initial commit

Author: Andrew Dampf

.gitignore

@@ -0,0 +1,8 @@
+.env
+.coverage
+*.log
+__pycache__/
+venv/
+htmlcov/
+migrations/
+app.db

LICENSE

@@ -0,0 +1,13 @@
+Copyright 2019 Linode
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+     http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

README.md

@@ -0,0 +1,262 @@
+janitor
+=======
+
+Janitor is a flask application for parsing provider maintenance notification emails and taking actions based on those emails. It's written to be easily extensible to your environment.
+
+
+# Overview
+Janitor connects to an email server on a user-specified interval and checks for any maintenance emails from a list of providers and adds them to the database. It can then be configured to take an action based on the type of email: new, update, cancel, reschedule, started, and ended. For instance, you can post updates to slack on maintenance start/end emails, add events to your calendar for new emails, remove events from your calendar for cancelled emails, etc.
+
+# Demo
+![demo](docs/demo.gif)
+
+# Components
+
+## Mail Clients
+A mail client is configured with an email address, password, and port so that it can be connected to for email retrieval. Currently only gmail is supported.
+
+## Providers
+Currently supported providers include:
+ - NTT * 
+ - PacketFabric * 
+ - EUNetworks * 
+ - GTT
+ - Zayo
+
+
+The * Providers follow the [maint note](https://github.com/jda/maintnote-std/blob/master/standard.md) standard.
+
+# Configuration Options
+
+### PROJECT_ROOT
+The root folder of the janitor app. default: current working directory
+
+### SECRET_KEY
+Your application's secret key. This is required.
+
+### MAX_CONTENT_LENGTH
+Maximum size for circuit contract file uploads. default: 32 Mib
+
+### LOGFILE
+Location of the file that logs are written to.
+
+### CHECK_INTERVAL
+How frequently the mail server is checked for new messages. default: 10 minutes
+
+### POSTS_PER_PAGE
+The number of maintenances/circuits/providers to display on a single page. default: 20
+
+### DATABASE_URL
+The location of the database. all databases supported by sqlalchemy are supported. default: current working directory + app.db
+
+### TZ_PREFIX
+For correctly modifying timezones. Some providers send maintenances with a timezone of "Eastern" instead of "US/Eastern" which breaks python datetime. You could set the TZ_PREFIX value to "US/" to fix this issue. default: None
+
+### MAIL_USERNAME
+Username for your mail server. This is required
+
+### MAIL_PASSWORD
+Password for your mail server. This is required
+
+### MAIL_SERVER
+imap address of your mail server
+
+### MAILBOX
+The name of the mailbox to process messages from. default: INBOX
+
+### MAIL_CLIENT
+The mail client you wish to use. currently only gmail is supported. This is required.
+
+### SLACK_WEBHOOK_URL
+If you wish to send messages to slack, you can define this. default: None
+
+### SLACK_CHANNEL
+The channel to post slack messages to. default: None
+
+
+# database schema
+
+![db schema](docs/schema.png)
+
+# Setup
+Below walks through installation on ubuntu
+
+## Database
+You can choose any database you'd like. The example below uses mariadb.
+1. install mariadb
+```
+apt install mariadb-server
+```
+2. install mariadb dependencies
+```
+apt install libmariadbclient-dev
+pip3 install mysqlclient
+```
+3. create the database
+```
+mariadb
+MariaDB [(none)]> create database janitor CHARACTER SET utf8;
+MariaDB [(none)]> CREATE USER 'janitor'@'localhost';
+MariaDB [(none)]> GRANT ALL PRIVILEGES ON janitor.* TO 'janitor'@'localhost';
+MariaDB [(none)]> quit
+
+```
+
+
+## requirements
+janitor requires python3.6
+
+1. clone this repository into your desired installation directory
+2. create your virtual environment and activate it
+```
+python3 -m venv venv
+source venv/bin/activate
+```
+3. install the requirements
+```
+pip3 install -r requirements.txt
+```
+4. create a `.env` configuration files with the necessary variables. For example:
+```
+PROJECT_ROOT='/opt/janitor'
+DATABASE_URL='mysql://janitor@localhost/janitor?charset=utf8'
+CHECK_INTERVAL=300
+SLACK_WEBHOOK_URL='https://hooks.slack.com/abc123'
+SLACK_CHANNEL='#mychannel'
+MAIL_USERNAME='user@example.com'
+MAIL_PASSWORD='mypassword'
+MAIL_SERVER='imap.example.com'
+MAIL_CLIENT='Gmail'
+SECRET_KEY='mysecretkey'
+```
+5. create the db schema:
+```
+flask db init
+flask db migrate
+flask db upgrade
+```
+6. You may wish to choose the providers you have in your network at this point, rather than selecting them all. You can do so by editing `app/jobs/main.py` and removing the ones you don't want in the `PROVIDERS` list
+7. From the providers you selected, you can define the email and type info under each provider's class in `app/Providers.py` types are one of: `transit`, `backbone`, `transport`, `peering`, and `facility`.
+8. at this point you can test connectivity to your server. First run the server:
+```
+flask run -h 0.0.0.0
+```
+and then open a browser to your IP to see if you can connect. 
+
+
+## Web/uwsgi Server
+It's not recommended to expose the flask app directly to the internet. Below we'll use nginx and gunicorn with supervisord for setup. It's also recommended to use https, though the the steps below only cover http
+
+1. install the packages
+```
+apt install nginx supervisor
+pip3 install gunicorn
+```
+2. create /etc/supervisor/conf.d/janitor.conf with the following contents:
+```
+[program:janitor]
+command=/opt/janitor/venv/bin/gunicorn -b localhost:8000 -w 4 janitor:app --preload
+directory=/opt/janitor
+user=root
+autostart=true
+autorestart=true
+stopasgroup=true
+killasgroup=true
+```
+3. create /etc/nginx/sites-enabled/janitor with the following contents:
+```
+server {
+    # listen on port 80 (http)
+    listen 80;
+    server_name _;
+    access_log /var/log/janitor_access.log;
+    error_log /var/log/janitor_error.log;
+    location / {
+        # forward application requests to the gunicorn server
+        proxy_pass http://localhost:8000;
+        proxy_redirect off;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    }
+
+    location /static {
+        # handle static files directly, without forwarding to the application
+        alias /opt/janitor/app/static;
+        expires 30d;
+    }
+}
+```
+4. restart nginx and supervisor
+```
+supervisorctl reload janitor
+systemctl restart nginx
+```
+
+janitor only checks for unread messages in your inbox. You may want to mark a few messages as unread to see if messages are being parsed at this point by navigating to your janitor server's IP, and either waiting until the next email check runs (it will tell you when this will be), or by using the "process emails" button to process immediately. Once the connection is successful you can stop the server with Ctrl-C
+
+# API
+The API has a UI and can be reached via the `/api/v1/ui/` endpoint for testing. 
+
+## Endpoints
+All API endpoints need to be prefaced with `/api/v1`, for example, `/api/v1/circuits`
+
+### /circuits
+#### GET
+Get all circuits
+eg:
+`curl -X GET --header 'Accept: application/json' 'https://192.0.2.1/api/v1/circuits'`
+
+#### POST
+Create a new circuit by posting json.
+eg:
+```
+curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{ \ 
+   "a_side": "string", \ 
+   "id": 0, \ 
+   "provider_cid": "string", \ 
+   "provider_id": 0, \ 
+   "z_side": "string" \ 
+ }' 'http://127.0.0.1:5000/api/v1/circuits'
+```
+
+### /circuits/{circuit_id}
+#### GET
+Get a single circuit by the ID
+eg:
+`curl -X GET --header 'Accept: application/json' 'http://127.0.0.1:5000/api/v1/circuits/1'`
+
+#### PUT
+Update a circuit by posting json
+eg:
+```
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: application/json' -d '{ \ 
+   "a_side": "string", \ 
+   "provider_id": 1 \ 
+ }' 'http://127.0.0.1:5000/api/v1/circuits/5'
+```
+
+### /maintenances
+#### GET
+Get all maintenances
+eg:
+`curl -X GET --header 'Accept: application/json' 'http://127.0.0.1:5000/api/v1/maintenances'`
+
+### /maintenances/{maintenance_id}
+#### GET
+Get a maintenance by id
+eg:
+`curl -X GET --header 'Accept: application/json' 'http://127.0.0.1:5000/api/v1/maintenances/1'`
+
+### /providers
+#### GET
+Get all providers
+eg:
+`curl -X GET --header 'Accept: application/json' 'http://127.0.0.1:5000/api/v1/providers'`
+
+### /providers/{provider_id}
+#### GET
+Get a provider by id
+eg:
+`curl -X GET --header 'Accept: application/json' 'http://127.0.0.1:5000/api/v1/providers/1'`
+

api/v1/circuits.py

@@ -0,0 +1,92 @@
+from app.models import Circuit, CircuitSchema, Provider
+from flask import make_response, jsonify
+from app import db
+
+
+def read_all():
+    """
+    This function responds to a request for /circuits
+    with the complete lists of circuits
+
+    :return:        sorted list of circuits
+    """
+    circuits = Circuit.query.all()
+    schema = CircuitSchema(many=True)
+
+    return schema.dump(circuits).data
+
+def read_one(circuit_id):
+    circuit = Circuit.query.filter(Circuit.id == circuit_id).one_or_none()
+
+    if not circuit:
+        text = f'circuit not found for id {circuit_id}'
+        return make_response(jsonify(error=404, message=text), 404)
+
+    schema = CircuitSchema()
+    data = schema.dump(circuit).data
+
+    return data
+
+def create(circuit):
+    """
+    creates a circuit! checks to see if the provider_cid is unique and
+    that the provider exists.
+
+    :return:        circuit
+    """
+    provider_cid = circuit.get('provider_cid')
+    provider_id = circuit.get('provider_id')
+    circuit_exists = (
+        Circuit.query.filter(Circuit.provider_cid == provider_cid)
+        .one_or_none()
+    )
+
+    provider_exists = (
+        Provider.query.filter(Provider.id == provider_id)
+        .one_or_none()
+    )
+
+    if circuit_exists:
+        text = f'Circuit {provider_cid} already exists'
+        return make_response(jsonify(error=409, message=text), 409)
+
+
+    if not provider_exists:
+        text = (f'Provider {provider_id} does not exist.'
+                'Unable to create circuit')
+        return make_response(jsonify(error=403, message=text), 403)
+
+
+
+    schema = CircuitSchema()
+    new_circuit = schema.load(circuit, session=db.session).data
+
+    db.session.add(new_circuit)
+    db.session.commit()
+
+    data = schema.dump(new_circuit).data
+
+    return data, 201
+
+
+def update(circuit_id, circuit):
+    """
+    updates a circuit!
+    :return:        circuit
+    """
+    c = Circuit.query.filter_by(id=circuit_id).one_or_none()
+    if not c:
+        text = f'Can not update a circuit that does not exist!'
+        return make_response(jsonify(error=409, message=text), 404)
+
+
+
+    schema = CircuitSchema()
+    update = schema.load(circuit, session=db.session).data
+
+    db.session.merge(update)
+    db.session.commit()
+
+    data = schema.dump(c).data
+
+    return data, 201