sf-veritas 0.9.7__py3-none-any.whl

sf_veritas/patches/network_libraries/treq.py

@@ -0,0 +1,122 @@
+"""
+Header propagation + network-recording patch for **Treq**.
+
+• Propagates SAILFISH_TRACING_HEADER (unless excluded destination).
+• Records every outbound request via record_network_request(…).
+
+It also guarantees that Twisted's reactor is *running*:
+
+1. Prefer installing the asyncio reactor early.
+2. If a different reactor is already installed, start it in a background thread
+   (if it isn't running yet), so Deferreds produced by treq will fire.
+"""
+
+from __future__ import annotations
+
+import asyncio
+import threading
+import time
+from typing import List, Optional
+
+from ...constants import SAILFISH_TRACING_HEADER
+from ..constants import supported_network_verbs as verbs
+from .utils import get_trace_and_should_propagate, record_network_request
+
+
+def _ensure_reactor_running() -> None:
+    """
+    • Try to replace Twisted's default reactor with the asyncio one.
+    • If that fails because a reactor is already installed, make sure the
+      existing reactor is *running* (start it in a daemon thread if needed).
+    """
+    # Twisted import must be inside this function to avoid premature reactor load
+    from twisted.internet import reactor
+
+    try:
+        from twisted.internet import asyncioreactor
+
+        # Already an asyncio reactor? -> nothing to do
+        if reactor.__class__.__module__ == "twisted.internet.asyncioreactor":
+            return
+
+        # Try upgrade to asyncio-reactor (will raise if another reactor in use)
+        asyncioreactor.install(asyncio.get_event_loop())  # type: ignore[arg-type]
+        return
+    except Exception:
+        # Could not swap reactors (already installed).  Make sure current one runs.
+        if not reactor.running:
+            threading.Thread(
+                target=reactor.run,
+                kwargs={"installSignalHandlers": False},
+                daemon=True,
+            ).start()
+
+
+def patch_treq(domains_to_not_propagate_headers_to: Optional[List[str]] = None):
+    try:
+        # Ensure a live reactor *before* importing treq
+        _ensure_reactor_running()
+
+        import treq
+    except ImportError:
+        return  # treq is not installed; nothing to patch
+
+    exclude = domains_to_not_propagate_headers_to or []
+    orig_request = treq.request
+
+    # ------------------------------------------------------------------ #
+    def patched_request(method: str, url: str, **kwargs):
+        # -------- header propagation
+        hdrs = dict(kwargs.pop("headers", {}) or {})
+        trace_id, allow = get_trace_and_should_propagate(url, exclude)
+        if allow:
+            hdrs[SAILFISH_TRACING_HEADER] = trace_id
+        kwargs["headers"] = hdrs
+
+        t0 = int(time.time() * 1_000)
+        d = orig_request(method, url, **kwargs)  # Deferred
+
+        # -------- record on success
+        def _ok(resp):
+            status = getattr(resp, "code", 0)
+            record_network_request(
+                trace_id,
+                url,
+                method.upper(),
+                status,
+                status < 400,
+                None,
+                timestamp_start=t0,
+                timestamp_end=int(time.time() * 1_000),
+            )
+            return resp
+
+        # -------- record on failure
+        def _err(f):
+            record_network_request(
+                trace_id,
+                url,
+                method.upper(),
+                0,
+                False,
+                str(f.value)[:255],
+                timestamp_start=t0,
+                timestamp_end=int(time.time() * 1_000),
+            )
+            return f
+
+        d.addCallbacks(_ok, _err)
+        return d
+
+    treq.request = patched_request  # type: ignore[assignment]
+
+    # Convenience verbs → reuse patched_request
+    def _verb_factory(v: str):
+        def _verb(url, **k):
+            return treq.request(v.upper(), url, **k)
+
+        _verb.__name__ = v
+        return _verb
+
+    for verb in verbs:
+        setattr(treq, verb, _verb_factory(verb))

sf_veritas/patches/network_libraries/urllib_request.py

@@ -0,0 +1,129 @@
+"""
+Instrument urllib.request so that
+
+• Every call to urlopen() or OpenerDirector.open() propagates
+  SAILFISH_TRACING_HEADER (unless destination host is excluded).
+• Every call triggers record_network_request(…).
+
+The patch is safe to import multiple times.
+"""
+
+from __future__ import annotations
+
+import time
+from typing import List, Optional
+
+from ...constants import SAILFISH_TRACING_HEADER
+from .utils import get_trace_and_should_propagate, record_network_request
+
+
+def patch_urllib_request(
+    domains_to_not_propagate_headers_to: Optional[List[str]] = None,
+) -> None:
+    try:
+        import urllib.error
+        import urllib.request as _ur
+        from urllib.parse import urlparse
+    except ImportError:  # extremely unlikely
+        return
+
+    exclude: List[str] = domains_to_not_propagate_headers_to or []
+    _orig_urlopen = _ur.urlopen
+    _orig_opener_open = _ur.OpenerDirector.open  # type: ignore[attr-defined]
+
+    # ------------------------------------------------------------------ #
+    # Helper shared by urlopen / OpenerDirector.open
+    # ------------------------------------------------------------------ #
+    def _inject_and_record(
+        opener_call,  # either _orig_urlopen or _orig_opener_open(self, ...)
+        req_or_url,
+        data,
+        timeout,
+        *args,
+        **kwargs,
+    ):
+        # 1. Build a Request object
+        if isinstance(req_or_url, _ur.Request):
+            req = req_or_url  # already a Request
+        else:
+            req = _ur.Request(req_or_url, data=data)
+
+        # Method (GET/POST/…) is resolved only *after* data & method props
+        method = req.get_method()
+
+        # 2. Header propagation decision
+        trace_id, allow = get_trace_and_should_propagate(req.full_url, exclude)
+        if allow:
+            req.add_header(SAILFISH_TRACING_HEADER, trace_id)
+
+        # 3. Perform the real I/O
+        t0 = int(time.time() * 1_000)
+        try:
+            resp = opener_call(req, timeout=timeout, *args, **kwargs)
+            status = (
+                getattr(resp, "status", None) or getattr(resp, "getcode", lambda: 0)()
+            )
+            success = status < 400
+            record_network_request(
+                trace_id,
+                req.full_url,
+                method,
+                status,
+                success,
+                None,
+                timestamp_start=t0,
+                timestamp_end=int(time.time() * 1_000),
+            )
+            return resp
+
+        except urllib.error.HTTPError as e:
+            record_network_request(
+                trace_id,
+                req.full_url,
+                method,
+                e.code,
+                False,
+                str(e),
+                timestamp_start=t0,
+                timestamp_end=int(time.time() * 1_000),
+            )
+            raise
+
+        except Exception as e:  # noqa: BLE001
+            record_network_request(
+                trace_id,
+                req.full_url,
+                method,
+                0,
+                False,
+                str(e)[:255],
+                timestamp_start=t0,
+                timestamp_end=int(time.time() * 1_000),
+            )
+            raise
+
+    # ------------------------------------------------------------------ #
+    # Module-level urlopen patch
+    # ------------------------------------------------------------------ #
+    def patched_urlopen(url, data=None, timeout=_ur.socket._GLOBAL_DEFAULT_TIMEOUT, *a, **kw):  # type: ignore
+        return _inject_and_record(_orig_urlopen, url, data, timeout, *a, **kw)
+
+    _ur.urlopen = patched_urlopen  # type: ignore[assignment]
+
+    # ------------------------------------------------------------------ #
+    # OpenerDirector.open patch (covers build_opener, install_opener, etc.)
+    # ------------------------------------------------------------------ #
+    def patched_opener_open(self, fullurl, data=None, timeout=None, *a, **kw):  # type: ignore[override]
+        # self is the OpenerDirector instance
+        return _inject_and_record(
+            lambda req, timeout=None, *aa, **kk: _orig_opener_open(  # bind self
+                self, req, data=data, timeout=timeout, *aa, **kk
+            ),
+            fullurl,
+            data,
+            timeout,
+            *a,
+            **kw,
+        )
+
+    _ur.OpenerDirector.open = patched_opener_open  # type: ignore[assignment]

sf_veritas/patches/network_libraries/utils.py

@@ -0,0 +1,101 @@
+"""
+Shared helpers used by all network-patch modules.
+"""
+
+from __future__ import annotations
+
+import time
+from typing import List, Tuple
+from urllib.parse import urlparse
+
+from ...regular_data_transmitter import NetworkRequestTransmitter
+from ...thread_local import get_or_set_sf_trace_id, is_network_recording_suppressed
+
+
+###############################################################################
+# Domain-parsing utility  (no external network / no tldextract needed)
+###############################################################################
+def extract_domain(url: str) -> str:
+    """
+    Return a canonical host name for header-propagation checks.
+
+    • Works entirely offline (std-lib only) – no remote download or file locks.
+    • Keeps sub-domains intact, just strips a leading “www.” and port numbers.
+
+    Examples
+    --------
+    >>> extract_domain("https://www.example.com:443/path")
+    'example.com'
+    >>> extract_domain("https://api.foo.bar.example.co.uk/v1")
+    'api.foo.bar.example.co.uk'
+    """
+    try:
+        host = urlparse(url).hostname or url
+    except Exception:
+        host = url  # fall back to raw string on malformed URLs
+    if host.startswith("www."):
+        host = host[4:]
+    return host.lower()
+
+
+###############################################################################
+# Header-propagation + network-recording helpers
+###############################################################################
+def get_trace_and_should_propagate(
+    url: str,
+    domains_to_not_propagate: List[str],
+) -> Tuple[str, bool]:
+    """
+    Returns  (trace_id, should_propagate?)  for the given destination `url`.
+    """
+    _, trace_id = get_or_set_sf_trace_id()
+    domain = extract_domain(url)
+    allow_header = domain not in domains_to_not_propagate
+    return trace_id, allow_header
+
+
+def record_network_request(
+    trace_id: str,
+    url: str,
+    method: str,
+    status_code: int,
+    success: bool,
+    error: str | None = None,
+    timestamp_start: int | None = None,
+    timestamp_end: int | None = None,
+) -> None:
+    """
+    Fire off a GraphQL NetworkRequest mutation via NetworkRequestTransmitter.
+    Handles tripartite trace-ID splitting and default timestamps.
+    """
+    if is_network_recording_suppressed():
+        return
+
+    session_id, page_visit_id, request_id = None, None, None
+    parts = trace_id.split("/")
+    if parts:
+        session_id = parts[0]
+    if len(parts) > 1:
+        page_visit_id = parts[1]
+    if len(parts) > 2:
+        request_id = parts[2]
+
+    now_ms = lambda: int(time.time() * 1_000)  # noqa: E731
+    ts0 = timestamp_start or now_ms()
+    ts1 = timestamp_end or now_ms()
+
+    NetworkRequestTransmitter().do_send(
+        (
+            request_id,
+            page_visit_id,
+            session_id,
+            None,  # service_uuid (set by transmitter middleware)
+            ts0,
+            ts1,
+            status_code,
+            success,
+            None if success else (error or "")[:255],
+            url,
+            method.upper(),
+        )
+    )

sf_veritas/patches/os.py

@@ -0,0 +1,17 @@
+import os
+
+from ..thread_local import get_context, set_context
+
+_original_fork = os.fork
+
+
+def patched_fork():
+    current_context = get_context()
+    pid = _original_fork()
+    if pid == 0:  # Child process
+        set_context(current_context)
+    return pid
+
+
+def patch_os():
+    os.fork = patched_fork

sf_veritas/patches/threading.py

@@ -0,0 +1,32 @@
+import threading
+
+from ..thread_local import get_context, set_context
+
+_original_thread_init = threading.Thread.__init__
+
+
+def patched_thread_init(self, *args, **kwargs):
+    current_context = get_context()
+
+    original_target = kwargs.get("target")
+    if original_target:
+
+        def wrapped_target(*targs, **tkwargs):
+            set_context(current_context)
+            original_target(*targs, **tkwargs)
+
+        kwargs["target"] = wrapped_target
+    elif args and callable(args[0]):
+        original_target = args[0]
+
+        def wrapped_target(*targs, **tkwargs):
+            set_context(current_context)
+            original_target(*targs, **tkwargs)
+
+        args = (wrapped_target,) + args[1:]
+
+    _original_thread_init(self, *args, **kwargs)
+
+
+def patch_threading():
+    threading.Thread.__init__ = patched_thread_init

sf_veritas/patches/web_frameworks/__init__.py

@@ -0,0 +1,45 @@
+from .aiohttp import patch_aiohttp
+from .async_websocket_consumer import patch_async_consumer_call
+from .blacksheep import patch_blacksheep
+from .bottle import patch_bottle
+from .cherrypy import patch_cherrypy
+from .django import find_and_modify_output_wrapper, patch_django_middleware
+from .eve import patch_eve
+from .falcon import patch_falcon
+from .fastapi import patch_fastapi
+from .flask import patch_flask
+from .klein import patch_klein
+from .litestar import patch_litestar
+from .pyramid import patch_pyramid
+from .quart import patch_quart
+from .robyn import patch_robyn
+from .sanic import patch_sanic
+from .starlette import patch_starlette
+from .strawberry import patch_strawberry_schema
+from .tornado import patch_tornado
+
+
+def patch_web_frameworks():
+    patch_strawberry_schema()
+    patch_async_consumer_call()
+    find_and_modify_output_wrapper()
+    patch_django_middleware()
+    patch_fastapi()
+    patch_flask()
+    patch_falcon()
+    patch_bottle()
+    patch_quart()
+    patch_tornado()
+    patch_aiohttp()
+    patch_blacksheep()
+    patch_cherrypy()
+    patch_pyramid()
+    patch_litestar()
+    patch_klein()
+    patch_eve()
+    patch_sanic()
+    patch_starlette()
+    patch_robyn()
+
+
+__all__ = ["patch_web_frameworks"]

sf_veritas/patches/web_frameworks/aiohttp.py

@@ -0,0 +1,133 @@
+"""
+Context-propagation + user-code NetworkHop emission for every aiohttp
+request, while skipping Strawberry GraphQL views.
+"""
+
+from ...constants import SAILFISH_TRACING_HEADER
+from ...custom_excepthook import custom_excepthook
+from ...env_vars import SF_DEBUG
+from ...regular_data_transmitter import NetworkHopsTransmitter
+from ...thread_local import get_or_set_sf_trace_id
+
+# ------------------------------------------------------------------ #
+# shared helpers
+# ------------------------------------------------------------------ #
+from .utils import _is_user_code, _unwrap_user_func  # cached
+
+
+# ------------------------------------------------------------------ #
+# monkey-patch
+# ------------------------------------------------------------------ #
+def patch_aiohttp():
+    """
+    • prepend a middleware that propagates SAILFISH_TRACING_HEADER _and_
+      emits a single NetworkHop for user handlers;
+    • patch Application.add_route(s) so every future handler
+      goes through the wrapper (works for RouteTableDef too).
+    Safe no-op if aiohttp isn't installed.
+    """
+    try:
+        from aiohttp import web
+    except ImportError:  # aiohttp missing
+        return
+
+    # ===========================================================
+    # 1 | Middleware  (1 ContextVar; 2 Hop emission)
+    # ===========================================================
+    @web.middleware
+    async def _sf_tracing_middleware(request: web.Request, handler):
+        """
+        1 - Seed ContextVar from the inbound SAILFISH_TRACING_HEADER header.
+        2 - Emit exactly one NetworkHop per user handler.
+        3 - Capture *all* exceptions—including aiohttp.web.HTTPException—and
+        route them through `custom_excepthook` before letting aiohttp
+        continue its normal error handling.
+        """
+        # 1. Trace-id propagation
+        incoming = request.headers.get(SAILFISH_TRACING_HEADER)
+        if incoming:
+            get_or_set_sf_trace_id(incoming, is_associated_with_inbound_request=True)
+
+        # 2. Hop emission (same logic as before)
+        real_fn = _unwrap_user_func(handler)
+        if callable(real_fn) and not real_fn.__module__.startswith("strawberry"):
+            code = getattr(real_fn, "__code__", None)
+            if code and _is_user_code(code.co_filename):
+                key = (code.co_filename, code.co_firstlineno)
+                sent = request.setdefault("sf_hops_sent", set())
+                if key not in sent:
+                    _, session_id = get_or_set_sf_trace_id()
+                    if SF_DEBUG:
+                        print(
+                            f"[[AiohttpHop]] → {real_fn.__name__} "
+                            f"({code.co_filename}:{code.co_firstlineno}) "
+                            f"session={session_id}",
+                            log=False,
+                        )
+                    NetworkHopsTransmitter().send(
+                        session_id=session_id,
+                        line=str(code.co_firstlineno),
+                        column="0",
+                        name=real_fn.__name__,
+                        entrypoint=code.co_filename,
+                    )
+                    sent.add(key)
+
+        # 3. Exception capture
+        try:
+            return await handler(request)
+        except Exception as exc:  # ← captures *all* errors
+            custom_excepthook(type(exc), exc, exc.__traceback__)
+            raise  # re-raise for aiohttp
+
+    # ===========================================================
+    # 2 | Patch Application.__init__ to insert middleware
+    # ===========================================================
+    original_init = web.Application.__init__
+
+    def patched_init(self, *args, middlewares=None, **kwargs):
+        mlist = list(middlewares or [])
+        mlist.insert(0, _sf_tracing_middleware)  # prepend → runs first
+        original_init(self, *args, middlewares=mlist, **kwargs)
+        _patch_router(self.router)  # apply once per app
+
+    web.Application.__init__ = patched_init
+
+    # ===========================================================
+    # 3 | Patch router.add_route / add_routes for future calls
+    # ===========================================================
+    def _patch_router(router):
+        if getattr(router, "_sf_tracing_patched", False):
+            return  # already done
+
+        orig_add_route = router.add_route
+        orig_add_routes = router.add_routes
+
+        def _wrap_and_add(method, path, handler, *a, **kw):  # noqa: ANN001
+            return orig_add_route(method, path, _wrap_handler(handler), *a, **kw)
+
+        def _wrap_handler(h):
+            # strawberry skip & user-code check happen in middleware,
+            # but wrapping here avoids duplicate stack frames
+            return _unwrap_user_func(h) or h
+
+        def _new_add_routes(routes):
+            wrapped = [
+                (
+                    (m, p, _wrap_handler(h), *rest)  # route is (method,path,handler,…)
+                    if len(r) >= 3
+                    else r
+                )
+                for r in routes
+                for (m, p, h, *rest) in (r,)  # unpack safely
+            ]
+            return orig_add_routes(wrapped)
+
+        router.add_route = _wrap_and_add
+        router.add_routes = _new_add_routes
+        router._sf_tracing_patched = True
+        if SF_DEBUG:
+            print("[[patch_aiohttp]] router hooks installed", log=False)
+
+    if SF_DEBUG:
+        print("[[patch_aiohttp]] middleware + init patch applied", log=False)