mrok 0.1.6__py3-none-any.whl → 0.1.8__py3-none-any.whl

mrok/__init__.py

@@ -0,0 +1,6 @@
+from importlib.metadata import PackageNotFoundError, version
+
+try:
+    __version__ = version("mrok")
+except PackageNotFoundError:  # pragma: no cover
+    __version__ = "0.0.0.dev0"

mrok/agent/sidecar/__init__.py

@@ -0,0 +1,3 @@
+from mrok.agent.sidecar.main import run
+
+__all__ = ["run"]

mrok/agent/sidecar/app.py

@@ -0,0 +1,30 @@
+import asyncio
+import logging
+from collections.abc import Awaitable, Callable
+from pathlib import Path
+from typing import Any
+
+from mrok.http.forwarder import ForwardAppBase
+
+logger = logging.getLogger("mrok.proxy")
+
+Scope = dict[str, Any]
+ASGIReceive = Callable[[], Awaitable[dict[str, Any]]]
+ASGISend = Callable[[dict[str, Any]], Awaitable[None]]
+
+
+class ForwardApp(ForwardAppBase):
+    def __init__(
+        self, target_address: str | Path | tuple[str, int], read_chunk_size: int = 65536
+    ) -> None:
+        super().__init__(read_chunk_size=read_chunk_size)
+        self._target_address = target_address
+
+    async def select_backend(
+        self,
+        scope: Scope,
+        headers: dict[str, str],
+    ) -> tuple[asyncio.StreamReader, asyncio.StreamWriter] | tuple[None, None]:
+        if isinstance(self._target_address, tuple):
+            return await asyncio.open_connection(*self._target_address)
+        return await asyncio.open_unix_connection(str(self._target_address))

mrok/agent/sidecar/main.py

@@ -0,0 +1,27 @@
+import asyncio
+import contextlib
+from functools import partial
+from pathlib import Path
+
+from mrok.agent.sidecar.app import ForwardApp
+from mrok.http.config import MrokBackendConfig
+from mrok.http.master import Master
+from mrok.http.server import MrokServer
+
+
+def run_sidecar(identity_file: str, target_addr: str | Path | tuple[str, int]):
+    config = MrokBackendConfig(ForwardApp(target_addr), identity_file)
+    server = MrokServer(config)
+    with contextlib.suppress(KeyboardInterrupt, asyncio.CancelledError):
+        server.run()
+
+
+def run(
+    identity_file: str,
+    target_addr: str | Path | tuple[str, int],
+    workers=4,
+    reload=False,
+):
+    start_fn = partial(run_sidecar, identity_file, target_addr)
+    master = Master(start_fn, workers=workers, reload=reload)
+    master.run()

mrok/agent/ziticorn.py

@@ -0,0 +1,29 @@
+import asyncio
+import contextlib
+import os
+from functools import partial
+
+from mrok.http.config import ASGIApplication, MrokBackendConfig
+from mrok.http.master import Master
+from mrok.http.server import MrokServer
+
+
+def run_ziticorn(app: ASGIApplication | str, identity_file: str):
+    import sys
+
+    sys.path.insert(0, os.getcwd())
+    config = MrokBackendConfig(app, identity_file)
+    server = MrokServer(config)
+    with contextlib.suppress(KeyboardInterrupt, asyncio.CancelledError):
+        server.run()
+
+
+def run(
+    app: ASGIApplication | str,
+    identity_file: str,
+    workers: int = 4,
+    reload: bool = False,
+):
+    start_fn = partial(run_ziticorn, app, identity_file)
+    master = Master(start_fn, workers=workers, reload=reload)
+    master.run()

mrok/cli/__init__.py

@@ -0,0 +1,3 @@
+from mrok.cli.main import app, run
+
+__all__ = ["app", "run"]

mrok/cli/commands/__init__.py

@@ -0,0 +1,7 @@
+from mrok.cli.commands import admin, agent, controller
+
+__all__ = [
+    "admin",
+    "agent",
+    "controller",
+]

mrok/cli/commands/admin/__init__.py

@@ -0,0 +1,12 @@
+import typer
+
+from mrok.cli.commands.admin import bootstrap
+from mrok.cli.commands.admin.list import app as list_app
+from mrok.cli.commands.admin.register import app as register_app
+from mrok.cli.commands.admin.unregister import app as unregister_app
+
+app = typer.Typer(help="mrok administrative commands.")
+app.add_typer(register_app)
+app.add_typer(unregister_app)
+app.add_typer(list_app)
+bootstrap.register(app)

mrok/cli/commands/admin/bootstrap.py

@@ -0,0 +1,58 @@
+import asyncio
+import json
+import logging
+from pathlib import Path
+from typing import Annotated, Any
+
+import typer
+
+from mrok.cli.commands.admin.utils import parse_tags
+from mrok.conf import Settings
+from mrok.ziti.api import TagsType, ZitiClientAPI, ZitiManagementAPI
+from mrok.ziti.bootstrap import bootstrap_identity
+
+logger = logging.getLogger(__name__)
+
+
+async def bootstrap(
+    settings: Settings, forced: bool, tags: TagsType | None
+) -> tuple[str, dict[str, Any] | None]:
+    async with ZitiManagementAPI(settings) as mgmt_api, ZitiClientAPI(settings) as client_api:
+        return await bootstrap_identity(
+            mgmt_api,
+            client_api,
+            settings.proxy.identity,
+            settings.proxy.mode,
+            forced,
+            tags,
+        )
+
+
+def register(app: typer.Typer) -> None:
+    @app.command("bootstrap")
+    def run_bootstrap(
+        ctx: typer.Context,
+        identity_file: Path = typer.Argument(
+            Path("proxy_identity.json"),
+            help="Path to identity output file",
+            writable=True,
+        ),
+        forced: bool = typer.Option(
+            False,
+            "--force",
+            help="Regenerate identity even if it already exists",
+        ),
+        tags: Annotated[
+            list[str] | None,
+            typer.Option(
+                "--tag",
+                "-t",
+                help="Add tag",
+                show_default=True,
+            ),
+        ] = None,
+    ):
+        """Run the mrok bootstrap."""
+        _, identity_json = asyncio.run(bootstrap(ctx.obj, forced, parse_tags(tags)))
+        if identity_json:
+            json.dump(identity_json, identity_file.open("w"))

mrok/cli/commands/admin/list/__init__.py

@@ -0,0 +1,8 @@
+import typer
+
+from mrok.cli.commands.admin.list import extensions, instances
+
+app = typer.Typer(name="list", help="Show resources in OpenZiti.")
+
+extensions.register(app)
+instances.register(app)

mrok/cli/commands/admin/list/extensions.py

@@ -0,0 +1,144 @@
+import asyncio
+from typing import Annotated
+
+import typer
+from rich import box
+from rich.table import Table
+
+from mrok.cli.commands.admin.utils import (
+    extract_names,
+    format_tags,
+    format_timestamp,
+    tags_to_filter,
+)
+from mrok.cli.rich import get_console
+from mrok.conf import Settings
+from mrok.ziti.api import ZitiManagementAPI
+
+
+async def get_extensions(
+    settings: Settings, detailed: bool, tags: list[str] | None = None
+) -> list[dict]:
+    async with ZitiManagementAPI(settings) as api:
+        if tags is None:
+            params = None
+        else:
+            params = {"filter": tags_to_filter(tags)}
+
+        services = [service async for service in api.services(params=params)]
+        if detailed:
+            for service in services:
+                service["configs"] = [
+                    config
+                    async for config in api.collection_iterator(
+                        f"/services/{service['id']}/configs",
+                    )
+                ]
+                service["policies"] = [
+                    policy
+                    async for policy in api.collection_iterator(
+                        f"/services/{service['id']}/service-policies",
+                    )
+                ]
+        return services
+
+
+def render_tsv(extensions: list[dict], detailed: bool) -> None:
+    console = get_console()
+    if detailed:
+        console.print("id\tname\tconfigurations\tpolicies\ttags\tcreated\tupdated")
+        for extension in extensions:
+            console.print(
+                f"{extension['id']}\t{extension['name']}\t"
+                f"{extract_names(extension['configs'], ', ')}\t"
+                f"{extract_names(extension['policies'], ', ')}\t"
+                f"{format_tags(extension['tags'], ', ')}\t"
+                f"{format_timestamp(extension['createdAt'])}\t"
+                f"{format_timestamp(extension['updatedAt'])}"
+            )
+    else:
+        console.print("id\tname\ttags\tcreated")
+        for extension in extensions:
+            console.print(
+                f"{extension['id']}\t{extension['name']}\t"
+                f"{format_tags(extension['tags'], ', ')}\t"
+                f"{format_timestamp(extension['createdAt'])}\t"
+            )
+
+
+def render_table(extensions: list[dict], detailed: bool) -> None:
+    table = Table(
+        box=box.ROUNDED,
+        title="🔍 Extensions in OpenZiti (services):",
+        title_justify="left",
+        border_style="#472AFF",
+        show_lines=True,
+    )
+    table.add_column("Id", style="green")
+    table.add_column("Name", style="bold cyan")
+    if detailed:
+        table.add_column("Configurations")
+        table.add_column("Service Policies")
+    table.add_column("Tags")
+    table.add_column("Created", style="dim")
+    if detailed:
+        table.add_column("Updated", style="dim")
+
+    for extension in extensions:
+        row = [
+            extension["id"],
+            extension["name"],
+        ]
+        if detailed:
+            row += [
+                extract_names(extension["configs"]),
+                extract_names(extension["policies"]),
+            ]
+        row += [
+            format_tags(extension["tags"]),
+            format_timestamp(extension["createdAt"]),
+        ]
+        if detailed:
+            row.append(format_timestamp(extension["updatedAt"]))
+
+        table.add_row(*row)
+
+    get_console().print(table)
+
+
+def register(app: typer.Typer) -> None:
+    @app.command("extensions")
+    def list_extensions(
+        ctx: typer.Context,
+        detailed: bool = typer.Option(
+            False,
+            "--detailed",
+            "-d",
+            help="Output detailed information",
+        ),
+        tags: Annotated[
+            list[str] | None,
+            typer.Option(
+                "--tag",
+                "-t",
+                help="Add tag",
+                show_default=True,
+            ),
+        ] = None,
+        tsv_output: bool = typer.Option(
+            False,
+            "--tsv",
+            help="Output as TSV",
+        ),
+    ):
+        """List extensions in OpenZiti (service)."""
+        extensions = asyncio.run(get_extensions(ctx.obj, detailed, tags))
+
+        if len(extensions) == 0:
+            get_console().print("No extensions found.")
+            return
+
+        if tsv_output:
+            render_tsv(extensions, detailed)
+        else:
+            render_table(extensions, detailed)

mrok/cli/commands/admin/list/instances.py

@@ -0,0 +1,167 @@
+import asyncio
+from typing import Annotated
+
+import typer
+from rich import box
+from rich.table import Table
+
+from mrok.cli.commands.admin.utils import (
+    extract_names,
+    format_tags,
+    format_timestamp,
+    tags_to_filter,
+)
+from mrok.cli.rich import get_console
+from mrok.conf import Settings
+from mrok.ziti.api import ZitiManagementAPI
+from mrok.ziti.constants import (
+    MROK_IDENTITY_TYPE_TAG_NAME,
+    MROK_IDENTITY_TYPE_TAG_VALUE_INSTANCE,
+)
+
+
+async def get_instances(
+    settings: Settings, detailed: bool, extension: str | None = None, tags: list[str] | None = None
+) -> list[dict]:
+    async with ZitiManagementAPI(settings) as api:
+        tags = tags or []
+        tags.append(f"{MROK_IDENTITY_TYPE_TAG_NAME}={MROK_IDENTITY_TYPE_TAG_VALUE_INSTANCE}")
+        identities = [
+            identity async for identity in api.identities(params={"filter": tags_to_filter(tags)})
+        ]
+        if detailed or extension:
+            for identity in identities:
+                identity["services"] = [
+                    service
+                    async for service in api.collection_iterator(
+                        f"/identities/{identity['id']}/services"
+                    )
+                ]
+                identity["policies"] = [
+                    policy
+                    async for policy in api.collection_iterator(
+                        f"/identities/{identity['id']}/service-policies"
+                    )
+                ]
+
+        if extension:
+            return [
+                identity
+                for identity in identities
+                if any(
+                    service["id"] == extension or service["name"] == extension
+                    for service in identity["services"]
+                )
+            ]
+
+        return identities
+
+
+def render_tsv(instances: list[dict], detailed: bool) -> None:
+    console = get_console()
+    if detailed:
+        console.print("id\tname\tservices\tpolicies\ttags\tcreated\tupdated")
+        for instance in instances:
+            console.print(
+                f"{instance['id']}\t{instance['name']}\t"
+                f"{extract_names(instance['services'], ', ')}\t"
+                f"{extract_names(instance['policies'], ', ')}\t"
+                f"{format_tags(instance['tags'], ', ')}\t"
+                f"{format_timestamp(instance['createdAt'])}\t"
+                f"{format_timestamp(instance['updatedAt'])}"
+            )
+    else:
+        console.print("id\tname\ttags\tcreated")
+        for instance in instances:
+            console.print(
+                f"{instance['id']}\t{instance['name']}\t"
+                f"{format_tags(instance['tags'], ', ')}\t"
+                f"{format_timestamp(instance['createdAt'])}\t"
+            )
+
+
+def render_table(instances: list[dict], detailed: bool) -> None:
+    table = Table(
+        box=box.ROUNDED,
+        title="🔍 Instances in OpenZiti (identities):",
+        title_justify="left",
+        border_style="#472AFF",
+        show_lines=True,
+    )
+    table.add_column("Id", style="green")
+    table.add_column("Name", style="bold cyan")
+    if detailed:
+        table.add_column("Associated services")
+        table.add_column("Associated service policies")
+    table.add_column("Tags")
+    table.add_column("Created", style="dim")
+    if detailed:
+        table.add_column("Updated", style="dim")
+
+    for instance in instances:
+        row = [
+            instance["id"],
+            instance["name"],
+        ]
+        if detailed:
+            row += [
+                extract_names(instance["services"]),
+                extract_names(instance["policies"]),
+            ]
+        row += [
+            format_tags(instance["tags"]),
+            format_timestamp(instance["createdAt"]),
+        ]
+        if detailed:
+            row.append(format_timestamp(instance["updatedAt"]))
+
+        table.add_row(*row)
+
+    get_console().print(table)
+
+
+def register(app: typer.Typer) -> None:
+    @app.command("instances")
+    def list_instances(
+        ctx: typer.Context,
+        extension: Annotated[
+            str | None,
+            typer.Option(
+                "--extension",
+                "-e",
+                help="Filter instances by extension",
+                show_default=True,
+            ),
+        ] = None,
+        tags: Annotated[
+            list[str] | None,
+            typer.Option(
+                "--tag",
+                "-t",
+                help="Add tag",
+                show_default=True,
+            ),
+        ] = None,
+        detailed: bool = typer.Option(
+            False,
+            "--detailed",
+            "-d",
+            help="Output detailed information",
+        ),
+        tsv_output: bool = typer.Option(
+            False,
+            "--tsv",
+            help="Output as TSV",
+        ),
+    ):
+        """List instances in OpenZiti (identities)."""
+        instances = asyncio.run(get_instances(ctx.obj, detailed, extension, tags))
+
+        if len(instances) == 0:
+            get_console().print("No instances found.")
+            return
+
+        if tsv_output:
+            render_tsv(instances, detailed)
+        else:
+            render_table(instances, detailed)

mrok/cli/commands/admin/register/__init__.py

@@ -0,0 +1,8 @@
+import typer
+
+from mrok.cli.commands.admin.register import extensions, instances
+
+app = typer.Typer(name="register", help="Register resources into OpenZiti.")
+
+extensions.register(app)
+instances.register(app)

mrok/cli/commands/admin/register/extensions.py

@@ -0,0 +1,46 @@
+import asyncio
+import re
+from typing import Annotated
+
+import typer
+from rich import print
+
+from mrok.cli.commands.admin.utils import parse_tags
+from mrok.conf import Settings
+from mrok.ziti.api import ZitiManagementAPI
+from mrok.ziti.services import register_extension
+
+RE_EXTENSION_ID = re.compile(r"(?i)EXT-\d{4}-\d{4}")
+
+
+async def do_register(settings: Settings, extension_id: str, tags: list[str] | None):
+    async with ZitiManagementAPI(settings) as api:
+        await register_extension(settings, api, extension_id, tags=parse_tags(tags))
+
+
+def validate_extension_id(extension_id: str) -> str:
+    if not RE_EXTENSION_ID.fullmatch(extension_id):
+        raise typer.BadParameter("ext_id must match EXT-xxxx-yyyy (case-insensitive)")
+    return extension_id
+
+
+def register(app: typer.Typer) -> None:
+    @app.command("extension")
+    def register_extension(
+        ctx: typer.Context,
+        extension_id: str = typer.Argument(
+            ..., callback=validate_extension_id, help="Extension ID in format EXT-xxxx-yyyy"
+        ),
+        tags: Annotated[
+            list[str] | None,
+            typer.Option(
+                "--tag",
+                "-t",
+                help="Add tag",
+                show_default=True,
+            ),
+        ] = None,
+    ):
+        """Register a new Extension in OpenZiti (service)."""
+        asyncio.run(do_register(ctx.obj, extension_id, tags))
+        print(f"🍻 [green]Extension [bold]{extension_id}[/bold] registered.[/green]")

mrok/cli/commands/admin/register/instances.py

@@ -0,0 +1,60 @@
+import asyncio
+import json
+import re
+from pathlib import Path
+from typing import Annotated
+
+import typer
+
+from mrok.cli.commands.admin.utils import parse_tags
+from mrok.conf import Settings
+from mrok.ziti.api import ZitiClientAPI, ZitiManagementAPI
+from mrok.ziti.identities import register_instance
+
+RE_EXTENSION_ID = re.compile(r"(?i)EXT-\d{4}-\d{4}")
+
+
+async def do_register(
+    settings: Settings, extension_id: str, instance_id: str, tags: list[str] | None
+):
+    async with ZitiManagementAPI(settings) as mgmt_api, ZitiClientAPI(settings) as client_api:
+        return await register_instance(
+            mgmt_api, client_api, extension_id, instance_id, tags=parse_tags(tags)
+        )
+
+
+def validate_extension_id(extension_id: str):
+    if not RE_EXTENSION_ID.fullmatch(extension_id):
+        raise typer.BadParameter("ext_id must match EXT-xxxx-yyyy (case-insensitive)")
+    return extension_id
+
+
+def register(app: typer.Typer) -> None:
+    @app.command("instance")
+    def register_instance(
+        ctx: typer.Context,
+        extension_id: str = typer.Argument(
+            ..., callback=validate_extension_id, help="Extension ID in format EXT-xxxx-yyyy"
+        ),
+        instance_id: str = typer.Argument(..., help="Instance ID"),
+        output: Path = typer.Argument(
+            ...,
+            file_okay=True,
+            dir_okay=False,
+            writable=True,
+            resolve_path=True,
+            help="Output file (default: stdout)",
+        ),
+        tags: Annotated[
+            list[str] | None,
+            typer.Option(
+                "--tag",
+                "-t",
+                help="Add tag",
+                show_default=True,
+            ),
+        ] = None,
+    ):
+        """Register a new Extension Instance in OpenZiti (identity)."""
+        _, identity_file = asyncio.run(do_register(ctx.obj, extension_id, instance_id, tags))
+        json.dump(identity_file, output.open("w"))

mrok/cli/commands/admin/unregister/__init__.py

@@ -0,0 +1,8 @@
+import typer
+
+from mrok.cli.commands.admin.unregister import extensions, instances
+
+app = typer.Typer(name="unregister", help="Unregister resources from OpenZiti.")
+
+extensions.register(app)
+instances.register(app)

mrok/cli/commands/admin/unregister/extensions.py

@@ -0,0 +1,33 @@
+import asyncio
+import re
+
+import typer
+
+from mrok.conf import Settings
+from mrok.ziti.api import ZitiManagementAPI
+from mrok.ziti.services import unregister_extension
+
+RE_EXTENSION_ID = re.compile(r"(?i)EXT-\d{4}-\d{4}")
+
+
+async def do_unregister(settings: Settings, extension_id: str):
+    async with ZitiManagementAPI(settings) as api:
+        await unregister_extension(settings, api, extension_id)
+
+
+def validate_extension_id(extension_id: str):
+    if not RE_EXTENSION_ID.fullmatch(extension_id):
+        raise typer.BadParameter("ext_id must match EXT-xxxx-yyyy (case-insensitive)")
+    return extension_id
+
+
+def register(app: typer.Typer) -> None:
+    @app.command("extension")
+    def unregister_extension(
+        ctx: typer.Context,
+        extension_id: str = typer.Argument(
+            ..., callback=validate_extension_id, help="Extension ID in format EXT-xxxx-yyyy"
+        ),
+    ):
+        """Unregister a new Extension in OpenZiti (service)."""
+        asyncio.run(do_unregister(ctx.obj, extension_id))