mrok 0.1.6__py3-none-any.whl → 0.1.8__py3-none-any.whl

mrok/controller/openapi/__init__.py

@@ -0,0 +1,3 @@
+from mrok.controller.openapi.utils import generate_openapi_spec
+
+__all__ = ["generate_openapi_spec"]

mrok/controller/openapi/examples.py

@@ -0,0 +1,44 @@
+from mrok.ziti.constants import MROK_SERVICE_TAG_NAME, MROK_VERSION_TAG_NAME
+
+EXTENSION_RESPONSE = {
+    "id": "5Jm3PpLQ4mdzqXNRszhE0G",
+    "name": "ext-1234-5678",
+    "extension": {"id": "EXT-1234-5678"},
+    "tags": {"account": "ACC-5555-3333", MROK_VERSION_TAG_NAME: "1.0"},
+}
+
+
+INSTANCE_RESPONSE = {
+    "id": "h.KUkPOyZ4",
+    "name": "ins-1234-5678-0001.ext-1234-5678",
+    "extension": {"id": "EXT-1234-5678"},
+    "instance": {"id": "INS-1234-5678-0001"},
+    "tags": {
+        "account": "ACC-5555-3333",
+        MROK_VERSION_TAG_NAME: "1.0",
+        MROK_SERVICE_TAG_NAME: "ext-1234-5678",
+    },
+}
+
+INSTANCE_CREATE_RESPONSE = {
+    "id": "h.KUkPOyZ4",
+    "name": "ins-1234-5678-0001.ext-1234-5678",
+    "extension": {"id": "EXT-1234-5678"},
+    "instance": {"id": "INS-1234-5678-0001"},
+    "identity": {
+        "ztAPI": "https://ziti.exts.platform.softwareone.com/edge/client/v1",
+        "ztAPIs": None,
+        "configTypes": None,
+        "id": {
+            "key": "pem:-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n",
+            "cert": "pem:-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----\n",
+            "ca": "pem:-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----\n",
+        },
+        "enableHa": None,
+    },
+    "tags": {
+        "account": "ACC-5555-3333",
+        MROK_VERSION_TAG_NAME: "1.0",
+        MROK_SERVICE_TAG_NAME: "ext-1234-5678",
+    },
+}

mrok/controller/openapi/utils.py

@@ -0,0 +1,35 @@
+from fastapi import FastAPI
+from fastapi.openapi.utils import get_openapi
+
+from mrok.conf import Settings
+
+
+def generate_openapi_spec(app: FastAPI, settings: Settings):
+    if app.openapi_schema:  # pragma: no cover
+        return app.openapi_schema
+
+    # for api_route in app.routes:
+    #     if isinstance(api_route, APIRoute):
+    #         for dep in api_route.dependant.dependencies:
+    #             if dep.call and isinstance(dep.call, RQLQuery):
+    #                 api_route.description = (
+    #                     f"{api_route.description}\n\n"
+    #                     "## Available RQL filters\n\n"
+    #                     f"{dep.call.rules.get_documentation()}"
+    #                 )
+
+    spec = get_openapi(
+        title=app.title,
+        version=app.version,
+        openapi_version=app.openapi_version,
+        description=app.description,
+        tags=app.openapi_tags,
+        routes=app.routes,
+    )
+    # spec = inject_code_samples(
+    #     spec,
+    #     SnippetRenderer(),
+    #     settings.api_base_url,
+    # )
+    app.openapi_schema = spec
+    return app.openapi_schema

mrok/controller/pagination.py

@@ -0,0 +1,79 @@
+from __future__ import annotations
+
+from collections.abc import Sequence
+from typing import Any
+
+from fastapi import Query
+from fastapi_pagination import create_page, resolve_params
+from fastapi_pagination.bases import AbstractPage, AbstractParams, RawParams
+from pydantic import BaseModel, Field
+
+from mrok.controller.schemas import BaseSchema
+from mrok.ziti.api import BaseZitiAPI
+
+
+class MetaPagination(BaseModel):
+    limit: int
+    offset: int
+    total: int
+
+
+class Meta(BaseModel):
+    pagination: MetaPagination
+
+
+class LimitOffsetParams(BaseModel, AbstractParams):
+    limit: int = Query(50, ge=0, le=1000, description="Page size limit")
+    offset: int = Query(0, ge=0, description="Page offset")
+
+    def to_raw_params(self) -> RawParams:
+        return RawParams(  # pragma: no cover
+            limit=self.limit,
+            offset=self.offset,
+        )
+
+
+class LimitOffsetPage[S: BaseSchema](AbstractPage[S]):
+    data: list[S]
+    meta: Meta = Field(alias="$meta")
+
+    __params_type__ = LimitOffsetParams  # type: ignore
+
+    @classmethod
+    def create(
+        cls,
+        items: Sequence[S],
+        params: AbstractParams,
+        *,
+        total: int | None = None,
+        **kwargs: Any,
+    ) -> LimitOffsetPage[S]:
+        if not isinstance(params, LimitOffsetParams):  # pragma: no cover
+            raise TypeError("params must be of type LimitOffsetParams")
+        return cls(  # type: ignore
+            data=items,
+            meta=Meta(
+                pagination=MetaPagination(
+                    limit=params.limit,
+                    offset=params.offset,
+                    total=total,
+                )
+            ),
+        )
+
+
+async def paginate[S: BaseSchema](
+    api: BaseZitiAPI,
+    endpoint: str,
+    schema_cls: type[S],
+    extra_params: dict | None = None,
+) -> AbstractPage[S]:
+    params: LimitOffsetParams = resolve_params()
+    page = await api.get_page(endpoint, params.limit, params.offset, extra_params)
+    pagination_meta = page["meta"]["pagination"]
+    total = pagination_meta["totalCount"]
+    return create_page(
+        [schema_cls(**item) for item in page["data"]],
+        params=params,
+        total=total,
+    )

mrok/controller/routes.py

@@ -0,0 +1,294 @@
+import logging
+from typing import Annotated
+
+from fastapi import APIRouter, Body, HTTPException, status
+
+from mrok.controller.dependencies import AppSettings, ZitiClientAPI, ZitiManagementAPI
+from mrok.controller.openapi import examples
+from mrok.controller.pagination import LimitOffsetPage, paginate
+from mrok.controller.schemas import ExtensionCreate, ExtensionRead, InstanceCreate, InstanceRead
+from mrok.ziti.constants import MROK_SERVICE_TAG_NAME
+from mrok.ziti.errors import (
+    ConfigTypeNotFoundError,
+    ProxyIdentityNotFoundError,
+    ServiceAlreadyRegisteredError,
+    ServiceNotFoundError,
+)
+from mrok.ziti.identities import register_instance, unregister_instance
+from mrok.ziti.services import register_extension, unregister_extension
+
+logger = logging.getLogger("mrok.controller")
+
+router = APIRouter()
+
+
+async def fetch_extension_or_404(mgmt_api: ZitiManagementAPI, id_or_extension_id: str):
+    service = await mgmt_api.search_service(id_or_extension_id)
+    if not service:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+        )
+    return service
+
+
+async def fetch_instance_or_404(
+    mgmt_api: ZitiManagementAPI, id_or_extension_id: str, id_or_instance_id: str
+):
+    service = await fetch_extension_or_404(mgmt_api, id_or_extension_id)
+    if id_or_instance_id.startswith("INS-"):
+        id_or_name = f"{id_or_instance_id}.{service['name']}"
+    else:
+        id_or_name = id_or_instance_id
+    identity = await mgmt_api.search_identity(id_or_name)
+    if not identity:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+        )
+    return identity
+
+
+@router.post(
+    "",
+    response_model=ExtensionRead,
+    responses={
+        201: {
+            "description": "Extension",
+            "content": {
+                "application/json": {
+                    "example": examples.EXTENSION_RESPONSE,
+                }
+            },
+        },
+    },
+    status_code=status.HTTP_201_CREATED,
+    tags=["Extensions"],
+)
+async def create_extension(
+    settings: AppSettings,
+    mgmt_api: ZitiManagementAPI,
+    data: Annotated[
+        ExtensionCreate,
+        Body(
+            openapi_examples={
+                "create_extension": {
+                    "summary": "Create an Extension",
+                    "description": ("Create a new Extension."),
+                    "value": {
+                        "extension": {"id": "EXT-1234-5678"},
+                        "tags": {"account": "ACC-5555-3333"},
+                    },
+                }
+            }
+        ),
+    ],
+):
+    try:
+        service = await register_extension(settings, mgmt_api, data.extension.id, data.tags)
+        return ExtensionRead(
+            id=service["id"],
+            name=service["name"],
+            tags=service["tags"],
+        )
+    except (ProxyIdentityNotFoundError, ConfigTypeNotFoundError) as e:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=f"OpenZiti not configured properly: {e}",
+        ) from e
+    except ServiceAlreadyRegisteredError as e:
+        raise HTTPException(
+            status_code=status.HTTP_400_BAD_REQUEST,
+            detail=str(e),
+        ) from e
+
+
+@router.get(
+    "/{id_or_extension_id}",
+    response_model=ExtensionRead,
+    responses={
+        200: {
+            "description": "Extension",
+            "content": {"application/json": {"example": examples.EXTENSION_RESPONSE}},
+        },
+    },
+    dependencies=[],
+    tags=["Extensions"],
+)
+async def get_extension_by_id_or_extension_id(
+    mgmt_api: ZitiManagementAPI,
+    id_or_extension_id: str,
+):
+    return ExtensionRead(**(await fetch_extension_or_404(mgmt_api, id_or_extension_id)))
+
+
+@router.delete(
+    "/{id_or_extension_id}",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=["Extensions"],
+)
+async def delete_instance_by_id_or_extension_id(
+    settings: AppSettings,
+    mgmt_api: ZitiManagementAPI,
+    id_or_extension_id: str,
+):
+    try:
+        await unregister_extension(settings, mgmt_api, id_or_extension_id)
+    except ServiceNotFoundError:
+        raise HTTPException(
+            status_code=status.HTTP_404_NOT_FOUND,
+        )
+
+
+@router.get(
+    "",
+    response_model=LimitOffsetPage[ExtensionRead],
+    responses={
+        200: {
+            "description": "List of Extensions",
+            "content": {
+                "application/json": {
+                    "example": {
+                        "data": [examples.EXTENSION_RESPONSE],
+                        "$meta": {
+                            "pagination": {
+                                "total": 1,
+                                "limit": 10,
+                                "offset": 0,
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+    tags=["Extensions"],
+)
+async def get_extensions(
+    mgmt_api: ZitiManagementAPI,
+):
+    return await paginate(mgmt_api, "/services", ExtensionRead)
+
+
+@router.post(
+    "/{id_or_extension_id}/instances",
+    response_model=InstanceRead,
+    responses={
+        201: {
+            "description": "Instance",
+            "content": {
+                "application/json": {
+                    "example": examples.INSTANCE_CREATE_RESPONSE,
+                }
+            },
+        },
+    },
+    status_code=status.HTTP_201_CREATED,
+    tags=["Instances"],
+)
+async def create_extension_instances(
+    mgmt_api: ZitiManagementAPI,
+    client_api: ZitiClientAPI,
+    id_or_extension_id: str,
+    data: Annotated[
+        InstanceCreate,
+        Body(
+            openapi_examples={
+                "create_extension": {
+                    "summary": "Create an Extension Instance",
+                    "description": ("Create a new Instance of an Extension."),
+                    "value": {
+                        "instance": {"id": "INS-1234-5678-0001"},
+                        "tags": {"account": "ACC-5555-3333"},
+                    },
+                }
+            }
+        ),
+    ],
+):
+    service = await fetch_extension_or_404(mgmt_api, id_or_extension_id)
+    identity, identity_file = await register_instance(
+        mgmt_api, client_api, service["name"], data.instance.id, data.tags
+    )
+    return InstanceRead(
+        id=identity["id"],
+        name=identity["name"],
+        identity=identity_file,
+        tags=identity["tags"],
+    )
+
+
+@router.get(
+    "/{id_or_extension_id}/instances",
+    response_model=LimitOffsetPage[InstanceRead],
+    responses={
+        200: {
+            "description": "List of Instances.",
+            "content": {
+                "application/json": {
+                    "example": {
+                        "data": [examples.INSTANCE_RESPONSE],
+                        "$meta": {
+                            "pagination": {
+                                "total": 1,
+                                "limit": 10,
+                                "offset": 0,
+                            },
+                        },
+                    },
+                },
+            },
+        },
+    },
+    dependencies=[],
+    tags=["Instances"],
+)
+async def list_extension_instances(
+    mgmt_api: ZitiManagementAPI,
+    id_or_extension_id: str,
+):
+    service = await fetch_extension_or_404(mgmt_api, id_or_extension_id)
+    return await paginate(
+        mgmt_api,
+        "/identities",
+        InstanceRead,
+        {"filter": f'tags.{MROK_SERVICE_TAG_NAME} = "{service["name"]}"'},
+    )
+
+
+@router.get(
+    "/{id_or_extension_id}/instances/{id_or_instance_id}",
+    response_model=InstanceRead,
+    responses={
+        200: {
+            "description": "Instance",
+            "content": {"application/json": {"example": examples.INSTANCE_RESPONSE}},
+        },
+    },
+    dependencies=[],
+    tags=["Instances"],
+)
+async def get_instance_by_id_or_instance_id(
+    mgmt_api: ZitiManagementAPI,
+    id_or_extension_id: str,
+    id_or_instance_id: str,
+):
+    identity = await fetch_instance_or_404(mgmt_api, id_or_extension_id, id_or_instance_id)
+    return InstanceRead(
+        id=identity["id"],
+        name=identity["name"],
+        tags=identity["tags"],
+    )
+
+
+@router.delete(
+    "/{id_or_extension_id}/instances/{id_or_instance_id}",
+    status_code=status.HTTP_204_NO_CONTENT,
+    tags=["Instances"],
+)
+async def delete_instance_by_id_or_instance_id(
+    mgmt_api: ZitiManagementAPI,
+    id_or_extension_id: str,
+    id_or_instance_id: str,
+):
+    identity = await fetch_instance_or_404(mgmt_api, id_or_extension_id, id_or_instance_id)
+    instance_id, extension_id = identity["name"].split(".")
+    await unregister_instance(mgmt_api, extension_id, instance_id)

mrok/controller/schemas.py

@@ -0,0 +1,67 @@
+from typing import Annotated, Any
+
+from pydantic import (
+    BaseModel,
+    ConfigDict,
+    Field,
+    computed_field,
+)
+
+from mrok.ziti.api import TagsType
+
+
+class BaseSchema(BaseModel):
+    model_config = ConfigDict(from_attributes=True, extra="ignore")
+    tags: TagsType | None = None
+
+
+class IdSchema(BaseModel):
+    id: str
+
+
+class ExtensionIdSchema(BaseModel):
+    id: Annotated[str, Field(pattern=r"EXT-\d{4}-\d{4}")]
+
+
+# For instance
+class InstanceIdSchema(BaseModel):
+    id: Annotated[str, Field(pattern=r"INS-\d{4}-\d{4}-\d{4}")]
+
+
+class ExtensionBase(BaseSchema):
+    extension: ExtensionIdSchema
+
+
+class ExtensionRead(BaseSchema, IdSchema):
+    name: str
+
+    @computed_field
+    def extension(self) -> dict:
+        return {"id": self.name.upper()}
+
+
+class ExtensionCreate(ExtensionBase):
+    pass
+
+
+class InstanceBase(BaseSchema):
+    instance: InstanceIdSchema
+
+
+class InstanceRead(BaseSchema, IdSchema):
+    name: str
+    identity: dict[str, Any] | None = None
+
+    @computed_field
+    def instance(self) -> dict:
+        instance_id, _ = self.name.split(".", 1)
+        return {"id": instance_id.upper()}
+
+    @computed_field
+    def extension(self) -> dict:
+        _, extension_id = self.name.split(".", 1)
+        return {"id": extension_id.upper()}
+
+
+class InstanceCreate(InstanceBase):
+    pass

mrok/errors.py

@@ -0,0 +1,2 @@
+class MrokError(Exception):
+    pass

mrok/http/config.py

@@ -0,0 +1,65 @@
+import json
+import logging
+import socket
+from collections.abc import Callable
+from pathlib import Path
+from typing import Any
+
+import openziti
+from uvicorn import config
+
+from mrok.conf import get_settings
+from mrok.http.protocol import MrokHttpToolsProtocol
+from mrok.logging import setup_logging
+
+logger = logging.getLogger("mrok.proxy")
+
+config.LIFESPAN["auto"] = "mrok.http.lifespan:MrokLifespan"
+
+ASGIApplication = config.ASGIApplication
+
+
+class MrokBackendConfig(config.Config):
+    def __init__(
+        self,
+        app: ASGIApplication | Callable[..., Any] | str,
+        identity_file: str | Path,
+        ziti_load_timeout_ms: int = 5000,
+        backlog: int = 2048,
+    ):
+        self.identity_file = identity_file
+        self.ziti_load_timeout_ms = ziti_load_timeout_ms
+        self.service_name, self.identity_name, self.instance_id = self.get_identity_info(
+            identity_file
+        )
+        super().__init__(
+            app,
+            loop="asyncio",
+            http=MrokHttpToolsProtocol,
+            backlog=backlog,
+        )
+
+    def get_identity_info(self, identity_file: str | Path):
+        with open(identity_file) as f:
+            identity_data = json.load(f)
+            try:
+                identity_name = identity_data["mrok"]["identity"]
+                instance_id, service_name = identity_name.split(".", 1)
+                return service_name, identity_name, instance_id
+            except KeyError:
+                raise ValueError("Invalid identity file: identity file is not mrok compatible.")
+
+    def bind_socket(self) -> socket.socket:
+        logger.info(f"Connect to Ziti service '{self.service_name} ({self.instance_id})'")
+
+        ctx, err = openziti.load(str(self.identity_file), timeout=self.ziti_load_timeout_ms)
+        if err != 0:
+            raise RuntimeError(f"Failed to load Ziti identity from {self.identity_file}: {err}")
+
+        sock = ctx.bind(self.service_name)
+        sock.listen(self.backlog)
+        logger.info(f"listening on ziti service {self.service_name} for connections")
+        return sock
+
+    def configure_logging(self) -> None:
+        setup_logging(get_settings())