sovereign 0.19.3__py3-none-any.whl → 1.0.0a4__py3-none-any.whl

sovereign/views/discovery.py

@@ -1,63 +1,21 @@
-from typing import Dict
-
 from fastapi import Body, Header
-from fastapi.routing import APIRouter
 from fastapi.responses import Response
+from fastapi.routing import APIRouter
 
-from sovereign import discovery, logs, config
-from sovereign.utils.auth import authenticate
-from sovereign.utils.version_info import compute_hash
-from sovereign.schemas import (
+from sovereign import cache, config, logs
+from sovereign.cache.types import Entry
+from sovereign.types import (
     DiscoveryRequest,
     DiscoveryResponse,
-    ProcessedTemplate,
 )
-
-discovery_cache = config.discovery_cache
-
-if discovery_cache.enabled:
-    from cashews import cache
-
-    cache.setup(
-        f"{discovery_cache.protocol}{discovery_cache.host}:{discovery_cache.port}",
-        password=discovery_cache.password.get_secret_value(),
-        client_side=discovery_cache.client_side,
-        wait_for_connection_timeout=discovery_cache.wait_for_connection_timeout,
-        socket_connect_timeout=discovery_cache.socket_connect_timeout,
-        socket_timeout=discovery_cache.socket_timeout,
-        max_connections=discovery_cache.max_connections,
-        retry_on_timeout=discovery_cache.retry_on_timeout,
-        suppress=discovery_cache.suppress,
-        socket_keepalive=discovery_cache.socket_keepalive,
-        enable=discovery_cache.enabled,
-    )
-
-router = APIRouter()
-
-type_urls = {
-    "v2": {
-        "listeners": "type.googleapis.com/envoy.api.v2.Listener",
-        "clusters": "type.googleapis.com/envoy.api.v2.Cluster",
-        "endpoints": "type.googleapis.com/envoy.api.v2.ClusterLoadAssignment",
-        "secrets": "type.googleapis.com/envoy.api.v2.auth.Secret",
-        "routes": "type.googleapis.com/envoy.api.v2.RouteConfiguration",
-        "scoped-routes": "type.googleapis.com/envoy.api.v2.ScopedRouteConfiguration",
-    },
-    "v3": {
-        "listeners": "type.googleapis.com/envoy.config.listener.v3.Listener",
-        "clusters": "type.googleapis.com/envoy.config.cluster.v3.Cluster",
-        "endpoints": "type.googleapis.com/envoy.config.endpoint.v3.ClusterLoadAssignment",
-        "secrets": "type.googleapis.com/envoy.extensions.transport_sockets.tls.v3.Secret",
-        "routes": "type.googleapis.com/envoy.config.route.v3.RouteConfiguration",
-        "scoped-routes": "type.googleapis.com/envoy.config.route.v3.ScopedRouteConfiguration",
-        "runtime": "type.googleapis.com/envoy.service.runtime.v3.Runtime",
-    },
-}
+from sovereign.utils.auth import authenticate
+from sovereign.v2.web import wait_for_discovery_response
+from sovereign.views import reader
 
 
 def response_headers(
-    discovery_request: DiscoveryRequest, response: ProcessedTemplate, xds: str
-) -> Dict[str, str]:
+    discovery_request: DiscoveryRequest, response: Entry, xds: str
+) -> dict[str, str]:
     return {
         "X-Sovereign-Client-Build": discovery_request.envoy_version,
         "X-Sovereign-Client-Version": discovery_request.version_info,
@@ -68,6 +26,9 @@ def response_headers(
     }
 
 
+router = APIRouter()
+
+
 @router.post(
     "/{version}/discovery:{xds_type}",
     summary="Envoy Discovery Service Endpoint",
@@ -81,76 +42,51 @@ def response_headers(
 async def discovery_response(
     version: str,
     xds_type: str,
-    discovery_request: DiscoveryRequest = Body(...),
+    xds_req: DiscoveryRequest = Body(...),
     host: str = Header("no_host_provided"),
 ) -> Response:
-    discovery_request.desired_controlplane = host
-    response = await perform_discovery(
-        discovery_request, version, xds_type, skip_auth=False
-    )
-    logs.queue_log_fields(
-        XDS_RESOURCES=discovery_request.resource_names,
-        XDS_ENVOY_VERSION=discovery_request.envoy_version,
-        XDS_CLIENT_VERSION=discovery_request.version_info,
-        XDS_SERVER_VERSION=response.version,
-    )
-    if discovery_request.error_detail:
-        logs.queue_log_fields(XDS_ERROR_DETAIL=discovery_request.error_detail.message)
-    headers = response_headers(discovery_request, response, xds_type)
-
-    if response.version == discovery_request.version_info:
-        return not_modified(headers)
-    elif getattr(response, "resources", None) == []:
-        return Response(status_code=404, headers=headers)
-    elif response.version != discovery_request.version_info:
-        return Response(
-            response.rendered, headers=headers, media_type="application/json"
+    authenticate(xds_req)
+
+    # Pack additional info into the request
+    xds_req.desired_controlplane = host
+    xds_req.resource_type = xds_type
+    xds_req.api_version = version
+    if xds_req.error_detail:
+        logs.access_logger.queue_log_fields(
+            XDS_ERROR_DETAIL=xds_req.error_detail.message
         )
-    return Response(content="Resources could not be determined", status_code=500)
-
+    logs.access_logger.queue_log_fields(
+        XDS_RESOURCES=xds_req.resource_names,
+        XDS_ENVOY_VERSION=xds_req.envoy_version,
+        XDS_CLIENT_VERSION=xds_req.version_info,
+    )
 
-async def perform_discovery(
-    req: DiscoveryRequest,
-    api_version: str,
-    resource_type: str,
-    skip_auth: bool = False,
-) -> ProcessedTemplate:
-    if not skip_auth:
-        authenticate(req)
-    if discovery_cache.enabled:
-        logs.queue_log_fields(CACHE_XDS_HIT=False)
-        cache_key = compute_hash(
-            [
-                api_version,
-                resource_type,
-                req.envoy_version,
-                req.resource_names,
-                req.desired_controlplane,
-                req.hide_private_keys,
-                req.type_url,
-                req.node.cluster,
-                req.node.locality,
-                req.node.metadata.get("auth", None),
-                req.node.metadata.get("num_cpus", None),
-            ]
+    def handle_response(entry: cache.Entry):
+        logs.access_logger.queue_log_fields(
+            XDS_SERVER_VERSION=entry.version,
         )
-        if template := await cache.get(key=cache_key, default=None):
-            logs.queue_log_fields(CACHE_XDS_HIT=True)
-            return template  # type: ignore[no-any-return]
-    template = discovery.response(req, resource_type)
-    type_url = type_urls.get(api_version, {}).get(resource_type)
-    if type_url is not None:
-        for resource in template.resources:
-            if not resource.get("@type"):
-                resource["@type"] = type_url
-    if discovery_cache.enabled:
-        await cache.set(
-            key=cache_key,
-            value=template,
-            expire=discovery_cache.ttl,
-        )
-    return template  # type: ignore[no-any-return]
-
-
-def not_modified(headers: Dict[str, str]) -> Response:
-    return Response(status_code=304, headers=headers)
+        headers = response_headers(xds_req, entry, xds_type)
+        if entry.len == 0:
+            return Response(status_code=404, headers=headers)
+        if entry.version == xds_req.version_info:
+            return Response(status_code=304, headers=headers)
+        return Response(entry.text, media_type="application/json", headers=headers)
+
+    if config.worker_v2_enabled:
+        # we're set up to use v2 of the worker
+        response = await wait_for_discovery_response(xds_req)
+        if response is not None:
+            entry = Entry(
+                text=response.model_dump_json(indent=None),
+                len=len(response.resources),
+                version=response.version_info,
+                node=xds_req.node,
+            )
+            return handle_response(entry)
+
+    else:
+        entry: Entry | None
+        if entry := await reader.blocking_read(xds_req):  # ty: ignore[possibly-missing-attribute]
+            return handle_response(entry)
+
+    return Response(content="Something went wrong", status_code=500)

sovereign/views/healthchecks.py

@@ -1,38 +1,125 @@
-from typing import List
-from fastapi import Response
+import asyncio
+
+import pydantic
+import requests
+from fastapi import Query, Request, Response
+from fastapi.responses import JSONResponse, PlainTextResponse
 from fastapi.routing import APIRouter
-from fastapi.responses import PlainTextResponse
-from sovereign import XDS_TEMPLATES, __version__, json_response_class
-from sovereign.utils.mock import mock_discovery_request
-from sovereign.views.discovery import perform_discovery
+from typing_extensions import Annotated, Literal
 
+from sovereign import __version__
+from sovereign.configuration import XDS_TEMPLATES, config
+from sovereign.response_class import json_response_class
+from sovereign.utils.mock import mock_discovery_request
+from sovereign.v2.web import wait_for_discovery_response
+from sovereign.views import reader
 
 router = APIRouter()
 
+State = Literal["FAIL"] | Literal["OK"]
+Message = str
+CheckResult = tuple[State, Message] | State
+
+
+class DeepCheckResult(pydantic.BaseModel):
+    templates: dict[str, CheckResult] = pydantic.Field(default_factory=dict)
+    worker: CheckResult = pydantic.Field(default=("FAIL", "Worker unavailable"))
+
+    def response(self) -> PlainTextResponse:
+        return PlainTextResponse(content=self.message, status_code=self.status)
+
+    def json_response(self) -> JSONResponse:
+        return json_response_class(content=self.model_dump(), status_code=self.status)
+
+    @property
+    def message(self) -> str:
+        msg = "Templates:\n"
+        for template, result in sorted(self.templates.items()):
+            msg += f"* {template} {result}\n"
+        msg += f"Worker: {self.worker}\n"
+        return msg
+
+    @property
+    def status(self) -> int:
+        if self.is_err():
+            return 500
+        return 200
+
+    def is_err(self):
+        for result in self.templates.values():
+            if result[0] == "FAIL":
+                return True
+        if self.worker[0] == "FAIL":
+            return True
+        return False
+
 
 @router.get("/healthcheck", summary="Healthcheck (Does the server respond to HTTP?)")
 async def health_check() -> Response:
-    return PlainTextResponse("OK")
+    return PlainTextResponse("OK", status_code=200)
 
 
 @router.get(
     "/deepcheck",
-    summary="Deepcheck (Can the server render all configured templates?)",
-    response_class=json_response_class,
+    summary="Deepcheck (Can the server render all default templates?)",
 )
-async def deep_check(response: Response) -> List[str]:
-    response.status_code = 200
-    ret = list()
+async def deep_check(
+    request: Request,
+    worker_attempts: Annotated[
+        int,
+        Query(
+            description="How many times to try to contact the worker before giving up",
+        ),
+    ] = 5,
+    envoy_service_cluster: Annotated[
+        str,
+        Query(
+            description="Which service cluster to use when checking if a template can be rendered",
+        ),
+    ] = "*",
+) -> Response:
+    result = DeepCheckResult()
     for template in list(XDS_TEMPLATES["default"].keys()):
-        try:
-            req = mock_discovery_request(service_cluster="*")
-            await perform_discovery(req, "v3", resource_type=template, skip_auth=True)
-        # pylint: disable=broad-except
-        except Exception as e:
-            ret.append(f"Failed {template}: {str(e)}")
+        discovery_request = mock_discovery_request(
+            "v3",
+            template,
+            expressions=[f"cluster={envoy_service_cluster}"],
+        )
+
+        if config.worker_v2_enabled:
+            # we're set up to use v2 of the worker
+            response = await wait_for_discovery_response(discovery_request)
+            if response:
+                result.templates[template] = "OK"
+            else:
+                result.templates[template] = (
+                    "FAIL",
+                    f"Failed to render {template}",
+                )
+
+            result.worker = "OK"
         else:
-            ret.append(f"Rendered {template} OK")
-    return ret
+            try:
+                _ = await reader.blocking_read(discovery_request)  # ty: ignore[possibly-missing-attribute]
+                result.templates[template] = "OK"
+            except Exception as e:
+                result.templates[template] = ("FAIL", f"Failed {template}: {str(e)}")
+
+    if not config.worker_v2_enabled:
+        for attempt in range(worker_attempts):
+            try:
+                worker_health = requests.get("http://localhost:9080/health")
+                if worker_health.ok:
+                    result.worker = "OK"
+                    break
+            except Exception as e:
+                result.worker = ("FAIL", str(e))
+                await asyncio.sleep(attempt)
+
+    if "json" in request.headers.get("Accept", ""):
+        return result.json_response()
+
+    return result.response()
 
 
 @router.get("/version", summary="Display the current version of Sovereign")