qontract-reconcile 0.10.0__py3-none-any.whl → 0.10.1.dev1203__py3-none-any.whl

reconcile/typed_queries/saas_files.py

@@ -1,13 +1,10 @@
+import hashlib
 import json
 from collections.abc import Callable
-from typing import (
-    Any,
-    Optional,
-    Union,
-)
+from threading import Lock
+from typing import Any
 
 from jsonpath_ng.exceptions import JsonPathParserError
-from jsonpath_ng.ext import parser
 from pydantic import (
     BaseModel,
     Extra,
@@ -19,6 +16,7 @@ from reconcile.gql_definitions.common.saas_files import (
     AppV1,
     ConfiguredBaseModel,
     DeployResourcesV1,
+    ManagedResourceNamesV1,
     PipelinesProviderTektonV1,
     PipelinesProviderV1,
     RoleV1,
@@ -49,27 +47,35 @@ from reconcile.utils.exceptions import (
     AppInterfaceSettingsError,
     ParameterError,
 )
+from reconcile.utils.jsonpath import parse_jsonpath
 
 
 class SaasResourceTemplateTarget(ConfiguredBaseModel):
-    path: Optional[str] = Field(..., alias="path")
-    name: Optional[str] = Field(..., alias="name")
+    path: str | None = Field(..., alias="path")
+    name: str | None = Field(..., alias="name")
     # the namespace must be required to fulfill the saas file schema (utils.saasherder.interface.SaasFile)
     namespace: SaasTargetNamespace = Field(..., alias="namespace")
     ref: str = Field(..., alias="ref")
-    promotion: Optional[SaasResourceTemplateTargetPromotionV1] = Field(
+    promotion: SaasResourceTemplateTargetPromotionV1 | None = Field(
         ..., alias="promotion"
     )
-    parameters: Optional[Json] = Field(..., alias="parameters")
-    secret_parameters: Optional[
-        list[SaasResourceTemplateTargetV2_SaasSecretParametersV1]
-    ] = Field(..., alias="secretParameters")
-    upstream: Optional[SaasResourceTemplateTargetUpstreamV1] = Field(
-        ..., alias="upstream"
-    )
-    image: Optional[SaasResourceTemplateTargetImageV1] = Field(..., alias="image")
-    disable: Optional[bool] = Field(..., alias="disable")
-    delete: Optional[bool] = Field(..., alias="delete")
+    parameters: Json | None = Field(..., alias="parameters")
+    secret_parameters: (
+        list[SaasResourceTemplateTargetV2_SaasSecretParametersV1] | None
+    ) = Field(..., alias="secretParameters")
+    upstream: SaasResourceTemplateTargetUpstreamV1 | None = Field(..., alias="upstream")
+    image: SaasResourceTemplateTargetImageV1 | None = Field(..., alias="image")
+    disable: bool | None = Field(..., alias="disable")
+    delete: bool | None = Field(..., alias="delete")
+
+    def uid(
+        self, parent_saas_file_name: str, parent_resource_template_name: str
+    ) -> str:
+        """Returns a unique identifier for a target."""
+        return hashlib.blake2s(
+            f"{parent_saas_file_name}:{parent_resource_template_name}:{self.name if self.name else 'default'}:{self.namespace.cluster.name}:{self.namespace.name}".encode(),
+            digest_size=20,
+        ).hexdigest()
 
     class Config:
         # ignore `namespaceSelector` and 'provider' fields from the GQL schema
@@ -80,102 +86,220 @@ class SaasResourceTemplate(ConfiguredBaseModel):
     name: str = Field(..., alias="name")
     url: str = Field(..., alias="url")
     path: str = Field(..., alias="path")
-    provider: Optional[str] = Field(..., alias="provider")
-    hash_length: Optional[int] = Field(..., alias="hash_length")
-    parameters: Optional[Json] = Field(..., alias="parameters")
-    secret_parameters: Optional[
-        list[SaasResourceTemplateV2_SaasSecretParametersV1]
-    ] = Field(..., alias="secretParameters")
+    provider: str | None = Field(..., alias="provider")
+    hash_length: int | None = Field(..., alias="hash_length")
+    parameters: Json | None = Field(..., alias="parameters")
+    secret_parameters: list[SaasResourceTemplateV2_SaasSecretParametersV1] | None = (
+        Field(..., alias="secretParameters")
+    )
     targets: list[SaasResourceTemplateTarget] = Field(..., alias="targets")
 
 
 class SaasFile(ConfiguredBaseModel):
     path: str = Field(..., alias="path")
     name: str = Field(..., alias="name")
+    labels: Json | None = Field(..., alias="labels")
     app: AppV1 = Field(..., alias="app")
-    pipelines_provider: Union[PipelinesProviderTektonV1, PipelinesProviderV1] = Field(
+    pipelines_provider: PipelinesProviderTektonV1 | PipelinesProviderV1 = Field(
         ..., alias="pipelinesProvider"
     )
-    deploy_resources: Optional[DeployResourcesV1] = Field(..., alias="deployResources")
-    slack: Optional[SlackOutputV1] = Field(..., alias="slack")
+    deploy_resources: DeployResourcesV1 | None = Field(..., alias="deployResources")
+    slack: SlackOutputV1 | None = Field(..., alias="slack")
     managed_resource_types: list[str] = Field(..., alias="managedResourceTypes")
-    takeover: Optional[bool] = Field(..., alias="takeover")
-    deprecated: Optional[bool] = Field(..., alias="deprecated")
-    compare: Optional[bool] = Field(..., alias="compare")
-    timeout: Optional[str] = Field(..., alias="timeout")
-    publish_job_logs: Optional[bool] = Field(..., alias="publishJobLogs")
-    cluster_admin: Optional[bool] = Field(..., alias="clusterAdmin")
+    takeover: bool | None = Field(..., alias="takeover")
+    deprecated: bool | None = Field(..., alias="deprecated")
+    compare: bool | None = Field(..., alias="compare")
+    timeout: str | None = Field(..., alias="timeout")
+    skip_successful_deploy_notifications: bool | None = Field(
+        ..., alias="skipSuccessfulDeployNotifications"
+    )
+    publish_job_logs: bool | None = Field(..., alias="publishJobLogs")
+    cluster_admin: bool | None = Field(..., alias="clusterAdmin")
     image_patterns: list[str] = Field(..., alias="imagePatterns")
-    allowed_secret_parameter_paths: Optional[list[str]] = Field(
+    allowed_secret_parameter_paths: list[str] | None = Field(
         ..., alias="allowedSecretParameterPaths"
     )
-    use_channel_in_image_tag: Optional[bool] = Field(
-        ..., alias="use_channel_in_image_tag"
-    )
-    authentication: Optional[SaasFileAuthenticationV1] = Field(
-        ..., alias="authentication"
-    )
-    parameters: Optional[Json] = Field(..., alias="parameters")
-    secret_parameters: Optional[list[SaasSecretParametersV1]] = Field(
+    use_channel_in_image_tag: bool | None = Field(..., alias="use_channel_in_image_tag")
+    authentication: SaasFileAuthenticationV1 | None = Field(..., alias="authentication")
+    parameters: Json | None = Field(..., alias="parameters")
+    secret_parameters: list[SaasSecretParametersV1] | None = Field(
         ..., alias="secretParameters"
     )
+    validate_targets_in_app: bool | None = Field(..., alias="validateTargetsInApp")
+    validate_planned_data: bool | None = Field(..., alias="validatePlannedData")
+    managed_resource_names: list[ManagedResourceNamesV1] | None = Field(
+        ..., alias="managedResourceNames"
+    )
     resource_templates: list[SaasResourceTemplate] = Field(
         ..., alias="resourceTemplates"
     )
-    self_service_roles: Optional[list[RoleV1]] = Field(..., alias="selfServiceRoles")
-
-
-def get_namespaces_by_selector(
-    namespaces: list[SaasTargetNamespace],
-    namespace_selector: SaasResourceTemplateTargetNamespaceSelectorV1,
-) -> list[SaasTargetNamespace]:
-    # json representation of all the namespaces to filter on
-    # remove all the None values to simplify the jsonpath expressions
-    namespaces_as_dict = {
-        "namespace": [ns.dict(by_alias=True, exclude_none=True) for ns in namespaces]
-    }
-
-    def _get_namespace_by_cluster_and_name(
-        cluster_name: str, name: str
-    ) -> SaasTargetNamespace:
-        for ns in namespaces:
-            if ns.cluster.name == cluster_name and ns.name == name:
-                return ns
-        # this should never ever happen - just make mypy happy
-        raise RuntimeError(f"namespace '{name}' not found in cluster '{cluster_name}'")
-
-    filtered_namespaces: dict[str, Any] = {}
-
-    try:
+    self_service_roles: list[RoleV1] | None = Field(..., alias="selfServiceRoles")
+
+
+class SaasFileList:
+    def __init__(
+        self,
+        name: str | None = None,
+        query_func: Callable | None = None,
+        namespaces: list[SaasTargetNamespace] | None = None,
+    ) -> None:
+        # query_func and namespaces are optional args mostly used in tests
+        if not query_func:
+            query_func = gql.get_api().query
+        if not namespaces:
+            namespaces = namespaces_query(query_func).namespaces or []
+        self.namespaces = namespaces
+        self.cluster_namespaces = {
+            (ns.cluster.name, ns.name): ns for ns in self.namespaces
+        }
+
+        self._init_caches()
+
+        self.saas_files_v2 = saas_files_query(query_func).saas_files or []
+        if name:
+            self.saas_files_v2 = [sf for sf in self.saas_files_v2 if sf.name == name]
+        self.saas_files = self._resolve_namespace_selectors()
+
+    def _init_caches(self) -> None:
+        self._namespaces_as_dict_cache: dict[str, list[Any]] | None = None
+        self._namespaces_as_dict_lock = Lock()
+        self._matching_namespaces_cache: dict[str, Any] = {}
+        self._matching_namespaces_lock = Lock()
+
+    def _resolve_namespace_selectors(self) -> list[SaasFile]:
+        saas_files: list[SaasFile] = []
+        # resolve namespaceSelectors to real namespaces
+        for sfv2 in self.saas_files_v2:
+            for rt_gql in sfv2.resource_templates:
+                for target_gql in rt_gql.targets[:]:
+                    # either namespace or namespaceSelector must be set
+                    if target_gql.namespace and target_gql.namespace_selector:
+                        raise ParameterError(
+                            f"SaasFile {sfv2.name}: namespace and namespaceSelector are mutually exclusive"
+                        )
+                    if not target_gql.provider:
+                        target_gql.provider = "static"
+
+                    if (
+                        target_gql.namespace_selector
+                        and target_gql.provider != "dynamic"
+                    ):
+                        raise ParameterError(
+                            f"SaasFile {sfv2.name}: namespaceSelector can only be used with 'provider: dynamic'"
+                        )
+                    if (
+                        target_gql.namespace_selector
+                        and target_gql.provider == "dynamic"
+                    ):
+                        rt_gql.targets.remove(target_gql)
+                        rt_gql.targets += self.create_targets_for_namespace_selector(
+                            target_gql, target_gql.namespace_selector
+                        )
+            # convert SaasFileV2 (with optional resource_templates.targets.namespace field)
+            # to SaasFile (with required resource_templates.targets.namespace field)
+            saas_files.append(SaasFile(**export_model(sfv2)))
+        return saas_files
+
+    def create_targets_for_namespace_selector(
+        self,
+        target: SaasResourceTemplateTargetV2,
+        namespace_selector: SaasResourceTemplateTargetNamespaceSelectorV1,
+    ) -> list[SaasResourceTemplateTargetV2]:
+        targets = []
+        for namespace in self.get_namespaces_by_selector(namespace_selector):
+            target_dict = export_model(target)
+            target_dict["namespace"] = export_model(namespace)
+            targets.append(SaasResourceTemplateTargetV2(**target_dict))
+        return targets
+
+    def _get_namespaces_as_dict(self) -> dict[str, list[Any]]:
+        # json representation of all the namespaces to filter on
+        # remove all the None values to simplify the jsonpath expressions
+        if self._namespaces_as_dict_cache is None:
+            with self._namespaces_as_dict_lock:
+                self._namespaces_as_dict_cache = {
+                    "namespace": [
+                        ns.dict(by_alias=True, exclude_none=True)
+                        for ns in self.namespaces
+                    ]
+                }
+        return self._namespaces_as_dict_cache
+
+    def _matching_namespaces(self, selector: str) -> Any:
+        if selector not in self._matching_namespaces_cache:
+            with self._matching_namespaces_lock:
+                namespaces_as_dict = self._get_namespaces_as_dict()
+                try:
+                    self._matching_namespaces_cache[selector] = parse_jsonpath(
+                        selector
+                    ).find(namespaces_as_dict)
+                except JsonPathParserError as e:
+                    raise ParameterError(
+                        f"Invalid jsonpath expression in namespaceSelector '{selector}' :{e}"
+                    ) from None
+
+        return self._matching_namespaces_cache[selector]
+
+    def get_namespaces_by_selector(
+        self, namespace_selector: SaasResourceTemplateTargetNamespaceSelectorV1
+    ) -> list[SaasTargetNamespace]:
+        filtered_namespaces: dict[tuple[str, str], Any] = {}
+
         for include in namespace_selector.json_path_selectors.include:
-            for match in parser.parse(include).find(namespaces_as_dict):
+            for match in self._matching_namespaces(include):
                 cluster_name = match.value["cluster"]["name"]
                 ns_name = match.value["name"]
-                filtered_namespaces[
-                    f"{cluster_name}-{ns_name}"
-                ] = _get_namespace_by_cluster_and_name(cluster_name, ns_name)
-    except JsonPathParserError as e:
-        raise ParameterError(
-            f"Invalid jsonpath expression in namespaceSelector '{include}' :{e}"
-        )
+                filtered_namespaces[cluster_name, ns_name] = self.cluster_namespaces[
+                    cluster_name, ns_name
+                ]
 
-    try:
         for exclude in namespace_selector.json_path_selectors.exclude or []:
-            for match in parser.parse(exclude).find(namespaces_as_dict):
+            for match in self._matching_namespaces(exclude):
                 cluster_name = match.value["cluster"]["name"]
                 ns_name = match.value["name"]
-                filtered_namespaces.pop(f"{cluster_name}-{ns_name}", None)
-    except JsonPathParserError as e:
-        raise ParameterError(
-            f"Invalid jsonpath expression in namespaceSelector '{exclude}' :{e}"
-        )
-    return list(filtered_namespaces.values())
+                filtered_namespaces.pop((cluster_name, ns_name), None)
+
+        return list(filtered_namespaces.values())
+
+    def where(
+        self,
+        name: str | None = None,
+        env_name: str | None = None,
+        app_name: str | None = None,
+    ) -> list[SaasFile]:
+        if name is None and env_name is None and app_name is None:
+            return self.saas_files
+
+        if name == "" or env_name == "" or app_name == "":  # noqa: PLC1901
+            return []
+
+        filtered: list[SaasFile] = []
+        for saas_file in self.saas_files[:]:
+            if name and saas_file.name != name:
+                continue
+
+            if app_name and saas_file.app.name != app_name:
+                continue
+
+            sf = saas_file.copy(deep=True)
+            if env_name:
+                for rt in sf.resource_templates[:]:
+                    for target in rt.targets[:]:
+                        if target.namespace.environment.name != env_name:
+                            rt.targets.remove(target)
+                    if not rt.targets:
+                        sf.resource_templates.remove(rt)
+                if not sf.resource_templates:
+                    continue
+            filtered.append(sf)
+
+        return filtered
 
 
 def convert_parameters_to_json_string(root: dict[str, Any]) -> dict[str, Any]:
     """Find all parameter occurrences and convert them to a json string."""
     for key, value in root.items():
-        if key in ["parameters", "labels"]:
+        if key in {"parameters", "labels"}:
             root[key] = json.dumps(value) if value is not None else None
         elif isinstance(value, dict):
             root[key] = convert_parameters_to_json_string(value)
@@ -191,93 +315,23 @@ def export_model(model: BaseModel) -> dict[str, Any]:
     return convert_parameters_to_json_string(model.dict(by_alias=True))
 
 
-def create_targets_for_namespace_selector(
-    target: SaasResourceTemplateTargetV2,
-    namespaces: list[SaasTargetNamespace],
-    namespace_selector: SaasResourceTemplateTargetNamespaceSelectorV1,
-) -> list[SaasResourceTemplateTargetV2]:
-    targets = []
-    for namespace in get_namespaces_by_selector(namespaces, namespace_selector):
-        target_dict = export_model(target)
-        target_dict["namespace"] = export_model(namespace)
-        targets.append(SaasResourceTemplateTargetV2(**target_dict))
-    return targets
-
-
 def get_saas_files(
-    name: Optional[str] = None,
-    env_name: Optional[str] = None,
-    app_name: Optional[str] = None,
-    query_func: Optional[Callable] = None,
-    namespaces: Optional[list[SaasTargetNamespace]] = None,
+    name: str | None = None,
+    env_name: str | None = None,
+    app_name: str | None = None,
+    query_func: Callable | None = None,
+    namespaces: list[SaasTargetNamespace] | None = None,
+    saas_file_list: SaasFileList | None = None,
 ) -> list[SaasFile]:
-    if not query_func:
-        query_func = gql.get_api().query
-    data = saas_files_query(query_func)
-    saas_files: list[SaasFile] = []
-    if not namespaces:
-        namespaces = namespaces_query(query_func).namespaces or []
-
-    # resolve namespaceSelectors to real namespaces
-    for saas_file_gql in list(data.saas_files or []):
-        for rt_gql in saas_file_gql.resource_templates:
-            for target_gql in rt_gql.targets[:]:
-                # either namespace or namespaceSelector must be set
-                if target_gql.namespace and target_gql.namespace_selector:
-                    raise ParameterError(
-                        f"SaasFile {saas_file_gql.name}: namespace and namespaceSelector are mutually exclusive"
-                    )
-                if not target_gql.provider:
-                    target_gql.provider = "static"
-
-                if (
-                    target_gql.namespace_selector
-                    and not target_gql.provider == "dynamic"
-                ):
-                    raise ParameterError(
-                        f"SaasFile {saas_file_gql.name}: namespaceSelector can only be used with 'provider: dynamic'"
-                    )
-                if target_gql.namespace_selector and target_gql.provider == "dynamic":
-                    rt_gql.targets.remove(target_gql)
-                    rt_gql.targets += create_targets_for_namespace_selector(
-                        target_gql, namespaces, target_gql.namespace_selector
-                    )
-        # convert SaasFileV2 (with optional resource_templates.targets.namespace field)
-        # to SaasFile (with required resource_templates.targets.namespace field)
-        saas_files.append(SaasFile(**export_model(saas_file_gql)))
-
-    if name is None and env_name is None and app_name is None:
-        return saas_files
-    if name == "" or env_name == "" or app_name == "":
-        return []
-
-    for saas_file in saas_files[:]:
-        if name:
-            if saas_file.name != name:
-                saas_files.remove(saas_file)
-                continue
-
-        if env_name:
-            for rt in saas_file.resource_templates[:]:
-                for target in rt.targets[:]:
-                    if target.namespace.environment.name != env_name:
-                        rt.targets.remove(target)
-                if not rt.targets:
-                    saas_file.resource_templates.remove(rt)
-            if not saas_file.resource_templates:
-                saas_files.remove(saas_file)
-                continue
-
-        if app_name:
-            if saas_file.app.name != app_name:
-                saas_files.remove(saas_file)
-                continue
-
-    return saas_files
+    if not saas_file_list:
+        saas_file_list = SaasFileList(
+            name=name, query_func=query_func, namespaces=namespaces
+        )
+    return saas_file_list.where(env_name=env_name, app_name=app_name)
 
 
 def get_saasherder_settings(
-    query_func: Optional[Callable] = None,
+    query_func: Callable | None = None,
 ) -> AppInterfaceSettingsV1:
     if not query_func:
         query_func = gql.get_api().query

reconcile/typed_queries/slack.py

@@ -0,0 +1,7 @@
+from reconcile.gql_definitions.common.slack_workspaces import SlackWorkspaceV1, query
+from reconcile.utils import gql
+
+
+def get_slack_workspaces() -> list[SlackWorkspaceV1]:
+    data = query(gql.get_api().query)
+    return list(data.workspaces or [])

reconcile/typed_queries/slo_documents.py

@@ -0,0 +1,12 @@
+from reconcile.gql_definitions.slo_documents.slo_documents import (
+    SLODocumentV1,
+    query,
+)
+from reconcile.utils import gql
+from reconcile.utils.gql import GqlApi
+
+
+def get_slo_documents(gql_api: GqlApi | None = None) -> list[SLODocumentV1]:
+    api = gql_api if gql_api else gql.get_api()
+    data = query(query_func=api.query)
+    return data.slo_document_v1 or []

reconcile/typed_queries/status_board.py

@@ -0,0 +1,58 @@
+from collections.abc import Callable, Iterable
+from typing import Any
+
+from jsonpath_ng.ext import parser
+
+from reconcile.gql_definitions.status_board.status_board import (
+    StatusBoardProductV1,
+    StatusBoardV1,
+    query,
+)
+from reconcile.utils import gql
+
+
+def get_status_board(
+    query_func: Callable | None = None,
+) -> list[StatusBoardV1]:
+    if not query_func:
+        query_func = gql.get_api().query
+    return query(query_func).status_board_v1 or []
+
+
+def get_selected_app_names(
+    global_selectors: Iterable[str],
+    product: StatusBoardProductV1,
+) -> set[str]:
+    selected_app_names: set[str] = set()
+
+    apps: dict[str, Any] = {"apps": []}
+    for namespace in product.product_environment.namespaces or []:
+        prefix = ""
+        if namespace.app.parent_app:
+            prefix = f"{namespace.app.parent_app.name}-"
+        name = f"{prefix}{namespace.app.name}"
+        selected_app_names.add(name)
+        app = namespace.app.dict(by_alias=True)
+        app["name"] = name
+        apps["apps"].append(app)
+
+        for child in namespace.app.children_apps or []:
+            name = f"{namespace.app.name}-{child.name}"
+            if name not in selected_app_names:
+                selected_app_names.add(f"{namespace.app.name}-{child.name}")
+                child_dict = child.dict(by_alias=True)
+                child_dict["name"] = name
+                apps["apps"].append(child_dict)
+
+    selectors = set(global_selectors)
+    if product.app_selectors:
+        selectors.update(product.app_selectors.exclude or [])
+
+    for selector in selectors:
+        apps_to_remove: set[str] = set()
+        results = parser.parse(selector).find(apps)
+        for match in results:
+            apps_to_remove.add(match.value["name"])
+        selected_app_names -= apps_to_remove
+
+    return selected_app_names

reconcile/typed_queries/tekton_pipeline_providers.py

@@ -1,5 +1,4 @@
 from collections.abc import Callable
-from typing import Optional
 
 from reconcile.gql_definitions.common.pipeline_providers import (
     PipelinesProviderTektonV1,
@@ -9,7 +8,7 @@ from reconcile.utils import gql
 
 
 def get_tekton_pipeline_providers(
-    query_func: Optional[Callable] = None,
+    query_func: Callable | None = None,
 ) -> list[PipelinesProviderTektonV1]:
     if not query_func:
         query_func = gql.get_api().query

reconcile/typed_queries/terraform_namespaces.py

@@ -1,5 +1,4 @@
 from collections.abc import Callable
-from typing import Optional
 
 from reconcile.gql_definitions.terraform_resources.terraform_resources_namespaces import (
     NamespaceV1,
@@ -8,7 +7,7 @@ from reconcile.gql_definitions.terraform_resources.terraform_resources_namespace
 from reconcile.utils import gql
 
 
-def get_namespaces(query_func: Optional[Callable] = None) -> list[NamespaceV1]:
+def get_namespaces(query_func: Callable | None = None) -> list[NamespaceV1]:
     if not query_func:
         query_func = gql.get_api().query
     data = query(query_func=query_func)

reconcile/typed_queries/terraform_tgw_attachments/aws_accounts.py

@@ -0,0 +1,16 @@
+from reconcile.gql_definitions.terraform_tgw_attachments.aws_accounts import (
+    AWSAccountV1,
+    query,
+)
+from reconcile.utils.gql import GqlApi
+
+
+def get_aws_accounts(
+    gql_api: GqlApi,
+    name: str | None = None,
+) -> list[AWSAccountV1]:
+    variables = {
+        "name": name,
+    }
+    data = query(gql_api.query, variables=variables)
+    return data.accounts or []

reconcile/typed_queries/unleash.py

@@ -0,0 +1,10 @@
+from reconcile.gql_definitions.unleash_feature_toggles.feature_toggles import (
+    UnleashInstanceV1,
+    query,
+)
+from reconcile.utils import gql
+
+
+def get_unleash_instances() -> list[UnleashInstanceV1]:
+    data = query(gql.get_api().query)
+    return list(data.instances or [])

reconcile/typed_queries/users.py

@@ -0,0 +1,11 @@
+from collections.abc import Callable
+
+from reconcile.gql_definitions.common.users import query
+from reconcile.gql_definitions.fragments.user import User
+from reconcile.utils import gql
+
+
+def get_users(query_func: Callable | None = None) -> list[User]:
+    if not query_func:
+        query_func = gql.get_api().query
+    return query(query_func=gql.get_api().query).users or []

reconcile/typed_queries/vault.py

@@ -0,0 +1,10 @@
+from reconcile.gql_definitions.vault_instances.vault_instances import (
+    VaultInstanceV1,
+    query,
+)
+from reconcile.utils import gql
+
+
+def get_vault_instances() -> list[VaultInstanceV1]:
+    data = query(gql.get_api().query)
+    return list(data.vault_instances or [])