ops-core 0.1.0__tar.gz

ops_core-0.1.0/.gitignore

@@ -0,0 +1,36 @@
+# Python
+__pycache__/
+*.py[cod]
+*.egg-info/
+dist/
+build/
+.eggs/
+
+# Virtual environments
+.venv/
+venv/
+
+# IDE
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# OS
+.DS_Store
+Thumbs.db
+
+# Environment / Secrets
+.env
+*.pem
+*.key
+db_config.yaml
+
+# Test
+.pytest_cache/
+htmlcov/
+.coverage
+
+# Build artifacts
+*.whl
+db_config.yaml.bak

ops_core-0.1.0/PKG-INFO

@@ -0,0 +1,26 @@
+Metadata-Version: 2.4
+Name: ops-core
+Version: 0.1.0
+Summary: Shared operations platform framework - execution engine, auth, rollback, audit
+Requires-Python: >=3.11
+Requires-Dist: fastapi>=0.110.0
+Requires-Dist: httpx>=0.26.0
+Requires-Dist: psycopg[binary]>=3.1.0
+Requires-Dist: pydantic-settings>=2.0.0
+Requires-Dist: pydantic>=2.0.0
+Requires-Dist: pyyaml>=6.0
+Requires-Dist: uvicorn>=0.27.0
+Provides-Extra: cli
+Requires-Dist: rich>=13.0.0; extra == 'cli'
+Requires-Dist: typer>=0.9.0; extra == 'cli'
+Provides-Extra: dev
+Requires-Dist: pytest-asyncio>=0.23.0; extra == 'dev'
+Requires-Dist: pytest>=8.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.3.0; extra == 'dev'
+Provides-Extra: mcp
+Requires-Dist: mcp>=1.0.0; extra == 'mcp'
+Description-Content-Type: text/markdown
+
+# ops-core
+
+Shared operations platform framework for zenith-ops.

ops_core-0.1.0/README.md

@@ -0,0 +1,3 @@
+# ops-core
+
+Shared operations platform framework for zenith-ops.

ops_core-0.1.0/pyproject.toml

@@ -0,0 +1,36 @@
+[project]
+name = "ops-core"
+version = "0.1.0"
+description = "Shared operations platform framework - execution engine, auth, rollback, audit"
+readme = "README.md"
+requires-python = ">=3.11"
+dependencies = [
+    "fastapi>=0.110.0",
+    "uvicorn>=0.27.0",
+    "psycopg[binary]>=3.1.0",
+    "pydantic>=2.0.0",
+    "pydantic-settings>=2.0.0",
+    "pyyaml>=6.0",
+    "httpx>=0.26.0",
+]
+
+[project.optional-dependencies]
+mcp = [
+    "mcp>=1.0.0",
+]
+cli = [
+    "typer>=0.9.0",
+    "rich>=13.0.0",
+]
+dev = [
+    "pytest>=8.0.0",
+    "pytest-asyncio>=0.23.0",
+    "ruff>=0.3.0",
+]
+
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/ops_core"]

ops_core-0.1.0/src/ops_core/__init__.py

@@ -0,0 +1,8 @@
+"""
+ops-core: Shared operations platform framework.
+
+Provides execution engine, auth, rollback, audit, and MCP/CLI scaffolding
+for project-specific operations platforms (harmony-cs, orderhop-cs, etc.).
+"""
+
+__version__ = "0.1.0"

ops_core-0.1.0/src/ops_core/audit/__init__.py

@@ -0,0 +1,20 @@
+"""
+Audit logging for operations platform.
+
+Provides operation-level logging, DB-based audit logger, and request middleware.
+"""
+
+from .logger import AuditLog, log_operation_attempt, log_operation_result
+from .db_logger import AuditLogEntry, AuditLogger, RequestSource, get_audit_logger
+from .middleware import AuditMiddleware
+
+__all__ = [
+    "AuditLog",
+    "log_operation_attempt",
+    "log_operation_result",
+    "AuditLogEntry",
+    "AuditLogger",
+    "RequestSource",
+    "get_audit_logger",
+    "AuditMiddleware",
+]

ops_core-0.1.0/src/ops_core/audit/db_logger.py

@@ -0,0 +1,485 @@
+"""
+Audit logging system for self-improvement tracking.
+
+Captures all API requests/responses to enable:
+- Issue diagnosis and debugging
+- Usage pattern analysis
+- Error tracking and alerting
+- Performance monitoring
+- Self-improvement recommendations
+"""
+
+import json
+import uuid
+from datetime import datetime, timezone
+from enum import Enum
+from typing import Any
+
+import psycopg
+from psycopg.rows import dict_row
+from pydantic import BaseModel, Field
+
+# Settings passed via constructor
+
+
+class RequestSource(str, Enum):
+    """Source of the request."""
+
+    CLI = "cli"
+    MCP = "mcp"
+    API = "api"  # Direct API call
+    INTERNAL = "internal"  # Internal system call
+
+
+class AuditLogEntry(BaseModel):
+    """Audit log entry for request/response tracking."""
+
+    # Request identification
+    request_id: str = Field(default_factory=lambda: str(uuid.uuid4()))
+    timestamp: datetime = Field(default_factory=lambda: datetime.now(timezone.utc))
+
+    # Source information
+    source: RequestSource = RequestSource.API
+    source_version: str = ""  # CLI/MCP version
+    user_agent: str = ""
+
+    # Authentication
+    user_role: str = ""  # readonly, superuser
+    api_key_hash: str = ""  # Last 8 chars of API key for identification
+
+    # Request details
+    method: str = ""  # GET, POST, etc.
+    endpoint: str = ""  # /operations, /query/{db}, etc.
+    path_params: dict[str, Any] = Field(default_factory=dict)
+    query_params: dict[str, Any] = Field(default_factory=dict)
+    request_body: dict[str, Any] | None = None
+
+    # For operations
+    operation_id: str | None = None
+    operation_category: str | None = None
+    database_target: str | None = None
+
+    # Response details
+    status_code: int = 0
+    response_body: dict[str, Any] | None = None
+    response_size_bytes: int = 0
+
+    # Performance
+    execution_time_ms: float = 0
+
+    # Error tracking
+    is_error: bool = False
+    error_type: str | None = None  # ValidationError, AuthError, DBError, etc.
+    error_message: str | None = None
+    error_traceback: str | None = None
+
+    # For raw queries (sensitive - store safely)
+    raw_sql: str | None = None
+    affected_rows: int | None = None
+
+
+class AuditLogger:
+    """Handles audit logging to database."""
+
+    def __init__(self, audit_db_url: str = ""):
+        self._db_url: str = audit_db_url
+        self._initialized = False
+
+    def _get_db_url(self) -> str:
+        """Get audit database URL."""
+        return self._db_url
+
+    async def ensure_tables(self) -> bool:
+        """Ensure audit tables exist."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return False
+
+        try:
+            with psycopg.connect(db_url) as conn:
+                with conn.cursor() as cur:
+                    cur.execute("""
+                        CREATE TABLE IF NOT EXISTS cs_audit_log (
+                            id SERIAL PRIMARY KEY,
+                            request_id UUID NOT NULL UNIQUE,
+                            timestamp TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+
+                            -- Source
+                            source VARCHAR(20) NOT NULL,
+                            source_version VARCHAR(50),
+                            user_agent TEXT,
+
+                            -- Auth
+                            user_role VARCHAR(20),
+                            api_key_hash VARCHAR(8),
+
+                            -- Request
+                            method VARCHAR(10) NOT NULL,
+                            endpoint VARCHAR(255) NOT NULL,
+                            path_params JSONB,
+                            query_params JSONB,
+                            request_body JSONB,
+
+                            -- Operation context
+                            operation_id VARCHAR(100),
+                            operation_category VARCHAR(50),
+                            database_target VARCHAR(50),
+
+                            -- Response
+                            status_code INTEGER NOT NULL,
+                            response_body JSONB,
+                            response_size_bytes INTEGER,
+
+                            -- Performance
+                            execution_time_ms FLOAT,
+
+                            -- Error tracking
+                            is_error BOOLEAN NOT NULL DEFAULT FALSE,
+                            error_type VARCHAR(100),
+                            error_message TEXT,
+                            error_traceback TEXT,
+
+                            -- Raw query (for analysis)
+                            raw_sql TEXT,
+                            affected_rows INTEGER,
+
+                            -- Indexes
+                            created_at TIMESTAMPTZ NOT NULL DEFAULT NOW()
+                        );
+
+                        -- Indexes for common queries
+                        CREATE INDEX IF NOT EXISTS idx_audit_timestamp
+                            ON cs_audit_log(timestamp DESC);
+                        CREATE INDEX IF NOT EXISTS idx_audit_is_error
+                            ON cs_audit_log(is_error) WHERE is_error = TRUE;
+                        CREATE INDEX IF NOT EXISTS idx_audit_endpoint
+                            ON cs_audit_log(endpoint);
+                        CREATE INDEX IF NOT EXISTS idx_audit_operation_id
+                            ON cs_audit_log(operation_id);
+                        CREATE INDEX IF NOT EXISTS idx_audit_user_role
+                            ON cs_audit_log(user_role);
+
+                        -- Error summary view
+                        CREATE OR REPLACE VIEW cs_audit_error_summary AS
+                        SELECT
+                            DATE(timestamp) as date,
+                            endpoint,
+                            error_type,
+                            COUNT(*) as error_count,
+                            COUNT(DISTINCT api_key_hash) as unique_users
+                        FROM cs_audit_log
+                        WHERE is_error = TRUE
+                        GROUP BY DATE(timestamp), endpoint, error_type
+                        ORDER BY date DESC, error_count DESC;
+
+                        -- Daily usage summary view
+                        CREATE OR REPLACE VIEW cs_audit_daily_summary AS
+                        SELECT
+                            DATE(timestamp) as date,
+                            source,
+                            endpoint,
+                            COUNT(*) as request_count,
+                            COUNT(*) FILTER (WHERE is_error) as error_count,
+                            AVG(execution_time_ms) as avg_execution_ms,
+                            MAX(execution_time_ms) as max_execution_ms,
+                            COUNT(DISTINCT api_key_hash) as unique_users
+                        FROM cs_audit_log
+                        GROUP BY DATE(timestamp), source, endpoint
+                        ORDER BY date DESC, request_count DESC;
+                    """)
+                    conn.commit()
+                    self._initialized = True
+                    return True
+        except Exception as e:
+            print(f"[AuditLogger] Failed to initialize: {e}")
+            return False
+
+    async def log(self, entry: AuditLogEntry) -> bool:
+        """Log an audit entry to database."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return False
+
+        if not self._initialized:
+            await self.ensure_tables()
+
+        try:
+            with psycopg.connect(db_url) as conn:
+                with conn.cursor() as cur:
+                    cur.execute(
+                        """
+                        INSERT INTO cs_audit_log (
+                            request_id, timestamp,
+                            source, source_version, user_agent,
+                            user_role, api_key_hash,
+                            method, endpoint, path_params, query_params, request_body,
+                            operation_id, operation_category, database_target,
+                            status_code, response_body, response_size_bytes,
+                            execution_time_ms,
+                            is_error, error_type, error_message, error_traceback,
+                            raw_sql, affected_rows
+                        ) VALUES (
+                            %s, %s,
+                            %s, %s, %s,
+                            %s, %s,
+                            %s, %s, %s::jsonb, %s::jsonb, %s::jsonb,
+                            %s, %s, %s,
+                            %s, %s::jsonb, %s,
+                            %s,
+                            %s, %s, %s, %s,
+                            %s, %s
+                        )
+                    """,
+                        (
+                            entry.request_id,
+                            entry.timestamp,
+                            entry.source.value,
+                            entry.source_version,
+                            entry.user_agent,
+                            entry.user_role,
+                            entry.api_key_hash,
+                            entry.method,
+                            entry.endpoint,
+                            json.dumps(entry.path_params)
+                            if entry.path_params
+                            else None,
+                            json.dumps(entry.query_params)
+                            if entry.query_params
+                            else None,
+                            json.dumps(entry.request_body)
+                            if entry.request_body
+                            else None,
+                            entry.operation_id,
+                            entry.operation_category,
+                            entry.database_target,
+                            entry.status_code,
+                            json.dumps(entry.response_body)
+                            if entry.response_body
+                            else None,
+                            entry.response_size_bytes,
+                            entry.execution_time_ms,
+                            entry.is_error,
+                            entry.error_type,
+                            entry.error_message,
+                            entry.error_traceback,
+                            entry.raw_sql,
+                            entry.affected_rows,
+                        ),
+                    )
+                    conn.commit()
+                    return True
+        except Exception as e:
+            print(f"[AuditLogger] Failed to log: {e}")
+            return False
+
+    async def get_recent_errors(self, limit: int = 20) -> list[dict]:
+        """Get recent error logs for analysis."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return []
+
+        try:
+            with psycopg.connect(db_url, row_factory=dict_row) as conn:
+                with conn.cursor() as cur:
+                    cur.execute(
+                        """
+                        SELECT
+                            request_id, timestamp, source, endpoint,
+                            user_role, status_code,
+                            error_type, error_message,
+                            operation_id, database_target
+                        FROM cs_audit_log
+                        WHERE is_error = TRUE
+                        ORDER BY timestamp DESC
+                        LIMIT %s
+                    """,
+                        (limit,),
+                    )
+                    return [dict(row) for row in cur.fetchall()]
+        except Exception as e:
+            print(f"[AuditLogger] Failed to fetch errors: {e}")
+            return []
+
+    async def get_error_summary(self, days: int = 7) -> list[dict]:
+        """Get error summary for the last N days."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return []
+
+        try:
+            with psycopg.connect(db_url, row_factory=dict_row) as conn:
+                with conn.cursor() as cur:
+                    cur.execute(
+                        """
+                        SELECT * FROM cs_audit_error_summary
+                        WHERE date >= CURRENT_DATE - INTERVAL '%s days'
+                    """,
+                        (days,),
+                    )
+                    return [dict(row) for row in cur.fetchall()]
+        except Exception as e:
+            print(f"[AuditLogger] Failed to fetch error summary: {e}")
+            return []
+
+    async def search_logs(
+        self,
+        operation_id: str | None = None,
+        operation_category: str | None = None,
+        error_type: str | None = None,
+        source: str | None = None,
+        is_error: bool | None = None,
+        search: str | None = None,
+        days: int = 7,
+        limit: int = 50,
+        offset: int = 0,
+    ) -> dict:
+        """Search audit logs with filters for dashboard."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return {"logs": [], "total": 0}
+
+        try:
+            with psycopg.connect(db_url, row_factory=dict_row) as conn:
+                with conn.cursor() as cur:
+                    where = ["timestamp >= CURRENT_TIMESTAMP - INTERVAL '%s days'"]
+                    params: list = [days]
+
+                    if operation_id:
+                        where.append("operation_id = %s")
+                        params.append(operation_id)
+                    if operation_category:
+                        where.append("operation_category = %s")
+                        params.append(operation_category)
+                    if error_type:
+                        where.append("error_type = %s")
+                        params.append(error_type)
+                    if source:
+                        where.append("source = %s")
+                        params.append(source)
+                    if is_error is not None:
+                        where.append("is_error = %s")
+                        params.append(is_error)
+                    if search:
+                        where.append(
+                            "(request_body::text ILIKE %s OR response_body::text ILIKE %s "
+                            "OR error_message ILIKE %s OR endpoint ILIKE %s)"
+                        )
+                        term = f"%{search}%"
+                        params.extend([term, term, term, term])
+
+                    where_sql = " AND ".join(where)
+
+                    # Count
+                    cur.execute(
+                        f"SELECT COUNT(*) as cnt FROM cs_audit_log WHERE {where_sql}",
+                        params,
+                    )
+                    total = cur.fetchone()["cnt"]
+
+                    # Fetch (truncate large JSON fields for list view)
+                    cur.execute(
+                        f"""
+                        SELECT
+                            id, request_id, timestamp, source, user_role,
+                            method, endpoint,
+                            LEFT(request_body::text, 500) AS request_body,
+                            operation_id,
+                            operation_category, database_target, status_code,
+                            LEFT(response_body::text, 500) AS response_body,
+                            response_size_bytes,
+                            execution_time_ms, is_error,
+                            error_type, error_message, affected_rows
+                        FROM cs_audit_log
+                        WHERE {where_sql}
+                        ORDER BY timestamp DESC
+                        LIMIT %s OFFSET %s
+                    """,
+                        params + [limit, offset],
+                    )
+                    logs = [dict(row) for row in cur.fetchall()]
+
+                    return {"logs": logs, "total": total}
+        except Exception as e:
+            print(f"[AuditLogger] Failed to search logs: {e}")
+            return {"logs": [], "total": 0, "error": str(e)}
+
+    async def get_log_detail(self, log_id: int) -> dict | None:
+        """Get full audit log entry by ID (including full response_body)."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return None
+
+        try:
+            with psycopg.connect(db_url, row_factory=dict_row) as conn:
+                with conn.cursor() as cur:
+                    cur.execute(
+                        """
+                        SELECT * FROM cs_audit_log WHERE id = %s
+                    """,
+                        (log_id,),
+                    )
+                    row = cur.fetchone()
+                    return dict(row) if row else None
+        except Exception as e:
+            print(f"[AuditLogger] Failed to get log detail: {e}")
+            return None
+
+    async def get_filter_options(self) -> dict:
+        """Get distinct values for dashboard filter dropdowns."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return {}
+
+        try:
+            with psycopg.connect(db_url, row_factory=dict_row) as conn:
+                with conn.cursor() as cur:
+                    result = {}
+                    for col in [
+                        "operation_id",
+                        "operation_category",
+                        "error_type",
+                        "source",
+                    ]:
+                        cur.execute(f"""
+                            SELECT DISTINCT {col} FROM cs_audit_log
+                            WHERE {col} IS NOT NULL AND {col} != ''
+                            ORDER BY {col}
+                        """)
+                        result[col] = [row[col] for row in cur.fetchall()]
+                    return result
+        except Exception as e:
+            print(f"[AuditLogger] Failed to get filter options: {e}")
+            return {}
+
+    async def get_usage_stats(self, days: int = 7) -> list[dict]:
+        """Get usage statistics for the last N days."""
+        db_url = self._get_db_url()
+        if not db_url:
+            return []
+
+        try:
+            with psycopg.connect(db_url, row_factory=dict_row) as conn:
+                with conn.cursor() as cur:
+                    cur.execute(
+                        """
+                        SELECT * FROM cs_audit_daily_summary
+                        WHERE date >= CURRENT_DATE - INTERVAL '%s days'
+                    """,
+                        (days,),
+                    )
+                    return [dict(row) for row in cur.fetchall()]
+        except Exception as e:
+            print(f"[AuditLogger] Failed to fetch usage stats: {e}")
+            return []
+
+
+# Global instance
+_audit_logger: AuditLogger | None = None
+
+
+def get_audit_logger(audit_db_url: str = "") -> AuditLogger:
+    """Get or create audit logger instance."""
+    global _audit_logger
+    if _audit_logger is None:
+        _audit_logger = AuditLogger(audit_db_url)
+    return _audit_logger