PyPI - raijin-server - Versions diffs - 0.2.25__tar.gz → 0.2.27__tar.gz - Mend

raijin-server 0.2.25tar.gz → 0.2.27tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of raijin-server might be problematic. Click here for more details.

Files changed (55) hide show

{raijin_server-0.2.25/src/raijin_server.egg-info → raijin_server-0.2.27}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: raijin-server
-Version: 0.2.25
+Version: 0.2.27
 Summary: CLI para automacao de setup e hardening de servidores Ubuntu Server.
 Home-page: https://example.com/raijin-server
 Author: Equipe Raijin

{raijin_server-0.2.25 → raijin_server-0.2.27}/setup.cfg RENAMED Viewed

@@ -1,6 +1,6 @@
 [metadata]
 name = raijin-server
-version = 0.2.25
+version = 0.2.27
 description = CLI para automacao de setup e hardening de servidores Ubuntu Server.
 long_description = file: README.md
 long_description_content_type = text/markdown

raijin_server-0.2.27/src/raijin_server/__init__.py ADDED Viewed

@@ -0,0 +1,5 @@
+"""Pacote principal do CLI Raijin Server."""
+__version__ = "0.2.27"
+__all__ = ["__version__"]

{raijin_server-0.2.25 → raijin_server-0.2.27}/src/raijin_server/cli.py RENAMED Viewed

@@ -4,7 +4,7 @@ from __future__ import annotations
 import os
 from pathlib import Path
-from typing import Callable, Dict, Optional
+from typing import Callable, Dict, List, Optional
 import subprocess
@@ -49,6 +49,7 @@ from raijin_server.utils import ExecutionContext, logger, active_log_file, avail
 from raijin_server.validators import validate_system_requirements, check_module_dependencies, MODULE_DEPENDENCIES
 from raijin_server.healthchecks import run_health_check
 from raijin_server.config import ConfigManager
+from raijin_server import module_manager
 app = typer.Typer(add_completion=False, help="Automacao de setup e hardening para Ubuntu Server")
 console = Console()
@@ -838,6 +839,257 @@ def validate(skip_root: bool = typer.Option(False, "--skip-root", help="Pula val
         raise typer.Exit(code=1)
+# ============================================================================
+# Comandos Install / Uninstall / List
+# ============================================================================
+def _get_available_modules() -> List[str]:
+    """Retorna lista de modulos disponiveis (excluindo full_install)."""
+    return [m for m in MODULES.keys() if m != "full_install"]
+def _register_uninstall_handlers() -> None:
+    """Registra handlers de uninstall dos modulos que os possuem."""
+    # Mapeamento de modulos para suas funcoes de uninstall
+    handlers = {
+        "kong": kong._uninstall_kong,
+        "grafana": grafana._uninstall_grafana,
+        "velero": velero._uninstall_velero,
+        "metallb": metallb._uninstall_metallb,
+        "minio": minio._uninstall_minio,
+        "loki": loki._uninstall_loki,
+        "prometheus": lambda ctx: prometheus._uninstall_prometheus(ctx, "monitoring"),
+        "traefik": traefik._uninstall_traefik,
+        "istio": istio._uninstall_istio,
+        "kafka": kafka._uninstall_kafka,
+        "cert_manager": cert_manager._uninstall_cert_manager,
+        "calico": lambda ctx: _generic_uninstall(ctx, "calico", "calico-system", ["calico"]),
+        "secrets": lambda ctx: _uninstall_secrets(ctx),
+        "harness": lambda ctx: harness._uninstall_delegate(ctx, "harness", "harness-delegate"),
+    }
+    module_manager.UNINSTALL_HANDLERS.update(handlers)
+def _uninstall_secrets(ctx: ExecutionContext) -> None:
+    """Handler de uninstall para secrets (sealed-secrets + external-secrets)."""
+    secrets._uninstall_sealed_secrets(ctx, "sealed-secrets")
+    secrets._uninstall_external_secrets(ctx, "external-secrets")
+def _generic_uninstall(ctx: ExecutionContext, module: str, namespace: str, releases: List[str]) -> None:
+    """Handler generico de uninstall para modulos Helm."""
+    for release in releases:
+        module_manager.generic_helm_uninstall(release, namespace, ctx)
+    module_manager.cleanup_namespace(namespace, ctx)
+@app.command()
+def install(
+    ctx: typer.Context,
+    module: str = typer.Argument(..., help="Nome do modulo a instalar"),
+    force: bool = typer.Option(False, "--force", "-f", help="Ignora dependencias faltantes"),
+) -> None:
+    """Instala um modulo especifico.
+    Exemplo:
+        raijin-server install kong
+        raijin-server install prometheus --force
+    """
+    available = _get_available_modules()
+    # Normaliza nome do modulo (aceita hifens)
+    module_normalized = module.replace("-", "_")
+    if module_normalized not in available:
+        typer.secho(f"Modulo '{module}' nao encontrado.", fg=typer.colors.RED)
+        typer.echo(f"\nModulos disponiveis:")
+        for m in sorted(available):
+            typer.echo(f"  - {m}")
+        raise typer.Exit(code=1)
+    exec_ctx = ctx.obj or ExecutionContext()
+    # Verifica dependencias
+    if not force:
+        if not check_module_dependencies(module_normalized, exec_ctx):
+            typer.echo("\nUse --force para ignorar dependencias faltantes.")
+            raise typer.Exit(code=1)
+    # Mostra dependencias
+    module_manager.show_dependency_tree(module_normalized)
+    # Confirma instalacao
+    if not typer.confirm(f"\nInstalar modulo '{module_normalized}'?", default=True):
+        typer.secho("Instalacao cancelada.", fg=typer.colors.YELLOW)
+        raise typer.Exit(code=0)
+    # Executa instalacao
+    _run_module(ctx, module_normalized)
+@app.command()
+def uninstall(
+    ctx: typer.Context,
+    module: str = typer.Argument(..., help="Nome do modulo a desinstalar"),
+    force: bool = typer.Option(False, "--force", "-f", help="Ignora avisos de seguranca"),
+    cascade: bool = typer.Option(False, "--cascade", help="Remove tambem modulos dependentes"),
+    yes: bool = typer.Option(False, "--yes", "-y", help="Confirma automaticamente"),
+) -> None:
+    """Desinstala um modulo e seus recursos.
+    Analisa dependencias e mostra impacto antes de remover.
+    Exemplo:
+        raijin-server uninstall kong
+        raijin-server uninstall kubernetes --cascade
+        raijin-server uninstall prometheus --force -y
+    """
+    available = _get_available_modules()
+    # Normaliza nome do modulo
+    module_normalized = module.replace("-", "_")
+    if module_normalized not in available:
+        typer.secho(f"Modulo '{module}' nao encontrado.", fg=typer.colors.RED)
+        raise typer.Exit(code=1)
+    # Registra handlers de uninstall
+    _register_uninstall_handlers()
+    exec_ctx = ctx.obj or ExecutionContext()
+    # Verifica se esta instalado
+    if not module_manager.is_module_installed(module_normalized):
+        typer.secho(f"Modulo '{module_normalized}' nao esta instalado.", fg=typer.colors.YELLOW)
+        # Mesmo assim, oferece limpar recursos
+        if typer.confirm("Deseja tentar limpar recursos orfaos mesmo assim?", default=False):
+            if module_normalized in module_manager.UNINSTALL_HANDLERS:
+                module_manager.UNINSTALL_HANDLERS[module_normalized](exec_ctx)
+                typer.secho("Limpeza concluida.", fg=typer.colors.GREEN)
+        raise typer.Exit(code=0)
+    # Mostra arvore de dependencias
+    module_manager.show_dependency_tree(module_normalized)
+    # Analisa impacto
+    is_safe, affected = module_manager.show_uninstall_impact(module_normalized)
+    if not is_safe and not force:
+        typer.secho(
+            f"\n⚠️  ATENCAO: Remover '{module_normalized}' pode quebrar {len(affected)} modulo(s)!",
+            fg=typer.colors.YELLOW,
+            bold=True,
+        )
+        if cascade:
+            typer.echo(f"\nModo --cascade: os seguintes modulos serao removidos primeiro:")
+            for dep in affected:
+                typer.echo(f"  - {dep}")
+    # Confirmacao
+    if not yes:
+        if cascade and affected:
+            confirm_msg = f"Remover '{module_normalized}' e {len(affected)} dependente(s)?"
+        else:
+            confirm_msg = f"Remover '{module_normalized}'?"
+        if not typer.confirm(f"\n{confirm_msg}", default=False):
+            typer.secho("Operacao cancelada.", fg=typer.colors.YELLOW)
+            raise typer.Exit(code=0)
+    # Executa uninstall
+    success = module_manager.uninstall_module(
+        module_normalized,
+        exec_ctx,
+        force=force,
+        cascade=cascade,
+    )
+    if success:
+        typer.secho(f"\n✓ Modulo '{module_normalized}' removido com sucesso!", fg=typer.colors.GREEN, bold=True)
+    else:
+        typer.secho(f"\n✗ Falha ao remover modulo '{module_normalized}'.", fg=typer.colors.RED)
+        raise typer.Exit(code=1)
+@app.command(name="list")
+def list_modules(
+    ctx: typer.Context,
+    installed_only: bool = typer.Option(False, "--installed", "-i", help="Mostra apenas modulos instalados"),
+    show_deps: bool = typer.Option(False, "--deps", "-d", help="Mostra dependencias detalhadas"),
+) -> None:
+    """Lista todos os modulos e seus status de instalacao.
+    Exemplo:
+        raijin-server list
+        raijin-server list --installed
+        raijin-server list --deps
+    """
+    from rich.table import Table
+    table = Table(title="Modulos Raijin Server")
+    table.add_column("Modulo", style="cyan")
+    table.add_column("Status", justify="center")
+    if show_deps:
+        table.add_column("Dependencias", style="yellow")
+        table.add_column("Dependentes", style="magenta")
+    table.add_column("Descricao", style="dim", max_width=40)
+    status = module_manager.get_module_status()
+    for module_name in sorted(status.keys()):
+        installed = status[module_name]
+        if installed_only and not installed:
+            continue
+        status_icon = "[green]✓ Instalado[/green]" if installed else "[dim]○ Pendente[/dim]"
+        desc = MODULE_DESCRIPTIONS.get(module_name, "")
+        if show_deps:
+            deps = MODULE_DEPENDENCIES.get(module_name, [])
+            deps_str = ", ".join(deps) if deps else "-"
+            from raijin_server.validators import get_reverse_dependencies
+            rev_deps = get_reverse_dependencies(module_name)
+            rev_deps_str = ", ".join(rev_deps) if rev_deps else "-"
+            table.add_row(module_name, status_icon, deps_str, rev_deps_str, desc)
+        else:
+            table.add_row(module_name, status_icon, desc)
+    console.print(table)
+    # Resumo
+    total = len(status)
+    installed_count = sum(1 for v in status.values() if v)
+    console.print(f"\n[dim]Total: {total} modulos | Instalados: {installed_count} | Pendentes: {total - installed_count}[/dim]")
+@app.command()
+def deps(
+    module: str = typer.Argument(..., help="Nome do modulo"),
+) -> None:
+    """Mostra arvore de dependencias de um modulo.
+    Exemplo:
+        raijin-server deps grafana
+        raijin-server deps kong
+    """
+    available = _get_available_modules()
+    module_normalized = module.replace("-", "_")
+    if module_normalized not in available:
+        typer.secho(f"Modulo '{module}' nao encontrado.", fg=typer.colors.RED)
+        raise typer.Exit(code=1)
+    module_manager.show_dependency_tree(module_normalized)
 def main_entrypoint() -> None:
     """Ponto de entrada para console_scripts."""

raijin_server-0.2.27/src/raijin_server/module_manager.py ADDED Viewed

@@ -0,0 +1,311 @@
+"""Gerenciador de instalacao e desinstalacao de modulos."""
+from __future__ import annotations
+import os
+from pathlib import Path
+from typing import Callable, Dict, List, Optional, Tuple
+import typer
+from rich.console import Console
+from rich.panel import Panel
+from rich.table import Table
+from raijin_server.utils import ExecutionContext, run_cmd, logger
+from raijin_server.validators import (
+    MODULE_DEPENDENCIES,
+    get_reverse_dependencies,
+    get_installed_dependents,
+    check_uninstall_safety,
+    check_module_dependencies,
+)
+console = Console()
+# Mapeamento de modulos para suas funcoes de uninstall
+# Sera populado dinamicamente pelo CLI
+UNINSTALL_HANDLERS: Dict[str, Callable[[ExecutionContext], None]] = {}
+def get_state_dir() -> Path:
+    """Retorna diretorio de estado."""
+    state_dir = Path(os.environ.get("RAIJIN_STATE_DIR", "/var/lib/raijin-server/state"))
+    if state_dir.exists():
+        return state_dir
+    alt_dir = Path.home() / ".local/share/raijin-server/state"
+    return alt_dir
+def is_module_installed(module: str) -> bool:
+    """Verifica se um modulo esta instalado (tem arquivo .done)."""
+    state_dir = get_state_dir()
+    state_file = state_dir / f"{module}.done"
+    return state_file.exists()
+def mark_module_uninstalled(module: str) -> None:
+    """Remove marcador de instalacao do modulo."""
+    state_dir = get_state_dir()
+    state_file = state_dir / f"{module}.done"
+    if state_file.exists():
+        state_file.unlink()
+        logger.info(f"Marcador de estado removido: {state_file}")
+def get_module_status() -> Dict[str, bool]:
+    """Retorna status de instalacao de todos os modulos."""
+    from raijin_server.cli import MODULES
+    status = {}
+    for module in MODULES.keys():
+        if module == "full_install":
+            continue
+        status[module] = is_module_installed(module)
+    return status
+def show_dependency_tree(module: str) -> None:
+    """Exibe arvore de dependencias de um modulo."""
+    console.print(f"\n[bold cyan]Arvore de dependencias para '{module}':[/bold cyan]")
+    # Dependencias (o que este modulo precisa)
+    deps = MODULE_DEPENDENCIES.get(module, [])
+    if deps:
+        console.print(f"\n[yellow]Requer (dependencias):[/yellow]")
+        for dep in deps:
+            installed = "✓" if is_module_installed(dep) else "✗"
+            color = "green" if is_module_installed(dep) else "red"
+            console.print(f"  [{color}]{installed}[/{color}] {dep}")
+    else:
+        console.print(f"\n[dim]Nenhuma dependencia[/dim]")
+    # Dependentes (quem depende deste modulo)
+    dependents = get_reverse_dependencies(module)
+    if dependents:
+        console.print(f"\n[yellow]Dependentes (quem usa este modulo):[/yellow]")
+        for dep in dependents:
+            installed = "✓" if is_module_installed(dep) else "○"
+            color = "green" if is_module_installed(dep) else "dim"
+            console.print(f"  [{color}]{installed}[/{color}] {dep}")
+    else:
+        console.print(f"\n[dim]Nenhum modulo depende deste[/dim]")
+def show_uninstall_impact(module: str) -> Tuple[bool, List[str]]:
+    """Mostra impacto da remocao e retorna se e seguro."""
+    is_safe, affected, warning = check_uninstall_safety(module)
+    if not is_safe:
+        console.print(Panel(
+            warning,
+            title="⚠️  AVISO DE IMPACTO",
+            border_style="yellow",
+        ))
+        # Mostra arvore de impacto detalhada
+        table = Table(title="Modulos que serao afetados")
+        table.add_column("Modulo", style="red")
+        table.add_column("Status", style="yellow")
+        table.add_column("Depende de", style="cyan")
+        for mod in affected:
+            deps = MODULE_DEPENDENCIES.get(mod, [])
+            relevant_deps = [d for d in deps if d == module or d in affected]
+            table.add_row(
+                mod,
+                "Instalado" if is_module_installed(mod) else "Nao instalado",
+                ", ".join(relevant_deps)
+            )
+        console.print(table)
+        console.print()
+    return is_safe, affected
+def uninstall_module(
+    module: str,
+    ctx: ExecutionContext,
+    force: bool = False,
+    cascade: bool = False,
+) -> bool:
+    """Desinstala um modulo com verificacao de seguranca.
+    Args:
+        module: Nome do modulo a desinstalar
+        ctx: Contexto de execucao
+        force: Ignora avisos de seguranca
+        cascade: Remove tambem os modulos dependentes
+    Returns:
+        True se desinstalou com sucesso
+    """
+    if not is_module_installed(module):
+        typer.secho(f"Modulo '{module}' nao esta instalado.", fg=typer.colors.YELLOW)
+        return False
+    # Verifica seguranca
+    is_safe, affected = show_uninstall_impact(module)
+    if not is_safe and not force:
+        if cascade:
+            # Desinstala dependentes primeiro (ordem reversa)
+            console.print(f"\n[yellow]Modo cascade: removendo dependentes primeiro...[/yellow]")
+            for dep in reversed(affected):
+                if is_module_installed(dep):
+                    console.print(f"\n[cyan]Removendo {dep}...[/cyan]")
+                    uninstall_module(dep, ctx, force=True, cascade=False)
+        else:
+            confirm = typer.confirm(
+                "\nDeseja continuar mesmo assim? (os modulos afetados podem parar de funcionar)",
+                default=False,
+            )
+            if not confirm:
+                typer.secho("Operacao cancelada.", fg=typer.colors.YELLOW)
+                return False
+    # Executa uninstall especifico se disponivel
+    if module in UNINSTALL_HANDLERS:
+        typer.echo(f"\nExecutando uninstall de '{module}'...")
+        try:
+            UNINSTALL_HANDLERS[module](ctx)
+        except Exception as e:
+            typer.secho(f"Erro durante uninstall: {e}", fg=typer.colors.RED)
+            if not force:
+                return False
+    else:
+        # Uninstall generico - apenas remove marcador
+        typer.secho(
+            f"Modulo '{module}' nao tem handler de uninstall especifico.",
+            fg=typer.colors.YELLOW,
+        )
+        typer.echo("Apenas o marcador de estado sera removido.")
+        typer.echo("Recursos no cluster podem precisar de remocao manual.")
+    # Remove marcador de estado
+    mark_module_uninstalled(module)
+    typer.secho(f"✓ Modulo '{module}' marcado como desinstalado.", fg=typer.colors.GREEN)
+    return True
+def list_modules_status() -> None:
+    """Lista todos os modulos e seus status."""
+    from raijin_server.cli import MODULE_DESCRIPTIONS
+    table = Table(title="Status dos Modulos Raijin")
+    table.add_column("Modulo", style="cyan")
+    table.add_column("Status", justify="center")
+    table.add_column("Dependencias")
+    table.add_column("Descricao", style="dim")
+    status = get_module_status()
+    for module, installed in sorted(status.items()):
+        status_icon = "[green]✓ Instalado[/green]" if installed else "[dim]○ Nao instalado[/dim]"
+        deps = MODULE_DEPENDENCIES.get(module, [])
+        deps_str = ", ".join(deps) if deps else "-"
+        desc = MODULE_DESCRIPTIONS.get(module, "")[:40]
+        if len(MODULE_DESCRIPTIONS.get(module, "")) > 40:
+            desc += "..."
+        table.add_row(module, status_icon, deps_str, desc)
+    console.print(table)
+def check_kubernetes_resource(resource_type: str, name: str, namespace: str = "") -> bool:
+    """Verifica se um recurso Kubernetes existe."""
+    cmd = ["kubectl", "get", resource_type, name]
+    if namespace:
+        cmd.extend(["-n", namespace])
+    import subprocess
+    result = subprocess.run(cmd, capture_output=True, text=True)
+    return result.returncode == 0
+def generic_helm_uninstall(release_name: str, namespace: str, ctx: ExecutionContext) -> bool:
+    """Desinstala um release Helm de forma generica."""
+    typer.echo(f"Removendo release Helm '{release_name}' do namespace '{namespace}'...")
+    # Verifica se existe
+    result = run_cmd(
+        ["helm", "status", release_name, "-n", namespace],
+        ctx,
+        check=False,
+    )
+    if result.returncode != 0:
+        typer.echo(f"Release '{release_name}' nao encontrado.")
+        return False
+    # Remove release
+    result = run_cmd(
+        ["helm", "uninstall", release_name, "-n", namespace],
+        ctx,
+        check=False,
+    )
+    if result.returncode == 0:
+        typer.secho(f"✓ Release '{release_name}' removido.", fg=typer.colors.GREEN)
+        return True
+    else:
+        typer.secho(f"✗ Falha ao remover release '{release_name}'.", fg=typer.colors.RED)
+        return False
+def cleanup_namespace(namespace: str, ctx: ExecutionContext, wait: bool = True) -> bool:
+    """Remove um namespace do Kubernetes."""
+    typer.echo(f"Removendo namespace '{namespace}'...")
+    result = run_cmd(
+        ["kubectl", "delete", "namespace", namespace, "--ignore-not-found"],
+        ctx,
+        check=False,
+    )
+    if wait and result.returncode == 0:
+        import time
+        # Aguarda namespace ser removido
+        deadline = time.time() + 60
+        while time.time() < deadline:
+            check = run_cmd(
+                ["kubectl", "get", "namespace", namespace],
+                ctx,
+                check=False,
+            )
+            if check.returncode != 0:
+                break
+            time.sleep(5)
+    return result.returncode == 0
+def cleanup_crds(pattern: str, ctx: ExecutionContext) -> int:
+    """Remove CRDs que correspondem ao padrao."""
+    import subprocess
+    # Lista CRDs
+    result = subprocess.run(
+        ["kubectl", "get", "crd", "-o", "name"],
+        capture_output=True,
+        text=True,
+    )
+    if result.returncode != 0:
+        return 0
+    removed = 0
+    for line in result.stdout.strip().split("\n"):
+        if pattern in line:
+            crd_name = line.replace("customresourcedefinition.apiextensions.k8s.io/", "")
+            run_cmd(
+                ["kubectl", "delete", "crd", crd_name, "--ignore-not-found"],
+                ctx,
+                check=False,
+            )
+            removed += 1
+    return removed

{raijin_server-0.2.25 → raijin_server-0.2.27}/src/raijin_server/modules/istio.py RENAMED Viewed

@@ -147,6 +147,9 @@ metadata:
   namespace: istio-system
 spec:
   profile: {profile}
+  meshConfig:
+    defaultConfig:
+      holdApplicationUntilProxyStarts: true
   components:
     pilot:
       enabled: true
@@ -175,10 +178,6 @@ spec:
             kubernetes.io/hostname: {node_name}
           service:
             type: {service_type}
-  values:
-    global:
-      proxy:
-        holdApplicationUntilProxyStarts: true
 """
     config_path = Path("/tmp/raijin-istio-config.yaml")

raijin-server 0.2.25__tar.gz → 0.2.27__tar.gz

Potentially problematic release.

raijin-server 0.2.25tar.gz → 0.2.27tar.gz