mrok 0.5.0__py3-none-any.whl → 0.7.0__py3-none-any.whl

mrok/proxy/ziticorn.py

@@ -0,0 +1,76 @@
+import logging
+import socket
+from collections.abc import Callable
+from pathlib import Path
+from typing import Any
+
+import openziti
+from uvicorn import config, server
+from uvicorn.lifespan.on import LifespanOn
+from uvicorn.protocols.http.httptools_impl import HttpToolsProtocol as UvHttpToolsProtocol
+
+from mrok.proxy.models import Identity
+from mrok.types.proxy import ASGIApp
+
+logger = logging.getLogger("mrok.proxy")
+
+config.LIFESPAN["auto"] = "mrok.proxy.ziticorn:Lifespan"
+
+
+class Lifespan(LifespanOn):
+    def __init__(self, lf_config: config.Config) -> None:
+        super().__init__(lf_config)
+        self.logger = logging.getLogger("mrok.proxy")
+
+
+class HttpToolsProtocol(UvHttpToolsProtocol):
+    def __init__(self, *args, **kwargs):
+        super().__init__(*args, **kwargs)
+        self.logger = logging.getLogger("mrok.proxy")
+        self.access_logger = logging.getLogger("mrok.access")
+        self.access_log = self.access_logger.hasHandlers()
+
+
+class Server(server.Server):
+    async def serve(self, sockets: list[socket.socket] | None = None) -> None:
+        if not sockets:
+            sockets = [self.config.bind_socket()]
+        with self.capture_signals():
+            await self._serve(sockets)
+
+
+class BackendConfig(config.Config):
+    def __init__(
+        self,
+        app: ASGIApp | Callable[..., Any] | str,
+        identity_file: str | Path,
+        ziti_load_timeout_ms: int = 5000,
+        backlog: int = 2048,
+    ):
+        self.identity_file = identity_file
+        self.identity = Identity.load_from_file(self.identity_file)
+        self.ziti_load_timeout_ms = ziti_load_timeout_ms
+        super().__init__(
+            app,
+            loop="asyncio",
+            http=HttpToolsProtocol,
+            backlog=backlog,
+        )
+
+    def bind_socket(self) -> socket.socket:
+        logger.info(
+            "Connect to Ziti service "
+            f"'{self.identity.mrok.extension} ({self.identity.mrok.instance})'"
+        )
+
+        ctx, err = openziti.load(str(self.identity_file), timeout=self.ziti_load_timeout_ms)
+        if err != 0:
+            raise RuntimeError(f"Failed to load Ziti identity from {self.identity_file}: {err}")
+
+        sock = ctx.bind(self.identity.mrok.extension)
+        sock.listen(self.backlog)
+        logger.info(f"listening on ziti service {self.identity.mrok.extension} for connections")
+        return sock
+
+    def configure_logging(self) -> None:
+        return

mrok/{proxy/types.py → types/proxy.py}

@@ -1,9 +1,10 @@
 from __future__ import annotations
 
-from collections.abc import Awaitable, Callable, Coroutine, MutableMapping
+from collections.abc import Awaitable, Callable, Coroutine, Mapping, MutableMapping
+from contextlib import AbstractAsyncContextManager
 from typing import Any, Never
 
-from mrok.proxy.datastructures import HTTPResponse
+from mrok.proxy.models import HTTPResponse
 
 Scope = MutableMapping[str, Any]
 Message = MutableMapping[str, Any]
@@ -11,5 +12,9 @@ Message = MutableMapping[str, Any]
 ASGIReceive = Callable[[], Awaitable[Message]]
 ASGISend = Callable[[Message], Awaitable[None]]
 ASGIApp = Callable[[Scope, ASGIReceive, ASGISend], Awaitable[None]]
+StatelessLifespan = Callable[[ASGIApp], AbstractAsyncContextManager[None]]
+StatefulLifespan = Callable[[ASGIApp], AbstractAsyncContextManager[Mapping[str, Any]]]
+Lifespan = StatelessLifespan | StatefulLifespan
+
 LifespanCallback = Callable[[], Awaitable[None]]
 ResponseCompleteCallback = Callable[[HTTPResponse], Coroutine[Any, Any, Never]]

mrok/types/ziti.py

@@ -0,0 +1 @@
+Tags = dict[str, str | bool | None]

mrok/ziti/api.py

@@ -11,12 +11,11 @@ from typing import Any, Literal
 import httpx
 
 from mrok.conf import Settings
+from mrok.types.ziti import Tags
 from mrok.ziti.constants import MROK_VERSION_TAG, MROK_VERSION_TAG_NAME
 
 logger = logging.getLogger(__name__)
 
-TagsType = dict[str, str | bool | None]
-
 
 class ZitiAPIError(Exception):
     pass
@@ -63,14 +62,14 @@ class BaseZitiAPI(ABC):
             auth=self.auth,
             verify=self.settings.ziti.ssl_verify,
             timeout=httpx.Timeout(
-                connect=0.25,
+                connect=self.settings.ziti.connect_timeout,
                 read=self.settings.ziti.read_timeout,
                 write=2.0,
                 pool=5.0,
             ),
         )
 
-    async def create(self, endpoint: str, payload: dict[str, Any], tags: TagsType | None) -> str:
+    async def create(self, endpoint: str, payload: dict[str, Any], tags: Tags | None) -> str:
         payload["tags"] = self._merge_tags(tags)
         response: httpx.Response = await self.httpx_client.post(
             endpoint,
@@ -156,8 +155,8 @@ class BaseZitiAPI(ABC):
     ) -> None:
         return await self.httpx_client.__aexit__(exc_type, exc_val, exc_tb)
 
-    def _merge_tags(self, tags: TagsType | None) -> TagsType:
-        prepared_tags: TagsType = tags or {}
+    def _merge_tags(self, tags: Tags | None) -> Tags:
+        prepared_tags: Tags = tags or {}
         prepared_tags.update(MROK_VERSION_TAG)
         return prepared_tags
 
@@ -281,9 +280,7 @@ class ZitiManagementAPI(BaseZitiAPI):
     async def search_config(self, id_or_name) -> dict[str, Any] | None:
         return await self.search_by_id_or_name("/configs", id_or_name)
 
-    async def create_config(
-        self, name: str, config_type_id: str, tags: TagsType | None = None
-    ) -> str:
+    async def create_config(self, name: str, config_type_id: str, tags: Tags | None = None) -> str:
         return await self.create(
             "/configs",
             {
@@ -302,7 +299,7 @@ class ZitiManagementAPI(BaseZitiAPI):
     async def delete_config(self, config_id: str) -> None:
         return await self.delete("/configs", config_id)
 
-    async def create_config_type(self, name: str, tags: TagsType | None = None) -> str:
+    async def create_config_type(self, name: str, tags: Tags | None = None) -> str:
         return await self.create(
             "/config-types",
             {
@@ -316,7 +313,7 @@ class ZitiManagementAPI(BaseZitiAPI):
         self,
         name: str,
         config_id: str,
-        tags: TagsType | None = None,
+        tags: Tags | None = None,
     ) -> str:
         return await self.create(
             "/services",
@@ -332,7 +329,7 @@ class ZitiManagementAPI(BaseZitiAPI):
         self,
         name: str,
         service_id: str,
-        tags: TagsType | None = None,
+        tags: Tags | None = None,
     ) -> str:
         return await self.create(
             "/service-edge-router-policies",
@@ -351,7 +348,7 @@ class ZitiManagementAPI(BaseZitiAPI):
         self,
         name: str,
         identity_id: str,
-        tags: TagsType | None = None,
+        tags: Tags | None = None,
     ) -> str:
         return await self.create(
             "/edge-router-policies",
@@ -385,10 +382,10 @@ class ZitiManagementAPI(BaseZitiAPI):
     async def delete_service(self, service_id: str) -> None:
         return await self.delete("/services", service_id)
 
-    async def create_user_identity(self, name: str, tags: TagsType | None = None) -> str:
+    async def create_user_identity(self, name: str, tags: Tags | None = None) -> str:
         return await self._create_identity(name, "User", tags=tags)
 
-    async def create_device_identity(self, name: str, tags: TagsType | None = None) -> str:
+    async def create_device_identity(self, name: str, tags: Tags | None = None) -> str:
         return await self._create_identity(name, "Device", tags=tags)
 
     async def search_identity(self, id_or_name: str) -> dict[str, Any] | None:
@@ -412,12 +409,12 @@ class ZitiManagementAPI(BaseZitiAPI):
         return response.text
 
     async def create_dial_service_policy(
-        self, name: str, service_id: str, identity_id: str, tags: TagsType | None = None
+        self, name: str, service_id: str, identity_id: str, tags: Tags | None = None
     ) -> str:
         return await self._create_service_policy("Dial", name, service_id, identity_id, tags)
 
     async def create_bind_service_policy(
-        self, name: str, service_id: str, identity_id: str, tags: TagsType | None = None
+        self, name: str, service_id: str, identity_id: str, tags: Tags | None = None
     ) -> str:
         return await self._create_service_policy("Bind", name, service_id, identity_id, tags)
 
@@ -433,7 +430,7 @@ class ZitiManagementAPI(BaseZitiAPI):
         name: str,
         service_id: str,
         identity_id: str,
-        tags: TagsType | None = None,
+        tags: Tags | None = None,
     ) -> str:
         return await self.create(
             "/service-policies",
@@ -451,7 +448,7 @@ class ZitiManagementAPI(BaseZitiAPI):
         self,
         name: str,
         type: Literal["User", "Device", "Default"],
-        tags: TagsType | None = None,
+        tags: Tags | None = None,
     ) -> str:
         return await self.create(
             "/identities",

mrok/ziti/bootstrap.py

@@ -1,7 +1,8 @@
 import logging
 from typing import Any
 
-from mrok.ziti.api import TagsType, ZitiClientAPI, ZitiManagementAPI
+from mrok.types.ziti import Tags
+from mrok.ziti.api import ZitiClientAPI, ZitiManagementAPI
 from mrok.ziti.identities import enroll_proxy_identity
 
 logger = logging.getLogger(__name__)
@@ -13,7 +14,7 @@ async def bootstrap_identity(
     identity_name: str,
     mode: str,
     forced: bool,
-    tags: TagsType | None,
+    tags: Tags | None,
 ) -> tuple[str, dict[str, Any] | None]:
     logger.info(f"Bootstrapping '{identity_name}' identity...")
 
@@ -35,11 +36,6 @@ async def bootstrap_identity(
         logger.info("Deleted existing identity")
         existing_identity = None
 
-    if forced and config_type:
-        await mgmt_api.delete_config_type(config_type["id"])
-        logger.info(f"Deleted existing config type '{config_type_name}' ({config_type['id']})")
-        config_type = None
-
     if existing_identity:
         frontend_id = existing_identity["id"]
         logger.info(f"Identity '{identity_name}' ({frontend_id}) is already enrolled")

mrok/ziti/identities.py

@@ -5,8 +5,9 @@ from typing import Any
 import jwt
 
 from mrok.conf import Settings
+from mrok.types.ziti import Tags
 from mrok.ziti import pki
-from mrok.ziti.api import TagsType, ZitiClientAPI, ZitiManagementAPI
+from mrok.ziti.api import ZitiClientAPI, ZitiManagementAPI
 from mrok.ziti.constants import (
     MROK_IDENTITY_TYPE_TAG_NAME,
     MROK_IDENTITY_TYPE_TAG_VALUE_INSTANCE,
@@ -29,7 +30,7 @@ async def register_identity(
     client_api: ZitiClientAPI,
     service_external_id: str,
     identity_external_id: str,
-    tags: TagsType | None = None,
+    tags: Tags | None = None,
 ):
     service_name = service_external_id.lower()
     identity_tags = copy.copy(tags or {})
@@ -39,8 +40,9 @@ async def register_identity(
     if not service:
         raise ServiceNotFoundError(f"A service with name `{service_external_id}` does not exists.")
 
-    identity_name = f"{identity_external_id.lower()}.{service_name}"
-    service_policy_name = f"{identity_name}:bind"
+    identity_name = identity_external_id.lower()
+    router_policy_name = f"{identity_external_id.lower()}.{service_name}"
+    service_policy_name = f"{identity_external_id.lower()}.{service_name}:bind"
     self_service_policy_name = f"self.{service_policy_name}"
 
     identity = await mgmt_api.search_identity(identity_name)
@@ -51,7 +53,7 @@ async def register_identity(
         service_policy = await mgmt_api.search_service_policy(self_service_policy_name)
         if service_policy:
             await mgmt_api.delete_service_policy(service_policy["id"])
-        router_policy = await mgmt_api.search_router_policy(identity_name)
+        router_policy = await mgmt_api.search_router_policy(router_policy_name)
         if router_policy:
             await mgmt_api.delete_router_policy(router_policy["id"])
         await mgmt_api.delete_identity(identity["id"])
@@ -65,9 +67,8 @@ async def register_identity(
         identity_id,
         identity,
         mrok={
-            "identity": identity_name,
-            "extension": service_external_id,
-            "instance": identity_external_id,
+            "extension": service_name,
+            "instance": identity_name,
             "domain": settings.proxy.domain,
             "tags": identity_tags,
         },
@@ -83,7 +84,7 @@ async def register_identity(
         self_service["id"],
         identity_id,
     )
-    await mgmt_api.create_router_policy(identity_name, identity_id)
+    await mgmt_api.create_router_policy(router_policy_name, identity_id)
 
     return identity, identity_json
 
@@ -99,8 +100,9 @@ async def unregister_identity(
     if not service:
         raise ServiceNotFoundError(f"A service with name `{service_external_id}` does not exists.")
 
-    identity_name = f"{identity_external_id.lower()}.{service_name}"
-    service_policy_name = f"{identity_name}:bind"
+    identity_name = identity_external_id.lower()
+    router_policy_name = f"{identity_external_id.lower()}.{service_name}"
+    service_policy_name = f"{identity_external_id.lower()}.{service_name}:bind"
 
     identity = await mgmt_api.search_identity(identity_name)
     if not identity:
@@ -119,7 +121,7 @@ async def unregister_identity(
     service_policy = await mgmt_api.search_service_policy(service_policy_name)
     if service_policy:
         await mgmt_api.delete_service_policy(service_policy["id"])
-    router_policy = await mgmt_api.search_router_policy(identity_name)
+    router_policy = await mgmt_api.search_router_policy(router_policy_name)
     if router_policy:
         await mgmt_api.delete_router_policy(router_policy["id"])
     await mgmt_api.delete_identity(identity["id"])
@@ -129,7 +131,7 @@ async def enroll_proxy_identity(
     mgmt_api: ZitiManagementAPI,
     client_api: ZitiClientAPI,
     identity_name: str,
-    tags: TagsType | None = None,
+    tags: Tags | None = None,
 ):
     identity = await mgmt_api.search_identity(identity_name)
     if identity:

mrok/ziti/services.py

@@ -2,7 +2,8 @@ import logging
 from typing import Any
 
 from mrok.conf import Settings
-from mrok.ziti.api import TagsType, ZitiManagementAPI
+from mrok.types.ziti import Tags
+from mrok.ziti.api import ZitiManagementAPI
 from mrok.ziti.errors import (
     ConfigTypeNotFoundError,
     ProxyIdentityNotFoundError,
@@ -14,7 +15,7 @@ logger = logging.getLogger(__name__)
 
 
 async def register_service(
-    settings: Settings, mgmt_api: ZitiManagementAPI, external_id: str, tags: TagsType | None
+    settings: Settings, mgmt_api: ZitiManagementAPI, external_id: str, tags: Tags | None
 ) -> dict[str, Any]:
     service_name = external_id.lower()
     registered = False

{mrok-0.5.0.dist-info → mrok-0.7.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mrok
-Version: 0.5.0
+Version: 0.7.0
 Summary: MPT Extensions OpenZiti Orchestrator
 Author: SoftwareOne AG
 License:                                  Apache License
@@ -214,6 +214,7 @@ Requires-Dist: fastapi[standard]<0.120.0,>=0.119.0
 Requires-Dist: gunicorn<24.0.0,>=23.0.0
 Requires-Dist: hdrhistogram<0.11.0,>=0.10.3
 Requires-Dist: httpcore<2.0.0,>=1.0.9
+Requires-Dist: multipart<2.0.0,>=1.3.0
 Requires-Dist: openziti<2.0.0,>=1.3.1
 Requires-Dist: psutil<8.0.0,>=7.1.3
 Requires-Dist: pydantic<3.0.0,>=2.11.7
@@ -223,7 +224,7 @@ Requires-Dist: pyyaml<7.0.0,>=6.0.2
 Requires-Dist: pyzmq<28.0.0,>=27.1.0
 Requires-Dist: rich<15.0.0,>=14.1.0
 Requires-Dist: textual-serve<2.0.0,>=1.1.3
-Requires-Dist: textual<7.0.0,>=6.5.0
+Requires-Dist: textual[syntax]<8.0.0,>=7.2.0
 Requires-Dist: typer<0.20.0,>=0.19.2
 Requires-Dist: uvicorn-worker<0.5.0,>=0.4.0
 Description-Content-Type: text/markdown
@@ -240,6 +241,7 @@ It uses the [OpenZiti](https://openziti.io) zero-trust network overlay to create
 - **Agent** – Runs alongside an extension in two modes:
   - *Sidecar mode*: proxies traffic between the Ziti network and a local TCP or Unix socket.
   - *Embeddable mode*: integrates with ASGI servers (e.g. Uvicorn) to serve a Python application directly.
+- **Frontend** - Proxies internet request to a specific extension through the OpenZiti network.
 - **CLI** – A command-line tool for administrative tasks and for running the agent in either mode.
 
 ## Key Features
@@ -247,5 +249,9 @@ It uses the [OpenZiti](https://openziti.io) zero-trust network overlay to create
 - Zero-trust networking with automatic balancing across Extension instances.
 - Simple API and CLI for managing services and identities.
 
+## Development
+The included docker compose starts a local Ziti Network (controller + router) and mrok (controller and frontend).
+
+
 ## License
 [Apache 2.0](LICENSE)

{mrok-0.5.0.dist-info → mrok-0.7.0.dist-info}/RECORD

@@ -1,27 +1,27 @@
 mrok/__init__.py,sha256=D1PUs3KtMCqG4bFLceVNG62L3RN53NS95uSCNXpgvzs,181
 mrok/conf.py,sha256=_5Z-A5LyojQeY8J7W8C0QidsmrPl99r9qKYEoMf4kcI,840
-mrok/constants.py,sha256=UTGYqs3DgEd_SN-k0JK10ekmHVWQaaARtdh1Y-0JG_s,122
+mrok/constants.py,sha256=QXaMw4LuHijj_TUTCsM5uUjpgT04HBvd0wRbjvn1z9A,449
 mrok/errors.py,sha256=ruNMDFr2_0ezCGXuCG1OswCEv-bHOIzMMd02J_0ABcs,37
-mrok/logging.py,sha256=ZMWn0w4fJ-F_g-L37H_GM14BSXAIF2mFF_ougX5S7mg,2856
+mrok/logging.py,sha256=4F5rviPK1-MWWMZuHfzNNQmGxg-emAPRdKz0PsWDSww,2261
 mrok/agent/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-mrok/agent/ziticorn.py,sha256=iENhronSKhPIhXhTMj7pElaLZgeEsgEVTKp_1yMa3Dk,907
+mrok/agent/ziticorn.py,sha256=eHUYs9QaSp35rBzYHRV-SrYxF5ySyECaQg7U-XbdINE,1025
 mrok/agent/devtools/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-mrok/agent/devtools/__main__.py,sha256=R8ezbW7hCik5r45U3w2TgiTubg9SlbVsWA-bapILJXU,781
 mrok/agent/devtools/inspector/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-mrok/agent/devtools/inspector/__main__.py,sha256=HeYcRf1bjXPji2LKMPCcTU61afrRH2P1RqnFmHClRTc,524
-mrok/agent/devtools/inspector/app.py,sha256=E1WKcc5k7afq6xq_efEpOk9g5CaXmYjU1kNACZrYYyg,16486
+mrok/agent/devtools/inspector/__main__.py,sha256=MyaIi81D-ubdxuvLV1mCpA8cSVwtq07zc5xuArPU2Dw,73
+mrok/agent/devtools/inspector/app.py,sha256=TxBBIy8lXHj6h8KmQHCeLiIM2QqMzMsCpSWFjH8cGu4,25636
 mrok/agent/devtools/inspector/server.py,sha256=C4uD6_1psSHMjJLUDCMPGvKdQYKaEwYTw27NAbwuuA0,636
+mrok/agent/devtools/inspector/utils.py,sha256=K-_4rTyB54Y0faEIGgutMEHGyP1W7eOhbcuUKxNnsYA,4261
 mrok/agent/sidecar/__init__.py,sha256=DrjJGhqFyxsVODW06KI20Wpr6HsD2lD6qFCKUXc7GIE,59
-mrok/agent/sidecar/app.py,sha256=8gLB9tgxzC4l6CBYB9MW9A6-v2cjJHx-xVNwAnCD7hI,2506
-mrok/agent/sidecar/main.py,sha256=m3aKhOHwIEsXDeTMynHmv41JnBIjv-QUgQ4uw1rrsDA,1068
+mrok/agent/sidecar/app.py,sha256=sPQqjnwETRQk0cj8hAxSVUDCkYqsVZCS6ixEqkcGY5A,2534
+mrok/agent/sidecar/main.py,sha256=jeJzrCbltfXOYsKSCjcw8h5lxh4_bGT87kCC5dV4kYU,2190
 mrok/cli/__init__.py,sha256=mtFEa8IeS1x6Gm4dUYoSnAxyEzNqbUVSmWxtuZUMR84,61
-mrok/cli/main.py,sha256=DFcYPwDskXi8SKAgEsuP4GMFzaniIf_6bZaSDWvYKDk,2724
+mrok/cli/main.py,sha256=T029FYxK_jDrwiA14oX-Onoqp_X14XHRAA_4bbaOgV8,3123
 mrok/cli/rich.py,sha256=P3Dyu8EArUR9_0j7DPK7LRx85TWdYdZ1SaJzD_S1ZCE,511
 mrok/cli/utils.py,sha256=m_olScdIUGks5IoC6p2F9D6CQIucWZ7LHyrvwm2bkJw,106
 mrok/cli/commands/__init__.py,sha256=-UOGzh38oWX7fPeI2nc5I9z8LylRdQAt868q4G6rNGk,140
 mrok/cli/commands/admin/__init__.py,sha256=WU49jpMF9p18UONjYywWEFzjF57zLpLKJ0qAZvrzcR4,414
-mrok/cli/commands/admin/bootstrap.py,sha256=iOnHctYajgcHrG_Idjn5Y7VVSaWYRIhdgqKSw9TWq9I,1680
-mrok/cli/commands/admin/utils.py,sha256=wQ-qQJGFyhikMJY_CWT-G6sTEIZb-LUdj1AUZisLPBw,1363
+mrok/cli/commands/admin/bootstrap.py,sha256=9ADSeiVbFAZXh6GxHEf9h2g_XHGOIlMmg1rgsxMfdow,1699
+mrok/cli/commands/admin/utils.py,sha256=Z7YTAFZKOi6nkw2oX4rJoGoUD41RYL3AOqEDhlV3jR0,1357
 mrok/cli/commands/admin/list/__init__.py,sha256=kjCMcpn1gopcrQaaHxfFh8Kyngldepnle8R2br5dJ_0,195
 mrok/cli/commands/admin/list/extensions.py,sha256=16fhDB5ucL8su2WQnSaQ1E6MhgC4vkP9-nuHAcPpzyE,4405
 mrok/cli/commands/admin/list/instances.py,sha256=kaqeyidwUxgYqfaHXqp2m76rm5h2ErBsYyZcNeaBRwY,5912
@@ -32,23 +32,22 @@ mrok/cli/commands/admin/unregister/__init__.py,sha256=-GjjCPX1pISbWmJK6GpKO3ijGs
 mrok/cli/commands/admin/unregister/extensions.py,sha256=GR3Iwzeksk_R0GkgmCSG7iHRcUrI7ABqDi25Gbes64Y,1016
 mrok/cli/commands/admin/unregister/instances.py,sha256=-28wL8pTXTWHVHtw93y8-dqi-Dlf0OZOnlBCKOyGo80,1138
 mrok/cli/commands/agent/__init__.py,sha256=ZAi7eTkKQtfwwV1c1mv3uvEEsyMMrhCQ_-id_0wksAQ,218
-mrok/cli/commands/agent/utils.py,sha256=m_olScdIUGks5IoC6p2F9D6CQIucWZ7LHyrvwm2bkJw,106
 mrok/cli/commands/agent/dev/__init__.py,sha256=ZfreyRuaLqO0AwPS8Ll1DIpsKacsu7_dTmbxV5QecOM,172
 mrok/cli/commands/agent/dev/console.py,sha256=rrKAGoKXVQQBOC75H0JSuX1sYyvc2QSrV-dfMPK49p4,673
 mrok/cli/commands/agent/dev/web.py,sha256=O9dYk-o1FV2E_sKLOezdEmLsnexwbJNDdsYL5pATZRQ,1028
 mrok/cli/commands/agent/run/__init__.py,sha256=E_IJCl3BfMffqFASe8gzJwhhQgt5bQfjhuyekVwdEBA,164
 mrok/cli/commands/agent/run/asgi.py,sha256=dCgzwJtTLv2eyEIP7v1tDfe_PrFBS02SfN5dSDw1Jzg,2054
-mrok/cli/commands/agent/run/sidecar.py,sha256=Tj5inAeSX1E3yCVs2q4P3sP3trvvwk2lYMSUtyFfxo8,2098
+mrok/cli/commands/agent/run/sidecar.py,sha256=UOewegTLFwAZ70VFJb6_9kV0LmsvnXuq-yqgrMlTeZo,4182
 mrok/cli/commands/controller/__init__.py,sha256=2xw-YVN0akiLiuGUU3XbYyZZ0ugOjQ6XhtTkzEKSmMA,161
 mrok/cli/commands/controller/openapi.py,sha256=QLjVao9UkB2vBaGkFi_q_jrlg4Np4ldMRwDIJsrJ7A8,1175
 mrok/cli/commands/controller/run.py,sha256=yl1p7oRHhQINWWjUKlRHtMIWUCV0KsxYdyVyazhX834,2406
 mrok/cli/commands/frontend/__init__.py,sha256=0kK37yG6qs7yAa8TYlKZUA-nHrWsO4y5CjbVkXafnuk,123
-mrok/cli/commands/frontend/run.py,sha256=4w9B662_7ASWuN_skWWWXXQyTcp0G4I-FzvfjL7Yiu0,1305
+mrok/cli/commands/frontend/run.py,sha256=_X1ylMe4-YCTghsu0XY-PB4nk3PL-PQq9YIgbkgJok8,2796
 mrok/controller/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 mrok/controller/app.py,sha256=XxCIB7N1YE52vSYfvGW2UPgEEOZ9jxDMe2l9D2SfXi8,1866
 mrok/controller/auth.py,sha256=hYa0OPJ5X0beGxRP6qbxwJOVXj5TmzHjmam2OjTBKn4,2704
 mrok/controller/pagination.py,sha256=raYpYa34q8Ckl4BXBOEdpWlKkFj6z7e6QLWr2HT7dzI,2187
-mrok/controller/schemas.py,sha256=AaF8_bEwZTHM02apVEBAzlUb2t71zoxYaG-VHtPNeMk,1705
+mrok/controller/schemas.py,sha256=PZPEsSJNrGSuplfjCPF_E-VJ721AzgR1Jj8P-Shw1cg,1699
 mrok/controller/dependencies/__init__.py,sha256=voewk6gjkA0OarL6HFmfT_RLqBns0Fpl-VIqK5xVAEI,202
 mrok/controller/dependencies/conf.py,sha256=2Pa8fxJHkZ29q6UL-w6hUP_wr7WnNELfw5LlzWg1Tec,162
 mrok/controller/dependencies/ziti.py,sha256=fYoxeJb4s6p2_3gxbExbFSRabjpvp_gZMBb3ocXZV3Y,702
@@ -59,34 +58,34 @@ mrok/controller/routes/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3
 mrok/controller/routes/extensions.py,sha256=zoY4sNz_BIZcbly6WXM7Rbpn2jmB89njS_0xdJkoKfs,9192
 mrok/controller/routes/instances.py,sha256=v-fn_F6JHbDZ4YUNCIZzClgHp6aC1Eu5HB7k7qBG5pk,2202
 mrok/frontend/__init__.py,sha256=SN3LoFwAye18lfJ8OKNNS-7kLc2A9OxPGIEIEYYtAOA,54
-mrok/frontend/app.py,sha256=We7z5xrbxvOuLsmWgsqfoECZ8FTWOtlw80a14g_8p9M,2632
-mrok/frontend/main.py,sha256=kaje2kfS902TNQwwKn12WEr4N7hKHPg_NwczXAdplwY,1445
+mrok/frontend/app.py,sha256=I2cvEI2ZGhbeazFhF6LavxBYywsv-4QkuNxCDo6-dkA,2627
+mrok/frontend/main.py,sha256=0KtchIGLn70A_Oxekmhr_qSYUg5QqIMfrdYcyFdpj9s,1717
 mrok/proxy/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-mrok/proxy/app.py,sha256=mqb07evKlGUzgqEy-LMzjyeIg1VjUFu83pZeBA4zVyM,5976
-mrok/proxy/backend.py,sha256=T8DDA733CqbFWp5lrf_tKQK_VDgcERKTfesvxofl3AY,1493
-mrok/proxy/config.py,sha256=aUTx0-dNAT7U0UEp5bX7-IO7p3HS082QUocAVq2NUWk,2053
-mrok/proxy/constants.py,sha256=ao5gI2HFBWmrdd2Yc6XFK_RGaHk-omxI4AqvfIiGes8,409
-mrok/proxy/datastructures.py,sha256=SDwhWpJTJrwK9hamHb_Og5PxKXG6VGOwVeoPxtaQLnU,5173
+mrok/proxy/app.py,sha256=flnVPoUO3pSF3b0nYFBhKjZ9jp5ljijo2a-5e37gACs,6016
+mrok/proxy/asgi.py,sha256=2uw5bLquyUsiYlNwq8RhJd8OqVvSJDvYjzOVGLLB3Cs,3528
+mrok/proxy/backend.py,sha256=dRmIUJin2DM3PUxrVX0j4t1oB6DOX7N9JV2lIcopE38,1649
+mrok/proxy/event_publisher.py,sha256=TAuwEqIhRYxgazJFgC3DekwUAXlJ2UFjbdx_A9vwA1g,2511
 mrok/proxy/exceptions.py,sha256=61OhdihQNdnBUqAI9mbBkXD1yWg-6Eftk7EhWCU1VF0,642
-mrok/proxy/lifespan.py,sha256=9qevhD_5Y0f8fGTh2axdfWx7v1K4vnWtiUNyJLesOHE,262
-mrok/proxy/master.py,sha256=Houudf2eYZkP5Ri8JtmFeIlWtMuTvybpPaMeIPNyLRg,8484
-mrok/proxy/metrics.py,sha256=NPhEbHoRdZ7YLKJPxmLc-sCFmos_L0iZwO0ufUs4SNg,3654
-mrok/proxy/middlewares.py,sha256=XHOSQPCXAqUWU2lg1iNkIfTWcfCOJrhEJ_bhVpX-ToQ,5504
-mrok/proxy/protocol.py,sha256=ap8jbLUvgbAH81ZJZCBkQiYR7mkV_eL3rpfwEkoE8sU,392
-mrok/proxy/server.py,sha256=Mj7C85fc-DXp-WTBWaOd7ag808oliLmFBH5bf-G2FHg,370
-mrok/proxy/streams.py,sha256=KxiEFiyAWlFQ7t-t8PZHfDveysBk4Wjo2La-aL7XghQ,1371
-mrok/proxy/types.py,sha256=oET5CXqcBvk4kf_giNojZ9kfF5wygy3Z-MvcDd38LMU,555
-mrok/proxy/utils.py,sha256=OxX6pJv_Wh_KgWx95YeJ3YeuSgwm2tsd00897P3fxys,2126
+mrok/proxy/master.py,sha256=HB2q_nPLim23z0mGDGKs_RshhGVAO8VgOYP4hA__zC4,6891
+mrok/proxy/metrics.py,sha256=Sg2aIiaj9fzkyu190YCsJvNn5P-XLun3BcvuVBsdWbA,3640
+mrok/proxy/middleware.py,sha256=So024RvtNgMliClKz4pzau2Wb6tlfZGspmHBzzEeF4U,4208
+mrok/proxy/models.py,sha256=VDou3LGDi9zCpzpOwihP4Og1oRvXl7gb2mgczf6_Z14,6029
+mrok/proxy/stream.py,sha256=7V-bSAF9uNV1yVHKaEhHo95WxafSGWkyHPVABZX0djY,2134
+mrok/proxy/worker.py,sha256=uEUC2Hbx0YQiDMFNZfwkHMDnijN96b6iRoIErfI21Tg,1921
+mrok/proxy/ziticorn.py,sha256=qiHKIB7ZRR9S9f-zXTxkzBWW3qlP9CqPOc0QQr-lgvc,2437
+mrok/types/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+mrok/types/proxy.py,sha256=40Yds4tUykMpzsoQbMtHG85r8xtm5Q3fQZ17bp7cDiM,818
+mrok/types/ziti.py,sha256=EeQnTbDEJ-Y-KMS6zu1Xjxb58Up2VxUwqzUwy3H28JY,36
 mrok/ziti/__init__.py,sha256=20OWMiexRhOovZOX19zlX87-V78QyWnEnSZfyAftUdE,263
-mrok/ziti/api.py,sha256=KvGiT9d4oSgC3JbFWLDQyuHcLX2HuZJoJ8nHmWtCDkY,16154
-mrok/ziti/bootstrap.py,sha256=QIDhlkIxPW2QRuumFq2D1WDbD003P5f3z24pAUsyeBI,2696
+mrok/ziti/api.py,sha256=CRblQUyfX_421cppA9D-LRnjh4N9P7aYVK4fG7UzQE4,16102
+mrok/ziti/bootstrap.py,sha256=RSL8nZfI-MZ_z6h0F-rNevQoE6g9oGKLr6HlZF696_c,2499
 mrok/ziti/constants.py,sha256=Urq1X3bCBQZfw8NbnEa1pqmY4oq1wmzkwPfzam3kbTw,339
 mrok/ziti/errors.py,sha256=yYCbVDwktnR0AYduqtynIjo73K3HOhIrwA_vQimvEd4,368
-mrok/ziti/identities.py,sha256=1BcwfqAJHMBhc3vRaf0aLaIkoHskj5Xe2Lsq2lO9Vs8,6735
+mrok/ziti/identities.py,sha256=5-7Iof5a8SfkAYsy-SPirDEJKE68ZSn1Kw1wXYQbK9Q,6880
 mrok/ziti/pki.py,sha256=o2tySqHC8-7bvFuI2Tqxg9vX6H6ZSxWxfP_9x29e19M,1954
-mrok/ziti/services.py,sha256=zR1PEBYwXVou20iJK4euh0ZZFAo9UB8PZk8f6SDmiUE,3194
-mrok-0.5.0.dist-info/METADATA,sha256=-rLLRvaOAveuVDJR_ZLNWohgU9EdIM1jgrnH6LoqgHc,15705
-mrok-0.5.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-mrok-0.5.0.dist-info/entry_points.txt,sha256=tloXwvU1uJicBJR2h-8HoVclPgwJWDwuREMHN8Zq-nU,38
-mrok-0.5.0.dist-info/licenses/LICENSE.txt,sha256=6PaICaoA3yNsZKLv5G6OKqSfLSoX7MakYqTDgJoTCBs,11346
-mrok-0.5.0.dist-info/RECORD,,
+mrok/ziti/services.py,sha256=TukG0vAZxgjbS8OLiyg7u1GwuVeGTco-rb9ne6a4PUA,3213
+mrok-0.7.0.dist-info/METADATA,sha256=bswj6K1HG4vnUbkCpqQfuH6BoAgcyrMKY3U6XIotlnI,15979
+mrok-0.7.0.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+mrok-0.7.0.dist-info/entry_points.txt,sha256=tloXwvU1uJicBJR2h-8HoVclPgwJWDwuREMHN8Zq-nU,38
+mrok-0.7.0.dist-info/licenses/LICENSE.txt,sha256=6PaICaoA3yNsZKLv5G6OKqSfLSoX7MakYqTDgJoTCBs,11346
+mrok-0.7.0.dist-info/RECORD,,

mrok/agent/devtools/__main__.py

@@ -1,34 +0,0 @@
-#!/usr/bin/env python3
-"""mrok agent devtools CLI entrypoint.
-
-Provides a small CLI that accepts an optional subscriber port and
-invokes the `run` function with that port.
-"""
-
-import argparse
-from typing import Any
-
-
-def run(port: int) -> None:
-    """Run the devtools agent using the given subscriber port.
-
-    This is a stub for the runtime function. Implementation goes here.
-    """
-    pass
-
-
-def main(argv: Any = None) -> None:
-    parser = argparse.ArgumentParser(description="mrok devtools agent")
-    parser.add_argument(
-        "-p",
-        "--subscriber-port",
-        type=int,
-        default=50001,
-        help="Port for subscriber (default: 50001)",
-    )
-    args = parser.parse_args(argv)
-    run(args.subscriber_port)
-
-
-if __name__ == "__main__":
-    main()

mrok/cli/commands/agent/utils.py

@@ -1,5 +0,0 @@
-import multiprocessing
-
-
-def number_of_workers() -> int:
-    return (multiprocessing.cpu_count() * 2) + 1

mrok/proxy/config.py

@@ -1,62 +0,0 @@
-import json
-import logging
-import socket
-from collections.abc import Callable
-from pathlib import Path
-from typing import Any
-
-import openziti
-from uvicorn import config
-
-from mrok.proxy.protocol import MrokHttpToolsProtocol
-from mrok.proxy.types import ASGIApp
-
-logger = logging.getLogger("mrok.proxy")
-
-config.LIFESPAN["auto"] = "mrok.proxy.lifespan:MrokLifespan"
-
-
-class MrokBackendConfig(config.Config):
-    def __init__(
-        self,
-        app: ASGIApp | Callable[..., Any] | str,
-        identity_file: str | Path,
-        ziti_load_timeout_ms: int = 5000,
-        backlog: int = 2048,
-    ):
-        self.identity_file = identity_file
-        self.ziti_load_timeout_ms = ziti_load_timeout_ms
-        self.service_name, self.identity_name, self.instance_id = self.get_identity_info(
-            identity_file
-        )
-        super().__init__(
-            app,
-            loop="asyncio",
-            http=MrokHttpToolsProtocol,
-            backlog=backlog,
-        )
-
-    def get_identity_info(self, identity_file: str | Path):
-        with open(identity_file) as f:
-            identity_data = json.load(f)
-            try:
-                identity_name = identity_data["mrok"]["identity"]
-                instance_id, service_name = identity_name.split(".", 1)
-                return service_name, identity_name, instance_id
-            except KeyError:
-                raise ValueError("Invalid identity file: identity file is not mrok compatible.")
-
-    def bind_socket(self) -> socket.socket:
-        logger.info(f"Connect to Ziti service '{self.service_name} ({self.instance_id})'")
-
-        ctx, err = openziti.load(str(self.identity_file), timeout=self.ziti_load_timeout_ms)
-        if err != 0:
-            raise RuntimeError(f"Failed to load Ziti identity from {self.identity_file}: {err}")
-
-        sock = ctx.bind(self.service_name)
-        sock.listen(self.backlog)
-        logger.info(f"listening on ziti service {self.service_name} for connections")
-        return sock
-
-    def configure_logging(self) -> None:
-        return