qontract-reconcile 0.10.1rc1030__py3-none-any.whl → 0.10.1rc1032__py3-none-any.whl

reconcile/openshift_saas_deploy_change_tester.py

@@ -147,7 +147,7 @@ def collect_compare_diffs(
             # that changes another saas file was merged but is not yet
             # reflected in the baseline graphql endpoint.
             # https://issues.redhat.com/browse/APPSRE-3029
-            logging.debug(f"Diff not found in changed paths, skipping: {str(d)}")
+            logging.debug(f"Diff not found in changed paths, skipping: {d!s}")
             continue
         for c in current_state:
             if d.saas_file_name != c.saas_file_name:

reconcile/openshift_saas_deploy_trigger_base.py

@@ -297,7 +297,7 @@ def _trigger_tekton(
             logging.error(
                 f"could not trigger pipeline {tkn_name} "
                 + f"in {tkn_cluster_name}/{tkn_namespace_name}. "
-                + f"details: {str(e)}"
+                + f"details: {e!s}"
             )
 
     if not error and not dry_run:

reconcile/query_validator.py

@@ -42,13 +42,13 @@ def run(dry_run):
                 gqlapi.query(gql.get_resource(q["path"])["content"])
             except (gql.GqlGetResourceError, gql.GqlApiError) as e:
                 error = True
-                logging.error(f"query validation error in {qv_name}: {str(e)}")
+                logging.error(f"query validation error in {qv_name}: {e!s}")
         for r in qv.get("resources") or []:
             try:
                 fetch_openshift_resource(r, qv, settings=settings, skip_validation=True)
             except Exception as e:
                 error = True
-                logging.error(f"query validation error in {qv_name}: {str(e)}")
+                logging.error(f"query validation error in {qv_name}: {e!s}")
 
     if error:
         sys.exit(ExitCodes.ERROR)

reconcile/terraform_aws_route53.py

@@ -147,9 +147,9 @@ def build_desired_state(
                     sys.exit(ExitCodes.ERROR)
                 tf_zone_spec = tf_zone_specs[0]
                 tf_zone_account_name = tf_zone_spec.provisioner_name
-                zone_account = [
+                zone_account = next(
                     a for a in all_accounts if a["name"] == tf_zone_account_name
-                ][0]
+                )
                 tf_zone_region = (
                     tf_zone_spec.resource.get("region")
                     or zone_account["resourcesDefaultRegion"]

reconcile/test/test_closedbox_endpoint_monitoring.py

@@ -43,7 +43,7 @@ def test_blackbox_exporter_endpoint_loading(mocker):
     assert endpoints is not None
     assert len(endpoints) == 1
 
-    provider = list(endpoints.keys())[0]
+    provider = next(iter(endpoints.keys()))
     assert provider.provider == BLACKBOX_EXPORTER_PROVIDER
     provider_endpoints = endpoints.get(provider)
     assert provider_endpoints is not None
@@ -74,7 +74,7 @@ def test_blackbox_exporter_probe_building(mocker):
     endpoints = get_endpoints(BLACKBOX_EXPORTER_PROVIDER)
     assert len(endpoints) == 1
 
-    provider = list(endpoints.keys())[0]
+    provider = next(iter(endpoints.keys()))
     provider_endpoints = endpoints.get(provider)
     assert provider_endpoints is not None
     probe_resource = blackbox_exporter_probe_builder(provider, provider_endpoints)
@@ -108,7 +108,7 @@ def test_signalfx_probe_building(mocker):
     endpoints = get_endpoints(SIGNALFX_PROVIDER)
     assert len(endpoints) == 1
 
-    provider = list(endpoints.keys())[0]
+    provider = next(iter(endpoints.keys()))
     provider_endpoints = endpoints.get(provider)
     assert provider_endpoints is not None
     probe_resource = signalfx_probe_builder(provider, provider_endpoints)
@@ -157,7 +157,7 @@ def test_blackbox_exporter_filling_desired_state(mocker):
     add_desired_mock = mocker.patch.object(ResourceInventory, "add_desired")
 
     endpoints = get_endpoints(BLACKBOX_EXPORTER_PROVIDER)
-    provider = list(endpoints.keys())[0]
+    provider = next(iter(endpoints.keys()))
     probe = blackbox_exporter_probe_builder(provider, endpoints[provider])
     assert probe is not None
     fill_desired_state(provider, probe, ResourceInventory())
@@ -178,7 +178,7 @@ def test_signalfx_filling_desired_state(mocker):
     add_desired_mock = mocker.patch.object(ResourceInventory, "add_desired")
 
     endpoints = get_endpoints(SIGNALFX_PROVIDER)
-    provider = list(endpoints.keys())[0]
+    provider = next(iter(endpoints.keys()))
     probe = signalfx_probe_builder(provider, endpoints[provider])
     assert probe is not None
     fill_desired_state(provider, probe, ResourceInventory())

reconcile/test/test_gitlab_permissions.py

@@ -1,17 +1,7 @@
 from unittest.mock import MagicMock, create_autospec
 
 import pytest
-from gitlab.v4.objects import (
-    CurrentUser,
-    Group,
-    GroupMember,
-    GroupProjectManager,
-    Project,
-    ProjectMember,
-    ProjectMemberAllManager,
-    SharedProject,
-    SharedProjectManager,
-)
+from gitlab.v4.objects import CurrentUser, GroupMember
 from pytest_mock import MockerFixture
 
 from reconcile import gitlab_permissions
@@ -33,7 +23,6 @@ def mocked_gl() -> MagicMock:
     gl.server = "test_server"
     gl.user = create_autospec(CurrentUser)
     gl.user.username = "test_name"
-    gl.user.id = 1234
     return gl
 
 
@@ -60,25 +49,13 @@ def test_run_share_with_group(
     mocker.patch(
         "reconcile.gitlab_permissions.get_feature_toggle_state"
     ).return_value = True
-    group = create_autospec(Group, id=1234)
-    group.name = "app-sre"
-    group.projects = create_autospec(GroupProjectManager)
-    group.shared_projects = create_autospec(SharedProjectManager)
-    mocked_gl.get_items.side_effect = [
-        [],
-        [],
-    ]
-    mocked_gl.get_group.return_value = group
-    mocked_gl.get_access_level.return_value = 40
-    project = create_autospec(Project, web_url="https://test.com")
-    project.members_all = create_autospec(ProjectMemberAllManager)
-    project.members_all.get.return_value = create_autospec(
-        ProjectMember, id=mocked_gl.user.id, access_level=40
+    mocked_gl.get_group_id_and_shared_projects.return_value = (
+        1234,
+        {"https://test.com": {"group_access_level": 30}},
     )
-    mocked_gl.get_project.return_value = project
     gitlab_permissions.run(False, thread_pool_size=1)
     mocked_gl.share_project_with_group.assert_called_once_with(
-        project, group_id=1234, access_level=40
+        repo_url="https://test-gitlab.com", group_id=1234, dry_run=False
     )
 
 
@@ -89,76 +66,11 @@ def test_run_reshare_with_group(
     mocker.patch(
         "reconcile.gitlab_permissions.get_feature_toggle_state"
     ).return_value = True
-    group = create_autospec(Group, id=1234)
-    group.name = "app-sre"
-    group.projects = create_autospec(GroupProjectManager)
-    group.shared_projects = create_autospec(SharedProjectManager)
-    mocked_gl.get_items.side_effect = [
-        [],
-        [
-            create_autospec(
-                SharedProject,
-                web_url="https://test-gitlab.com",
-                shared_with_groups=[
-                    {
-                        "group_access_level": 30,
-                        "group_name": "app-sre",
-                        "group_id": 1234,
-                    }
-                ],
-            )
-        ],
-    ]
-    mocked_gl.get_group.return_value = group
-    mocked_gl.get_access_level.return_value = 40
-    project = create_autospec(Project, web_url="https://test-gitlab.com")
-    project.members_all = create_autospec(ProjectMemberAllManager)
-    project.members_all.get.return_value = create_autospec(
-        ProjectMember, id=mocked_gl.user.id, access_level=40
+    mocked_gl.get_group_id_and_shared_projects.return_value = (
+        1234,
+        {"https://test-gitlab.com": {"group_access_level": 30}},
     )
-    mocked_gl.get_project.return_value = project
     gitlab_permissions.run(False, thread_pool_size=1)
     mocked_gl.share_project_with_group.assert_called_once_with(
-        project=project, group_id=1234, access_level=40, reshare=True
-    )
-
-
-def test_run_share_with_group_failed(
-    mocked_queries: MagicMock, mocker: MockerFixture, mocked_gl: MagicMock
-) -> None:
-    mocker.patch("reconcile.gitlab_permissions.GitLabApi").return_value = mocked_gl
-    mocker.patch(
-        "reconcile.gitlab_permissions.get_feature_toggle_state"
-    ).return_value = True
-    group = create_autospec(Group, id=1234)
-    group.name = "app-sre"
-    group.projects = create_autospec(GroupProjectManager)
-    group.shared_projects = create_autospec(SharedProjectManager)
-    group.projects = create_autospec(GroupProjectManager)
-    group.shared_projects = create_autospec(SharedProjectManager)
-    mocked_gl.get_items.side_effect = [
-        [],
-        [
-            create_autospec(
-                SharedProject,
-                web_url="https://test-gitlab.com",
-                shared_with_groups=[
-                    {
-                        "group_access_level": 30,
-                        "group_name": "app-sre",
-                        "group_id": 134,
-                    }
-                ],
-            )
-        ],
-    ]
-    mocked_gl.get_group.return_value = group
-    mocked_gl.get_access_level.return_value = 40
-    project = create_autospec(Project)
-    project.members_all = create_autospec(ProjectMemberAllManager)
-    project.members_all.get.return_value = create_autospec(
-        ProjectMember, id=mocked_gl.user.id, access_level=10
+        repo_url="https://test-gitlab.com", group_id=1234, dry_run=False, reshare=True
     )
-    mocked_gl.get_project.return_value = project
-    with pytest.raises(Exception):
-        gitlab_permissions.run(False, thread_pool_size=1)

reconcile/test/test_openshift_resource.py

@@ -391,7 +391,7 @@ def test_resource_inventory_add_desired_resource_short_kind():
 
     assert len(list(ri)) == 1
 
-    cluster_name, namespace_name, resource_type, resource = list(ri)[0]
+    cluster_name, namespace_name, resource_type, resource = next(iter(ri))
     assert cluster_name == "cl"
     assert namespace_name == "ns"
     assert resource_type == "Deployment"
@@ -412,7 +412,7 @@ def test_resource_inventory_add_desired_resource_long_kind():
 
     assert len(list(ri)) == 1
 
-    cluster_name, namespace_name, resource_type, resource = list(ri)[0]
+    cluster_name, namespace_name, resource_type, resource = next(iter(ri))
     assert cluster_name == "cl"
     assert namespace_name == "ns"
     assert resource_type == "Deployment.apps"

reconcile/test/test_openshift_resources_base.py

@@ -155,7 +155,7 @@ def test_fetch_current_state_ri_initialized(oc_cs1: oc.OCClient, tmpl1: dict[str
         resource_names=[],
     )
 
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 1
     assert "tmpl1" in resource["current"]
     assert resource["current"]["tmpl1"].kind == "Template"
@@ -178,7 +178,7 @@ def test_fetch_current_state_kind_not_supported(
         resource_names=[],
     )
 
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 0
 
 
@@ -195,7 +195,7 @@ def test_fetch_current_state_long_kind(oc_cs1: oc.OCClient, tmpl1: dict[str, Any
         resource_names=[],
     )
 
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 1
     assert "tmpl1" in resource["current"]
     assert resource["current"]["tmpl1"].kind == "Template"
@@ -218,7 +218,7 @@ def test_fetch_current_state_long_kind_not_supported(
         resource_names=[],
     )
 
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 0
 
 
@@ -227,7 +227,7 @@ def test_fetch_states(current_state_spec: CurrentStateSpec, tmpl1: dict[str, Any
     ri.initialize_resource_type("cs1", "ns1", "Template")
     current_state_spec.oc.get_items = lambda kind, **kwargs: [tmpl1]  # type: ignore[method-assign]
     orb.fetch_states(ri=ri, spec=current_state_spec)
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 1
     assert "tmpl1" in resource["current"]
     assert resource["current"]["tmpl1"].kind == "Template"
@@ -238,7 +238,7 @@ def test_fetch_states_unknown_kind(current_state_spec: CurrentStateSpec):
     ri = ResourceInventory()
     ri.initialize_resource_type("cs1", "ns1", "UnknownKind")
     orb.fetch_states(ri=ri, spec=current_state_spec)
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 0
 
 
@@ -250,7 +250,7 @@ def test_fetch_states_oc_error(current_state_spec: CurrentStateSpec):
     ri.initialize_resource_type("cs1", "ns1", "Template")
     orb.fetch_states(ri=ri, spec=current_state_spec)
     assert ri.has_error_registered("cs1")
-    _, _, _, resource = list(ri)[0]
+    _, _, _, resource = next(iter(ri))
     assert len(resource["current"]) == 0
 
 

reconcile/test/test_openshift_serviceaccount_tokens.py

@@ -264,11 +264,13 @@ def test_openshift_serviceaccount_tokens__fetch_desired_state_create_token(
         )
         == 1
     )
-    r = list(
-        ri._clusters["cluster"]["with-openshift-serviceaccount-tokens"]["Secret"][
-            "desired"
-        ].values()
-    )[0]
+    r = next(
+        iter(
+            ri._clusters["cluster"]["with-openshift-serviceaccount-tokens"]["Secret"][
+                "desired"
+            ].values()
+        )
+    )
     assert r.body["type"] == "kubernetes.io/service-account-token"
 
 

reconcile/test/test_terraform_vpc_peerings.py

@@ -117,7 +117,7 @@ def build_cluster(
         cluster["awsInfrastructureManagementAccounts"] = []
         if read_only_accounts:
             for acc in read_only_accounts:
-                cluster["awsInfrastructureManagementAccounts"].append(  # type: ignore # noqa: E501
+                cluster["awsInfrastructureManagementAccounts"].append(  # type: ignore
                     {
                         "account": {
                             "name": acc,
@@ -131,7 +131,7 @@ def build_cluster(
                 )
         if network_mgmt_accounts:
             for idx, acc in enumerate(network_mgmt_accounts):
-                cluster["awsInfrastructureManagementAccounts"].append(  # type: ignore # noqa: E501
+                cluster["awsInfrastructureManagementAccounts"].append(  # type: ignore
                     {
                         "account": {
                             "name": acc,

reconcile/utils/acs/base.py

@@ -70,7 +70,7 @@ class AcsBaseApi(BaseModel):
         try:
             response.raise_for_status()
         except requests.exceptions.HTTPError as e:
-            logging.error(f"{str(e)}: {response.text}")
+            logging.error(f"{e!s}: {response.text}")
             raise
 
         return response

reconcile/utils/acs/notifiers.py

@@ -123,7 +123,7 @@ class AcsNotifiersApi(AcsBaseApi):
         ]
 
     def get_notifier_id_by_name(self, name: str) -> str:
-        return [n["id"] for n in self.get_notifiers() if n["name"] == name][0]
+        return next(n["id"] for n in self.get_notifiers() if n["name"] == name)
 
     def update_jira_notifier(
         self, jira_notifier: JiraNotifier, jira_credentials: JiraCredentials

reconcile/utils/aws_api.py

@@ -738,7 +738,7 @@ class AWSApi:  # pylint: disable=too-many-public-methods
 
     def get_user_key_status(self, iam: IAMClient, user: str, key: str) -> KeyStatus:
         key_list = self._get_user_key_list(iam, user)
-        return [k["Status"] for k in key_list if k["AccessKeyId"] == key][0]
+        return next(k["Status"] for k in key_list if k["AccessKeyId"] == key)
 
     def get_support_cases(self):
         all_support_cases = {}

reconcile/utils/config.py

@@ -35,7 +35,7 @@ def read(secret):
             config = config[t]
         return config[field]
     except Exception as e:
-        raise SecretNotFound(f"key not found in config file {path}: {str(e)}") from None
+        raise SecretNotFound(f"key not found in config file {path}: {e!s}") from None
 
 
 def read_all(secret):
@@ -47,6 +47,4 @@ def read_all(secret):
             config = config[t]
         return config
     except Exception as e:
-        raise SecretNotFound(
-            f"secret {path} not found in config file: {str(e)}"
-        ) from None
+        raise SecretNotFound(f"secret {path} not found in config file: {e!s}") from None

reconcile/utils/external_resources.py

@@ -33,7 +33,7 @@ def get_external_resource_specs(
     external_resources = namespace_info.get("externalResources") or []
     for e in external_resources:
         for r in e.get("resources", []):
-            if "managed_by_erv2" in r and r["managed_by_erv2"]:
+            if r.get("managed_by_erv2"):
                 continue
             spec = ExternalResourceSpec(
                 provision_provider=e["provider"],

reconcile/utils/gitlab_api.py

@@ -262,16 +262,51 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
 
     def share_project_with_group(
         self,
-        project: Project,
+        repo_url: str,
         group_id: int,
-        access_level: int,
+        dry_run: bool,
+        access: str = "maintainer",
         reshare: bool = False,
     ) -> None:
-        if reshare:
+        project = self.get_project(repo_url)
+        if project is None:
+            return None
+        access_level = self.get_access_level(access)
+        # check if we have 'access_level' access so we can  add the group with same role.
+        members = self.get_items(
+            project.members_all.list, query_parameters={"user_ids": self.user.id}
+        )
+        if not any(
+            self.user.id == member.id and member.access_level >= access_level
+            for member in members
+        ):
+            logging.error(
+                "%s is not shared with %s as %s",
+                repo_url,
+                self.user.username,
+                access,
+            )
+            return None
+        logging.info(["add_group_as_maintainer", repo_url, group_id])
+        if not dry_run:
+            if reshare:
+                gitlab_request.labels(integration=INTEGRATION_NAME).inc()
+                project.unshare(group_id)
             gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-            project.unshare(group_id)
+            project.share(group_id, access_level)
+
+    def get_group_id_and_shared_projects(
+        self, group_name: str
+    ) -> tuple[int, dict[str, Any]]:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        project.share(group_id, access_level)
+        group = self.gl.groups.get(group_name)
+        shared_projects = self.get_items(group.projects.list)
+        return group.id, {
+            project.web_url: shared_group
+            for project in shared_projects
+            for shared_group in project.shared_with_groups
+            if shared_group["group_id"] == group.id
+        }
 
     @staticmethod
     def _is_bot_username(username: str) -> bool:
@@ -379,9 +414,10 @@ class GitLabApi:  # pylint: disable=too-many-public-methods
         if access == "guest":
             return GUEST_ACCESS
 
-    def get_group(self, group_name: str) -> Group:
+    def get_group_id_and_projects(self, group_name: str) -> tuple[str, list[str]]:
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()
-        return self.gl.groups.get(group_name)
+        group = self.gl.groups.get(group_name)
+        return group.id, [p.name for p in self.get_items(group.projects.list)]
 
     def create_project(self, group_id, project):
         gitlab_request.labels(integration=INTEGRATION_NAME).inc()

reconcile/utils/gql.py

@@ -77,7 +77,7 @@ class GqlApiErrorForbiddenSchema(Exception):
 
 class GqlGetResourceError(Exception):
     def __init__(self, path, msg):
-        super().__init__(f"Error getting resource from path {path}: {str(msg)}")
+        super().__init__(f"Error getting resource from path {path}: {msg!s}")
 
 
 class GqlApi:

reconcile/utils/jinja2/utils.py

@@ -122,7 +122,7 @@ def lookup_graphql_query_results(query: str, **kwargs: dict[str, Any]) -> list[A
     gqlapi = gql.get_api()
     resource = gqlapi.get_resource(query)["content"]
     rendered_resource = jinja2.Template(resource).render(**kwargs)
-    results = list(gqlapi.query(rendered_resource).values())[0]
+    results = next(iter(gqlapi.query(rendered_resource).values()))
     return results
 
 

reconcile/utils/jobcontroller/controller.py

@@ -158,9 +158,9 @@ class K8sJobController:
         the function will wait indefinitely.  If a timeout occures, a TimeoutError will be raised.
         """
         jobs_left = job_names.copy()
-        job_statuses: dict[str, JobStatus] = {
-            name: JobStatus.NOT_EXISTS for name in job_names
-        }
+        job_statuses: dict[str, JobStatus] = dict.fromkeys(
+            job_names, JobStatus.NOT_EXISTS
+        )
 
         start_time = self.time_module.time()
         while jobs_left:

reconcile/utils/mr/__init__.py

@@ -22,19 +22,19 @@ from reconcile.utils.mr.user_maintenance import (
 )
 
 __all__ = [
-    "init_from_sqs_message",
-    "UnknownMergeRequestType",
-    "MergeRequestProcessingError",
+    "CreateAppInterfaceNotificator",
     "CreateAppInterfaceReporter",
-    "CreateDeleteAwsAccessKey",
     "CreateClustersUpdates",
-    "CreateOCMUpgradeSchedulerOrgUpdates",
-    "CreateOCMUpdateRecommendedVersion",
-    "CreateAppInterfaceNotificator",
+    "CreateDeleteAwsAccessKey",
     "CreateDeleteUserAppInterface",
     "CreateDeleteUserInfra",
-    "PromoteQontractSchemas",
+    "CreateOCMUpdateRecommendedVersion",
+    "CreateOCMUpgradeSchedulerOrgUpdates",
+    "MergeRequestProcessingError",
     "PromoteQontractReconcileCommercial",
+    "PromoteQontractSchemas",
+    "UnknownMergeRequestType",
+    "init_from_sqs_message",
 ]
 
 

reconcile/utils/ocm/__init__.py

@@ -1,5 +1,5 @@
-from reconcile.utils.ocm.ocm import *  # noqa: F401,F403
-from reconcile.utils.ocm.products import (  # noqa: F401,F403
+from reconcile.utils.ocm.ocm import *  # noqa: F403
+from reconcile.utils.ocm.products import (  # noqa: F401
     BYTES_IN_GIGABYTE,
     CS_API_BASE,
     DEFAULT_OCM_MACHINE_POOL_ID,

reconcile/utils/saasherder/__init__.py

@@ -9,9 +9,9 @@ from reconcile.utils.saasherder.saasherder import (
 )
 
 __all__ = [
+    "UNIQUE_SAAS_FILE_ENV_COMBO_LEN",
     "Providers",
     "SaasHerder",
     "TriggerSpecUnion",
     "TriggerTypes",
-    "UNIQUE_SAAS_FILE_ENV_COMBO_LEN",
 ]

reconcile/utils/saasherder/saasherder.py

@@ -888,7 +888,7 @@ class SaasHerder:  # pylint: disable=too-many-public-methods
                     url=url, path=path, ref=ref, github=github
                 )
             except Exception as e:
-                logging.error(f"{error_prefix} error fetching template: {str(e)}")
+                logging.error(f"{error_prefix} error fetching template: {e!s}")
                 raise
 
             # add COMMIT_SHA only if it is unspecified
@@ -930,7 +930,7 @@ class SaasHerder:  # pylint: disable=too-many-public-methods
                     logging.error(
                         f"{error_prefix} error generating REPO_DIGEST. "
                         + "Is REGISTRY_IMG missing? "
-                        + f"{str(e)}"
+                        + f"{e!s}"
                     )
                     raise
 
@@ -955,7 +955,7 @@ class SaasHerder:  # pylint: disable=too-many-public-methods
             try:
                 resources = oc.process(template, consolidated_parameters)
             except StatusCodeError as e:
-                logging.error(f"{error_prefix} error processing template: {str(e)}")
+                logging.error(f"{error_prefix} error processing template: {e!s}")
 
         elif provider == "directory":
             try:
@@ -964,7 +964,7 @@ class SaasHerder:  # pylint: disable=too-many-public-methods
                 )
             except Exception as e:
                 logging.error(
-                    f"{error_prefix} error fetching directory: {str(e)} "
+                    f"{error_prefix} error fetching directory: {e!s} "
                     + "(We do not support nested directories. Do you by chance have subdirectories?)"
                 )
                 raise
@@ -1141,7 +1141,7 @@ class SaasHerder:  # pylint: disable=too-many-public-methods
             )
         except Exception as e:
             logging.error(
-                f"{error_prefix} Image is invalid: {image}. " + f"details: {str(e)}"
+                f"{error_prefix} Image is invalid: {image}. " + f"details: {e!s}"
             )
 
         return None

reconcile/utils/state.py

@@ -250,7 +250,7 @@ class State:
             self.client.head_bucket(Bucket=self.bucket)
         except ClientError as details:
             raise StateInaccessibleException(
-                f"Bucket {self.bucket} is not accessible - {str(details)}"
+                f"Bucket {self.bucket} is not accessible - {details!s}"
             ) from None
 
     def __enter__(self) -> Self:
@@ -301,7 +301,7 @@ class State:
 
             raise StateInaccessibleException(
                 f"Can not access state key {key_path} "
-                f"in bucket {self.bucket} - {str(details)}"
+                f"in bucket {self.bucket} - {details!s}"
             ) from None
 
     def ls(self) -> list[str]:

reconcile/utils/terraform_client.py

@@ -523,7 +523,7 @@ class TerraformClient:  # pylint: disable=too-many-public-methods
             self.OUTPUT_TYPE_PASSWORDS,
             self.OUTPUT_TYPE_CONSOLEURLS,
         }:
-            return data[list(data.keys())[0]]
+            return data[next(iter(data.keys()))]
         return data
 
     def populate_terraform_output_secrets(

reconcile/utils/terrascript_aws_client.py

@@ -5734,7 +5734,7 @@ class TerrascriptClient:  # pylint: disable=too-many-public-methods
                 s3_client.head_bucket(Bucket=bucket_name)
             except ClientError as details:
                 raise StateInaccessibleException(
-                    f"Bucket {bucket_name} is not accessible - {str(details)}"
+                    f"Bucket {bucket_name} is not accessible - {details!s}"
                 ) from None
 
             # todo: probably remove 'RedHat' from the object/variable/filepath