PyPI - qontract-reconcile - Versions diffs - 0.10.2.dev310__py3-none-any.whl → 0.10.2.dev439__py3-none-any.whl - Mend

qontract-reconcile 0.10.2.dev310py3-none-any.whl → 0.10.2.dev439py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of qontract-reconcile might be problematic. Click here for more details.

Files changed (400) hide show

{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/METADATA +13 -12
{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/RECORD +396 -391
reconcile/acs_rbac.py +2 -2
reconcile/aus/advanced_upgrade_service.py +18 -12
reconcile/aus/base.py +134 -32
reconcile/aus/cluster_version_data.py +15 -5
reconcile/aus/models.py +3 -1
reconcile/aus/ocm_addons_upgrade_scheduler_org.py +1 -0
reconcile/aus/ocm_upgrade_scheduler.py +8 -1
reconcile/aus/ocm_upgrade_scheduler_org.py +20 -5
reconcile/aus/version_gates/sts_version_gate_handler.py +54 -1
reconcile/automated_actions/config/integration.py +16 -4
reconcile/aws_account_manager/integration.py +8 -8
reconcile/aws_account_manager/reconciler.py +3 -3
reconcile/aws_ami_cleanup/integration.py +8 -12
reconcile/aws_ami_share.py +69 -62
reconcile/aws_cloudwatch_log_retention/integration.py +155 -126
reconcile/aws_ecr_image_pull_secrets.py +5 -5
reconcile/aws_iam_keys.py +1 -0
reconcile/aws_saml_idp/integration.py +12 -4
reconcile/aws_saml_roles/integration.py +32 -25
reconcile/aws_version_sync/integration.py +125 -84
reconcile/change_owners/bundle.py +3 -3
reconcile/change_owners/change_log_tracking.py +3 -2
reconcile/change_owners/change_owners.py +1 -1
reconcile/change_owners/diff.py +2 -4
reconcile/checkpoint.py +12 -4
reconcile/cli.py +111 -18
reconcile/cluster_deployment_mapper.py +2 -3
reconcile/dashdotdb_dora.py +5 -12
reconcile/dashdotdb_slo.py +1 -1
reconcile/database_access_manager.py +125 -121
reconcile/deadmanssnitch.py +1 -5
reconcile/dynatrace_token_provider/integration.py +1 -1
reconcile/endpoints_discovery/integration.py +4 -1
reconcile/endpoints_discovery/merge_request.py +1 -1
reconcile/endpoints_discovery/merge_request_manager.py +9 -11
reconcile/external_resources/factories.py +5 -12
reconcile/external_resources/integration.py +1 -1
reconcile/external_resources/manager.py +8 -5
reconcile/external_resources/meta.py +0 -1
reconcile/external_resources/metrics.py +1 -1
reconcile/external_resources/model.py +20 -20
reconcile/external_resources/reconciler.py +7 -4
reconcile/external_resources/secrets_sync.py +10 -14
reconcile/external_resources/state.py +26 -16
reconcile/fleet_labeler/integration.py +1 -1
reconcile/gabi_authorized_users.py +8 -5
reconcile/gcp_image_mirror.py +2 -2
reconcile/github_org.py +1 -1
reconcile/github_owners.py +4 -0
reconcile/gitlab_housekeeping.py +13 -15
reconcile/gitlab_members.py +6 -12
reconcile/gitlab_mr_sqs_consumer.py +2 -2
reconcile/gitlab_owners.py +15 -11
reconcile/gitlab_permissions.py +8 -12
reconcile/glitchtip_project_alerts/integration.py +3 -1
reconcile/gql_definitions/acs/acs_instances.py +10 -10
reconcile/gql_definitions/acs/acs_policies.py +5 -5
reconcile/gql_definitions/acs/acs_rbac.py +6 -6
reconcile/gql_definitions/advanced_upgrade_service/aus_clusters.py +32 -32
reconcile/gql_definitions/advanced_upgrade_service/aus_organization.py +26 -26
reconcile/gql_definitions/app_interface_metrics_exporter/onboarding_status.py +6 -7
reconcile/gql_definitions/app_sre_tekton_access_revalidation/roles.py +5 -5
reconcile/gql_definitions/app_sre_tekton_access_revalidation/users.py +5 -5
reconcile/gql_definitions/automated_actions/instance.py +51 -12
reconcile/gql_definitions/aws_account_manager/aws_accounts.py +11 -11
reconcile/gql_definitions/aws_ami_cleanup/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_cloudwatch_log_retention/aws_accounts.py +28 -68
reconcile/gql_definitions/aws_saml_idp/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_saml_roles/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_saml_roles/roles.py +5 -5
reconcile/gql_definitions/aws_version_sync/clusters.py +10 -10
reconcile/gql_definitions/aws_version_sync/namespaces.py +5 -5
reconcile/gql_definitions/change_owners/queries/change_types.py +5 -5
reconcile/gql_definitions/change_owners/queries/self_service_roles.py +9 -9
reconcile/gql_definitions/cluster_auth_rhidp/clusters.py +18 -18
reconcile/gql_definitions/common/alerting_services_settings.py +9 -9
reconcile/gql_definitions/common/app_code_component_repos.py +5 -5
reconcile/gql_definitions/common/app_interface_custom_messages.py +5 -5
reconcile/gql_definitions/common/app_interface_dms_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_repo_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_roles.py +120 -0
reconcile/gql_definitions/common/app_interface_state_settings.py +10 -10
reconcile/gql_definitions/common/app_interface_vault_settings.py +5 -5
reconcile/gql_definitions/common/app_quay_repos_escalation_policies.py +5 -5
reconcile/gql_definitions/common/apps.py +5 -5
reconcile/gql_definitions/common/aws_vpc_requests.py +22 -9
reconcile/gql_definitions/common/aws_vpcs.py +11 -11
reconcile/gql_definitions/common/clusters.py +37 -35
reconcile/gql_definitions/common/clusters_minimal.py +14 -14
reconcile/gql_definitions/common/clusters_with_dms.py +6 -6
reconcile/gql_definitions/common/clusters_with_peering.py +29 -30
reconcile/gql_definitions/common/github_orgs.py +10 -10
reconcile/gql_definitions/common/jira_settings.py +10 -10
reconcile/gql_definitions/common/jiralert_settings.py +5 -5
reconcile/gql_definitions/common/ldap_settings.py +5 -5
reconcile/gql_definitions/common/namespaces.py +42 -44
reconcile/gql_definitions/common/namespaces_minimal.py +15 -13
reconcile/gql_definitions/common/ocm_env_telemeter.py +12 -12
reconcile/gql_definitions/common/ocm_environments.py +19 -19
reconcile/gql_definitions/common/pagerduty_instances.py +9 -9
reconcile/gql_definitions/common/pgp_reencryption_settings.py +6 -6
reconcile/gql_definitions/common/pipeline_providers.py +29 -29
reconcile/gql_definitions/common/quay_instances.py +5 -5
reconcile/gql_definitions/common/quay_orgs.py +5 -5
reconcile/gql_definitions/common/reserved_networks.py +5 -5
reconcile/gql_definitions/common/rhcs_provider_settings.py +5 -5
reconcile/gql_definitions/common/saas_files.py +44 -44
reconcile/gql_definitions/common/saas_target_namespaces.py +10 -10
reconcile/gql_definitions/common/saasherder_settings.py +5 -5
reconcile/gql_definitions/common/slack_workspaces.py +5 -5
reconcile/gql_definitions/common/smtp_client_settings.py +19 -19
reconcile/gql_definitions/common/state_aws_account.py +7 -8
reconcile/gql_definitions/common/users.py +5 -5
reconcile/gql_definitions/common/users_with_paths.py +5 -5
reconcile/gql_definitions/cost_report/app_names.py +5 -5
reconcile/gql_definitions/cost_report/cost_namespaces.py +5 -5
reconcile/gql_definitions/cost_report/settings.py +9 -9
reconcile/gql_definitions/dashdotdb_slo/slo_documents_query.py +43 -43
reconcile/gql_definitions/dynatrace_token_provider/dynatrace_bootstrap_tokens.py +10 -10
reconcile/gql_definitions/dynatrace_token_provider/token_specs.py +5 -5
reconcile/gql_definitions/email_sender/apps.py +5 -5
reconcile/gql_definitions/email_sender/emails.py +8 -8
reconcile/gql_definitions/email_sender/users.py +6 -6
reconcile/gql_definitions/endpoints_discovery/apps.py +10 -10
reconcile/gql_definitions/external_resources/aws_accounts.py +9 -9
reconcile/gql_definitions/external_resources/external_resources_modules.py +23 -23
reconcile/gql_definitions/external_resources/external_resources_namespaces.py +494 -410
reconcile/gql_definitions/external_resources/external_resources_settings.py +28 -26
reconcile/gql_definitions/external_resources/fragments/external_resources_module_overrides.py +5 -5
reconcile/gql_definitions/fleet_labeler/fleet_labels.py +40 -40
reconcile/gql_definitions/fragments/aus_organization.py +5 -5
reconcile/gql_definitions/fragments/aws_account_common.py +7 -5
reconcile/gql_definitions/fragments/aws_account_managed.py +5 -5
reconcile/gql_definitions/fragments/aws_account_sso.py +5 -5
reconcile/gql_definitions/fragments/aws_infra_management_account.py +5 -5
reconcile/gql_definitions/fragments/{aws_vpc_request_subnet.py → aws_organization.py} +12 -8
reconcile/gql_definitions/fragments/aws_vpc.py +5 -5
reconcile/gql_definitions/fragments/aws_vpc_request.py +12 -5
reconcile/gql_definitions/fragments/container_image_mirror.py +5 -5
reconcile/gql_definitions/fragments/deploy_resources.py +5 -5
reconcile/gql_definitions/fragments/disable.py +5 -5
reconcile/gql_definitions/fragments/email_service.py +5 -5
reconcile/gql_definitions/fragments/email_user.py +5 -5
reconcile/gql_definitions/fragments/jumphost_common_fields.py +5 -5
reconcile/gql_definitions/fragments/membership_source.py +5 -5
reconcile/gql_definitions/fragments/minimal_ocm_organization.py +5 -5
reconcile/gql_definitions/fragments/oc_connection_cluster.py +5 -5
reconcile/gql_definitions/fragments/ocm_environment.py +5 -5
reconcile/gql_definitions/fragments/pipeline_provider_retention.py +5 -5
reconcile/gql_definitions/fragments/prometheus_instance.py +5 -5
reconcile/gql_definitions/fragments/resource_limits_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_requests_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_values.py +5 -5
reconcile/gql_definitions/fragments/saas_slo_document.py +5 -5
reconcile/gql_definitions/fragments/saas_target_namespace.py +5 -5
reconcile/gql_definitions/fragments/serviceaccount_token.py +5 -5
reconcile/gql_definitions/fragments/terraform_state.py +5 -5
reconcile/gql_definitions/fragments/upgrade_policy.py +5 -5
reconcile/gql_definitions/fragments/user.py +5 -5
reconcile/gql_definitions/fragments/vault_secret.py +5 -5
reconcile/gql_definitions/gcp/gcp_docker_repos.py +9 -9
reconcile/gql_definitions/gcp/gcp_projects.py +9 -9
reconcile/gql_definitions/gitlab_members/gitlab_instances.py +9 -9
reconcile/gql_definitions/gitlab_members/permissions.py +9 -9
reconcile/gql_definitions/glitchtip/glitchtip_instance.py +9 -9
reconcile/gql_definitions/glitchtip/glitchtip_project.py +11 -11
reconcile/gql_definitions/glitchtip_project_alerts/glitchtip_project.py +9 -9
reconcile/gql_definitions/integrations/integrations.py +48 -51
reconcile/gql_definitions/introspection.json +3510 -1865
reconcile/gql_definitions/jenkins_configs/jenkins_configs.py +11 -11
reconcile/gql_definitions/jenkins_configs/jenkins_instances.py +10 -10
reconcile/gql_definitions/jira/jira_servers.py +5 -5
reconcile/gql_definitions/jira_permissions_validator/jira_boards_for_permissions_validator.py +14 -10
reconcile/gql_definitions/jumphosts/jumphosts.py +13 -13
reconcile/gql_definitions/ldap_groups/roles.py +5 -5
reconcile/gql_definitions/ldap_groups/settings.py +9 -9
reconcile/gql_definitions/maintenance/maintenances.py +5 -5
reconcile/gql_definitions/membershipsources/roles.py +5 -5
reconcile/gql_definitions/ocm_labels/clusters.py +18 -19
reconcile/gql_definitions/ocm_labels/organizations.py +5 -5
reconcile/gql_definitions/openshift_cluster_bots/clusters.py +22 -22
reconcile/gql_definitions/openshift_groups/managed_groups.py +5 -5
reconcile/gql_definitions/openshift_groups/managed_roles.py +6 -6
reconcile/gql_definitions/openshift_serviceaccount_tokens/tokens.py +10 -10
reconcile/gql_definitions/quay_membership/quay_membership.py +6 -6
reconcile/gql_definitions/rhcs/certs.py +33 -87
reconcile/gql_definitions/rhcs/openshift_resource_rhcs_cert.py +43 -0
reconcile/gql_definitions/rhidp/organizations.py +18 -18
reconcile/gql_definitions/service_dependencies/jenkins_instance_fragment.py +5 -5
reconcile/gql_definitions/service_dependencies/service_dependencies.py +8 -8
reconcile/gql_definitions/sharding/aws_accounts.py +10 -10
reconcile/gql_definitions/sharding/ocm_organization.py +8 -8
reconcile/gql_definitions/skupper_network/site_controller_template.py +5 -5
reconcile/gql_definitions/skupper_network/skupper_networks.py +10 -10
reconcile/gql_definitions/slack_usergroups/clusters.py +5 -5
reconcile/gql_definitions/slack_usergroups/permissions.py +9 -9
reconcile/gql_definitions/slack_usergroups/users.py +5 -5
reconcile/gql_definitions/slo_documents/slo_documents.py +5 -5
reconcile/gql_definitions/status_board/status_board.py +6 -7
reconcile/gql_definitions/statuspage/statuspages.py +9 -9
reconcile/gql_definitions/templating/template_collection.py +5 -5
reconcile/gql_definitions/templating/templates.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_dns/app_interface_cloudflare_dns_settings.py +6 -6
reconcile/gql_definitions/terraform_cloudflare_dns/terraform_cloudflare_zones.py +11 -11
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_accounts.py +11 -11
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_resources.py +20 -25
reconcile/gql_definitions/terraform_cloudflare_users/app_interface_setting_cloudflare_and_vault.py +6 -6
reconcile/gql_definitions/terraform_cloudflare_users/terraform_cloudflare_roles.py +12 -12
reconcile/gql_definitions/terraform_init/aws_accounts.py +23 -9
reconcile/gql_definitions/terraform_repo/terraform_repo.py +9 -9
reconcile/gql_definitions/terraform_resources/database_access_manager.py +5 -5
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +450 -402
reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py +23 -17
reconcile/gql_definitions/unleash_feature_toggles/feature_toggles.py +9 -9
reconcile/gql_definitions/vault_instances/vault_instances.py +61 -61
reconcile/gql_definitions/vault_policies/vault_policies.py +11 -11
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator.py +8 -8
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator_peered_cluster_fragment.py +5 -5
reconcile/integrations_manager.py +3 -3
reconcile/jenkins_job_builder.py +1 -1
reconcile/jenkins_worker_fleets.py +80 -11
reconcile/jira_permissions_validator.py +237 -122
reconcile/ldap_groups/integration.py +1 -1
reconcile/ocm/types.py +35 -56
reconcile/ocm_aws_infrastructure_access.py +1 -1
reconcile/ocm_clusters.py +4 -4
reconcile/ocm_labels/integration.py +3 -2
reconcile/ocm_machine_pools.py +33 -27
reconcile/openshift_base.py +122 -10
reconcile/openshift_cluster_bots.py +5 -5
reconcile/openshift_groups.py +5 -0
reconcile/openshift_limitranges.py +1 -1
reconcile/openshift_namespace_labels.py +1 -1
reconcile/openshift_namespaces.py +97 -101
reconcile/openshift_resources_base.py +10 -5
reconcile/openshift_rhcs_certs.py +77 -40
reconcile/openshift_rolebindings.py +230 -130
reconcile/openshift_saas_deploy.py +6 -7
reconcile/openshift_saas_deploy_change_tester.py +9 -7
reconcile/openshift_saas_deploy_trigger_cleaner.py +3 -5
reconcile/openshift_serviceaccount_tokens.py +8 -7
reconcile/openshift_tekton_resources.py +1 -1
reconcile/openshift_upgrade_watcher.py +4 -4
reconcile/openshift_users.py +5 -3
reconcile/oum/labelset.py +5 -3
reconcile/oum/models.py +1 -4
reconcile/oum/providers.py +1 -1
reconcile/prometheus_rules_tester/integration.py +4 -4
reconcile/quay_mirror.py +1 -1
reconcile/queries.py +131 -0
reconcile/requests_sender.py +8 -3
reconcile/resource_scraper.py +1 -5
reconcile/rhidp/common.py +3 -5
reconcile/rhidp/sso_client/base.py +19 -10
reconcile/saas_auto_promotions_manager/merge_request_manager/renderer.py +1 -1
reconcile/saas_auto_promotions_manager/subscriber.py +4 -3
reconcile/sendgrid_teammates.py +20 -9
reconcile/skupper_network/integration.py +2 -2
reconcile/slack_usergroups.py +35 -14
reconcile/sql_query.py +1 -0
reconcile/status.py +2 -2
reconcile/status_board.py +6 -6
reconcile/statuspage/atlassian.py +7 -7
reconcile/statuspage/integrations/maintenances.py +4 -3
reconcile/statuspage/page.py +4 -9
reconcile/statuspage/status.py +5 -8
reconcile/templates/rosa-classic-cluster-creation.sh.j2 +5 -1
reconcile/templates/rosa-hcp-cluster-creation.sh.j2 +4 -1
reconcile/templating/lib/merge_request_manager.py +2 -2
reconcile/templating/lib/rendering.py +3 -3
reconcile/templating/renderer.py +12 -13
reconcile/terraform_aws_route53.py +18 -8
reconcile/terraform_cloudflare_dns.py +3 -3
reconcile/terraform_cloudflare_resources.py +12 -13
reconcile/terraform_cloudflare_users.py +3 -2
reconcile/terraform_init/integration.py +187 -23
reconcile/terraform_repo.py +16 -12
reconcile/terraform_resources.py +18 -10
reconcile/terraform_tgw_attachments.py +28 -20
reconcile/terraform_users.py +27 -22
reconcile/terraform_vpc_peerings.py +15 -3
reconcile/terraform_vpc_resources/integration.py +23 -8
reconcile/typed_queries/app_interface_roles.py +10 -0
reconcile/typed_queries/aws_account_tags.py +41 -0
reconcile/typed_queries/cost_report/app_names.py +1 -1
reconcile/typed_queries/cost_report/cost_namespaces.py +2 -2
reconcile/typed_queries/saas_files.py +13 -13
reconcile/typed_queries/status_board.py +2 -2
reconcile/unleash_feature_toggles/integration.py +4 -2
reconcile/utils/acs/base.py +6 -3
reconcile/utils/acs/policies.py +2 -2
reconcile/utils/aggregated_list.py +4 -3
reconcile/utils/aws_api.py +51 -20
reconcile/utils/aws_api_typed/api.py +38 -9
reconcile/utils/aws_api_typed/cloudformation.py +149 -0
reconcile/utils/aws_api_typed/logs.py +73 -0
reconcile/utils/aws_api_typed/organization.py +4 -2
reconcile/utils/binary.py +7 -12
reconcile/utils/datetime_util.py +67 -0
reconcile/utils/deadmanssnitch_api.py +1 -1
reconcile/utils/differ.py +2 -3
reconcile/utils/early_exit_cache.py +11 -12
reconcile/utils/expiration.py +7 -3
reconcile/utils/external_resource_spec.py +24 -1
reconcile/utils/filtering.py +1 -1
reconcile/utils/gitlab_api.py +7 -5
reconcile/utils/glitchtip/client.py +6 -2
reconcile/utils/glitchtip/models.py +25 -28
reconcile/utils/gpg.py +5 -3
reconcile/utils/gql.py +4 -7
reconcile/utils/helm.py +2 -1
reconcile/utils/helpers.py +1 -1
reconcile/utils/imap_client.py +1 -1
reconcile/utils/instrumented_wrappers.py +1 -1
reconcile/utils/internal_groups/client.py +2 -2
reconcile/utils/internal_groups/models.py +8 -17
reconcile/utils/jenkins_api.py +24 -1
reconcile/utils/jinja2/utils.py +6 -8
reconcile/utils/jira_client.py +82 -63
reconcile/utils/jjb_client.py +78 -46
reconcile/utils/jobcontroller/controller.py +2 -2
reconcile/utils/jobcontroller/models.py +17 -1
reconcile/utils/json.py +74 -0
reconcile/utils/ldap_client.py +4 -3
reconcile/utils/lean_terraform_client.py +3 -1
reconcile/utils/membershipsources/app_interface_resolver.py +4 -2
reconcile/utils/membershipsources/models.py +16 -23
reconcile/utils/membershipsources/resolver.py +4 -2
reconcile/utils/merge_request_manager/merge_request_manager.py +4 -4
reconcile/utils/merge_request_manager/parser.py +6 -6
reconcile/utils/metrics.py +5 -5
reconcile/utils/models.py +304 -82
reconcile/utils/mr/__init__.py +3 -1
reconcile/utils/mr/app_interface_reporter.py +6 -3
reconcile/utils/mr/aws_access.py +1 -1
reconcile/utils/mr/base.py +7 -13
reconcile/utils/mr/clusters_updates.py +4 -2
reconcile/utils/mr/notificator.py +3 -3
reconcile/utils/mr/ocm_upgrade_scheduler_org_updates.py +4 -1
reconcile/utils/mr/promote_qontract.py +28 -12
reconcile/utils/mr/update_access_report_base.py +3 -4
reconcile/utils/mr/user_maintenance.py +7 -6
reconcile/utils/oc.py +445 -336
reconcile/utils/oc_filters.py +3 -3
reconcile/utils/ocm/addons.py +0 -1
reconcile/utils/ocm/base.py +18 -21
reconcile/utils/ocm/cluster_groups.py +1 -1
reconcile/utils/ocm/identity_providers.py +2 -2
reconcile/utils/ocm/labels.py +1 -1
reconcile/utils/ocm/ocm.py +81 -71
reconcile/utils/ocm/products.py +9 -3
reconcile/utils/ocm/search_filters.py +3 -6
reconcile/utils/ocm/service_log.py +4 -6
reconcile/utils/ocm/sre_capability_labels.py +20 -13
reconcile/utils/ocm_base_client.py +4 -4
reconcile/utils/openshift_resource.py +83 -52
reconcile/utils/openssl.py +2 -2
reconcile/utils/output.py +3 -2
reconcile/utils/pagerduty_api.py +10 -7
reconcile/utils/promotion_state.py +6 -11
reconcile/utils/raw_github_api.py +11 -8
reconcile/utils/repo_owners.py +21 -29
reconcile/utils/rhcsv2_certs.py +138 -35
reconcile/utils/rosa/session.py +16 -0
reconcile/utils/runtime/integration.py +2 -3
reconcile/utils/runtime/meta.py +2 -1
reconcile/utils/runtime/runner.py +2 -2
reconcile/utils/saasherder/interfaces.py +13 -20
reconcile/utils/saasherder/models.py +25 -21
reconcile/utils/saasherder/saasherder.py +60 -32
reconcile/utils/secret_reader.py +6 -6
reconcile/utils/sharding.py +1 -1
reconcile/utils/slack_api.py +26 -4
reconcile/utils/sloth.py +224 -0
reconcile/utils/sqs_gateway.py +16 -11
reconcile/utils/state.py +2 -1
reconcile/utils/structs.py +1 -1
reconcile/utils/terraform_client.py +29 -26
reconcile/utils/terrascript_aws_client.py +200 -116
reconcile/utils/three_way_diff_strategy.py +1 -1
reconcile/utils/unleash/server.py +2 -8
reconcile/utils/vault.py +44 -41
reconcile/utils/vcs.py +8 -8
reconcile/vault_replication.py +119 -58
tools/app_interface_reporter.py +4 -4
tools/cli_commands/cost_report/cost_management_api.py +3 -3
tools/cli_commands/cost_report/view.py +7 -6
tools/cli_commands/erv2.py +1 -1
tools/cli_commands/gpg_encrypt.py +4 -1
tools/cli_commands/systems_and_tools.py +5 -1
tools/qontract_cli.py +36 -21
tools/template_validation.py +3 -1
reconcile/gql_definitions/ocm_oidc_idp/__init__.py +0 -0
reconcile/gql_definitions/ocm_subscription_labels/__init__.py +0 -0
reconcile/jenkins/__init__.py +0 -0
reconcile/jenkins/types.py +0 -77
{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/WHEEL +0 -0
{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/entry_points.txt +0 -0

reconcile/slack_usergroups.py CHANGED Viewed

@@ -3,18 +3,19 @@ import sys
 from collections.abc import (
     Callable,
     Iterable,
+    MutableMapping,
     Sequence,
 )
 from datetime import datetime
 from typing import (
     Any,
     TypedDict,
+    TypeVar,
 )
 from github.GithubException import UnknownObjectException
 from pydantic import BaseModel
-from pydantic.utils import deep_update
-from sretoolbox.utils import retry
+from sretoolbox.utils import datatransformation, retry
 from reconcile import (
     openshift_users,
@@ -40,6 +41,7 @@ from reconcile.typed_queries.app_interface_vault_settings import (
 )
 from reconcile.typed_queries.pagerduty_instances import get_pagerduty_instances
 from reconcile.utils import gql
+from reconcile.utils.datetime_util import ensure_utc, utc_now
 from reconcile.utils.disabled_integrations import integration_is_enabled
 from reconcile.utils.exceptions import (
     AppInterfaceSettingsError,
@@ -74,6 +76,26 @@ INTEGRATION_VERSION = "0.1.0"
 error_occurred = False
+KeyType = TypeVar("KeyType")
+def deep_update(
+    mapping: dict[KeyType, Any],
+    *updating_mappings: MutableMapping[KeyType, Any],
+) -> dict[KeyType, Any]:
+    updated_mapping = mapping.copy()
+    for updating_mapping in updating_mappings:
+        for k, v in updating_mapping.items():
+            if (
+                k in updated_mapping
+                and isinstance(updated_mapping[k], dict)
+                and isinstance(v, dict)
+            ):
+                updated_mapping[k] = deep_update(updated_mapping[k], v)
+            else:
+                updated_mapping[k] = v
+    return updated_mapping
 def get_git_api(url: str) -> GithubRepositoryApi | GitLabApi:
     """Return GitHub/GitLab API based on url."""
@@ -122,15 +144,12 @@ class State(BaseModel):
 SlackState = dict[str, dict[str, State]]
-class WorkspaceSpec(BaseModel):
+class WorkspaceSpec(BaseModel, arbitrary_types_allowed=True):
     """Slack workspace spec."""
     slack: SlackApi
     managed_usergroups: list[str] = []
-    class Config:
-        arbitrary_types_allowed = True
 SlackMap = dict[str, WorkspaceSpec]
@@ -357,11 +376,11 @@ def get_slack_usernames_from_owners(
 def get_slack_usernames_from_schedule(schedule: Iterable[ScheduleEntryV1]) -> list[str]:
     """Return list of usernames from all schedules."""
-    now = datetime.utcnow()
+    now = utc_now()
     all_slack_usernames: list[str] = []
     for entry in schedule:
-        start = datetime.strptime(entry.start, DATE_FORMAT)
-        end = datetime.strptime(entry.end, DATE_FORMAT)
+        start = ensure_utc(datetime.strptime(entry.start, DATE_FORMAT))  # noqa: DTZ007
+        end = ensure_utc(datetime.strptime(entry.end, DATE_FORMAT))  # noqa: DTZ007
         if start <= now <= end:
             all_slack_usernames.extend(get_slack_username(u) for u in entry.users)
     return all_slack_usernames
@@ -819,7 +838,9 @@ def run(
         desired_usergroup_name=usergroup_name,
     )
     # merge the two desired states recursively
-    desired_state = deep_update(desired_state, desired_state_cluster_usergroups)
+    desired_state = datatransformation.deep_merge(
+        desired_state, desired_state_cluster_usergroups
+    )
     runner_params: RunnerParams = {
         "dry_run": dry_run,
@@ -891,10 +912,10 @@ def early_exit_desired_state(*args: Any, **kwargs: Any) -> dict[str, Any]:
             if role.tag_on_cluster_updates is not False
         ]
     return {
-        "permissions": [p.dict() for p in get_permissions(gqlapi.query)],
+        "permissions": [p.model_dump() for p in get_permissions(gqlapi.query)],
         "pagerduty_instances": [
-            p.dict() for p in get_pagerduty_instances(gqlapi.query)
+            p.model_dump() for p in get_pagerduty_instances(gqlapi.query)
         ],
-        "users": [u.dict() for u in users],
-        "clusters": [c.dict() for c in get_clusters(gqlapi.query)],
+        "users": [u.model_dump() for u in users],
+        "clusters": [c.model_dump() for c in get_clusters(gqlapi.query)],
     }

reconcile/sql_query.py CHANGED Viewed

@@ -229,6 +229,7 @@ def collect_queries(
         accounts=[],
         prefetch_resources_by_schemas=["/aws/rds-defaults-1.yml"],
         secret_reader=secret_reader,
+        default_tags=None,
     )
     for sql_query in sql_queries:

reconcile/status.py CHANGED Viewed

@@ -11,7 +11,7 @@ class ExitCodes:
 class _RunningState:
     _state: dict[Any, Any] = {}
-    def __init__(self):
+    def __init__(self) -> None:
         self.__dict__ = self._state
@@ -22,7 +22,7 @@ class RunningState(_RunningState):
     by the callers.
     """
-    def __getattr__(self, item):
+    def __getattr__(self, item: str) -> None:
         """
         Default value for attributes not explicitly created is None.
         """

reconcile/status_board.py CHANGED Viewed

@@ -52,7 +52,7 @@ class AbstractStatusBoard(ABC, BaseModel):
     """Abstract class for upgrade policies
     Used to create and delete upgrade policies in OCM."""
-    id: str | None
+    id: str | None = None
     name: str
     fullname: str
@@ -88,7 +88,7 @@ class AbstractStatusBoard(ABC, BaseModel):
 class Product(AbstractStatusBoard):
-    applications: list["Application"] | None
+    applications: list["Application"] | None = None
     def create(self, ocm: OCMBaseClient) -> None:
         spec = self.to_ocm_spec()
@@ -121,7 +121,7 @@ class Product(AbstractStatusBoard):
 class Application(AbstractStatusBoard):
     product: Product
-    services: list["Service"] | None
+    services: list["Service"] | None = None
     def create(self, ocm: OCMBaseClient) -> None:
         if self.product.id:
@@ -214,9 +214,9 @@ class Service(AbstractStatusBoard):
 # Resolve forward references after class definitions
-Product.update_forward_refs()
-Application.update_forward_refs()
-Service.update_forward_refs()
+Product.model_rebuild()
+Application.model_rebuild()
+Service.model_rebuild()
 class UpdateNotSupportedError(Exception):

reconcile/statuspage/atlassian.py CHANGED Viewed

@@ -29,12 +29,12 @@ class AtlassianRawComponent(BaseModel):
     id: str
     name: str
-    description: str | None
+    description: str | None = None
     position: int
     status: str
-    automation_email: str | None
-    group_id: str | None
-    group: bool | None
+    automation_email: str | None = None
+    group_id: str | None = None
+    group: bool | None = None
 class AtlassianRawMaintenanceUpdate(BaseModel):
@@ -56,9 +56,9 @@ class AtlassianRawMaintenance(BaseModel):
     scheduled_until: str
     incident_updates: list[AtlassianRawMaintenanceUpdate]
     components: list[AtlassianRawComponent]
-    auto_transition_deliver_notifications_at_end: bool | None
-    auto_transition_deliver_notifications_at_start: bool | None
-    scheduled_remind_prior: bool | None
+    auto_transition_deliver_notifications_at_end: bool | None = None
+    auto_transition_deliver_notifications_at_start: bool | None = None
+    scheduled_remind_prior: bool | None = None
 class AtlassianAPI:

reconcile/statuspage/integrations/maintenances.py CHANGED Viewed

@@ -1,12 +1,13 @@
 import logging
 import sys
-from datetime import UTC, datetime, timedelta
+from datetime import datetime, timedelta
 from reconcile.slack_base import slackapi_from_queries
 from reconcile.statuspage.atlassian import AtlassianStatusPageProvider
 from reconcile.statuspage.integration import get_binding_state, get_status_pages
 from reconcile.statuspage.page import StatusMaintenance
 from reconcile.statuspage.state import S3ComponentBindingState
+from reconcile.utils.datetime_util import utc_now
 from reconcile.utils.differ import diff_iterables
 from reconcile.utils.runtime.integration import (
     NoParams,
@@ -52,7 +53,7 @@ class StatusPageMaintenancesIntegration(QontractReconcileIntegration[NoParams]):
         desired_state: list[StatusMaintenance],
         binding_state: S3ComponentBindingState,
     ) -> None:
-        now = datetime.now(UTC)
+        now = utc_now()
         slack = slackapi_from_queries(QONTRACT_INTEGRATION, init_usergroups=False)
         for m in desired_state:
             scheduled_start = m.schedule_start
@@ -68,7 +69,7 @@ class StatusPageMaintenancesIntegration(QontractReconcileIntegration[NoParams]):
     def run(self, dry_run: bool = False) -> None:
         binding_state = get_binding_state(self.name, self.secret_reader)
         pages = get_status_pages()
-        now = datetime.now(UTC)
+        now = utc_now()
         error = False
         for p in pages:

reconcile/statuspage/page.py CHANGED Viewed

@@ -19,19 +19,17 @@ from reconcile.statuspage.status import (
 PROVIDER_NAME = "statuspage"
-class StatusComponent(BaseModel):
+class StatusComponent(BaseModel, arbitrary_types_allowed=True):
     """
     Represents a status page component from the desired state.
     """
     name: str
     display_name: str
-    description: str | None
-    group_name: str | None
+    description: str | None = None
+    group_name: str | None = None
+    # Status provider configs hold different ways for a component to determine its status
     status_provider_configs: list[StatusProvider]
-    """
-    Status provider configs hold different ways for a component to determine its status
-    """
     def status_management_enabled(self) -> bool:
         """
@@ -49,9 +47,6 @@ class StatusComponent(BaseModel):
             return "operational"
         return None
-    class Config:
-        arbitrary_types_allowed = True
     def __eq__(self, other: object) -> bool:
         if not isinstance(other, StatusComponent):
             raise NotImplementedError("Cannot compare to non StatusComponent objects.")

reconcile/statuspage/status.py CHANGED Viewed

@@ -2,18 +2,15 @@ from abc import (
     ABC,
     abstractmethod,
 )
-from datetime import (
-    UTC,
-    datetime,
-)
+from datetime import datetime
-from dateutil.parser import isoparse
 from pydantic import BaseModel
 from reconcile.gql_definitions.statuspage.statuspages import (
     ManualStatusProviderV1,
     StatusProviderV1,
 )
+from reconcile.utils.datetime_util import from_utc_iso_format, utc_now
 # This module defines the interface for status providers for components on status
 # pages. A status provider is responsible for determining the status of a component.
@@ -70,7 +67,7 @@ class ManualStatusProvider(StatusProvider, BaseModel):
             raise ValueError(
                 "manual component status time window is invalid: end before start"
             )
-        now = datetime.now(UTC)
+        now = utc_now()
         if self.start and now < self.start:
             return False
         return not (self.end and self.end < now)
@@ -84,8 +81,8 @@ def build_status_provider_config(
     provider specific implementation that provides the status resolution logic.
     """
     if isinstance(cfg, ManualStatusProviderV1):
-        start = isoparse(cfg.manual.q_from) if cfg.manual.q_from else None
-        end = isoparse(cfg.manual.until) if cfg.manual.until else None
+        start = from_utc_iso_format(cfg.manual.q_from) if cfg.manual.q_from else None
+        end = from_utc_iso_format(cfg.manual.until) if cfg.manual.until else None
         return ManualStatusProvider(
             component_status=cfg.manual.component_status,
             start=start,

reconcile/templates/rosa-classic-cluster-creation.sh.j2 CHANGED Viewed

@@ -47,7 +47,7 @@ rosa create cluster -y --cluster-name={{ cluster_name }} \
     --service-cidr {{ cluster.network.service }} \
     --pod-cidr {{ cluster.network.pod }} \
     --host-prefix 23 \
-    --replicas {{ cluster.machine_pools | length }} \
+    --replicas 3 \
     --compute-machine-type {{ cluster.machine_pools[0].instance_type }} \
     {% if cluster.spec.disable_user_workload_monitoring -%}
     --disable-workload-monitoring \
@@ -55,4 +55,8 @@ rosa create cluster -y --cluster-name={{ cluster_name }} \
     {% if cluster.spec.provision_shard_id -%}
     --properties provision_shard_id:{{ cluster.spec.provision_shard_id }} \
     {% endif -%}
+    {% if cluster.spec.fips -%}
+    --fips \
+    {% endif -%}
     --channel-group {{ cluster.spec.channel }}

reconcile/templates/rosa-hcp-cluster-creation.sh.j2 CHANGED Viewed

@@ -47,7 +47,7 @@ rosa create cluster --cluster-name={{ cluster_name }} \
     --service-cidr {{ cluster.network.service }} \
     --pod-cidr {{ cluster.network.pod }} \
     --host-prefix 23 \
-    --replicas {{ cluster.machine_pools | length }} \
+    --replicas 3 \
     --compute-machine-type {{ cluster.machine_pools[0].instance_type }} \
     {% if cluster.spec.private -%}
     --private \
@@ -59,4 +59,7 @@ rosa create cluster --cluster-name={{ cluster_name }} \
     {% if cluster.spec.provision_shard_id -%}
     --properties provision_shard_id:{{ cluster.spec.provision_shard_id }} \
     {% endif -%}
+    {% if cluster.spec.fips -%}
+    --fips \
+    {% endif -%}
     --channel-group {{ cluster.spec.channel }}

reconcile/templating/lib/merge_request_manager.py CHANGED Viewed

@@ -108,14 +108,14 @@ class TemplateRenderingMR(MergeRequestBase):
             if content.is_new:
                 gitlab_cli.create_file(
                     branch_name=self.branch,
-                    file_path=f"data{content.path}",
+                    file_path=content.path.lstrip("/"),
                     commit_message="termplate rendering output",
                     content=content.content,
                 )
             else:
                 gitlab_cli.update_file(
                     branch_name=self.branch,
-                    file_path=f"data{content.path}",
+                    file_path=content.path.lstrip("/"),
                     commit_message="termplate rendering output",
                     content=content.content,
                 )

reconcile/templating/lib/rendering.py CHANGED Viewed

@@ -18,7 +18,7 @@ from reconcile.utils.secret_reader import SecretReaderBase
 class TemplateData(BaseModel):
     variables: dict[str, Any]
-    current: dict[str, Any] | None
+    current: dict[str, Any] | None = None
     current_with_explicit_start: bool | None = False
@@ -26,7 +26,7 @@ class TemplatePatch(Protocol):
     path: str
     identifier: str | None
-    def dict(self) -> dict[str, str]: ...
+    def model_dump(self) -> dict[str, str]: ...
 class Template(Protocol):
@@ -36,7 +36,7 @@ class Template(Protocol):
     template: str
     overwrite: bool | None
-    def dict(self) -> dict[str, str]: ...
+    def model_dump(self) -> dict[str, str]: ...
     @property
     def patch(self) -> TemplatePatch | None:

reconcile/templating/renderer.py CHANGED Viewed

@@ -33,6 +33,7 @@ from reconcile.utils import gql
 from reconcile.utils.git import checkout, clone
 from reconcile.utils.gql import GqlApi
 from reconcile.utils.jinja2.utils import TemplateRenderOptions, process_jinja2_template
+from reconcile.utils.json import json_dumps
 from reconcile.utils.ruamel import create_ruamel_instance
 from reconcile.utils.runtime.integration import (
     PydanticRunParams,
@@ -95,18 +96,16 @@ class LocalFilePersistence(FilePersistence):
     This class provides a simple file persistence implementation for local files.
     """
-    def __init__(self, dry_run: bool, app_interface_data_path: str) -> None:
+    def __init__(self, dry_run: bool, app_interface_root_path: str) -> None:
         super().__init__(dry_run)
-        if not app_interface_data_path.endswith("/data"):
-            raise ValueError("app_interface_data_path should end with /data")
-        self.app_interface_data_path = app_interface_data_path
+        self.app_interface_root_path = app_interface_root_path
     def read(self, path: str) -> str | None:
-        return self._read_local_file(join_path(self.app_interface_data_path, path))
+        return self._read_local_file(join_path(self.app_interface_root_path, path))
     def flush(self) -> None:
         for output in self.outputs:
-            filepath = Path(join_path(self.app_interface_data_path, output.path))
+            filepath = Path(join_path(self.app_interface_root_path, output.path))
             filepath.parent.mkdir(parents=True, exist_ok=True)
             filepath.write_text(output.content, encoding="utf-8")
@@ -159,7 +158,7 @@ class ClonedRepoGitlabPersistence(FilePersistence):
         self, dry_run: bool, local_path: str, vcs: VCS, mr_manager: MergeRequestManager
     ):
         super().__init__(dry_run)
-        self.local_path = join_path(local_path, "data")
+        self.local_path = local_path
         self.vcs = vcs
         self.mr_manager = mr_manager
@@ -217,7 +216,7 @@ def unpack_static_variables(
     each: dict[str, Any],
 ) -> dict:
     return {
-        k: json.loads(process_jinja2_template(body=json.dumps(v), vars={"each": each}))
+        k: json.loads(process_jinja2_template(body=json_dumps(v), vars={"each": each}))
         for k, v in (collection_variables.static or {}).items()
     }
@@ -240,8 +239,8 @@ def unpack_dynamic_variables(
 class TemplateRendererIntegrationParams(PydanticRunParams):
     clone_repo: bool = False
-    app_interface_data_path: str | None
-    template_collection_name: str | None
+    app_interface_root_path: str | None = None
+    template_collection_name: str | None = None
 def join_path(base: str, sub: str) -> str:
@@ -367,10 +366,10 @@ class TemplateRendererIntegration(QontractReconcileIntegration):
         persistence: FilePersistence
         ruaml_instance = create_ruamel_instance(explicit_start=True)
-        if not self.params.clone_repo and self.params.app_interface_data_path:
+        if not self.params.clone_repo and self.params.app_interface_root_path:
             persistence = LocalFilePersistence(
                 dry_run=dry_run,
-                app_interface_data_path=self.params.app_interface_data_path,
+                app_interface_root_path=self.params.app_interface_root_path,
             )
             self.reconcile(persistence, ruaml_instance)
@@ -411,4 +410,4 @@ class TemplateRendererIntegration(QontractReconcileIntegration):
                 self.reconcile(persistence, ruaml_instance)
         else:
-            raise ValueError("App-interface-data-path must be set")
+            raise ValueError("App-interface-root-path must be set")

reconcile/terraform_aws_route53.py CHANGED Viewed

@@ -1,6 +1,7 @@
 import logging
 import sys
 from collections.abc import (
+    Callable,
     Iterable,
     Mapping,
 )
@@ -8,6 +9,7 @@ from typing import Any
 from reconcile import queries
 from reconcile.status import ExitCodes
+from reconcile.typed_queries.external_resources import get_settings
 from reconcile.utils import dnsutils
 from reconcile.utils.aws_api import AWSApi
 from reconcile.utils.constants import DEFAULT_THREAD_POOL_SIZE
@@ -25,8 +27,10 @@ QONTRACT_INTEGRATION_VERSION = make_semver(0, 1, 0)
 def build_desired_state(
-    zones: Iterable[Mapping], all_accounts: Iterable[Mapping], settings: Mapping
-) -> list[dict]:
+    zones: Iterable[Mapping[str, Any]],
+    all_accounts: Iterable[Mapping[str, Any]],
+    settings: Mapping[str, Any],
+) -> list[dict[str, Any]]:
     """
     Build the desired state from the app-interface resources
@@ -36,7 +40,7 @@ def build_desired_state(
     :rtype: list of dict
     """
-    desired_state = []
+    desired_state: list[dict[str, Any]] = []
     for zone in zones:
         account = zone["account"]
         account_name = account["name"]
@@ -208,8 +212,8 @@ def run(
     enable_deletion: bool = True,
     thread_pool_size: int = DEFAULT_THREAD_POOL_SIZE,
     account_name: str | None = None,
-    defer=None,
-):
+    defer: Callable | None = None,
+) -> None:
     settings = queries.get_app_interface_settings()
     zones = queries.get_dns_zones(account_name=account_name)
@@ -224,13 +228,18 @@ def run(
             f"No participating AWS accounts found, consider disabling this integration, account name: {account_name}"
         )
         return
+    try:
+        default_tags = get_settings().default_tags
+    except ValueError:
+        # no external resources settings found
+        default_tags = None
     ts = Terrascript(
         QONTRACT_INTEGRATION,
         "",
         thread_pool_size,
         participating_accounts,
         settings=settings,
+        default_tags=default_tags,
     )
     desired_state = build_desired_state(zones, all_accounts, settings)
@@ -255,7 +264,8 @@ def run(
     if tf is None:
         sys.exit(ExitCodes.ERROR)
-    defer(tf.cleanup)
+    if defer:
+        defer(tf.cleanup)
     _, err = tf.plan(enable_deletion)
     if err:
@@ -269,7 +279,7 @@ def run(
         sys.exit(ExitCodes.ERROR)
-def early_exit_desired_state(*args, **kwargs) -> dict[str, Any]:
+def early_exit_desired_state(*args: Any, **kwargs: Any) -> dict[str, Any]:
     return {
         "zones": queries.get_dns_zones(),
     }

reconcile/terraform_cloudflare_dns.py CHANGED Viewed

@@ -155,7 +155,7 @@ class TerraformCloudflareDNSIntegration(
         accts_per_zone = []
         for zone in query_zones.zones or []:
-            acct = zone.account.dict(by_alias=True)
+            acct = zone.account.model_dump(by_alias=True)
             acct["name"] = f"{zone.account.name}-{zone.identifier}"
             accts_per_zone.append(acct)
@@ -369,11 +369,11 @@ def cloudflare_dns_zone_to_external_resource(
             provision_provider=DEFAULT_PROVISIONER_PROVIDER,
             provisioner={"name": f"{zone.account.name}-{zone.identifier}"},
             namespace=DEFAULT_NAMESPACE,
-            resource=zone.dict(by_alias=True, exclude=DEFAULT_EXCLUDE_KEY),
+            resource=zone.model_dump(by_alias=True, exclude=DEFAULT_EXCLUDE_KEY),
         )
         external_resource_spec.resource["provider"] = DEFAULT_PROVIDER
         external_resource_spec.resource["records"] = [
-            record.dict(by_alias=True) for record in zone.records or []
+            record.model_dump(by_alias=True) for record in zone.records or []
         ]
         external_resource_specs.append(external_resource_spec)
     return external_resource_specs

qontract-reconcile 0.10.2.dev310__py3-none-any.whl → 0.10.2.dev439__py3-none-any.whl

Potentially problematic release.

qontract-reconcile 0.10.2.dev310py3-none-any.whl → 0.10.2.dev439py3-none-any.whl