Merge pull request #10 from CMCC-Foundation/update_release_0.1

Update release 0.1
CMCC-Foundation · Jan 29, 2024 · 15cf4a3 · 15cf4a3
2 parents 2bb8c70 + 95bcb82
commit 15cf4a3
Show file tree

Hide file tree

Showing 110 changed files with 2,991 additions and 5,221 deletions.
diff --git a/.github/workflows/build_on_pull_request.yaml b/.github/workflows/build_on_pull_request.yaml
@@ -0,0 +1,77 @@
+name: Build Docker images for geolake components and push to the repository
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+  workflow_dispatch:
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+    - name: Set up Python
+      uses: actions/setup-python@v4
+      with:
+        python-version: "3.x"
+    - name: Install build
+      run: >-
+        python3 -m
+        pip install
+        build
+        --user
+    - name: Build a binary wheel and a source for drivers
+      run: python3 -m build ./drivers    
+    - name: Set Docker image tag name
+      run: echo "TAG=$(date +'%Y.%m.%d.%H.%M')" >> $GITHUB_ENV
+    - name: Login to Scaleway Container Registry
+      uses: docker/login-action@v2
+      with:
+        username: nologin
+        password: ${{ secrets.DOCKER_PASSWORD }}
+        registry: ${{ vars.DOCKER_REGISTRY }}
+    - name: Set up Docker Buildx
+      uses: docker/setup-buildx-action@v2     
+    - name: Build and push drivers
+      uses: docker/build-push-action@v4
+      with:
+        context: ./drivers
+        file: ./drivers/Dockerfile
+        push: true
+        build-args: |
+          REGISTRY=${{ vars.GEOKUBE_REGISTRY  }}
+        tags: | 
+          ${{ vars.DOCKER_REGISTRY }}/geolake-drivers:${{ env.TAG }}  
+          ${{ vars.DOCKER_REGISTRY }}/geolake-drivers:latest             
+    - name: Build and push datastore component
+      uses: docker/build-push-action@v4
+      with:
+        context: ./datastore
+        file: ./datastore/Dockerfile
+        push: true
+        build-args: |
+          REGISTRY=${{ vars.DOCKER_REGISTRY  }}
+        tags: | 
+          ${{ vars.DOCKER_REGISTRY }}/geolake-datastore:${{ env.TAG }}  
+          ${{ vars.DOCKER_REGISTRY }}/geolake-datastore:latest    
+    - name: Build and push api component
+      uses: docker/build-push-action@v4
+      with:
+        context: ./api
+        file: ./api/Dockerfile
+        push: true
+        build-args: |
+          REGISTRY=${{ vars.DOCKER_REGISTRY  }}
+        tags: | 
+          ${{ vars.DOCKER_REGISTRY }}/geolake-api:${{ env.TAG }}  
+          ${{ vars.DOCKER_REGISTRY }}/geolake-api:latest 
+    - name: Build and push executor component
+      uses: docker/build-push-action@v4
+      with:
+        context: ./executor
+        file: ./executor/Dockerfile
+        push: true
+        build-args: |
+          REGISTRY=${{ vars.DOCKER_REGISTRY  }}
+        tags: | 
+          ${{ vars.DOCKER_REGISTRY }}/geolake-executor:${{ env.TAG }}  
+          ${{ vars.DOCKER_REGISTRY }}/geolake-executor:latest                           
diff --git a/api/Dockerfile b/api/Dockerfile
@@ -1,12 +1,9 @@
-FROM rg.nl-ams.scw.cloud/dds-production/geokube:v0.2a5
-WORKDIR /code
-COPY ./api/requirements.txt /code/requirements.txt
+ARG REGISTRY=rg.fr-par.scw.cloud/geolake
+ARG TAG=latest
+FROM $REGISTRY/geolake-datastore:$TAG
+WORKDIR /app
+COPY requirements.txt /code/requirements.txt
 RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt
-COPY ./utils/wait-for-it.sh /code/wait-for-it.sh
-COPY ./datastore /code/app/datastore
-COPY ./db/dbmanager /code/db/dbmanager
-COPY ./geoquery/ /code/geoquery
-COPY ./resources /code/app/resources
-COPY ./api/app /code/app
+COPY app /app
 EXPOSE 80
-CMD ["uvicorn", "app.main:app", "--proxy-headers", "--host", "0.0.0.0", "--port", "80"]
+CMD ["uvicorn", "app.main:app", "--proxy-headers", "--host", "0.0.0.0", "--port", "80"]
diff --git a/api/app/utils.py → api/app/api_utils.py b/api/app/utils.py → api/app/api_utils.py
@@ -1,8 +1,7 @@
 """Utils module"""
-from typing import Literal
 
 
-def convert_bytes(size_bytes: int, to: Literal["kb", "mb", "gb"]) -> float:
+def convert_bytes(size_bytes: int, to: str) -> float:
     """Converts size in bytes to the other unit - one out of:
     ["kb", "mb", "gb"]
 
@@ -16,19 +15,24 @@ def convert_bytes(size_bytes: int, to: Literal["kb", "mb", "gb"]) -> float:
     size : float
         `size_bytes` converted to the given unit
     """
+    assert to is not None, "Expected unit cannot be `None`"
     to = to.lower()
-    if to == "kb":
-        value = size_bytes / 1024
-    elif to == "mb":
-        value = size_bytes / 1024**2
-    elif to == "gb":
-        value = size_bytes / 1024**3
-    else:
-        raise ValueError(f"unsupported units: {to}")
-    return value
+    match to:
+        case "bytes":
+            return size_bytes
+        case "kb":
+            return size_bytes / 1024
+        case "mb":
+            return size_bytes / 1024**2
+        case "gb":
+            return size_bytes / 1024**3
+        case _:
+            raise ValueError(f"unsupported units: {to}")
 
 
-def make_bytes_readable_dict(size_bytes: int, units: str = None) -> dict:
+def make_bytes_readable_dict(
+    size_bytes: int, units: str | None = None
+) -> dict:
     """Prepare dictionary representing size (in bytes) in more readable unit
     to keep value in the range [0,1] - if `units` is `None`.
     If `units` is not None, converts `size_bytes` to the size expressed by
@@ -38,8 +42,8 @@ def make_bytes_readable_dict(size_bytes: int, units: str = None) -> dict:
     ----------
     size_bytes : int
         Size expressed in bytes
-    units : optional, str
-        Units (case insensitive), one of [kB, MB, GB]
+    units : optional str
+
     Returns
     -------
     result : dict
@@ -52,8 +56,8 @@ def make_bytes_readable_dict(size_bytes: int, units: str = None) -> dict:
     if units is None:
         units = "bytes"
     if units != "bytes":
-        size_bytes = convert_bytes(size_bytes=size_bytes, to=units)
-        return {"value": size_bytes, "units": units}
+        converted_size = convert_bytes(size_bytes=size_bytes, to=units)
+        return {"value": converted_size, "units": units}
     val = size_bytes
     if val > 1024:
         units = "kB"
@@ -64,6 +68,6 @@ def make_bytes_readable_dict(size_bytes: int, units: str = None) -> dict:
     if val > 1024:
         units = "GB"
         val /= 1024
-    if val > 0.0 and (val := round(val, 2)) == 0.00:
+    if val > 0.0 and (round(val, 2) == 0.00):
         val = 0.01
     return {"value": round(val, 2), "units": units}
diff --git a/api/app/auth/__init__.py b/api/app/auth/__init__.py
@@ -1,2 +0,0 @@
-from .context import Context
-from .manager import assert_not_anonymous

diff --git a/api/app/auth/backend.py b/api/app/auth/backend.py
@@ -0,0 +1,66 @@
+"""The module contains authentication backend"""
+from uuid import UUID
+
+from starlette.authentication import (
+    AuthCredentials,
+    AuthenticationBackend,
+    UnauthenticatedUser,
+)
+from dbmanager.dbmanager import DBManager
+
+import exceptions as exc
+from auth.models import DDSUser
+from auth import scopes
+
+
+class DDSAuthenticationBackend(AuthenticationBackend):
+    """Class managing authentication and authorization"""
+
+    async def authenticate(self, conn):
+        """Authenticate user based on `User-Token` header"""
+        if "User-Token" in conn.headers:
+            return self._manage_user_token_auth(conn.headers["User-Token"])
+        return AuthCredentials([scopes.ANONYMOUS]), UnauthenticatedUser()
+
+    def _manage_user_token_auth(self, user_token: str):
+        try:
+            user_id, api_key = self.get_authorization_scheme_param(user_token)
+        except exc.BaseDDSException as err:
+            raise err.wrap_around_http_exception()
+        user_dto = DBManager().get_user_details(user_id)
+        eligible_scopes = [scopes.AUTHENTICATED] + self._get_scopes_for_user(
+            user_dto=user_dto
+        )
+        if user_dto.api_key != api_key:
+            raise exc.AuthenticationFailed(
+                user_dto
+            ).wrap_around_http_exception()
+        return AuthCredentials(eligible_scopes), DDSUser(username=user_id)
+
+    def _get_scopes_for_user(self, user_dto) -> list[str]:
+        if user_dto is None:
+            return []
+        eligible_scopes = []
+        for role in user_dto.roles:
+            if "admin" == role.role_name:
+                eligible_scopes.append(scopes.ADMIN)
+                continue
+            # NOTE: Role-specific scopes
+            # Maybe need some more logic
+            eligible_scopes.append(role.role_name)
+        return eligible_scopes
+
+    def get_authorization_scheme_param(self, user_token: str):
+        """Get `user_id` and `api_key` if authorization scheme is correct."""
+        if user_token is None or user_token.strip() == "":
+            raise exc.EmptyUserTokenError
+        if ":" not in user_token:
+            raise exc.ImproperUserTokenError
+        user_id, api_key, *rest = user_token.split(":")
+        if len(rest) > 0:
+            raise exc.ImproperUserTokenError
+        try:
+            _ = UUID(user_id, version=4)
+        except ValueError as err:
+            raise exc.ImproperUserTokenError from err
+        return (user_id, api_key)
Original file line number	Diff line number	Diff line change
		@@ -1,2 +0,0 @@
		from .context import Context
		from .manager import assert_not_anonymous