Merge pull request #1 from egemenyavuz/master

switched to cherrypy framework,added envvars for auth, implemented support for upload, updated readme

Author: andebor

.gitignore

@@ -1,2 +1,5 @@
 .idea
 venv
+env*list
+__pycache__
+*.pyc

Dockerfile

@@ -1,8 +1,11 @@
-FROM python:3-alpine
+FROM python:3-slim
 MAINTAINER Graham Moore "graham.moore@sesam.io"
-COPY ./service /service
+COPY ./service/*.py /service/
+COPY ./service/requirements.txt /service/requirements.txt
 WORKDIR /service
-RUN pip install -r requirements.txt
+RUN pip install --upgrade pip \
+  && pip install -r requirements.txt
+
 EXPOSE 5000/tcp
 ENTRYPOINT ["python"]
 CMD ["proxy-service.py"]

README.md

@@ -1,4 +1,96 @@
+[![Build Status](https://travis-ci.org/sesam-community/azure-storage.svg?branch=master)](https://travis-ci.org/sesam-community/azure-storage)
+
+
 # azure-storage
-Sesam datasource that reads files from Azure Storage
+Can be used to
+ * reads files from Azure Storage(Blob/Files)
+ * upload files to Azure Storage(Blob/Files)
 
-[![Build Status](https://travis-ci.org/sesam-community/azure-storage.svg?branch=master)](https://travis-ci.org/sesam-community/azure-storage)
+ ### Environment Parameters
+
+ | CONFIG_NAME        | DESCRIPTION           | IS_REQUIRED  |DEFAULT_VALUE|
+ | -------------------|---------------------|:------------:|:-----------:|
+ | ACCOUNT_NAME | Azure Storage account name. | no, basic auth alternatively | n/a |
+ | ACCOUNT_KEY |  Azure Storage account key. | no, basic auth alternatively | n/a |
+ | SAS_PARAMS | dict for the sas_token generation parameters | no | check the code |
+
+
+ ### Query Parameters
+
+ ##### POST REQUEST:
+
+ | CONFIG_NAME        | DESCRIPTION           | IS_REQUIRED  |DEFAULT_VALUE|
+ | -------------------|---------------------|:------------:|:-----------:|
+ | start_timedelta | time offset for the start of sas_token validity. <numeric_value> followed by M, H and D for minutes, hours and days, respectively. | no | 0M (immediate start) |
+ | expiry_timedelta | time offset for the expiry of sas_token validity. <numeric_value> followed by M, H and D for minutes, hours and days, respectively.  | no | 12H |
+
+
+
+ ### An example of system config:
+
+ ```json
+ {
+   "_id": "my_azure_storage",
+   "type": "system:microservice",
+   "connect_timeout": 60,
+   "docker": {
+     "environment": {
+       "ACCOUNT_NAME":"myaccount",
+       "ACCOUNT_KEY":"myaccount-key"
+     },
+     "image": "sesamcommunity/azure-storage:latest",
+     "port": 5000
+   },
+   "read_timeout": 7200,
+ }
+ ```
+
+### An example of input-pipe config:
+```json
+  {
+    "_id": "mydataset-from-azure-storage-file",
+    "type": "pipe",
+    "source": {     
+        "type": "json",
+        "system": "my_azure_storage",
+        "url": "/file/myshare/mydir/mydataset.json"
+    },
+    "transform": {
+      "type": "dtl",
+      "rules": {
+        "default": [
+          ["copy", "*"]
+        ]
+      }
+    }
+  }
+
+  ```
+
+### An example of output-pipe config:
+Note that to uploading could be tricky due to batchsize etc. You might utilize another microservice between sesam and azure-storage for tailor-made solutions.
+ ```json
+ {
+   "_id": "mydataset-ftp-endpoint",
+   "type": "pipe",
+   "source": {
+     "type": "dataset",
+     "dataset": "mydataset-ftp"
+   },
+   "sink": {
+     "type": "json",
+     "system": "my_azure_storage",
+     "batch_size": 1000000,
+     "url": "/file/myshare/mydir/mydataset.json"
+   },
+   "transform": {
+     "type": "dtl",
+     "rules": {
+       "default": [
+         ["copy", "*"]
+       ]
+     }
+   }
+ }
+
+ ```

service/logger.py

@@ -0,0 +1,33 @@
+import logging
+from paste.translogger import TransLogger
+
+
+def get_stdout_handler():
+    format_string = '%(asctime)s - %(name)s - %(levelname)s - %(message)s'
+    stdout_handler = logging.StreamHandler()
+    stdout_handler.setFormatter(logging.Formatter(format_string))
+    return stdout_handler
+
+
+def init_logger(logger_name, loglevel):
+    logger = logging.getLogger(logger_name)
+
+    # Log to stdout
+    logger.addHandler(get_stdout_handler())
+    logger.setLevel(loglevel)
+    logger.propagate = False
+    return logger
+
+
+def get_level_name(loglevel):
+    return logging.getLevelName(loglevel)
+
+
+def add_access_logger(app, logger):
+    wsgi_log_format_string = ('"%(REQUEST_METHOD)s %(REQUEST_URI)s %(HTTP_VERSION)s" '
+                              '%(status)s %(bytes)s')
+
+    app.wsgi_app = TransLogger(app.wsgi_app, logger_name=logger.name, format=wsgi_log_format_string,
+                               setup_console_handler=False, set_logger_level=logger.level)
+    app.logger.addHandler(get_stdout_handler())
+    return app

service/proxy-service.py

@@ -1,22 +1,31 @@
 from flask import Flask, request, Response, abort, send_file
 from functools import wraps
-from azure.storage.file import FileService
-from azure.storage.blob import BlockBlobService
-import logging
+from azure.storage.file import FileService, SharePermissions
+from azure.storage.blob import BlockBlobService, BlobPermissions
+import logger as logging
 import os
 import io
+import json
+from datetime import datetime, timedelta
 
 app = Flask(__name__)
 
+logger = logging.init_logger('azure-storage-service', os.getenv('LOGLEVEL',"INFO"))
 
-def get_var(var):
-    envvar = None
-    if var.upper() in os.environ:
-        envvar = os.environ[var.upper()]
+DEFAULT_SAS_PARAMS = '{"start_timedelta": null, "expiry_timedelta": "12H"}'
+
+PORT = int(os.getenv("PORT", 5000))
+ACCOUNT_NAME = os.getenv("ACCOUNT_NAME")
+ACCOUNT_KEY = os.getenv("ACCOUNT_KEY")
+SAS_PARAMS = json.loads(os.getenv("SAS_PARAMS",DEFAULT_SAS_PARAMS))
+
+logger.info('starting azure-storage-service with \n\tPORT={}\n\tACCOUNT_NAME={}\n\tLOGLEVEL={}\n\tSAS_PARAMS={}'.format(PORT, ACCOUNT_NAME, os.getenv('LOGLEVEL',"INFO"),SAS_PARAMS))
+
+def get_auth(auth):
+    if auth:
+        return auth.get('username'), auth.get('password')
     else:
-        envvar = request.args.get(var)
-    logger.debug("Setting %s = %s" % (var, envvar))
-    return envvar
+        return ACCOUNT_NAME, ACCOUNT_KEY
 
 def authenticate():
     """Sends a 401 response that enables basic auth"""
@@ -29,61 +38,153 @@ def requires_auth(f):
     @wraps(f)
     def decorated(*args, **kwargs):
         auth = request.authorization
-        if not auth:
+        if not auth and not(ACCOUNT_NAME and ACCOUNT_KEY):
             return authenticate()
         return f(*args, **kwargs)
 
     return decorated
 
-@app.route('/file/<share_name>/<directory_name>/<file_name>', methods=['GET'])
+
+def get_sas_params(args):
+    def str_to_timedelta(str):
+        days = 0
+        hours = 0
+        minutes = 0
+        if str:
+            str = str.upper()
+            if str[-1] == 'D':
+                days = int(str[:-1])
+            elif str[-1] == 'H':
+                hours = int(str[:-1])
+            elif str[-1] == 'M':
+                minutes = int(str[:-1])
+        return timedelta(days=days, hours=hours,minutes=minutes)
+    start_timedelta_in = args.get('start_timedelta', SAS_PARAMS.get('start_timedelta'))
+    expiry_timedelta_in = args.get('expiry_timedelta', SAS_PARAMS.get('expiry_timedelta'))
+    start_timedelta_out = str_to_timedelta(start_timedelta_in)
+    expiry_timedelta_out = str_to_timedelta(expiry_timedelta_in)
+    return start_timedelta_out, expiry_timedelta_out
+
+
+def get_location(fpath):
+    path_list = fpath.split('/')
+    directory_name = "/".join(path_list[:-1]) if len(path_list) > 1 else None
+    file_name = path_list[-1]
+    return directory_name, file_name
+
+@app.route('/file/<share_name>/<path:path_to_file>', methods=['GET'])
 @requires_auth
-def get_file(share_name, directory_name, file_name):
-    auth = request.authorization
-    file_service = FileService(account_name = auth.username, account_key = auth.password)
-    f_stream = io.BytesIO()
+def get_file(share_name, path_to_file):
+        try:
+            account_name, account_key = get_auth(request.authorization)
+            directory_name, file_name = get_location(path_to_file)
+            file_service = FileService(account_name = account_name, account_key = account_key)
+            f_stream = io.BytesIO()
+            file_service.get_file_to_stream(share_name, directory_name, file_name,
+            f_stream, max_connections=6)
+            f_stream.seek(0)
+            return send_file(f_stream, attachment_filename=file_name, as_attachment=True)
+        except Exception as e:
+            logger.exception(e)
+            return abort(500, e)
+
+@app.route('/file/<share_name>/<path:path_to_file>', methods=['POST'])
+@requires_auth
+def post_file(share_name, path_to_file):
     try:
-        file_service.get_file_to_stream(share_name, directory_name, file_name,
-                                               f_stream, max_connections=6)
-        f_stream.seek(0)
-        return send_file(f_stream, attachment_filename=file_name, as_attachment=True)
+        account_name, account_key = get_auth(request.authorization)
+        file_service = FileService(account_name = account_name, account_key = account_key)
+        start_timedelta, expiry_timedelta = get_sas_params(request.args)
+        directory_name, file_name = get_location(path_to_file)
+        if request.headers.get('Transfer-Encoding') == 'chunked':
+            file_service.create_file_from_stream(share_name, directory_name, file_name, request.stream, count=4096)
+        else:
+            file_service.create_file_from_bytes(share_name, directory_name, file_name, request.get_data())
+        sas_token = file_service.generate_file_shared_access_signature(share_name,
+            directory_name=directory_name,
+            file_name=file_name,
+            permission=SharePermissions(read=True),
+            expiry=datetime.now() + expiry_timedelta,
+            start=start_timedelta,
+            id=None,
+            ip=None,
+            protocol='https',
+            cache_control=request.headers.get('Cache-Control'),
+            content_disposition=request.headers.get('Content-Disposition: attachment;'),
+            content_encoding=request.headers.get('Content-Encoding'),
+            content_language=request.headers.get('Content-Language'),
+            content_type=request.headers.get('Content-Type'))
+        url = file_service.make_file_url(share_name, directory_name, file_name, protocol='https', sas_token=sas_token)
+
+        return Response(response=url+"", status=200, content_type='text/plain')
     except Exception as e:
+        logger.exception(e)
+        return abort(500, e)
+
+@app.route('/blob/<container_name>/<blob_name>', methods=['POST'])
+@requires_auth
+def post_blob(container_name, blob_name):
+    try:
+        account_name, account_key = get_auth(request.authorization)
+        file_service = BlockBlobService(account_name = account_name, account_key = account_key)
+        start_timedelta, expiry_timedelta = get_sas_params(request.args)
+        if request.headers.get('Transfer-Encoding') == 'chunked':
+            file_service.create_file_from_stream(container_name, directory_name, file_name, request.stream, count=4096)
+        else:
+            file_service.create_blob_from_bytes(container_name=container_name, blob_name=blob_name, blob=request.get_data())
+        sas_token = file_service.generate_blob_shared_access_signature(container_name=container_name,
+            blob_name=blob_name,
+            permission=BlobPermissions(read=True),
+            expiry=datetime.now() + expiry_timedelta,
+            start=start_timedelta,
+            id=None,
+            ip=None,
+            protocol='https',
+            cache_control=request.headers.get('Cache-Control'),
+            content_disposition=request.headers.get('Content-Disposition: attachment;'),
+            content_encoding=request.headers.get('Content-Encoding'),
+            content_language=request.headers.get('Content-Language'),
+            content_type=request.headers.get('Content-Type'))
+        url = file_service.make_blob_url(container_name, blob_name, protocol='https', sas_token=sas_token)
+
+        return Response(response=url+"", status=200, content_type='text/plain')
+    except Exception as e:
+        logger.exception(e)
         return abort(500, e)
 
 @app.route('/blob/<container_name>/<blob_name>', methods=['GET'])
 @requires_auth
 def get_blob(container_name, blob_name):
-    auth = request.authorization
-    blob_service = BlockBlobService(account_name = auth.username, account_key = auth.password)
-    f_stream = io.BytesIO()
     try:
+        account_name, account_key = get_auth(request.authorization)
+        blob_service = BlockBlobService(account_name = account_name, account_key = account_key)
+        f_stream = io.BytesIO()
         blob_service.get_blob_to_stream(container_name=container_name, blob_name=blob_name,
                                         stream=f_stream, max_connections=6)
         f_stream.seek(0)
         return send_file(f_stream, attachment_filename=blob_name, as_attachment=True)
     except Exception as e:
+        logger.exception(e)
         return abort(500, e)
 
 if __name__ == '__main__':
-    # Set up logging
-    format_string = '%(asctime)s - %(name)s - %(levelname)s - %(message)s'
-    logger = logging.getLogger('http-ftp-proxy-microservice')
-
-    # Log to stdout
-    stdout_handler = logging.StreamHandler()
-    stdout_handler.setFormatter(logging.Formatter(format_string))
-    logger.addHandler(stdout_handler)
-
-    loglevel = os.environ.get("LOGLEVEL", "INFO")
-    if "INFO" == loglevel.upper():
-        logger.setLevel(logging.INFO)
-    elif "DEBUG" == loglevel.upper():
-        logger.setLevel(logging.DEBUG)
-    elif "WARN" == loglevel.upper():
-        logger.setLevel(logging.WARN)
-    elif "ERROR" == loglevel.upper():
-        logger.setLevel(logging.ERROR)
+    if os.getenv('WEBFRAMEWORK', '').lower() == 'flask':
+        app.run(debug=True, host='0.0.0.0', port=PORT)
     else:
-        logger.setlevel(logging.INFO)
-        logger.info("Define an unsupported loglevel. Using the default level: INFO.")
+        import cherrypy
+
+        app = logging.add_access_logger(app, logger)
+        cherrypy.tree.graft(app, '/')
+
+        # Set the configuration of the web server to production mode
+        cherrypy.config.update({
+            'environment': 'production',
+            'engine.autoreload_on': False,
+            'log.screen': True,
+            'server.socket_port': PORT,
+            'server.socket_host': '0.0.0.0'
+        })
 
-    app.run(threaded=True, debug=True, host='0.0.0.0')
+        # Start the CherryPy WSGI web server
+        cherrypy.engine.start()
+        cherrypy.engine.block()

service/requirements.txt

@@ -1,2 +1,5 @@
-Flask==0.11
-azure
+requests==2.20.0
+Flask==1.0.2
+CherryPy==18.2.0
+paste==3.0.8
+azure==4.0.0