Prototype REST implementation

[giffels]

This pull request implements a prototype REST implementation to query the SqlRegistry. Currently two read-only API calls (GET /resources/state, GET /resources ) are supported. The REST API implementation uses FastApi and uvicorn as ASGI server. The REST API relies on JSON Web Token and OAuth2 scopes to support authentication and authorization.

Could be useful to avoid #172.

To activate the TARDIS REST service, simply add the following lines to your TARDISconfiguration.

Services:
  restapi:
      !TardisRestApi
      host: 127.0.0.1
      port: 1234
      secret_key: 752e003f636f402cc23728e185ce8c9eef27b7e02cf509b3015f7757e625b8e4
      algorithm: HS256
      users:
         - user_name: tardis
           hashed_password: $2b$12$c9SSllh1U6tOhIo37sDWF.kdRIU5RQAAOHL9bVYMs2.HluyFE43Uq
           scopes:
             - user:read

to enable logging I suggest to use the following logging configuration in your COBalD configuration.

logging:
  version: 1
  loggers:
    root:
      level: DEBUG
      handlers: [console, file]
    uvicorn:
      level: INFO
      handlers: [ uvicorn_file ]
      propagate: False
  formatters:
    precise:
      format: '%(name)s: %(asctime)s %(message)s'
      datefmt: '%Y-%m-%d %H:%M:%S'
  handlers:
    console:
      class : logging.StreamHandler
      formatter: precise
      stream  : ext://sys.stdout
    file:
      class : logging.handlers.RotatingFileHandler
      formatter: precise
      filename: tardis.log
      maxBytes: 10485760
      backupCount: 3
    uvicorn_file:
      class: logging.handlers.RotatingFileHandler
      formatter: precise
      filename: uvicorn.log
      maxBytes: 10485760
      backupCount: 3

• Add unittest using httpx (see https://fastapi.tiangolo.com/advanced/async-tests/)
• Add documentation
• Add changelog
• Add support for tokens

Benchmarks:

Running one million requests against this service took about 11 minutes. Which is equivalent to a performance of about 1500 requests/s.

[codecov-commenter]

Codecov Report

Merging #183 (b8721c9) into master (d66c293) will decrease coverage by 0.05%.
The diff coverage is 98.96%.

@@            Coverage Diff             @@
##           master     #183      +/-   ##
==========================================
- Coverage   99.56%   99.50%   -0.06%     
==========================================
  Files          41       53      +12     
  Lines        1823     2022     +199     
==========================================
+ Hits         1815     2012     +197     
- Misses          8       10       +2     

Impacted Files	Coverage Δ
tardis/rest/hash_credentials/__main__.py	83.33% <83.33%> (ø)
tardis/rest/token_generator/__main__.py	83.33% <83.33%> (ø)
tardis/plugins/sqliteregistry.py	100.00% <100.00%> (ø)
tardis/rest/app/crud.py	100.00% <100.00%> (ø)
tardis/rest/app/database.py	100.00% <100.00%> (ø)
tardis/rest/app/main.py	100.00% <100.00%> (ø)
tardis/rest/app/routers/login.py	100.00% <100.00%> (ø)
tardis/rest/app/routers/resources.py	100.00% <100.00%> (ø)
tardis/rest/app/security.py	100.00% <100.00%> (ø)
tardis/rest/hash_credentials/hash_credentials.py	100.00% <100.00%> (ø)
... and 4 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d66c293...b8721c9. Read the comment docs.

[maxfischer2781]

I've just pushed out cobald v0.12.3 that includes the required eager evaluation of YAML tags.

[giffels]

I've just pushed out cobald v0.12.3 that includes the required eager evaluation of YAML tags.

Thanks a lot.

[giffels]

I have now also changed the security scopes to better match the granted permissions. We now have

• resources:get instead of user:read
• resources:put instead of user:write (not used yet)

The idea is that this can be extended by further scopes like resources:delete, configuration:get, configuration.put, etc.

[mschnepf]

I have one comment, but nothing critical

[RHofsaess]

👍

[mschnepf]

Thanks for all your work. It looks really good 👍

[eileen-kuehn]

Great stuff 👍
I mainly left some comments on how docstrings might be improved. So fixing should be a no-brainer 😸

[eileen-kuehn]

Can we actually ensure that the example is rendered below? Maybe it is better to state something like "See the example logging configuration.".

[giffels]

Thanks, I thing this is a better.

[eileen-kuehn]

Do you mind checking the return type? I would expect Optional[UserCredentials] from just reading the code below.

[giffels]

Thanks, I have changed it to Optional[UserCredentials].

[giffels]

Thank you very much @eileen-kuehn for improving documentation and code.

[mschnepf]

Looks good to me 👍

[eileen-kuehn]

Great stuff, looks good to go 🥇