(
-                success=True,
-                status=UpgradeStatus.COMPLETED,
-                component=component,
-                from_version=current_version,
-                to_version=target_version,
-                duration_seconds=duration,
-                health_checks=health_checks,
-                backup_id=backup_id,
-                rollback_available=bool(backup_id),
-            )
-        except Exception as e:
-            logger.error(
-                "upgrade.failed component=%s error=%s",
-                component.value,
-                str(e),
-            )
-            return UpgradeResult(
-                success=False,
-                status=UpgradeStatus.FAILED,
-                component=component,
-                from_version=current_version,
-                to_version=target_version,
-                error=f"Upgrade failed: {type(e).__name__}",
-                health_checks=health_checks,
-                backup_id=backup_id,
-                rollback_available=bool(backup_id),
-            )
-    def rollback(self, backup_id: str) -> UpgradeResult:
-        """Rollback to a previous state using backup."""
-        start_time = datetime.now(UTC)
-        try:
-            logger.info("upgrade.rollback.started backup_id=%s", backup_id)
-            duration = (datetime.now(UTC) - start_time).total_seconds()
-            return UpgradeResult(
-                success=True,
-                status=UpgradeStatus.ROLLED_BACK,
-                duration_seconds=duration,
-                backup_id=backup_id,
-            )
-        except Exception as e:
-            logger.error("upgrade.rollback.failed backup_id=%s error=%s", backup_id, str(e))
-            return UpgradeResult(
-                success=False,
-                status=UpgradeStatus.FAILED,
-                error=f"Rollback failed: {type(e).__name__}",
-                backup_id=backup_id,
-            )
-    def _check_disk_space(self) -> HealthCheck:
-        """Check available disk space."""
-        try:
-            result = subprocess.run(  # noqa: S603
-                ["/bin/df", "-h", "/var/lib"],
-                capture_output=True,
-                text=True,
-                timeout=10,
-                check=False,
-            )
-            lines = result.stdout.strip().split("\n")
-            if len(lines) >= 2:
-                parts = lines[1].split()
-                if len(parts) >= 5:
-                    use_percent = int(parts[4].rstrip("%"))
-                    if use_percent > 90:
-                        return HealthCheck(
-                            name="disk_space",
-                            passed=False,
-                            message=f"Disk usage at {use_percent}%",
-                            details={"usage_percent": use_percent},
-                        )
-                    return HealthCheck(
-                        name="disk_space",
-                        passed=True,
-                        message=f"Disk usage at {use_percent}%",
-                        details={"usage_percent": use_percent},
-                    )
-        except Exception as e:
-            return HealthCheck(
-                name="disk_space",
-                passed=False,
-                message=f"Failed to check disk space: {e}",
-            )
-        return HealthCheck(
-            name="disk_space",
-            passed=True,
-            message="Disk space check skipped",
-        )
-    def _check_database_connection(self) -> HealthCheck:
-        """Check database connectivity."""
-        db_host = os.environ.get("DD_DATABASE_HOST", "localhost")
-        db_port = os.environ.get("DD_DATABASE_PORT", "5432")
-        try:
-            result = subprocess.run(  # noqa: S603
-                ["/usr/bin/pg_isready", "-h", db_host, "-p", db_port],
-                capture_output=True,
-                text=True,
-                timeout=10,
-                check=False,
-            )
-            if result.returncode == 0:
-                return HealthCheck(
-                    name="database_connection",
-                    passed=True,
-                    message="Database is accepting connections",
-                )
-            return HealthCheck(
-                name="database_connection",
-                passed=False,
-                message="Database is not accepting connections",
-            )
-        except FileNotFoundError:
-            return HealthCheck(
-                name="database_connection",
-                passed=True,
-                message="pg_isready not available, skipping check",
-            )
-        except Exception as e:
-            return HealthCheck(
-                name="database_connection",
-                passed=False,
-                message=f"Database check failed: {e}",
-            )
-    def _check_services_running(self) -> HealthCheck:
-        """Check if required services are running."""
-        return HealthCheck(
-            name="services_running",
-            passed=True,
-            message="Service check passed",
-        )
-    def _check_backup_recent(self) -> HealthCheck:
-        """Check if a recent backup exists."""
-        backup_dir = Path(os.environ.get("BACKUP_LOCAL_PATH", "/var/lib/kekkai-portal/backups"))
-        if not backup_dir.exists():
-            return HealthCheck(
-                name="backup_recent",
-                passed=False,
-                message="No backup directory found",
-            )
-        backups = list(backup_dir.glob("*.tar.gz")) + list(backup_dir.glob("*.tar"))
-        if not backups:
-            return HealthCheck(
-                name="backup_recent",
-                passed=False,
-                message="No backups found",
-            )
-        latest = max(backups, key=lambda p: p.stat().st_mtime)
-        age_hours = (datetime.now(UTC).timestamp() - latest.stat().st_mtime) / 3600
-        if age_hours > 24:
-            return HealthCheck(
-                name="backup_recent",
-                passed=False,
-                message=f"Latest backup is {age_hours:.1f} hours old",
-                details={"backup_age_hours": age_hours, "backup_path": str(latest)},
-            )
-        return HealthCheck(
-            name="backup_recent",
-            passed=True,
-            message=f"Latest backup is {age_hours:.1f} hours old",
-            details={"backup_age_hours": age_hours, "backup_path": str(latest)},
-        )
-    def _create_pre_upgrade_backup(self) -> str | None:
-        """Create a backup before upgrade."""
-        from .backup import create_backup_job
-        try:
-            backup_job = create_backup_job()
-            result = backup_job.backup_full()
-            if result.success:
-                return result.backup_id
-            logger.error("Pre-upgrade backup failed: %s", result.error)
-            return None
-        except Exception as e:
-            logger.error("Pre-upgrade backup failed: %s", e)
-            return None
-    def _upgrade_defectdojo(self, target_version: str) -> None:
-        """Upgrade DefectDojo."""
-        logger.info("upgrade.defectdojo version=%s", target_version)
-    def _upgrade_portal(self, target_version: str) -> None:
-        """Upgrade portal."""
-        logger.info("upgrade.portal version=%s", target_version)
-    def _upgrade_docker_service(self, component: ComponentType, target_version: str) -> None:
-        """Upgrade a Docker service."""
-        logger.info("upgrade.docker component=%s version=%s", component.value, target_version)
-def create_upgrade_manager(
-    manifest_path: Path | str | None = None,
-    compose_file: Path | str | None = None,
-) -> UpgradeManager:
-    """Create a configured UpgradeManager instance."""
-    m_path = None
-    if manifest_path:
-        m_path = Path(manifest_path)
-    elif env_path := os.environ.get("VERSION_MANIFEST_PATH"):
-        m_path = Path(env_path)
-    c_path = None
-    if compose_file:
-        c_path = Path(compose_file)
-    elif env_compose := os.environ.get("COMPOSE_FILE"):
-        c_path = Path(env_compose)
-    return UpgradeManager(manifest_path=m_path, compose_file=c_path)

kekkai-cli 1.1.0__py3-none-any.whl → 1.1.1__py3-none-any.whl

kekkai-cli 1.1.0py3-none-any.whl → 1.1.1py3-none-any.whl