TLDR;
The philosophy of CLI usage is "fire and forget" and "best effort". You
can opt out by setting `ARCADE_USAGE_TRACKING=0`.
We are capturing two events: `CLI execution succeeded` and `CLI
execution failed`. Reporting to PostHog is a short lived (maximum 10
seconds) subprocess that does not block the main CLI execution process.
`~/.arcade/usage.json` persists two values `anon_id` and
`linked_principal_id`. The logged in status of the CLI user determines
which ID is used. Upon `arcade login`, the `anon_id` is aliased with
`linked_principal_id`. Upon `arcade logout` the `linked_principal_id` is
removed and the `anon_id` is rotated.
## CLI Usage Tracking - How It Works
The usage tracking system implements an identity management and event
tracking pipeline. Here's how the pieces work together:
### **Identity State Management (`usage.json`)**
The system maintains a persistent identity file at
`~/.arcade/usage.json` with this structure:
```json
{
"anon_id": "uuid",
"linked_principal_id": "uuid" | null
}
```
**Key mechanics:**
- **`anon_id`**: Generated once on first CLI use and persists across
sessions. This UUID tracks all anonymous activity.
- **`linked_principal_id`**: Initially `null`. Once the user logs in and
we successfully alias their identity, this field stores their
`principal_id` to indicate this `anon_id` has been linked.
- **Atomic writes**: All updates use a temp file + atomic rename pattern
to prevent corruption from concurrent CLI processes
- **File locking**: Uses `fcntl` (Unix) to coordinate reads/writes
across multiple simultaneous CLI invocations
- **In-memory cache**: The `UsageIdentity` class caches the loaded data
to avoid repeated file I/O within a single CLI invocation
### **Identity Resolution Flow**
When tracking an event, the system determines the `distinct_id` (who to
attribute the event to) via this waterfall:
1. **Check `linked_principal_id`** in `usage.json`
- If present → use it (user was previously aliased)
- This is the fastest path and avoids API calls
2. **Fetch `principal_id` from Arcade Cloud API**
- Makes HTTP request to `/api/v1/auth/validate` with the user's API key
from `~/.arcade/credentials.yaml`
- If authenticated → returns `principal_id`
- Has 2s timeout for responsiveness
3. **Fall back to `anon_id`**
- If not authenticated or API call fails → use anonymous ID
- Marks event with `is_anon=True` flag
### **The Aliasing Lifecycle**
PostHog aliasing links anonymous activity to authenticated users. Here's
the state machine:
#### **Stage 1: Anonymous User**
```
usage.json: { "anon_id": "abc-123", "linked_principal_id": null }
All events → sent with distinct_id="abc-123" and is_anon=True
```
#### **Stage 2: Login Event**
1. User runs `arcade login`
2. Command completes successfully (auth token saved)
3. `CommandTracker` detects successful login
4. Fetches `principal_id` from API
5. Checks `should_alias()` → returns `True` because
`linked_principal_id` is `null`
6. **Calls `alias()` synchronously** (blocking):
```python
posthog.alias(previous_id="abc-123", distinct_id="zyx-321")
```
7. Updates `usage.json`:
```json
{ "anon_id": "abc-123", "linked_principal_id": "zyx-321" }
```
8. PostHog backend merges all events with `distinct_id="abc-123"` into
the user profile for `"zyx-321"`
#### **Stage 3: Authenticated User**
```
usage.json: { "anon_id": "abc-123", "linked_principal_id": "zyx-321" }
All events → sent with distinct_id="zyx-321" and is_anon=False
```
- Events are directly attributed to the authenticated user
- No more API calls needed (uses cached `linked_principal_id`)
#### **Stage 4: Logout Event**
1. User runs `arcade logout`
2. Logout event is sent with the authenticated `distinct_id`
3. `CommandTracker` detects successful logout
4. **Rotates identity** by calling `reset_to_anonymous()`:
```json
{ "anon_id": "xyz-789", "linked_principal_id": null }
```
5. New `anon_id` prevents cross-contamination if another user logs in
### **Critical Constraint: Alias Timing**
PostHog requires that `alias()` is called **BEFORE** any events are sent
with the new `distinct_id`. This is why:
- **`alias()` is synchronous (blocking)**: Guarantees it completes
before the login success event is sent
- **Subsequent events use `linked_principal_id`**: Once aliased, all
future events use the authenticated ID
- **Lazy aliasing**: If a user authenticates via another mechanism (not
through `arcade login`), the system detects this on the next command and
performs aliasing before sending that command's event
### **Event Capture Pipeline**
When `CommandTracker.track_command_execution()` is called:
1. **Resolve identity** → determines `distinct_id` and `is_anon` flag
2. **Build event properties**:
```python
{
"command_name": "toolkit.run",
"cli_version": "1.2.3",
"python_version": "3.11.0",
"os_type": "Darwin",
"os_release": "23.4.0",
"duration": 1250.42, # milliseconds
"error_message": "..." # if failed
}
```
3. **Call `UsageService.capture()`**:
- Serializes event data to JSON
- Spawns detached subprocess: `python -m arcade_cli.usage`
- Passes data via `ARCADE_USAGE_EVENT_DATA` env var
- **Returns immediately** (non-blocking)
4. **Detached subprocess (`__main__.py`)**:
- Runs independently, survives parent CLI exit
- Deserializes event data
- If `is_anon=True`, sets `$process_person_profile=False` (tells PostHog
not to create a full profile)
- Sends event to PostHog with 5s timeout
- Exits (hard exit after 10s max via timeout thread)
### **Concurrency Handling**
Multiple CLI processes can run simultaneously. The system handles this
via:
- **File locking** on `usage.json` (shared lock for reads, exclusive for
writes)
- **Atomic writes** via temp files ensure incomplete writes never
corrupt the file
- **Idempotent aliasing**: `should_alias()` prevents redundant alias
calls
### **Edge Cases Handled**
1. **Side-channel authentication**: User authenticates outside of
`arcade login` (e.g., manually editing credentials)
- Detected via "lazy aliasing" check on every command
- Performs alias if `linked_principal_id` doesn't match current
`principal_id`
2. **API failures during identity fetch**: Falls back to anonymous
tracking
- 2s timeout prevents hanging
- Silent failure doesn't disrupt CLI
3. **PostHog merge restrictions**: Can't alias returning users who
already have a profile
- System stores `linked_principal_id` to avoid retrying impossible
aliases
- New users (never logged in before) get full history stitched
4. **Multiple accounts on same machine**: Logout rotates `anon_id`
- User A's anonymous activity won't leak into User B's profile
### **Privacy & Performance**
- **Opt-out**: `ARCADE_USAGE_TRACKING=0` disables all tracking
- **Non-blocking**: Events never slow down CLI (detached subprocess)
- **Anonymous profiles**: `$process_person_profile=False` for `anon_id`
events minimizes data collection
- **Silent failures**: Network issues or PostHog errors never surface to
users
347 lines
11 KiB
Python
347 lines
11 KiB
Python
import httpx
|
|
import typer
|
|
from arcadepy import Arcade, NotFoundError
|
|
from rich.console import Console
|
|
from rich.table import Table
|
|
|
|
from arcade_cli.constants import (
|
|
PROD_CLOUD_HOST,
|
|
PROD_ENGINE_HOST,
|
|
)
|
|
from arcade_cli.usage.command_tracker import TrackedTyper, TrackedTyperGroup
|
|
from arcade_cli.utils import (
|
|
CLIError,
|
|
compute_base_url,
|
|
handle_cli_error,
|
|
validate_and_get_config,
|
|
)
|
|
|
|
console = Console()
|
|
|
|
|
|
app = TrackedTyper(
|
|
cls=TrackedTyperGroup,
|
|
add_completion=False,
|
|
no_args_is_help=True,
|
|
pretty_exceptions_enable=False,
|
|
pretty_exceptions_show_locals=False,
|
|
pretty_exceptions_short=True,
|
|
)
|
|
|
|
state = {
|
|
"engine_url": compute_base_url(
|
|
host=PROD_ENGINE_HOST, port=None, force_tls=False, force_no_tls=False
|
|
)
|
|
}
|
|
|
|
|
|
@app.callback()
|
|
def main(
|
|
host: str = typer.Option(
|
|
PROD_ENGINE_HOST,
|
|
"--host",
|
|
"-h",
|
|
help="The Arcade Engine host.",
|
|
),
|
|
port: int = typer.Option(
|
|
None,
|
|
"--port",
|
|
"-p",
|
|
help="The port of the Arcade Engine host.",
|
|
),
|
|
force_tls: bool = typer.Option(
|
|
False,
|
|
"--tls",
|
|
help="Whether to force TLS for the connection to the Arcade Engine.",
|
|
),
|
|
force_no_tls: bool = typer.Option(
|
|
False,
|
|
"--no-tls",
|
|
help="Whether to disable TLS for the connection to the Arcade Engine.",
|
|
),
|
|
) -> None:
|
|
"""
|
|
Manage users in the system.
|
|
"""
|
|
engine_url = compute_base_url(force_tls, force_no_tls, host, port)
|
|
state["engine_url"] = engine_url
|
|
|
|
|
|
@app.command("list", help="List all workers")
|
|
def list_workers(
|
|
cloud_host: str = typer.Option(
|
|
PROD_CLOUD_HOST,
|
|
"--cloud-host",
|
|
"-c",
|
|
help="The Arcade Engine host.",
|
|
hidden=True,
|
|
),
|
|
cloud_port: int = typer.Option(
|
|
None,
|
|
"--cloud-port",
|
|
"-cp",
|
|
help="The port of the Arcade Engine host.",
|
|
hidden=True,
|
|
),
|
|
force_tls: bool = typer.Option(
|
|
False,
|
|
"--tls",
|
|
help="Whether to force TLS for the connection to the Arcade Engine.",
|
|
hidden=True,
|
|
),
|
|
force_no_tls: bool = typer.Option(
|
|
False,
|
|
"--no-tls",
|
|
help="Whether to disable TLS for the connection to the Arcade Engine.",
|
|
hidden=True,
|
|
),
|
|
) -> None:
|
|
config = validate_and_get_config()
|
|
engine_url = state["engine_url"]
|
|
client = Arcade(api_key=config.api.key, base_url=engine_url)
|
|
deployments = []
|
|
try:
|
|
cloud_url = compute_base_url(force_tls, force_no_tls, cloud_host, cloud_port)
|
|
cloud_client = httpx.Client(base_url=cloud_url)
|
|
response = cloud_client.get(
|
|
"/api/v1/workers", headers={"Authorization": f"Bearer {config.api.key}"}
|
|
)
|
|
response.raise_for_status()
|
|
deployments = response.json()["data"]["workers"]
|
|
except Exception as e:
|
|
handle_cli_error(f"Failed to list deployed servers: {e}")
|
|
|
|
print_worker_table(client, deployments)
|
|
|
|
|
|
def print_worker_table(client: Arcade, deployments: list[dict]) -> None:
|
|
workers = client.workers.list()
|
|
if not workers.items:
|
|
console.print("No workers found", style="bold red")
|
|
return
|
|
|
|
# Create and print a table of worker information
|
|
table = Table(title="Workers")
|
|
table.add_column("ID")
|
|
table.add_column("Cloud Deployed")
|
|
table.add_column("Engine Registered")
|
|
table.add_column("Enabled")
|
|
table.add_column("Host")
|
|
table.add_column("Toolkits")
|
|
|
|
# Track workers that are registered in the engine
|
|
engine_workers = []
|
|
for worker in workers.items:
|
|
if worker.id is None:
|
|
continue
|
|
engine_workers.append(worker.id)
|
|
# Check if the worker is deployed in the cloud
|
|
is_deployed = is_cloud_deployment(worker.id, deployments)
|
|
# Get the toolkits for the worker
|
|
|
|
tools = get_toolkits(client, worker.id)
|
|
uri = worker.http.uri if worker.http and worker.http.uri else ""
|
|
table.add_row(
|
|
worker.id,
|
|
str(is_deployed),
|
|
str(True),
|
|
str(worker.enabled),
|
|
compare_endpoints(worker.id, uri, deployments),
|
|
"Could not fetch toolkits" if tools == "" else tools,
|
|
)
|
|
for deployment in deployments:
|
|
if deployment["name"] not in engine_workers:
|
|
table.add_row(deployment["name"], "True", "False", "False", deployment["endpoint"], "")
|
|
console.print(table)
|
|
|
|
|
|
# Check if the worker is in the list of cloud deployments
|
|
def is_cloud_deployment(name: str, deployments: list[dict]) -> bool:
|
|
return any(deployment["name"] == name for deployment in deployments)
|
|
|
|
|
|
# Compare the endpoint of the worker in the engine to the endpoint in the cloud
|
|
# Return a highlighted diff if the endpoint in the engine is different from the endpoint in the cloud
|
|
def compare_endpoints(worker_id: str, engine_endpoint: str, deployments: list[dict]) -> str:
|
|
if is_cloud_deployment(worker_id, deployments):
|
|
for deployment in deployments:
|
|
deployment_endpoint = deployment["endpoint"]
|
|
if deployment["name"] == worker_id:
|
|
if deployment_endpoint == engine_endpoint:
|
|
return engine_endpoint
|
|
else:
|
|
return f"[red]Endpoint Mismatch[/red]\n[yellow]Registered Endpoint: {engine_endpoint}[/yellow]\n[green]Actual Endpoint: {deployment_endpoint}[/green]"
|
|
return engine_endpoint
|
|
|
|
|
|
@app.command("enable", help="Enable a worker")
|
|
def enable_worker(
|
|
worker_id: str,
|
|
) -> None:
|
|
config = validate_and_get_config()
|
|
engine_url = state["engine_url"]
|
|
arcade = Arcade(api_key=config.api.key, base_url=engine_url)
|
|
try:
|
|
arcade.workers.update(worker_id, enabled=True)
|
|
except Exception as e:
|
|
handle_cli_error(f"Failed to enable worker '{worker_id}': {e}")
|
|
|
|
|
|
@app.command("disable", help="Disable a worker")
|
|
def disable_worker(
|
|
worker_id: str,
|
|
) -> None:
|
|
config = validate_and_get_config()
|
|
engine_url = state["engine_url"]
|
|
arcade = Arcade(api_key=config.api.key, base_url=engine_url)
|
|
try:
|
|
arcade.workers.update(worker_id, enabled=False)
|
|
except Exception as e:
|
|
handle_cli_error(f"Failed to disable worker '{worker_id}': {e}")
|
|
|
|
|
|
@app.command("rm", help="Remove a worker")
|
|
def rm_worker(
|
|
worker_id: str,
|
|
engine_only: bool = typer.Option(
|
|
False,
|
|
"--deregister",
|
|
"-d",
|
|
help="Deregister the worker from the engine",
|
|
),
|
|
cloud_host: str = typer.Option(
|
|
PROD_CLOUD_HOST,
|
|
"--cloud-host",
|
|
"-c",
|
|
help="The Arcade Engine host.",
|
|
hidden=True,
|
|
),
|
|
cloud_port: int = typer.Option(
|
|
None,
|
|
"--cloud-port",
|
|
"-cp",
|
|
help="The port of the Arcade Engine host.",
|
|
hidden=True,
|
|
),
|
|
force_tls: bool = typer.Option(
|
|
False,
|
|
"--tls",
|
|
help="Whether to force TLS for the connection to the Arcade Engine.",
|
|
hidden=True,
|
|
),
|
|
force_no_tls: bool = typer.Option(
|
|
False,
|
|
"--no-tls",
|
|
help="Whether to disable TLS for the connection to the Arcade Engine.",
|
|
hidden=True,
|
|
),
|
|
) -> None:
|
|
config = validate_and_get_config()
|
|
engine_url = state["engine_url"]
|
|
cloud_url = compute_base_url(force_tls, force_no_tls, cloud_host, cloud_port)
|
|
|
|
# First attempt to delete from the cloud
|
|
if not engine_only:
|
|
try:
|
|
client = httpx.Client()
|
|
response = client.delete(
|
|
f"{cloud_url}/api/v1/workers/{worker_id}",
|
|
headers={"Authorization": f"Bearer {config.api.key}"},
|
|
)
|
|
response.raise_for_status()
|
|
except httpx.HTTPStatusError as e:
|
|
if e.response.status_code == 404:
|
|
handle_cli_error(
|
|
"Deployment not found. To deregister the worker from the engine, use the --deregister flag."
|
|
)
|
|
else:
|
|
handle_cli_error(f"Error deleting deployment: {e}")
|
|
except Exception as e:
|
|
handle_cli_error(f"Error deleting deployment: {e}")
|
|
|
|
# Then try to delete from the engine
|
|
try:
|
|
arcade = Arcade(api_key=config.api.key, base_url=engine_url)
|
|
arcade.workers.delete(worker_id)
|
|
except NotFoundError:
|
|
console.print("Worker not found", style="bold red")
|
|
except Exception as e:
|
|
handle_cli_error(f"Error deleting worker from engine: {e}")
|
|
|
|
|
|
@app.command("logs", help="Get logs for a worker")
|
|
def worker_logs(
|
|
worker_id: str,
|
|
cloud_host: str = typer.Option(
|
|
PROD_CLOUD_HOST,
|
|
"--cloud-host",
|
|
"-c",
|
|
help="The Arcade Engine host.",
|
|
hidden=True,
|
|
),
|
|
cloud_port: int = typer.Option(
|
|
None,
|
|
"--cloud-port",
|
|
"-cp",
|
|
help="The port of the Arcade Engine host.",
|
|
hidden=True,
|
|
),
|
|
force_tls: bool = typer.Option(
|
|
False,
|
|
"--tls",
|
|
help="Whether to force TLS for the connection to the Arcade Engine.",
|
|
hidden=True,
|
|
),
|
|
force_no_tls: bool = typer.Option(
|
|
False,
|
|
"--no-tls",
|
|
help="Whether to disable TLS for the connection to the Arcade Engine.",
|
|
hidden=True,
|
|
),
|
|
) -> None:
|
|
config = validate_and_get_config()
|
|
cloud_url = compute_base_url(force_tls, force_no_tls, cloud_host, cloud_port)
|
|
try:
|
|
with httpx.stream(
|
|
"GET",
|
|
f"{cloud_url}/api/v1/workers/logs/{worker_id}",
|
|
headers={"Authorization": f"Bearer {config.api.key}", "Accept": "text/event-stream"},
|
|
# allow the connection to stay open indefinitely
|
|
timeout=None, # noqa: S113
|
|
) as s:
|
|
for line in s.iter_lines():
|
|
if not line or "[DONE]" in line: # Skip empty lines
|
|
continue
|
|
if "event: error" in line:
|
|
handle_cli_error("Could not stream logs")
|
|
if line.startswith("data:"):
|
|
# Extract just the data portion after 'data:'
|
|
data = line[5:].strip() # Remove 'data:' prefix and whitespace
|
|
console.print(data, markup=False)
|
|
except CLIError:
|
|
raise
|
|
except Exception as e:
|
|
handle_cli_error(f"Error connecting to log stream: {e}")
|
|
|
|
|
|
def get_toolkits(client: Arcade, worker_id: str | None) -> str:
|
|
if worker_id is None:
|
|
return ""
|
|
try:
|
|
# Get tools for the given worker
|
|
tools = client.workers.tools(worker_id)
|
|
toolkits: list[str] = []
|
|
if not tools.items:
|
|
return ""
|
|
|
|
# Get toolkit names
|
|
for page in tools.iter_pages():
|
|
for tool in page.items:
|
|
if tool.toolkit.name not in toolkits:
|
|
toolkits.append(tool.toolkit.name)
|
|
return ", ".join(toolkits)
|
|
except NotFoundError:
|
|
return ""
|
|
except Exception as e:
|
|
handle_cli_error(f"Error getting server tools: {e}")
|
|
return ""
|