looky-cli 0.1.0__tar.gz

looky_cli-0.1.0/.gitignore

@@ -0,0 +1,33 @@
+# Runtime-only source config and secrets
+workspaces/**/runtime/sources.runtime.yml
+workspaces/**/secrets/
+ops/secrets/
+# CLI local workspaces — runtime and secrets are push-only, never commit
+cli/workspaces/*/runtime/sources.runtime.yml
+cli/workspaces/*/secrets/
+
+# Local environment files
+.env
+.env.*
+!.env.example
+
+# Generated artifacts
+.DS_Store
+__pycache__/
+cli/.venv/
+workspaces/**/.bk/
+*.pyc
+*.swp
+app/__pycache__/
+query-engine/node_modules/
+app/node_modules/
+docs-site/site/
+
+# Optional local cache files
+cache/
+*.duckdb
+*.duckdb.wal
+workspaces/**/runtime/cache/
+workspaces/**/runtime/exports/
+workspaces/**/tmp/
+workspaces/**/content/models/.bak/

looky_cli-0.1.0/.gitkeep

@@ -0,0 +1 @@
+

looky_cli-0.1.0/PKG-INFO

@@ -0,0 +1,9 @@
+Metadata-Version: 2.4
+Name: looky-cli
+Version: 0.1.0
+Summary: CLI for publishing content to a looky instance
+Requires-Python: >=3.9
+Requires-Dist: httpx>=0.27
+Requires-Dist: pyyaml>=6
+Requires-Dist: rich>=13
+Requires-Dist: typer>=0.12

looky_cli-0.1.0/looky_cli/client.py

@@ -0,0 +1,85 @@
+"""
+HTTP client for the looky API.
+"""
+from __future__ import annotations
+
+from typing import Any
+
+import httpx
+
+
+class LookyClientError(Exception):
+    def __init__(self, message: str, *, status_code: int = 0):
+        super().__init__(message)
+        self.status_code = status_code
+
+
+class LookyClient:
+    def __init__(self, *, url: str, token: str | None = None, timeout: float = 30.0):
+        self.base_url = url.rstrip("/")
+        self.token = token
+        self.timeout = timeout
+
+    def _headers(self) -> dict[str, str]:
+        headers: dict[str, str] = {"Content-Type": "application/json"}
+        if self.token:
+            headers["Authorization"] = f"Bearer {self.token}"
+        return headers
+
+    def _request(self, method: str, path: str, **kwargs: Any) -> dict[str, Any]:
+        url = f"{self.base_url}{path}"
+        try:
+            resp = httpx.request(
+                method,
+                url,
+                headers=self._headers(),
+                timeout=self.timeout,
+                **kwargs,
+            )
+        except httpx.ConnectError as exc:
+            raise LookyClientError(f"Cannot connect to {self.base_url}: {exc}") from exc
+        except httpx.TimeoutException as exc:
+            raise LookyClientError(f"Request timed out: {exc}") from exc
+        except httpx.RequestError as exc:
+            raise LookyClientError(f"Request error: {exc}") from exc
+
+        try:
+            data = resp.json()
+        except Exception:
+            data = {}
+
+        if not resp.is_success:
+            msg = (data.get("error") if isinstance(data, dict) else None) or resp.reason_phrase or "request failed"
+            raise LookyClientError(str(msg), status_code=resp.status_code)
+
+        return data if isinstance(data, dict) else {}
+
+    def get(self, path: str, **kwargs: Any) -> dict[str, Any]:
+        return self._request("GET", path, **kwargs)
+
+    def post(self, path: str, json: dict[str, Any] | None = None, **kwargs: Any) -> dict[str, Any]:
+        return self._request("POST", path, json=json, **kwargs)
+
+    def delete(self, path: str, **kwargs: Any) -> dict[str, Any]:
+        return self._request("DELETE", path, **kwargs)
+
+    def otp_start(self, email: str) -> dict[str, Any]:
+        return self.post("/api/auth/otp/email/start", json={"email": email, "expiration_minutes": 10})
+
+    def otp_authenticate(self, *, method_id: str, email: str, code: str) -> dict[str, Any]:
+        return self.post(
+            "/api/auth/otp/email/authenticate",
+            json={
+                "method_id": method_id,
+                "email": email,
+                "code": code,
+                "session_duration_minutes": 60,
+            },
+            params={"mode": "cli"},
+        )
+
+    def whoami(self) -> dict[str, Any]:
+        return self.get("/api/cli/whoami")
+
+    def revoke_token(self) -> dict[str, Any]:
+        return self.delete("/api/cli/token")

looky_cli-0.1.0/looky_cli/commands/auth.py

@@ -0,0 +1,154 @@
+from __future__ import annotations
+
+from pathlib import Path
+
+import typer
+from rich.console import Console
+from rich.table import Table
+
+from looky_cli import config as cfg
+from looky_cli.client import LookyClient, LookyClientError
+from looky_cli.commands.billing import relogin_command, require_root_context
+
+console = Console()
+app = typer.Typer(help="Authenticate with a looky instance.")
+
+
+@app.command("login")
+def login(
+    url: str = typer.Argument(..., help="Instance URL (e.g. https://looky.example.com)"),
+    root_path: Path = typer.Argument(..., help="Local root path linked to this instance"),
+    email: str = typer.Option(None, "--email", "-e", help="Email address registered in this looky instance"),
+) -> None:
+    """Log in to a looky instance via email OTP."""
+    url = url.rstrip("/")
+    linked_root = root_path.expanduser().resolve()
+    if not linked_root.is_dir():
+        console.print(f"[red]Root path not found: [bold]{linked_root}[/bold][/red]")
+        raise typer.Exit(1)
+
+    if not email:
+        email = typer.prompt("Email")
+    email = email.strip().lower()
+
+    client = LookyClient(url=url)
+
+    console.print(f"Sending verification code to [bold]{email}[/bold]…")
+    try:
+        start_result = client.otp_start(email)
+    except LookyClientError as exc:
+        console.print(f"[red]Error: {exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    method_id: str = str(start_result.get("method_id") or "")
+    project_type: str = str(start_result.get("project_type") or "consumer")
+
+    console.print("Check your email for the verification code.")
+    code = typer.prompt("Verification code")
+    code = code.strip()
+
+    try:
+        auth_result = client.otp_authenticate(
+            method_id=method_id,
+            email=email if project_type == "b2b" else "",
+            code=code,
+        )
+    except LookyClientError as exc:
+        console.print(f"[red]Authentication failed: {exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    cli_token = str(auth_result.get("cli_token") or "")
+    cli_token_expires_at = str(auth_result.get("cli_token_expires_at") or "")
+    app_user = auth_result.get("app_user") or {}
+
+    if not cli_token:
+        console.print("[red]Server did not return a CLI token. Make sure the server supports CLI auth.[/red]")
+        raise typer.Exit(1)
+
+    cfg.save_session(
+        url,
+        token=cli_token,
+        expires_at=cli_token_expires_at,
+        user=app_user,
+    )
+    try:
+        cfg.bind_workspace_root(linked_root, url=url)
+    except ValueError as exc:
+        console.print(f"[red]{exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    console.print(f"[green]Logged in as [bold]{app_user.get('email', email)}[/bold][/green]")
+    console.print(f"[dim]Linked root: [bold]{linked_root}[/bold] -> {url}[/dim]")
+    _print_user_table(app_user)
+
+
+@app.command("logout")
+def logout() -> None:
+    """Revoke the CLI token and clear local credentials."""
+    root_context = require_root_context(Path.cwd(), exact_root=False)
+    url = root_context.url
+    token = root_context.token
+
+    if token and url:
+        client = LookyClient(url=url, token=token)
+        try:
+            client.revoke_token()
+        except LookyClientError:
+            pass
+
+    cfg.clear_session(url)
+    cfg.clear_root_billing_account_id(root_context.root_path)
+    console.print(
+        "[green]Logged out from "
+        f"[bold]{url}[/bold] for linked root [bold]{root_context.root_path}[/bold].[/green]"
+    )
+
+
+@app.command("whoami")
+def whoami() -> None:
+    """Show the currently authenticated user."""
+    root_context = require_root_context(Path.cwd(), exact_root=False)
+    url = root_context.url
+    token = root_context.token
+
+    if not token:
+        console.print(
+            "[red]Not logged in for the linked root "
+            f"[bold]{root_context.root_path}[/bold]. Run "
+            f"[bold]looky login {url} {root_context.root_path}[/bold] first.[/red]"
+        )
+        raise typer.Exit(1)
+
+    client = LookyClient(url=url, token=token)
+    try:
+        result = client.whoami()
+    except LookyClientError as exc:
+        if exc.status_code == 401:
+            console.print(
+                "[red]Token expired or revoked. Run "
+                f"[bold]{relogin_command(root_context)}[/bold] again.[/red]"
+            )
+        else:
+            console.print(f"[red]Error: {exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    user = result.get("user") or {}
+    console.print(
+        f"[green]Authenticated on [bold]{url}[/bold] "
+        f"for [bold]{root_context.root_path}[/bold][/green]"
+    )
+    _print_user_table(user)
+
+
+def _print_user_table(user: dict) -> None:
+    t = Table(show_header=False, box=None, padding=(0, 1))
+    t.add_column(style="dim")
+    t.add_column()
+    if user.get("first_name") or user.get("last_name"):
+        name = f"{user.get('first_name', '')} {user.get('last_name', '')}".strip()
+        t.add_row("name", name)
+    if user.get("email"):
+        t.add_row("email", str(user["email"]))
+    if user.get("role"):
+        t.add_row("role", str(user["role"]))
+    console.print(t)

looky_cli-0.1.0/looky_cli/commands/billing.py

@@ -0,0 +1,165 @@
+"""Billing account commands for the looky CLI."""
+from __future__ import annotations
+
+from pathlib import Path
+
+import typer
+from rich.console import Console
+from rich.table import Table
+
+from looky_cli import config as cfg
+from looky_cli.client import LookyClient, LookyClientError
+from looky_cli.workspace import RootContext, WorkspaceResolutionError, resolve_root_context
+
+console = Console()
+app = typer.Typer(help="Manage billing account context.")
+
+
+def relogin_command(root_context: RootContext) -> str:
+    return f"looky login {root_context.url} {root_context.root_path}"
+
+
+def require_root_context(path: Path, *, exact_root: bool) -> RootContext:
+    try:
+        root_context = resolve_root_context(path.resolve())
+    except WorkspaceResolutionError as exc:
+        console.print(f"[red]{exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    if exact_root and root_context.current_path != root_context.root_path:
+        console.print(
+            f"[red]This command must be run from the linked root [bold]{root_context.root_path}[/bold].[/red]"
+        )
+        raise typer.Exit(1)
+
+    return root_context
+
+
+def build_authenticated_client(root_context: RootContext) -> LookyClient:
+    if not root_context.token:
+        console.print(
+            "[red]Not logged in for the linked root "
+            f"[bold]{root_context.root_path}[/bold]. Run "
+            f"[bold]looky login {root_context.url} {root_context.root_path}[/bold] first.[/red]"
+        )
+        raise typer.Exit(1)
+    return LookyClient(url=root_context.url, token=root_context.token)
+
+
+def require_authenticated_client(path: Path, *, exact_root: bool) -> tuple[RootContext, LookyClient]:
+    root_context = require_root_context(path, exact_root=exact_root)
+    return root_context, build_authenticated_client(root_context)
+
+
+def require_billing_context(
+    root_context: RootContext,
+    client: LookyClient,
+    *,
+    expected_billing_account_id: str | None = None,
+) -> str:
+    """
+    If billing is enabled, require an active billing account.
+    Prints error and raises typer.Exit(1) if not set.
+    """
+    try:
+        client.get("/api/cli/whoami")
+    except LookyClientError:
+        pass
+    bid = root_context.billing_account_id
+    if not bid:
+        console.print(
+            "[red]No active billing account for linked root "
+            f"[bold]{root_context.root_path}[/bold]. Run "
+            "[bold]looky billing use <id>[/bold] first.[/red]"
+        )
+        raise typer.Exit(1)
+    if expected_billing_account_id and bid != expected_billing_account_id:
+        console.print(
+            "[red]Active billing account "
+            f"[bold]{bid}[/bold] does not match the current path. Expected "
+            f"[bold]{expected_billing_account_id}[/bold]. Run "
+            f"[bold]looky billing use {expected_billing_account_id}[/bold] "
+            f"from [bold]{root_context.root_path}[/bold] first.[/red]"
+        )
+        raise typer.Exit(1)
+    return bid
+
+
+@app.command("list")
+def billing_list() -> None:
+    """List billing accounts you have access to (owner, developer, or read)."""
+    root_context, client = require_authenticated_client(Path.cwd(), exact_root=True)
+    try:
+        result = client.get("/api/cli/billing/list")
+    except LookyClientError as exc:
+        if exc.status_code == 401:
+            console.print(
+                "[red]Token expired or revoked. Run "
+                f"[bold]{relogin_command(root_context)}[/bold] again.[/red]"
+            )
+        else:
+            console.print(f"[red]Error: {exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    accounts = result.get("billing_accounts") or []
+    current = root_context.billing_account_id
+
+    if not accounts:
+        console.print("[yellow]No billing accounts available. You need access as owner, developer, or read.[/yellow]")
+        return
+
+    t = Table(show_header=True, header_style="bold")
+    t.add_column("ID")
+    t.add_column("Name")
+    t.add_column("Role")
+    t.add_column("", width=4)
+
+    for a in accounts:
+        bid = str(a.get("id") or "")
+        name = str(a.get("display_name") or bid)
+        role = str(a.get("role") or "")
+        marker = " *" if bid == current else ""
+        t.add_row(bid, name, role, marker)
+
+    console.print(t)
+    if current:
+        console.print(f"\n[dim]* = active billing account ([bold]{current}[/bold])[/dim]")
+    else:
+        console.print(
+            "\n[yellow]No active billing account. Run [bold]looky billing use &lt;id&gt;[/bold] to set one.[/yellow]"
+        )
+
+
+@app.command("use")
+def billing_use(
+    billing_account_id: str = typer.Argument(..., help="Billing account ID to activate"),
+) -> None:
+    """Set the active billing account. Validates you have access (SA, owner, developer, or read)."""
+    root_context, client = require_authenticated_client(Path.cwd(), exact_root=True)
+
+    bid = billing_account_id.strip()
+    if not bid:
+        console.print("[red]Billing account ID is required.[/red]")
+        raise typer.Exit(1)
+
+    try:
+        client.get("/api/cli/billing/validate", params={"billing_account_id": bid})
+    except LookyClientError as exc:
+        if exc.status_code == 401:
+            console.print(
+                "[red]Token expired or revoked. Run "
+                f"[bold]{relogin_command(root_context)}[/bold] again.[/red]"
+            )
+        elif exc.status_code == 403:
+            console.print(
+                f"[red]No access to billing account [bold]{bid}[/bold]. "
+                "Run [bold]looky billing list[/bold] to see available accounts.[/red]"
+            )
+        elif exc.status_code == 400:
+            console.print(f"[red]{exc}[/red]")
+        else:
+            console.print(f"[red]Error: {exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    cfg.set_root_billing_account_id(root_context.root_path, bid)
+    console.print(f"[green]Active billing account set to [bold]{bid}[/bold].[/green]")

looky_cli-0.1.0/looky_cli/commands/create.py

@@ -0,0 +1,159 @@
+from __future__ import annotations
+
+from pathlib import Path
+
+import typer
+from rich.console import Console
+from rich.table import Table
+
+from looky_cli.client import LookyClient, LookyClientError
+from looky_cli.commands.billing import build_authenticated_client, relogin_command, require_billing_context
+from looky_cli.workspace import WorkspaceResolutionError, resolve_billing_directory
+
+console = Console()
+
+
+def create(
+    workspace_slug: str = typer.Argument(..., help="Workspace slug to create under the current billing directory"),
+    name: str = typer.Option(None, "--name", "-n", help="Human-readable workspace name"),
+    description: str = typer.Option("", "--description", "-d", help="Short description"),
+    local_only: bool = typer.Option(
+        False,
+        "--local-only",
+        help="Only create the local skeleton, skip server registration",
+    ),
+) -> None:
+    """
+    Register a new workspace on the server and scaffold it locally.
+
+    The workspace is registered on the server first (fails if it already exists),
+    then the local directory skeleton is created. The calling user is automatically
+    granted write access.
+    """
+    slug = _normalize_workspace_slug(workspace_slug)
+    try:
+        billing_dir = resolve_billing_directory(Path.cwd())
+    except WorkspaceResolutionError as exc:
+        console.print(f"[red]{exc}[/red]")
+        raise typer.Exit(1) from exc
+
+    workspace_id = f"{billing_dir.billing_account_id}/{slug}"
+    resolved_name = name or slug
+    dest = billing_dir.billing_path / slug
+
+    client: LookyClient | None = None
+    if not local_only:
+        client = build_authenticated_client(billing_dir.root_context)
+        require_billing_context(
+            billing_dir.root_context,
+            client,
+            expected_billing_account_id=billing_dir.billing_account_id,
+        )
+
+    if not local_only:
+        with console.status(f"Registering [bold]{workspace_id}[/bold] on {billing_dir.root_context.url}…"):
+            try:
+                result = client.post(  # type: ignore[union-attr]
+                    "/api/cli/workspaces",
+                    json={
+                        "workspace_id": workspace_id,
+                        "name": resolved_name,
+                        "description": description,
+                    },
+                )
+            except LookyClientError as exc:
+                if exc.status_code == 409:
+                    console.print(
+                        f"[red]Workspace [bold]{workspace_id}[/bold] already exists on the server. "
+                        f"Use [bold]looky pull {slug}[/bold] from [bold]{billing_dir.billing_path}[/bold] "
+                        "to get its content.[/red]"
+                    )
+                elif exc.status_code == 401:
+                    console.print(
+                        "[red]Token expired or revoked. Run "
+                        f"[bold]{relogin_command(billing_dir.root_context)}[/bold] again.[/red]"
+                    )
+                elif exc.status_code == 400:
+                    console.print(f"[red]Invalid input: {exc}[/red]")
+                else:
+                    console.print(f"[red]Failed to create workspace: {exc}[/red]")
+                raise typer.Exit(1) from exc
+
+        console.print(
+            f"[green]✓ Workspace [bold]{workspace_id}[/bold] registered on server "
+            f"(access: {result.get('access_mode', 'write')})[/green]"
+        )
+
+    # -----------------------------------------------------------------------
+    # Local skeleton
+    # -----------------------------------------------------------------------
+    if dest.exists() and any(dest.iterdir()):
+        console.print(
+            f"[yellow]Local directory [bold]{dest}[/bold] already exists and is not empty — skipping skeleton.[/yellow]"
+        )
+    else:
+        _scaffold_local(dest, workspace_slug=slug, name=resolved_name, description=description)
+        console.print(f"[green]✓ Local skeleton created at [bold]{dest}[/bold][/green]")
+
+    _print_next_steps(workspace_id, dest)
+
+
+def _normalize_workspace_slug(workspace_slug: str) -> str:
+    slug = workspace_slug.strip().strip("/")
+    if not slug or "/" in slug or slug in {".", ".."}:
+        console.print("[red]Workspace slug must be a single path segment.[/red]")
+        raise typer.Exit(1)
+    return slug
+
+
+def _scaffold_local(dest: Path, *, workspace_slug: str, name: str, description: str) -> None:
+    dest.mkdir(parents=True, exist_ok=True)
+
+    ws_yml = dest / "workspace.yml"
+    ws_yml.write_text(
+        f"id: {workspace_slug}\n"
+        f"name: {name}\n"
+        + (f"description: {description}\n" if description else "")
+        + "ui:\n"
+        "  default_locale: en\n"
+        "  supported_locales: [en, es]\n",
+        encoding="utf-8",
+    )
+
+    for subdir in (
+        "content/models",
+        "content/visualizations",
+        "content/dashboards",
+        "content/exports",
+        "runtime",
+    ):
+        (dest / subdir).mkdir(parents=True, exist_ok=True)
+
+    runtime_example = dest / "runtime" / "sources.runtime.yml"
+    runtime_example.write_text(
+        "# Runtime source configuration — DO NOT commit secrets.\n"
+        "# See docs for supported types: bigquery, postgres.\n\n"
+        "sources:\n"
+        "  my_source:\n"
+        "    type: bigquery\n"
+        "    project_id: \"my-gcp-project\"\n"
+        "    credentials_file: \"secrets/my-sa.json\"\n",
+        encoding="utf-8",
+    )
+
+    secrets_gitkeep = dest / "secrets" / ".gitkeep"
+    secrets_gitkeep.parent.mkdir(parents=True, exist_ok=True)
+    secrets_gitkeep.touch()
+
+
+def _print_next_steps(workspace_id: str, dest: Path) -> None:
+    console.print(f"\n[bold]Next steps:[/bold]")
+    t = Table(show_header=False, box=None, padding=(0, 1))
+    t.add_column(style="dim", no_wrap=True)
+    t.add_column()
+    t.add_row("1.", f"Add your source config in [bold]{dest}/runtime/sources.runtime.yml[/bold]")
+    t.add_row("2.", f"Add credentials to [bold]{dest}/secrets/[/bold]  (never commit these)")
+    t.add_row("3.", f"Write your Malloy models in [bold]{dest}/content/models/[/bold]")
+    t.add_row("4.", f"Change into [bold]{dest}[/bold] and run [bold]looky validate[/bold]")
+    t.add_row("5.", f"From [bold]{dest}[/bold], run [bold]looky push[/bold] when ready")
+    console.print(t)