qontract-reconcile 0.10.2.dev191__py3-none-any.whl → 0.10.2.dev193__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/METADATA +1 -1
- {qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/RECORD +7 -7
- reconcile/gitlab_housekeeping.py +3 -1
- reconcile/openshift_resources_base.py +10 -3
- reconcile/sql_query.py +30 -19
- {qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/WHEEL +0 -0
- {qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/entry_points.txt +0 -0
{qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/METADATA
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: qontract-reconcile
|
|
3
|
-
Version: 0.10.2.
|
|
3
|
+
Version: 0.10.2.dev193
|
|
4
4
|
Summary: Collection of tools to reconcile services with their desired state as defined in the app-interface DB.
|
|
5
5
|
Project-URL: homepage, https://github.com/app-sre/qontract-reconcile
|
|
6
6
|
Project-URL: repository, https://github.com/app-sre/qontract-reconcile
|
{qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/RECORD
RENAMED
|
@@ -29,7 +29,7 @@ reconcile/github_repo_permissions_validator.py,sha256=PNqL4dqa2OaNBy-NmLVN-t1HZa
|
|
|
29
29
|
reconcile/github_users.py,sha256=ZeYNMyvZPVMx6mh5TiKEUQy4W1uw3VmUZOHiXus5I0Y,5073
|
|
30
30
|
reconcile/github_validator.py,sha256=-j17tn3csFVjPMSPL3te48iWVkPZCncRXdeKeLdGjjQ,931
|
|
31
31
|
reconcile/gitlab_fork_compliance.py,sha256=RbHckzLnE9zkOFHJANzoejEMMbMAivmqJVs3Suvp9lU,4591
|
|
32
|
-
reconcile/gitlab_housekeeping.py,sha256=
|
|
32
|
+
reconcile/gitlab_housekeeping.py,sha256=U8DKWsFZe7Q3ArN5WSlrPM8Pxxf2_4V0KgvQAnm1mSQ,25550
|
|
33
33
|
reconcile/gitlab_labeler.py,sha256=BA2dbXsN9hErUwJl22qcxfeH7XiPCuQ9LN3NddWdnpo,4540
|
|
34
34
|
reconcile/gitlab_members.py,sha256=yRZOZqwB9_FJ5DWIFEod6hoG0X38z36atInNshAWddI,8263
|
|
35
35
|
reconcile/gitlab_mr_sqs_consumer.py,sha256=i_MDVfA3Uk_TJiNkfEJzhO6_rwR7z3I3dH9oEw686U4,2681
|
|
@@ -71,7 +71,7 @@ reconcile/openshift_network_policies.py,sha256=p81ShFK1WSEGiWHVURopDpg8YvtA3RE3O
|
|
|
71
71
|
reconcile/openshift_prometheus_rules.py,sha256=onowXab248zmHH8SbYDTc1W1bl7JiqRFU1xdTkZyLFg,1332
|
|
72
72
|
reconcile/openshift_resourcequotas.py,sha256=yUi56PiOn3inMMfq_x_FEHmaW-reGipzoorjdar372g,2415
|
|
73
73
|
reconcile/openshift_resources.py,sha256=I2nO_C37mG3rfyGrd4cGwN3mVseVGuTAHAyhFzLyqF4,1518
|
|
74
|
-
reconcile/openshift_resources_base.py,sha256=
|
|
74
|
+
reconcile/openshift_resources_base.py,sha256=3HudPdM7EE0HNWUn1eu0O20Ij25fqGisaDBMVvTk1fk,41768
|
|
75
75
|
reconcile/openshift_rolebindings.py,sha256=9mlJ2FjWUoH-rsjtasreA_hV-K5Z_YR00qR_RR60OZM,6555
|
|
76
76
|
reconcile/openshift_routes.py,sha256=fXvuPSjcjVw1X3j2EQvUAdbOepmIFdKk-M3qP8QzPiw,1075
|
|
77
77
|
reconcile/openshift_saas_deploy.py,sha256=T1dvb9zajisaJNjbnR6-AZHU-itscHtr4oCqLj8KCK0,13037
|
|
@@ -105,7 +105,7 @@ reconcile/service_dependencies.py,sha256=G2qCuYFc8wQLpRxkdhmibxSAl3nUM3hcan4x50W
|
|
|
105
105
|
reconcile/signalfx_endpoint_monitoring.py,sha256=Nqgsg1cflSd2nNnm89y_e8c--7xLUqTrKOHkDs-qADE,2868
|
|
106
106
|
reconcile/slack_base.py,sha256=I-msunWxfgu5bSwXYulGbtLjxUB_tRmTCAUCU-3nabI,3484
|
|
107
107
|
reconcile/slack_usergroups.py,sha256=xFkVe67RXSUj8JvpfSFEiRdQzB0TnJJEHW_b5PEwLng,30213
|
|
108
|
-
reconcile/sql_query.py,sha256=
|
|
108
|
+
reconcile/sql_query.py,sha256=auZCWe6dytsDp83Imfo4zqkpMCLRXU007IUlPeUE3j4,26376
|
|
109
109
|
reconcile/status.py,sha256=cY4IJFXemhxptRJqR4qaaOWqei9e4jgLXuVSGajMsjg,544
|
|
110
110
|
reconcile/status_board.py,sha256=kJ0bus_wdyX3zsFJuUPrH4n9BNG_jhDbiQ3waOLVRBE,8538
|
|
111
111
|
reconcile/terraform_aws_route53.py,sha256=dQzzT46YhwRA902_H6pi-f7WlX4EaH187wXSdmJAUkQ,9958
|
|
@@ -809,7 +809,7 @@ tools/saas_promotion_state/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJ
|
|
|
809
809
|
tools/saas_promotion_state/saas_promotion_state.py,sha256=UfwwRLS5Ya4_Nh1w5n1dvoYtchQvYE9yj1VANt2IKqI,3925
|
|
810
810
|
tools/sre_checkpoints/__init__.py,sha256=CDaDaywJnmRCLyl_NCcvxi-Zc0hTi_3OdwKiFOyS39I,145
|
|
811
811
|
tools/sre_checkpoints/util.py,sha256=zEDbGr18ZeHNQwW8pUsr2JRjuXIPz--WAGJxZo9sv_Y,894
|
|
812
|
-
qontract_reconcile-0.10.2.
|
|
813
|
-
qontract_reconcile-0.10.2.
|
|
814
|
-
qontract_reconcile-0.10.2.
|
|
815
|
-
qontract_reconcile-0.10.2.
|
|
812
|
+
qontract_reconcile-0.10.2.dev193.dist-info/METADATA,sha256=RO4qwLdb35AWDUmBLVj6VloYRszUVF6RgCjA2_x4P_w,24555
|
|
813
|
+
qontract_reconcile-0.10.2.dev193.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
814
|
+
qontract_reconcile-0.10.2.dev193.dist-info/entry_points.txt,sha256=5i9l54La3vQrDLAdwDKQWC0iG4sV9RRfOb1BpvzOWLc,698
|
|
815
|
+
qontract_reconcile-0.10.2.dev193.dist-info/RECORD,,
|
reconcile/gitlab_housekeeping.py
CHANGED
|
@@ -72,6 +72,7 @@ HOLD_LABELS = [
|
|
|
72
72
|
QONTRACT_INTEGRATION = "gitlab-housekeeping"
|
|
73
73
|
DATE_FORMAT = "%Y-%m-%dT%H:%M:%S.%fZ"
|
|
74
74
|
EXPIRATION_DATE_FORMAT = "%Y-%m-%d"
|
|
75
|
+
SQUASH_OPTION_ALWAYS = "always"
|
|
75
76
|
|
|
76
77
|
merged_merge_requests = Counter(
|
|
77
78
|
name="qontract_reconcile_merged_merge_requests",
|
|
@@ -613,7 +614,8 @@ def merge_merge_requests(
|
|
|
613
614
|
logging.info(["merge", gl.project.name, mr.iid])
|
|
614
615
|
if not dry_run and merges < merge_limit:
|
|
615
616
|
try:
|
|
616
|
-
mr.
|
|
617
|
+
squash = (gl.project.squash_option == SQUASH_OPTION_ALWAYS) or mr.squash
|
|
618
|
+
mr.merge(squash=squash)
|
|
617
619
|
labels = mr.labels
|
|
618
620
|
merged_merge_requests.labels(
|
|
619
621
|
project_id=mr.target_project_id,
|
|
@@ -62,7 +62,7 @@ from reconcile.utils.openshift_resource import (
|
|
|
62
62
|
)
|
|
63
63
|
from reconcile.utils.openshift_resource import OpenshiftResource as OR
|
|
64
64
|
from reconcile.utils.runtime.integration import DesiredStateShardConfig
|
|
65
|
-
from reconcile.utils.secret_reader import SecretReader
|
|
65
|
+
from reconcile.utils.secret_reader import SecretReader, SecretReaderBase
|
|
66
66
|
from reconcile.utils.semver_helper import make_semver
|
|
67
67
|
from reconcile.utils.sharding import is_in_shard
|
|
68
68
|
from reconcile.utils.vault import (
|
|
@@ -402,9 +402,16 @@ def fetch_provider_vault_secret(
|
|
|
402
402
|
validate_alertmanager_config: bool = False,
|
|
403
403
|
alertmanager_config_key: str = "alertmanager.yaml",
|
|
404
404
|
settings: Mapping[str, Any] | None = None,
|
|
405
|
+
secret_reader: SecretReaderBase | None = None,
|
|
405
406
|
) -> OR:
|
|
406
|
-
|
|
407
|
-
|
|
407
|
+
if not secret_reader and not settings:
|
|
408
|
+
raise Exception(
|
|
409
|
+
"Parameter settings or secret_reader must be provided to run fetch_provider_vault_secret."
|
|
410
|
+
)
|
|
411
|
+
|
|
412
|
+
if not secret_reader:
|
|
413
|
+
# get the fields from vault
|
|
414
|
+
secret_reader = SecretReader(settings)
|
|
408
415
|
raw_data = {
|
|
409
416
|
k: v
|
|
410
417
|
for k, v in secret_reader.read_all({"path": path, "version": version}).items()
|
reconcile/sql_query.py
CHANGED
|
@@ -19,6 +19,9 @@ from reconcile import (
|
|
|
19
19
|
)
|
|
20
20
|
from reconcile import openshift_resources_base as orb
|
|
21
21
|
from reconcile.status import ExitCodes
|
|
22
|
+
from reconcile.typed_queries.app_interface_vault_settings import (
|
|
23
|
+
get_app_interface_vault_settings,
|
|
24
|
+
)
|
|
22
25
|
from reconcile.utils.defer import defer
|
|
23
26
|
from reconcile.utils.external_resources import get_external_resource_specs
|
|
24
27
|
from reconcile.utils.oc import (
|
|
@@ -30,7 +33,10 @@ from reconcile.utils.openshift_resource import (
|
|
|
30
33
|
ResourceInventory,
|
|
31
34
|
)
|
|
32
35
|
from reconcile.utils.ruamel import create_ruamel_instance
|
|
33
|
-
from reconcile.utils.secret_reader import
|
|
36
|
+
from reconcile.utils.secret_reader import (
|
|
37
|
+
SecretReaderBase,
|
|
38
|
+
create_secret_reader,
|
|
39
|
+
)
|
|
34
40
|
from reconcile.utils.semver_helper import make_semver
|
|
35
41
|
from reconcile.utils.smtp_client import (
|
|
36
42
|
DEFAULT_SMTP_TIMEOUT,
|
|
@@ -187,14 +193,16 @@ def get_tf_resource_info(
|
|
|
187
193
|
|
|
188
194
|
|
|
189
195
|
def collect_queries(
|
|
190
|
-
|
|
196
|
+
secret_reader: SecretReaderBase,
|
|
197
|
+
smtp_client: SmtpClient,
|
|
198
|
+
query_name: str | None = None,
|
|
191
199
|
) -> list[dict[str, Any]]:
|
|
192
200
|
"""
|
|
193
201
|
Consults the app-interface and constructs the list of queries
|
|
194
202
|
to be executed.
|
|
195
203
|
|
|
196
204
|
:param query_name: (optional) query to look for
|
|
197
|
-
:param
|
|
205
|
+
:param secret_reader: SecretReaderBase
|
|
198
206
|
|
|
199
207
|
:return: List of queries dictionaries
|
|
200
208
|
"""
|
|
@@ -218,8 +226,8 @@ def collect_queries(
|
|
|
218
226
|
"",
|
|
219
227
|
1,
|
|
220
228
|
accounts=[],
|
|
221
|
-
settings=settings,
|
|
222
229
|
prefetch_resources_by_schemas=["/aws/rds-defaults-1.yml"],
|
|
230
|
+
secret_reader=secret_reader,
|
|
223
231
|
)
|
|
224
232
|
|
|
225
233
|
for sql_query in sql_queries:
|
|
@@ -499,11 +507,11 @@ def get_service_account(name: str, labels: dict) -> dict[str, Any]:
|
|
|
499
507
|
}
|
|
500
508
|
|
|
501
509
|
|
|
502
|
-
def split_long_query(q, size) -> list[str]:
|
|
510
|
+
def split_long_query(q: str, size: int) -> list[str]:
|
|
503
511
|
return [q[i : i + size] for i in range(0, len(q), size)]
|
|
504
512
|
|
|
505
513
|
|
|
506
|
-
def merge_files_command(directory, file_glob, output_file):
|
|
514
|
+
def merge_files_command(directory: str, file_glob: str, output_file: str) -> str:
|
|
507
515
|
return f"cat ''{directory}''/{file_glob} > ''{output_file}''"
|
|
508
516
|
|
|
509
517
|
|
|
@@ -582,8 +590,8 @@ def _build_openshift_resources(
|
|
|
582
590
|
query: dict[str, Any],
|
|
583
591
|
image_repository: str,
|
|
584
592
|
pull_secret: dict[str, Any] | None,
|
|
585
|
-
|
|
586
|
-
):
|
|
593
|
+
secret_reader: SecretReaderBase,
|
|
594
|
+
) -> list[OpenshiftResource]:
|
|
587
595
|
query_name = query["name"]
|
|
588
596
|
common_resource_labels = _build_common_resource_labels(query)
|
|
589
597
|
openshift_resources: list[OpenshiftResource] = []
|
|
@@ -600,7 +608,7 @@ def _build_openshift_resources(
|
|
|
600
608
|
type=pull_secret["type"],
|
|
601
609
|
integration=QONTRACT_INTEGRATION,
|
|
602
610
|
integration_version=QONTRACT_INTEGRATION_VERSION,
|
|
603
|
-
|
|
611
|
+
secret_reader=secret_reader,
|
|
604
612
|
)
|
|
605
613
|
openshift_resources.append(secret_resource)
|
|
606
614
|
# ConfigMap gpg
|
|
@@ -696,14 +704,14 @@ def _reconstruct_for_metrics(
|
|
|
696
704
|
query: dict[str, Any],
|
|
697
705
|
image_repository: str,
|
|
698
706
|
pull_secret: dict[str, Any] | None,
|
|
699
|
-
settings: dict[str, Any],
|
|
700
707
|
ri: ResourceInventory,
|
|
708
|
+
secret_reader: SecretReaderBase,
|
|
701
709
|
) -> None:
|
|
702
710
|
openshift_resources = _build_openshift_resources(
|
|
703
711
|
query,
|
|
704
712
|
image_repository,
|
|
705
713
|
pull_secret,
|
|
706
|
-
|
|
714
|
+
secret_reader,
|
|
707
715
|
)
|
|
708
716
|
cluster = query["cluster"]
|
|
709
717
|
namespace = query["namespace"]["name"]
|
|
@@ -762,6 +770,7 @@ def _process_existing_query(
|
|
|
762
770
|
image_repository: str,
|
|
763
771
|
pull_secret: dict[str, Any],
|
|
764
772
|
ri: ResourceInventory,
|
|
773
|
+
secret_reader: SecretReaderBase,
|
|
765
774
|
) -> None:
|
|
766
775
|
match _get_query_status(query, state):
|
|
767
776
|
case QueryStatus.ACTIVE:
|
|
@@ -769,8 +778,8 @@ def _process_existing_query(
|
|
|
769
778
|
query,
|
|
770
779
|
image_repository,
|
|
771
780
|
pull_secret,
|
|
772
|
-
settings,
|
|
773
781
|
ri,
|
|
782
|
+
secret_reader,
|
|
774
783
|
)
|
|
775
784
|
case QueryStatus.PENDING_DELETION:
|
|
776
785
|
_delete_query_resources(
|
|
@@ -797,12 +806,10 @@ def _process_new_query(
|
|
|
797
806
|
image_repository: str,
|
|
798
807
|
pull_secret: dict[str, Any],
|
|
799
808
|
ri: ResourceInventory,
|
|
800
|
-
|
|
809
|
+
secret_reader: SecretReaderBase,
|
|
810
|
+
) -> None:
|
|
801
811
|
openshift_resources = _build_openshift_resources(
|
|
802
|
-
query,
|
|
803
|
-
image_repository,
|
|
804
|
-
pull_secret,
|
|
805
|
-
settings,
|
|
812
|
+
query, image_repository, pull_secret, secret_reader
|
|
806
813
|
)
|
|
807
814
|
|
|
808
815
|
cluster = query["cluster"]
|
|
@@ -835,12 +842,14 @@ def run(
|
|
|
835
842
|
) -> None:
|
|
836
843
|
settings = queries.get_app_interface_settings()
|
|
837
844
|
state = init_state(integration=QONTRACT_INTEGRATION)
|
|
845
|
+
vault_settings = get_app_interface_vault_settings()
|
|
846
|
+
secret_reader = create_secret_reader(use_vault=vault_settings.vault)
|
|
838
847
|
if defer:
|
|
839
848
|
defer(state.cleanup)
|
|
840
849
|
smtp_settings = typed_queries.smtp.settings()
|
|
841
850
|
smtp_client = SmtpClient(
|
|
842
851
|
server=get_smtp_server_connection(
|
|
843
|
-
secret_reader=
|
|
852
|
+
secret_reader=secret_reader,
|
|
844
853
|
secret=smtp_settings.credentials,
|
|
845
854
|
),
|
|
846
855
|
mail_address=smtp_settings.mail_address,
|
|
@@ -854,7 +863,7 @@ def run(
|
|
|
854
863
|
image_repository = sql_query_settings["imageRepository"]
|
|
855
864
|
pull_secret = sql_query_settings["pullSecret"]
|
|
856
865
|
|
|
857
|
-
queries_list = collect_queries(
|
|
866
|
+
queries_list = collect_queries(secret_reader=secret_reader, smtp_client=smtp_client)
|
|
858
867
|
query_states = {s.lstrip("/") for s in state.ls()}
|
|
859
868
|
ri = ResourceInventory()
|
|
860
869
|
for query in queries_list:
|
|
@@ -868,6 +877,7 @@ def run(
|
|
|
868
877
|
image_repository,
|
|
869
878
|
pull_secret,
|
|
870
879
|
ri,
|
|
880
|
+
secret_reader,
|
|
871
881
|
)
|
|
872
882
|
else:
|
|
873
883
|
_process_new_query(
|
|
@@ -878,6 +888,7 @@ def run(
|
|
|
878
888
|
image_repository,
|
|
879
889
|
pull_secret,
|
|
880
890
|
ri,
|
|
891
|
+
secret_reader,
|
|
881
892
|
)
|
|
882
893
|
openshift_base.publish_metrics(ri, QONTRACT_INTEGRATION)
|
|
883
894
|
|
{qontract_reconcile-0.10.2.dev191.dist-info → qontract_reconcile-0.10.2.dev193.dist-info}/WHEEL
RENAMED
|
File without changes
|
|
File without changes
|