qontract-reconcile 0.10.2.dev299__py3-none-any.whl → 0.10.2.dev430__py3-none-any.whl

reconcile/utils/glitchtip/client.py

@@ -164,7 +164,9 @@ class GlitchtipClient(ApiBase):
         return ProjectAlert(
             **self._post(
                 f"/api/0/projects/{organization_slug}/{project_slug}/alerts/",
-                data=alert.dict(by_alias=True, exclude_unset=True, exclude_none=True),
+                data=alert.model_dump(
+                    mode="json", by_alias=True, exclude_unset=True, exclude_none=True
+                ),
             )
         )
 
@@ -183,7 +185,9 @@ class GlitchtipClient(ApiBase):
         return ProjectAlert(
             **self._put(
                 f"/api/0/projects/{organization_slug}/{project_slug}/alerts/{alert.pk}/",
-                data=alert.dict(by_alias=True, exclude_unset=True, exclude_none=True),
+                data=alert.model_dump(
+                    mode="json", by_alias=True, exclude_unset=True, exclude_none=True
+                ),
             )
         )
 

reconcile/utils/glitchtip/models.py

@@ -3,13 +3,13 @@ from __future__ import annotations
 import re
 from datetime import datetime
 from enum import Enum
-from typing import TYPE_CHECKING, Any
+from typing import TYPE_CHECKING, Any, Self
 
 from pydantic import (
     BaseModel,
     Field,
-    root_validator,
-    validator,
+    field_validator,
+    model_validator,
 )
 
 if TYPE_CHECKING:
@@ -49,7 +49,8 @@ class Team(BaseModel):
     slug: str = ""
     users: list[User] = []
 
-    @root_validator(pre=True)
+    @model_validator(mode="before")
+    @classmethod
     def name_xor_slug_must_be_set(
         cls, values: MutableMapping[str, Any]
     ) -> MutableMapping[str, Any]:
@@ -58,11 +59,11 @@ class Team(BaseModel):
         ), "name xor slug must be set!"
         return values
 
-    @root_validator
-    def slugify(cls, values: MutableMapping[str, Any]) -> MutableMapping[str, Any]:
-        values["slug"] = values.get("slug") or slugify(values.get("name", ""))
-        values["name"] = slugify(values.get("name", "")) or values.get("slug")
-        return values
+    @model_validator(mode="after")
+    def slugify(self) -> Self:
+        self.slug = self.slug or slugify(self.name)
+        self.name = slugify(self.name) or self.slug
+        return self
 
     def __lt__(self, other: Team) -> bool:
         return self.slug < other.slug
@@ -86,16 +87,15 @@ class RecipientType(Enum):
     WEBHOOK = "webhook"
 
 
-class ProjectAlertRecipient(BaseModel):
+class ProjectAlertRecipient(
+    BaseModel, validate_by_name=True, validate_by_alias=True, use_enum_values=True
+):
     pk: int | None = Field(None, alias="id")
     recipient_type: RecipientType = Field(..., alias="recipientType")
     url: str = ""
 
-    class Config:
-        allow_population_by_field_name = True
-        use_enum_values = True
-
-    @validator("recipient_type")
+    @field_validator("recipient_type")
+    @classmethod
     def recipient_type_enforce_enum_type(cls, v: str | RecipientType) -> RecipientType:
         if isinstance(v, RecipientType):
             return v
@@ -113,17 +113,15 @@ class ProjectAlertRecipient(BaseModel):
         return hash((self.recipient_type, self.url))
 
 
-class ProjectAlert(BaseModel):
+class ProjectAlert(BaseModel, validate_by_name=True, validate_by_alias=True):
     pk: int | None = Field(None, alias="id")
     name: str
     timespan_minutes: int = Field(..., alias="timespanMinutes")
     quantity: int
     recipients: list[ProjectAlertRecipient] = Field([], alias="alertRecipients")
 
-    class Config:
-        allow_population_by_field_name = True
-
-    @root_validator
+    @model_validator(mode="before")
+    @classmethod
     def empty_name(cls, values: MutableMapping[str, Any]) -> MutableMapping[str, Any]:
         # name is an empty string if the alert was created manually because it can't be set via UI
         # use the pk instead.
@@ -141,20 +139,18 @@ class ProjectAlert(BaseModel):
         )
 
 
-class Project(BaseModel):
+class Project(BaseModel, validate_by_name=True, validate_by_alias=True):
     pk: int | None = Field(None, alias="id")
     name: str
     slug: str = ""
-    platform: str | None
+    platform: str | None = None
     teams: list[Team] = []
     alerts: list[ProjectAlert] = []
     event_throttle_rate: int = Field(0, alias="eventThrottleRate")
     organization: Organization | None = None
 
-    class Config:
-        allow_population_by_field_name = True
-
-    @root_validator
+    @model_validator(mode="before")
+    @classmethod
     def slugify(cls, values: MutableMapping[str, Any]) -> MutableMapping[str, Any]:
         values["slug"] = values.get("slug") or slugify(values["name"])
         return values
@@ -195,7 +191,8 @@ class Organization(BaseModel):
     teams: list[Team] = []
     users: list[User] = []
 
-    @root_validator
+    @model_validator(mode="before")
+    @classmethod
     def slugify(cls, values: MutableMapping[str, Any]) -> MutableMapping[str, Any]:
         values["slug"] = values.get("slug") or slugify(values["name"])
         return values
@@ -212,4 +209,4 @@ class Organization(BaseModel):
         return hash(self.name)
 
 
-Project.update_forward_refs()
+Project.model_rebuild()

reconcile/utils/gpg.py

@@ -8,7 +8,7 @@ from subprocess import (
 )
 
 
-def gpg_encrypt(content, public_gpg_key):
+def gpg_encrypt(content: str, public_gpg_key: str) -> str:
     public_gpg_key_dec = base64.b64decode(public_gpg_key)
 
     with tempfile.TemporaryDirectory() as gnupg_home_dir:
@@ -22,6 +22,8 @@ def gpg_encrypt(content, public_gpg_key):
         )
         out = proc.stdout.decode("utf-8")
         match = re.search(r"<\S+>", out)
+        if not match:
+            raise ValueError("No recipient found in GPG import output")
         recipient = match.group(0)[1:-1]
         # encrypt content
         proc = run(
@@ -41,5 +43,5 @@ def gpg_encrypt(content, public_gpg_key):
             stderr=STDOUT,
             check=True,
         )
-        out = proc.stdout
-    return out.decode("utf-8")
+        encrypted_out = proc.stdout
+    return encrypted_out.decode("utf-8")

reconcile/utils/gql.py

@@ -109,7 +109,7 @@ class GqlApi:
         if int_name:
             integrations = self.query(INTEGRATIONS_QUERY, skip_validation=True)
 
-            for integration in integrations["integrations"]:
+            for integration in integrations["integrations"] if integrations else []:
                 if integration["name"] == int_name:
                     self._valid_schemas = integration["schemas"]
                     break
@@ -142,7 +142,7 @@ class GqlApi:
         query: str,
         variables: dict[str, Any] | None = None,
         skip_validation: bool = False,
-    ) -> dict[str, Any] | None:
+    ) -> dict[str, Any]:
         try:
             result = self.client.execute(
                 gql(query), variables, get_execution_result=True
@@ -172,11 +172,8 @@ class GqlApi:
             if forbidden_schemas:
                 raise GqlApiErrorForbiddenSchemaError(forbidden_schemas)
 
-        # This is to appease mypy. This exception won't be thrown as this condition
-        # is already handled above with AssertionError
-        if result["data"] is None:
-            raise GqlApiError("`data` not received in GraphQL payload")
-
+        # make mypy happy
+        assert "data" in result and result["data"] is not None
         return result["data"]
 
     def get_template(self, path: str) -> dict[str, str]:

reconcile/utils/helm.py

@@ -11,6 +11,7 @@ from typing import Any
 import yaml
 
 from reconcile.utils import git
+from reconcile.utils.json import json_dumps
 from reconcile.utils.runtime.sharding import ShardSpec
 
 
@@ -70,7 +71,7 @@ def do_template(
             with tempfile.NamedTemporaryFile(
                 mode="w+", encoding="locale"
             ) as values_file:
-                values_file.write(json.dumps(values, cls=JSONEncoder))
+                values_file.write(json_dumps(values, cls=JSONEncoder))
                 values_file.flush()
                 cmd = [
                     "helm",

reconcile/utils/helpers.py

@@ -47,7 +47,7 @@ def flatten(
 Item = TypeVar("Item")
 
 
-def find_duplicates(items: Iterable[Item]) -> list[Item]:
+def find_duplicates[Item](items: Iterable[Item]) -> list[Item]:
     return [item for item, count in Counter(items).items() if count > 1]
 
 

reconcile/utils/imap_client.py

@@ -21,7 +21,7 @@ class ImapClient:
         self._server.login(self.user, self.password)
         return self
 
-    def __exit__(self, *args, **kwargs) -> None:
+    def __exit__(self, exc_type: Any, exc_value: Any, traceback: Any) -> None:
         if self._server:
             self._server.logout()
 

reconcile/utils/instrumented_wrappers.py

@@ -40,7 +40,7 @@ class InstrumentedImage(Image):
 
 
 class InstrumentedSkopeo(Skopeo):
-    def copy(self, *args: Any, **kwargs: Any) -> bytes | str:
+    def copy(self, *args: Any, **kwargs: Any) -> None:
         metrics.copy_count.labels(
             integration=INTEGRATION_NAME, shard=SHARDS, shard_id=SHARD_ID
         ).inc()

reconcile/utils/internal_groups/client.py

@@ -140,7 +140,7 @@ class InternalGroupsClient:
         with self._api as api:
             return Group(
                 **api.create_group(
-                    data=group.dict(by_alias=True),
+                    data=group.model_dump(by_alias=True),
                 )
             )
 
@@ -155,6 +155,6 @@ class InternalGroupsClient:
             return Group(
                 **api.update_group(
                     name=group.name,
-                    data=group.dict(by_alias=True),
+                    data=group.model_dump(by_alias=True),
                 )
             )

reconcile/utils/internal_groups/models.py

@@ -27,7 +27,7 @@ class Entity(BaseModel):
         return hash(self.id)
 
 
-class Group(BaseModel):
+class Group(BaseModel, validate_by_name=True, validate_by_alias=True):
     name: str
     description: str
     member_approval_type: str = Field("self-service", alias="memberApprovalType")
@@ -35,16 +35,18 @@ class Group(BaseModel):
     owners: list[Entity]
     display_name: str = Field(..., alias="displayName")
     notes: str | None = None
-    rover_group_member_query: str | None = Field(None, alias="roverGroupMemberQuery")
+    rover_group_member_query: str | None = Field(
+        None, alias="roverGroupMemberQuery", exclude=True
+    )
     rover_group_inclusions: list[Entity] | None = Field(
-        None, alias="roverGroupInclusions"
+        None, alias="roverGroupInclusions", exclude=True
     )
     rover_group_exclusions: list[Entity] | None = Field(
-        None, alias="roverGroupExclusions"
+        None, alias="roverGroupExclusions", exclude=True
     )
     members: list[Entity] = []
-    member_of: list[str] | None = Field(None, alias="memberOf")
-    namespace: str | None = None
+    member_of: list[str] | None = Field(None, alias="memberOf", exclude=True)
+    namespace: str | None = Field(None, exclude=True)
 
     def __eq__(self, other: object) -> bool:
         if not isinstance(other, Group):
@@ -58,14 +60,3 @@ class Group(BaseModel):
             and self.notes == other.notes
             and set(self.members) == set(other.members)
         )
-
-    class Config:
-        allow_population_by_field_name = True
-        # exclude read-only fields in the json/dict dumps
-        fields = {
-            "rover_group_member_query": {"exclude": True},
-            "rover_group_inclusions": {"exclude": True},
-            "rover_group_exclusions": {"exclude": True},
-            "member_of": {"exclude": True},
-            "namespace": {"exclude": True},
-        }

reconcile/utils/jenkins_api.py

@@ -231,10 +231,33 @@ class JenkinsApi:
 
         return kwargs
 
+    def _is_parameterized_job(self, job_name: str) -> bool:
+        api_query = "tree=property[parameterDefinitions[*]]"
+        url = f"{self.url}/job/{job_name}/api/json?{api_query}"
+
+        res = requests.get(
+            url,
+            verify=self.ssl_verify,
+            auth=(self.user, self.password),
+            timeout=60,
+        )
+
+        res.raise_for_status()
+
+        job_info = res.json()
+
+        return any(
+            prop.get("parameterDefinitions") for prop in job_info.get("property", [])
+        )
+
     def trigger_job(self, job_name: str) -> None:
         kwargs = self.get_crumb_kwargs()
 
-        url = f"{self.url}/job/{job_name}/build"
+        if self._is_parameterized_job(job_name):
+            url = f"{self.url}/job/{job_name}/buildWithParameters"
+        else:
+            url = f"{self.url}/job/{job_name}/build"
+
         res = requests.post(
             url,
             verify=self.ssl_verify,

reconcile/utils/jinja2/utils.py

@@ -15,6 +15,7 @@ from reconcile.checkpoint import url_makes_sense
 from reconcile.github_org import get_default_config
 from reconcile.utils import gql
 from reconcile.utils.aws_api import AWSApi
+from reconcile.utils.datetime_util import utc_now
 from reconcile.utils.github_api import GithubRepositoryApi
 from reconcile.utils.helpers import flatten
 from reconcile.utils.jinja2.extensions import B64EncodeExtension, RaiseErrorExtension
@@ -35,6 +36,7 @@ from reconcile.utils.secret_reader import (
     SecretReader,
     SecretReaderBase,
 )
+from reconcile.utils.sloth import generate_sloth_rules
 from reconcile.utils.vault import SecretFieldNotFoundError
 
 
@@ -43,14 +45,11 @@ class Jinja2TemplateError(Exception):
         super().__init__("error processing jinja2 template: " + str(msg))
 
 
-class TemplateRenderOptions(BaseModel):
+class TemplateRenderOptions(BaseModel, frozen=True):
     trim_blocks: bool
     lstrip_blocks: bool
     keep_trailing_newline: bool
 
-    class Config:
-        frozen = True
-
     @classmethod
     def create(
         cls,
@@ -73,7 +72,7 @@ def compile_jinja2_template(
 ) -> Any:
     if not template_render_options:
         template_render_options = TemplateRenderOptions.create()
-    env: dict[str, Any] = template_render_options.dict()
+    env: dict[str, Any] = template_render_options.model_dump()
     if extra_curly:
         env.update({
             "block_start_string": "{{%",
@@ -258,9 +257,8 @@ def process_jinja2_template(
         "s3": lookup_s3_object,
         "s3_ls": list_s3_objects,
         "flatten_dict": flatten,
-        "yesterday": lambda: (datetime.datetime.now() - datetime.timedelta(1)).strftime(
-            "%Y-%m-%d"
-        ),
+        "yesterday": lambda: (utc_now() - datetime.timedelta(1)).strftime("%Y-%m-%d"),
+        "sloth_alerts": generate_sloth_rules,
     })
     if "_template_mocks" in vars:
         for k, v in vars["_template_mocks"].items():

reconcile/utils/jira_client.py

@@ -17,10 +17,8 @@ from jira.resources import CustomFieldOption as JiraCustomFieldOption
 from jira.resources import Resource
 from pydantic import BaseModel
 
-from reconcile.utils.secret_reader import SecretReader
-
 if TYPE_CHECKING:
-    from collections.abc import Iterable, Mapping
+    from collections.abc import Iterable
 
 
 class JiraWatcherSettings(Protocol):
@@ -87,36 +85,18 @@ class IssueField(BaseModel):
     options: list[FieldOption | CustomFieldOption]
 
 
+CREATE_ISSUES = "CREATE_ISSUES"
+TRANSITION_ISSUES = "TRANSITION_ISSUES"
+PERMISSIONS = [CREATE_ISSUES, TRANSITION_ISSUES]
+
+
 class JiraClient:
     """Wrapper around Jira client."""
 
     DEFAULT_CONNECT_TIMEOUT = 60
     DEFAULT_READ_TIMEOUT = 60
 
-    def __init__(
-        self,
-        jira_board: Mapping[str, Any] | None = None,
-        settings: Mapping | None = None,
-        jira_api: JIRA | None = None,
-        project: str | None = None,
-        server: str | None = None,
-    ):
-        """
-        Note: jira_board and settings is to be deprecated. Use JiraClient.create() instead.
-        """
-        if jira_api and jira_board:
-            raise RuntimeError(
-                "jira_board parameter is deprecated. Use JiraClient.create() instead."
-            )
-        if not (jira_api and project):
-            # kept for backwards-compatibility
-            if not jira_board:
-                raise RuntimeError(
-                    "JiraClient needs jira_api and project or jira_board."
-                )
-            self._deprecated_init(jira_board=jira_board, settings=settings)
-            return
-
+    def __init__(self, jira_api: JIRA, project: str, server: str):
         self.server = server
         self.project = project
         self.jira = jira_api
@@ -128,47 +108,31 @@ class JiraClient:
         self.project_issue_types = functools.cache(self._project_issue_types)
         self.project_issue_fields = functools.cache(self._project_issue_fields)
 
-    def _deprecated_init(
-        self, jira_board: Mapping[str, Any], settings: Mapping | None
-    ) -> None:
-        secret_reader = SecretReader(settings=settings)
-        self.project = jira_board["name"]
-        jira_server = jira_board["server"]
-        self.server = jira_server["serverUrl"]
-        token = jira_server["token"]
-        token_auth = secret_reader.read(token)
-        read_timeout = 60
-        connect_timeout = 60
-        if settings and settings["jiraWatcher"]:
-            read_timeout = settings["jiraWatcher"]["readTimeout"]
-            connect_timeout = settings["jiraWatcher"]["connectTimeout"]
-        if not self.server:
-            raise RuntimeError("JiraClient.server is not set.")
-
-        self.jira = JIRA(
-            self.server,
-            token_auth=token_auth,
-            timeout=(read_timeout, connect_timeout),
-            logging=False,
-        )
-
     @staticmethod
     def create(
         project_name: str,
         token: str,
+        email: str | None,
         server_url: str,
         jira_watcher_settings: JiraWatcherSettings | None = None,
     ) -> JiraClient:
+        """Create a Jira client for the given project."""
         read_timeout = JiraClient.DEFAULT_READ_TIMEOUT
         connect_timeout = JiraClient.DEFAULT_CONNECT_TIMEOUT
         if jira_watcher_settings:
             read_timeout = jira_watcher_settings.read_timeout
             connect_timeout = jira_watcher_settings.connect_timeout
+
+        # Jira Cloud uses email+API token for basic auth
+        # Jira Server/Data Center can use token auth (personal access token)
+        auth_params: dict[str, Any] = (
+            {"basic_auth": (email, token)} if email else {"token_auth": token}
+        )
         jira_api = JIRA(
             server=server_url,
-            token_auth=token,
             timeout=(read_timeout, connect_timeout),
             logging=False,
+            **auth_params,
         )
         return JiraClient(
             jira_api=jira_api,
@@ -176,7 +140,13 @@ class JiraClient:
             server=server_url,
         )
 
+    @property
+    def is_cloud(self) -> bool:
+        """Return whether we are on a Cloud based Jira instance."""
+        return self.jira.deploymentType == "Cloud"
+
     def get_issues(self, fields: Iterable | None = None) -> list[Issue]:
+        """Return all issues for our project."""
         block_size = 100
         block_num = 0
 
@@ -227,20 +197,34 @@ class JiraClient:
         return issue
 
     def _my_permissions(self, project: str) -> dict[str, Any]:
+        """Return my permissions for the given project.
+
+        Don't use this function directly, use self.my_permissions which is cached."""
+        if self.is_cloud:
+            return self.jira.my_permissions(
+                projectKey=project, permissions=",".join(PERMISSIONS)
+            )["permissions"]
         return self.jira.my_permissions(projectKey=project)["permissions"]
 
     def can_i(self, permission: str) -> bool:
+        """Return whether I have the given permission in the project."""
         return bool(
             self.my_permissions(project=self.project)[permission]["havePermission"]
         )
 
     def can_create_issues(self) -> bool:
-        return self.can_i("CREATE_ISSUES")
+        """Return whether I can create issues in the project."""
+        return self.can_i(CREATE_ISSUES)
 
     def can_transition_issues(self) -> bool:
-        return self.can_i("TRANSITION_ISSUES")
+        """Return whether I can transition issues in the project."""
+        return self.can_i(TRANSITION_ISSUES)
 
     def _project_issue_types(self, project: str) -> list[IssueType]:
+        """Return all available issue types (e.g. Task, Bug) for the project.
+
+        Don't use this function directly, use self.project_issue_types which is cached.
+        """
         # Don't use self.project here, because of function.cache usage
         return [
             IssueType(id=t.id, name=t.name, statuses=[s.name for s in t.statuses])
@@ -248,6 +232,7 @@ class JiraClient:
         ]
 
     def get_issue_type(self, issue_type: str) -> IssueType | None:
+        """Return a issue type (e.g. Task) for the project if it exists."""
         for _issue_type in self.project_issue_types(self.project):
             if _issue_type.name == issue_type:
                 return _issue_type
@@ -255,15 +240,23 @@ class JiraClient:
 
     @staticmethod
     def _get_allowed_issue_field_options(
-        allowed_values: list[Resource],
+        allowed_values: list[Resource] | list[dict[str, str]],
     ) -> list[FieldOption | CustomFieldOption]:
-        """Return a list of allowed values for a field."""
-        return [
-            CustomFieldOption(value=v.value)
-            if isinstance(v, JiraCustomFieldOption)
-            else FieldOption(name=v.name)
-            for v in allowed_values
-        ]
+        """Return a list of allowed values for a field. E.g. Minor, Major ... for Priority in a Task."""
+        items: list[FieldOption | CustomFieldOption] = []
+        for v in allowed_values:
+            match v:
+                case dict() if "value" in v:
+                    items.append(CustomFieldOption(value=v["value"]))
+                case dict() if "name" in v:
+                    items.append(FieldOption(name=v["name"]))
+                case JiraCustomFieldOption():
+                    items.append(CustomFieldOption(value=v.value))
+                case Resource():
+                    items.append(FieldOption(name=v.name))
+                case _:
+                    logging.warning(f"Unknown allowed value type: {type(v)}")
+        return items
 
     def _project_issue_fields(
         self, project: str, issue_type_id: str
@@ -273,6 +266,27 @@ class JiraClient:
         This API endpoint needs createIssue project permissions.
         """
         # Don't use self.project here, because of function.cache usage
+        if self.is_cloud:
+            metadata = self.jira.createmeta(
+                projectKeys=self.project,
+                issuetypeIds=[issue_type_id],
+                expand="projects.issuetypes.fields",
+            )
+            if not metadata["projects"] or not metadata["projects"][0]["issuetypes"]:
+                return []
+            return [
+                IssueField(
+                    name=field["name"],
+                    id=field_id,
+                    options=self._get_allowed_issue_field_options(
+                        field.get("allowedValues", [])
+                    ),
+                )
+                for field_id, field in metadata["projects"][0]["issuetypes"][0][
+                    "fields"
+                ].items()
+            ]
+
         return [
             IssueField(
                 name=field.name,
@@ -304,6 +318,10 @@ class JiraClient:
 
     def project_priority_scheme(self) -> list[str]:
         """Return a list of all priority IDs for the project."""
+        if self.is_cloud:
+            # Cloud does not have a way to retrieve project specific priority schemes
+            return []
+
         scheme = self.jira.project_priority_scheme(self.project)
         return scheme.optionIds
 
@@ -329,4 +347,5 @@ class JiraClient:
 
     @property
     def is_archived(self) -> bool:
-        return self.jira.project(self.project).archived
+        """Return whether the project is archived."""
+        return getattr(self.jira.project(self.project), "archived", False)