graphql-engine/server/graphql-engine.cabal

489 lines
19 KiB
Plaintext
Raw Normal View History

cabal-version: 2.2
2018-06-27 16:11:32 +03:00
name: graphql-engine
version: 1.0.0
synopsis: GraphQL API over Postgres
homepage: https://www.hasura.io
license: Apache-2.0
2018-06-27 16:11:32 +03:00
author: Vamshi Surabhi
maintainer: vamshi@hasura.io
copyright: Hasura Inc.
2018-06-27 16:11:32 +03:00
category: Database
build-type: Simple
source-repository head
type: git
location: https://github.com/hasura/graphql-engine
flag developer
description: Enable support for development-only APIs
2019-04-17 12:48:41 +03:00
default: False
manual: True
common common-all
ghc-options:
-fmax-simplifier-iterations=20 -foptimal-applicative-do
-Wall -Wcompat -Wincomplete-record-updates -Wincomplete-uni-patterns -Wredundant-constraints
if flag(developer)
cpp-options: -DDeveloperAPIs
default-language: Haskell2010
default-extensions:
ApplicativeDo BangPatterns BlockArguments ConstraintKinds DataKinds DefaultSignatures DeriveDataTypeable
DeriveFoldable DeriveFunctor DeriveGeneric DeriveLift DeriveTraversable DerivingVia EmptyCase
FlexibleContexts FlexibleInstances FunctionalDependencies GeneralizedNewtypeDeriving
InstanceSigs LambdaCase MultiParamTypeClasses MultiWayIf NamedFieldPuns NoImplicitPrelude
OverloadedStrings QuantifiedConstraints QuasiQuotes RankNTypes RecordWildCards ScopedTypeVariables
StandaloneDeriving TemplateHaskell TupleSections TypeApplications TypeFamilies TypeOperators
RecordWildCards
common common-exe
ghc-options:
-threaded -rtsopts
-- `-I0` disables idle GC. We do this in application code now. See 'ourIdleGC' for details.
-- `-T` is required to collect the stats we use in 'ourIdleGC'.
--
-- `-qn2` limits the parallel GC to at most 2 capabilities. This came up in #3354/#3394, as the
-- parallel GC was causing significant performance overhead. Folks in #ghc on freenode advised
-- limiting the parallel GC to 2 or 3 capabilities as a very conservative choice, since more
-- than that is highly unlikely to ever be helpful. More benchmarking would be useful to know if
-- this is the right decision. Its possible it would better to just turn it off completely.
--
-- `-kc8K` helps limit memory consumption in websockets (perhaps elsewhere) by making the
-- cost of a thread's first (and probably only) stack overflow less severe.
-- See:https://github.com/hasura/graphql-engine/issues/5190
--
-- `--disable-delayed-os-memory-return` seems to help lower reported residency, in particular
-- in situations where we seem to be dealing with haskell heap fragmentation. This is more a
-- workaround for limitations in monitoring tools than anything...
"-with-rtsopts=-N -I0 -T -qn2 -kc8K --disable-delayed-os-memory-return"
2018-06-27 16:11:32 +03:00
library
import: common-all
2018-06-27 16:11:32 +03:00
hs-source-dirs: src-lib
build-depends: base
, bifunctors
, witherable
, validation
, lifted-base
2018-06-27 16:11:32 +03:00
, pg-client
, text
, text-builder >= 0.6
, vector-builder
2018-06-27 16:11:32 +03:00
, bytestring
, postgresql-libpq
, mtl
, aeson
, aeson-casing
, unordered-containers
, template-haskell
, hashable
, transformers
, transformers-base
, http-types
, attoparsec
, attoparsec-iso8601 >= 1.0
, time >= 1.9
2018-06-27 16:11:32 +03:00
, scientific
, Spock-core
, split
, optparse-applicative
, containers
, monad-control
add support for jwt authorization (close #186) (#255) The API: 1. HGE has `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var. The value of which is a JSON. 2. The structure of this JSON is: `{"type": "<standard-JWT-algorithms>", "key": "<the-key>"}` `type` : Standard JWT algos : `HS256`, `RS256`, `RS512` etc. (see jwt.io). `key`: i. Incase of symmetric key, the key as it is. ii. Incase of asymmetric keys, only the public key, in a PEM encoded string or as a X509 certificate. 3. The claims in the JWT token must contain the following: i. `x-hasura-default-role` field: default role of that user ii. `x-hasura-allowed-roles` : A list of allowed roles for the user. The default role is overriden by `x-hasura-role` header. 4. The claims in the JWT token, can have other `x-hasura-*` fields where their values can only be strings. 5. The JWT tokens are sent as `Authorization: Bearer <token>` headers. --- To test: 1. Generate a shared secret (for HMAC-SHA256) or RSA key pair. 2. Goto https://jwt.io/ , add the keys 3. Edit the claims to have `x-hasura-role` (mandatory) and other `x-hasura-*` fields. Add permissions related to the claims to test permissions. 4. Start HGE with `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var, which takes a JSON string: `{"type": "HS256", "key": "mylongsharedsecret"}` or `{"type":"RS256", "key": "<PEM-encoded-public-key>"}` 5. Copy the JWT token from jwt.io and use it in the `Authorization: Bearer <token>` header. --- TODO: Support EC public keys. It is blocked on frasertweedale/hs-jose#61
2018-08-30 13:32:09 +03:00
, monad-time
, monad-validate
2018-06-27 16:11:32 +03:00
, fast-logger
, wai
, postgresql-binary
, process
, http-client-tls
, profunctors
, deepseq
, dependent-map >=0.2.4 && <0.4
, dependent-sum >=0.4 && <0.5
, exceptions
, these
, semialign
2018-06-27 16:11:32 +03:00
-- Encoder related
, uuid
, vector
, vector-builder
2018-06-27 16:11:32 +03:00
-- Logging related
, network
, byteorder
-- for parsing RSA keys
2018-06-27 16:11:32 +03:00
, cryptonite
add support for jwt authorization (close #186) (#255) The API: 1. HGE has `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var. The value of which is a JSON. 2. The structure of this JSON is: `{"type": "<standard-JWT-algorithms>", "key": "<the-key>"}` `type` : Standard JWT algos : `HS256`, `RS256`, `RS512` etc. (see jwt.io). `key`: i. Incase of symmetric key, the key as it is. ii. Incase of asymmetric keys, only the public key, in a PEM encoded string or as a X509 certificate. 3. The claims in the JWT token must contain the following: i. `x-hasura-default-role` field: default role of that user ii. `x-hasura-allowed-roles` : A list of allowed roles for the user. The default role is overriden by `x-hasura-role` header. 4. The claims in the JWT token, can have other `x-hasura-*` fields where their values can only be strings. 5. The JWT tokens are sent as `Authorization: Bearer <token>` headers. --- To test: 1. Generate a shared secret (for HMAC-SHA256) or RSA key pair. 2. Goto https://jwt.io/ , add the keys 3. Edit the claims to have `x-hasura-role` (mandatory) and other `x-hasura-*` fields. Add permissions related to the claims to test permissions. 4. Start HGE with `--jwt-secret` flag or `HASURA_GRAPHQL_JWT_SECRET` env var, which takes a JSON string: `{"type": "HS256", "key": "mylongsharedsecret"}` or `{"type":"RS256", "key": "<PEM-encoded-public-key>"}` 5. Copy the JWT token from jwt.io and use it in the `Authorization: Bearer <token>` header. --- TODO: Support EC public keys. It is blocked on frasertweedale/hs-jose#61
2018-08-30 13:32:09 +03:00
-- for jwt verification
, jose
, pem
, x509
, asn1-encoding
, asn1-types
2018-06-27 16:11:32 +03:00
-- Server related
, warp
, th-lift-instances
, lens
-- GraphQL related
, graphql-parser
-- URL parser related
, network-uri
, uri-encode
2018-06-27 16:11:32 +03:00
-- String related
, case-insensitive
, text-conversions
2018-06-27 16:11:32 +03:00
-- Http client
, wreq
, http-client
-- ordered map
, insert-ordered-containers
-- Parsing SemVer
, semver
-- Templating
, mustache
2018-09-05 14:26:46 +03:00
, file-embed
, shakespeare >= 2.0.22
2018-06-27 16:11:32 +03:00
--
, data-has
-- for src-exec
, yaml
, template-haskell >= 2.11
2018-06-27 16:11:32 +03:00
-- websockets interface related
, websockets
, wai-websockets
, stm
, stm-containers
, list-t
, async
, lifted-async
, immortal < 0.3
-- logging related
, base64-bytestring >= 1.0
, auto-update
-- regex related
, regex-tdfa >=1.3.1 && <1.4
-- pretty printer
, ansi-wl-pprint
-- for capturing various metrics
2019-04-17 12:48:41 +03:00
, ekg-core
, ekg-json
2019-04-17 12:48:41 +03:00
-- metrics for CI integration
, ci-info
-- serve static files
, filepath >= 1.4
, mime-types >= 0.1
-- for handling posix signals for graceful shutdown
, unix
-- HTTP compression
, zlib
-- caching
, psqueues >= 0.2
-- testing
, QuickCheck
, generic-arbitrary
, quickcheck-instances
-- 0.6.1 is supposedly not okay for ghc 8.6:
-- https://github.com/nomeata/ghc-heap-view/issues/27
, ghc-heap-view
, directory
, random
, mmorph
, http-api-data
, lens-aeson
, safe
, semigroups >= 0.19.1
-- scheduled triggers
, cron >= 0.6.2
exposed-modules: Control.Arrow.Extended
, Control.Arrow.Trans
, Control.Concurrent.Extended
, Control.Lens.Extended
, Control.Monad.Stateless
, Control.Monad.Unique
, Data.Aeson.Extended
, Data.Aeson.Ordered
, Data.Environment
, Data.HashMap.Strict.Extended
, Data.HashMap.Strict.InsOrd.Extended
, Data.List.Extended
, Data.Parser.CacheControl
, Data.Parser.Expires
, Data.Parser.JSONPath
, Data.Sequence.NonEmpty
, Data.TByteString
, Data.Text.Extended
, Data.Time.Clock.Units
allow custom mutations through actions (#3042) * basic doc for actions * custom_types, sync and async actions * switch to graphql-parser-hs on github * update docs * metadata import/export * webhook calls are now supported * relationships in sync actions * initialise.sql is now in sync with the migration file * fix metadata tests * allow specifying arguments of actions * fix blacklist check on check_build_worthiness job * track custom_types and actions related tables * handlers are now triggered on async actions * default to pgjson unless a field is involved in relationships, for generating definition list * use 'true' for action filter for non admin role * fix create_action_permission sql query * drop permissions when dropping an action * add a hdb_role view (and relationships) to fetch all roles in the system * rename 'webhook' key in action definition to 'handler' * allow templating actions wehook URLs with env vars * add 'update_action' /v1/query type * allow forwarding client headers by setting `forward_client_headers` in action definition * add 'headers' configuration in action definition * handle webhook error response based on status codes * support array relationships for custom types * implement single row mutation, see https://github.com/hasura/graphql-engine/issues/3731 * single row mutation: rename 'pk_columns' -> 'columns' and no-op refactor * use top level primary key inputs for delete_by_pk & account select permissions for single row mutations * use only REST semantics to resolve the webhook response * use 'pk_columns' instead of 'columns' for update_by_pk input * add python basic tests for single row mutations * add action context (name) in webhook payload * Async action response is accessible for non admin roles only if the request session vars equals to action's * clean nulls, empty arrays for actions, custom types in export metadata * async action mutation returns only the UUID of the action * unit tests for URL template parser * Basic sync actions python tests * fix output in async query & add async tests * add admin secret header in async actions python test * document async action architecture in Resolve/Action.hs file * support actions returning array of objects * tests for list type response actions * update docs with actions and custom types metadata API reference * update actions python tests as per #f8e1330 Co-authored-by: Tirumarai Selvan <tirumarai.selvan@gmail.com> Co-authored-by: Aravind Shankar <face11301@gmail.com> Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-02-13 20:38:23 +03:00
, Data.URL.Template
, Hasura.App
, Hasura.Cache.Bounded
, Hasura.Db
, Hasura.EncJSON
, Hasura.Eventing.Common
, Hasura.Eventing.EventTrigger
, Hasura.Eventing.HTTP
, Hasura.Eventing.ScheduledTrigger
, Hasura.GraphQL.Context
, Hasura.GraphQL.Execute
, Hasura.GraphQL.Execute.LiveQuery
, Hasura.GraphQL.Execute.LiveQuery.Options
, Hasura.GraphQL.Execute.LiveQuery.Plan
, Hasura.GraphQL.Execute.LiveQuery.Poll
, Hasura.GraphQL.Execute.LiveQuery.State
, Hasura.GraphQL.Execute.LiveQuery.TMap
, Hasura.GraphQL.Execute.Plan
, Hasura.GraphQL.Execute.Query
, Hasura.GraphQL.Explain
, Hasura.GraphQL.Logging
, Hasura.GraphQL.NormalForm
, Hasura.GraphQL.RelaySchema
, Hasura.GraphQL.RemoteServer
, Hasura.GraphQL.Resolve
, Hasura.GraphQL.Resolve.Action
, Hasura.GraphQL.Resolve.BoolExp
, Hasura.GraphQL.Resolve.Context
, Hasura.GraphQL.Resolve.InputValue
, Hasura.GraphQL.Resolve.Insert
, Hasura.GraphQL.Resolve.Introspect
, Hasura.GraphQL.Resolve.Mutation
, Hasura.GraphQL.Resolve.Select
, Hasura.GraphQL.Resolve.Types
, Hasura.GraphQL.Schema
, Hasura.GraphQL.Schema.Action
, Hasura.GraphQL.Schema.BoolExp
, Hasura.GraphQL.Schema.Builder
, Hasura.GraphQL.Schema.Common
, Hasura.GraphQL.Schema.CustomTypes
, Hasura.GraphQL.Schema.Function
, Hasura.GraphQL.Schema.Merge
, Hasura.GraphQL.Schema.Mutation.Common
, Hasura.GraphQL.Schema.Mutation.Delete
, Hasura.GraphQL.Schema.Mutation.Insert
, Hasura.GraphQL.Schema.Mutation.Update
, Hasura.GraphQL.Schema.OrderBy
, Hasura.GraphQL.Schema.Select
, Hasura.GraphQL.Transport.HTTP
, Hasura.GraphQL.Transport.HTTP.Protocol
, Hasura.GraphQL.Transport.WebSocket
, Hasura.GraphQL.Transport.WebSocket.Protocol
, Hasura.GraphQL.Transport.WebSocket.Server
, Hasura.GraphQL.Utils
, Hasura.GraphQL.Validate
, Hasura.GraphQL.Validate.Context
, Hasura.GraphQL.Validate.InputValue
, Hasura.GraphQL.Validate.SelectionSet
, Hasura.GraphQL.Validate.Types
, Hasura.HTTP
, Hasura.Incremental
, Hasura.Incremental.Internal.Cache
, Hasura.Incremental.Internal.Dependency
, Hasura.Incremental.Internal.Rule
, Hasura.Incremental.Select
, Hasura.Logging
, Hasura.Prelude
, Hasura.RQL.DDL.Action
, Hasura.RQL.DDL.ComputedField
, Hasura.RQL.DDL.CustomTypes
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DDL.Deps
, Hasura.RQL.DDL.EventTrigger
, Hasura.RQL.DDL.Headers
, Hasura.RQL.DDL.Metadata
, Hasura.RQL.DDL.Metadata.Generator
, Hasura.RQL.DDL.Metadata.Types
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DDL.Permission
, Hasura.RQL.DDL.Permission.Internal
, Hasura.RQL.DDL.QueryCollection
, Hasura.RQL.DDL.Relationship
, Hasura.RQL.DDL.Relationship.Rename
, Hasura.RQL.DDL.Relationship.Types
, Hasura.RQL.DDL.RemoteRelationship
, Hasura.RQL.DDL.RemoteRelationship.Validate
, Hasura.RQL.DDL.RemoteSchema
, Hasura.RQL.DDL.ScheduledTrigger
, Hasura.RQL.DDL.Schema
, Hasura.RQL.DDL.Schema.Cache
, Hasura.RQL.DDL.Schema.Cache.Common
, Hasura.RQL.DDL.Schema.Cache.Dependencies
, Hasura.RQL.DDL.Schema.Cache.Fields
, Hasura.RQL.DDL.Schema.Cache.Permission
, Hasura.RQL.DDL.Schema.Catalog
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DDL.Schema.Diff
, Hasura.RQL.DDL.Schema.Enum
, Hasura.RQL.DDL.Schema.Function
, Hasura.RQL.DDL.Schema.Rename
, Hasura.RQL.DDL.Schema.Table
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DDL.Utils
, Hasura.RQL.DML.Count
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DML.Delete
, Hasura.RQL.DML.Insert
, Hasura.RQL.DML.Internal
, Hasura.RQL.DML.Mutation
, Hasura.RQL.DML.RemoteJoin
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DML.Returning
, Hasura.RQL.DML.Select
, Hasura.RQL.DML.Select.Internal
, Hasura.RQL.DML.Select.Types
2018-06-27 16:11:32 +03:00
, Hasura.RQL.DML.Update
, Hasura.RQL.GBoolExp
, Hasura.RQL.Instances
, Hasura.RQL.Types
, Hasura.RQL.Types.Action
, Hasura.RQL.Types.BoolExp
, Hasura.RQL.Types.Catalog
, Hasura.RQL.Types.Column
, Hasura.RQL.Types.Common
, Hasura.RQL.Types.ComputedField
, Hasura.RQL.Types.CustomTypes
, Hasura.RQL.Types.DML
, Hasura.RQL.Types.Error
, Hasura.RQL.Types.EventTrigger
, Hasura.RQL.Types.Function
, Hasura.RQL.Types.Metadata
, Hasura.RQL.Types.Permission
, Hasura.RQL.Types.QueryCollection
, Hasura.RQL.Types.RemoteRelationship
, Hasura.RQL.Types.RemoteSchema
, Hasura.RQL.Types.Run
, Hasura.RQL.Types.ScheduledTrigger
, Hasura.RQL.Types.SchemaCache
, Hasura.RQL.Types.SchemaCache.Build
, Hasura.RQL.Types.SchemaCacheTypes
, Hasura.RQL.Types.Table
, Hasura.Server.API.Config
, Hasura.Server.API.PGDump
, Hasura.Server.API.Query
, Hasura.Server.App
, Hasura.Server.Auth
, Hasura.Server.Auth.JWT
, Hasura.Server.Auth.JWT.Internal
, Hasura.Server.Auth.JWT.Logging
, Hasura.Server.Auth.WebHook
, Hasura.Server.CheckUpdates
, Hasura.Server.Compression
, Hasura.Server.Cors
, Hasura.Server.Init
, Hasura.Server.Init.Config
, Hasura.Server.Logging
, Hasura.Server.Middleware
, Hasura.Server.Migrate
, Hasura.Server.Migrate.Version
, Hasura.Server.SchemaUpdate
, Hasura.Server.Telemetry
, Hasura.Server.Telemetry.Counters
, Hasura.Server.Utils
, Hasura.Server.Version
, Hasura.Session
2018-06-27 16:11:32 +03:00
, Hasura.SQL.DML
, Hasura.SQL.Error
2018-06-27 16:11:32 +03:00
, Hasura.SQL.GeoJSON
, Hasura.SQL.Rewrite
, Hasura.SQL.Time
, Hasura.SQL.Types
, Hasura.SQL.Value
, Hasura.Tracing
, Network.URI.Extended
, Network.Wai.Extended
, Network.Wai.Handler.WebSockets.Custom
2018-06-27 16:11:32 +03:00
executable graphql-engine
import: common-all, common-exe
2018-06-27 16:11:32 +03:00
hs-source-dirs: src-exec
main-is: Main.hs
build-depends: base
, graphql-engine
, bytestring
, pg-client
, text
, text-conversions
, unix
test-suite graphql-engine-tests
import: common-all, common-exe
type: exitcode-stdio-1.0
build-depends:
, aeson
, base
, bytestring
, graphql-engine
, hspec >=2.6.1 && <3
, hspec-core >=2.6.1 && <3
, hspec-expectations-lifted
, http-client
, http-types
, http-client-tls
, jose
, lifted-base
, monad-control
, mtl
, natural-transformation >=0.4 && <0.5
, optparse-applicative
, pg-client
, process
, QuickCheck
, safe
, split
, time
, transformers-base
, unordered-containers
, text
hs-source-dirs: src-test
main-is: Main.hs
other-modules:
Data.Parser.CacheControlSpec
allow custom mutations through actions (#3042) * basic doc for actions * custom_types, sync and async actions * switch to graphql-parser-hs on github * update docs * metadata import/export * webhook calls are now supported * relationships in sync actions * initialise.sql is now in sync with the migration file * fix metadata tests * allow specifying arguments of actions * fix blacklist check on check_build_worthiness job * track custom_types and actions related tables * handlers are now triggered on async actions * default to pgjson unless a field is involved in relationships, for generating definition list * use 'true' for action filter for non admin role * fix create_action_permission sql query * drop permissions when dropping an action * add a hdb_role view (and relationships) to fetch all roles in the system * rename 'webhook' key in action definition to 'handler' * allow templating actions wehook URLs with env vars * add 'update_action' /v1/query type * allow forwarding client headers by setting `forward_client_headers` in action definition * add 'headers' configuration in action definition * handle webhook error response based on status codes * support array relationships for custom types * implement single row mutation, see https://github.com/hasura/graphql-engine/issues/3731 * single row mutation: rename 'pk_columns' -> 'columns' and no-op refactor * use top level primary key inputs for delete_by_pk & account select permissions for single row mutations * use only REST semantics to resolve the webhook response * use 'pk_columns' instead of 'columns' for update_by_pk input * add python basic tests for single row mutations * add action context (name) in webhook payload * Async action response is accessible for non admin roles only if the request session vars equals to action's * clean nulls, empty arrays for actions, custom types in export metadata * async action mutation returns only the UUID of the action * unit tests for URL template parser * Basic sync actions python tests * fix output in async query & add async tests * add admin secret header in async actions python test * document async action architecture in Resolve/Action.hs file * support actions returning array of objects * tests for list type response actions * update docs with actions and custom types metadata API reference * update actions python tests as per #f8e1330 Co-authored-by: Tirumarai Selvan <tirumarai.selvan@gmail.com> Co-authored-by: Aravind Shankar <face11301@gmail.com> Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com>
2020-02-13 20:38:23 +03:00
Data.Parser.URLTemplate
Data.Parser.JSONPathSpec
Data.TimeSpec
Hasura.IncrementalSpec
Hasura.RQL.MetadataSpec
Hasura.Server.MigrateSpec
Hasura.Server.TelemetrySpec
Hasura.CacheBoundedSpec
Hasura.Server.AuthSpec
-- Benchmarks related to caching (e.g. the plan cache).
--
-- NOTE: Some of these are very slow and can only be reasonably run with `cache -n 1` for now.
benchmark cache
import: common-all, common-exe
type: exitcode-stdio-1.0
main-is: Main.hs
hs-source-dirs: src-bench-cache
build-depends: base
, criterion
, mwc-random
, mwc-probability
, vector
, deepseq
, graphql-engine
, split
, async
, text
, bytestring