Convert to mysql (#195)

* convert to mysql initial push

* Update database connection and create copilot user

* Update MySQL database URIs in db_session.py

* Update dependency in docker-compose.yml

* added wait-fit-it script during startup

* logging for debugging

* Update database configuration and module description

* Add environment variable for server IP

* fix alembic versioning

* Add ADMIN_USER_NEEDED environment variable and conditionally create admin user

* Remove unused ADMIN_USER_NEEDED variable and update database initialization

* precommit fixes for conversion to mysql

* Update Docker tags for backend and frontend images

.env.example

@@ -1,6 +1,11 @@
 # Leave this as is if connecting from a remote machine
 SERVER_IP=0.0.0.0
 
+MYSQL_URL=copilot-mysql
+MYSQL_ROOT_PASSWORD=REPLACE_WITH_PASSWORD
+MYSQL_USER=copilot
+MYSQL_PASSWORD=REPLACE_WITH_PASSWORD
+
 # ! ALERT FORWARDING IP
 # Set this to the IP of the host running CoPilot. This is used by Graylog to forward alerts to CoPilot
 # ! Ensure Graylog is able to reach this IP and port 5000

.flake8

@@ -3,11 +3,12 @@
 max-line-length = 180
 #select = B,C,E,F,W,T4,B9
 #ignore = E203, E266, E501, W503, F403, F401
-ignore = E402, W503, E231, W605, E266
+ignore = E402, W503, E231, W605, E266, E712
     # E402, # module level import not at top of file (using isort)
     # W503, # line break before binary operator
     # E231, # missing whitespace after ',' (caused by black style)
     # W605, # invalid escape sequence (caused by regex)
 extend-ignore = E203
 exclude =
     .venv
+    backend/alembic/env.py

backend/Dockerfile

@@ -1,7 +1,3 @@
-# build with `docker build -t python-backend -f Dockerfile.deb .`
-# run with `docker run -p 5000:5000 -d python-backend`
-# Start with the base Debian 11 image
-# looking to split into 2 containers, one for the backend and one for the frontend
 FROM debian:11
 
 # Set environment variables
@@ -51,6 +47,8 @@ RUN apt-get install -y wkhtmltopdf
 # Copy your application into the Docker image
 WORKDIR /opt/copilot/backend
 COPY . .
+COPY wait-for-it.sh /usr/wait-for-it.sh
+RUN chmod +x /usr/wait-for-it.sh
 # Create file-store folder
 RUN mkdir file-store
 
@@ -113,4 +111,6 @@ ARG COPILOT_API_KEY
 ENV COPILOT_API_KEY=$COPILOT_API_KEY
 
 # Run your application
-CMD ["sh", "-c", "ls -la && /opt/venv/bin/python copilot.py"]
+# CMD ["sh", "-c", "ls -la && /opt/venv/bin/python copilot.py"]
+# Use wait-for-it.sh to wait for the MySQL service to be ready before starting your application
+CMD ["/usr/wait-for-it.sh", "copilot-mysql:3306", "--", "/opt/venv/bin/python", "copilot.py"]

backend/alembic/README

@@ -0,0 +1 @@
+Generic single-database configuration.

backend/alembic/alembic.ini

@@ -0,0 +1,116 @@
+# A generic, single database configuration.
+
+[alembic]
+# path to migration scripts
+script_location = alembic
+
+# template used to generate migration file names; The default value is %%(rev)s_%%(slug)s
+# Uncomment the line below if you want the files to be prepended with date and time
+# see https://alembic.sqlalchemy.org/en/latest/tutorial.html#editing-the-ini-file
+# for all available tokens
+# file_template = %%(year)d_%%(month).2d_%%(day).2d_%%(hour).2d%%(minute).2d-%%(rev)s_%%(slug)s
+
+# sys.path path, will be prepended to sys.path if present.
+# defaults to the current working directory.
+prepend_sys_path = .
+
+# timezone to use when rendering the date within the migration file
+# as well as the filename.
+# If specified, requires the python>=3.9 or backports.zoneinfo library.
+# Any required deps can installed by adding `alembic[tz]` to the pip requirements
+# string value is passed to ZoneInfo()
+# leave blank for localtime
+# timezone =
+
+# max length of characters to apply to the
+# "slug" field
+# truncate_slug_length = 40
+
+# set to 'true' to run the environment during
+# the 'revision' command, regardless of autogenerate
+# revision_environment = false
+
+# set to 'true' to allow .pyc and .pyo files without
+# a source .py file to be detected as revisions in the
+# versions/ directory
+# sourceless = false
+
+# version location specification; This defaults
+# to alembic/versions.  When using multiple version
+# directories, initial revisions must be specified with --version-path.
+# The path separator used here should be the separator specified by "version_path_separator" below.
+# version_locations = %(here)s/bar:%(here)s/bat:alembic/versions
+
+# version path separator; As mentioned above, this is the character used to split
+# version_locations. The default within new alembic.ini files is "os", which uses os.pathsep.
+# If this key is omitted entirely, it falls back to the legacy behavior of splitting on spaces and/or commas.
+# Valid values for version_path_separator are:
+#
+# version_path_separator = :
+# version_path_separator = ;
+# version_path_separator = space
+version_path_separator = os  # Use os.pathsep. Default configuration used for new projects.
+
+# set to 'true' to search source files recursively
+# in each "version_locations" directory
+# new in Alembic version 1.10
+# recursive_version_locations = false
+
+# the output encoding used when revision files
+# are written from script.py.mako
+# output_encoding = utf-8
+
+sqlalchemy.url = mysql+pymysql://copilot:REPLACE_WITH_PASS@copilot-mysql/copilot
+
+
+[post_write_hooks]
+# post_write_hooks defines scripts or Python functions that are run
+# on newly generated revision scripts.  See the documentation for further
+# detail and examples
+
+# format using "black" - use the console_scripts runner, against the "black" entrypoint
+# hooks = black
+# black.type = console_scripts
+# black.entrypoint = black
+# black.options = -l 79 REVISION_SCRIPT_FILENAME
+
+# lint with attempts to fix using "ruff" - use the exec runner, execute a binary
+# hooks = ruff
+# ruff.type = exec
+# ruff.executable = %(here)s/.venv/bin/ruff
+# ruff.options = --fix REVISION_SCRIPT_FILENAME
+
+# Logging configuration
+[loggers]
+keys = root,sqlalchemy,alembic
+
+[handlers]
+keys = console
+
+[formatters]
+keys = generic
+
+[logger_root]
+level = WARN
+handlers = console
+qualname =
+
+[logger_sqlalchemy]
+level = WARN
+handlers =
+qualname = sqlalchemy.engine
+
+[logger_alembic]
+level = INFO
+handlers =
+qualname = alembic
+
+[handler_console]
+class = StreamHandler
+args = (sys.stderr,)
+level = NOTSET
+formatter = generic
+
+[formatter_generic]
+format = %(levelname)-5.5s [%(name)s] %(message)s
+datefmt = %H:%M:%S

backend/alembic/env.py

@@ -0,0 +1,99 @@
+from logging.config import fileConfig
+
+from sqlalchemy import engine_from_config
+from sqlalchemy import pool
+from sqlmodel import SQLModel
+
+from alembic import context
+
+# from app.db.all_models import *
+from app.auth.models.users import User
+from app.connectors.models import Connectors
+
+# from app.integrations.sap_siem.models.sap_siem import SapSiemMultipleLogins
+from app.customer_provisioning.models.default_settings import (
+    CustomerProvisioningDefaultSettings,
+)
+
+# from app.connectors.sublime.models.alerts import SublimeAlerts
+# from app.connectors.wazuh_manager.models.rules import DisabledRule
+from app.db.universal_models import Agents
+from app.db.universal_models import Customers
+from app.db.universal_models import CustomersMeta
+from app.db.universal_models import LogEntry
+from app.integrations.alert_creation_settings.models.alert_creation_settings import (
+    AlertCreationSettings,
+)
+from app.integrations.models.customer_integration_settings import CustomerIntegrations
+from app.integrations.monitoring_alert.models.monitoring_alert import MonitoringAlerts
+from app.schedulers.models.scheduler import JobMetadata
+
+# this is the Alembic Config object, which provides
+# access to the values within the .ini file in use.
+config = context.config
+
+# Interpret the config file for Python logging.
+# This line sets up loggers basically.
+if config.config_file_name is not None:
+    fileConfig(config.config_file_name)
+
+# add your model's MetaData object here
+# for 'autogenerate' support
+# from myapp import mymodel
+# target_metadata = mymodel.Base.metadata
+target_metadata = SQLModel.metadata
+
+# other values from the config, defined by the needs of env.py,
+# can be acquired:
+# my_important_option = config.get_main_option("my_important_option")
+# ... etc.
+
+
+def run_migrations_offline() -> None:
+    """Run migrations in 'offline' mode.
+
+    This configures the context with just a URL
+    and not an Engine, though an Engine is acceptable
+    here as well.  By skipping the Engine creation
+    we don't even need a DBAPI to be available.
+
+    Calls to context.execute() here emit the given string to the
+    script output.
+
+    """
+    url = config.get_main_option("sqlalchemy.url")
+    context.configure(
+        url=url,
+        target_metadata=target_metadata,
+        literal_binds=True,
+        dialect_opts={"paramstyle": "named"},
+    )
+
+    with context.begin_transaction():
+        context.run_migrations()
+
+
+def run_migrations_online() -> None:
+    """Run migrations in 'online' mode.
+
+    In this scenario we need to create an Engine
+    and associate a connection with the context.
+
+    """
+    connectable = engine_from_config(
+        config.get_section(config.config_ini_section, {}),
+        prefix="sqlalchemy.",
+        poolclass=pool.NullPool,
+    )
+
+    with connectable.connect() as connection:
+        context.configure(connection=connection, target_metadata=target_metadata)
+
+        with context.begin_transaction():
+            context.run_migrations()
+
+
+if context.is_offline_mode():
+    run_migrations_offline()
+else:
+    run_migrations_online()

backend/alembic/script.py.mako

@@ -0,0 +1,26 @@
+"""${message}
+
+Revision ID: ${up_revision}
+Revises: ${down_revision | comma,n}
+Create Date: ${create_date}
+
+"""
+from typing import Sequence, Union
+
+from alembic import op
+import sqlalchemy as sa
+${imports if imports else ""}
+
+# revision identifiers, used by Alembic.
+revision: str = ${repr(up_revision)}
+down_revision: Union[str, None] = ${repr(down_revision)}
+branch_labels: Union[str, Sequence[str], None] = ${repr(branch_labels)}
+depends_on: Union[str, Sequence[str], None] = ${repr(depends_on)}
+
+
+def upgrade() -> None:
+    ${upgrades if upgrades else "pass"}
+
+
+def downgrade() -> None:
+    ${downgrades if downgrades else "pass"}