qontract-reconcile 0.10.2.dev149__py3-none-any.whl → 0.10.2.dev152__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/METADATA +1 -1
- {qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/RECORD +10 -10
- reconcile/gql_definitions/introspection.json +71 -0
- reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +13 -1
- reconcile/openshift_saas_deploy_trigger_base.py +7 -1
- reconcile/openshift_tekton_resources.py +3 -0
- reconcile/queries.py +1 -0
- reconcile/utils/terrascript_aws_client.py +24 -0
- {qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/WHEEL +0 -0
- {qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/entry_points.txt +0 -0
{qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/METADATA
RENAMED
@@ -1,6 +1,6 @@
|
|
1
1
|
Metadata-Version: 2.4
|
2
2
|
Name: qontract-reconcile
|
3
|
-
Version: 0.10.2.
|
3
|
+
Version: 0.10.2.dev152
|
4
4
|
Summary: Collection of tools to reconcile services with their desired state as defined in the app-interface DB.
|
5
5
|
Project-URL: homepage, https://github.com/app-sre/qontract-reconcile
|
6
6
|
Project-URL: repository, https://github.com/app-sre/qontract-reconcile
|
{qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/RECORD
RENAMED
@@ -77,14 +77,14 @@ reconcile/openshift_rolebindings.py,sha256=9mlJ2FjWUoH-rsjtasreA_hV-K5Z_YR00qR_R
|
|
77
77
|
reconcile/openshift_routes.py,sha256=fXvuPSjcjVw1X3j2EQvUAdbOepmIFdKk-M3qP8QzPiw,1075
|
78
78
|
reconcile/openshift_saas_deploy.py,sha256=T1dvb9zajisaJNjbnR6-AZHU-itscHtr4oCqLj8KCK0,13037
|
79
79
|
reconcile/openshift_saas_deploy_change_tester.py,sha256=12uyBwaeMka1C3_pejmQPIBPAx2V1sJ4dJkScq-2e2M,8793
|
80
|
-
reconcile/openshift_saas_deploy_trigger_base.py,sha256=
|
80
|
+
reconcile/openshift_saas_deploy_trigger_base.py,sha256=3ypo4RNmJmrGfiyS-2OcoyITVi10LWch6JITikejlBM,14204
|
81
81
|
reconcile/openshift_saas_deploy_trigger_cleaner.py,sha256=roLyVAVntaQptKaZbnN1LyLvCA8fyvqELfjU6M8xfeY,3511
|
82
82
|
reconcile/openshift_saas_deploy_trigger_configs.py,sha256=eUejMGWuaQabZTLuvPLLvROfN5HOFyYZOpH4YEsiU_g,928
|
83
83
|
reconcile/openshift_saas_deploy_trigger_images.py,sha256=iUsiBGJf-CyFw7tSLWo59rXmSvsVnN6TTaAObbsVpNg,936
|
84
84
|
reconcile/openshift_saas_deploy_trigger_moving_commits.py,sha256=fpanSH-EGH15C9me--0VSpcpaw9BY4RTb8_mPtsSZGc,942
|
85
85
|
reconcile/openshift_saas_deploy_trigger_upstream_jobs.py,sha256=0CjfeVQE0QrRrOVuTxkXvBUdKNtYLYuX4mZRB48PQ9g,940
|
86
86
|
reconcile/openshift_serviceaccount_tokens.py,sha256=SaYT8g_T1W8P8r391ZWV1rYv5BfFxy8x_HIM9XqAm3g,8906
|
87
|
-
reconcile/openshift_tekton_resources.py,sha256=
|
87
|
+
reconcile/openshift_tekton_resources.py,sha256=ZAhPhj5dXxOF2XdNTeksAX-oa2gVCIbL45Gep05nG90,16267
|
88
88
|
reconcile/openshift_upgrade_watcher.py,sha256=9IB321hlRZZhzdaR9G3zoWAhVv0-KzNiEqx73p3-wmk,6539
|
89
89
|
reconcile/openshift_users.py,sha256=JUWLb13USlQ4KvXZVsi3JES4csZnXlH0plhxskg_p6A,5300
|
90
90
|
reconcile/openshift_vault_secrets.py,sha256=9rTqV6wzCQx2Oh712E_Xj8wMG7u8Oh-pY8DWjlv4mZw,1660
|
@@ -94,7 +94,7 @@ reconcile/quay_mirror.py,sha256=0KtQFwrvMNtlsPJ9F_-ICaVIjgIUjFxqipvAPcvyg3Q,1533
|
|
94
94
|
reconcile/quay_mirror_org.py,sha256=tXKuF6JtmaNRwu8_g_65U_Vpd6sFBYeXmJA-flVhylE,10764
|
95
95
|
reconcile/quay_permissions.py,sha256=9KOutS1w4RFQqkvMSy54VtsKNx56-phzP6yI_rEW-B8,4244
|
96
96
|
reconcile/quay_repos.py,sha256=cuEYG0HUe0ut5yvLdEwOF5-CmccpXQHRb_wDazvDrvQ,6895
|
97
|
-
reconcile/queries.py,sha256=
|
97
|
+
reconcile/queries.py,sha256=JbkF6F13xdToj1WgWzkK7aU1Gf_gFbjuJvdsyQrZ1iw,50905
|
98
98
|
reconcile/query_validator.py,sha256=MSh5pKLBksws4AqfuvT8nrIGucIbqX-IOzYyPYTLO7k,1491
|
99
99
|
reconcile/requests_sender.py,sha256=914iluuF4UVgG3VyxxtnHOu4yf6YKS2fIy6PViSsFTQ,3875
|
100
100
|
reconcile/resource_scraper.py,sha256=znXCHrU7YwPfKuxGBiUrV7T1tYtn4vlz9qmZlfy6Flg,2307
|
@@ -227,7 +227,7 @@ reconcile/glitchtip_project_alerts/integration.py,sha256=BgMx-NyV9mTuv7Sotb2OioC
|
|
227
227
|
reconcile/glitchtip_project_dsn/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
228
228
|
reconcile/glitchtip_project_dsn/integration.py,sha256=2iugub-kHYkHNK33n0v9_TeWonuxCPah_VkoTPvaajE,8077
|
229
229
|
reconcile/gql_definitions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
230
|
-
reconcile/gql_definitions/introspection.json,sha256=
|
230
|
+
reconcile/gql_definitions/introspection.json,sha256=8tA2_ZuvhmWLNRV1-JvZeVTdyUDYAVvdSe0mvxm_Uag,2286927
|
231
231
|
reconcile/gql_definitions/acs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
232
232
|
reconcile/gql_definitions/acs/acs_instances.py,sha256=L91WW9LbhJbBSrECqShQpFtjoBOsmNIYLRpMbx1io5o,2181
|
233
233
|
reconcile/gql_definitions/acs/acs_policies.py,sha256=bN5i4mks10Z23KJSj7jqp966Osq2dps4d-sPH9gjxEA,7008
|
@@ -432,7 +432,7 @@ reconcile/gql_definitions/terraform_repo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5
|
|
432
432
|
reconcile/gql_definitions/terraform_repo/terraform_repo.py,sha256=9cDKdP9ziBh9J_mw2Gi6GUOP4mFxMABY_D62qSeMtJI,3881
|
433
433
|
reconcile/gql_definitions/terraform_resources/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
434
434
|
reconcile/gql_definitions/terraform_resources/database_access_manager.py,sha256=yv0_YC-LmhaKD_gyGG3le1w5BtypBjlsO894-Zgdg4U,4813
|
435
|
-
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py,sha256=
|
435
|
+
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py,sha256=6Er4NT3hHT66tFCBlyBeyGXDzxO_OYiL36lCe8JM9vQ,44562
|
436
436
|
reconcile/gql_definitions/terraform_tgw_attachments/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
437
437
|
reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py,sha256=FPyPEikpkZ_kvHfXqnkzSUDNmxMMTiUwhI-eLQtuIHM,2616
|
438
438
|
reconcile/gql_definitions/unleash_feature_toggles/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
@@ -657,7 +657,7 @@ reconcile/utils/state.py,sha256=az4tBmZ0EdbFcAGiBVUxs3cr2-BVWsuDQiNTvjjQq8s,1637
|
|
657
657
|
reconcile/utils/structs.py,sha256=LcbLEg8WxfRqM6nW7NhcWN0YeqF7SQzxOgntmLs1SgY,352
|
658
658
|
reconcile/utils/template.py,sha256=wTvRU4AnAV_o042tD4Mwls2dwWMuk7MKnde3MaCjaYg,331
|
659
659
|
reconcile/utils/terraform_client.py,sha256=IDlrNvGEc2i6ElZIL_fzaJEad1nRC3DkP9_VXhJXmU0,37329
|
660
|
-
reconcile/utils/terrascript_aws_client.py,sha256=
|
660
|
+
reconcile/utils/terrascript_aws_client.py,sha256=WMT9cZ4Cu4vjiIgRiTMyZ3Iio2_HNODg2OlrWGW9nQA,288803
|
661
661
|
reconcile/utils/three_way_diff_strategy.py,sha256=oQcHXd9LVhirJfoaOBoHUYuZVGfyL2voKr6KVI34zZE,4833
|
662
662
|
reconcile/utils/throughput.py,sha256=iP4UWAe2LVhDo69mPPmgo9nQ7RxHD6_GS8MZe-aSiuM,344
|
663
663
|
reconcile/utils/vault.py,sha256=aSA8l9cJlPUHpChFGl27nSY-Mpq9FMjBo7Dcgb1BVfM,15036
|
@@ -797,7 +797,7 @@ tools/saas_promotion_state/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJ
|
|
797
797
|
tools/saas_promotion_state/saas_promotion_state.py,sha256=UfwwRLS5Ya4_Nh1w5n1dvoYtchQvYE9yj1VANt2IKqI,3925
|
798
798
|
tools/sre_checkpoints/__init__.py,sha256=CDaDaywJnmRCLyl_NCcvxi-Zc0hTi_3OdwKiFOyS39I,145
|
799
799
|
tools/sre_checkpoints/util.py,sha256=zEDbGr18ZeHNQwW8pUsr2JRjuXIPz--WAGJxZo9sv_Y,894
|
800
|
-
qontract_reconcile-0.10.2.
|
801
|
-
qontract_reconcile-0.10.2.
|
802
|
-
qontract_reconcile-0.10.2.
|
803
|
-
qontract_reconcile-0.10.2.
|
800
|
+
qontract_reconcile-0.10.2.dev152.dist-info/METADATA,sha256=vJsdGK7g6V30epBk2e5-Z3IjYTweJywk5bBbC636psU,24627
|
801
|
+
qontract_reconcile-0.10.2.dev152.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
802
|
+
qontract_reconcile-0.10.2.dev152.dist-info/entry_points.txt,sha256=5i9l54La3vQrDLAdwDKQWC0iG4sV9RRfOb1BpvzOWLc,698
|
803
|
+
qontract_reconcile-0.10.2.dev152.dist-info/RECORD,,
|
@@ -46845,6 +46845,65 @@
|
|
46845
46845
|
"enumValues": null,
|
46846
46846
|
"possibleTypes": null
|
46847
46847
|
},
|
46848
|
+
{
|
46849
|
+
"kind": "OBJECT",
|
46850
|
+
"name": "NamespaceTerraformResourceALBMutualAuthentication_v1",
|
46851
|
+
"description": null,
|
46852
|
+
"fields": [
|
46853
|
+
{
|
46854
|
+
"name": "mode",
|
46855
|
+
"description": null,
|
46856
|
+
"args": [],
|
46857
|
+
"type": {
|
46858
|
+
"kind": "NON_NULL",
|
46859
|
+
"name": null,
|
46860
|
+
"ofType": {
|
46861
|
+
"kind": "SCALAR",
|
46862
|
+
"name": "String",
|
46863
|
+
"ofType": null
|
46864
|
+
}
|
46865
|
+
},
|
46866
|
+
"isDeprecated": false,
|
46867
|
+
"deprecationReason": null
|
46868
|
+
},
|
46869
|
+
{
|
46870
|
+
"name": "ca_cert_bundle_s3_bucket_name",
|
46871
|
+
"description": null,
|
46872
|
+
"args": [],
|
46873
|
+
"type": {
|
46874
|
+
"kind": "NON_NULL",
|
46875
|
+
"name": null,
|
46876
|
+
"ofType": {
|
46877
|
+
"kind": "SCALAR",
|
46878
|
+
"name": "String",
|
46879
|
+
"ofType": null
|
46880
|
+
}
|
46881
|
+
},
|
46882
|
+
"isDeprecated": false,
|
46883
|
+
"deprecationReason": null
|
46884
|
+
},
|
46885
|
+
{
|
46886
|
+
"name": "ca_cert_bundle_s3_bucket_key",
|
46887
|
+
"description": null,
|
46888
|
+
"args": [],
|
46889
|
+
"type": {
|
46890
|
+
"kind": "NON_NULL",
|
46891
|
+
"name": null,
|
46892
|
+
"ofType": {
|
46893
|
+
"kind": "SCALAR",
|
46894
|
+
"name": "String",
|
46895
|
+
"ofType": null
|
46896
|
+
}
|
46897
|
+
},
|
46898
|
+
"isDeprecated": false,
|
46899
|
+
"deprecationReason": null
|
46900
|
+
}
|
46901
|
+
],
|
46902
|
+
"inputFields": null,
|
46903
|
+
"interfaces": [],
|
46904
|
+
"enumValues": null,
|
46905
|
+
"possibleTypes": null
|
46906
|
+
},
|
46848
46907
|
{
|
46849
46908
|
"kind": "OBJECT",
|
46850
46909
|
"name": "NamespaceTerraformResourceALB_v1",
|
@@ -47010,6 +47069,18 @@
|
|
47010
47069
|
"isDeprecated": false,
|
47011
47070
|
"deprecationReason": null
|
47012
47071
|
},
|
47072
|
+
{
|
47073
|
+
"name": "mutual_authentication",
|
47074
|
+
"description": null,
|
47075
|
+
"args": [],
|
47076
|
+
"type": {
|
47077
|
+
"kind": "OBJECT",
|
47078
|
+
"name": "NamespaceTerraformResourceALBMutualAuthentication_v1",
|
47079
|
+
"ofType": null
|
47080
|
+
},
|
47081
|
+
"isDeprecated": false,
|
47082
|
+
"deprecationReason": null
|
47083
|
+
},
|
47013
47084
|
{
|
47014
47085
|
"name": "targets",
|
47015
47086
|
"description": null,
|
@@ -312,6 +312,11 @@ query TerraformResourcesNamespaces {
|
|
312
312
|
ip_address_type
|
313
313
|
access_logs
|
314
314
|
ssl_policy
|
315
|
+
mutual_authentication {
|
316
|
+
mode
|
317
|
+
ca_cert_bundle_s3_bucket_name
|
318
|
+
ca_cert_bundle_s3_bucket_key
|
319
|
+
}
|
315
320
|
targets {
|
316
321
|
name
|
317
322
|
default
|
@@ -808,6 +813,12 @@ class NamespaceTerraformResourceS3CloudFrontPublicKeyV1(NamespaceTerraformResour
|
|
808
813
|
annotations: Optional[str] = Field(..., alias="annotations")
|
809
814
|
|
810
815
|
|
816
|
+
class NamespaceTerraformResourceALBMutualAuthenticationV1(ConfiguredBaseModel):
|
817
|
+
mode: str = Field(..., alias="mode")
|
818
|
+
ca_cert_bundle_s3_bucket_name: str = Field(..., alias="ca_cert_bundle_s3_bucket_name")
|
819
|
+
ca_cert_bundle_s3_bucket_key: str = Field(..., alias="ca_cert_bundle_s3_bucket_key")
|
820
|
+
|
821
|
+
|
811
822
|
class NamespaceTerraformResourceALBTargetHealthcheckV1(ConfiguredBaseModel):
|
812
823
|
unhealthy_threshold: Optional[int] = Field(..., alias="unhealthy_threshold")
|
813
824
|
timeout: Optional[int] = Field(..., alias="timeout")
|
@@ -904,6 +915,7 @@ class NamespaceTerraformResourceALBV1(NamespaceTerraformResourceAWSV1):
|
|
904
915
|
ip_address_type: Optional[str] = Field(..., alias="ip_address_type")
|
905
916
|
access_logs: Optional[bool] = Field(..., alias="access_logs")
|
906
917
|
ssl_policy: Optional[str] = Field(..., alias="ssl_policy")
|
918
|
+
mutual_authentication: Optional[NamespaceTerraformResourceALBMutualAuthenticationV1] = Field(..., alias="mutual_authentication")
|
907
919
|
targets: list[NamespaceTerraformResourceALBTargetsV1] = Field(..., alias="targets")
|
908
920
|
rules: list[NamespaceTerraformResourceALBRulesV1] = Field(..., alias="rules")
|
909
921
|
output_resource_name: Optional[str] = Field(..., alias="output_resource_name")
|
@@ -1043,7 +1055,7 @@ class NamespaceTerraformResourceMskV1(NamespaceTerraformResourceAWSV1):
|
|
1043
1055
|
|
1044
1056
|
|
1045
1057
|
class NamespaceTerraformProviderResourceAWSV1(NamespaceExternalResourceV1):
|
1046
|
-
resources: list[Union[NamespaceTerraformResourceRDSV1,
|
1058
|
+
resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceALBV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceRoleV1, NamespaceTerraformResourceS3V1, NamespaceTerraformResourceASGV1, NamespaceTerraformResourceElastiCacheV1, NamespaceTerraformResourceSNSTopicV1, NamespaceTerraformResourceServiceAccountV1, NamespaceTerraformResourceS3SQSV1, NamespaceTerraformResourceCloudWatchV1, NamespaceTerraformResourceKMSV1, NamespaceTerraformResourceRosaAuthenticatorVPCEV1, NamespaceTerraformResourceMskV1, NamespaceTerraformResourceS3CloudFrontV1, NamespaceTerraformResourceElasticSearchV1, NamespaceTerraformResourceACMV1, NamespaceTerraformResourceKinesisV1, NamespaceTerraformResourceRoute53ZoneV1, NamespaceTerraformResourceSQSV1, NamespaceTerraformResourceDynamoDBV1, NamespaceTerraformResourceECRV1, NamespaceTerraformResourceS3CloudFrontPublicKeyV1, NamespaceTerraformResourceSecretsManagerV1, NamespaceTerraformResourceSecretsManagerServiceAccountV1, NamespaceTerraformResourceAWSV1]] = Field(..., alias="resources")
|
1047
1059
|
|
1048
1060
|
|
1049
1061
|
class EnvironmentV1(ConfiguredBaseModel):
|
@@ -376,7 +376,13 @@ def _construct_tekton_trigger_resource(
|
|
376
376
|
body: dict[str, Any] = {
|
377
377
|
"apiVersion": "tekton.dev/v1",
|
378
378
|
"kind": "PipelineRun",
|
379
|
-
"metadata": {
|
379
|
+
"metadata": {
|
380
|
+
"generateName": f"{name}-",
|
381
|
+
"labels": {
|
382
|
+
"qontract.saas_file_name": saas_file_name,
|
383
|
+
"qontract.env_name": env_name,
|
384
|
+
},
|
385
|
+
},
|
380
386
|
"spec": {
|
381
387
|
"pipelineRef": {"name": tkn_pipeline_name},
|
382
388
|
"params": parameters,
|
@@ -139,6 +139,9 @@ def fetch_desired_resources(
|
|
139
139
|
while we are migrating from the current system to this integration"""
|
140
140
|
desired_resources = []
|
141
141
|
for tknp in tkn_providers.values():
|
142
|
+
if tknp["namespace"]["delete"]:
|
143
|
+
continue
|
144
|
+
|
142
145
|
namespace = tknp["namespace"]["name"]
|
143
146
|
cluster = tknp["namespace"]["cluster"]["name"]
|
144
147
|
deploy_resources = tknp.get("deployResources") or DEFAULT_DEPLOY_RESOURCES
|
reconcile/queries.py
CHANGED
@@ -358,6 +358,10 @@ class cloudinit_config(Data):
|
|
358
358
|
pass
|
359
359
|
|
360
360
|
|
361
|
+
class aws_lb_trust_store(Resource):
|
362
|
+
pass
|
363
|
+
|
364
|
+
|
361
365
|
# temporary until we upgrade to a terrascript release
|
362
366
|
# that supports this provider
|
363
367
|
# https://github.com/mjuenema/python-terrascript/pull/166
|
@@ -5493,6 +5497,26 @@ class TerrascriptClient: # pylint: disable=too-many-public-methods
|
|
5493
5497
|
},
|
5494
5498
|
"depends_on": self.get_dependencies([lb_tf_resource, default_target]),
|
5495
5499
|
}
|
5500
|
+
|
5501
|
+
# mutual authentication section
|
5502
|
+
if mutual_authentication := resource.get("mutual_authentication"):
|
5503
|
+
trust_store_values = {
|
5504
|
+
"ca_certificates_bundle_s3_bucket": mutual_authentication[
|
5505
|
+
"ca_cert_bundle_s3_bucket_name"
|
5506
|
+
],
|
5507
|
+
"ca_certificates_bundle_s3_key": mutual_authentication[
|
5508
|
+
"ca_cert_bundle_s3_bucket_key"
|
5509
|
+
],
|
5510
|
+
}
|
5511
|
+
trust_store = aws_lb_trust_store(
|
5512
|
+
f"{identifier}-trust-store", **trust_store_values
|
5513
|
+
)
|
5514
|
+
tf_resources.append(trust_store)
|
5515
|
+
values["mutual_authentication"] = {
|
5516
|
+
"mode": mutual_authentication["mode"],
|
5517
|
+
"trust_store_arn": f"${{{trust_store.arn}}}",
|
5518
|
+
}
|
5519
|
+
|
5496
5520
|
forward_identifier = f"{identifier}-forward"
|
5497
5521
|
forward_lbl_tf_resource = aws_lb_listener(forward_identifier, **values)
|
5498
5522
|
tf_resources.append(forward_lbl_tf_resource)
|
{qontract_reconcile-0.10.2.dev149.dist-info → qontract_reconcile-0.10.2.dev152.dist-info}/WHEEL
RENAMED
File without changes
|
File without changes
|