qontract-reconcile 0.10.2.dev299__py3-none-any.whl → 0.10.2.dev430__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {qontract_reconcile-0.10.2.dev299.dist-info → qontract_reconcile-0.10.2.dev430.dist-info}/METADATA +13 -12
- {qontract_reconcile-0.10.2.dev299.dist-info → qontract_reconcile-0.10.2.dev430.dist-info}/RECORD +399 -394
- reconcile/acs_rbac.py +2 -2
- reconcile/aus/advanced_upgrade_service.py +18 -12
- reconcile/aus/base.py +134 -32
- reconcile/aus/cluster_version_data.py +15 -5
- reconcile/aus/models.py +3 -1
- reconcile/aus/ocm_addons_upgrade_scheduler_org.py +1 -0
- reconcile/aus/ocm_upgrade_scheduler.py +8 -1
- reconcile/aus/ocm_upgrade_scheduler_org.py +20 -5
- reconcile/aus/version_gates/sts_version_gate_handler.py +54 -1
- reconcile/automated_actions/config/integration.py +16 -4
- reconcile/aws_account_manager/integration.py +8 -8
- reconcile/aws_account_manager/reconciler.py +3 -3
- reconcile/aws_ami_cleanup/integration.py +8 -12
- reconcile/aws_ami_share.py +69 -62
- reconcile/aws_cloudwatch_log_retention/integration.py +155 -126
- reconcile/aws_ecr_image_pull_secrets.py +4 -4
- reconcile/aws_iam_keys.py +1 -0
- reconcile/aws_saml_idp/integration.py +12 -4
- reconcile/aws_saml_roles/integration.py +32 -25
- reconcile/aws_version_sync/integration.py +125 -84
- reconcile/change_owners/bundle.py +3 -3
- reconcile/change_owners/change_log_tracking.py +3 -2
- reconcile/change_owners/change_owners.py +1 -1
- reconcile/change_owners/diff.py +2 -4
- reconcile/checkpoint.py +12 -4
- reconcile/cli.py +111 -18
- reconcile/cluster_deployment_mapper.py +2 -3
- reconcile/dashdotdb_dora.py +5 -12
- reconcile/dashdotdb_slo.py +1 -1
- reconcile/database_access_manager.py +125 -121
- reconcile/deadmanssnitch.py +1 -5
- reconcile/dynatrace_token_provider/integration.py +1 -1
- reconcile/endpoints_discovery/integration.py +4 -1
- reconcile/endpoints_discovery/merge_request.py +1 -1
- reconcile/endpoints_discovery/merge_request_manager.py +9 -11
- reconcile/external_resources/factories.py +5 -12
- reconcile/external_resources/integration.py +1 -1
- reconcile/external_resources/manager.py +8 -5
- reconcile/external_resources/meta.py +0 -1
- reconcile/external_resources/metrics.py +1 -1
- reconcile/external_resources/model.py +20 -20
- reconcile/external_resources/reconciler.py +7 -4
- reconcile/external_resources/secrets_sync.py +8 -11
- reconcile/external_resources/state.py +26 -16
- reconcile/fleet_labeler/integration.py +1 -1
- reconcile/gabi_authorized_users.py +8 -5
- reconcile/gcp_image_mirror.py +2 -2
- reconcile/github_org.py +1 -1
- reconcile/github_owners.py +4 -0
- reconcile/gitlab_housekeeping.py +13 -15
- reconcile/gitlab_members.py +6 -12
- reconcile/gitlab_mr_sqs_consumer.py +2 -2
- reconcile/gitlab_owners.py +15 -11
- reconcile/gitlab_permissions.py +8 -12
- reconcile/glitchtip_project_alerts/integration.py +3 -1
- reconcile/gql_definitions/acs/acs_instances.py +10 -10
- reconcile/gql_definitions/acs/acs_policies.py +5 -5
- reconcile/gql_definitions/acs/acs_rbac.py +6 -6
- reconcile/gql_definitions/advanced_upgrade_service/aus_clusters.py +32 -32
- reconcile/gql_definitions/advanced_upgrade_service/aus_organization.py +26 -26
- reconcile/gql_definitions/app_interface_metrics_exporter/onboarding_status.py +6 -7
- reconcile/gql_definitions/app_sre_tekton_access_revalidation/roles.py +5 -5
- reconcile/gql_definitions/app_sre_tekton_access_revalidation/users.py +5 -5
- reconcile/gql_definitions/automated_actions/instance.py +51 -12
- reconcile/gql_definitions/aws_account_manager/aws_accounts.py +11 -11
- reconcile/gql_definitions/aws_ami_cleanup/aws_accounts.py +20 -10
- reconcile/gql_definitions/aws_cloudwatch_log_retention/aws_accounts.py +28 -68
- reconcile/gql_definitions/aws_saml_idp/aws_accounts.py +20 -10
- reconcile/gql_definitions/aws_saml_roles/aws_accounts.py +20 -10
- reconcile/gql_definitions/aws_saml_roles/roles.py +5 -5
- reconcile/gql_definitions/aws_version_sync/clusters.py +10 -10
- reconcile/gql_definitions/aws_version_sync/namespaces.py +5 -5
- reconcile/gql_definitions/change_owners/queries/change_types.py +5 -5
- reconcile/gql_definitions/change_owners/queries/self_service_roles.py +9 -9
- reconcile/gql_definitions/cluster_auth_rhidp/clusters.py +18 -18
- reconcile/gql_definitions/common/alerting_services_settings.py +9 -9
- reconcile/gql_definitions/common/app_code_component_repos.py +5 -5
- reconcile/gql_definitions/common/app_interface_custom_messages.py +5 -5
- reconcile/gql_definitions/common/app_interface_dms_settings.py +5 -5
- reconcile/gql_definitions/common/app_interface_repo_settings.py +5 -5
- reconcile/gql_definitions/common/app_interface_roles.py +120 -0
- reconcile/gql_definitions/common/app_interface_state_settings.py +10 -10
- reconcile/gql_definitions/common/app_interface_vault_settings.py +5 -5
- reconcile/gql_definitions/common/app_quay_repos_escalation_policies.py +5 -5
- reconcile/gql_definitions/common/apps.py +5 -5
- reconcile/gql_definitions/common/aws_vpc_requests.py +23 -10
- reconcile/gql_definitions/common/aws_vpcs.py +11 -11
- reconcile/gql_definitions/common/clusters.py +37 -35
- reconcile/gql_definitions/common/clusters_minimal.py +14 -14
- reconcile/gql_definitions/common/clusters_with_dms.py +6 -6
- reconcile/gql_definitions/common/clusters_with_peering.py +29 -30
- reconcile/gql_definitions/common/github_orgs.py +10 -10
- reconcile/gql_definitions/common/jira_settings.py +10 -10
- reconcile/gql_definitions/common/jiralert_settings.py +5 -5
- reconcile/gql_definitions/common/ldap_settings.py +5 -5
- reconcile/gql_definitions/common/namespaces.py +42 -44
- reconcile/gql_definitions/common/namespaces_minimal.py +15 -13
- reconcile/gql_definitions/common/ocm_env_telemeter.py +12 -12
- reconcile/gql_definitions/common/ocm_environments.py +19 -19
- reconcile/gql_definitions/common/pagerduty_instances.py +9 -9
- reconcile/gql_definitions/common/pgp_reencryption_settings.py +6 -6
- reconcile/gql_definitions/common/pipeline_providers.py +29 -29
- reconcile/gql_definitions/common/quay_instances.py +5 -5
- reconcile/gql_definitions/common/quay_orgs.py +5 -5
- reconcile/gql_definitions/common/reserved_networks.py +5 -5
- reconcile/gql_definitions/common/rhcs_provider_settings.py +5 -5
- reconcile/gql_definitions/common/saas_files.py +44 -44
- reconcile/gql_definitions/common/saas_target_namespaces.py +10 -10
- reconcile/gql_definitions/common/saasherder_settings.py +5 -5
- reconcile/gql_definitions/common/slack_workspaces.py +5 -5
- reconcile/gql_definitions/common/smtp_client_settings.py +19 -19
- reconcile/gql_definitions/common/state_aws_account.py +7 -8
- reconcile/gql_definitions/common/users.py +5 -5
- reconcile/gql_definitions/common/users_with_paths.py +5 -5
- reconcile/gql_definitions/cost_report/app_names.py +5 -5
- reconcile/gql_definitions/cost_report/cost_namespaces.py +5 -5
- reconcile/gql_definitions/cost_report/settings.py +9 -9
- reconcile/gql_definitions/dashdotdb_slo/slo_documents_query.py +43 -43
- reconcile/gql_definitions/dynatrace_token_provider/dynatrace_bootstrap_tokens.py +10 -10
- reconcile/gql_definitions/dynatrace_token_provider/token_specs.py +5 -5
- reconcile/gql_definitions/email_sender/apps.py +5 -5
- reconcile/gql_definitions/email_sender/emails.py +8 -8
- reconcile/gql_definitions/email_sender/users.py +6 -6
- reconcile/gql_definitions/endpoints_discovery/apps.py +10 -10
- reconcile/gql_definitions/external_resources/aws_accounts.py +9 -9
- reconcile/gql_definitions/external_resources/external_resources_modules.py +23 -23
- reconcile/gql_definitions/external_resources/external_resources_namespaces.py +492 -410
- reconcile/gql_definitions/external_resources/external_resources_settings.py +28 -26
- reconcile/gql_definitions/external_resources/fragments/external_resources_module_overrides.py +5 -5
- reconcile/gql_definitions/fleet_labeler/fleet_labels.py +40 -40
- reconcile/gql_definitions/fragments/aus_organization.py +5 -5
- reconcile/gql_definitions/fragments/aws_account_common.py +7 -5
- reconcile/gql_definitions/fragments/aws_account_managed.py +5 -5
- reconcile/gql_definitions/fragments/aws_account_sso.py +5 -5
- reconcile/gql_definitions/fragments/aws_infra_management_account.py +5 -5
- reconcile/gql_definitions/fragments/{aws_vpc_request_subnet.py → aws_organization.py} +12 -8
- reconcile/gql_definitions/fragments/aws_vpc.py +5 -5
- reconcile/gql_definitions/fragments/aws_vpc_request.py +10 -5
- reconcile/gql_definitions/fragments/container_image_mirror.py +5 -5
- reconcile/gql_definitions/fragments/deploy_resources.py +5 -5
- reconcile/gql_definitions/fragments/disable.py +5 -5
- reconcile/gql_definitions/fragments/email_service.py +5 -5
- reconcile/gql_definitions/fragments/email_user.py +5 -5
- reconcile/gql_definitions/fragments/jumphost_common_fields.py +5 -5
- reconcile/gql_definitions/fragments/membership_source.py +5 -5
- reconcile/gql_definitions/fragments/minimal_ocm_organization.py +5 -5
- reconcile/gql_definitions/fragments/oc_connection_cluster.py +5 -5
- reconcile/gql_definitions/fragments/ocm_environment.py +5 -5
- reconcile/gql_definitions/fragments/pipeline_provider_retention.py +5 -5
- reconcile/gql_definitions/fragments/prometheus_instance.py +5 -5
- reconcile/gql_definitions/fragments/resource_limits_requirements.py +5 -5
- reconcile/gql_definitions/fragments/resource_requests_requirements.py +5 -5
- reconcile/gql_definitions/fragments/resource_values.py +5 -5
- reconcile/gql_definitions/fragments/saas_slo_document.py +5 -5
- reconcile/gql_definitions/fragments/saas_target_namespace.py +5 -5
- reconcile/gql_definitions/fragments/serviceaccount_token.py +5 -5
- reconcile/gql_definitions/fragments/terraform_state.py +5 -5
- reconcile/gql_definitions/fragments/upgrade_policy.py +5 -5
- reconcile/gql_definitions/fragments/user.py +5 -5
- reconcile/gql_definitions/fragments/vault_secret.py +5 -5
- reconcile/gql_definitions/gcp/gcp_docker_repos.py +9 -9
- reconcile/gql_definitions/gcp/gcp_projects.py +9 -9
- reconcile/gql_definitions/gitlab_members/gitlab_instances.py +9 -9
- reconcile/gql_definitions/gitlab_members/permissions.py +9 -9
- reconcile/gql_definitions/glitchtip/glitchtip_instance.py +9 -9
- reconcile/gql_definitions/glitchtip/glitchtip_project.py +11 -11
- reconcile/gql_definitions/glitchtip_project_alerts/glitchtip_project.py +9 -9
- reconcile/gql_definitions/integrations/integrations.py +48 -51
- reconcile/gql_definitions/introspection.json +3050 -1393
- reconcile/gql_definitions/jenkins_configs/jenkins_configs.py +11 -11
- reconcile/gql_definitions/jenkins_configs/jenkins_instances.py +10 -10
- reconcile/gql_definitions/jira/jira_servers.py +5 -5
- reconcile/gql_definitions/jira_permissions_validator/jira_boards_for_permissions_validator.py +14 -10
- reconcile/gql_definitions/jumphosts/jumphosts.py +13 -13
- reconcile/gql_definitions/ldap_groups/roles.py +5 -5
- reconcile/gql_definitions/ldap_groups/settings.py +9 -9
- reconcile/gql_definitions/maintenance/maintenances.py +5 -5
- reconcile/gql_definitions/membershipsources/roles.py +5 -5
- reconcile/gql_definitions/ocm_labels/clusters.py +18 -19
- reconcile/gql_definitions/ocm_labels/organizations.py +5 -5
- reconcile/gql_definitions/openshift_cluster_bots/clusters.py +22 -22
- reconcile/gql_definitions/openshift_groups/managed_groups.py +5 -5
- reconcile/gql_definitions/openshift_groups/managed_roles.py +6 -6
- reconcile/gql_definitions/openshift_serviceaccount_tokens/tokens.py +10 -10
- reconcile/gql_definitions/quay_membership/quay_membership.py +6 -6
- reconcile/gql_definitions/rhcs/certs.py +33 -87
- reconcile/gql_definitions/rhcs/openshift_resource_rhcs_cert.py +43 -0
- reconcile/gql_definitions/rhidp/organizations.py +18 -18
- reconcile/gql_definitions/service_dependencies/jenkins_instance_fragment.py +5 -5
- reconcile/gql_definitions/service_dependencies/service_dependencies.py +8 -8
- reconcile/gql_definitions/sharding/aws_accounts.py +10 -10
- reconcile/gql_definitions/sharding/ocm_organization.py +8 -8
- reconcile/gql_definitions/skupper_network/site_controller_template.py +5 -5
- reconcile/gql_definitions/skupper_network/skupper_networks.py +10 -10
- reconcile/gql_definitions/slack_usergroups/clusters.py +5 -5
- reconcile/gql_definitions/slack_usergroups/permissions.py +9 -9
- reconcile/gql_definitions/slack_usergroups/users.py +5 -5
- reconcile/gql_definitions/slo_documents/slo_documents.py +5 -5
- reconcile/gql_definitions/status_board/status_board.py +6 -7
- reconcile/gql_definitions/statuspage/statuspages.py +9 -9
- reconcile/gql_definitions/templating/template_collection.py +5 -5
- reconcile/gql_definitions/templating/templates.py +5 -5
- reconcile/gql_definitions/terraform_cloudflare_dns/app_interface_cloudflare_dns_settings.py +6 -6
- reconcile/gql_definitions/terraform_cloudflare_dns/terraform_cloudflare_zones.py +11 -11
- reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_accounts.py +11 -11
- reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_resources.py +20 -25
- reconcile/gql_definitions/terraform_cloudflare_users/app_interface_setting_cloudflare_and_vault.py +6 -6
- reconcile/gql_definitions/terraform_cloudflare_users/terraform_cloudflare_roles.py +12 -12
- reconcile/gql_definitions/terraform_init/aws_accounts.py +23 -9
- reconcile/gql_definitions/terraform_repo/terraform_repo.py +9 -9
- reconcile/gql_definitions/terraform_resources/database_access_manager.py +5 -5
- reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +448 -402
- reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py +23 -17
- reconcile/gql_definitions/unleash_feature_toggles/feature_toggles.py +9 -9
- reconcile/gql_definitions/vault_instances/vault_instances.py +61 -61
- reconcile/gql_definitions/vault_policies/vault_policies.py +11 -11
- reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator.py +8 -8
- reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator_peered_cluster_fragment.py +5 -5
- reconcile/integrations_manager.py +3 -3
- reconcile/jenkins_job_builder.py +1 -1
- reconcile/jenkins_worker_fleets.py +80 -11
- reconcile/jira_permissions_validator.py +237 -122
- reconcile/ldap_groups/integration.py +1 -1
- reconcile/ocm/types.py +35 -56
- reconcile/ocm_aws_infrastructure_access.py +1 -1
- reconcile/ocm_clusters.py +4 -4
- reconcile/ocm_labels/integration.py +3 -2
- reconcile/ocm_machine_pools.py +33 -27
- reconcile/openshift_base.py +122 -10
- reconcile/openshift_cluster_bots.py +5 -5
- reconcile/openshift_groups.py +5 -0
- reconcile/openshift_limitranges.py +1 -1
- reconcile/openshift_namespace_labels.py +1 -1
- reconcile/openshift_namespaces.py +97 -101
- reconcile/openshift_resources_base.py +10 -5
- reconcile/openshift_rhcs_certs.py +77 -40
- reconcile/openshift_rolebindings.py +230 -130
- reconcile/openshift_saas_deploy.py +6 -7
- reconcile/openshift_saas_deploy_change_tester.py +9 -7
- reconcile/openshift_saas_deploy_trigger_cleaner.py +3 -5
- reconcile/openshift_serviceaccount_tokens.py +8 -7
- reconcile/openshift_tekton_resources.py +1 -1
- reconcile/openshift_upgrade_watcher.py +4 -4
- reconcile/openshift_users.py +5 -3
- reconcile/oum/labelset.py +5 -3
- reconcile/oum/models.py +1 -4
- reconcile/oum/providers.py +1 -1
- reconcile/prometheus_rules_tester/integration.py +4 -4
- reconcile/quay_mirror.py +1 -1
- reconcile/queries.py +131 -0
- reconcile/requests_sender.py +8 -3
- reconcile/resource_scraper.py +1 -5
- reconcile/rhidp/common.py +5 -5
- reconcile/rhidp/sso_client/base.py +19 -10
- reconcile/saas_auto_promotions_manager/merge_request_manager/renderer.py +1 -1
- reconcile/saas_auto_promotions_manager/subscriber.py +4 -3
- reconcile/sendgrid_teammates.py +20 -9
- reconcile/skupper_network/integration.py +2 -2
- reconcile/slack_usergroups.py +35 -14
- reconcile/sql_query.py +1 -0
- reconcile/status.py +2 -2
- reconcile/status_board.py +6 -6
- reconcile/statuspage/atlassian.py +7 -7
- reconcile/statuspage/integrations/maintenances.py +4 -3
- reconcile/statuspage/page.py +4 -9
- reconcile/statuspage/status.py +5 -8
- reconcile/templates/rosa-classic-cluster-creation.sh.j2 +4 -0
- reconcile/templates/rosa-hcp-cluster-creation.sh.j2 +3 -0
- reconcile/templating/lib/merge_request_manager.py +2 -2
- reconcile/templating/lib/rendering.py +3 -3
- reconcile/templating/renderer.py +12 -13
- reconcile/terraform_aws_route53.py +18 -8
- reconcile/terraform_cloudflare_dns.py +3 -3
- reconcile/terraform_cloudflare_resources.py +12 -13
- reconcile/terraform_cloudflare_users.py +3 -2
- reconcile/terraform_init/integration.py +187 -23
- reconcile/terraform_repo.py +16 -12
- reconcile/terraform_resources.py +18 -10
- reconcile/terraform_tgw_attachments.py +27 -19
- reconcile/terraform_users.py +29 -21
- reconcile/terraform_vpc_peerings.py +16 -4
- reconcile/terraform_vpc_resources/integration.py +32 -2
- reconcile/typed_queries/app_interface_roles.py +10 -0
- reconcile/typed_queries/aws_account_tags.py +41 -0
- reconcile/typed_queries/cost_report/app_names.py +1 -1
- reconcile/typed_queries/cost_report/cost_namespaces.py +2 -2
- reconcile/typed_queries/saas_files.py +13 -13
- reconcile/typed_queries/status_board.py +2 -2
- reconcile/unleash_feature_toggles/integration.py +4 -2
- reconcile/utils/acs/base.py +6 -3
- reconcile/utils/acs/policies.py +2 -2
- reconcile/utils/aggregated_list.py +4 -3
- reconcile/utils/aws_api.py +51 -20
- reconcile/utils/aws_api_typed/api.py +38 -9
- reconcile/utils/aws_api_typed/cloudformation.py +149 -0
- reconcile/utils/aws_api_typed/logs.py +73 -0
- reconcile/utils/aws_api_typed/organization.py +4 -2
- reconcile/utils/binary.py +7 -12
- reconcile/utils/datetime_util.py +67 -0
- reconcile/utils/deadmanssnitch_api.py +1 -1
- reconcile/utils/differ.py +2 -3
- reconcile/utils/early_exit_cache.py +11 -12
- reconcile/utils/expiration.py +7 -3
- reconcile/utils/external_resource_spec.py +24 -1
- reconcile/utils/filtering.py +1 -1
- reconcile/utils/gitlab_api.py +7 -5
- reconcile/utils/glitchtip/client.py +6 -2
- reconcile/utils/glitchtip/models.py +25 -28
- reconcile/utils/gpg.py +5 -3
- reconcile/utils/gql.py +4 -7
- reconcile/utils/helm.py +2 -1
- reconcile/utils/helpers.py +1 -1
- reconcile/utils/imap_client.py +1 -1
- reconcile/utils/instrumented_wrappers.py +1 -1
- reconcile/utils/internal_groups/client.py +2 -2
- reconcile/utils/internal_groups/models.py +8 -17
- reconcile/utils/jenkins_api.py +24 -1
- reconcile/utils/jinja2/utils.py +6 -8
- reconcile/utils/jira_client.py +82 -63
- reconcile/utils/jjb_client.py +59 -43
- reconcile/utils/jobcontroller/controller.py +2 -2
- reconcile/utils/jobcontroller/models.py +17 -1
- reconcile/utils/json.py +74 -0
- reconcile/utils/ldap_client.py +4 -3
- reconcile/utils/lean_terraform_client.py +3 -1
- reconcile/utils/membershipsources/app_interface_resolver.py +4 -2
- reconcile/utils/membershipsources/models.py +16 -23
- reconcile/utils/membershipsources/resolver.py +4 -2
- reconcile/utils/merge_request_manager/merge_request_manager.py +4 -4
- reconcile/utils/merge_request_manager/parser.py +6 -6
- reconcile/utils/metrics.py +5 -5
- reconcile/utils/models.py +304 -82
- reconcile/utils/mr/__init__.py +3 -1
- reconcile/utils/mr/app_interface_reporter.py +6 -3
- reconcile/utils/mr/aws_access.py +1 -1
- reconcile/utils/mr/base.py +7 -13
- reconcile/utils/mr/clusters_updates.py +4 -2
- reconcile/utils/mr/notificator.py +3 -3
- reconcile/utils/mr/ocm_upgrade_scheduler_org_updates.py +4 -1
- reconcile/utils/mr/promote_qontract.py +28 -12
- reconcile/utils/mr/update_access_report_base.py +3 -4
- reconcile/utils/mr/user_maintenance.py +7 -6
- reconcile/utils/oc.py +445 -336
- reconcile/utils/oc_filters.py +3 -3
- reconcile/utils/ocm/addons.py +0 -1
- reconcile/utils/ocm/base.py +27 -20
- reconcile/utils/ocm/cluster_groups.py +1 -1
- reconcile/utils/ocm/identity_providers.py +2 -2
- reconcile/utils/ocm/labels.py +1 -1
- reconcile/utils/ocm/ocm.py +81 -71
- reconcile/utils/ocm/products.py +9 -3
- reconcile/utils/ocm/search_filters.py +3 -6
- reconcile/utils/ocm/service_log.py +4 -6
- reconcile/utils/ocm/sre_capability_labels.py +20 -13
- reconcile/utils/ocm_base_client.py +4 -4
- reconcile/utils/openshift_resource.py +83 -52
- reconcile/utils/openssl.py +2 -2
- reconcile/utils/output.py +3 -2
- reconcile/utils/pagerduty_api.py +10 -7
- reconcile/utils/promotion_state.py +6 -11
- reconcile/utils/raw_github_api.py +11 -8
- reconcile/utils/repo_owners.py +21 -29
- reconcile/utils/rhcsv2_certs.py +138 -35
- reconcile/utils/rosa/session.py +16 -0
- reconcile/utils/runtime/integration.py +2 -3
- reconcile/utils/runtime/meta.py +2 -1
- reconcile/utils/runtime/runner.py +2 -2
- reconcile/utils/saasherder/interfaces.py +13 -20
- reconcile/utils/saasherder/models.py +25 -21
- reconcile/utils/saasherder/saasherder.py +60 -32
- reconcile/utils/secret_reader.py +6 -6
- reconcile/utils/sharding.py +1 -1
- reconcile/utils/slack_api.py +26 -4
- reconcile/utils/sloth.py +224 -0
- reconcile/utils/sqs_gateway.py +16 -11
- reconcile/utils/state.py +2 -1
- reconcile/utils/structs.py +4 -4
- reconcile/utils/terraform_client.py +32 -29
- reconcile/utils/terrascript_aws_client.py +658 -480
- reconcile/utils/three_way_diff_strategy.py +1 -1
- reconcile/utils/throughput.py +1 -1
- reconcile/utils/unleash/server.py +2 -8
- reconcile/utils/vault.py +44 -41
- reconcile/utils/vcs.py +8 -8
- reconcile/vault_replication.py +119 -58
- reconcile/vpc_peerings_validator.py +2 -2
- tools/app_interface_reporter.py +4 -4
- tools/cli_commands/cost_report/cost_management_api.py +3 -3
- tools/cli_commands/cost_report/view.py +7 -6
- tools/cli_commands/erv2.py +1 -1
- tools/cli_commands/gpg_encrypt.py +4 -1
- tools/cli_commands/systems_and_tools.py +5 -1
- tools/qontract_cli.py +36 -21
- tools/sre_checkpoints/util.py +5 -3
- tools/template_validation.py +3 -1
- reconcile/gql_definitions/ocm_oidc_idp/__init__.py +0 -0
- reconcile/gql_definitions/ocm_subscription_labels/__init__.py +0 -0
- reconcile/jenkins/__init__.py +0 -0
- reconcile/jenkins/types.py +0 -77
- {qontract_reconcile-0.10.2.dev299.dist-info → qontract_reconcile-0.10.2.dev430.dist-info}/WHEEL +0 -0
- {qontract_reconcile-0.10.2.dev299.dist-info → qontract_reconcile-0.10.2.dev430.dist-info}/entry_points.txt +0 -0
reconcile/utils/structs.py
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
from
|
|
1
|
+
from dataclasses import dataclass
|
|
2
2
|
|
|
3
3
|
|
|
4
4
|
@dataclass
|
|
5
5
|
class CommandExecutionResult:
|
|
6
6
|
"""This class represents a command execution result"""
|
|
7
7
|
|
|
8
|
-
def __init__(self, is_ok, message):
|
|
8
|
+
def __init__(self, is_ok: bool, message: str) -> None:
|
|
9
9
|
self.is_ok = is_ok
|
|
10
10
|
self.message = message
|
|
11
11
|
|
|
12
|
-
def __str__(self):
|
|
12
|
+
def __str__(self) -> str:
|
|
13
13
|
return str(self.message)
|
|
14
14
|
|
|
15
|
-
def __bool__(self):
|
|
15
|
+
def __bool__(self) -> bool:
|
|
16
16
|
return self.is_ok
|
|
@@ -5,8 +5,8 @@ import shutil
|
|
|
5
5
|
import tempfile
|
|
6
6
|
from collections import defaultdict
|
|
7
7
|
from collections.abc import (
|
|
8
|
-
Generator,
|
|
9
8
|
Iterable,
|
|
9
|
+
Iterator,
|
|
10
10
|
Mapping,
|
|
11
11
|
)
|
|
12
12
|
from contextlib import contextmanager
|
|
@@ -36,6 +36,7 @@ from reconcile.typed_queries.app_interface_custom_messages import (
|
|
|
36
36
|
)
|
|
37
37
|
from reconcile.utils.aws_api import AWSApi
|
|
38
38
|
from reconcile.utils.aws_helper import get_region_from_availability_zone
|
|
39
|
+
from reconcile.utils.datetime_util import ensure_utc, utc_now
|
|
39
40
|
from reconcile.utils.external_resource_spec import (
|
|
40
41
|
ExternalResourceSpec,
|
|
41
42
|
ExternalResourceSpecInventory,
|
|
@@ -86,8 +87,8 @@ class TerraformClient:
|
|
|
86
87
|
working_dirs: Mapping[str, str],
|
|
87
88
|
thread_pool_size: int,
|
|
88
89
|
aws_api: AWSApi | None = None,
|
|
89
|
-
init_users=False,
|
|
90
|
-
):
|
|
90
|
+
init_users: bool = False,
|
|
91
|
+
) -> None:
|
|
91
92
|
self.integration = integration
|
|
92
93
|
self.integration_version = integration_version
|
|
93
94
|
self.integration_prefix = integration_prefix
|
|
@@ -101,7 +102,7 @@ class TerraformClient:
|
|
|
101
102
|
|
|
102
103
|
self.specs: list[TerraformSpec] = []
|
|
103
104
|
self.init_specs()
|
|
104
|
-
self.outputs: dict = {}
|
|
105
|
+
self.outputs: dict[str, Any] = {}
|
|
105
106
|
self.init_outputs()
|
|
106
107
|
|
|
107
108
|
self.OUTPUT_TYPE_SECRETS = "Secrets"
|
|
@@ -112,19 +113,19 @@ class TerraformClient:
|
|
|
112
113
|
if init_users:
|
|
113
114
|
self.init_existing_users()
|
|
114
115
|
|
|
115
|
-
def init_existing_users(self):
|
|
116
|
+
def init_existing_users(self) -> None:
|
|
116
117
|
self.users = {
|
|
117
118
|
account: list(self.format_output(output, self.OUTPUT_TYPE_PASSWORDS).keys())
|
|
118
119
|
for account, output in self.outputs.items()
|
|
119
120
|
}
|
|
120
121
|
|
|
121
|
-
def increment_apply_count(self):
|
|
122
|
+
def increment_apply_count(self) -> None:
|
|
122
123
|
self.apply_count += 1
|
|
123
124
|
|
|
124
125
|
def should_apply(self) -> bool:
|
|
125
126
|
return self.apply_count > 0
|
|
126
127
|
|
|
127
|
-
def get_new_users(self):
|
|
128
|
+
def get_new_users(self) -> list[tuple[str, Any, str, Any]]:
|
|
128
129
|
new_users = []
|
|
129
130
|
self.init_outputs() # get updated output
|
|
130
131
|
for account, output in self.outputs.items():
|
|
@@ -141,7 +142,7 @@ class TerraformClient:
|
|
|
141
142
|
))
|
|
142
143
|
return new_users
|
|
143
144
|
|
|
144
|
-
def init_specs(self):
|
|
145
|
+
def init_specs(self) -> None:
|
|
145
146
|
self.specs = [
|
|
146
147
|
TerraformSpec(name=name, working_dir=wd)
|
|
147
148
|
for name, wd in self.working_dirs.items()
|
|
@@ -152,7 +153,7 @@ class TerraformClient:
|
|
|
152
153
|
@contextmanager
|
|
153
154
|
def _terraform_log_file(
|
|
154
155
|
self, working_dir: str
|
|
155
|
-
) ->
|
|
156
|
+
) -> Iterator[tuple[IO[bytes], dict[str, str]]]:
|
|
156
157
|
with tempfile.NamedTemporaryFile(dir=working_dir) as f:
|
|
157
158
|
env = {
|
|
158
159
|
"TF_LOG": TERRAFORM_LOG_LEVEL,
|
|
@@ -161,7 +162,7 @@ class TerraformClient:
|
|
|
161
162
|
yield f, env
|
|
162
163
|
|
|
163
164
|
@retry(exceptions=TerraformCommandError)
|
|
164
|
-
def terraform_init(self, spec: TerraformSpec):
|
|
165
|
+
def terraform_init(self, spec: TerraformSpec) -> None:
|
|
165
166
|
with self._terraform_log_file(spec.working_dir) as (f, env):
|
|
166
167
|
return_code, stdout, stderr = lean_tf.init(spec.working_dir, env=env)
|
|
167
168
|
log = f.read().decode("utf-8")
|
|
@@ -171,12 +172,12 @@ class TerraformClient:
|
|
|
171
172
|
return_code, "init", output=stdout, stderr=stderr
|
|
172
173
|
)
|
|
173
174
|
|
|
174
|
-
def init_outputs(self):
|
|
175
|
+
def init_outputs(self) -> None:
|
|
175
176
|
results = threaded.run(self.terraform_output, self.specs, self.thread_pool_size)
|
|
176
177
|
self.outputs = dict(results)
|
|
177
178
|
|
|
178
179
|
@retry(exceptions=TerraformCommandError)
|
|
179
|
-
def terraform_output(self, spec: TerraformSpec):
|
|
180
|
+
def terraform_output(self, spec: TerraformSpec) -> tuple[str, Any]:
|
|
180
181
|
with self._terraform_log_file(spec.working_dir) as (f, env):
|
|
181
182
|
return_code, stdout, stderr = lean_tf.output(spec.working_dir, env=env)
|
|
182
183
|
log = f.read().decode("utf-8")
|
|
@@ -194,17 +195,17 @@ class TerraformClient:
|
|
|
194
195
|
return spec.name, json.loads(stdout)
|
|
195
196
|
|
|
196
197
|
# terraform plan
|
|
197
|
-
def plan(self, enable_deletion):
|
|
198
|
+
def plan(self, enable_deletion: bool) -> tuple[bool, bool]:
|
|
198
199
|
errors = False
|
|
199
200
|
disabled_deletions_detected = False
|
|
200
|
-
results = threaded.run(
|
|
201
|
+
results: list[tuple[bool, list[AccountUser], bool]] = threaded.run(
|
|
201
202
|
self.terraform_plan,
|
|
202
203
|
self.specs,
|
|
203
204
|
self.thread_pool_size,
|
|
204
205
|
enable_deletion=enable_deletion,
|
|
205
206
|
)
|
|
206
207
|
|
|
207
|
-
self.created_users = []
|
|
208
|
+
self.created_users: list[AccountUser] = []
|
|
208
209
|
for disabled_deletion_detected, created_users, error in results:
|
|
209
210
|
if error:
|
|
210
211
|
errors = True
|
|
@@ -222,7 +223,7 @@ class TerraformClient:
|
|
|
222
223
|
if disable_deletions_detected:
|
|
223
224
|
raise RuntimeError("Terraform plan has disabled deletions detected")
|
|
224
225
|
|
|
225
|
-
@retry(no_retry_exceptions=RdsUpgradeValidationError)
|
|
226
|
+
@retry(no_retry_exceptions=(RdsUpgradeValidationError,))
|
|
226
227
|
def terraform_plan(
|
|
227
228
|
self, spec: TerraformSpec, enable_deletion: bool
|
|
228
229
|
) -> tuple[bool, list[AccountUser], bool]:
|
|
@@ -278,7 +279,7 @@ class TerraformClient:
|
|
|
278
279
|
self,
|
|
279
280
|
spec: TerraformSpec,
|
|
280
281
|
enable_deletion: bool,
|
|
281
|
-
) -> tuple[bool, list]:
|
|
282
|
+
) -> tuple[bool, list[AccountUser]]:
|
|
282
283
|
disabled_deletion_detected = False
|
|
283
284
|
name = spec.name
|
|
284
285
|
account_enable_deletion = self.accounts[name].get("enableDeletion") or False
|
|
@@ -412,16 +413,18 @@ class TerraformClient:
|
|
|
412
413
|
)
|
|
413
414
|
return disabled_deletion_detected, created_users
|
|
414
415
|
|
|
415
|
-
def deletion_approved(
|
|
416
|
+
def deletion_approved(
|
|
417
|
+
self, account_name: str, resource_type: str, resource_name: str
|
|
418
|
+
) -> bool:
|
|
416
419
|
account = self.accounts[account_name]
|
|
417
420
|
deletion_approvals = account.get("deletionApprovals")
|
|
418
421
|
if not deletion_approvals:
|
|
419
422
|
return False
|
|
420
|
-
now =
|
|
423
|
+
now = utc_now()
|
|
421
424
|
for da in deletion_approvals:
|
|
422
425
|
try:
|
|
423
|
-
expiration =
|
|
424
|
-
da["expiration"], DATE_FORMAT
|
|
426
|
+
expiration = ensure_utc(
|
|
427
|
+
datetime.strptime(da["expiration"], DATE_FORMAT) # noqa: DTZ007
|
|
425
428
|
) + timedelta(days=1)
|
|
426
429
|
except ValueError:
|
|
427
430
|
raise DeletionApprovalExpirationValueError(
|
|
@@ -439,11 +442,11 @@ class TerraformClient:
|
|
|
439
442
|
return False
|
|
440
443
|
|
|
441
444
|
# terraform apply
|
|
442
|
-
def apply(self):
|
|
445
|
+
def apply(self) -> bool:
|
|
443
446
|
errors = threaded.run(self.terraform_apply, self.specs, self.thread_pool_size)
|
|
444
447
|
return any(errors)
|
|
445
448
|
|
|
446
|
-
def terraform_apply(self, spec: TerraformSpec):
|
|
449
|
+
def terraform_apply(self, spec: TerraformSpec) -> bool:
|
|
447
450
|
with self._terraform_log_file(spec.working_dir) as (f, env):
|
|
448
451
|
return_code, stdout, stderr = lean_tf.apply(
|
|
449
452
|
spec.working_dir,
|
|
@@ -486,9 +489,9 @@ class TerraformClient:
|
|
|
486
489
|
|
|
487
490
|
return replicas_info
|
|
488
491
|
|
|
489
|
-
def format_output(self, output, type):
|
|
492
|
+
def format_output(self, output: Any, type: str) -> dict[str, dict[str, Any]]:
|
|
490
493
|
# data is a dictionary of dictionaries
|
|
491
|
-
data = {}
|
|
494
|
+
data: dict[str, dict[str, Any]] = {}
|
|
492
495
|
if output is None:
|
|
493
496
|
return data
|
|
494
497
|
|
|
@@ -643,7 +646,7 @@ class TerraformClient:
|
|
|
643
646
|
return error_occured
|
|
644
647
|
|
|
645
648
|
@staticmethod
|
|
646
|
-
def split_to_lines(*outputs):
|
|
649
|
+
def split_to_lines(*outputs: str) -> Any:
|
|
647
650
|
split_outputs = []
|
|
648
651
|
try:
|
|
649
652
|
for output in outputs:
|
|
@@ -656,7 +659,7 @@ class TerraformClient:
|
|
|
656
659
|
return split_outputs[0]
|
|
657
660
|
return split_outputs
|
|
658
661
|
|
|
659
|
-
def cleanup(self):
|
|
662
|
+
def cleanup(self) -> None:
|
|
660
663
|
if self._aws_api is not None:
|
|
661
664
|
self._aws_api.cleanup()
|
|
662
665
|
for wd in self.working_dirs.values():
|
|
@@ -757,7 +760,7 @@ class TerraformClient:
|
|
|
757
760
|
|
|
758
761
|
def validate_db_upgrade(
|
|
759
762
|
self, account_name: str, resource_name: str, resource_change: Mapping[str, Any]
|
|
760
|
-
):
|
|
763
|
+
) -> None:
|
|
761
764
|
"""
|
|
762
765
|
Determine whether the RDS engine version upgrade is valid.
|
|
763
766
|
|
|
@@ -862,7 +865,7 @@ class TerraformClient:
|
|
|
862
865
|
],
|
|
863
866
|
}
|
|
864
867
|
|
|
865
|
-
def is_supported(engine, version):
|
|
868
|
+
def is_supported(engine: str, version: str) -> bool:
|
|
866
869
|
parsed_version = pkg_version.parse(version)
|
|
867
870
|
if engine == "mysql":
|
|
868
871
|
return any(
|