qontract-reconcile 0.10.1rc676__py3-none-any.whl → 0.10.1rc678__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/METADATA +1 -1
- {qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/RECORD +7 -7
- reconcile/terraform_users.py +2 -0
- reconcile/utils/terrascript_aws_client.py +10 -6
- {qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/WHEEL +0 -0
- {qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/entry_points.txt +0 -0
- {qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/top_level.txt +0 -0
{qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/METADATA
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: qontract-reconcile
|
|
3
|
-
Version: 0.10.
|
|
3
|
+
Version: 0.10.1rc678
|
|
4
4
|
Summary: Collection of tools to reconcile services with their desired state as defined in the app-interface DB.
|
|
5
5
|
Home-page: https://github.com/app-sre/qontract-reconcile
|
|
6
6
|
Author: Red Hat App-SRE Team
|
{qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/RECORD
RENAMED
|
@@ -113,7 +113,7 @@ reconcile/terraform_cloudflare_users.py,sha256=1EbTHwJgiPkJpMP-Ag340QNgGK3mXn3dc
|
|
|
113
113
|
reconcile/terraform_repo.py,sha256=c0GZFuY3rCm6VHjHqYbsgOHrEkRWKF_1LrMThsn2XDw,16127
|
|
114
114
|
reconcile/terraform_resources.py,sha256=BN8XuJwjOt1ztruEAHydkd0YiBlb3fHZ7n0snZtRhck,19356
|
|
115
115
|
reconcile/terraform_tgw_attachments.py,sha256=mWr4UU_bNBu9YzPN1MqLQPNlg9FOY7qi5EqQgg7ykos,15938
|
|
116
|
-
reconcile/terraform_users.py,sha256=
|
|
116
|
+
reconcile/terraform_users.py,sha256=aZU2Ps8FnBZxhgWhjLwAIKspw3bpDLNHSPh1j8TNddc,10220
|
|
117
117
|
reconcile/terraform_vpc_peerings.py,sha256=rnDH1u93OyzrBM8Hib0HwSnlxZtx4ScRQaZAcn3mx-k,25402
|
|
118
118
|
reconcile/vault_replication.py,sha256=79GZ_kCimPoQcxkdhkWTQxPOAa46E0mNhf05s_Mk5so,17385
|
|
119
119
|
reconcile/vpc_peerings_validator.py,sha256=Kv22HJVlTW9l9GB2eXwjPWqdDbr_VuvQBNPttox6s5o,7177
|
|
@@ -616,7 +616,7 @@ reconcile/utils/state.py,sha256=zjsprjbOb0WddzmAvh8ACqAt0fcayrX2YPfz7qceRWw,1609
|
|
|
616
616
|
reconcile/utils/structs.py,sha256=LcbLEg8WxfRqM6nW7NhcWN0YeqF7SQzxOgntmLs1SgY,352
|
|
617
617
|
reconcile/utils/template.py,sha256=wTvRU4AnAV_o042tD4Mwls2dwWMuk7MKnde3MaCjaYg,331
|
|
618
618
|
reconcile/utils/terraform_client.py,sha256=7L55Rvxfzj3KtJH8AD8D8YRfBnFpHiTFqSa5e2_9jtk,32092
|
|
619
|
-
reconcile/utils/terrascript_aws_client.py,sha256=
|
|
619
|
+
reconcile/utils/terrascript_aws_client.py,sha256=J8JeJpM0UvPqkixF2f08WaO2q0HNeL9d_ZUAilyXTQU,272557
|
|
620
620
|
reconcile/utils/three_way_diff_strategy.py,sha256=nyqeQsLCoPI6e16k2CF3b9KNgQLU-rPf5RtfdUfVMwE,4468
|
|
621
621
|
reconcile/utils/throughput.py,sha256=iP4UWAe2LVhDo69mPPmgo9nQ7RxHD6_GS8MZe-aSiuM,344
|
|
622
622
|
reconcile/utils/unleash.py,sha256=1D56CsZfE3ShDtN3IErE1T2eeIwNmxhK-yYbCotJ99E,3601
|
|
@@ -723,8 +723,8 @@ tools/test/test_app_interface_metrics_exporter.py,sha256=SX7qL3D1SIRKFo95FoQztvf
|
|
|
723
723
|
tools/test/test_qontract_cli.py,sha256=OvalpVRfY4pNmpMaWHHYqBjV68b1eGQjX8SCyTAXb1w,3501
|
|
724
724
|
tools/test/test_sd_app_sre_alert_report.py,sha256=v363r9zM7__0kR5K6mvJoGFcM9BvE33fWAayrqkpojA,2116
|
|
725
725
|
tools/test/test_sre_checkpoints.py,sha256=SKqPPTl9ua0RFdSSofnoQX-JZE6dFLO3LRhfQzqtfh8,2607
|
|
726
|
-
qontract_reconcile-0.10.
|
|
727
|
-
qontract_reconcile-0.10.
|
|
728
|
-
qontract_reconcile-0.10.
|
|
729
|
-
qontract_reconcile-0.10.
|
|
730
|
-
qontract_reconcile-0.10.
|
|
726
|
+
qontract_reconcile-0.10.1rc678.dist-info/METADATA,sha256=4RcpgGoDdDFMQJWDpH5aR5LLZ5vFQuOuVAIQhzjKXvs,2382
|
|
727
|
+
qontract_reconcile-0.10.1rc678.dist-info/WHEEL,sha256=GJ7t_kWBFywbagK5eo9IoUwLW6oyOeTKmQ-9iHFVNxQ,92
|
|
728
|
+
qontract_reconcile-0.10.1rc678.dist-info/entry_points.txt,sha256=rIxI5zWtHNlfpDeq1a7pZXAPoqf7HG32KMTN3MeWK_8,429
|
|
729
|
+
qontract_reconcile-0.10.1rc678.dist-info/top_level.txt,sha256=l5ISPoXzt0SdR4jVdkfa7RPSKNc8zAHYWAnR-Dw8Ey8,24
|
|
730
|
+
qontract_reconcile-0.10.1rc678.dist-info/RECORD,,
|
reconcile/terraform_users.py
CHANGED
|
@@ -689,6 +689,9 @@ class TerrascriptClient: # pylint: disable=too-many-public-methods
|
|
|
689
689
|
group_name = aws_group["name"]
|
|
690
690
|
group_policies = aws_group["policies"]
|
|
691
691
|
account = aws_group["account"]
|
|
692
|
+
if account["sso"] is True:
|
|
693
|
+
# AWS accounts with SSO enabled do not need IAM groups
|
|
694
|
+
continue
|
|
692
695
|
account_name = account["name"]
|
|
693
696
|
if account_name not in groups:
|
|
694
697
|
groups[account_name] = {}
|
|
@@ -759,6 +762,9 @@ class TerrascriptClient: # pylint: disable=too-many-public-methods
|
|
|
759
762
|
for aws_group in aws_groups:
|
|
760
763
|
group_name = aws_group["name"]
|
|
761
764
|
account = aws_group["account"]
|
|
765
|
+
if account["sso"] is True:
|
|
766
|
+
# AWS accounts with SSO enabled do not need IAM users
|
|
767
|
+
continue
|
|
762
768
|
account_name = account["name"]
|
|
763
769
|
account_console_url = account["consoleUrl"]
|
|
764
770
|
|
|
@@ -841,15 +847,13 @@ class TerrascriptClient: # pylint: disable=too-many-public-methods
|
|
|
841
847
|
self.add_resource(account_name, tf_output)
|
|
842
848
|
|
|
843
849
|
for user_policy in user_policies:
|
|
850
|
+
if user_policy["account"]["sso"] is True:
|
|
851
|
+
# AWS accounts with SSO enabled do not need user policies
|
|
852
|
+
continue
|
|
844
853
|
policy_name = user_policy["name"]
|
|
845
854
|
account_name = user_policy["account"]["name"]
|
|
846
|
-
account_uid = user_policy["account"]["uid"]
|
|
847
855
|
for user in users:
|
|
848
|
-
# replace known keys with values
|
|
849
856
|
user_name = self._get_aws_username(user)
|
|
850
|
-
policy = user_policy["policy"]
|
|
851
|
-
policy = policy.replace("${aws:username}", user_name)
|
|
852
|
-
policy = policy.replace("${aws:accountid}", account_uid)
|
|
853
857
|
|
|
854
858
|
# Ref: terraform aws_iam_policy
|
|
855
859
|
tf_iam_user = self.get_tf_iam_user(user_name)
|
|
@@ -857,7 +861,7 @@ class TerrascriptClient: # pylint: disable=too-many-public-methods
|
|
|
857
861
|
tf_aws_iam_policy = aws_iam_policy(
|
|
858
862
|
identifier,
|
|
859
863
|
name=identifier,
|
|
860
|
-
policy=policy,
|
|
864
|
+
policy=user_policy["policy"],
|
|
861
865
|
)
|
|
862
866
|
self.add_resource(account_name, tf_aws_iam_policy)
|
|
863
867
|
# Ref: terraform aws_iam_user_policy_attachment
|
|
File without changes
|
|
File without changes
|
{qontract_reconcile-0.10.1rc676.dist-info → qontract_reconcile-0.10.1rc678.dist-info}/top_level.txt
RENAMED
|
File without changes
|