-
Notifications
You must be signed in to change notification settings - Fork 81
/
core_config.py
799 lines (692 loc) · 33.3 KB
/
core_config.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
import logging
import os
import re
from argparse import Namespace
from contextlib import suppress
from copy import deepcopy
from datetime import timedelta
from pathlib import Path
from typing import Optional, List, ClassVar, Dict, Union, cast, Callable
from arango.database import StandardDatabase
from attrs import define, field
from cerberus import schema_registry
from resotocore.ids import ConfigId
from resotocore.model.model import Kind, Model, ComplexKind
from resotocore.model.typed_model import from_js, to_js
from resotocore.types import Json, JsonElement
from resotocore.util import set_value_in_path, value_in_path, del_value_in_path
from resotocore.validator import Validator, schema_name
from resotolib.core.model_export import dataclasses_to_resotocore_model
from resotolib.utils import replace_env_vars, is_env_var_string, merge_json_elements
log = logging.getLogger(__name__)
# ids used in the config store
ResotoCoreConfigId = ConfigId("resoto.core")
ResotoCoreCommandsConfigId = ConfigId("resoto.core.commands")
ResotoCoreSnapshotsConfigId = ConfigId("resoto.core.snapshots")
# root note of the configuration value
ResotoCoreRoot = "resotocore"
ResotoCoreCommandsRoot = "custom_commands"
ResotoCoreSnapshotsRoot = "snapshots"
ResotoCoreRootRE = re.compile(r"^resotocore[.]")
# created by the docker build process
GitHashFile = "/usr/local/etc/git-commit.HEAD"
def git_hash_from_file() -> Optional[str]:
"""
Returns the git hash from the file created by the docker build.
In case we do not run inside a docker container, this method returns None.
"""
with suppress(Exception):
path = Path(GitHashFile)
if path.exists():
return path.read_text("utf-8").strip()
return None
def inside_docker() -> bool:
"""
Try to detect if we are running inside a docker container.
"""
return (
# environment variables have to be set explicitly
os.environ.get("INSIDE_DOCKER", "false").lower() in ("true", "yes", "1")
or os.environ.get("INSIDE_KUBERNETES", "false").lower() in ("true", "yes", "1")
# this file is available in the created docker container
or git_hash_from_file() is not None
)
def inside_kubernetes() -> bool:
"""
Try to detect if we are running on kubernetes.
"""
# environment variables have to be set explicitly
return "HELM_VERSION" in os.environ or any(True for x in os.environ if x.startswith("KUBERNETES_"))
def helm_installation() -> bool:
"""
Try to detect if we were installed via helm chart.
"""
# environment variables have to be set explicitly
return "HELM_VERSION" in os.environ
def default_hosts() -> List[str]:
return ["0.0.0.0"] if inside_docker() else ["localhost"]
def validate_config(config: Json, clazz: type) -> Optional[Json]:
def strip_env_vars_paths(config: JsonElement) -> JsonElement:
"""
Recursively strips all values that contain an env var string
"""
if isinstance(config, dict):
return {k: strip_env_vars_paths(v) for k, v in config.items() if not is_env_var_string(v)}
elif isinstance(config, list):
return [strip_env_vars_paths(v) for v in config if not is_env_var_string(v)]
else:
return config
schema = schema_name(clazz)
v = Validator(schema=schema, allow_unknown=True)
# cerberus is too inflexible to allow us to validate the config without resolving the env vars
# so we have to strip strings with the env vars before validating
without_env_vars = strip_env_vars_paths(config)
result = v.validate(without_env_vars, normalize=False)
return None if result else v.errors
class ConfigObject:
def validate(self) -> Optional[Json]:
return validate_config(to_js(self), type(self))
@define()
class CertificateConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_certificate_config"
common_name: str = field(default="some.engineering", metadata={"description": "The common name of the certificate"})
include_loopback: bool = field(default=True, metadata={"description": "Include loopback in certificate"})
san_dns_names: List[str] = field(factory=list, metadata={"description": "List of DNS names to include in CSR"})
san_ip_addresses: List[str] = field(
factory=list, metadata={"description": "List of IP addresses to include in CSR"}
)
@define()
class ApiConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_api_config"
web_hosts: List[str] = field(
factory=default_hosts, metadata={"description": f"TCP host(s) to bind on (default: {default_hosts()})"}
)
https_port: Optional[int] = field(
default=8900, metadata={"description": "TCP port to bind on for TLS encrypted connections (default: 8900)"}
)
http_port: Optional[int] = field(
default=8980, metadata={"description": "TCP port to bind on for plain HTTP connections (default: 8980)"}
)
web_path: str = field(
default="/",
metadata={
"description": "Web path root (default: /).\n"
"This should only be required, if you are running a proxy server, that is not able to handle a sub-path."
},
)
tsdb_proxy_url: Optional[str] = field(
default=None,
metadata={"description": "The url to the time series database. This path will be served under /tsdb/."},
)
max_request_size: Optional[int] = field(
default=1024**2 * 5, metadata={"description": "The maximum size of a request in bytes (default: 5MB)"}
)
host_certificate: CertificateConfig = field(
factory=CertificateConfig, metadata={"description": "The certificate configuration for this server."}
)
access_token_expiration_seconds: int = field(
default=3600, metadata={"description": "The expiration time of the access token in seconds (default: 1h)"}
)
def access_token_expiration(self) -> timedelta:
return timedelta(seconds=self.access_token_expiration_seconds)
# Define rules to validate this config
schema_registry.add(
schema_name(ApiConfig),
dict(
http_port={"type": "integer", "min": 1, "max": 65535, "nullable": True},
https_port={"type": "integer", "min": 1, "max": 65535, "nullable": True},
tsdb_proxy_url={"type": "string", "nullable": True, "is_url": True},
max_request_size={"type": "integer", "nullable": True, "min": 1024**2},
),
)
@define()
class DatabaseConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_database_config"
server: str = field(
default="http://localhost:8529",
metadata={"description": "Graph database server (default: http://localhost:8529)"},
)
database: str = field(default="resoto", metadata={"description": "Graph database name (default: resoto)"})
username: str = field(default="resoto", metadata={"description": "Graph database login (default: resoto)"})
password: str = field(default="", metadata={"description": 'Graph database password (default: "")'})
root_password: str = field(
default="",
metadata={"description": "Graph root database password used for creating user and database if not existent."},
)
bootstrap_do_not_secure: bool = field(
default=False, metadata={"description": "Leave an empty root password during system setup process."}
)
no_ssl_verify: bool = field(
default=False, metadata={"description": "If the connection should not be verified (default: False)"}
)
request_timeout: int = field(default=900, metadata={"description": "Request timeout in seconds (default: 900)"})
@define(order=True, hash=True, frozen=True)
class AliasTemplateParameterConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_cli_alias_template_parameter"
name: str = field(metadata=dict(description="The name of the parameter."))
description: str = field(metadata=dict(description="The intent of this parameter."))
default: Optional[JsonElement] = field(
default=None,
metadata=dict(
description="The optional default value.\n"
"In case a default value exists, it does not need to be provided by the user."
),
)
@define(order=True, hash=True, frozen=True)
class AliasTemplateConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_cli_alias_template"
name: str = field(metadata=dict(description="The name of the alias to execute."))
info: str = field(metadata=dict(description="A one line sentence that describes the effect of this command."))
template: str = field(metadata=dict(description="The command to execute which can have template parameters."))
parameters: List[AliasTemplateParameterConfig] = field(
factory=list, metadata=dict(description="All template parameters.")
)
description: Optional[str] = field(metadata=dict(description="A longer description of the command."), default=None)
allowed_in_source_position: Optional[bool] = field(
metadata=dict(
description="true if this alias can be executed directly, false if it expects input from another command."
),
default=False,
)
def alias_templates() -> List[AliasTemplateConfig]:
return [
AliasTemplateConfig(
name="jira",
info="Send the result of a search to Jira",
description=(
"Perform a search and send the result to Jira.\n\n"
"If your search result is larger than 25 items, only the first 25 items will be added to the ticket, "
"and the remaining items will be dropped.\n\n"
"Note that invoking this command will always create a new ticket since JIRA does not have any "
"deduplication functionality.\n\n"
"We recommend to define the URL, username and token as part of the command configuration. "
"This way you do not need to provide it every time you execute the command."
),
template=(
# defines the fields to show in the message
'head 26 | jq ({{key}} + ": " + {{value}}) | chunk 26 | '
'jq \'((.[:25] | join("\\n")) + (if .[25] then "\\n... (results truncated)" else "" end))\' | '
# define the Jira webhook json
"jq {fields: { "
'summary: "{{title}}", '
'issuetype: {id: "10001"}, '
'description: ("{{message}}" + "\\n\\n" + . + "\\n\\n" + "Issue created by Resoto"), '
'project: {id: "{{project_id}}"}, '
'reporter: {id: "{{reporter_id}}"}, '
'labels: ["created-by-resoto"]'
"}}"
# call the api
'| http --auth "{{username}}:{{token}}" POST {{url}}/rest/api/2/issue'
),
parameters=[
AliasTemplateParameterConfig("key", "Resource field to show as key", ".kind"),
AliasTemplateParameterConfig("value", "Resource field to show as value", ".name"),
AliasTemplateParameterConfig("message", "Alert message", ""),
AliasTemplateParameterConfig("title", "Alert title"),
AliasTemplateParameterConfig("url", "Jira URL"),
AliasTemplateParameterConfig("username", "Jira username"),
AliasTemplateParameterConfig("token", "Jira API token"),
AliasTemplateParameterConfig("project_id", "Jira project ID"),
AliasTemplateParameterConfig("reporter_id", "Jira reporter user ID"),
],
allowed_in_source_position=False,
),
AliasTemplateConfig(
name="alertmanager",
info="Create an alert in alertmanager from a search.",
description=(
"Perform a search and send the result to alertmanager.\n\n"
"No resource specific data will be sent to alertmanager - only the count of matching resources. "
"The alert will be created in alertmanager and will be active for the specified duration.\n\n"
"The name of the alert is visible in alertmanager and used as deduplication key. "
"This way the same alert can be fired multiple times.\n\n"
"We recommend to define the URL as part of the command configuration. "
"This way you do not need to provide it every time you execute the command."
),
template=(
"aggregate sum(1) as count | "
# do not send an alert in case of 0 violations
'jq --no-rewrite "if (.count // 0)==0 then [] else [.count | tostring] end" | flatten | '
# defines the fields to show in the message
"jq --no-rewrite [{"
'status: "firing", '
'labels: {alertname: "{{name}}", issued_by: "Resoto"}, '
'annotations: {summary: ("Found "+.+ " violations!"), '
'"description": "{{description}}"}{{#duration}}, '
'startAt:"@utc@", '
'endsAt:"{{duration.from_now}}"{{/duration}}}] | '
# call the api
"http POST {{alertmanager_url}}/api/v1/alerts"
),
parameters=[
AliasTemplateParameterConfig("name", "The globally unique name of this alert."),
AliasTemplateParameterConfig("description", "User defined message of the post.", "Resoto Alert"),
AliasTemplateParameterConfig("duration", "The duration of this alert in alertmanager.", "3h"),
AliasTemplateParameterConfig("alertmanager_url", "The complete url to alertmanager."),
],
allowed_in_source_position=False,
),
AliasTemplateConfig(
name="pagerduty",
info="Create an alert in pagerduty from a search.",
description=(
"Perform a search and send the result to pagerduty.\n\n"
"A call to this command will only send the first 100 occurrences to the incident, the rest is dropped. "
"The `summary` should explain why this alert is triggered, so that the user can take action.\n"
"The `dedup_key` is used to identify an alert uniquely. "
"You can fire the same alert multiple times by using the same dedup_key.\n\n"
"We recommend to define the `routing_key` as part of the command configuration. "
"This way you do not need to provide it every time you execute the command."
),
template=(
# aggregate the result by cloud -> account -> region -> resource
# resulting structure looks like this:
# {"aws": {"account1": {"region1": {"id1": {"id": "xxx", "name": "yyy", "kind": "zzz" }}}}}
# note: Pagerduty is able to render JSON objects in their webUI, but not arrays.
"head 100 | chunk 100 | jq --no-rewrite '"
"{{#group_resources}}"
'[group_by(.ancestors.cloud.reported.name) | .[] | {(.[0].ancestors.cloud.reported.name // "no-cloud"): ' # noqa: E501
'[group_by(.ancestors.account.reported.name) | .[] | {(.[0].ancestors.account.reported.name // "no-account"): ' # noqa: E501
'[group_by(.ancestors.region.reported.name) | .[] | {(.[0].ancestors.region.reported.name // "no-region"): ' # noqa: E501
"{{/group_resources}}"
"[.[] | {({{resource_id}}): { {{#resource_properties.as_list.with_index}}{{key}}: {{value}}{{^last}},{{/last}}{{/resource_properties.as_list.with_index}} }}] | add " # noqa: E501
"{{#group_resources}}}] | add }] | add }] | add {{/group_resources}}'"
"| jq --no-rewrite '{payload: "
'{summary: "{{summary}}", '
'timestamp: "@utc@", '
'source:"{{source}}", '
'severity: "{{severity}}", '
'component: "{{component}}", '
"custom_details: .}, "
'routing_key: "{{routing_key}}", '
'dedup_key: "{{dedup_key}}", '
'images:[{src: "https://cdn.some.engineering/assets/resoto-illustrations/small/resoto-alert.png", href:'
' "https://resoto.com/", alt: "Resoto Home Page"}], '
"links:[], "
'event_action: "{{event_action}}", '
'client: "Resoto Service", '
'client_url: "https://resoto.com"}\''
# send the event to pagerduty
' | http {{webhook_url}} "Content-Type:application/json"'
),
parameters=[
AliasTemplateParameterConfig("summary", "The summary of this alert."),
AliasTemplateParameterConfig(
"severity",
"The perceived severity of the status the event is describing withrespect to the affected system. "
"One of: `critical`, `error`, `warning` or `info`.",
"warning",
),
AliasTemplateParameterConfig(
"source", "The unique location of the affected system, preferably a hostname or FQDN.", "Resoto"
),
AliasTemplateParameterConfig(
"component", "Component of the source machine that is responsible for the event.", "Resoto"
),
AliasTemplateParameterConfig(
"routing_key",
"The GUID of one of your Events API V2 integrations. "
'This is the "Integration Key" listed on the Events API V2 integration\'s detail page.',
),
AliasTemplateParameterConfig(
"event_action", "The type of event. Can be `trigger`, `acknowledge` or `resolve`.", "trigger"
),
AliasTemplateParameterConfig("dedup_key", "Identifies the alert to trigger."),
AliasTemplateParameterConfig(
"client", "The name of the monitoring client that is triggering this event.", "Resoto"
),
AliasTemplateParameterConfig(
"client_url",
"The URL of the monitoring client that is triggering this event.",
"https://resoto.com",
),
AliasTemplateParameterConfig(
"webhook_url",
"The complete url of the pagerduty events API.",
"https://events.pagerduty.com/v2/enqueue",
),
AliasTemplateParameterConfig(
"group_resources",
"Group Resource by cloud, account, and region.",
True,
),
AliasTemplateParameterConfig(
"resource_id",
"Property to show as resource identifier.",
".id",
),
AliasTemplateParameterConfig(
"resource_properties",
"Dictionary of properties to show.",
dict(id=".reported.id", name=".reported.name", kind=".reported.kind"),
),
],
allowed_in_source_position=False,
),
]
@define()
class CLIConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_cli_config"
default_graph: str = field(
default="resoto",
metadata={"description": "Use this graph for CLI actions, if no graph is specified explicitly."},
)
default_section: str = field(
default="reported",
metadata={
"description": "Use this graph section by default, if no section is specified.\n"
"Relative paths will be interpreted with respect to this section."
},
)
# Define rules to validate this config
schema_registry.add(schema_name(CLIConfig), {})
@define()
class CustomCommandsConfig(ConfigObject):
kind: ClassVar[str] = ResotoCoreCommandsRoot
commands: List[AliasTemplateConfig] = field(
factory=alias_templates,
metadata={"description": "Here you can define all custom commands for the CLI."},
)
def json(self) -> Json:
return {ResotoCoreCommandsRoot: to_js(self, strip_attr="kind")}
# Define rules to validate this config
schema_registry.add(schema_name(CustomCommandsConfig), {})
SnapshotLabel = str
@define
class SnapshotSchedule(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreSnapshotsRoot}_schedule"
schedule: str = field(
metadata={
"description": "The schedule in cron format.\n"
"Example: `0 0 * * *` will create a snapshot every day at midnight.\n"
"See https://en.wikipedia.org/wiki/Cron for more information.",
}
)
retain: int = field(
metadata={
"description": "How many snapshots should be retained.\n"
"If the number of snapshots exceeds this value, the oldest snapshots will be deleted.\n"
}
)
@define()
class SnapshotsScheduleConfig(ConfigObject):
kind: ClassVar[str] = ResotoCoreSnapshotsRoot
snapshots: Dict[SnapshotLabel, SnapshotSchedule] = field(
default={
"hourly": SnapshotSchedule(schedule="0 * * * *", retain=24),
"daily": SnapshotSchedule(schedule="0 0 * * *", retain=7),
"weekly": SnapshotSchedule(schedule="0 0 * * 0", retain=4),
"monthly": SnapshotSchedule(schedule="0 0 1 * *", retain=12),
"yearly": SnapshotSchedule(schedule="0 0 1 1 *", retain=10),
},
metadata={
"description": "Here you can define all snapshot schedules.\n"
"The key is the label of the snapshot schedule.\n"
"The value is the schedule configuration.",
},
)
def json(self) -> Json:
return to_js(self, strip_attr="kind")
@define()
class GraphUpdateConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_graph_update_config"
merge_max_wait_time_seconds: int = field(
default=3600, metadata={"description": "Max waiting time to complete a merge graph action."}
)
abort_after_seconds: int = field(
default=4 * 3600,
metadata={"description": "If a graph update takes longer than this duration, the update is aborted."},
)
keep_history: bool = field(
default=True,
metadata={"description": "If true, changes of the graph are stored and are available via history."},
)
parallel_imports: int = field(
default=5,
metadata={"description": "Number of parallel graph merge requests handled in parallel."},
)
def merge_max_wait_time(self) -> timedelta:
return timedelta(seconds=self.merge_max_wait_time_seconds)
def abort_after(self) -> timedelta:
return timedelta(seconds=self.abort_after_seconds)
# Define rules to validate this config
schema_registry.add(
schema_name(GraphUpdateConfig),
dict(
merge_max_wait_time_seconds={"type": "integer", "min": 60},
abort_after_seconds={"type": "integer", "min": 60},
),
)
@define()
class RuntimeConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_runtime_config"
debug: bool = field(default=False, metadata={"description": "Enable debug logging and exception tracing."})
log_level: str = field(default="info", metadata={"description": "Log level (default: info)"})
plantuml_server: str = field(
default="https://plantuml.resoto.org",
metadata={"description": "PlantUML server URI for UML image rendering."},
)
start_collect_on_subscriber_connect: bool = field(
default=False,
metadata={"description": "Start the collect workflow, when the first handling actor connects to the system."},
)
usage_metrics: bool = field(
default=True,
metadata={
"description": "Usage metrics provide information like errors and bugs, "
"which we rely on to improve Resoto with every release.\n"
"All metrics are anonymous. "
"See https://resoto.com/docs/edge/reference/telemetry for more information.\n"
"Please help us by leaving this setting turned on."
},
)
# Define rules to validate this config
schema_registry.add(
schema_name(RuntimeConfig),
dict(log_level={"type": "string", "allowed": ["critical", "fatal", "error", "warn", "warning", "info", "debug"]}),
)
@define()
class WorkflowConfig(ConfigObject):
kind: ClassVar[str] = f"{ResotoCoreRoot}_workflow_config"
schedule: str = field(metadata={"description": "Cron expression as schedule for the workflow to run."})
schema_registry.add(
schema_name(WorkflowConfig),
dict(schedule={"type": "string", "is_cron": True}),
)
@define()
class RunConfig(ConfigObject):
temp_dir: Path = Path("/tmp") # set to random temp directory during start of process
verify: Union[bool, str, None] = None
@define()
class CoreConfig(ConfigObject):
api: ApiConfig
cli: CLIConfig
graph_update: GraphUpdateConfig
runtime: RuntimeConfig
db: DatabaseConfig
workflows: Dict[str, WorkflowConfig]
custom_commands: CustomCommandsConfig
snapshots: SnapshotsScheduleConfig
args: Namespace
run: RunConfig
@property
def multi_tenant_setup(self) -> bool:
return cast(bool, self.args.multi_tenant_setup)
@property
def no_scheduling(self) -> bool:
return cast(bool, self.args.no_scheduling)
@property
def editable(self) -> "EditableConfig":
return EditableConfig(self.api, self.cli, self.graph_update, self.runtime, self.workflows)
def json(self) -> Json:
return {ResotoCoreRoot: to_js(self.editable, strip_attr="kind")}
def validate(self) -> Optional[Json]:
return self.editable.validate()
@define()
class EditableConfig(ConfigObject):
kind: ClassVar[str] = ResotoCoreRoot
api: ApiConfig = field(
factory=ApiConfig,
metadata={"description": "API related properties."},
)
cli: CLIConfig = field(
factory=CLIConfig,
metadata={"description": "CLI related properties."},
)
graph_update: GraphUpdateConfig = field(
factory=GraphUpdateConfig,
metadata={"description": "Properties for updating the graph."},
)
runtime: RuntimeConfig = field(
factory=RuntimeConfig,
metadata={"description": "Runtime related properties."},
)
workflows: Dict[str, WorkflowConfig] = field(
factory=lambda: {"collect_and_cleanup": WorkflowConfig(schedule="0 * * * *")},
metadata={"description": "Workflow related properties."},
)
def config_model() -> List[Json]:
config_classes = {EditableConfig, CustomCommandsConfig}
return dataclasses_to_resotocore_model(config_classes, use_optional_as_required=True)
# Define rules to validate this config
# Note: since validation rules do not cover all attributes, we allow unknown properties explicitly.
schema_registry.add(
schema_name(EditableConfig),
dict(
api={"schema": schema_name(ApiConfig), "allow_unknown": True},
cli={"schema": schema_name(CLIConfig), "allow_unknown": True},
graph_update={"schema": schema_name(GraphUpdateConfig), "allow_unknown": True},
runtime={"schema": schema_name(RuntimeConfig), "allow_unknown": True},
workflows={
"type": "dict",
"keysrules": {"type": "string"},
"valuesrules": {"schema": schema_name(WorkflowConfig)},
},
),
)
def parse_config(
args: Namespace,
core_config: Json,
get_core_overrides: Callable[[], Optional[Json]],
command_templates: Optional[Json] = None,
snapshot_schedule: Optional[Json] = None,
) -> CoreConfig:
db = DatabaseConfig(
server=args.graphdb_server,
database=args.graphdb_database,
username=args.graphdb_username,
password=args.graphdb_password,
root_password=args.graphdb_root_password,
bootstrap_do_not_secure=args.graphdb_bootstrap_do_not_secure,
no_ssl_verify=args.graphdb_no_ssl_verify,
request_timeout=args.graphdb_request_timeout,
)
# take command line options and translate it to the config model
set_from_cmd_line = {
"api.ui_path": args.ui_path,
"runtime.debug": args.debug,
"runtime.usage_metrics": not args.analytics_opt_out if args.analytics_opt_out is not None else None,
}
# take config overrides and adjust the configuration
for key, value in args.config_override:
set_from_cmd_line[ResotoCoreRootRE.sub("", key, 1)] = value
# set the relevant value in the json config model
migrated = migrate_core_config(core_config)
adjusted = migrated.get(ResotoCoreRoot) or {}
for path, value in set_from_cmd_line.items():
if value is not None:
adjusted = set_value_in_path(value, path, adjusted)
# here we only care about the resotocore overrides
core_config_overrides = (get_core_overrides() or {}).get(ResotoCoreRoot)
# merge the file overrides into the adjusted config
if core_config_overrides:
adjusted = merge_json_elements(adjusted, core_config_overrides)
# replacing the env vars and removing them in case they are not resolved
adjusted = replace_env_vars(adjusted, os.environ, keep_unresolved=False)
# coerce the resulting json to the config model
try:
model = Model.from_kinds(from_js(config_model(), List[Kind]))
root = model.get(ResotoCoreRoot)
if isinstance(root, ComplexKind):
adjusted = root.coerce(adjusted)
except Exception as e:
log.warning(f"Can not adjust configuration: {e}", exc_info=e)
try:
# replace all env vars
ed = from_js(adjusted, EditableConfig)
except Exception as e:
# only here as last resort - should never be required
log.error("Final configuration can not be parsed! Fall back to default configuration.", exc_info=e)
ed = EditableConfig()
commands_config = CustomCommandsConfig()
if command_templates:
try:
migrated_commands = migrate_command_config(command_templates)
cmd_cfg_to_parse = migrated_commands or command_templates
commands_config = from_js(cmd_cfg_to_parse.get(ResotoCoreCommandsRoot), CustomCommandsConfig)
except Exception as e:
log.error(f"Can not parse command templates. Fall back to defaults. Reason: {e}", exc_info=e)
snapshots_config = SnapshotsScheduleConfig()
if snapshot_schedule:
try:
snapshots_config = from_js(snapshot_schedule.get(ResotoCoreSnapshotsRoot), SnapshotsScheduleConfig)
except Exception as e:
log.error(f"Can not parse snapshot schedule. Fall back to defaults. Reason: {e}", exc_info=e)
return CoreConfig(
api=ed.api,
args=args,
cli=ed.cli,
custom_commands=commands_config,
snapshots=snapshots_config,
db=db,
graph_update=ed.graph_update,
runtime=ed.runtime,
workflows=ed.workflows,
run=RunConfig(), # overridden for each run
)
def migrate_core_config(config: Json) -> Json:
"""
:param config: The core configuration
:return: the migrated json.
"""
cfg = config.get(ResotoCoreRoot) or {}
adapted = deepcopy(cfg)
# 2.2 -> 2.3: rename and toggle `analytics_opt_out` -> `usage_metrics`
opt_out = value_in_path(cfg, "runtime.analytics_opt_out")
usage = value_in_path(cfg, "runtime.usage_metrics")
if opt_out is not None and usage is None:
set_value_in_path(not opt_out, "runtime.usage_metrics", adapted)
del_value_in_path(adapted, "runtime.analytics_opt_out")
# 3.0 -> 3.1: delete `api.ui_path`
del_value_in_path(adapted, "api.ui_path")
# 3.5 -> 3.6: web_port -> https_port
if web_port := value_in_path(cfg, "api.web_port"):
set_value_in_path(web_port, "api.https_port", adapted)
del_value_in_path(adapted, "api.web_port")
if value_in_path(cfg, "runtime.plantuml_server") == "http://plantuml.resoto.org:8080":
set_value_in_path("https://plantuml.resoto.org", "runtime.plantuml_server", adapted)
return {ResotoCoreRoot: adapted}
def migrate_command_config(cmd_config: Json) -> Optional[Json]:
config = from_js(cmd_config.get(ResotoCoreCommandsRoot), CustomCommandsConfig)
existing_commands = {tpl.name: tpl for tpl in config.commands}
adjusted = False
for command in alias_templates():
if command.name not in existing_commands:
config.commands.append(command)
adjusted = True
return config.json() if adjusted else None
def config_from_db(
args: Namespace,
db: StandardDatabase,
get_core_overrides: Callable[[], Optional[Json]],
collection_name: str = "configs",
) -> CoreConfig:
if configs := db.collection(collection_name) if db.has_collection(collection_name) else None:
if config_entity := cast(Optional[Json], configs.get(ResotoCoreConfigId)):
if config := config_entity.get("config"):
command_config_entity = cast(Optional[Json], configs.get(ResotoCoreCommandsConfigId))
command_config = command_config_entity.get("config") if command_config_entity else None
snapshots_config_entity = cast(Optional[Json], configs.get(ResotoCoreSnapshotsConfigId))
snapshots_config = snapshots_config_entity.get("config") if snapshots_config_entity else None
return parse_config(args, config, get_core_overrides, command_config, snapshots_config)
return parse_config(args, {}, get_core_overrides)