Add E2E tests, fix bugs

Made-with: Cursor
2026-04-22 14:06:34 +00:00 · 2026-04-13 05:17:48 +03:00
parent 1f98b5e958
commit 8f7deb3fca
71 changed files with 4740 additions and 29 deletions
@@ -0,0 +1,109 @@
+# Azaion.Loader — Data Model
+
+## Entity Overview
+
+```mermaid
+erDiagram
+    Credentials {
+        str email
+        str password
+    }
+    User {
+        str id
+        str email
+        RoleEnum role
+    }
+    CDNCredentials {
+        str host
+        str downloader_access_key
+        str downloader_access_secret
+        str uploader_access_key
+        str uploader_access_secret
+    }
+    UnlockState {
+        str value
+    }
+
+    Credentials ||--|| User : "login produces"
+    Credentials ||--|| CDNCredentials : "enables download of"
+    User ||--|| RoleEnum : "has"
+```
+
+## Entity Details
+
+### Credentials (cdef class — credentials.pyx)
+
+| Field    | Type | Source          |
+|----------|------|-----------------|
+| email    | str  | User input      |
+| password | str  | User input      |
+
+In-memory only. Set via `/login` or `/unlock` endpoint.
+
+### User (cdef class — user.pyx)
+
+| Field | Type     | Source             |
+|-------|----------|--------------------|
+| id    | str      | JWT `nameid` claim (UUID) |
+| email | str      | JWT `unique_name` claim   |
+| role  | RoleEnum | JWT `role` claim (mapped) |
+
+Created by `ApiClient.set_token()` after JWT decoding.
+
+### RoleEnum (cdef enum — user.pxd)
+
+| Value            | Numeric | Description           |
+|------------------|---------|-----------------------|
+| NONE             | 0       | No role assigned      |
+| Operator         | 10      | Basic operator        |
+| Validator        | 20      | Validation access     |
+| CompanionPC      | 30      | Companion PC device   |
+| Admin            | 40      | Admin access          |
+| ResourceUploader | 50      | Can upload resources  |
+| ApiAdmin         | 1000    | Full API admin        |
+
+### CDNCredentials (cdef class — cdn_manager.pyx)
+
+| Field                    | Type | Source                        |
+|--------------------------|------|-------------------------------|
+| host                     | str  | cdn.yaml (encrypted download) |
+| downloader_access_key    | str  | cdn.yaml                      |
+| downloader_access_secret | str  | cdn.yaml                      |
+| uploader_access_key      | str  | cdn.yaml                      |
+| uploader_access_secret   | str  | cdn.yaml                      |
+
+Initialized once per `ApiClient.set_credentials()` call.
+
+### UnlockState (str Enum — unlock_state.py)
+
+| Value            | Description                        |
+|------------------|------------------------------------|
+| idle             | No unlock in progress              |
+| authenticating   | Logging in to API                  |
+| downloading_key  | Fetching key fragment              |
+| decrypting       | Decrypting archive                 |
+| loading_images   | Running docker load                |
+| ready            | All images loaded                  |
+| error            | Unlock failed                      |
+
+Module-level state in `main.py`, protected by `threading.Lock`.
+
+## Persistent Storage
+
+This service has **no database**. All state is in-memory and ephemeral. External persistence:
+
+| Data                  | Location               | Managed By        |
+|-----------------------|------------------------|-------------------|
+| Encrypted archive     | `/opt/azaion/images.enc` | Pre-deployed    |
+| Cached big file parts | `{folder}/{name}.big`  | ApiClient         |
+| Log files             | `Logs/log_loader_*.txt`| Loguru            |
+
+## Data Flow Summary
+
+```
+User credentials (email, password)
+  → ApiClient → login → JWT token → User (id, email, role)
+  → ApiClient → load cdn.yaml (encrypted) → CDNCredentials
+  → ApiClient → load/upload resources (small via API, big via CDN)
+  → binary_split → download key fragment → decrypt archive → docker load
+```