Change import paths to be absolute, change pythonpath for config app

2018-05-23 16:57:26 -04:00 · 2018-05-23 16:57:26 -04:00 · 841053f878
commit 841053f878
parent c378e408ef
19 changed files with 814 additions and 79 deletions
--- a/config_app/Procfile
+++ b/config_app/Procfile
@ -1,3 +1,3 @@
-app: PYTHONPATH="./" gunicorn -c conf/gunicorn_local.py config_application:application
+app: PYTHONPATH="../" gunicorn -c conf/gunicorn_local.py config_application:application
 # webpack: npm run watch-config-app
--- a/config_app/config_app.py
+++ b/config_app/config_app.py
@ -2,7 +2,7 @@ import os
 import logging
 from flask import Flask
 from _init_config import CONF_DIR
-from config_util.config import get_config_provider
+from config_app.config_util.config import get_config_provider
 app = Flask(__name__)
@ -18,11 +18,11 @@ config_provider = get_config_provider(OVERRIDE_CONFIG_DIRECTORY, 'config.yaml',
                                      testing=is_testing, kubernetes=is_kubernetes)
 if is_testing:
-    from config_test.testconfig import TestConfig
+    from config_app.config_test.testconfig import TestConfig
    logger.debug('Loading test config.')
    app.config.from_object(TestConfig())
 else:
-    from config_app_config import DefaultConfig
+    from config_app.config_app_config import DefaultConfig
    logger.debug('Loading default config.')
    app.config.from_object(DefaultConfig())
    # app.teardown_request(database.close_db_filter)
--- a/config_app/conf/gunicorn_local.py
+++ b/config_app/conf/gunicorn_local.py
@ -5,8 +5,8 @@ sys.path.append(os.path.join(os.path.dirname(__file__), "../"))
 import logging
 from Crypto import Random
-from config_util.log import logfile_path
+from config_app.config_util.log import logfile_path
-from config_util.workers import get_worker_count
+from config_app.config_util.workers import get_worker_count
 logconfig = logfile_path(debug=True)
--- a/config_app/config_application.py
+++ b/config_app/config_application.py
@ -1,4 +1,4 @@
-from config_app import app as application
+from config_app.c_app import app as application
 # Bind all of the blueprints
 import config_web
--- a/config_app/config_endpoints/api/init.py
+++ b/config_app/config_endpoints/api/init.py
@ -3,10 +3,13 @@ import logging
 from flask import Blueprint
 from flask_restful import Resource, Api
 from flask_restful.utils.cors import crossdomain
-from config_app import app
+from email.utils import formatdate
 from calendar import timegm
 from functools import partial, wraps
 from jsonschema import validate, ValidationError
-from config_endpoints.exception import InvalidResponse
+
 from config_app.c_app import app
 from config_app.config_endpoints.exception import InvalidResponse
 logger = logging.getLogger(__name__)
 api_bp = Blueprint('api', __name__)
@ -28,6 +31,13 @@ api = ApiExceptionHandlingApi()
 api.init_app(api_bp)
 def format_date(date):
    """ Output an RFC822 date format. """
    if date is None:
        return None
    return formatdate(timegm(date.utctimetuple()))
 def verify_not_prod(func):
    @add_method_metadata('enterprise_only', True)
    @wraps(func)
--- a/config_app/config_endpoints/api/discovery.py
+++ b/config_app/config_endpoints/api/discovery.py
@ -2,9 +2,9 @@ import logging
 import sys
 from collections import OrderedDict
-from config_app import app
+from config_app.c_app import app
-from config_endpoints.api import method_metadata
+from config_app.config_endpoints.api import method_metadata
-from config_endpoints.common import fully_qualified_name, PARAM_REGEX, TYPE_CONVERTER
+from config_app.config_endpoints.common import fully_qualified_name, PARAM_REGEX, TYPE_CONVERTER
 logger = logging.getLogger(__name__)
--- a/config_app/config_endpoints/api/suconfig.py
+++ b/config_app/config_endpoints/api/suconfig.py
@ -1,7 +1,7 @@
 import logging
-from config_endpoints.api import resource, ApiResource, verify_not_prod, nickname
+from config_app.config_endpoints.api import resource, ApiResource, verify_not_prod, nickname
-from config_app import app, config_provider
+from config_app.c_app import app, config_provider
 logger = logging.getLogger(__name__)
--- a/config_app/config_endpoints/api/superuser.py
+++ b/config_app/config_endpoints/api/superuser.py
@ -1,12 +1,14 @@
 import os
 import logging
 import pathvalidate
-from flask import request
+from flask import request, jsonify
-from config_endpoints.exception import InvalidRequest
+from config_app.config_endpoints.exception import InvalidRequest
-from config_endpoints.api import resource, ApiResource, verify_not_prod, nickname
+from config_app.config_endpoints.api import resource, ApiResource, verify_not_prod, nickname
-from config_util.ssl import load_certificate, CertInvalidException
+from config_app.config_util.ssl import load_certificate, CertInvalidException
-from config_app import app, config_provider
+from config_app.c_app import app, config_provider
 from config_app.config_endpoints.api.superuser_models_pre_oci import pre_oci_model
 logger = logging.getLogger(__name__)
 EXTRA_CA_DIRECTORY = 'extra_ca_certs'
@ -104,48 +106,49 @@ class SuperUserCustomCertificates(ApiResource):
            'certs': cert_views,
        }
-# TODO(config) port this endpoint when (https://github.com/quay/quay/pull/3055) merged to ensure no conflicts
+
-# @resource('/v1/superuser/keys')
+# TODO(config) port this endpoint when (https://github.com/quay/quay/pull/3055) merged to ensure no conflicts
-# class SuperUserServiceKeyManagement(ApiResource):
+@resource('/v1/superuser/keys')
-#     """ Resource for managing service keys."""
+class SuperUserServiceKeyManagement(ApiResource):
-#     schemas = {
+    """ Resource for managing service keys."""
-#         'CreateServiceKey': {
+    schemas = {
-#             'id': 'CreateServiceKey',
+        'CreateServiceKey': {
-#             'type': 'object',
+            'id': 'CreateServiceKey',
-#             'description': 'Description of creation of a service key',
+            'type': 'object',
-#             'required': ['service', 'expiration'],
+            'description': 'Description of creation of a service key',
-#             'properties': {
+            'required': ['service', 'expiration'],
-#                 'service': {
+            'properties': {
-#                     'type': 'string',
+                'service': {
-#                     'description': 'The service authenticating with this key',
+                    'type': 'string',
-#                 },
+                    'description': 'The service authenticating with this key',
-#                 'name': {
+                },
-#                     'type': 'string',
+                'name': {
-#                     'description': 'The friendly name of a service key',
+                    'type': 'string',
-#                 },
+                    'description': 'The friendly name of a service key',
-#                 'metadata': {
+                },
-#                     'type': 'object',
+                'metadata': {
-#                     'description': 'The key/value pairs of this key\'s metadata',
+                    'type': 'object',
-#                 },
+                    'description': 'The key/value pairs of this key\'s metadata',
-#                 'notes': {
+                },
-#                     'type': 'string',
+                'notes': {
-#                     'description': 'If specified, the extra notes for the key',
+                    'type': 'string',
-#                 },
+                    'description': 'If specified, the extra notes for the key',
-#                 'expiration': {
+                },
-#                     'description': 'The expiration date as a unix timestamp',
+                'expiration': {
-#                     'anyOf': [{'type': 'number'}, {'type': 'null'}],
+                    'description': 'The expiration date as a unix timestamp',
-#                 },
+                    'anyOf': [{'type': 'number'}, {'type': 'null'}],
-#             },
+                },
-#         },
+            },
-#     }
+        },
-#
+    }
-#     @verify_not_prod
+
-#     @nickname('listServiceKeys')
+    @verify_not_prod
-#     def get(self):
+    @nickname('listServiceKeys')
-#         keys = pre_oci_model.list_all_service_keys()
+    def get(self):
-#
+        keys = pre_oci_model.list_all_service_keys()
-#         return jsonify({
+
-#             'keys': [key.to_dict() for key in keys],
+        return jsonify({
-#         })
+            'keys': [key.to_dict() for key in keys],
-#
+        })
--- a/config_app/config_endpoints/api/superuser_models_interface.py
+++ b/config_app/config_endpoints/api/superuser_models_interface.py
@ -0,0 +1,448 @@
 import json
 from abc import ABCMeta, abstractmethod
 from collections import namedtuple
 from datetime import datetime
 from dateutil.relativedelta import relativedelta
 from six import add_metaclass
 from tzlocal import get_localzone
 # from app import avatar, superusers
 # from buildtrigger.basehandler import BuildTriggerHandler
 from data import model
 from config_app.config_endpoints.api import format_date
 from util.morecollections import AttrDict
 def user_view(user):
    return {
        'name': user.username,
        'kind': 'user',
        'is_robot': user.robot,
    }
 # class BuildTrigger(
 #     namedtuple('BuildTrigger', ['uuid', 'service_name', 'pull_robot', 'can_read', 'can_admin', 'for_build'])):
 #     """
 #     BuildTrigger represent a trigger that is associated with a build
 #     :type uuid: string
 #     :type service_name: string
 #     :type pull_robot: User
 #     :type can_read: boolean
 #     :type can_admin: boolean
 #     :type for_build: boolean
 #     """
 #
 #     def to_dict(self):
 #         if not self.uuid:
 #             return None
 #
 #         build_trigger = BuildTriggerHandler.get_handler(self)
 #         build_source = build_trigger.config.get('build_source')
 #
 #         repo_url = build_trigger.get_repository_url() if build_source else None
 #         can_read = self.can_read or self.can_admin
 #
 #         trigger_data = {
 #             'id': self.uuid,
 #             'service': self.service_name,
 #             'is_active': build_trigger.is_active(),
 #
 #             'build_source': build_source if can_read else None,
 #             'repository_url': repo_url if can_read else None,
 #
 #             'config': build_trigger.config if self.can_admin else {},
 #             'can_invoke': self.can_admin,
 #         }
 #
 #         if not self.for_build and self.can_admin and self.pull_robot:
 #             trigger_data['pull_robot'] = user_view(self.pull_robot)
 #
 #         return trigger_data
 class RepositoryBuild(namedtuple('RepositoryBuild',
                                 ['uuid', 'logs_archived', 'repository_namespace_user_username', 'repository_name',
                                  'can_write', 'can_read', 'pull_robot', 'resource_key', 'trigger', 'display_name',
                                  'started', 'job_config', 'phase', 'status', 'error', 'archive_url'])):
    """
    RepositoryBuild represents a build associated with a repostiory
    :type uuid: string
    :type logs_archived: boolean
    :type repository_namespace_user_username: string
    :type repository_name: string
    :type can_write: boolean
    :type can_write: boolean
    :type pull_robot: User
    :type resource_key: string
    :type trigger: Trigger
    :type display_name: string
    :type started: boolean
    :type job_config: {Any -> Any}
    :type phase: string
    :type status: string
    :type error: string
    :type archive_url: string
    """
    def to_dict(self):
        resp = {
            'id': self.uuid,
            'phase': self.phase,
            'started': format_date(self.started),
            'display_name': self.display_name,
            'status': self.status or {},
            'subdirectory': self.job_config.get('build_subdir', ''),
            'dockerfile_path': self.job_config.get('build_subdir', ''),
            'context': self.job_config.get('context', ''),
            'tags': self.job_config.get('docker_tags', []),
            'manual_user': self.job_config.get('manual_user', None),
            'is_writer': self.can_write,
            'trigger': self.trigger.to_dict(),
            'trigger_metadata': self.job_config.get('trigger_metadata', None) if self.can_read else None,
            'resource_key': self.resource_key,
            'pull_robot': user_view(self.pull_robot) if self.pull_robot else None,
            'repository': {
                'namespace': self.repository_namespace_user_username,
                'name': self.repository_name
            },
            'error': self.error,
        }
        if self.can_write:
            if self.resource_key is not None:
                resp['archive_url'] = self.archive_url
            elif self.job_config.get('archive_url', None):
                resp['archive_url'] = self.job_config['archive_url']
        return resp
 class Approval(namedtuple('Approval', ['approver', 'approval_type', 'approved_date', 'notes'])):
    """
    Approval represents whether a key has been approved or not
    :type approver: User
    :type approval_type: string
    :type approved_date: Date
    :type notes: string
    """
    def to_dict(self):
        return {
            'approver': self.approver.to_dict() if self.approver else None,
            'approval_type': self.approval_type,
            'approved_date': self.approved_date,
            'notes': self.notes,
        }
 class ServiceKey(namedtuple('ServiceKey', ['name', 'kid', 'service', 'jwk', 'metadata', 'created_date',
                                           'expiration_date', 'rotation_duration', 'approval'])):
    """
    ServiceKey is an apostille signing key
    :type name: string
    :type kid: int
    :type service: string
    :type jwk: string
    :type metadata: string
    :type created_date: Date
    :type expiration_date: Date
    :type rotation_duration: Date
    :type approval: Approval
    """
    def to_dict(self):
        return {
            'name': self.name,
            'kid': self.kid,
            'service': self.service,
            'jwk': self.jwk,
            'metadata': self.metadata,
            'created_date': self.created_date,
            'expiration_date': self.expiration_date,
            'rotation_duration': self.rotation_duration,
            'approval': self.approval.to_dict() if self.approval is not None else None,
        }
 class User(namedtuple('User', ['username', 'email', 'verified', 'enabled', 'robot'])):
    """
    User represents a single user.
    :type username: string
    :type email: string
    :type verified: boolean
    :type enabled: boolean
    :type robot: User
    """
    def to_dict(self):
        user_data = {
            'kind': 'user',
            'name': self.username,
            'username': self.username,
            'email': self.email,
            'verified': self.verified,
            # todo(config) remove or add these lines from app
            # 'avatar': avatar.get_data_for_user(self),
            # 'super_user': superusers.is_superuser(self.username),
            'enabled': self.enabled,
        }
        return user_data
 class Organization(namedtuple('Organization', ['username', 'email'])):
    """
    Organization represents a single org.
    :type username: string
    :type email: string
    """
    def to_dict(self):
        return {
            'name': self.username,
            'email': self.email,
            # todo(config) remove or add these lines from app
            # 'avatar': avatar.get_data_for_org(self),
        }
 class LogEntry(
    namedtuple('LogEntry', [
        'metadata_json', 'ip', 'datetime', 'performer_email', 'performer_username', 'performer_robot',
        'account_organization', 'account_username', 'account_email', 'account_robot', 'kind',
    ])):
    """
    LogEntry a single log entry.
    :type metadata_json: string
    :type ip: string
    :type datetime: string
    :type performer_email: int
    :type performer_username: string
    :type performer_robot: boolean
    :type account_organization: boolean
    :type account_username: string
    :type account_email: string
    :type account_robot: boolean
    :type kind_id: int
    """
    def to_dict(self):
        view = {
            'kind': self.kind,
            'metadata': json.loads(self.metadata_json),
            'ip': self.ip,
            'datetime': format_date(self.datetime),
        }
        if self.performer_username:
            performer = AttrDict({'username': self.performer_username, 'email': self.performer_email})
            performer.robot = None
            if self.performer_robot:
                performer.robot = self.performer_robot
            view['performer'] = {
                'kind': 'user',
                'name': self.performer_username,
                'is_robot': self.performer_robot,
                # todo(config) remove or add these lines from app
                # 'avatar': avatar.get_data_for_user(performer),
            }
        if self.account_username:
            account = AttrDict({'username': self.account_username, 'email': self.account_email})
            if self.account_organization:
                view['namespace'] = {
                    'kind': 'org',
                    'name': self.account_username,
                    # todo(config) remove or add these lines from app
                    # 'avatar': avatar.get_data_for_org(account),
                }
            else:
                account.robot = None
                if self.account_robot:
                    account.robot = self.account_robot
                view['namespace'] = {
                    'kind': 'user',
                    'name': self.account_username,
                    # todo(config) remove or add these lines from app
                    # 'avatar': avatar.get_data_for_user(account),
                }
        return view
 class LogEntryPage(
    namedtuple('LogEntryPage', ['logs', 'next_page_token'])):
    """
    LogEntryPage represents a single page of logs.
    :type logs: [LogEntry]
    :type next_page_token: {any -> any}
    """
 class AggregatedLogEntry(
    namedtuple('AggregatedLogEntry', ['count', 'kind_id', 'day', 'start_time'])):
    """
    AggregatedLogEntry represents an aggregated view of logs.
    :type count: int
    :type kind_id: int
    :type day: string
    :type start_time: Date
    """
    def to_dict(self):
        synthetic_date = datetime(self.start_time.year, self.start_time.month, int(self.day), tzinfo=get_localzone())
        if synthetic_date.day < self.start_time.day:
            synthetic_date = synthetic_date + relativedelta(months=1)
        kinds = model.log.get_log_entry_kinds()
        view = {
            'kind': kinds[self.kind_id],
            'count': self.count,
            'datetime': format_date(synthetic_date),
        }
        return view
@add_metaclass(ABCMeta)
 class SuperuserDataInterface(object):
    """
    Interface that represents all data store interactions required by a superuser api.
    """
    @abstractmethod
    def get_logs_query(self, start_time, end_time, page_token=None):
        """
        Returns a LogEntryPage.
        """
    @abstractmethod
    def get_aggregated_logs(self, start_time, end_time):
        """
        Returns a list of AggregatedLogEntry
        """
    @abstractmethod
    def get_organizations(self):
        """
        Returns a list of Organization
        """
    @abstractmethod
    def get_active_users(self):
        """
        Returns a list of User
        """
    @abstractmethod
    def create_install_user(self, username, password, email):
        """
        Returns the created user and confirmation code for email confirmation
        """
    @abstractmethod
    def get_nonrobot_user(self, username):
        """
        Returns a User
        """
    @abstractmethod
    def create_reset_password_email_code(self, email):
        """
        Returns a recover password code
        """
    @abstractmethod
    def mark_user_for_deletion(self, username):
        """
        Returns None
        """
    @abstractmethod
    def change_password(self, username, password):
        """
        Returns None
        """
    @abstractmethod
    def update_email(self, username, email, auto_verify):
        """
        Returns None
        """
    @abstractmethod
    def update_enabled(self, username, enabled):
        """
        Returns None
        """
    @abstractmethod
    def take_ownership(self, namespace, authed_user):
        """
        Returns id of entity and whether the entity was a user
        """
    @abstractmethod
    def mark_organization_for_deletion(self, name):
        """
        Returns None
        """
    @abstractmethod
    def change_organization_name(self, old_org_name, new_org_name):
        """
        Returns updated Organization
        """
    @abstractmethod
    def list_all_service_keys(self):
        """
        Returns a list of service keys
        """
    @abstractmethod
    def generate_service_key(self, service, expiration_date, kid=None, name='', metadata=None, rotation_duration=None):
        """
        Returns a tuple of private key and public key id
        """
    @abstractmethod
    def approve_service_key(self, kid, approver, approval_type, notes=''):
        """
        Returns the approved Key
        """
    @abstractmethod
    def get_service_key(self, kid, service=None, alive_only=True, approved_only=True):
        """
        Returns ServiceKey
        """
    @abstractmethod
    def set_key_expiration(self, kid, expiration_date):
        """
        Returns None
        """
    @abstractmethod
    def update_service_key(self, kid, name=None, metadata=None):
        """
        Returns None
        """
    @abstractmethod
    def delete_service_key(self, kid):
        """
        Returns deleted ServiceKey
        """
    @abstractmethod
    def get_repository_build(self, uuid):
        """
        Returns RepositoryBuild
        """
--- a/config_app/config_endpoints/api/superuser_models_pre_oci.py
+++ b/config_app/config_endpoints/api/superuser_models_pre_oci.py
@ -0,0 +1,274 @@
 from data import model
 from config_app.config_endpoints.api.superuser_models_interface import SuperuserDataInterface, User, ServiceKey, Approval
 #
 # def _create_log(log, log_kind):
 #   account_organization = None
 #   account_username = None
 #   account_email = None
 #   account_robot = None
 #   try:
 #     account_organization = log.account.organization
 #     account_username = log.account.username
 #     account_email = log.account.email
 #     account_robot = log.account.robot
 #   except AttributeError:
 #     pass
 #
 #   performer_robot = None
 #   performer_username = None
 #   performer_email = None
 #
 #   try:
 #     performer_robot = log.performer.robot
 #     performer_username = log.performer.username
 #     performer_email = log.performer.email
 #   except AttributeError:
 #     pass
 #
 #   return LogEntry(log.metadata_json, log.ip, log.datetime, performer_email, performer_username,
 #                   performer_robot, account_organization, account_username,
 #                   account_email, account_robot, log_kind[log.kind_id])
 def _create_user(user):
    if user is None:
        return None
    return User(user.username, user.email, user.verified, user.enabled, user.robot)
 def _create_key(key):
    approval = None
    if key.approval is not None:
        approval = Approval(_create_user(key.approval.approver), key.approval.approval_type, key.approval.approved_date,
                            key.approval.notes)
    return ServiceKey(key.name, key.kid, key.service, key.jwk, key.metadata, key.created_date, key.expiration_date,
                      key.rotation_duration, approval)
 #
 #
 # class ServiceKeyDoesNotExist(Exception):
 #   pass
 #
 #
 # class ServiceKeyAlreadyApproved(Exception):
 #   pass
 #
 #
 # class InvalidRepositoryBuildException(Exception):
 #   pass
 class PreOCIModel(SuperuserDataInterface):
    """
    PreOCIModel implements the data model for the SuperUser using a database schema
    before it was changed to support the OCI specification.
    """
    def get_logs_query(self, start_time, end_time, page_token=None):
        pass
    def get_aggregated_logs(self, start_time, end_time):
        pass
    def get_organizations(self):
        pass
    def get_active_users(self):
        pass
    def create_install_user(self, username, password, email):
        pass
    def get_nonrobot_user(self, username):
        pass
    def create_reset_password_email_code(self, email):
        pass
    def mark_user_for_deletion(self, username):
        pass
    def change_password(self, username, password):
        pass
    def update_email(self, username, email, auto_verify):
        pass
    def update_enabled(self, username, enabled):
        pass
    def take_ownership(self, namespace, authed_user):
        pass
    def mark_organization_for_deletion(self, name):
        pass
    def change_organization_name(self, old_org_name, new_org_name):
        pass
    def generate_service_key(self, service, expiration_date, kid=None, name='', metadata=None, rotation_duration=None):
        pass
    def approve_service_key(self, kid, approver, approval_type, notes=''):
        pass
    def get_service_key(self, kid, service=None, alive_only=True, approved_only=True):
        pass
    def set_key_expiration(self, kid, expiration_date):
        pass
    def update_service_key(self, kid, name=None, metadata=None):
        pass
    def delete_service_key(self, kid):
        pass
    def get_repository_build(self, uuid):
        pass
    # def get_repository_build(self, uuid):
    #     try:
    #         build = model.build.get_repository_build(uuid)
    #     except model.InvalidRepositoryBuildException as e:
    #         raise InvalidRepositoryBuildException(e.message)
    #
    #     repo_namespace = build.repository_namespace_user_username
    #     repo_name = build.repository_name
    #
    #     can_read = ReadRepositoryPermission(repo_namespace, repo_name).can()
    #     can_write = ModifyRepositoryPermission(repo_namespace, repo_name).can()
    #     can_admin = AdministerRepositoryPermission(repo_namespace, repo_name).can()
    #     job_config = get_job_config(build.job_config)
    #     phase, status, error = _get_build_status(build)
    #     url = userfiles.get_file_url(self.resource_key, request.remote_addr, requires_cors=True)
    #
    #     return RepositoryBuild(build.uuid, build.logs_archived, repo_namespace, repo_name, can_write, can_read,
    #                            _create_user(build.pull_robot), build.resource_key,
    #                            BuildTrigger(build.trigger.uuid, build.trigger.service.name,
    #                                         _create_user(build.trigger.pull_robot), can_read, can_admin, True),
    #                            build.display_name, build.display_name, build.started, job_config, phase, status, error, url)
    #
    # def delete_service_key(self, kid):
    #     try:
    #         key = model.service_keys.delete_service_key(kid)
    #     except model.ServiceKeyDoesNotExist:
    #         raise ServiceKeyDoesNotExist
    #     return _create_key(key)
    #
    # def update_service_key(self, kid, name=None, metadata=None):
    #     model.service_keys.update_service_key(kid, name, metadata)
    #
    # def set_key_expiration(self, kid, expiration_date):
    #     model.service_keys.set_key_expiration(kid, expiration_date)
    #
    # def get_service_key(self, kid, service=None, alive_only=True, approved_only=True):
    #     try:
    #         key = model.service_keys.get_service_key(kid, approved_only=approved_only, alive_only=alive_only)
    #         return _create_key(key)
    #     except model.ServiceKeyDoesNotExist:
    #         raise ServiceKeyDoesNotExist
    #
    # def approve_service_key(self, kid, approver, approval_type, notes=''):
    #     try:
    #         key = model.service_keys.approve_service_key(kid, approver, approval_type, notes=notes)
    #         return _create_key(key)
    #     except model.ServiceKeyDoesNotExist:
    #         raise ServiceKeyDoesNotExist
    #     except model.ServiceKeyAlreadyApproved:
    #         raise ServiceKeyAlreadyApproved
    #
    # def generate_service_key(self, service, expiration_date, kid=None, name='', metadata=None, rotation_duration=None):
    #     (private_key, key) = model.service_keys.generate_service_key(service, expiration_date, metadata=metadata, name=name)
    #
    #     return private_key, key.kid
    def list_all_service_keys(self):
        keys = model.service_keys.list_all_keys()
        return [_create_key(key) for key in keys]
    # def change_organization_name(self, old_org_name, new_org_name):
    #     org = model.organization.get_organization(old_org_name)
    #     if new_org_name is not None:
    #         org = model.user.change_username(org.id, new_org_name)
    #
    #     return Organization(org.username, org.email)
    #
    # def mark_organization_for_deletion(self, name):
    #     org = model.organization.get_organization(name)
    #     model.user.mark_namespace_for_deletion(org, all_queues, namespace_gc_queue, force=True)
    #
    # def take_ownership(self, namespace, authed_user):
    #     entity = model.user.get_user_or_org(namespace)
    #     if entity is None:
    #         return None, False
    #
    #     was_user = not entity.organization
    #     if entity.organization:
    #         # Add the superuser as an admin to the owners team of the org.
    #         model.organization.add_user_as_admin(authed_user, entity)
    #     else:
    #         # If the entity is a user, convert it to an organization and add the current superuser
    #         # as the admin.
    #         model.organization.convert_user_to_organization(entity, authed_user)
    #     return entity.id, was_user
    #
    # def update_enabled(self, username, enabled):
    #     user = model.user.get_nonrobot_user(username)
    #     model.user.update_enabled(user, bool(enabled))
    #
    # def update_email(self, username, email, auto_verify):
    #     user = model.user.get_nonrobot_user(username)
    #     model.user.update_email(user, email, auto_verify)
    #
    # def change_password(self, username, password):
    #     user = model.user.get_nonrobot_user(username)
    #     model.user.change_password(user, password)
    #
    # def mark_user_for_deletion(self, username):
    #     user = model.user.get_nonrobot_user(username)
    #     model.user.mark_namespace_for_deletion(user, all_queues, namespace_gc_queue, force=True)
    #
    # def create_reset_password_email_code(self, email):
    #     code = model.user.create_reset_password_email_code(email)
    #     return code.code
    #
    # def get_nonrobot_user(self, username):
    #     user = model.user.get_nonrobot_user(username)
    #     if user is None:
    #         return None
    #     return _create_user(user)
    #
    # def create_install_user(self, username, password, email):
    #     prompts = model.user.get_default_user_prompts(features)
    #     user = model.user.create_user(username, password, email, auto_verify=not features.MAILING,
    #                                   email_required=features.MAILING, prompts=prompts)
    #
    #     return_user = _create_user(user)
    #     # If mailing is turned on, send the user a verification email.
    #     if features.MAILING:
    #         confirmation = model.user.create_confirm_email_code(user)
    #         return return_user, confirmation.code
    #     return return_user, ''
    #
    # def get_active_users(self, disabled=True):
    #     users = model.user.get_active_users(disabled=disabled)
    #     return [_create_user(user) for user in users]
    #
    # def get_organizations(self):
    #     return [Organization(org.username, org.email) for org in model.organization.get_organizations()]
    #
    # def get_aggregated_logs(self, start_time, end_time):
    #     aggregated_logs = model.log.get_aggregated_logs(start_time, end_time)
    #     return [AggregatedLogEntry(log.count, log.kind_id, log.day, start_time) for log in aggregated_logs]
    #
    # def get_logs_query(self, start_time, end_time, page_token=None):
    #     logs_query = model.log.get_logs_query(start_time, end_time)
    #     logs, next_page_token = model.modelutil.paginate(logs_query, database.LogEntry, descending=True,
    #                                                      page_token=page_token, limit=20)
    #     kinds = model.log.get_log_entry_kinds()
    #     return LogEntryPage([_create_log(log, kinds) for log in logs], next_page_token)
 pre_oci_model = PreOCIModel()
--- a/config_app/config_endpoints/api/user.py
+++ b/config_app/config_endpoints/api/user.py
@ -1,4 +1,4 @@
-from config_endpoints.api import resource, ApiResource, nickname
+from config_app.config_endpoints.api import resource, ApiResource, nickname
@resource('/v1/user/')
--- a/config_app/config_endpoints/setup_web.py
+++ b/config_app/config_endpoints/setup_web.py
@ -1,6 +1,6 @@
 from flask import Blueprint
-from config_endpoints.common import render_page_template
+from config_app.config_endpoints.common import render_page_template
-from config_endpoints.api.discovery import generate_route_data
+from config_app.config_endpoints.api.discovery import generate_route_data
 # from config_util.cache import no_cache
--- a/config_app/config_util/config/init.py
+++ b/config_app/config_util/config/init.py
@ -1,6 +1,6 @@
-from config_util.config.fileprovider import FileConfigProvider
+from config_app.config_util.config.fileprovider import FileConfigProvider
-from config_util.config.testprovider import TestConfigProvider
+from config_app.config_util.config.testprovider import TestConfigProvider
-from config_util.config.k8sprovider import KubernetesConfigProvider
+from config_app.config_util.config.k8sprovider import KubernetesConfigProvider
 def get_config_provider(config_volume, yaml_filename, py_filename, testing=False, kubernetes=False):
--- a/config_app/config_util/config/basefileprovider.py
+++ b/config_app/config_util/config/basefileprovider.py
@ -1,7 +1,7 @@
 import os
 import logging
-from config_util.config.baseprovider import (BaseProvider, import_yaml, export_yaml,
+from config_app.config_util.config.baseprovider import (BaseProvider, import_yaml, export_yaml,
                                               CannotWriteConfigException)
 logger = logging.getLogger(__name__)
--- a/config_app/config_util/config/baseprovider.py
+++ b/config_app/config_util/config/baseprovider.py
@ -6,7 +6,7 @@ from six import add_metaclass
 from jsonschema import validate, ValidationError
-from config_util.config.schema import CONFIG_SCHEMA
+from config_app.config_util.config.schema import CONFIG_SCHEMA
 logger = logging.getLogger(__name__)
--- a/config_app/config_util/config/fileprovider.py
+++ b/config_app/config_util/config/fileprovider.py
@ -1,8 +1,8 @@
 import os
 import logging
-from config_util.config.baseprovider import export_yaml, CannotWriteConfigException
+from config_app.config_util.config.baseprovider import export_yaml, CannotWriteConfigException
-from config_util.config.basefileprovider import BaseFileProvider
+from config_app.config_util.config.basefileprovider import BaseFileProvider
 logger = logging.getLogger(__name__)
--- a/config_app/config_util/config/k8sprovider.py
+++ b/config_app/config_util/config/k8sprovider.py
@ -6,8 +6,8 @@ import time
 from requests import Request, Session
-from config_util.config.baseprovider import CannotWriteConfigException, get_yaml
+from config_app.config_util.config.baseprovider import CannotWriteConfigException, get_yaml
-from config_util.config.basefileprovider import BaseFileProvider
+from config_app.config_util.config.basefileprovider import BaseFileProvider
 logger = logging.getLogger(__name__)
--- a/config_app/config_util/config/testprovider.py
+++ b/config_app/config_util/config/testprovider.py
@ -3,7 +3,7 @@ import io
 import os
 from datetime import datetime, timedelta
-from config_util.config.baseprovider import BaseProvider
+from config_app.config_util.config.baseprovider import BaseProvider
 REAL_FILES = ['test/data/signing-private.gpg', 'test/data/signing-public.gpg', 'test/data/test.pem']
--- a/config_app/config_web.py
+++ b/config_app/config_web.py
@ -1,6 +1,6 @@
-from config_app import app as application
+from config_app.c_app import app as application
-from config_endpoints.api import api_bp
+from config_app.config_endpoints.api import api_bp
-from config_endpoints.setup_web import setup_web
+from config_app.config_endpoints.setup_web import setup_web
 application.register_blueprint(setup_web)
`@ -1,3 +1,3 @@`
	`app: PYTHONPATH="./" gunicorn -c conf/gunicorn_local.py config_application:application`	`app: PYTHONPATH="../" gunicorn -c conf/gunicorn_local.py config_application:application`
	`# webpack: npm run watch-config-app`	`# webpack: npm run watch-config-app`
`@ -1,4 +1,4 @@`
	`from config_endpoints.api import resource, ApiResource, nickname`	`from config_app.config_endpoints.api import resource, ApiResource, nickname`


	`@resource('/v1/user/')`	`@resource('/v1/user/')`