xenfra 0.2.1__tar.gz → 0.2.3__tar.gz

xenfra-0.2.3/PKG-INFO

@@ -0,0 +1,115 @@
+Metadata-Version: 2.3
+Name: xenfra
+Version: 0.2.3
+Summary: A 'Zen Mode' infrastructure engine for Python developers.
+Author: xenfra-cloud
+Author-email: xenfra-cloud <xenfracloud@gmail.com>
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Development Status :: 3 - Alpha
+Classifier: Intended Audience :: Developers
+Classifier: Topic :: Software Development :: Build Tools
+Classifier: Topic :: System :: Systems Administration
+Requires-Dist: click>=8.1.7
+Requires-Dist: rich>=14.2.0
+Requires-Dist: sqlmodel>=0.0.16
+Requires-Dist: python-digitalocean>=1.17.0
+Requires-Dist: python-dotenv>=1.2.1
+Requires-Dist: pyyaml>=6.0.1
+Requires-Dist: fabric>=3.2.2
+Requires-Dist: xenfra-sdk
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: keyring>=25.7.0
+Requires-Dist: keyrings-alt>=5.0.2
+Requires-Dist: pytest>=8.0.0 ; extra == 'test'
+Requires-Dist: pytest-mock>=3.12.0 ; extra == 'test'
+Requires-Python: >=3.13
+Project-URL: Homepage, https://github.com/xenfra-cloud/xenfra
+Project-URL: Issues, https://github.com/xenfra-cloud/xenfra/issues
+Provides-Extra: test
+Description-Content-Type: text/markdown
+
+# Xenfra CLI
+
+## Xenfra CLI: Deploy Python Apps with Zen Mode
+
+The Xenfra CLI is a powerful and intuitive command-line interface designed to streamline the deployment of Python applications to DigitalOcean. Built with a "Zen Mode" philosophy, it automates complex infrastructure tasks, allowing developers to focus on writing code.
+
+### ✨ Key Features
+
+*   **Zero-Configuration Deployment:** Automatically detects your project's framework and dependencies.
+*   **AI-Powered Auto-Healing:** Diagnoses common deployment failures and suggests, or even applies, fixes automatically.
+*   **Real-time Monitoring:** View deployment status and stream live application logs directly from your terminal.
+*   **Integrated Project Management:** Easily list, view, and destroy your deployed projects.
+*   **Secure Authentication:** Uses OAuth2 PKCE flow for secure, token-based authentication.
+
+### 🚀 Quickstart
+
+#### 1. Installation
+
+Install the Xenfra CLI using `uv` (recommended) or `pip`:
+
+```bash
+uv pip install xenfra-cli
+# or
+pip install xenfra-cli
+```
+
+#### 2. Authentication
+
+Log in to your Xenfra account. This will open your web browser to complete the OAuth2 flow.
+
+```bash
+xenfra auth login
+```
+
+#### 3. Initialize Your Project
+
+Navigate to your Python project's root directory and run `init`. The CLI will scan your codebase, detect its characteristics, and generate a `xenfra.yaml` configuration file.
+
+```bash
+cd your-python-project/
+xenfra init
+```
+
+#### 4. Deploy Your Application
+
+Once `xenfra.yaml` is configured, deploy your application. The CLI will handle provisioning a DigitalOcean Droplet, setting up Docker, and deploying your code.
+
+```bash
+xenfra deploy
+```
+
+### 📋 Usage Examples
+
+*   **Monitor Deployment Status:**
+    ```bash
+    xenfra status <deployment-id>
+    ```
+*   **Stream Application Logs:**
+    ```bash
+    xenfra logs <deployment-id>
+    ```
+*   **List Deployed Projects:**
+    ```bash
+    xenfra projects list
+    ```
+*   **Diagnose a Failed Deployment (AI-Powered):**
+    ```bash
+    xenfra diagnose <deployment-id>
+    # Or to diagnose from a log file:
+    xenfra diagnose --logs error.log
+    ```
+
+### 📚 Documentation
+
+For more detailed information, advanced configurations, and API references, please refer to the [official Xenfra Documentation](https://docs.xenfra.com/cli) (Link will be updated upon final deployment).
+
+### 🤝 Contributing
+
+We welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING.md) for more details.
+
+### 📄 License
+
+This project is licensed under the [MIT License](LICENSE).

xenfra-0.2.3/README.md

@@ -0,0 +1,83 @@
+# Xenfra CLI
+
+## Xenfra CLI: Deploy Python Apps with Zen Mode
+
+The Xenfra CLI is a powerful and intuitive command-line interface designed to streamline the deployment of Python applications to DigitalOcean. Built with a "Zen Mode" philosophy, it automates complex infrastructure tasks, allowing developers to focus on writing code.
+
+### ✨ Key Features
+
+*   **Zero-Configuration Deployment:** Automatically detects your project's framework and dependencies.
+*   **AI-Powered Auto-Healing:** Diagnoses common deployment failures and suggests, or even applies, fixes automatically.
+*   **Real-time Monitoring:** View deployment status and stream live application logs directly from your terminal.
+*   **Integrated Project Management:** Easily list, view, and destroy your deployed projects.
+*   **Secure Authentication:** Uses OAuth2 PKCE flow for secure, token-based authentication.
+
+### 🚀 Quickstart
+
+#### 1. Installation
+
+Install the Xenfra CLI using `uv` (recommended) or `pip`:
+
+```bash
+uv pip install xenfra-cli
+# or
+pip install xenfra-cli
+```
+
+#### 2. Authentication
+
+Log in to your Xenfra account. This will open your web browser to complete the OAuth2 flow.
+
+```bash
+xenfra auth login
+```
+
+#### 3. Initialize Your Project
+
+Navigate to your Python project's root directory and run `init`. The CLI will scan your codebase, detect its characteristics, and generate a `xenfra.yaml` configuration file.
+
+```bash
+cd your-python-project/
+xenfra init
+```
+
+#### 4. Deploy Your Application
+
+Once `xenfra.yaml` is configured, deploy your application. The CLI will handle provisioning a DigitalOcean Droplet, setting up Docker, and deploying your code.
+
+```bash
+xenfra deploy
+```
+
+### 📋 Usage Examples
+
+*   **Monitor Deployment Status:**
+    ```bash
+    xenfra status <deployment-id>
+    ```
+*   **Stream Application Logs:**
+    ```bash
+    xenfra logs <deployment-id>
+    ```
+*   **List Deployed Projects:**
+    ```bash
+    xenfra projects list
+    ```
+*   **Diagnose a Failed Deployment (AI-Powered):**
+    ```bash
+    xenfra diagnose <deployment-id>
+    # Or to diagnose from a log file:
+    xenfra diagnose --logs error.log
+    ```
+
+### 📚 Documentation
+
+For more detailed information, advanced configurations, and API references, please refer to the [official Xenfra Documentation](https://docs.xenfra.com/cli) (Link will be updated upon final deployment).
+
+### 🤝 Contributing
+
+We welcome contributions! Please see our [Contributing Guidelines](CONTRIBUTING.md) for more details.
+
+### 📄 License
+
+This project is licensed under the [MIT License](LICENSE).

{xenfra-0.2.1 → xenfra-0.2.3}/pyproject.toml

@@ -1,12 +1,12 @@
 [project]
 name = "xenfra"
-version = "0.2.1"
+version = "0.2.3"
 description = "A 'Zen Mode' infrastructure engine for Python developers."
 readme = "README.md"
 authors = [
     { name = "xenfra-cloud", email = "xenfracloud@gmail.com" }
 ]
-requires-python = ">=3.13"
+
 classifiers = [
     "Programming Language :: Python :: 3",
     "License :: OSI Approved :: MIT License",
@@ -16,39 +16,38 @@ classifiers = [
     "Topic :: Software Development :: Build Tools",
     "Topic :: System :: Systems Administration",
 ]
+
 dependencies = [
-    "fabric>=3.2.2",
-    "python-digitalocean>=1.17.0",
-    "python-dotenv>=1.2.1",
-    "rich>=14.2.0",
-    "fastapi>=0.110.0",
-    "uvicorn[standard]>=0.27.1",
     "click>=8.1.7",
+    "rich>=14.2.0",
     "sqlmodel>=0.0.16",
-    "psycopg2-binary>=2.9.9",
-    "python-jose[cryptography]>=3.3.0",
-    "passlib>=1.7.4", # No longer need [bcrypt] extra
+    "python-digitalocean>=1.17.0",
+    "python-dotenv>=1.2.1",
+    "pyyaml>=6.0.1",
+    "fabric>=3.2.2",
+    "xenfra-sdk",
     "httpx>=0.27.0",
-    "PyYAML>=6.0.1", # Explicitly add bcrypt backend
-    "python-multipart>=0.0.21",
-    "bcrypt==4.0.1",
-    "Jinja2>=3.1.3",
-    "pytest>=9.0.2",
+    "keyring>=25.7.0",
+    "keyrings.alt>=5.0.2",
 ]
+requires-python = ">=3.13"
+
+[tool.uv.sources]
+xenfra-sdk = { workspace = true }
 
 [project.urls]
 Homepage = "https://github.com/xenfra-cloud/xenfra"
 Issues = "https://github.com/xenfra-cloud/xenfra/issues"
 
-[project.scripts]
-xenfra = "xenfra.cli.main:main"
-
 [project.optional-dependencies]
 test = [
     "pytest>=8.0.0",
     "pytest-mock>=3.12.0",
 ]
 
+[project.scripts]
+xenfra = "xenfra_cli.main:main"
+
 [build-system]
 requires = ["uv_build>=0.9.18,<0.10.0"]
-build-backend = "uv_build"
+build-backend = "uv_build"

xenfra-0.2.3/src/xenfra/commands/__init__.py

@@ -0,0 +1,3 @@
+"""
+CLI command modules for Xenfra.
+"""

xenfra-0.2.3/src/xenfra/commands/auth.py

@@ -0,0 +1,186 @@
+"""
+Authentication commands for Xenfra CLI.
+"""
+
+import base64
+import hashlib
+import secrets
+import urllib.parse
+import webbrowser
+from http.server import HTTPServer
+
+import click
+import httpx
+import keyring
+from rich.console import Console
+
+from ..utils.auth import (
+    API_BASE_URL,
+    CLI_CLIENT_ID,
+    CLI_LOCAL_SERVER_END_PORT,
+    CLI_LOCAL_SERVER_START_PORT,
+    CLI_REDIRECT_PATH,
+    SERVICE_ID,
+    AuthCallbackHandler,
+    clear_tokens,
+    get_auth_token,
+)
+
+console = Console()
+
+
+@click.group()
+def auth():
+    """Authentication commands."""
+    pass
+
+
+@auth.command()
+def login():
+    """Login to Xenfra using OAuth2 PKCE flow."""
+    global oauth_data
+    oauth_data = {"code": None, "state": None, "error": None}
+
+    # 1. Generate PKCE parameters
+    code_verifier = secrets.token_urlsafe(96)
+    code_challenge = (
+        base64.urlsafe_b64encode(hashlib.sha256(code_verifier.encode()).digest())
+        .decode()
+        .rstrip("=")
+    )
+
+    # 2. Generate state for CSRF protection
+    state = secrets.token_urlsafe(32)
+
+    # 3. Start local HTTP server
+    server_port = None
+    httpd_instance = None
+    for port in range(CLI_LOCAL_SERVER_START_PORT, CLI_LOCAL_SERVER_END_PORT + 1):
+        try:
+            server_address = ("127.0.0.1", port)
+            httpd_instance = HTTPServer(server_address, AuthCallbackHandler)
+            server_port = port
+            break
+        except OSError:
+            continue
+
+    if not server_port:
+        console.print(
+            f"[bold red]Error: No available ports in range {CLI_LOCAL_SERVER_START_PORT}-{CLI_LOCAL_SERVER_END_PORT}[/bold red]"
+        )
+        return
+
+    redirect_uri = f"http://localhost:{server_port}{CLI_REDIRECT_PATH}"
+
+    # 4. Construct Authorization URL
+    auth_url = (
+        f"{API_BASE_URL}/auth/authorize?"
+        f"client_id={CLI_CLIENT_ID}&"
+        f"redirect_uri={urllib.parse.quote(redirect_uri)}&"
+        f"response_type=code&"
+        f"scope={urllib.parse.quote('openid profile')}&"
+        f"state={state}&"
+        f"code_challenge={code_challenge}&"
+        f"code_challenge_method=S256"
+    )
+
+    console.print("[bold blue]Opening browser for login...[/bold blue]")
+    console.print(
+        f"[dim]If browser doesn't open, navigate to:[/dim]\n[link={auth_url}]{auth_url}[/link]"
+    )
+    webbrowser.open(auth_url)
+
+    # 5. Run local server to capture redirect
+    try:
+        AuthCallbackHandler.server = httpd_instance  # type: ignore
+        httpd_instance.handle_request()  # type: ignore
+        console.print("[dim]Local OAuth server shut down.[/dim]")
+    except Exception as e:
+        console.print(f"[bold red]Error running OAuth server: {e}[/bold red]")
+        if httpd_instance:
+            httpd_instance.server_close()
+        return
+
+    if oauth_data["error"]:
+        console.print(f"[bold red]Login failed: {oauth_data['error']}[/bold red]")
+        return
+
+    if not oauth_data["code"]:
+        console.print("[bold red]Login failed: No authorization code received.[/bold red]")
+        return
+
+    # 6. Verify state
+    if oauth_data["state"] != state:
+        console.print("[bold red]Login failed: State mismatch (possible CSRF attack)[/bold red]")
+        return
+
+    # 7. Exchange code for tokens
+    console.print("[bold cyan]Exchanging authorization code for tokens...[/bold cyan]")
+    try:
+        with httpx.Client() as client:
+            response = client.post(
+                f"{API_BASE_URL}/auth/token",
+                data={
+                    "grant_type": "authorization_code",
+                    "client_id": CLI_CLIENT_ID,
+                    "code": oauth_data["code"],
+                    "code_verifier": code_verifier,
+                    "redirect_uri": redirect_uri,
+                },
+            )
+            response.raise_for_status()
+            token_data = response.json()
+            access_token = token_data.get("access_token")
+            refresh_token = token_data.get("refresh_token")
+
+            if access_token and refresh_token:
+                keyring.set_password(SERVICE_ID, "access_token", access_token)
+                keyring.set_password(SERVICE_ID, "refresh_token", refresh_token)
+                console.print("[bold green]Login successful! Tokens saved securely.[/bold green]")
+            else:
+                console.print("[bold red]Login failed: No tokens received.[/bold red]")
+    except httpx.RequestError as exc:
+        console.print(f"[bold red]Token exchange failed: {exc}[/bold red]")
+    except httpx.HTTPStatusError as exc:
+        console.print(f"[bold red]Token exchange failed: {exc.response.status_code}[/bold red]")
+
+
+@auth.command()
+def logout():
+    """Logout and clear stored tokens."""
+    clear_tokens()
+    console.print("[bold green]Logged out successfully.[/bold green]")
+
+
+@auth.command()
+@click.option("--token", is_flag=True, help="Show access token")
+def whoami(token):
+    """Show current authenticated user."""
+    access_token = get_auth_token()
+
+    if not access_token:
+        console.print("[bold red]Not logged in. Run 'xenfra login' first.[/bold red]")
+        return
+
+    try:
+        from jose import jwt
+
+        # For display purposes only, in a CLI context where the token has just
+        # been retrieved from a secure source (keyring), we can disable
+        # signature verification.
+        #
+        # SECURITY BEST PRACTICE: In a real application, especially a server,
+        # you would fetch the public key from the SSO's JWKS endpoint and
+        # fully verify the token's signature to ensure its integrity.
+        claims = jwt.decode(
+            access_token, options={"verify_signature": False}  # OK for local display
+        )
+
+        console.print("[bold green]Logged in as:[/bold green]")
+        console.print(f"  User ID: {claims.get('sub')}")
+        console.print(f"  Email: {claims.get('email', 'N/A')}")
+
+        if token:
+            console.print(f"\n[dim]Access Token:[/dim]\n{access_token}")
+    except Exception as e:
+        console.print(f"[bold red]Failed to decode token: {e}[/bold red]")