qontract-reconcile 0.10.1rc405__py3-none-any.whl → 0.10.1rc407__py3-none-any.whl

{qontract_reconcile-0.10.1rc405.dist-info → qontract_reconcile-0.10.1rc407.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: qontract-reconcile
-Version: 0.10.1rc405
+Version: 0.10.1rc407
 Summary: Collection of tools to reconcile services with their desired state as defined in the app-interface DB.
 Home-page: https://github.com/app-sre/qontract-reconcile
 Author: Red Hat App-SRE Team

{qontract_reconcile-0.10.1rc405.dist-info → qontract_reconcile-0.10.1rc407.dist-info}/RECORD

@@ -105,7 +105,7 @@ reconcile/status_board.py,sha256=xOKicOelyGv3h2sFJxa9FBj8HDroZyGhMaRWaNRGpQQ,810
 reconcile/template_tester.py,sha256=vZz8GM46waQUGd3OVnhW5OLTqctFMH_Hh1QXxT5hduM,2384
 reconcile/terraform_aws_route53.py,sha256=QJMlaYYwcw_N9TJu7VbgZfxrxxR8Wv62GuG05XVhSuE,10018
 reconcile/terraform_cloudflare_dns.py,sha256=auU4bzeLwd4S8D8oqpqJbrCUoEdELXrgi7vHOedjYFk,13332
-reconcile/terraform_cloudflare_resources.py,sha256=m4Xg3xmHa7XjbUEvAbg0a3BeRSnPLe-4CLUJPlQiTdc,15012
+reconcile/terraform_cloudflare_resources.py,sha256=EbQQaoDnZ7brvRCpbFtwlD7KLk2hDVNcjhrJGaAywEk,15023
 reconcile/terraform_cloudflare_users.py,sha256=DfeSnYC9YQgXX6AbJh85tQbJUDv1e2FjiGXgcpVQlPg,13964
 reconcile/terraform_repo.py,sha256=fIVjcxqhG6DR6H8QtQM1RpE9ukanjkjp8iH0tQRhEl8,13042
 reconcile/terraform_resources.py,sha256=WUM0ZEpf2jgcXjfjy3QSwrzpuD6zMN7cyOxetx88f9g,17167
@@ -261,7 +261,7 @@ reconcile/gql_definitions/slack_usergroups/clusters.py,sha256=EsnwVAGFtuev787toH
 reconcile/gql_definitions/slack_usergroups/permissions.py,sha256=fhBQT2uwCi2N5ZEIZhzrzjVvNllp12R0ZS1AVVEM2dA,5519
 reconcile/gql_definitions/slack_usergroups/users.py,sha256=YS6PkZAHy2ZzECTvdO3F6iHGRcEdOswCzsRjifjpMvI,2877
 reconcile/gql_definitions/slo_documents/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-reconcile/gql_definitions/slo_documents/slo_documents.py,sha256=JYtOR4MYMA4nDYJcoWJfSqju_E7GVs8ooAiAr7k8Dq4,3558
+reconcile/gql_definitions/slo_documents/slo_documents.py,sha256=RYbSXYER_0szI3ue0EnhtUeYQr8Yuce5oSyAcCYbrF0,3750
 reconcile/gql_definitions/status_board/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 reconcile/gql_definitions/status_board/status_board.py,sha256=1UU0YDj1Y2mALlGOZb1ecHHDmNpO5BANFCqWXQukPiw,4746
 reconcile/gql_definitions/statuspage/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -404,8 +404,8 @@ reconcile/test/test_sql_query.py,sha256=rC-lf1_isT9i2ZIV9W0hkUkLi2oBIjZMRMhk-6mV
 reconcile/test/test_status_board.py,sha256=WdAq4pFoWWqcOcfgMzssZD3xfvT1QLrEHJqUARldtvA,7875
 reconcile/test/test_terraform_aws_route53.py,sha256=xHggb8K1P76OyCfFcogbkmyKle-NlUylcbDnuv3IqvY,771
 reconcile/test/test_terraform_cloudflare_dns.py,sha256=aQTXX8Vr4h9aWvJZTnpZEhMGYoBpT2d45ZxU_ECIQ6o,3425
-reconcile/test/test_terraform_cloudflare_resources.py,sha256=cWNE2UIhz19rLSWdpJG8xRwuEEYoIZWEkDZY7e2QN_g,3426
-reconcile/test/test_terraform_cloudflare_users.py,sha256=BEC4RCuuR6b3L-KR7cakEcOasPR7XJ7Mca0BnVbawvg,27480
+reconcile/test/test_terraform_cloudflare_resources.py,sha256=D-3yvANpQMW_hmxTthsUvRTuyguqCqLJoLaDX1THDks,9351
+reconcile/test/test_terraform_cloudflare_users.py,sha256=RAFtMMdqZha3jNnNNsqbNQQUDSqUzdoM63rCw7fs4Fo,27456
 reconcile/test/test_terraform_repo.py,sha256=E8Ilo9KCJh4kkUebGUoHZKxYQXh83X84U32CfUAsa28,11109
 reconcile/test/test_terraform_resources.py,sha256=1ny_QSFuRjV9jxZY8EeT4NVJ5dMv7cLrEEIx_cBpjgk,9075
 reconcile/test/test_terraform_tgw_attachments.py,sha256=GgDA8hlQ1ujh5g8PtzbYQbJGpNScEgZ8PvDbMFbn68g,35493
@@ -611,7 +611,7 @@ tools/app_interface_metrics_exporter.py,sha256=zkwkxdAUAxjdc-pzx2_oJXG25fo0Fnyd5
 tools/app_interface_reporter.py,sha256=8HUH8kkW50-plKgiTgCiFINJNN_cl4ZFzmY4aSnRaNk,18270
 tools/glitchtip_access_reporter.py,sha256=oPBnk_YoDuljU3v0FaChzOwwnk4vap1xEE67QEjzdqs,2948
 tools/glitchtip_access_revalidation.py,sha256=8kbBJk04mkq28kWoRDDkfCGIF3GRg3pJrFAh1sW0dbk,2821
-tools/qontract_cli.py,sha256=xEMgcF90wD9gak8JbYemKog0alh_usFhwwvyB356Ukw,97319
+tools/qontract_cli.py,sha256=RvUddiApdgZjDSw3bTm6jP4YxPHzEu-ojK2ZQ5qfZEk,98304
 tools/sd_app_sre_alert_report.py,sha256=e9vAdyenUz2f5c8-z-5WY0wv-SJ9aePKDH2r4IwB6pc,5063
 tools/cli_commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 tools/cli_commands/gpg_encrypt.py,sha256=JryinrDdvztN931enUY3FuDeLVnfs6y58mnK7itNK6Y,4940
@@ -622,8 +622,8 @@ tools/test/test_app_interface_metrics_exporter.py,sha256=dmEcNwZltP1rd_4DbxIYakO
 tools/test/test_qontract_cli.py,sha256=awwTHEc2DWlykuqGIYM0WOBoSL0KRnOraCLk3C7izis,1401
 tools/test/test_sd_app_sre_alert_report.py,sha256=v363r9zM7__0kR5K6mvJoGFcM9BvE33fWAayrqkpojA,2116
 tools/test/test_sre_checkpoints.py,sha256=SKqPPTl9ua0RFdSSofnoQX-JZE6dFLO3LRhfQzqtfh8,2607
-qontract_reconcile-0.10.1rc405.dist-info/METADATA,sha256=bIqWFa2YEDDCInJCzun3qZNNLuo-Ok-3ib1HmGEXccg,2347
-qontract_reconcile-0.10.1rc405.dist-info/WHEEL,sha256=Xo9-1PvkuimrydujYJAjF7pCkriuXBpUPEjma1nZyJ0,92
-qontract_reconcile-0.10.1rc405.dist-info/entry_points.txt,sha256=rTjAv28I_CHLM8ID3OPqMI_suoQ9s7tFbim4aYjn9kk,376
-qontract_reconcile-0.10.1rc405.dist-info/top_level.txt,sha256=l5ISPoXzt0SdR4jVdkfa7RPSKNc8zAHYWAnR-Dw8Ey8,24
-qontract_reconcile-0.10.1rc405.dist-info/RECORD,,
+qontract_reconcile-0.10.1rc407.dist-info/METADATA,sha256=NcDwbiWeb552Q9aFx1UTWckd3qNwj3Mj0yuMKqzhCeo,2347
+qontract_reconcile-0.10.1rc407.dist-info/WHEEL,sha256=Xo9-1PvkuimrydujYJAjF7pCkriuXBpUPEjma1nZyJ0,92
+qontract_reconcile-0.10.1rc407.dist-info/entry_points.txt,sha256=rTjAv28I_CHLM8ID3OPqMI_suoQ9s7tFbim4aYjn9kk,376
+qontract_reconcile-0.10.1rc407.dist-info/top_level.txt,sha256=l5ISPoXzt0SdR4jVdkfa7RPSKNc8zAHYWAnR-Dw8Ey8,24
+qontract_reconcile-0.10.1rc407.dist-info/RECORD,,

reconcile/gql_definitions/slo_documents/slo_documents.py

@@ -25,6 +25,9 @@ query SloDocuments {
     labels
     app {
       name
+      parentApp {
+        name
+      }
     }
     namespaces {
       namespace {
@@ -62,8 +65,13 @@ class ConfiguredBaseModel(BaseModel):
         extra = Extra.forbid
 
 
+class AppV1_AppV1(ConfiguredBaseModel):
+    name: str = Field(..., alias="name")
+
+
 class AppV1(ConfiguredBaseModel):
     name: str = Field(..., alias="name")
+    parent_app: Optional[AppV1_AppV1] = Field(..., alias="parentApp")
 
 
 class ClusterV1(ConfiguredBaseModel):

reconcile/terraform_cloudflare_resources.py

@@ -342,7 +342,7 @@ def run(
     )
 
     if not cloudflare_namespaces:
-        logging.info("No namespaces were detected, nothing to do.")
+        logging.info("No cloudflare namespaces were detected, nothing to do.")
         sys.exit(ExitCodes.SUCCESS)
 
     # Build Cloudflare clients

reconcile/test/test_terraform_cloudflare_resources.py

@@ -1,11 +1,31 @@
+import logging
+
 import pytest
 
-from reconcile.gql_definitions.terraform_cloudflare_dns.terraform_cloudflare_zones import (
-    CloudflareDnsRecordV1,
+import reconcile.terraform_cloudflare_resources as integ
+from reconcile.gql_definitions.common.app_interface_vault_settings import (
+    AppInterfaceSettingsV1,
+)
+from reconcile.gql_definitions.fragments.vault_secret import VaultSecret
+from reconcile.gql_definitions.terraform_cloudflare_resources.terraform_cloudflare_accounts import (
+    AWSAccountV1,
+    AWSTerraformStateIntegrationsV1,
+)
+from reconcile.gql_definitions.terraform_cloudflare_resources.terraform_cloudflare_accounts import (
+    CloudflareAccountV1 as CFAccountV1,
+)
+from reconcile.gql_definitions.terraform_cloudflare_resources.terraform_cloudflare_accounts import (
+    DeletionApprovalV1,
+    TerraformCloudflareAccountsQueryData,
+    TerraformStateAWSV1,
 )
 from reconcile.gql_definitions.terraform_cloudflare_resources.terraform_cloudflare_resources import (
     CloudflareAccountV1,
+    CloudflareDnsRecordV1,
+    CloudflareZoneArgoV1,
+    CloudflareZoneCacheReserveV1,
     CloudflareZoneCertificateV1,
+    CloudflareZoneTieredCacheV1,
     CloudflareZoneWorkerV1,
     ClusterV1,
     NamespaceTerraformProviderResourceCloudflareV1,
@@ -60,16 +80,14 @@ def external_resources(provisioner_config):
                 plan="enterprise",
                 type="full",
                 settings='{"foo": "bar"}',
-                argo={
-                    "tiered_caching": True,
-                    "smart_routing": True,
-                },
-                tiered_cache={
-                    "cache_type": "smart",
-                },
-                cache_reserve={
-                    "enabled": True,
-                },
+                argo=CloudflareZoneArgoV1(
+                    tiered_caching=True,
+                    smart_routing=True,
+                ),
+                tiered_cache=CloudflareZoneTieredCacheV1(
+                    cache_type="smart",
+                ),
+                cache_reserve=CloudflareZoneCacheReserveV1(enabled=True),
                 records=[
                     CloudflareDnsRecordV1(
                         name="record",
@@ -78,8 +96,6 @@ def external_resources(provisioner_config):
                         value="example.com",
                         proxied=False,
                         identifier="record",
-                        priority=None,
-                        data=None,
                     ),
                 ],
                 workers=[
@@ -104,3 +120,154 @@ def external_resources(provisioner_config):
             ),
         ],
     )
+
+
+@pytest.fixture
+def mock_gql(mocker):
+    mocker.patch("reconcile.terraform_cloudflare_resources.gql", autospec=True)
+
+
+@pytest.fixture
+def mock_vault_secret(mocker):
+    mocked_vault_secret = mocker.patch(
+        "reconcile.terraform_cloudflare_resources.get_app_interface_vault_settings",
+        autospec=True,
+    )
+    mocked_vault_secret.return_value = AppInterfaceSettingsV1(vault=False)
+
+
+@pytest.fixture
+def mock_cloudflare_accounts(mocker):
+    mocked_cloudflare_accounts = mocker.patch(
+        "reconcile.terraform_cloudflare_resources.terraform_cloudflare_accounts",
+        autospec=True,
+    )
+    mocked_cloudflare_accounts.query.return_value = (
+        TerraformCloudflareAccountsQueryData(
+            accounts=[
+                CFAccountV1(
+                    name="cfaccount",
+                    providerVersion="0.33.x",
+                    apiCredentials=VaultSecret(
+                        path="somepath",
+                        field="key",
+                        version=1,
+                        format="??",
+                    ),
+                    terraformStateAccount=AWSAccountV1(
+                        name="awsaccoutn",
+                        automationToken=VaultSecret(
+                            path="someotherpath",
+                            field="token",
+                            version=1,
+                            format="",
+                        ),
+                        terraformState=TerraformStateAWSV1(
+                            provider="",
+                            bucket="",
+                            region="",
+                            integrations=[
+                                AWSTerraformStateIntegrationsV1(
+                                    integration="terraform-cloudflare-resources", key=""
+                                )
+                            ],
+                        ),
+                    ),
+                    deletionApprovals=[
+                        DeletionApprovalV1(expiration="", name="", type="")
+                    ],
+                    enforceTwofactor=False,
+                    type="?????",
+                )
+            ]
+        )
+    )
+
+
+@pytest.fixture
+def mock_cloudflare_resources(mocker, external_resources):
+    mocked_cloudflare_resources = mocker.patch(
+        "reconcile.terraform_cloudflare_resources.terraform_cloudflare_resources",
+        autospec=True,
+    )
+    mocked_cloudflare_resources.query.return_value = external_resources
+
+
+def test_cloudflare_accounts_validation(
+    mocker, caplog, mock_gql, mock_vault_secret, mock_cloudflare_resources
+):
+    # Mocking accounts with an empty response
+    mocked_cloudflare_accounts = mocker.patch(
+        "reconcile.terraform_cloudflare_resources.terraform_cloudflare_accounts",
+        autospec=True,
+    )
+    mocked_cloudflare_accounts.query.return_value = (
+        TerraformCloudflareAccountsQueryData(accounts=[])
+    )
+
+    with caplog.at_level(logging.INFO), pytest.raises(SystemExit) as sample:
+        integ.run(True, None, False, 10)
+    assert sample.value.code == 0
+    assert ["No Cloudflare accounts were detected, nothing to do."] == [
+        rec.message for rec in caplog.records
+    ]
+
+
+def test_namespace_validation(
+    mocker, caplog, mock_gql, mock_vault_secret, mock_cloudflare_accounts
+):
+    # Mocking resources without namespaces
+    mocked_resources = mocker.patch(
+        "reconcile.terraform_cloudflare_resources.terraform_cloudflare_resources",
+        autospec=True,
+    )
+
+    mocked_resources.query.return_value = TerraformCloudflareResourcesQueryData(
+        namespaces=[],
+    )
+
+    with caplog.at_level(logging.INFO), pytest.raises(SystemExit) as sample:
+        integ.run(True, None, False, 10)
+    assert sample.value.code == 0
+    assert ["No namespaces were detected, nothing to do."] == [
+        rec.message for rec in caplog.records
+    ]
+
+
+def test_cloudflare_namespace_validation(
+    mocker, caplog, mock_gql, mock_vault_secret, mock_cloudflare_accounts
+):
+    # Mocking resources without cloudflare namespaces
+    mocked_resources = mocker.patch(
+        "reconcile.terraform_cloudflare_resources.terraform_cloudflare_resources",
+        autospec=True,
+    )
+
+    mocked_resources.query.return_value = TerraformCloudflareResourcesQueryData(
+        namespaces=[
+            NamespaceV1(
+                name="namespace1",
+                clusterAdmin=True,
+                cluster=ClusterV1(
+                    name="test-cluster",
+                    serverUrl="http://localhost",
+                    insecureSkipTLSVerify=None,
+                    jumpHost=None,
+                    automationToken=None,
+                    clusterAdminAutomationToken=None,
+                    spec=None,
+                    internal=None,
+                    disable=None,
+                ),
+                managedExternalResources=True,
+                externalResources=[],
+            )
+        ],
+    )
+
+    with caplog.at_level(logging.INFO), pytest.raises(SystemExit) as sample:
+        integ.run(True, None, False, 10)
+    assert sample.value.code == 0
+    assert ["No cloudflare namespaces were detected, nothing to do."] == [
+        rec.message for rec in caplog.records
+    ]

reconcile/test/test_terraform_cloudflare_users.py

@@ -668,7 +668,6 @@ def test_external_spec_with_two_roles_from_different_account_one_user(
         ["redhat.com"],
     )
 
-    print(actual_users)
     expected_users = {
         "cloudflare-account-1": {
             "user1@redhat.com": CloudflareUser(

tools/qontract_cli.py

@@ -66,6 +66,7 @@ from reconcile.gql_definitions.common.app_interface_vault_settings import (
 from reconcile.gql_definitions.fragments.aus_organization import AUSOCMOrganization
 from reconcile.jenkins_job_builder import init_jjb
 from reconcile.slack_base import slackapi_from_queries
+from reconcile.status_board import StatusBoardExporterIntegration
 from reconcile.typed_queries.alerting_services_settings import get_alerting_services
 from reconcile.typed_queries.app_interface_vault_settings import (
     get_app_interface_vault_settings,
@@ -73,6 +74,7 @@ from reconcile.typed_queries.app_interface_vault_settings import (
 from reconcile.typed_queries.clusters import get_clusters
 from reconcile.typed_queries.saas_files import get_saas_files
 from reconcile.typed_queries.slo_documents import get_slo_documents
+from reconcile.typed_queries.status_board import get_status_board
 from reconcile.utils import (
     amtool,
     config,
@@ -2211,8 +2213,9 @@ def ec2_jenkins_workers(ctx, aws_access_key_id, aws_secret_access_key, aws_regio
 
 
 @get.command()
+@click.argument("status-board-instance")
 @click.pass_context
-def slo_document_services(ctx):
+def slo_document_services(ctx, status_board_instance):
     """Print SLO Documents Services"""
     columns = [
         "slo_doc_name",
@@ -2224,15 +2227,37 @@ def slo_document_services(ctx):
         "statusBoardEnabled",
     ]
 
+    try:
+        [sb] = [sb for sb in get_status_board() if sb.name == status_board_instance]
+    except ValueError:
+        print(f"Status-board instance '{status_board_instance}' not found.")
+        sys.exit(1)
+
+    desired_product_apps: dict[
+        str, set[str]
+    ] = StatusBoardExporterIntegration.get_product_apps(sb)
+
     slodocs = []
     for slodoc in get_slo_documents():
         products = [ns.namespace.environment.product.name for ns in slodoc.namespaces]
         for slo in slodoc.slos:
             for product in products:
+                if slodoc.app.parent_app:
+                    app = f"{slodoc.app.parent_app.name}-{slodoc.app.name}"
+                else:
+                    app = slodoc.app.name
+
+                # Skip if the (product, app) is not being generated by the status-board inventory
+                if (
+                    product not in desired_product_apps
+                    or app not in desired_product_apps[product]
+                ):
+                    continue
+
                 item = {
                     "slo_doc_name": slodoc.name,
                     "product": product,
-                    "app": slodoc.app.name,
+                    "app": app,
                     "slo": slo.name,
                     "target": slo.slo_target,
                     "window": slo.slo_parameters.window,