stackport 0.1.6__tar.gz → 0.1.8__tar.gz

{stackport-0.1.6/stackport.egg-info → stackport-0.1.8}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: stackport
-Version: 0.1.6
+Version: 0.1.8
 Summary: Universal AWS resource browser for local emulators
 Author: Davi Reis Vieira
 License: MIT
@@ -50,13 +50,13 @@ Dynamic: license-file
 ## Screenshots
 
 **Dashboard** — Service overview with resource counts and health status
-![StackPort Dashboard](docs/images/dashboard.jpeg)
+![StackPort Dashboard](docs/images/dashboard.jpeg?v=1)
 
 **DynamoDB Browser** — Generic resource table with search, pagination, and detail view
-![DynamoDB Resources](docs/images/dynamo.jpeg)
+![DynamoDB Resources](docs/images/dynamo.jpeg?v=1)
 
 **S3 Browser** — File browser with folder navigation and object preview
-![S3 Browser](docs/images/s3.jpeg)
+![S3 Browser](docs/images/s3.jpeg?v=1)
 
 ## Features
 

{stackport-0.1.6 → stackport-0.1.8}/README.md

@@ -18,13 +18,13 @@
 ## Screenshots
 
 **Dashboard** — Service overview with resource counts and health status
-![StackPort Dashboard](docs/images/dashboard.jpeg)
+![StackPort Dashboard](docs/images/dashboard.jpeg?v=1)
 
 **DynamoDB Browser** — Generic resource table with search, pagination, and detail view
-![DynamoDB Resources](docs/images/dynamo.jpeg)
+![DynamoDB Resources](docs/images/dynamo.jpeg?v=1)
 
 **S3 Browser** — File browser with folder navigation and object preview
-![S3 Browser](docs/images/s3.jpeg)
+![S3 Browser](docs/images/s3.jpeg?v=1)
 
 ## Features
 

{stackport-0.1.6 → stackport-0.1.8}/backend/main.py

@@ -8,7 +8,7 @@ from fastapi.responses import FileResponse
 from fastapi.staticfiles import StaticFiles
 
 from backend.config import LOG_LEVEL, STACKPORT_PORT
-from backend.routes import dynamodb, ec2, iam, lambda_svc, logs, resources, s3, sqs, stats
+from backend.routes import dynamodb, ec2, iam, lambda_svc, logs, resources, s3, secretsmanager, sqs, stats
 
 
 class HealthcheckFilter(logging.Filter):
@@ -47,6 +47,7 @@ app.include_router(sqs.router, prefix="/api/sqs", tags=["sqs"])
 app.include_router(iam.router, prefix="/api/iam", tags=["iam"])
 app.include_router(ec2.router, prefix="/api/ec2", tags=["ec2"])
 app.include_router(logs.router, prefix="/api/logs", tags=["logs"])
+app.include_router(secretsmanager.router, prefix="/api/secretsmanager", tags=["secretsmanager"])
 app.include_router(resources.router, prefix="/api")
 
 # Serve UI static files — mount assets under /assets, SPA fallback for everything else

{stackport-0.1.6 → stackport-0.1.8}/backend/routes/resources.py

@@ -71,6 +71,15 @@ DESCRIBE_REGISTRY: dict[tuple[str, str], tuple[str, str, str, str | None]] = {
     ("elasticmapreduce", "clusters"): ("emr", "describe_cluster", "ClusterId", "Cluster"),
 }
 
+# Override the generic _ID_FIELDS for services where the default order picks
+# the wrong field (e.g. Arn before Name, or Name before Id).
+_PREFERRED_ID_FIELD: dict[tuple[str, str], str] = {
+    ("route53", "hosted_zones"): "Id",
+    ("events", "rules"): "Name",
+    ("events", "event_buses"): "Name",
+    ("wafv2", "web_acls"): "Name",
+}
+
 # Known ID field names for extracting a resource identifier from list results
 _ID_FIELDS = [
     "BucketName",
@@ -119,11 +128,13 @@ _ID_FIELDS = [
 ]
 
 
-def _extract_id(item) -> str:
+def _extract_id(item, preferred_field: str | None = None) -> str:
     """Extract a usable ID from a list API result item."""
     if isinstance(item, str):
         return item
     if isinstance(item, dict):
+        if preferred_field and preferred_field in item:
+            return str(item[preferred_field])
         for field in _ID_FIELDS:
             if field in item:
                 return str(item[field])
@@ -134,12 +145,12 @@ def _extract_id(item) -> str:
     return str(item)
 
 
-def _summarize_item(item) -> dict:
+def _summarize_item(item, preferred_field: str | None = None) -> dict:
     """Create a summary dict from a list API result item."""
     if isinstance(item, str):
         return {"id": item}
     if isinstance(item, dict):
-        summary = {"id": _extract_id(item)}
+        summary = {"id": _extract_id(item, preferred_field)}
         for key, value in item.items():
             if isinstance(value, (str, int, float, bool)) or value is None:
                 summary[key] = value
@@ -171,7 +182,8 @@ def list_resources(service: str):
             # Handle nested structures (e.g., cloudfront DistributionList.Items)
             if isinstance(items, dict) and "Items" in items:
                 items = items.get("Items", []) or []
-            resources[resource_type] = [_summarize_item(item) for item in items]
+            preferred = _PREFERRED_ID_FIELD.get((service, resource_type))
+            resources[resource_type] = [_summarize_item(item, preferred) for item in items]
         except Exception:
             logger.debug("Failed to list %s/%s", service, resource_type, exc_info=True)
             resources[resource_type] = []
@@ -188,6 +200,26 @@ def get_resource_detail(service: str, res_type: str, res_id: str):
     if cached is not None:
         return cached
 
+    # WAFv2 get_web_acl requires Name, Scope, AND Id — resolve Id from list first
+    if (service, res_type) == ("wafv2", "web_acls"):
+        try:
+            client = get_client("wafv2")
+            acls = client.list_web_acls(Scope="REGIONAL").get("WebACLs", [])
+            match = next((a for a in acls if a.get("Name") == res_id), None)
+            if not match:
+                raise HTTPException(404, f"Web ACL '{res_id}' not found")
+            resp = client.get_web_acl(Name=res_id, Scope="REGIONAL", Id=match["Id"])
+            resp.pop("ResponseMetadata", None)
+            detail = _serialize(resp.get("WebACL", resp))
+            result = {"service": service, "type": res_type, "id": res_id, "detail": detail}
+            cache.set(cache_key, result, ttl=5)
+            return result
+        except HTTPException:
+            raise
+        except Exception as exc:
+            logger.warning("Failed to get detail for %s/%s/%s", service, res_type, res_id, exc_info=True)
+            raise HTTPException(status_code=500, detail=str(exc)) from exc
+
     lookup = DESCRIBE_REGISTRY.get((service, res_type))
     if not lookup:
         raise HTTPException(

stackport-0.1.8/backend/routes/secretsmanager.py

@@ -0,0 +1,112 @@
+"""Secrets Manager service-specific routes."""
+
+import base64
+from typing import Any
+
+from fastapi import APIRouter, HTTPException
+
+from backend.aws_client import get_client
+
+router = APIRouter()
+
+
+def _format_date(dt) -> str | None:
+    """Format a datetime to ISO string, or return None."""
+    if dt is None:
+        return None
+    try:
+        return dt.isoformat()
+    except Exception:
+        return str(dt)
+
+
+@router.get("/secrets")
+def list_secrets() -> dict[str, Any]:
+    """List all secrets with metadata."""
+    try:
+        client = get_client("secretsmanager")
+        paginator = client.get_paginator("list_secrets")
+
+        secrets = []
+        for page in paginator.paginate():
+            for secret in page.get("SecretList", []):
+                secrets.append(
+                    {
+                        "name": secret.get("Name"),
+                        "arn": secret.get("ARN"),
+                        "description": secret.get("Description", ""),
+                        "createdDate": _format_date(secret.get("CreatedDate")),
+                        "lastChangedDate": _format_date(
+                            secret.get("LastChangedDate")
+                        ),
+                        "lastAccessedDate": _format_date(
+                            secret.get("LastAccessedDate")
+                        ),
+                        "rotationEnabled": secret.get("RotationEnabled", False),
+                        "tags": {
+                            tag["Key"]: tag["Value"]
+                            for tag in secret.get("Tags", [])
+                        },
+                    }
+                )
+
+        return {"secrets": secrets}
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))
+
+
+@router.get("/secrets/{secret_id:path}")
+def get_secret_detail(secret_id: str) -> dict[str, Any]:
+    """Get secret metadata and value."""
+    try:
+        client = get_client("secretsmanager")
+
+        # Get metadata
+        try:
+            meta = client.describe_secret(SecretId=secret_id)
+        except client.exceptions.ResourceNotFoundException:
+            raise HTTPException(
+                status_code=404, detail=f"Secret '{secret_id}' not found"
+            )
+
+        # Get value
+        secret_value = None
+        secret_binary = None
+        version_id = None
+        version_stages = None
+        try:
+            value_resp = client.get_secret_value(SecretId=secret_id)
+            secret_value = value_resp.get("SecretString")
+            raw_binary = value_resp.get("SecretBinary")
+            if raw_binary is not None:
+                secret_binary = base64.b64encode(raw_binary).decode("utf-8")
+            version_id = value_resp.get("VersionId")
+            version_stages = value_resp.get("VersionStages")
+        except Exception:
+            # Value may not be retrievable (e.g., pending deletion)
+            pass
+
+        return {
+            "name": meta.get("Name"),
+            "arn": meta.get("ARN"),
+            "description": meta.get("Description", ""),
+            "createdDate": _format_date(meta.get("CreatedDate")),
+            "lastChangedDate": _format_date(meta.get("LastChangedDate")),
+            "lastAccessedDate": _format_date(meta.get("LastAccessedDate")),
+            "rotationEnabled": meta.get("RotationEnabled", False),
+            "rotationRules": meta.get("RotationRules"),
+            "rotationLambdaARN": meta.get("RotationLambdaARN"),
+            "deletedDate": _format_date(meta.get("DeletedDate")),
+            "tags": {
+                tag["Key"]: tag["Value"]
+                for tag in meta.get("Tags", [])
+            },
+            "versionId": version_id,
+            "versionStages": version_stages,
+            "secretValue": secret_value,
+            "secretBinary": secret_binary,
+        }
+    except HTTPException:
+        raise
+    except Exception as e:
+        raise HTTPException(status_code=500, detail=str(e))

{stackport-0.1.6 → stackport-0.1.8}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "stackport"
-version = "0.1.6"
+version = "0.1.8"
 description = "Universal AWS resource browser for local emulators"
 readme = "README.md"
 license = {text = "MIT"}

{stackport-0.1.6 → stackport-0.1.8/stackport.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: stackport
-Version: 0.1.6
+Version: 0.1.8
 Summary: Universal AWS resource browser for local emulators
 Author: Davi Reis Vieira
 License: MIT
@@ -50,13 +50,13 @@ Dynamic: license-file
 ## Screenshots
 
 **Dashboard** — Service overview with resource counts and health status
-![StackPort Dashboard](docs/images/dashboard.jpeg)
+![StackPort Dashboard](docs/images/dashboard.jpeg?v=1)
 
 **DynamoDB Browser** — Generic resource table with search, pagination, and detail view
-![DynamoDB Resources](docs/images/dynamo.jpeg)
+![DynamoDB Resources](docs/images/dynamo.jpeg?v=1)
 
 **S3 Browser** — File browser with folder navigation and object preview
-![S3 Browser](docs/images/s3.jpeg)
+![S3 Browser](docs/images/s3.jpeg?v=1)
 
 ## Features
 

{stackport-0.1.6 → stackport-0.1.8}/stackport.egg-info/SOURCES.txt

@@ -10,8 +10,8 @@ backend/main.py
 backend/../ui/dist/favicon.png
 backend/../ui/dist/favicon.svg
 backend/../ui/dist/index.html
-backend/../ui/dist/assets/index-DI-V3ZCb.js
-backend/../ui/dist/assets/index-DM3oKaVN.css
+backend/../ui/dist/assets/index-BAMXqPoR.js
+backend/../ui/dist/assets/index-CU1gzmix.css
 backend/../ui/dist/aws-icons/acm.svg
 backend/../ui/dist/aws-icons/apigateway.svg
 backend/../ui/dist/aws-icons/appsync.svg
@@ -54,6 +54,7 @@ backend/routes/lambda_svc.py
 backend/routes/logs.py
 backend/routes/resources.py
 backend/routes/s3.py
+backend/routes/secretsmanager.py
 backend/routes/sqs.py
 backend/routes/stats.py
 stackport.egg-info/PKG-INFO
@@ -72,12 +73,13 @@ tests/test_lambda_routes.py
 tests/test_logs_routes.py
 tests/test_registries.py
 tests/test_routes.py
+tests/test_secretsmanager_routes.py
 tests/test_sqs_routes.py
 ui/dist/favicon.png
 ui/dist/favicon.svg
 ui/dist/index.html
-ui/dist/assets/index-DI-V3ZCb.js
-ui/dist/assets/index-DM3oKaVN.css
+ui/dist/assets/index-BAMXqPoR.js
+ui/dist/assets/index-CU1gzmix.css
 ui/dist/aws-icons/acm.svg
 ui/dist/aws-icons/apigateway.svg
 ui/dist/aws-icons/appsync.svg

stackport-0.1.8/tests/test_secretsmanager_routes.py

@@ -0,0 +1,281 @@
+"""Integration tests for Secrets Manager API routes."""
+
+import os
+
+os.environ.setdefault("AWS_ENDPOINT_URL", "http://localhost:4566")
+
+from datetime import datetime, timezone
+from unittest.mock import MagicMock, patch
+
+from fastapi.testclient import TestClient
+
+from backend.main import app
+
+client = TestClient(app)
+
+CREATED = datetime(2025, 1, 15, 10, 30, 0, tzinfo=timezone.utc)
+CHANGED = datetime(2025, 3, 20, 14, 0, 0, tzinfo=timezone.utc)
+
+
+class TestListSecrets:
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_list_secrets_empty(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        paginator = MagicMock()
+        mock_sm.get_paginator.return_value = paginator
+        paginator.paginate.return_value = [{"SecretList": []}]
+
+        resp = client.get("/api/secretsmanager/secrets")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["secrets"] == []
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_list_secrets_with_data(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        paginator = MagicMock()
+        mock_sm.get_paginator.return_value = paginator
+        paginator.paginate.return_value = [
+            {
+                "SecretList": [
+                    {
+                        "Name": "prod/db-password",
+                        "ARN": "arn:aws:secretsmanager:us-east-1:000:secret:prod/db-password-abc",
+                        "Description": "Production database password",
+                        "CreatedDate": CREATED,
+                        "LastChangedDate": CHANGED,
+                        "LastAccessedDate": None,
+                        "RotationEnabled": False,
+                        "Tags": [
+                            {"Key": "env", "Value": "prod"},
+                            {"Key": "team", "Value": "backend"},
+                        ],
+                    }
+                ]
+            }
+        ]
+
+        resp = client.get("/api/secretsmanager/secrets")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert len(data["secrets"]) == 1
+        s = data["secrets"][0]
+        assert s["name"] == "prod/db-password"
+        assert s["arn"] == "arn:aws:secretsmanager:us-east-1:000:secret:prod/db-password-abc"
+        assert s["description"] == "Production database password"
+        assert s["createdDate"] == CREATED.isoformat()
+        assert s["lastChangedDate"] == CHANGED.isoformat()
+        assert s["lastAccessedDate"] is None
+        assert s["rotationEnabled"] is False
+        assert s["tags"] == {"env": "prod", "team": "backend"}
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_list_secrets_no_tags(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        paginator = MagicMock()
+        mock_sm.get_paginator.return_value = paginator
+        paginator.paginate.return_value = [
+            {
+                "SecretList": [
+                    {
+                        "Name": "my-secret",
+                        "ARN": "arn:aws:secretsmanager:us-east-1:000:secret:my-secret-xyz",
+                    }
+                ]
+            }
+        ]
+
+        resp = client.get("/api/secretsmanager/secrets")
+        assert resp.status_code == 200
+        s = resp.json()["secrets"][0]
+        assert s["tags"] == {}
+        assert s["description"] == ""
+        assert s["rotationEnabled"] is False
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_list_secrets_multiple_pages(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        paginator = MagicMock()
+        mock_sm.get_paginator.return_value = paginator
+        paginator.paginate.return_value = [
+            {"SecretList": [{"Name": "secret-1", "ARN": "arn:1"}]},
+            {"SecretList": [{"Name": "secret-2", "ARN": "arn:2"}]},
+        ]
+
+        resp = client.get("/api/secretsmanager/secrets")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert len(data["secrets"]) == 2
+        assert data["secrets"][0]["name"] == "secret-1"
+        assert data["secrets"][1]["name"] == "secret-2"
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_list_secrets_rotation_enabled(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        paginator = MagicMock()
+        mock_sm.get_paginator.return_value = paginator
+        paginator.paginate.return_value = [
+            {
+                "SecretList": [
+                    {
+                        "Name": "rotated-secret",
+                        "ARN": "arn:rotated",
+                        "RotationEnabled": True,
+                    }
+                ]
+            }
+        ]
+
+        resp = client.get("/api/secretsmanager/secrets")
+        assert resp.status_code == 200
+        assert resp.json()["secrets"][0]["rotationEnabled"] is True
+
+
+class TestGetSecretDetail:
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_get_secret_with_string_value(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        mock_sm.describe_secret.return_value = {
+            "Name": "prod/db-password",
+            "ARN": "arn:aws:secretsmanager:us-east-1:000:secret:prod/db-password-abc",
+            "Description": "Production database password",
+            "CreatedDate": CREATED,
+            "LastChangedDate": CHANGED,
+            "LastAccessedDate": None,
+            "RotationEnabled": False,
+            "RotationRules": None,
+            "RotationLambdaARN": None,
+            "DeletedDate": None,
+            "Tags": [{"Key": "env", "Value": "prod"}],
+        }
+        mock_sm.get_secret_value.return_value = {
+            "SecretString": '{"username":"admin","password":"s3cret"}',
+            "VersionId": "ver-001",
+            "VersionStages": ["AWSCURRENT"],
+        }
+
+        resp = client.get("/api/secretsmanager/secrets/prod%2Fdb-password")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["name"] == "prod/db-password"
+        assert data["description"] == "Production database password"
+        assert data["secretValue"] == '{"username":"admin","password":"s3cret"}'
+        assert data["secretBinary"] is None
+        assert data["versionId"] == "ver-001"
+        assert data["versionStages"] == ["AWSCURRENT"]
+        assert data["tags"] == {"env": "prod"}
+        assert data["createdDate"] == CREATED.isoformat()
+        assert data["rotationEnabled"] is False
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_get_secret_with_binary_value(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        mock_sm.describe_secret.return_value = {
+            "Name": "binary-secret",
+            "ARN": "arn:binary",
+            "Tags": [],
+        }
+        raw_bytes = b"\x00\x01\x02\x03\xff"
+        mock_sm.get_secret_value.return_value = {
+            "SecretBinary": raw_bytes,
+            "VersionId": "ver-bin",
+            "VersionStages": ["AWSCURRENT"],
+        }
+
+        resp = client.get("/api/secretsmanager/secrets/binary-secret")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["secretValue"] is None
+        import base64
+        assert data["secretBinary"] == base64.b64encode(raw_bytes).decode("utf-8")
+        assert data["versionId"] == "ver-bin"
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_get_secret_not_found(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        mock_sm.exceptions.ResourceNotFoundException = type(
+            "ResourceNotFoundException", (Exception,), {}
+        )
+        mock_sm.describe_secret.side_effect = (
+            mock_sm.exceptions.ResourceNotFoundException()
+        )
+
+        resp = client.get("/api/secretsmanager/secrets/nonexistent")
+        assert resp.status_code == 404
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_get_secret_value_not_retrievable(self, mock_get_client):
+        """When get_secret_value fails (e.g. pending deletion), metadata is still returned."""
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        mock_sm.describe_secret.return_value = {
+            "Name": "deleted-secret",
+            "ARN": "arn:deleted",
+            "DeletedDate": CHANGED,
+            "Tags": [],
+        }
+        mock_sm.get_secret_value.side_effect = Exception("marked for deletion")
+
+        resp = client.get("/api/secretsmanager/secrets/deleted-secret")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["name"] == "deleted-secret"
+        assert data["secretValue"] is None
+        assert data["secretBinary"] is None
+        assert data["versionId"] is None
+        assert data["versionStages"] is None
+        assert data["deletedDate"] == CHANGED.isoformat()
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_get_secret_with_rotation(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        mock_sm.describe_secret.return_value = {
+            "Name": "rotated-secret",
+            "ARN": "arn:rotated",
+            "RotationEnabled": True,
+            "RotationRules": {"AutomaticallyAfterDays": 30},
+            "RotationLambdaARN": "arn:aws:lambda:us-east-1:000:function:rotate-fn",
+            "Tags": [],
+        }
+        mock_sm.get_secret_value.return_value = {
+            "SecretString": "rotated-value",
+            "VersionId": "ver-rot",
+            "VersionStages": ["AWSCURRENT"],
+        }
+
+        resp = client.get("/api/secretsmanager/secrets/rotated-secret")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["rotationEnabled"] is True
+        assert data["rotationRules"] == {"AutomaticallyAfterDays": 30}
+        assert data["rotationLambdaARN"] == "arn:aws:lambda:us-east-1:000:function:rotate-fn"
+        assert data["secretValue"] == "rotated-value"
+
+    @patch("backend.routes.secretsmanager.get_client")
+    def test_get_secret_plain_text_value(self, mock_get_client):
+        mock_sm = MagicMock()
+        mock_get_client.return_value = mock_sm
+        mock_sm.describe_secret.return_value = {
+            "Name": "api-key",
+            "ARN": "arn:api-key",
+            "Tags": [],
+        }
+        mock_sm.get_secret_value.return_value = {
+            "SecretString": "sk-abc123def456",
+            "VersionId": "ver-plain",
+            "VersionStages": ["AWSCURRENT"],
+        }
+
+        resp = client.get("/api/secretsmanager/secrets/api-key")
+        assert resp.status_code == 200
+        data = resp.json()
+        assert data["secretValue"] == "sk-abc123def456"