primitive 0.2.58__py3-none-any.whl → 0.2.60__py3-none-any.whl

primitive/__about__.py

@@ -1,4 +1,4 @@
 # SPDX-FileCopyrightText: 2025-present Dylan Stein <dylan@primitive.tech>
 #
 # SPDX-License-Identifier: MIT
-__version__ = "0.2.58"
+__version__ = "0.2.60"

primitive/client.py

@@ -5,6 +5,8 @@ from loguru import logger
 from rich.logging import RichHandler
 from rich.traceback import install
 
+from primitive.messaging.provider import MessagingProvider
+
 from .agent.actions import Agent
 from .auth.actions import Auth
 from .daemons.actions import Daemons
@@ -80,6 +82,8 @@ class Primitive:
         else:
             self.host_config = {"username": "", "token": token, "transport": transport}
 
+        self.messaging: MessagingProvider = MessagingProvider(self)
+
         self.auth: Auth = Auth(self)
         self.organizations: Organizations = Organizations(self)
         self.projects: Projects = Projects(self)

primitive/files/actions.py

@@ -124,15 +124,39 @@ class Files(BaseAction):
         return result
 
     @guard
-    def get_file(self, file_id: Optional[str] = None):
+    def files(
+        self,
+        file_id: Optional[str] = None,
+        file_name: Optional[str] = None,
+        organization_id: Optional[str] = None,
+        organization_slug: Optional[str] = None,
+    ):
         query = gql(files_list)
 
         filters = {}
+        if not organization_id and not organization_slug:
+            whoami_result = self.primitive.auth.whoami()
+            default_organization = whoami_result.data["whoami"]["defaultOrganization"]
+            organization_id = default_organization["id"]
+            logger.info(
+                f"Using default organization ID: {default_organization.get('slug')} ({organization_id})"
+            )
+        if organization_slug and not organization_id:
+            organization = self.primitive.organizations.get_organization(
+                slug=organization_slug
+            )
+            organization_id = organization.get("id")
+
+        if organization_id:
+            filters["organization"] = {"id": organization_id}
+
         if file_id:
-            filters["id"] = {"exact": file_id}
+            filters["id"] = file_id
+        if file_name:
+            filters["fileName"] = {"exact": file_name}
 
         variables = {
-            "first": 1,
+            "first": 25,
             "filters": filters,
         }
         result = self.primitive.session.execute(
@@ -242,9 +266,9 @@ class Files(BaseAction):
             file_id = pending_file_create.get("id")
             parts_details = pending_file_create.get("partsDetails")
         else:
-            get_file_result = self.get_file(file_id)
+            file_result = self.files(file_id=file_id)
             parts_details = (
-                get_file_result.data.get("files")
+                file_result.data.get("files")
                 .get("edges")[0]
                 .get("node")
                 .get("partsDetails")
@@ -340,14 +364,56 @@ class Files(BaseAction):
             "fileObject": (path.name, open(path, "rb")),
         }
 
-        session = create_requests_session(self.primitive.host_config)
+        session = create_requests_session(host_config=self.primitive.host_config)
         transport = self.primitive.host_config.get("transport")
         url = f"{transport}://{self.primitive.host}/"
         response = session.post(url, files=body)
         return response
 
-    def get_presigned_url(self, file_pk: str):
+    def get_presigned_url(self, file_pk: str) -> str:
         transport = self.primitive.host_config.get("transport")
         host = self.primitive.host_config.get("host")
         file_access_url = f"{transport}://{host}/files/{file_pk}/presigned-url/"
         return file_access_url
+
+    def download_file(
+        self,
+        file_name: str = "",
+        file_id: str = "",
+        organization_id: str = "",
+        organization_slug: str = "",
+        output_path: Path = Path().cwd(),
+    ) -> Path:
+        file_pk = None
+
+        files_result = self.primitive.files.files(
+            file_id=file_id,
+            file_name=file_name,
+            organization_id=organization_id,
+            organization_slug=organization_slug,
+        )
+        if files_data := files_result.data:
+            file = files_data["files"]["edges"][0]["node"]
+            file_pk = file["pk"]
+            file_name = file["fileName"]
+
+        if not file_pk:
+            raise Exception(
+                "File not found on remote server. Please check file name or file id"
+            )
+
+        session = create_requests_session(host_config=self.primitive.host_config)
+        transport = self.primitive.host_config.get("transport")
+        url = f"{transport}://{self.primitive.host}/files/{file_pk}/stream/"
+
+        downloaded_file = output_path / file_name
+
+        with session.get(url, stream=True) as response:
+            response.raise_for_status()
+            with open(downloaded_file, "wb") as partial_downloaded_file:
+                for chunk in response.iter_content(chunk_size=8192):
+                    if chunk:
+                        partial_downloaded_file.write(chunk)
+                        partial_downloaded_file.flush()
+
+        return downloaded_file

primitive/files/commands.py

@@ -4,6 +4,8 @@ from pathlib import Path
 
 import click
 
+from primitive.files.ui import render_files_table
+
 from ..utils.printer import print_result
 
 if typing.TYPE_CHECKING:
@@ -22,7 +24,7 @@ def cli(context):
 @click.argument("path", type=click.Path(exists=True))
 @click.option("--public", "-p", help="Is this a Public file", is_flag=True)
 @click.option("--key-prefix", "-k", help="Key Prefix", default="")
-@click.option("--direct", "-k", help="direct", is_flag=True)
+@click.option("--direct", help="direct", is_flag=True)
 def file_upload_command(context, path, public, key_prefix, direct):
     """File Upload"""
     primitive: Primitive = context.obj.get("PRIMITIVE")
@@ -36,8 +38,63 @@ def file_upload_command(context, path, public, key_prefix, direct):
             path, is_public=public, key_prefix=key_prefix
         )
     try:
-        message = json.dumps(result.data)
+        message = json.dumps(result.json())
     except AttributeError:
         message = "File Upload Failed"
 
     print_result(message=message, context=context)
+
+
+@cli.command("download")
+@click.pass_context
+@click.option("--file-id", help="File ID", required=False)
+@click.option("--file-name", help="File Name", required=False)
+@click.option("--output", help="Output Path", required=False, type=click.Path())
+@click.option("--organization-id", help="Organization ID", required=False)
+@click.option("--organization", help="Organization Slug", required=False)
+def file_download_command(
+    context,
+    file_id=None,
+    file_name=None,
+    output=None,
+    organization_id=None,
+    organization=None,
+):
+    """File Download"""
+    primitive: Primitive = context.obj.get("PRIMITIVE")
+
+    if not file_id and not file_name:
+        raise click.UsageError("Either --id or --file-name must be provided.")
+
+    if not output:
+        output = Path().cwd()
+    else:
+        output = Path(output)
+
+    downloaded_file = primitive.files.download_file(
+        output_path=output,
+        file_id=file_id,
+        file_name=file_name,
+        organization_id=organization_id,
+        organization_slug=organization,
+    )
+    print_result(message=f"File downloaded to {downloaded_file}", context=context)
+
+
+@cli.command("list")
+@click.pass_context
+@click.option("--organization-id", help="Organization ID", required=False)
+@click.option("--organization", help="Organization Slug", required=False)
+def list_command(context, organization_id=None, organization=None):
+    """List Files"""
+    primitive: Primitive = context.obj.get("PRIMITIVE")
+    files_result = primitive.files.files(
+        organization_id=organization_id, organization_slug=organization
+    )
+
+    files = [file.get("node") for file in files_result.data.get("files").get("edges")]
+
+    if context.obj["JSON"]:
+        print_result(message=files, context=context)
+    else:
+        render_files_table(files)

primitive/files/graphql/fragments.py

@@ -4,7 +4,11 @@ fragment FileFragment on File {
   pk
   createdAt
   updatedAt
-  createdBy
+  createdBy {
+    id
+    pk
+    username
+  }
   location
   fileName
   fileSize
@@ -13,6 +17,5 @@ fragment FileFragment on File {
   isComplete
   partsDetails
   humanReadableMemorySize
-  contents
 }
 """

primitive/files/ui.py

@@ -0,0 +1,37 @@
+from rich.console import Console
+from rich.table import Table
+
+
+def render_files_table(file_list) -> None:
+    console = Console()
+
+    table = Table(show_header=True, header_style="bold #FFA800")
+    table.add_column("File Name")
+    table.add_column("File ID")
+    table.add_column("File Size (bytes)", justify="right")
+
+    for file in file_list:
+        file_name = file.get("fileName")
+        file_id = file.get("id")
+        file_size = file.get("fileSize")
+
+        table.add_row(
+            file_name,
+            file_id,
+            file_size,
+        )
+
+    console.print(table)
+
+
+def file_status_string(file) -> str:
+    if file.get("isQuarantined"):
+        return "Quarantined"
+    if not file.get("isOnline"):
+        return "Offline"
+    if not file.get("isHealthy"):
+        return "Not healthy"
+    if not file.get("isAvailable"):
+        return "Not available"
+    else:
+        return "Available"

primitive/graphql/sdk.py

@@ -26,7 +26,7 @@ def create_session(
     if fingerprint:
         headers["x-primitive-fingerprint"] = fingerprint
 
-    transport = AIOHTTPTransport(url=url, headers=headers)
+    transport = AIOHTTPTransport(url=url, headers=headers, ssl=True)
     session = Client(
         transport=transport,
         fetch_schema_from_transport=fetch_schema_from_transport,

primitive/hardware/actions.py

@@ -4,15 +4,18 @@ import json
 import platform
 import subprocess
 import typing
+from dataclasses import dataclass
 from shutil import which
 from typing import Dict, List, Optional
 
 import click
+import psutil
 from aiohttp import client_exceptions
 from gql import gql
 from loguru import logger
 
 from primitive.graphql.relay import from_base64
+from primitive.messaging.provider import MESSAGE_TYPES
 from primitive.utils.memory_size import MemorySize
 
 from ..utils.auth import guard
@@ -24,6 +27,7 @@ from .graphql.mutations import (
     register_child_hardware_mutation,
     register_hardware_mutation,
     unregister_hardware_mutation,
+    hardware_certificate_create_mutation,
 )
 from .graphql.queries import (
     hardware_details,
@@ -31,6 +35,7 @@ from .graphql.queries import (
     nested_children_hardware_list,
 )
 
+
 if typing.TYPE_CHECKING:
     pass
 
@@ -40,6 +45,12 @@ from primitive.utils.actions import BaseAction
 from primitive.utils.shell import does_executable_exist
 
 
+@dataclass
+class CertificateCreateResult:
+    certificate_id: str
+    certificate_pem: str
+
+
 class Hardware(BaseAction):
     def __init__(self, *args, **kwargs) -> None:
         super().__init__(*args, **kwargs)
@@ -280,6 +291,48 @@ class Hardware(BaseAction):
         system_info["gpu_config"] = self._get_gpu_config()
         return system_info
 
+    @guard
+    def certificate_create(
+        self, hardware_id: str, csr_pem: str
+    ) -> CertificateCreateResult:
+        mutation = gql(hardware_certificate_create_mutation)
+        variables = {
+            "input": {
+                "hardwareId": hardware_id,
+                "csrPem": csr_pem,
+            }
+        }
+
+        if not self.primitive.session:
+            raise Exception("No active session available for certificate creation")
+
+        result = self.primitive.session.execute(
+            mutation,
+            variable_values=variables,
+            get_execution_result=True,
+        )
+
+        if result.errors:
+            message = " ".join([error.message for error in result.errors])
+            raise Exception(message)
+
+        if not result.data:
+            raise Exception(
+                "No data received from hardware certificate creation request"
+            )
+
+        hardware_certificate_create = result.data["hardwareCertificateCreate"]
+
+        if hardware_certificate_create["__typename"] == "OperationInfo":
+            messages = hardware_certificate_create["messages"]
+            message = " ".join([error["message"] for error in messages])
+            raise Exception(message)
+
+        return CertificateCreateResult(
+            certificate_id=hardware_certificate_create["id"],
+            certificate_pem=hardware_certificate_create["certificatePem"],
+        )
+
     @guard
     def register(self, organization_id: Optional[str] = None):
         system_info = self.get_system_info()
@@ -375,6 +428,24 @@ class Hardware(BaseAction):
 
         return result
 
+    def check_in(
+        self,
+        is_healthy: bool = True,
+        is_quarantined: bool = False,
+        is_available: bool = False,
+        is_online: bool = True,
+        stopping_agent: Optional[bool] = False,
+    ):
+        message = {
+            "is_healthy": is_healthy,
+            "is_quarantined": is_quarantined,
+            "is_available": is_available,
+            "is_online": is_online,
+        }
+        self.primitive.messaging.send_message(
+            message_type=MESSAGE_TYPES.CHECK_IN, message=message
+        )
+
     @guard
     def check_in_http(
         self,
@@ -667,3 +738,29 @@ class Hardware(BaseAction):
 
         except Exception as exception:
             logger.exception(f"Error checking in children: {exception}")
+
+    def push_metrics(self):
+        if self.primitive.messaging.ready:
+            self.primitive.messaging.send_message(
+                message_type=MESSAGE_TYPES.METRICS,
+                message=self.get_metrics(),
+            )
+
+    def get_metrics(self):
+        cpu_percent = psutil.cpu_percent(interval=1, percpu=False)
+        virtual_memory = psutil.virtual_memory()
+        disk_usage = psutil.disk_usage("/")
+
+        metrics = {
+            "cpu_percent": cpu_percent,
+            "memory_percent": virtual_memory.percent,
+            "memory_total": virtual_memory.total,
+            "memory_available": virtual_memory.available,
+            "memory_used": virtual_memory.used,
+            "memory_free": virtual_memory.free,
+            "disk_percent": disk_usage.percent,
+            "disk_total": disk_usage.total,
+            "disk_used": disk_usage.used,
+            "disk_free": disk_usage.free,
+        }
+        return metrics

primitive/hardware/commands.py

@@ -1,15 +1,18 @@
+from time import sleep
 from typing import TYPE_CHECKING, Optional
 
 import click
-
-from ..utils.printer import print_result
-from .ui import render_hardware_table
+from loguru import logger
+from primitive.utils.printer import print_result
+from primitive.hardware.ui import render_hardware_table
+from primitive.utils.x509 import (
+    generate_csr_pem,
+    write_certificate_pem,
+)
 
 if TYPE_CHECKING:
     from ..client import Primitive
 
-from loguru import logger
-
 
 @click.group()
 @click.pass_context
@@ -33,8 +36,17 @@ def systeminfo_command(context):
     type=str,
     help="Organization [slug] to register hardware with",
 )
+@click.option(
+    "--issue-certificate",
+    is_flag=True,
+    show_default=True,
+    default=False,
+    help="Issue certificate.",
+)
 @click.pass_context
-def register_command(context, organization: Optional[str] = None):
+def register_command(
+    context, organization: Optional[str] = None, issue_certificate: bool = False
+):
     """Register Hardware with Primitive"""
     primitive: Primitive = context.obj.get("PRIMITIVE")
 
@@ -47,14 +59,30 @@ def register_command(context, organization: Optional[str] = None):
         logger.info("Registering hardware with the default organization.")
 
     result = primitive.hardware.register(organization_id=organization_id)
-    color = "green" if result else "red"
-    if result.data.get("registerHardware"):
-        message = "Hardware registered successfully"
-    else:
-        message = (
-            "There was an error registering this device. Please review the above logs."
+    hardware = result.data.get("registerHardware")
+
+    if not hardware:
+        print_result(
+            fg="red",
+            context=context,
+            message="There was an error registering this device. Please review the above logs.",
         )
-    print_result(message=message, context=context, fg=color)
+        return
+
+    if issue_certificate:
+        certificate = primitive.hardware.certificate_create(
+            hardware_id=hardware["id"],
+            csr_pem=generate_csr_pem(
+                hardware_id=hardware["pk"],
+            ),
+        )
+        write_certificate_pem(certificate.certificate_pem)
+
+    print_result(
+        fg="green",
+        context=context,
+        message="Hardware registered successfully.",
+    )
 
 
 @cli.command("unregister")
@@ -77,12 +105,7 @@ def unregister_command(context):
 def checkin_command(context):
     """Checkin Hardware with Primitive"""
     primitive: Primitive = context.obj.get("PRIMITIVE")
-    check_in_http_result = primitive.hardware.check_in_http()
-    if messages := check_in_http_result.data.get("checkIn").get("messages"):
-        print_result(message=messages, context=context, fg="yellow")
-    else:
-        message = "Hardware checked in successfully"
-        print_result(message=message, context=context, fg="green")
+    primitive.hardware.check_in()
 
 
 @cli.command("list")
@@ -125,3 +148,17 @@ def get_command(context, hardware_identifier: str) -> None:
         return
     else:
         render_hardware_table([hardware])
+
+
+@cli.command("metrics")
+@click.pass_context
+@click.option("--watch", is_flag=True, help="Watch hardware metrics")
+def metrics_command(context, watch: bool = False) -> None:
+    """Get Hardware Metrics"""
+    primitive: Primitive = context.obj.get("PRIMITIVE")
+    if watch:
+        while True:
+            print_result(message=primitive.hardware.get_metrics(), context=context)
+            sleep(1)
+    else:
+        print_result(message=primitive.hardware.get_metrics(), context=context)

primitive/hardware/graphql/mutations.py

@@ -1,11 +1,29 @@
 from primitive.graphql.utility_fragments import operation_info_fragment
 
+hardware_certificate_create_mutation = (
+    operation_info_fragment
+    + """
+mutation hardwareCertificateCreate($input: HardwareCertificateCreateInput!) {
+    hardwareCertificateCreate(input: $input) {
+        __typename
+        ... on HardwareCertificate {
+            id
+            certificatePem
+        }
+        ...OperationInfoFragment
+    }
+}
+"""
+)
+
 register_hardware_mutation = (
     operation_info_fragment
     + """
 mutation registerHardware($input: RegisterHardwareInput!) {
     registerHardware(input: $input) {
         ... on Hardware {
+            id
+            pk
             fingerprint
         }
         ...OperationInfoFragment

primitive/jobs/actions.py

@@ -54,6 +54,7 @@ class Jobs(BaseAction):
         jobs = [edge["node"] for edge in result.data["jobs"]["edges"]]
         return jobs
 
+    @guard
     def get_job_runs(
         self,
         organization_id: Optional[str] = None,

primitive/messaging/provider.py

@@ -0,0 +1,127 @@
+import enum
+import json
+from datetime import datetime, timezone
+from typing import TYPE_CHECKING
+from uuid import uuid4
+import pika
+from pika import credentials
+from ..utils.x509 import (
+    are_certificate_files_present,
+    create_ssl_context,
+    read_certificate_common_name,
+)
+from loguru import logger
+
+from primitive.utils.actions import BaseAction
+
+if TYPE_CHECKING:
+    import primitive.client
+
+EXCHANGE = "hardware"
+ROUTING_KEY = "hardware"
+VIRTUAL_HOST = "primitive"
+CELERY_TASK_NAME = "hardware.tasks.task_receive_hardware_message"
+
+
+class MESSAGE_TYPES(enum.Enum):
+    CHECK_IN = "CHECK_IN"
+    METRICS = "METRICS"
+
+
+class MessagingProvider(BaseAction):
+    def __init__(self, primitive: "primitive.client.Primitive") -> None:
+        super().__init__(primitive=primitive)
+        self.ready = False
+
+        self.fingerprint = self.primitive.host_config.get("fingerprint", None)
+        if not self.fingerprint:
+            return
+        self.token = self.primitive.host_config.get("token", None)
+        if not self.token:
+            return
+
+        rabbitmq_host = "rabbitmq-cluster.primitive.tech"
+        RABBITMQ_PORT = 443
+
+        if primitive.host == "api.dev.primitive.tech":
+            rabbitmq_host = "rabbitmq-cluster.dev.primitive.tech"
+        elif primitive.host == "api.primitive.tech":
+            rabbitmq_host = "rabbitmq-cluster.primitive.tech"
+        elif primitive.host == "api.staging.primitive.tech":
+            rabbitmq_host = "rabbitmq-cluster.staging.primitive.tech"
+        elif primitive.host == "api.test.primitive.tech":
+            rabbitmq_host = "rabbitmq-cluster.test.primitive.tech"
+        elif primitive.host == "localhost:8000":
+            rabbitmq_host = "localhost"
+            RABBITMQ_PORT = 5671
+
+        if not are_certificate_files_present():
+            logger.warning(
+                "Certificate files not present or incomplete. MessagingProvider not initialized."
+            )
+            return
+
+        ssl_context = create_ssl_context()
+        ssl_options = pika.SSLOptions(ssl_context)
+        self.common_name = read_certificate_common_name()
+
+        self.parameters = pika.ConnectionParameters(
+            host=rabbitmq_host,
+            port=RABBITMQ_PORT,
+            virtual_host=VIRTUAL_HOST,
+            ssl_options=ssl_options,
+            credentials=credentials.ExternalCredentials(),
+        )
+
+        self.ready = True
+
+    def send_message(self, message_type: MESSAGE_TYPES, message: dict[str, any]):  # type: ignore
+        if not self.ready:
+            logger.warning(
+                "send_message: cannot send message. MessagingProvider not initialized."
+            )
+            return
+
+        body = {
+            "timestamp": datetime.now(timezone.utc).isoformat(),
+            "message_type": message_type.value,
+            "message": message,
+        }
+
+        full_body_for_celery = [
+            [],
+            body,
+            {"callbacks": None, "errbacks": None, "chain": None, "chord": None},
+        ]
+        with pika.BlockingConnection(parameters=self.parameters) as conn:
+            message_uuid = str(uuid4())
+            channel = conn.channel()
+
+            headers = {
+                "fingerprint": self.fingerprint,
+                "token": self.token,
+                "argsrepr": "()",
+                "id": message_uuid,
+                "ignore_result": False,
+                "kwargsrepr": str(body),
+                "lang": "py",
+                "replaced_task_nesting": 0,
+                "retries": 0,
+                "root_id": message_uuid,
+                "task": CELERY_TASK_NAME,
+            }
+
+            channel.basic_publish(
+                exchange=EXCHANGE,
+                routing_key=ROUTING_KEY,
+                body=json.dumps(full_body_for_celery),
+                properties=pika.BasicProperties(
+                    user_id=self.common_name,
+                    correlation_id=message_uuid,
+                    priority=0,
+                    delivery_mode=2,
+                    headers=headers,
+                    content_encoding="utf-8",
+                    content_type="application/json",
+                ),
+            )

primitive/monitor/actions.py

@@ -67,6 +67,8 @@ class Monitor(BaseAction):
                 # handles cleanup of old reservations
                 # obtains an active JobRun's ID
                 if not RUNNING_IN_CONTAINER:
+                    # self.primitive.hardware.push_metrics()
+
                     hardware = self.primitive.hardware.get_own_hardware_details()
                     # fetch the latest hardware and activeReservation details
                     if active_reservation_data := hardware["activeReservation"]:

primitive/utils/actions.py

@@ -1,6 +1,6 @@
-import typing
+from typing import TYPE_CHECKING
 
-if typing.TYPE_CHECKING:
+if TYPE_CHECKING:
     import primitive.client
 
 

primitive/utils/printer.py

@@ -4,7 +4,7 @@ import click
 from loguru import logger
 
 
-def print_result(message: str, context: click.Context, fg: str = None):
+def print_result(message: str | dict, context: click.Context, fg: str = None):
     """Print message to stdout or stderr"""
     if context.obj["DEBUG"]:
         logger.info(json.dumps(message))

primitive/utils/x509.py

@@ -0,0 +1,140 @@
+import ssl
+from pathlib import Path
+from loguru import logger
+
+from cryptography.hazmat.primitives import serialization, hashes
+from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography import x509
+from cryptography.x509.oid import NameOID
+
+PrivateKey = ec.EllipticCurvePrivateKey
+
+HOME_DIRECTORY = Path.home()
+
+PRIVATE_KEY_PATH = Path(HOME_DIRECTORY / ".config" / "primitive" / "private-key.pem")
+CERTIFICATE_PATH = Path(HOME_DIRECTORY / ".config" / "primitive" / "certificate.pem")
+
+# NOTE Only used with self-signed server certificate
+# THIS IS FOR LOCAL TESTING
+SELF_SIGNED_SERVER_CA_PATH = Path(
+    HOME_DIRECTORY / ".config" / "primitive" / "server-ca.crt.pem"
+)
+
+
+def are_certificate_files_present() -> bool:
+    return PRIVATE_KEY_PATH.exists() and CERTIFICATE_PATH.exists()
+
+
+def generate_private_key() -> PrivateKey:
+    return ec.generate_private_key(
+        curve=ec.SECP521R1(),
+    )
+
+
+def read_certificate() -> x509.Certificate:
+    cert = x509.load_pem_x509_certificate(CERTIFICATE_PATH.read_bytes())
+    return cert
+
+
+def read_certificate_common_name() -> str:
+    cert = read_certificate()
+
+    names = cert.subject.get_attributes_for_oid(NameOID.COMMON_NAME)
+
+    return str(names[0].value)
+
+
+def create_ssl_context() -> ssl.SSLContext:
+    context = ssl.create_default_context(
+        cafile=SELF_SIGNED_SERVER_CA_PATH
+        if SELF_SIGNED_SERVER_CA_PATH.exists()
+        else None,
+        purpose=ssl.Purpose.SERVER_AUTH,
+    )
+    context.load_cert_chain(
+        certfile=CERTIFICATE_PATH,
+        keyfile=PRIVATE_KEY_PATH,
+    )
+
+    return context
+
+
+def read_private_key() -> PrivateKey:
+    private_key = serialization.load_pem_private_key(
+        data=PRIVATE_KEY_PATH.read_bytes(),
+        password=None,
+    )
+
+    if not isinstance(private_key, PrivateKey):
+        raise Exception(
+            f"Expected private key type {PrivateKey.__name__}, got {type(private_key).__name__}"
+        )
+
+    return private_key
+
+
+def ensure_private_key() -> PrivateKey:
+    private_key_path = PRIVATE_KEY_PATH
+
+    if private_key_path.exists():
+        private_key = read_private_key()
+    else:
+        logger.info("Generating private key.")
+
+        private_key = generate_private_key()
+
+        with private_key_path.open("wb") as f:
+            f.write(
+                private_key.private_bytes(
+                    encoding=serialization.Encoding.PEM,
+                    format=serialization.PrivateFormat.PKCS8,
+                    encryption_algorithm=serialization.NoEncryption(),
+                )
+            )
+
+    return private_key
+
+
+def write_certificate_pem(certificate_pem: str):
+    CERTIFICATE_PATH.write_text(
+        data=certificate_pem,
+        encoding="utf-8",
+    )
+
+
+def check_certificate():
+    try:
+        if CERTIFICATE_PATH.exists():
+            with CERTIFICATE_PATH.open("rb") as file:
+                private_key = read_private_key()
+                crt = x509.load_pem_x509_certificate(file.read())
+
+                # NOTE: Make sure certificate match private key
+                return crt.public_key() == private_key.public_key()
+    except Exception:
+        return False
+
+    return False
+
+
+def generate_csr_pem(hardware_id: str) -> str:
+    builder = x509.CertificateSigningRequestBuilder()
+    builder = builder.subject_name(
+        x509.Name(
+            [
+                x509.NameAttribute(NameOID.COMMON_NAME, hardware_id),
+            ]
+        )
+    )
+    builder = builder.add_extension(
+        x509.BasicConstraints(ca=False, path_length=None),
+        critical=True,
+    )
+    csr = builder.sign(
+        algorithm=hashes.SHA512(),
+        private_key=ensure_private_key(),
+    )
+
+    return csr.public_bytes(encoding=serialization.Encoding.PEM).decode(
+        encoding="utf-8", errors="strict"
+    )

{primitive-0.2.58.dist-info → primitive-0.2.60.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: primitive
-Version: 0.2.58
+Version: 0.2.60
 Project-URL: Documentation, https://github.com//primitivecorp/primitive-cli#readme
 Project-URL: Issues, https://github.com//primitivecorp/primitive-cli/issues
 Project-URL: Source, https://github.com//primitivecorp/primitive-cli
@@ -22,6 +22,7 @@ Requires-Dist: click
 Requires-Dist: gql[all]
 Requires-Dist: loguru
 Requires-Dist: paramiko[invoke]
+Requires-Dist: pika>=1.3.2
 Requires-Dist: psutil>=7.0.0
 Requires-Dist: rich>=13.9.4
 Requires-Dist: speedtest-cli

{primitive-0.2.58.dist-info → primitive-0.2.60.dist-info}/RECORD

@@ -1,7 +1,7 @@
-primitive/__about__.py,sha256=sJwLEcIrjInX1UruXeXYv5PNiQHV2nDo_D6fBYLaMyc,130
+primitive/__about__.py,sha256=PQj7AICmnMMGLJ9kvGOHRMY1k1xLtWYcSN-xiyaE_qY,130
 primitive/__init__.py,sha256=bwKdgggKNVssJFVPfKSxqFMz4IxSr54WWbmiZqTMPNI,106
 primitive/cli.py,sha256=g7EtHI9MATAB0qQu5w-WzbXtxz_8zu8z5E7sETmMkKU,2509
-primitive/client.py,sha256=RMF46F89oK82gfZH6Bf0WZrhXPUu01pbieSO_Vcuoc4,3624
+primitive/client.py,sha256=gyZIj61qMtOi_s8y0WG3gDehGT-Ms3BtbDP2J_2lajU,3753
 primitive/agent/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 primitive/agent/actions.py,sha256=f1sSDdFHOflfGQCwNJ5P51YWUTKs8EK5YXbMAvZ-KMM,8018
 primitive/agent/commands.py,sha256=o847pK7v7EWQGG67tky6a33qtwoutX6LZrP2FIS_NOk,388
@@ -23,10 +23,11 @@ primitive/exec/actions.py,sha256=4d_TCjNDcVFoZ9Zw7ZuBa6hKMv2Xzm7_UX_8wcX1aSk,412
 primitive/exec/commands.py,sha256=66LO2kkJC-ynNZQpUCXv4Ol15QoacdSZAHblePDcmLo,510
 primitive/exec/interactive.py,sha256=TscY6s2ZysijidKPheq6y-fCErUVLS0zcdTW8XyFWGI,2435
 primitive/files/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-primitive/files/actions.py,sha256=jvsBivYBmPeqb6Ge7gECm_x20AFUL7UYPGJJFmoCeOM,12409
-primitive/files/commands.py,sha256=ZNW4y8JZF1li7P5ej1r-Xcqu0iGpRRlMYvthuZOLLbQ,1163
+primitive/files/actions.py,sha256=tuf5PXgNrcxegfzC-CZ6r3iWBkQV9gxZpALU-hjyGpY,14865
+primitive/files/commands.py,sha256=-U0ArpZXDWltmkELG2SYIOLbaiMC6Zv24X9zZ29aqCE,3021
+primitive/files/ui.py,sha256=lYnfu6gnZ5f-C28wps_egVDz8tdjL5P4361uxpSyfvY,919
 primitive/files/graphql/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-primitive/files/graphql/fragments.py,sha256=II6WHZjzSqX4IELwdiWokqHTKvDq6mMHF5gp3rLnj3U,231
+primitive/files/graphql/fragments.py,sha256=h_Gfi1a3o1_tTJfvW_HUvWmeo3VSSMcj38ObcUv7X7c,253
 primitive/files/graphql/mutations.py,sha256=Da_e6WSp-fsCYVE9A6SGkIQy9WDzjeQycNyHEn7vJqE,935
 primitive/files/graphql/queries.py,sha256=_ky-IRz928sKeSJuqaggTPxV4CGgmho3OyaAFu1z7nw,397
 primitive/git/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -36,25 +37,27 @@ primitive/git/graphql/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3h
 primitive/git/graphql/queries.py,sha256=I1HGlqBb1lHIAWVSsC8tVY9JdsQ8DJVqs4nqSTcL30M,98
 primitive/graphql/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 primitive/graphql/relay.py,sha256=bmij2AjdpURQ6GGVCxwWhauF-r_SxuAU2oJ4sDbLxpI,726
-primitive/graphql/sdk.py,sha256=KhVWDZms_eMBgt6ftSJitRALguagy-nmrj4IC2taeXY,1535
+primitive/graphql/sdk.py,sha256=dE4TD8KiTKw3Y0uiw5XrIcuZGqexE47eSlPaPD6jDGo,1545
 primitive/graphql/utility_fragments.py,sha256=uIjwILC4QtWNyO5vu77VjQf_p0jvP3A9q_6zRq91zqs,303
 primitive/hardware/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-primitive/hardware/actions.py,sha256=qBMcCcgSf3XRe-ua1unf5M64J-Y8EelUQKysa8vje0s,26060
+primitive/hardware/actions.py,sha256=4xswcLaHk4IhEwRK5Pw_rpEgn6XciT5K2apnHi8_cI4,29204
 primitive/hardware/android.py,sha256=tu7pBPxWFrIwb_mm5CEdFFf1_veNDOKjOCQg13i_Lh4,2758
-primitive/hardware/commands.py,sha256=NMliVHBZDl4UAvhmNEjrvN9KWPuqn87-d7eVb0ZqEYA,3752
+primitive/hardware/commands.py,sha256=lwO-cm3doGtuGvR30fib-nALJyNCScdCTXOVVbYVpkY,4604
 primitive/hardware/ui.py,sha256=12rucuZ2s-w5R4bKyxON5dEbrdDnVf5sbj3K_nbdo44,2473
 primitive/hardware/graphql/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 primitive/hardware/graphql/fragments.py,sha256=H315uv-ujOsZEbQR5tmstbRU_9OCa5SErZMwIckSiLc,383
-primitive/hardware/graphql/mutations.py,sha256=_4Hkbfik9Ron4T-meulu6T-9FR_BZjyPNwn745MPksU,1484
+primitive/hardware/graphql/mutations.py,sha256=wOKNJN-1x_DGxvdHt2Bm3AUqyW8P1lNPkxLIQThbXUg,1874
 primitive/hardware/graphql/queries.py,sha256=I86uLuOSjHSph11Y5MVCYko5Js7hoiEZ-cEoPTc4J-k,1392
 primitive/jobs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-primitive/jobs/actions.py,sha256=Fej-rpdfIiHjs0SEFY2ZcMn64AWHn6kD90RC5wtRM3Q,6531
+primitive/jobs/actions.py,sha256=-IRNO7KM63cPAbGRNQycyFsugW9hAyg-TDuK0g5AiSw,6542
 primitive/jobs/commands.py,sha256=MxPCkBEYW_eLNqgCRYeyj7ZcLOFAWfpVZlqDR2Y_S0o,830
 primitive/jobs/graphql/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 primitive/jobs/graphql/fragments.py,sha256=rWZWxZs9ZWjWal0eiY_XPWUS7i7f3fwSM_w8ZvDs2JQ,614
 primitive/jobs/graphql/mutations.py,sha256=8ASvCmwQh7cMeeiykOdYaYVryG8FRIuVF6v_J8JJZuw,219
 primitive/jobs/graphql/queries.py,sha256=ZxNmm-WovytbggNuKRnwa0kc26T34_0yhqkoqx-2uj0,1736
-primitive/monitor/actions.py,sha256=coGEQkKvkTRO0Zgii4hQOTSk1wa9HkVFDn4OiEJ20r4,9581
+primitive/messaging/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+primitive/messaging/provider.py,sha256=NCgl1KiV4Ow49Laz2grNGsP7Ij4vUUeorUjkhAKF1H4,4182
+primitive/monitor/actions.py,sha256=AZOoNzASorvye5309h6BJbsup_jR8YunQ19EiG5SAQg,9643
 primitive/monitor/commands.py,sha256=VDlEL_Qpm_ysHxug7VpI0cVAZ0ny6AS91Y58D7F1zkU,409
 primitive/organizations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 primitive/organizations/actions.py,sha256=kVHOhG1oS2sI5p8uldSo5L-RUZsnG36eaulVuKLyZ-M,1863
@@ -82,7 +85,7 @@ primitive/reservations/graphql/fragments.py,sha256=h3edd0Es38SNldhHiRU3hAJNYwrUI
 primitive/reservations/graphql/mutations.py,sha256=IqzwQL7OclN7RpIcidrTQo9cGYofY7wqoBOdnY0pwN8,651
 primitive/reservations/graphql/queries.py,sha256=x31wTRelskX2fc0fx2qrY7XT1q74nvzLv_Xef3o9weg,746
 primitive/utils/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-primitive/utils/actions.py,sha256=HOFrmM3-0A_A3NS84MqrZ6JmQEiiPSoDqEeuu6b_qfQ,196
+primitive/utils/actions.py,sha256=Gm84YgXFSpilpYqjG5nxcQTdRSp3waN7ZorzIzMBLtc,208
 primitive/utils/auth.py,sha256=uBIZNPF2CpbaPV2UMi6eWVUKghV6WIm-pG3-UM29bNs,1465
 primitive/utils/cache.py,sha256=FHGmVWYLJFQOazpXXcEwI0YJEZbdkgG39nOLdOv6VNk,1575
 primitive/utils/chunk_size.py,sha256=PAuVuirUTA9oRXyjo1c6MWxo31WVBRkWMuWw-AS58Bw,2914
@@ -91,12 +94,13 @@ primitive/utils/daemons.py,sha256=mSoSHitiGfS4KYAEK9sKsiv_YcACHKgY3qISnDpUUIE,10
 primitive/utils/exceptions.py,sha256=KSAR2zqWEjQhqb6OAtaMUvYejKPETdBVRRRIKzy90A8,554
 primitive/utils/logging.py,sha256=vpwu-hByZC1BgJfUi6iSfAxzCobP_zg9-99EUf80KtY,1132
 primitive/utils/memory_size.py,sha256=4xfha21kW82nFvOTtDFx9Jk2ZQoEhkfXii-PGNTpIUk,3058
-primitive/utils/printer.py,sha256=f1XUpqi5dkTL3GWvYRUGlSwtj2IxU1q745T4Fxo7Tn4,370
+primitive/utils/printer.py,sha256=Iy9RkTyDZ6CcoTZfiNTPMAAT2rM8U0Reku4RjQf_DqM,377
 primitive/utils/psutil.py,sha256=xa7ef435UL37jyjmUPbEqCO2ayQMpCs0HCrxVEvLcuM,763
 primitive/utils/shell.py,sha256=Z4zxmOaSyGCrS0D6I436iQci-ewHLt4UxVg1CD9Serc,2171
 primitive/utils/text.py,sha256=XiESMnlhjQ534xE2hMNf08WehE1SKaYFRNih0MmnK0k,829
-primitive-0.2.58.dist-info/METADATA,sha256=LZUy9sTcKO-Qm4NchZ02_oHQLhfgfRHVHM9WFCu2ctQ,3513
-primitive-0.2.58.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
-primitive-0.2.58.dist-info/entry_points.txt,sha256=p1K8DMCWka5FqLlqP1sPek5Uovy9jq8u51gUsP-z334,48
-primitive-0.2.58.dist-info/licenses/LICENSE.txt,sha256=B8kmQMJ2sxYygjCLBk770uacaMci4mPSoJJ8WoDBY_c,1098
-primitive-0.2.58.dist-info/RECORD,,
+primitive/utils/x509.py,sha256=HwHRPqakTHWd40ny-9O_yNknSL1Cxo50O0UCjXHFq04,3796
+primitive-0.2.60.dist-info/METADATA,sha256=8_ftdlVATEzZHXucRmr6BnzxWhjjCPNhGju0EnVFX9c,3540
+primitive-0.2.60.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
+primitive-0.2.60.dist-info/entry_points.txt,sha256=p1K8DMCWka5FqLlqP1sPek5Uovy9jq8u51gUsP-z334,48
+primitive-0.2.60.dist-info/licenses/LICENSE.txt,sha256=B8kmQMJ2sxYygjCLBk770uacaMci4mPSoJJ8WoDBY_c,1098
+primitive-0.2.60.dist-info/RECORD,,