lkr-dev-cli 0.0.2__tar.gz

lkr_dev_cli-0.0.2/.github/workflows/release.yml

@@ -0,0 +1,76 @@
+name: Release Docker Image
+
+on:
+  release:
+    types: [created]
+
+env:
+  REGION: us-central1
+  SERVICE_NAME: cli
+  APP_NAME: lkr-cli
+  TAG: ${{ github.event.release.tag_name }}
+  UV_PUBLISH_TOKEN: ${{ secrets.UV_PUBLISH_TOKEN }}
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: "read"
+      id-token: "write"
+
+    steps:
+      - name: Set IMAGE_NAME
+        run: echo "IMAGE_NAME=${{ env.REGION }}-docker.pkg.dev/${{ secrets.GCP_PROJECT_ID }}/${{ env.APP_NAME }}/${{ env.SERVICE_NAME }}" >> $GITHUB_ENV
+
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Replace version in pyproject.toml
+        run: |
+          find . -name "pyproject.toml" -exec sed -i "s/^version = .*/version = \"${{ env.TAG }}\"/" {} +
+
+      - name: Replace version in __init__.py
+        run: |
+          find . -name "__init__.py" -exec sed -i "s/^__version__ = .*/__version__ = \"${{ env.TAG }}\"/" {} +
+
+      - name: Authenticate to Google Cloud
+        uses: google-github-actions/auth@v2
+        with:
+          workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
+          project_id: ${{ secrets.GCP_PROJECT_ID }}
+
+      - name: Set up Cloud SDK
+        uses: google-github-actions/setup-gcloud@v2
+
+      - name: Build and push Docker image
+        run: |
+          # Build and push the image with both the release tag and latest
+          gcloud builds submit . \
+            --project ${{ secrets.GCP_PROJECT_ID }} \
+            --tag ${{ env.IMAGE_NAME }}:${{ env.TAG }} \
+            --gcs-log-dir=gs://${{ secrets.GCP_LOGS_BUCKET_NAME }}/${{ env.APP_NAME }}
+
+      - name: Add latest tag
+        run: |
+          gcloud artifacts docker tags add ${{ env.IMAGE_NAME }}:${{ env.TAG }} \
+            ${{ env.IMAGE_NAME }}:latest \
+            --project ${{ secrets.GCP_PROJECT_ID }}
+
+  publish:
+    name: python
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v5
+
+      - name: uv sync
+        run: uv sync --frozen --no-dev
+
+      - name: uv build
+        run: uv build
+
+      - name: uv publish
+        run: uv publish

lkr_dev_cli-0.0.2/.gitignore

@@ -0,0 +1,5 @@
+*.pyc
+__pycache__
+.venv
+tmp
+.env

lkr_dev_cli-0.0.2/.python-version

@@ -0,0 +1 @@
+3.12

lkr_dev_cli-0.0.2/.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+    "sqltools.connections": [
+        {
+            "previewLimit": 50,
+            "driver": "SQLite",
+            "name": "lookerauth",
+            "database": "/Users/bryanweber/.lkr/auth.db"
+        }
+    ],
+    "python.analysis.typeCheckingMode": "basic"
+}

lkr_dev_cli-0.0.2/Dockerfile

@@ -0,0 +1,13 @@
+FROM python:3.12-slim
+COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
+
+# Set working directory and create necessary directories with proper permissions
+WORKDIR /app
+
+# Copy dependency files
+COPY pyproject.toml uv.lock README.md LICENSE ./
+COPY lkr ./lkr
+ENV UV_PROJECT_ENVIRONMENT="/usr/local/"
+RUN uv sync --frozen --no-dev --no-editable
+
+CMD []

lkr_dev_cli-0.0.2/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 lkrdev
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

lkr_dev_cli-0.0.2/PKG-INFO

@@ -0,0 +1,19 @@
+Metadata-Version: 2.4
+Name: lkr-dev-cli
+Version: 0.0.2
+Summary: lkr: a command line interface for looker
+Author: bwebs
+License-Expression: MIT
+License-File: LICENSE
+Requires-Python: >=3.12
+Requires-Dist: cryptography>=42.0.0
+Requires-Dist: looker-sdk>=25.4.0
+Requires-Dist: pick>=2.4.0
+Requires-Dist: pydantic>=2.11.4
+Requires-Dist: pydash>=8.0.5
+Requires-Dist: requests>=2.31.0
+Requires-Dist: structlog>=25.3.0
+Requires-Dist: typer>=0.15.2
+Description-Content-Type: text/markdown
+
+# lkr cli

lkr_dev_cli-0.0.2/README.md

@@ -0,0 +1 @@
+# lkr cli

lkr_dev_cli-0.0.2/cloudbuild.yaml

@@ -0,0 +1,2 @@
+options:
+  logging: CLOUD_LOGGING_ONLY  

lkr_dev_cli-0.0.2/lkr/__init__.py

@@ -0,0 +1,5 @@
+"""
+lkr: a command line interface for looker
+"""
+
+__version__ = "0.0.1" 

lkr_dev_cli-0.0.2/lkr/auth/main.py

@@ -0,0 +1,217 @@
+import urllib.parse
+from typing import Annotated, List, Union, cast
+
+import typer
+from looker_sdk.rtl.auth_token import AccessToken, AuthToken
+from pick import Option, pick
+from pydash import get
+from rich.console import Console
+from rich.table import Table
+
+from lkr.auth.oauth import OAuth2PKCE
+from lkr.auth_service import get_auth
+from lkr.logging import logger
+
+__all__ = ["group"]
+
+group = typer.Typer(name="auth", help="Authentication commands for LookML Repository")
+
+@group.callback()
+def callback(ctx: typer.Context):
+    if ctx.invoked_subcommand == "whoami":
+        return
+    if ctx.obj['ctx_lkr'].use_sdk == "api_key":
+        logger.error("API key authentication is not supported for auth commands")
+        raise typer.Exit(1)
+
+@group.command()
+def login(ctx: typer.Context):
+    """
+    Login to Looker instance using OAuth2 PKCE flow
+    """
+
+    base_url = typer.prompt("Enter your Looker instance base URL")
+    if not base_url.startswith("http"):
+        base_url = f"https://{base_url}"
+    # Parse the URL and reconstruct it to get the origin (scheme://hostname[:port])
+    parsed_url = urllib.parse.urlparse(base_url)
+    origin = urllib.parse.urlunparse(
+        (parsed_url.scheme, parsed_url.netloc, "", "", "", "")
+    )
+    instance_name = typer.prompt(
+        "Enter a name for this Looker instance", default=parsed_url.netloc
+    )
+    auth = get_auth(ctx)
+    def add_auth(token: Union[AuthToken, AccessToken]):
+        auth.add_auth(instance_name, origin, token)
+    # Initialize OAuth2 PKCE flow
+    oauth = OAuth2PKCE(new_token_callback=add_auth)
+
+    # Open browser for authentication and wait for callback
+    logger.info(f"Opening browser for authentication at {origin + '/auth'}...")
+
+    login_response = oauth.initiate_login(origin)
+    if login_response["auth_code"]:
+        logger.info("Successfully received authorization code!")
+        try:
+            # Store the auth code in the OAuth instance
+            oauth.auth_code = login_response["auth_code"]
+            # Exchange the code for tokens
+            token = oauth.exchange_code_for_token()
+            if token:
+                logger.info("Successfully authenticated!")
+            else:
+                logger.error("Failed to exchange authorization code for tokens")
+                raise typer.Exit(1)
+        except Exception as e:
+            logger.error(f"Failed to exchange authorization code for tokens: {str(e)}")
+            raise typer.Exit(1)
+    else:
+        logger.error("Failed to receive authorization code")
+        raise typer.Exit(1)
+
+
+@group.command()
+def logout(
+    ctx: typer.Context,
+    instance_name: Annotated[
+        str | None,
+        typer.Option(
+            help="Name of the Looker instance to logout from. If not provided, logs out from all instances."
+        ),
+    ] = None,
+    all: Annotated[
+        bool,
+        typer.Option(
+            "--all", help="Logout from all instances"
+        ),
+    ] = False,
+):
+    """
+    Logout and clear saved credentials
+    """
+    auth = get_auth(ctx)
+    if instance_name:
+        message = f"Are you sure you want to logout from instance '{instance_name}'?"
+    elif all:
+        message = "Are you sure you want to logout from all instances?"
+    else:
+        instance_name = auth.get_current_instance()
+        if not instance_name:
+            logger.error("No instance currently authenticated")
+            raise typer.Exit(1)
+        message = f"Are you sure you want to logout from instance '{instance_name}'?"
+
+    if not typer.confirm(message, default=False):
+        logger.info("Logout cancelled")
+        raise typer.Exit()
+
+    if instance_name:   
+        logger.info(f"Logging out from instance: {instance_name}")
+        auth.delete_auth(instance_name=instance_name)
+    else:
+        logger.info("Logging out from all instances...")
+        all_instances = auth.list_auth()
+        for instance in all_instances:
+            auth.delete_auth(instance_name=instance[0])
+    logger.info("Logged out successfully!")
+
+
+@group.command()
+def whoami(ctx: typer.Context):
+    """
+    Check current authentication
+    """
+    auth = get_auth(ctx)
+    sdk = auth.get_current_sdk(prompt_refresh_invalid_token=True)
+    if not sdk:
+        logger.error(
+            "Not currently authenticated - use `lkr auth login` or `lkr auth switch` to authenticate"
+        )
+        raise typer.Exit(1)
+    user = sdk.me()
+    logger.info(
+        f"Currently authenticated as {user.first_name} {user.last_name} ({user.email}) to {sdk.auth.settings.base_url}"
+    )
+
+
+@group.command()
+def switch(
+    ctx: typer.Context,
+    instance_name: Annotated[
+        str | None,
+        typer.Option(
+            "-I", "--instance-name", help="Name of the Looker instance to switch to"
+        ),
+    ] = None,
+):
+    """
+    Switch to a different authenticated Looker instance
+    """
+    auth = get_auth(ctx)
+    all_instances = auth.list_auth()
+    if not all_instances:
+        logger.error("No authenticated instances found")
+        raise typer.Exit(1)
+    
+    if instance_name:
+        # If instance name provided, verify it exists
+        instance_names = [name for name, url, current in all_instances]
+        if instance_name not in instance_names:
+            logger.error(f"Instance '{instance_name}' not found")
+            raise typer.Exit(1)
+    else:
+        # If no instance name provided, show selection menu
+        current_index = 0
+        instance_names = []
+        options: List[Option] = []
+        max_name_length = 0
+        for index, (name, _, current) in enumerate(all_instances):
+            if current:
+                current_index = index
+            max_name_length = max(max_name_length, len(name))
+            instance_names.append(name)
+        options = [
+            Option(label=f"{name:{max_name_length}} ({url})", value=name)
+            for name, url, _ in all_instances
+        ]
+
+        picked = pick(
+            options,
+            "Select instance to switch to",
+            min_selection_count=1,
+            default_index=current_index,
+            clear_screen=False,
+        )[0]
+        instance_name = cast(str, get(picked, "value"))
+    # Switch to selected instance
+    auth.set_current_instance(instance_name)
+    sdk = auth.get_current_sdk()
+    if not sdk:
+        logger.error("No looker instance currently authenticated")
+        raise typer.Exit(1)
+    user = sdk.me()
+    logger.info(
+        f"Successfully switched to {instance_name} ({sdk.auth.settings.base_url}) as {user.first_name} {user.last_name} ({user.email})"
+    )
+
+
+@group.command()
+def list(ctx: typer.Context):
+    """
+    List all authenticated Looker instances
+    """
+    console = Console()
+    auth = get_auth(ctx)
+    all_instances = auth.list_auth()
+    if not all_instances:
+        logger.error("No authenticated instances found")
+        raise typer.Exit(1)
+    table = Table(" ", "Instance", "URL")
+    for instance in all_instances:
+        table.add_row("*" if instance[2] else " ", instance[0], instance[1])
+    console.print(table)
+
+
+if __name__ == "__main__":
+    group()

lkr_dev_cli-0.0.2/lkr/auth/oauth.py

@@ -0,0 +1,145 @@
+import http.server
+import os
+import secrets
+import socket
+import socketserver
+import threading
+import urllib.parse
+import webbrowser
+from typing import Optional, TypedDict
+from urllib.parse import parse_qs
+
+from lkr.types import NewTokenCallback
+
+
+def kill_process_on_port(port: int) -> None:
+    """Kill any process currently using the specified port."""
+    try:
+        # Try to create a socket binding to check if port is in use
+        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        sock.bind(('localhost', port))
+        sock.close()
+        return  # Port is free, no need to kill anything
+    except socket.error:
+        # Port is in use, try to kill the process
+        if os.name == 'posix':  # macOS/Linux
+            os.system(f'lsof -ti tcp:{port} | xargs kill -9 2>/dev/null')
+        elif os.name == 'nt':  # Windows
+            os.system(f'for /f "tokens=5" %a in (\'netstat -aon ^| find ":{port}"\') do taskkill /F /PID %a 2>nul')
+
+
+class OAuthCallbackHandler(http.server.BaseHTTPRequestHandler):
+    def do_GET(self):
+        """Handle the callback from OAuth authorization"""
+        self.send_response(200)
+        self.send_header('Content-type', 'text/html')
+        self.end_headers()
+        
+        # Parse the authorization code from query parameters
+        query_components = parse_qs(urllib.parse.urlparse(self.path).query)
+        
+        # Store the code in the server instance
+        if 'code' in query_components:
+            self.auth_code = query_components['code'][0]
+        
+        # Display a success message to the user
+        self.wfile.write(b"Authentication successful! You can close this window.")
+        
+        # Shutdown the server
+        threading.Thread(target=self.server.shutdown).start()
+
+    def log_message(self, format, *args):
+        """Suppress logging of requests"""
+        pass
+
+class OAuthCallbackServer(socketserver.TCPServer):
+    def __init__(self, server_address):
+        super().__init__(server_address, OAuthCallbackHandler)
+        self.auth_code: Optional[str] = None
+
+class LoginResponse(TypedDict):
+    auth_code: Optional[str]
+    code_verifier: Optional[str]
+
+class OAuth2PKCE:
+    def __init__(self, new_token_callback: NewTokenCallback):
+        from lkr.auth_service import DbOAuthSession
+        self.auth_code: Optional[str] = None
+        self.state = secrets.token_urlsafe(16)
+        self.new_token_callback: NewTokenCallback = new_token_callback
+        self.auth_session: DbOAuthSession | None = None
+        self.server_thread: threading.Thread | None = None
+        self.server: OAuthCallbackServer | None = None
+        self.port: int = 8000
+        
+    def cleanup(self):
+        """Clean up the server and its thread."""
+        if self.server:
+            self.server.shutdown()
+            self.server.server_close()
+            self.server = None
+        if self.server_thread:
+            self.server_thread.join(timeout=1.0)
+            self.server_thread = None
+
+    def initiate_login(self, base_url: str) -> LoginResponse:
+        """
+        Initiates the OAuth2 PKCE login flow by opening the browser with the authorization URL
+        and starting a local server to catch the callback.
+        
+        Returns:
+            Optional[str]: The authorization code if successful, None otherwise
+        """
+        from lkr.auth_service import get_auth_session
+        
+        # Kill any process using port 8000
+        kill_process_on_port(self.port)
+        
+        # Start the local server
+        self.server = OAuthCallbackServer(('localhost', self.port))
+        
+        # Start the server in a separate thread
+        self.server_thread = threading.Thread(target=self.server.serve_forever)
+        self.server_thread.daemon = True
+        self.server_thread.start()
+        
+        # Construct and open the OAuth URL
+        self.auth_session = get_auth_session(base_url, self.new_token_callback)
+        oauth_url = self.auth_session.create_auth_code_request_url('cors_api', self.state)
+        
+        webbrowser.open(oauth_url)
+        
+        # Wait for the callback
+        self.server_thread.join()
+        
+        
+        # Get the authorization code
+        return LoginResponse(auth_code=self.server.auth_code, code_verifier=self.auth_session.code_verifier)
+
+    def exchange_code_for_token(self):
+        """
+        Exchange the authorization code for access and refresh tokens.
+        
+        Args:
+            base_url: The base URL of the Looker instance
+            client_id: The OAuth client ID
+            
+        Returns:
+            Dict containing access_token, refresh_token, token_type, and expires_in
+        """
+        if not self.auth_code:
+            raise ValueError("No authorization code available. Must call initiate_login first.")
+        if not self.auth_session:
+            raise ValueError("No auth session available. Must call initiate_login first.")
+        self.auth_session.redeem_auth_code(self.auth_code, self.auth_session.code_verifier)
+        self.cleanup()
+        return self.auth_session.token
+
+    def __del__(self):
+        self.cleanup()
+
+    def __enter__(self):
+        return self
+
+    def __exit__(self, exc_type, exc_value, traceback):
+        self.cleanup()