outerbounds 0.3.92__py3-none-any.whl → 0.3.93__py3-none-any.whl

outerbounds/command_groups/apps_cli.py

@@ -17,7 +17,7 @@ def cli(**kwargs):
     pass
 
 
-@click.group(help="Manage perimeters")
+@click.group(help="Manage apps")
 def app(**kwargs):
     pass
 
@@ -229,10 +229,18 @@ def start(config_dir=None, profile=None, port=-1, name="", output=""):
 )
 @click.option(
     "--port",
-    required=True,
+    required=False,
+    default=-1,
     help="Port number where you want to start your app.",
     type=int,
 )
+@click.option(
+    "--name",
+    required=False,
+    help="Name of your app",
+    default="",
+    type=str,
+)
 @click.option(
     "-o",
     "--output",
@@ -240,7 +248,15 @@ def start(config_dir=None, profile=None, port=-1, name="", output=""):
     help="Show output in the specified format.",
     type=click.Choice(["json", ""]),
 )
-def stop(config_dir=None, profile=None, port=-1, output=""):
+def stop(config_dir=None, profile=None, port=-1, name="", output=""):
+    if port == -1 and not name:
+        click.secho(
+            "Please provide either a port number or a name to stop the app.",
+            fg="red",
+            err=True,
+        )
+        return
+
     stop_app_response = OuterboundsCommandResponse()
 
     validate_workstation_step = CommandStatus(
@@ -313,11 +329,16 @@ def stop(config_dir=None, profile=None, port=-1, output=""):
             if workstation["instance_id"] == os.environ["WORKSTATION_ID"]:
                 if "named_ports" in workstation["spec"]:
                     for named_port in workstation["spec"]["named_ports"]:
-                        if int(named_port["port"]) == port:
+                        if (
+                            int(named_port["port"]) == port
+                            or named_port["name"] == name
+                        ):
                             stop_app_response.add_step(validate_port_exists)
                             if not named_port["enabled"]:
                                 click.secho(
-                                    f"App stopped on port {port}!", fg="green", err=True
+                                    f"App {named_port['name']} stopped on port {port}!",
+                                    fg="green",
+                                    err=True,
                                 )
                                 stop_app_response.add_step(stop_app_step)
                                 if output == "json":
@@ -365,14 +386,23 @@ def stop(config_dir=None, profile=None, port=-1, output=""):
                                     )
                                 return
 
+        err_message = (
+            f"Port {port} not found on workstation {os.environ['WORKSTATION_ID']}"
+        )
+        if port == -1:
+            err_message = (
+                f"App {name} not found on workstation {os.environ['WORKSTATION_ID']}"
+            )
+
         click.secho(
-            f"Port {port} not found on workstation {os.environ['WORKSTATION_ID']}",
+            err_message,
             fg="red",
             err=True,
         )
+
         validate_port_exists.update(
             OuterboundsCommandStatus.FAIL,
-            f"Port {port} not found on workstation {os.environ['WORKSTATION_ID']}",
+            err_message,
             "",
         )
         stop_app_response.add_step(validate_port_exists)

outerbounds/command_groups/cli.py

@@ -1,8 +1,5 @@
 from outerbounds._vendor import click
-from . import local_setup_cli
-from . import workstations_cli
-from . import perimeters_cli
-from . import apps_cli
+from . import local_setup_cli, workstations_cli, perimeters_cli, apps_cli, tutorials_cli
 
 
 @click.command(
@@ -12,6 +9,7 @@ from . import apps_cli
         workstations_cli.cli,
         perimeters_cli.cli,
         apps_cli.cli,
+        tutorials_cli.cli,
     ],
 )
 def cli(**kwargs):

outerbounds/command_groups/local_setup_cli.py

@@ -5,6 +5,7 @@ import os
 import re
 import subprocess
 import sys
+import time
 import zlib
 from base64 import b64decode, b64encode
 from importlib.machinery import PathFinder
@@ -15,6 +16,10 @@ from outerbounds._vendor import click
 import requests
 from requests.exceptions import HTTPError
 
+from google.oauth2 import service_account
+import google.auth
+import google.auth.jwt
+
 from ..utils import kubeconfig, metaflowconfig
 from ..utils.schema import (
     CommandStatus,
@@ -762,6 +767,48 @@ def get_gha_jwt(audience: str):
     sys.exit(1)
 
 
+def get_gcp_jwt(audience: str, service_account_token_file_path: str = ""):
+    try:
+        if service_account_token_file_path != "":
+            credentials = service_account.Credentials.from_service_account_file(
+                service_account_token_file_path
+            )
+        else:
+            credentials, project = google.auth.default()
+    except Exception as e:
+        click.secho(
+            f"Failed to get Google Cloud service account credentials. Error: {str(e)}",
+            fg="red",
+        )
+        sys.exit(1)
+
+    # Ensure the credentials are service account credentials to sign the JWT
+    if isinstance(credentials, service_account.Credentials):
+        try:
+            payload = {
+                "iat": int(time.time()),  # Issued at time
+                "exp": int(time.time()) + 172800,  # 48 hours expiration time
+                "sub": credentials.service_account_email,
+                "aud": audience,
+                "sa_email": credentials.service_account_email,
+            }
+
+            signed_jwt = google.auth.jwt.encode(credentials.signer, payload)
+            return signed_jwt.decode("utf-8")
+        except Exception as e:
+            click.secho(
+                f"Failed to sign JWT token using Google Cloud service account credentials. Error: {str(e)}",
+                fg="red",
+            )
+            sys.exit(1)
+
+    click.secho(
+        "The provided credentials are not service account credentials. Please provide a valid service account credentials file or set valid service account credentials in the environment using GOOGLE_APPLICATION_CREDENTIALS.",
+        fg="red",
+    )
+    sys.exit(1)
+
+
 def get_origin_token(
     service_principal_name: str,
     deployment: str,
@@ -932,6 +979,17 @@ def configure(
     is_flag=True,
     help="Set if the command is being run in a GitHub Actions environment. If both --jwt-token and --github-actions are specified the --github-actions flag will be ignored.",
 )
+@click.option(
+    "--gcp",
+    is_flag=True,
+    help="Set if the command is being run which a Google Cloud service account credential. If both --jwt-token and --gcp are specified the -gcp flag will be ignored.",
+)
+@click.option(
+    "--gcp-service-account-toke-file-path",
+    default="",
+    help="The full path to the Google Cloud service account token file. If --gcp is set and this value is not specified, the default GOOGLE_APPLICATION_CREDENTIALS environment variable will be used.",
+    required=True,
+)
 @click.option(
     "-d",
     "--config-dir",
@@ -963,18 +1021,31 @@ def service_principal_configure(
     perimeter: str,
     jwt_token="",
     github_actions=False,
+    gcp=False,
+    gcp_service_account_toke_file_path="",
     config_dir=None,
     profile=None,
     echo=None,
     force=False,
 ):
     audience = f"https://{deployment_domain}"
-    if jwt_token == "" and github_actions:
-        jwt_token = get_gha_jwt(audience)
+
+    # ensure only one of github_actions or gcp is set
+    if github_actions and gcp:
+        click.secho(
+            "Both --github-actions and --gcp flags cannot be set at the same time.",
+            fg="red",
+        )
+        sys.exit(1)
 
     if jwt_token == "":
+        if github_actions:
+            jwt_token = get_gha_jwt(audience)
+        elif gcp:
+            jwt_token = get_gcp_jwt(audience, gcp_service_account_toke_file_path)
+    else:
         click.secho(
-            "No JWT token provided. Please provider either a valid jwt token or set --github-actions",
+            "No JWT token provided. Please provider either a valid jwt token or set --github-actions or --gcp flag.",
             fg="red",
         )
         sys.exit(1)

outerbounds/command_groups/tutorials_cli.py

@@ -0,0 +1,111 @@
+import os
+from outerbounds._vendor import click
+import requests
+
+import tarfile
+import hashlib
+import tempfile
+
+
+@click.group()
+def cli(**kwargs):
+    pass
+
+
+@click.group(help="Manage tutorials curated by Outerbounds.", hidden=True)
+def tutorials(**kwargs):
+    pass
+
+
+@tutorials.command(help="Pull Outerbounds tutorials.")
+@click.option(
+    "--url",
+    required=True,
+    help="URL to pull the tutorials from.",
+    type=str,
+)
+@click.option(
+    "--destination-dir",
+    help="Show output in the specified format.",
+    type=str,
+    required=True,
+)
+@click.option(
+    "--force-overwrite",
+    is_flag=True,
+    help="Overwrite all existing files across all tutorials.",
+    type=bool,
+    required=False,
+    default=False,
+)
+def pull(url="", destination_dir="", force_overwrite=False):
+    try:
+        secure_download_and_extract(
+            url, destination_dir, force_overwrite=force_overwrite
+        )
+        click.secho("Tutorials pulled successfully.", fg="green", err=True)
+    except Exception as e:
+        print(e)
+        click.secho(f"Failed to pull tutorials: {e}", fg="red", err=True)
+
+
+def secure_download_and_extract(
+    url, dest_dir, expected_hash=None, force_overwrite=False
+):
+    """
+    Download a tar.gz file from a URL, verify its integrity, and extract its contents.
+
+    :param url: URL of the tar.gz file to download
+    :param dest_dir: Destination directory to extract the contents
+    :param expected_hash: Expected SHA256 hash of the file (optional)
+    """
+
+    with tempfile.TemporaryDirectory() as temp_dir:
+        temp_file = os.path.join(
+            temp_dir, hashlib.md5(url.encode()).hexdigest() + ".tar.gz"
+        )
+
+        # Download the file
+        try:
+            response = requests.get(url, stream=True, verify=True)
+            response.raise_for_status()
+
+            with open(temp_file, "wb") as f:
+                for chunk in response.iter_content(chunk_size=8192):
+                    f.write(chunk)
+        except requests.exceptions.RequestException as e:
+            raise Exception(f"Failed to download file: {e}")
+
+        if expected_hash:
+            with open(temp_file, "rb") as f:
+                file_hash = hashlib.sha256(f.read()).hexdigest()
+            if file_hash != expected_hash:
+                raise Exception("File integrity check failed")
+
+        os.makedirs(dest_dir, exist_ok=True)
+
+        try:
+            with tarfile.open(temp_file, "r:gz") as tar:
+                # Keep track of new journeys to extract.
+                to_extract = []
+                members = tar.getmembers()
+                for member in members:
+                    member_path = os.path.join(dest_dir, member.name)
+                    # Check for any files trying to write outside the destination
+                    if not os.path.abspath(member_path).startswith(
+                        os.path.abspath(dest_dir)
+                    ):
+                        raise Exception("Attempted path traversal in tar file")
+                    if not os.path.exists(member_path):
+                        # The user might have modified the existing files, leave them untouched.
+                        to_extract.append(member)
+
+                if force_overwrite:
+                    tar.extractall(path=dest_dir)
+                else:
+                    tar.extractall(path=dest_dir, members=to_extract)
+        except tarfile.TarError as e:
+            raise Exception(f"Failed to extract tar file: {e}")
+
+
+cli.add_command(tutorials, name="tutorials")

{outerbounds-0.3.92.dist-info → outerbounds-0.3.93.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: outerbounds
-Version: 0.3.92
+Version: 0.3.93
 Summary: More Data Science, Less Administration
 License: Proprietary
 Keywords: data science,machine learning,MLOps

{outerbounds-0.3.92.dist-info → outerbounds-0.3.93.dist-info}/RECORD

@@ -41,10 +41,11 @@ outerbounds/_vendor/yaml/serializer.py,sha256=8wFZRy9SsQSktF_f9OOroroqsh4qVUe53r
 outerbounds/_vendor/yaml/tokens.py,sha256=JBSu38wihGr4l73JwbfMA7Ks1-X84g8-NskTz7KwPmA,2578
 outerbounds/cli_main.py,sha256=e9UMnPysmc7gbrimq2I4KfltggyU7pw59Cn9aEguVcU,74
 outerbounds/command_groups/__init__.py,sha256=QPWtj5wDRTINDxVUL7XPqG3HoxHNvYOg08EnuSZB2Hc,21
-outerbounds/command_groups/apps_cli.py,sha256=XdGRitYWyKGDZXlGSbcP7U6F3DclqzgBG7ZGuZK8tzY,19361
-outerbounds/command_groups/cli.py,sha256=3NyxnczfANtxKh-KnJHGWAEC5akdXux_hylfGXTs2A0,362
-outerbounds/command_groups/local_setup_cli.py,sha256=tuuqJRXQ_guEwOuQSIf9wkUU0yg8yAs31myGViAK15s,36364
+outerbounds/command_groups/apps_cli.py,sha256=k3zsBh7GupBqM5sbEU8OHSC1TBVdTBJybvPX4DX5Ack,20052
+outerbounds/command_groups/cli.py,sha256=q0hdJO4biD3iEOdyJcxnRkeleA8AKAhx842kQ49I6kk,365
+outerbounds/command_groups/local_setup_cli.py,sha256=AgK4fe-q1uRm20OsMGFGDezheGOPMBoESC98JT9HzqQ,39046
 outerbounds/command_groups/perimeters_cli.py,sha256=mrJfFIRYFOjuiz-9h4OKg2JT8Utmbs72z6wvPzDss3s,18685
+outerbounds/command_groups/tutorials_cli.py,sha256=UInFyiMqtscHFfi8YQwiY_6Sdw9quJOtRu5OukEBccw,3522
 outerbounds/command_groups/workstations_cli.py,sha256=V5Jbj1cVb4IRllI7fOgNgL6OekRpuFDv6CEhDb4xC6w,22016
 outerbounds/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 outerbounds/utils/kubeconfig.py,sha256=yvcyRXGR4AhQuqUDqmbGxEOHw5ixMFV0AZIDg1LI_Qo,7981
@@ -52,7 +53,7 @@ outerbounds/utils/metaflowconfig.py,sha256=l2vJbgPkLISU-XPGZFaC8ZKmYFyJemlD6bwB-
 outerbounds/utils/schema.py,sha256=lMUr9kNgn9wy-sO_t_Tlxmbt63yLeN4b0xQXbDUDj4A,2331
 outerbounds/utils/utils.py,sha256=4Z8cszNob_8kDYCLNTrP-wWads_S_MdL3Uj3ju4mEsk,501
 outerbounds/vendor.py,sha256=gRLRJNXtZBeUpPEog0LOeIsl6GosaFFbCxUvR4bW6IQ,5093
-outerbounds-0.3.92.dist-info/entry_points.txt,sha256=7ye0281PKlvqxu15rjw60zKg2pMsXI49_A8BmGqIqBw,47
-outerbounds-0.3.92.dist-info/WHEEL,sha256=vVCvjcmxuUltf8cYhJ0sJMRDLr1XsPuxEId8YDzbyCY,88
-outerbounds-0.3.92.dist-info/METADATA,sha256=enOUPH2DJjaqvzpywbTNnD1aosIzZq8JlsBne9w84o8,1632
-outerbounds-0.3.92.dist-info/RECORD,,
+outerbounds-0.3.93.dist-info/entry_points.txt,sha256=7ye0281PKlvqxu15rjw60zKg2pMsXI49_A8BmGqIqBw,47
+outerbounds-0.3.93.dist-info/WHEEL,sha256=vVCvjcmxuUltf8cYhJ0sJMRDLr1XsPuxEId8YDzbyCY,88
+outerbounds-0.3.93.dist-info/METADATA,sha256=DbAq4c18up77upq4UVgOtzl1AL_cjHkdUC1SBHnx0os,1632
+outerbounds-0.3.93.dist-info/RECORD,,