raijin-server 0.2.5__py3-none-any.whl → 0.2.7__py3-none-any.whl

raijin_server/modules/full_install.py

@@ -1,10 +1,13 @@
 """Instalacao completa e automatizada do ambiente produtivo."""
 
 import os
+import subprocess
+from typing import List
 
 import typer
 
 from raijin_server.utils import ExecutionContext, require_root
+from raijin_server.healthchecks import run_health_check
 from raijin_server.modules import (
     bootstrap,
     calico,
@@ -68,6 +71,196 @@ def _cert_manager_install_only(ctx: ExecutionContext) -> None:
         )
 
 
+def _confirm_colored(message: str, default: bool = True) -> bool:
+    """Confirmação com destaque visual."""
+    styled = typer.style(message, fg=typer.colors.YELLOW, bold=True)
+    return typer.confirm(styled, default=default)
+
+
+def _select_steps_interactively() -> List[str] | None:
+    typer.secho("Selecione passos (separados por vírgula) ou ENTER para todos:", fg=typer.colors.CYAN)
+    typer.echo("Exemplo: kubernetes,calico,cert_manager,traefik")
+    answer = typer.prompt("Passos", default="").strip()
+    if not answer:
+        return None
+    steps = [s.strip() for s in answer.split(",") if s.strip()]
+    return steps or None
+
+
+def _kube_snapshot(ctx: ExecutionContext, events: int = 100, namespace: str | None = None) -> None:
+    """Coleta snapshot rápido de cluster para debug (best-effort)."""
+    cmds = []
+    cmds.append(["kubectl", "get", "nodes", "-o", "wide"])
+
+    pods_cmd = ["kubectl", "get", "pods"]
+    if namespace:
+        pods_cmd += ["-n", namespace]
+    else:
+        pods_cmd.append("-A")
+    pods_cmd += ["-o", "wide"]
+    cmds.append(pods_cmd)
+
+    events_cmd = ["kubectl", "get", "events"]
+    if namespace:
+        events_cmd += ["-n", namespace]
+    else:
+        events_cmd.append("-A")
+    events_cmd += ["--sort-by=.lastTimestamp"]
+    cmds.append(events_cmd)
+
+    typer.secho("\n[DEBUG] Snapshot do cluster", fg=typer.colors.CYAN)
+    for cmd in cmds:
+        try:
+            result = subprocess.run(cmd, capture_output=True, text=True, timeout=30)
+            typer.echo(f"$ {' '.join(cmd)}")
+            if result.stdout:
+                lines = result.stdout.strip().splitlines()
+                if cmd is events_cmd:
+                    lines = lines[-events:]
+                typer.echo("\n".join(lines))
+            elif result.stderr:
+                typer.echo(result.stderr.strip())
+        except Exception as exc:
+            typer.secho(f"(snapshot falhou: {exc})", fg=typer.colors.YELLOW)
+
+
+def _run_cmd(title: str, cmd: List[str], ctx: ExecutionContext, tail: int | None = None) -> None:
+    """Executa comando kubectl/helm best-effort para diagnosticos rapidos."""
+    typer.secho(f"\n[diagnose] {title}", fg=typer.colors.CYAN)
+    if ctx.dry_run:
+        typer.echo("[dry-run] comando nao executado")
+        return
+
+    try:
+        result = subprocess.run(cmd, capture_output=True, text=True, timeout=40)
+        typer.echo(f"$ {' '.join(cmd)}")
+        output = result.stdout.strip() or result.stderr.strip()
+        if output:
+            lines = output.splitlines()
+            if tail:
+                lines = lines[-tail:]
+            typer.echo("\n".join(lines))
+        else:
+            typer.echo("(sem saida)")
+    except Exception as exc:
+        typer.secho(f"(falha ao executar: {exc})", fg=typer.colors.YELLOW)
+
+
+def _diag_namespace(ns: str, ctx: ExecutionContext, tail_events: int = 50) -> None:
+    _run_cmd(f"Pods em {ns}", ["kubectl", "get", "pods", "-n", ns, "-o", "wide"], ctx)
+    _run_cmd(f"Services em {ns}", ["kubectl", "get", "svc", "-n", ns], ctx)
+    _run_cmd(f"Deployments em {ns}", ["kubectl", "get", "deploy", "-n", ns], ctx)
+    _run_cmd(
+        f"Eventos em {ns}",
+        ["kubectl", "get", "events", "-n", ns, "--sort-by=.lastTimestamp"],
+        ctx,
+        tail=tail_events,
+    )
+
+
+def _diag_calico(ctx: ExecutionContext) -> None:
+    ns = "kube-system"
+    _run_cmd("Calico DaemonSets", ["kubectl", "get", "ds", "-n", ns, "-o", "wide"], ctx)
+    _run_cmd("Calico pods", ["kubectl", "get", "pods", "-n", ns, "-l", "k8s-app=calico-node", "-o", "wide"], ctx)
+    _run_cmd("Calico typha", ["kubectl", "get", "pods", "-n", ns, "-l", "k8s-app=calico-typha", "-o", "wide"], ctx)
+    _run_cmd("Calico events", ["kubectl", "get", "events", "-n", ns, "--sort-by=.lastTimestamp"], ctx, tail=50)
+
+
+def _diag_secrets(ctx: ExecutionContext) -> None:
+    _diag_namespace("kube-system", ctx)
+    _diag_namespace("external-secrets", ctx)
+
+
+def _diag_prometheus(ctx: ExecutionContext) -> None:
+    ns = "observability"
+    _run_cmd("Prometheus pods", ["kubectl", "get", "pods", "-n", ns, "-l", "app.kubernetes.io/name=prometheus"], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_grafana(ctx: ExecutionContext) -> None:
+    ns = "observability"
+    _run_cmd("Grafana svc", ["kubectl", "get", "svc", "-n", ns, "-l", "app.kubernetes.io/name=grafana"], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_loki(ctx: ExecutionContext) -> None:
+    ns = "observability"
+    _run_cmd("Loki statefulsets", ["kubectl", "get", "sts", "-n", ns, "-l", "app.kubernetes.io/name=loki"], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_traefik(ctx: ExecutionContext) -> None:
+    ns = "traefik"
+    _run_cmd("Traefik ingress", ["kubectl", "get", "ingress", "-n", ns], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_observability_ingress(ctx: ExecutionContext) -> None:
+    ns = "observability"
+    _run_cmd("Ingress objects", ["kubectl", "get", "ingress", "-n", ns], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_observability_dashboards(ctx: ExecutionContext) -> None:
+    ns = "observability"
+    _run_cmd("ConfigMaps dashboards", ["kubectl", "get", "configmap", "-n", ns, "-l", "raijin/dashboards=true"], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_minio(ctx: ExecutionContext) -> None:
+    ns = "minio"
+    _diag_namespace(ns, ctx)
+
+
+def _diag_kafka(ctx: ExecutionContext) -> None:
+    ns = "kafka"
+    _run_cmd("Kafka pods", ["kubectl", "get", "pods", "-n", ns, "-o", "wide"], ctx)
+    _diag_namespace(ns, ctx)
+
+
+def _diag_velero(ctx: ExecutionContext) -> None:
+    ns = "velero"
+    _diag_namespace(ns, ctx)
+
+
+def _diag_kong(ctx: ExecutionContext) -> None:
+    ns = "kong"
+    _diag_namespace(ns, ctx)
+
+
+DIAG_HANDLERS = {
+    "cert_manager": cert_manager.diagnose,
+    "calico": _diag_calico,
+    "secrets": _diag_secrets,
+    "prometheus": _diag_prometheus,
+    "grafana": _diag_grafana,
+    "loki": _diag_loki,
+    "traefik": _diag_traefik,
+    "observability_ingress": _diag_observability_ingress,
+    "observability_dashboards": _diag_observability_dashboards,
+    "minio": _diag_minio,
+    "kafka": _diag_kafka,
+    "velero": _diag_velero,
+    "kong": _diag_kong,
+}
+
+
+def _maybe_diagnose(name: str, ctx: ExecutionContext) -> None:
+    try:
+        if name in DIAG_HANDLERS:
+            DIAG_HANDLERS[name](ctx)
+            return
+
+        # fallback: health check se existir
+        ok = run_health_check(name, ctx)
+        if ok:
+            typer.secho(f"[diagnose] {name}: OK", fg=typer.colors.GREEN)
+        else:
+            typer.secho(f"[diagnose] {name}: falhou", fg=typer.colors.YELLOW)
+    except Exception as exc:
+        typer.secho(f"[diagnose] {name} falhou: {exc}", fg=typer.colors.YELLOW)
+
+
 # Ordem de execucao dos modulos para instalacao completa
 # Modulos marcados com skip_env podem ser pulados via variavel de ambiente
 INSTALL_SEQUENCE = [
@@ -108,12 +301,25 @@ def run(ctx: ExecutionContext) -> None:
         fg=typer.colors.CYAN,
     )
 
+    steps_override = ctx.selected_steps
+    if steps_override is None and ctx.interactive_steps:
+        steps_override = _select_steps_interactively()
+
+    # Debug/diagnose menu simples
+    if not ctx.debug_snapshots and not ctx.post_diagnose:
+        typer.secho("Ativar modo debug (snapshots + diagnose pos-modulo)?", fg=typer.colors.YELLOW)
+        if typer.confirm("Habilitar debug?", default=False):
+            ctx.debug_snapshots = True
+            ctx.post_diagnose = True
+
     # Mostra sequencia de instalacao
     typer.echo("Sequencia de instalacao:")
     for i, (name, _, desc, skip_env) in enumerate(INSTALL_SEQUENCE, 1):
         suffix = ""
         if skip_env and os.environ.get(skip_env, "").strip() in ("1", "true", "yes"):
             suffix = " [SKIP]"
+        if steps_override and name not in steps_override:
+            suffix = " [IGNORADO]"
         typer.echo(f"  {i:2}. {name:25} - {desc}{suffix}")
 
     typer.echo("")
@@ -126,7 +332,7 @@ def run(ctx: ExecutionContext) -> None:
     typer.echo("")
 
     if not ctx.dry_run:
-        if not typer.confirm("Deseja continuar com a instalacao completa?", default=True):
+        if not _confirm_colored("Deseja continuar com a instalacao completa?", default=True):
             typer.echo("Instalacao cancelada.")
             raise typer.Exit(code=0)
 
@@ -135,13 +341,25 @@ def run(ctx: ExecutionContext) -> None:
     succeeded = []
     skipped = []
 
+    cluster_ready = False
+
     for i, (name, handler, desc, skip_env) in enumerate(INSTALL_SEQUENCE, 1):
+        if steps_override and name not in steps_override:
+            skipped.append(name)
+            typer.secho(f"⏭ {name} ignorado (fora da lista selecionada)", fg=typer.colors.YELLOW)
+            continue
+
         # Verifica se modulo deve ser pulado via env
         if skip_env and os.environ.get(skip_env, "").strip() in ("1", "true", "yes"):
             skipped.append(name)
             typer.secho(f"⏭ {name} pulado via {skip_env}=1", fg=typer.colors.YELLOW)
             continue
 
+        if ctx.confirm_each_step:
+            if not _confirm_colored(f"Executar modulo '{name}' agora?", default=True):
+                skipped.append(name)
+                continue
+
         typer.secho(
             f"\n{'='*60}",
             fg=typer.colors.CYAN,
@@ -160,6 +378,15 @@ def run(ctx: ExecutionContext) -> None:
             handler(ctx)
             succeeded.append(name)
             typer.secho(f"✓ {name} concluido com sucesso", fg=typer.colors.GREEN)
+
+            if name == "kubernetes":
+                cluster_ready = True
+
+            if ctx.post_diagnose and cluster_ready:
+                _maybe_diagnose(name, ctx)
+
+            if ctx.debug_snapshots and cluster_ready:
+                _kube_snapshot(ctx, events=80)
         except KeyboardInterrupt:
             typer.secho(f"\n⚠ Instalacao interrompida pelo usuario no modulo '{name}'", fg=typer.colors.YELLOW)
             raise typer.Exit(code=130)

raijin_server/modules/prometheus.py

@@ -1,30 +1,115 @@
-"""Configuracao do Prometheus Stack via Helm."""
+"""Configuracao do Prometheus Stack via Helm (robust, production-ready)."""
+
+from __future__ import annotations
 
 import typer
 
-from raijin_server.utils import ExecutionContext, helm_upgrade_install, require_root
+from raijin_server.utils import (
+    ExecutionContext,
+    helm_upgrade_install,
+    kubectl_create_ns,
+    require_root,
+    run_cmd,
+)
+
+DEFAULT_NAMESPACE = "observability"
+
+
+def _get_default_storage_class(ctx: ExecutionContext) -> str:
+    if ctx.dry_run:
+        return ""
+    result = run_cmd(
+        [
+            "kubectl",
+            "get",
+            "storageclass",
+            "-o",
+            "jsonpath={.items[?(@.metadata.annotations['storageclass.kubernetes.io/is-default-class']=='true')].metadata.name}",
+        ],
+        ctx,
+        check=False,
+    )
+    return (result.stdout or "").strip()
+
+
+def _ensure_cluster_access(ctx: ExecutionContext) -> None:
+    if ctx.dry_run:
+        return
+    result = run_cmd(["kubectl", "cluster-info"], ctx, check=False)
+    if result.returncode != 0:
+        typer.secho("Cluster Kubernetes nao acessivel. Verifique kubeconfig/controle-plane.", fg=typer.colors.RED)
+        raise typer.Exit(code=1)
 
 
 def run(ctx: ExecutionContext) -> None:
     require_root(ctx)
+    _ensure_cluster_access(ctx)
+
     typer.echo("Instalando kube-prometheus-stack via Helm...")
 
+    namespace = typer.prompt("Namespace destino", default=DEFAULT_NAMESPACE)
+    kubectl_create_ns(namespace, ctx)
+
+    default_sc = _get_default_storage_class(ctx)
+    enable_persistence = typer.confirm(
+        "Habilitar PVC para Prometheus e Alertmanager?", default=bool(default_sc)
+    )
+
     values = [
         "grafana.enabled=false",
         "prometheus.prometheusSpec.retention=15d",
         "prometheus.prometheusSpec.enableAdminAPI=true",
         "prometheus.prometheusSpec.serviceMonitorSelectorNilUsesHelmValues=false",
-        "prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.resources.requests.storage=20Gi",
-        "alertmanager.alertmanagerSpec.storage.volumeClaimTemplate.spec.resources.requests.storage=10Gi",
+        "prometheus.prometheusSpec.podMonitorSelectorNilUsesHelmValues=false",
         "defaultRules.create=true",
     ]
 
+    extra_args = ["--wait", "--timeout", "5m", "--atomic"]
+
+    chart_version = typer.prompt(
+        "Versao do chart (vazio para latest)",
+        default="",
+    ).strip()
+    if chart_version:
+        extra_args.extend(["--version", chart_version])
+
+    if enable_persistence:
+        storage_class = typer.prompt(
+            "StorageClass para PVC",
+            default=default_sc or "",
+        ).strip()
+        prom_size = typer.prompt("Tamanho PVC Prometheus", default="20Gi")
+        alert_size = typer.prompt("Tamanho PVC Alertmanager", default="10Gi")
+
+        if storage_class:
+            values.extend(
+                [
+                    f"prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.storageClassName={storage_class}",
+                    f"alertmanager.alertmanagerSpec.storage.volumeClaimTemplate.spec.storageClassName={storage_class}",
+                ]
+            )
+
+        values.extend(
+            [
+                f"prometheus.prometheusSpec.storageSpec.volumeClaimTemplate.spec.resources.requests.storage={prom_size}",
+                f"alertmanager.alertmanagerSpec.storage.volumeClaimTemplate.spec.resources.requests.storage={alert_size}",
+            ]
+        )
+    else:
+        typer.secho(
+            "PVC desativado: Prometheus/Alertmanager usarao volumes efemeros (sem retenção apos restart).",
+            fg=typer.colors.YELLOW,
+        )
+
     helm_upgrade_install(
         release="kube-prometheus-stack",
         chart="kube-prometheus-stack",
-        namespace="observability",
+        namespace=namespace,
         repo="prometheus-community",
         repo_url="https://prometheus-community.github.io/helm-charts",
         ctx=ctx,
         values=values,
+        extra_args=extra_args,
     )
+
+    typer.secho("kube-prometheus-stack instalado com sucesso.", fg=typer.colors.GREEN)

raijin_server/scripts/install.sh

@@ -38,7 +38,7 @@ echo "Escolha o tipo de instalação:"
 echo "  1) Global (requer sudo, todos os usuários)"
 echo "  2) Virtual env (recomendado para desenvolvimento)"
 echo "  3) User install (apenas usuário atual)"
-read -p "Opção [2]: " INSTALL_TYPE
+read -r -p "Opção [2]: " INSTALL_TYPE
 INSTALL_TYPE=${INSTALL_TYPE:-2}
 
 echo ""
@@ -51,6 +51,7 @@ case $INSTALL_TYPE in
     2)
         echo -e "${YELLOW}Criando virtual environment...${NC}"
         python3 -m venv .venv
+        # shellcheck disable=SC1091
         source .venv/bin/activate
         pip install --upgrade pip
         pip install -e .
@@ -73,7 +74,7 @@ EOF
         
         # Adicionar ao PATH se necessário
         if [[ ":$PATH:" != *":$HOME/.local/bin:"* ]]; then
-            echo 'export PATH="$HOME/.local/bin:$PATH"' >> ~/.bashrc
+            echo "export PATH=\"$HOME/.local/bin:$PATH\"" >> ~/.bashrc
             echo -e "${YELLOW}⚠${NC} Adicionado $HOME/.local/bin ao PATH"
             echo "Execute: source ~/.bashrc"
         fi

raijin_server/scripts/log_size_metric.sh

@@ -11,21 +11,25 @@ OUTPUT=${RAIJIN_METRIC_FILE:-/var/lib/node_exporter/textfile_collector/raijin_lo
 # Calcula soma de todos os logs (principal + rotações)
 TOTAL_BYTES=0
 shopt -s nullglob
+
+METRICS_TMP=$(mktemp)
+trap 'rm -f "$METRICS_TMP"' EXIT
+
 for f in "$LOG_DIR"/$LOG_PATTERN; do
   size=$(stat -c%s "$f" 2>/dev/null || echo 0)
   TOTAL_BYTES=$((TOTAL_BYTES + size))
   if [[ "$f" =~ raijin-server\.log(\.\d+)?$ ]]; then
-    printf "raijin_log_size_bytes{file=\"%s\"} %d\n" "$(basename "$f")" "$size"
+    printf "raijin_log_size_bytes{file=\"%s\"} %d\n" "$(basename "$f")" "$size" >> "$METRICS_TMP"
   fi
-done | {
-  # Escreve métricas no arquivo final
-  mkdir -p "$(dirname "$OUTPUT")"
-  {
-    echo "# HELP raijin_log_size_bytes Tamanho dos logs do raijin-server (bytes)"
-    echo "# TYPE raijin_log_size_bytes gauge"
-    cat
-    echo "# HELP raijin_log_size_total_bytes Soma dos logs do raijin-server (bytes)"
-    echo "# TYPE raijin_log_size_total_bytes gauge"
-    echo "raijin_log_size_total_bytes ${TOTAL_BYTES}"
-  } > "$OUTPUT"
-}
+done
+
+# Escreve métricas no arquivo final
+mkdir -p "$(dirname "$OUTPUT")"
+{
+  echo "# HELP raijin_log_size_bytes Tamanho dos logs do raijin-server (bytes)"
+  echo "# TYPE raijin_log_size_bytes gauge"
+  cat "$METRICS_TMP"
+  echo "# HELP raijin_log_size_total_bytes Soma dos logs do raijin-server (bytes)"
+  echo "# TYPE raijin_log_size_total_bytes gauge"
+  echo "raijin_log_size_total_bytes ${TOTAL_BYTES}"
+} > "$OUTPUT"

raijin_server/scripts/pre-deploy-check.sh

@@ -49,6 +49,7 @@ fi
 echo ""
 echo "2. Verificando Sistema Operacional..."
 if [ -f /etc/os-release ]; then
+    # shellcheck disable=SC1091
     . /etc/os-release
     if [[ "$ID" == "ubuntu" ]]; then
         VERSION_NUM=$(echo "$VERSION_ID" | cut -d. -f1)
@@ -152,7 +153,7 @@ STATE_DIRS=("/var/lib/raijin-server/state" "$HOME/.local/share/raijin-server/sta
 FOUND_STATE=0
 for dir in "${STATE_DIRS[@]}"; do
     if [[ -d "$dir" ]]; then
-        MODULE_COUNT=$(ls -1 "$dir"/*.done 2>/dev/null | wc -l)
+        MODULE_COUNT=$(find "$dir" -maxdepth 1 -name '*.done' -type f 2>/dev/null | wc -l)
         if [[ $MODULE_COUNT -gt 0 ]]; then
             check_pass "$MODULE_COUNT modulos concluidos (em $dir)"
             FOUND_STATE=1