PyPI - qontract-reconcile - Versions diffs - 0.10.2.dev310__py3-none-any.whl → 0.10.2.dev439__py3-none-any.whl - Mend

qontract-reconcile 0.10.2.dev310py3-none-any.whl → 0.10.2.dev439py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of qontract-reconcile might be problematic. Click here for more details.

Files changed (400) hide show

{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/METADATA +13 -12
{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/RECORD +396 -391
reconcile/acs_rbac.py +2 -2
reconcile/aus/advanced_upgrade_service.py +18 -12
reconcile/aus/base.py +134 -32
reconcile/aus/cluster_version_data.py +15 -5
reconcile/aus/models.py +3 -1
reconcile/aus/ocm_addons_upgrade_scheduler_org.py +1 -0
reconcile/aus/ocm_upgrade_scheduler.py +8 -1
reconcile/aus/ocm_upgrade_scheduler_org.py +20 -5
reconcile/aus/version_gates/sts_version_gate_handler.py +54 -1
reconcile/automated_actions/config/integration.py +16 -4
reconcile/aws_account_manager/integration.py +8 -8
reconcile/aws_account_manager/reconciler.py +3 -3
reconcile/aws_ami_cleanup/integration.py +8 -12
reconcile/aws_ami_share.py +69 -62
reconcile/aws_cloudwatch_log_retention/integration.py +155 -126
reconcile/aws_ecr_image_pull_secrets.py +5 -5
reconcile/aws_iam_keys.py +1 -0
reconcile/aws_saml_idp/integration.py +12 -4
reconcile/aws_saml_roles/integration.py +32 -25
reconcile/aws_version_sync/integration.py +125 -84
reconcile/change_owners/bundle.py +3 -3
reconcile/change_owners/change_log_tracking.py +3 -2
reconcile/change_owners/change_owners.py +1 -1
reconcile/change_owners/diff.py +2 -4
reconcile/checkpoint.py +12 -4
reconcile/cli.py +111 -18
reconcile/cluster_deployment_mapper.py +2 -3
reconcile/dashdotdb_dora.py +5 -12
reconcile/dashdotdb_slo.py +1 -1
reconcile/database_access_manager.py +125 -121
reconcile/deadmanssnitch.py +1 -5
reconcile/dynatrace_token_provider/integration.py +1 -1
reconcile/endpoints_discovery/integration.py +4 -1
reconcile/endpoints_discovery/merge_request.py +1 -1
reconcile/endpoints_discovery/merge_request_manager.py +9 -11
reconcile/external_resources/factories.py +5 -12
reconcile/external_resources/integration.py +1 -1
reconcile/external_resources/manager.py +8 -5
reconcile/external_resources/meta.py +0 -1
reconcile/external_resources/metrics.py +1 -1
reconcile/external_resources/model.py +20 -20
reconcile/external_resources/reconciler.py +7 -4
reconcile/external_resources/secrets_sync.py +10 -14
reconcile/external_resources/state.py +26 -16
reconcile/fleet_labeler/integration.py +1 -1
reconcile/gabi_authorized_users.py +8 -5
reconcile/gcp_image_mirror.py +2 -2
reconcile/github_org.py +1 -1
reconcile/github_owners.py +4 -0
reconcile/gitlab_housekeeping.py +13 -15
reconcile/gitlab_members.py +6 -12
reconcile/gitlab_mr_sqs_consumer.py +2 -2
reconcile/gitlab_owners.py +15 -11
reconcile/gitlab_permissions.py +8 -12
reconcile/glitchtip_project_alerts/integration.py +3 -1
reconcile/gql_definitions/acs/acs_instances.py +10 -10
reconcile/gql_definitions/acs/acs_policies.py +5 -5
reconcile/gql_definitions/acs/acs_rbac.py +6 -6
reconcile/gql_definitions/advanced_upgrade_service/aus_clusters.py +32 -32
reconcile/gql_definitions/advanced_upgrade_service/aus_organization.py +26 -26
reconcile/gql_definitions/app_interface_metrics_exporter/onboarding_status.py +6 -7
reconcile/gql_definitions/app_sre_tekton_access_revalidation/roles.py +5 -5
reconcile/gql_definitions/app_sre_tekton_access_revalidation/users.py +5 -5
reconcile/gql_definitions/automated_actions/instance.py +51 -12
reconcile/gql_definitions/aws_account_manager/aws_accounts.py +11 -11
reconcile/gql_definitions/aws_ami_cleanup/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_cloudwatch_log_retention/aws_accounts.py +28 -68
reconcile/gql_definitions/aws_saml_idp/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_saml_roles/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_saml_roles/roles.py +5 -5
reconcile/gql_definitions/aws_version_sync/clusters.py +10 -10
reconcile/gql_definitions/aws_version_sync/namespaces.py +5 -5
reconcile/gql_definitions/change_owners/queries/change_types.py +5 -5
reconcile/gql_definitions/change_owners/queries/self_service_roles.py +9 -9
reconcile/gql_definitions/cluster_auth_rhidp/clusters.py +18 -18
reconcile/gql_definitions/common/alerting_services_settings.py +9 -9
reconcile/gql_definitions/common/app_code_component_repos.py +5 -5
reconcile/gql_definitions/common/app_interface_custom_messages.py +5 -5
reconcile/gql_definitions/common/app_interface_dms_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_repo_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_roles.py +120 -0
reconcile/gql_definitions/common/app_interface_state_settings.py +10 -10
reconcile/gql_definitions/common/app_interface_vault_settings.py +5 -5
reconcile/gql_definitions/common/app_quay_repos_escalation_policies.py +5 -5
reconcile/gql_definitions/common/apps.py +5 -5
reconcile/gql_definitions/common/aws_vpc_requests.py +22 -9
reconcile/gql_definitions/common/aws_vpcs.py +11 -11
reconcile/gql_definitions/common/clusters.py +37 -35
reconcile/gql_definitions/common/clusters_minimal.py +14 -14
reconcile/gql_definitions/common/clusters_with_dms.py +6 -6
reconcile/gql_definitions/common/clusters_with_peering.py +29 -30
reconcile/gql_definitions/common/github_orgs.py +10 -10
reconcile/gql_definitions/common/jira_settings.py +10 -10
reconcile/gql_definitions/common/jiralert_settings.py +5 -5
reconcile/gql_definitions/common/ldap_settings.py +5 -5
reconcile/gql_definitions/common/namespaces.py +42 -44
reconcile/gql_definitions/common/namespaces_minimal.py +15 -13
reconcile/gql_definitions/common/ocm_env_telemeter.py +12 -12
reconcile/gql_definitions/common/ocm_environments.py +19 -19
reconcile/gql_definitions/common/pagerduty_instances.py +9 -9
reconcile/gql_definitions/common/pgp_reencryption_settings.py +6 -6
reconcile/gql_definitions/common/pipeline_providers.py +29 -29
reconcile/gql_definitions/common/quay_instances.py +5 -5
reconcile/gql_definitions/common/quay_orgs.py +5 -5
reconcile/gql_definitions/common/reserved_networks.py +5 -5
reconcile/gql_definitions/common/rhcs_provider_settings.py +5 -5
reconcile/gql_definitions/common/saas_files.py +44 -44
reconcile/gql_definitions/common/saas_target_namespaces.py +10 -10
reconcile/gql_definitions/common/saasherder_settings.py +5 -5
reconcile/gql_definitions/common/slack_workspaces.py +5 -5
reconcile/gql_definitions/common/smtp_client_settings.py +19 -19
reconcile/gql_definitions/common/state_aws_account.py +7 -8
reconcile/gql_definitions/common/users.py +5 -5
reconcile/gql_definitions/common/users_with_paths.py +5 -5
reconcile/gql_definitions/cost_report/app_names.py +5 -5
reconcile/gql_definitions/cost_report/cost_namespaces.py +5 -5
reconcile/gql_definitions/cost_report/settings.py +9 -9
reconcile/gql_definitions/dashdotdb_slo/slo_documents_query.py +43 -43
reconcile/gql_definitions/dynatrace_token_provider/dynatrace_bootstrap_tokens.py +10 -10
reconcile/gql_definitions/dynatrace_token_provider/token_specs.py +5 -5
reconcile/gql_definitions/email_sender/apps.py +5 -5
reconcile/gql_definitions/email_sender/emails.py +8 -8
reconcile/gql_definitions/email_sender/users.py +6 -6
reconcile/gql_definitions/endpoints_discovery/apps.py +10 -10
reconcile/gql_definitions/external_resources/aws_accounts.py +9 -9
reconcile/gql_definitions/external_resources/external_resources_modules.py +23 -23
reconcile/gql_definitions/external_resources/external_resources_namespaces.py +494 -410
reconcile/gql_definitions/external_resources/external_resources_settings.py +28 -26
reconcile/gql_definitions/external_resources/fragments/external_resources_module_overrides.py +5 -5
reconcile/gql_definitions/fleet_labeler/fleet_labels.py +40 -40
reconcile/gql_definitions/fragments/aus_organization.py +5 -5
reconcile/gql_definitions/fragments/aws_account_common.py +7 -5
reconcile/gql_definitions/fragments/aws_account_managed.py +5 -5
reconcile/gql_definitions/fragments/aws_account_sso.py +5 -5
reconcile/gql_definitions/fragments/aws_infra_management_account.py +5 -5
reconcile/gql_definitions/fragments/{aws_vpc_request_subnet.py → aws_organization.py} +12 -8
reconcile/gql_definitions/fragments/aws_vpc.py +5 -5
reconcile/gql_definitions/fragments/aws_vpc_request.py +12 -5
reconcile/gql_definitions/fragments/container_image_mirror.py +5 -5
reconcile/gql_definitions/fragments/deploy_resources.py +5 -5
reconcile/gql_definitions/fragments/disable.py +5 -5
reconcile/gql_definitions/fragments/email_service.py +5 -5
reconcile/gql_definitions/fragments/email_user.py +5 -5
reconcile/gql_definitions/fragments/jumphost_common_fields.py +5 -5
reconcile/gql_definitions/fragments/membership_source.py +5 -5
reconcile/gql_definitions/fragments/minimal_ocm_organization.py +5 -5
reconcile/gql_definitions/fragments/oc_connection_cluster.py +5 -5
reconcile/gql_definitions/fragments/ocm_environment.py +5 -5
reconcile/gql_definitions/fragments/pipeline_provider_retention.py +5 -5
reconcile/gql_definitions/fragments/prometheus_instance.py +5 -5
reconcile/gql_definitions/fragments/resource_limits_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_requests_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_values.py +5 -5
reconcile/gql_definitions/fragments/saas_slo_document.py +5 -5
reconcile/gql_definitions/fragments/saas_target_namespace.py +5 -5
reconcile/gql_definitions/fragments/serviceaccount_token.py +5 -5
reconcile/gql_definitions/fragments/terraform_state.py +5 -5
reconcile/gql_definitions/fragments/upgrade_policy.py +5 -5
reconcile/gql_definitions/fragments/user.py +5 -5
reconcile/gql_definitions/fragments/vault_secret.py +5 -5
reconcile/gql_definitions/gcp/gcp_docker_repos.py +9 -9
reconcile/gql_definitions/gcp/gcp_projects.py +9 -9
reconcile/gql_definitions/gitlab_members/gitlab_instances.py +9 -9
reconcile/gql_definitions/gitlab_members/permissions.py +9 -9
reconcile/gql_definitions/glitchtip/glitchtip_instance.py +9 -9
reconcile/gql_definitions/glitchtip/glitchtip_project.py +11 -11
reconcile/gql_definitions/glitchtip_project_alerts/glitchtip_project.py +9 -9
reconcile/gql_definitions/integrations/integrations.py +48 -51
reconcile/gql_definitions/introspection.json +3510 -1865
reconcile/gql_definitions/jenkins_configs/jenkins_configs.py +11 -11
reconcile/gql_definitions/jenkins_configs/jenkins_instances.py +10 -10
reconcile/gql_definitions/jira/jira_servers.py +5 -5
reconcile/gql_definitions/jira_permissions_validator/jira_boards_for_permissions_validator.py +14 -10
reconcile/gql_definitions/jumphosts/jumphosts.py +13 -13
reconcile/gql_definitions/ldap_groups/roles.py +5 -5
reconcile/gql_definitions/ldap_groups/settings.py +9 -9
reconcile/gql_definitions/maintenance/maintenances.py +5 -5
reconcile/gql_definitions/membershipsources/roles.py +5 -5
reconcile/gql_definitions/ocm_labels/clusters.py +18 -19
reconcile/gql_definitions/ocm_labels/organizations.py +5 -5
reconcile/gql_definitions/openshift_cluster_bots/clusters.py +22 -22
reconcile/gql_definitions/openshift_groups/managed_groups.py +5 -5
reconcile/gql_definitions/openshift_groups/managed_roles.py +6 -6
reconcile/gql_definitions/openshift_serviceaccount_tokens/tokens.py +10 -10
reconcile/gql_definitions/quay_membership/quay_membership.py +6 -6
reconcile/gql_definitions/rhcs/certs.py +33 -87
reconcile/gql_definitions/rhcs/openshift_resource_rhcs_cert.py +43 -0
reconcile/gql_definitions/rhidp/organizations.py +18 -18
reconcile/gql_definitions/service_dependencies/jenkins_instance_fragment.py +5 -5
reconcile/gql_definitions/service_dependencies/service_dependencies.py +8 -8
reconcile/gql_definitions/sharding/aws_accounts.py +10 -10
reconcile/gql_definitions/sharding/ocm_organization.py +8 -8
reconcile/gql_definitions/skupper_network/site_controller_template.py +5 -5
reconcile/gql_definitions/skupper_network/skupper_networks.py +10 -10
reconcile/gql_definitions/slack_usergroups/clusters.py +5 -5
reconcile/gql_definitions/slack_usergroups/permissions.py +9 -9
reconcile/gql_definitions/slack_usergroups/users.py +5 -5
reconcile/gql_definitions/slo_documents/slo_documents.py +5 -5
reconcile/gql_definitions/status_board/status_board.py +6 -7
reconcile/gql_definitions/statuspage/statuspages.py +9 -9
reconcile/gql_definitions/templating/template_collection.py +5 -5
reconcile/gql_definitions/templating/templates.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_dns/app_interface_cloudflare_dns_settings.py +6 -6
reconcile/gql_definitions/terraform_cloudflare_dns/terraform_cloudflare_zones.py +11 -11
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_accounts.py +11 -11
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_resources.py +20 -25
reconcile/gql_definitions/terraform_cloudflare_users/app_interface_setting_cloudflare_and_vault.py +6 -6
reconcile/gql_definitions/terraform_cloudflare_users/terraform_cloudflare_roles.py +12 -12
reconcile/gql_definitions/terraform_init/aws_accounts.py +23 -9
reconcile/gql_definitions/terraform_repo/terraform_repo.py +9 -9
reconcile/gql_definitions/terraform_resources/database_access_manager.py +5 -5
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +450 -402
reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py +23 -17
reconcile/gql_definitions/unleash_feature_toggles/feature_toggles.py +9 -9
reconcile/gql_definitions/vault_instances/vault_instances.py +61 -61
reconcile/gql_definitions/vault_policies/vault_policies.py +11 -11
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator.py +8 -8
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator_peered_cluster_fragment.py +5 -5
reconcile/integrations_manager.py +3 -3
reconcile/jenkins_job_builder.py +1 -1
reconcile/jenkins_worker_fleets.py +80 -11
reconcile/jira_permissions_validator.py +237 -122
reconcile/ldap_groups/integration.py +1 -1
reconcile/ocm/types.py +35 -56
reconcile/ocm_aws_infrastructure_access.py +1 -1
reconcile/ocm_clusters.py +4 -4
reconcile/ocm_labels/integration.py +3 -2
reconcile/ocm_machine_pools.py +33 -27
reconcile/openshift_base.py +122 -10
reconcile/openshift_cluster_bots.py +5 -5
reconcile/openshift_groups.py +5 -0
reconcile/openshift_limitranges.py +1 -1
reconcile/openshift_namespace_labels.py +1 -1
reconcile/openshift_namespaces.py +97 -101
reconcile/openshift_resources_base.py +10 -5
reconcile/openshift_rhcs_certs.py +77 -40
reconcile/openshift_rolebindings.py +230 -130
reconcile/openshift_saas_deploy.py +6 -7
reconcile/openshift_saas_deploy_change_tester.py +9 -7
reconcile/openshift_saas_deploy_trigger_cleaner.py +3 -5
reconcile/openshift_serviceaccount_tokens.py +8 -7
reconcile/openshift_tekton_resources.py +1 -1
reconcile/openshift_upgrade_watcher.py +4 -4
reconcile/openshift_users.py +5 -3
reconcile/oum/labelset.py +5 -3
reconcile/oum/models.py +1 -4
reconcile/oum/providers.py +1 -1
reconcile/prometheus_rules_tester/integration.py +4 -4
reconcile/quay_mirror.py +1 -1
reconcile/queries.py +131 -0
reconcile/requests_sender.py +8 -3
reconcile/resource_scraper.py +1 -5
reconcile/rhidp/common.py +3 -5
reconcile/rhidp/sso_client/base.py +19 -10
reconcile/saas_auto_promotions_manager/merge_request_manager/renderer.py +1 -1
reconcile/saas_auto_promotions_manager/subscriber.py +4 -3
reconcile/sendgrid_teammates.py +20 -9
reconcile/skupper_network/integration.py +2 -2
reconcile/slack_usergroups.py +35 -14
reconcile/sql_query.py +1 -0
reconcile/status.py +2 -2
reconcile/status_board.py +6 -6
reconcile/statuspage/atlassian.py +7 -7
reconcile/statuspage/integrations/maintenances.py +4 -3
reconcile/statuspage/page.py +4 -9
reconcile/statuspage/status.py +5 -8
reconcile/templates/rosa-classic-cluster-creation.sh.j2 +5 -1
reconcile/templates/rosa-hcp-cluster-creation.sh.j2 +4 -1
reconcile/templating/lib/merge_request_manager.py +2 -2
reconcile/templating/lib/rendering.py +3 -3
reconcile/templating/renderer.py +12 -13
reconcile/terraform_aws_route53.py +18 -8
reconcile/terraform_cloudflare_dns.py +3 -3
reconcile/terraform_cloudflare_resources.py +12 -13
reconcile/terraform_cloudflare_users.py +3 -2
reconcile/terraform_init/integration.py +187 -23
reconcile/terraform_repo.py +16 -12
reconcile/terraform_resources.py +18 -10
reconcile/terraform_tgw_attachments.py +28 -20
reconcile/terraform_users.py +27 -22
reconcile/terraform_vpc_peerings.py +15 -3
reconcile/terraform_vpc_resources/integration.py +23 -8
reconcile/typed_queries/app_interface_roles.py +10 -0
reconcile/typed_queries/aws_account_tags.py +41 -0
reconcile/typed_queries/cost_report/app_names.py +1 -1
reconcile/typed_queries/cost_report/cost_namespaces.py +2 -2
reconcile/typed_queries/saas_files.py +13 -13
reconcile/typed_queries/status_board.py +2 -2
reconcile/unleash_feature_toggles/integration.py +4 -2
reconcile/utils/acs/base.py +6 -3
reconcile/utils/acs/policies.py +2 -2
reconcile/utils/aggregated_list.py +4 -3
reconcile/utils/aws_api.py +51 -20
reconcile/utils/aws_api_typed/api.py +38 -9
reconcile/utils/aws_api_typed/cloudformation.py +149 -0
reconcile/utils/aws_api_typed/logs.py +73 -0
reconcile/utils/aws_api_typed/organization.py +4 -2
reconcile/utils/binary.py +7 -12
reconcile/utils/datetime_util.py +67 -0
reconcile/utils/deadmanssnitch_api.py +1 -1
reconcile/utils/differ.py +2 -3
reconcile/utils/early_exit_cache.py +11 -12
reconcile/utils/expiration.py +7 -3
reconcile/utils/external_resource_spec.py +24 -1
reconcile/utils/filtering.py +1 -1
reconcile/utils/gitlab_api.py +7 -5
reconcile/utils/glitchtip/client.py +6 -2
reconcile/utils/glitchtip/models.py +25 -28
reconcile/utils/gpg.py +5 -3
reconcile/utils/gql.py +4 -7
reconcile/utils/helm.py +2 -1
reconcile/utils/helpers.py +1 -1
reconcile/utils/imap_client.py +1 -1
reconcile/utils/instrumented_wrappers.py +1 -1
reconcile/utils/internal_groups/client.py +2 -2
reconcile/utils/internal_groups/models.py +8 -17
reconcile/utils/jenkins_api.py +24 -1
reconcile/utils/jinja2/utils.py +6 -8
reconcile/utils/jira_client.py +82 -63
reconcile/utils/jjb_client.py +78 -46
reconcile/utils/jobcontroller/controller.py +2 -2
reconcile/utils/jobcontroller/models.py +17 -1
reconcile/utils/json.py +74 -0
reconcile/utils/ldap_client.py +4 -3
reconcile/utils/lean_terraform_client.py +3 -1
reconcile/utils/membershipsources/app_interface_resolver.py +4 -2
reconcile/utils/membershipsources/models.py +16 -23
reconcile/utils/membershipsources/resolver.py +4 -2
reconcile/utils/merge_request_manager/merge_request_manager.py +4 -4
reconcile/utils/merge_request_manager/parser.py +6 -6
reconcile/utils/metrics.py +5 -5
reconcile/utils/models.py +304 -82
reconcile/utils/mr/__init__.py +3 -1
reconcile/utils/mr/app_interface_reporter.py +6 -3
reconcile/utils/mr/aws_access.py +1 -1
reconcile/utils/mr/base.py +7 -13
reconcile/utils/mr/clusters_updates.py +4 -2
reconcile/utils/mr/notificator.py +3 -3
reconcile/utils/mr/ocm_upgrade_scheduler_org_updates.py +4 -1
reconcile/utils/mr/promote_qontract.py +28 -12
reconcile/utils/mr/update_access_report_base.py +3 -4
reconcile/utils/mr/user_maintenance.py +7 -6
reconcile/utils/oc.py +445 -336
reconcile/utils/oc_filters.py +3 -3
reconcile/utils/ocm/addons.py +0 -1
reconcile/utils/ocm/base.py +18 -21
reconcile/utils/ocm/cluster_groups.py +1 -1
reconcile/utils/ocm/identity_providers.py +2 -2
reconcile/utils/ocm/labels.py +1 -1
reconcile/utils/ocm/ocm.py +81 -71
reconcile/utils/ocm/products.py +9 -3
reconcile/utils/ocm/search_filters.py +3 -6
reconcile/utils/ocm/service_log.py +4 -6
reconcile/utils/ocm/sre_capability_labels.py +20 -13
reconcile/utils/ocm_base_client.py +4 -4
reconcile/utils/openshift_resource.py +83 -52
reconcile/utils/openssl.py +2 -2
reconcile/utils/output.py +3 -2
reconcile/utils/pagerduty_api.py +10 -7
reconcile/utils/promotion_state.py +6 -11
reconcile/utils/raw_github_api.py +11 -8
reconcile/utils/repo_owners.py +21 -29
reconcile/utils/rhcsv2_certs.py +138 -35
reconcile/utils/rosa/session.py +16 -0
reconcile/utils/runtime/integration.py +2 -3
reconcile/utils/runtime/meta.py +2 -1
reconcile/utils/runtime/runner.py +2 -2
reconcile/utils/saasherder/interfaces.py +13 -20
reconcile/utils/saasherder/models.py +25 -21
reconcile/utils/saasherder/saasherder.py +60 -32
reconcile/utils/secret_reader.py +6 -6
reconcile/utils/sharding.py +1 -1
reconcile/utils/slack_api.py +26 -4
reconcile/utils/sloth.py +224 -0
reconcile/utils/sqs_gateway.py +16 -11
reconcile/utils/state.py +2 -1
reconcile/utils/structs.py +1 -1
reconcile/utils/terraform_client.py +29 -26
reconcile/utils/terrascript_aws_client.py +200 -116
reconcile/utils/three_way_diff_strategy.py +1 -1
reconcile/utils/unleash/server.py +2 -8
reconcile/utils/vault.py +44 -41
reconcile/utils/vcs.py +8 -8
reconcile/vault_replication.py +119 -58
tools/app_interface_reporter.py +4 -4
tools/cli_commands/cost_report/cost_management_api.py +3 -3
tools/cli_commands/cost_report/view.py +7 -6
tools/cli_commands/erv2.py +1 -1
tools/cli_commands/gpg_encrypt.py +4 -1
tools/cli_commands/systems_and_tools.py +5 -1
tools/qontract_cli.py +36 -21
tools/template_validation.py +3 -1
reconcile/gql_definitions/ocm_oidc_idp/__init__.py +0 -0
reconcile/gql_definitions/ocm_subscription_labels/__init__.py +0 -0
reconcile/jenkins/__init__.py +0 -0
reconcile/jenkins/types.py +0 -77
{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/WHEEL +0 -0
{qontract_reconcile-0.10.2.dev310.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/entry_points.txt +0 -0

reconcile/utils/repo_owners.py CHANGED Viewed

@@ -1,9 +1,13 @@
 import logging
 import os
 import pathlib
+from collections.abc import Iterable, Mapping
 from ruamel import yaml
+from reconcile.utils.github_api import GithubRepositoryApi
+from reconcile.utils.gitlab_api import GitLabApi
 _LOG = logging.getLogger(__name__)
@@ -12,38 +16,24 @@ class RepoOwners:
     Abstracts the owners of a repository with per-path granularity.
     """
-    def __init__(self, git_cli, ref="master", recursive=True):
+    def __init__(
+        self,
+        git_cli: GitLabApi | GithubRepositoryApi,
+        ref: str = "master",
+        recursive: bool = True,
+    ) -> None:
         self._git_cli = git_cli
         self._ref = ref
-        self._owners_map = None
+        self._owners_map: dict[str, dict[str, set[str]]] | None = None
         self._recursive = recursive
     @property
-    def owners_map(self):
+    def owners_map(self) -> dict[str, dict[str, set[str]]]:
         if self._owners_map is None:
             self._owners_map = self._get_owners_map()
         return self._owners_map
-    def get_owners(self):
-        """
-        Gets all the owners of the repository.
-        :return: the repository owners
-        :rtype: dict
-        """
-        repo_owners = {"approvers": set(), "reviewers": set()}
-        if "." in self.owners_map:
-            repo_owners["approvers"].update(self.owners_map["."]["approvers"])
-            repo_owners["reviewers"].update(self.owners_map["."]["reviewers"])
-        for owners in self.owners_map.values():
-            repo_owners["approvers"].update(owners["approvers"])
-            repo_owners["reviewers"].update(owners["reviewers"])
-        return repo_owners
-    def get_root_owners(self):
+    def get_root_owners(self) -> dict[str, list[str]]:
         """
         Gets all the owners defined in the repository root.
@@ -56,7 +46,7 @@ class RepoOwners:
         return {"approvers": [], "reviewers": []}
-    def get_path_owners(self, path):
+    def get_path_owners(self, path: str) -> dict[str, list[str]]:
         """
         Gets all the owners of a given path, no matter in which
         level of the filesystem tree the owner was specified.
@@ -67,7 +57,7 @@ class RepoOwners:
         :return: the path owners
         :rtype: dict
         """
-        path_owners = {"approvers": set(), "reviewers": set()}
+        path_owners: dict[str, set[str]] = {"approvers": set(), "reviewers": set()}
         if "." in self.owners_map:
             path_owners["approvers"].update(self.owners_map["."]["approvers"])
@@ -80,7 +70,7 @@ class RepoOwners:
         return self._set_to_sorted_list(path_owners)
-    def get_path_closest_owners(self, path):
+    def get_path_closest_owners(self, path: str) -> dict[str, list[str]]:
         """
         Gets all closest owners of a given path, no matter in which
         level of the filesystem tree the owner was specified.
@@ -108,7 +98,7 @@ class RepoOwners:
         return {"approvers": [], "reviewers": []}
-    def _get_owners_map(self):
+    def _get_owners_map(self) -> dict[str, dict[str, set[str]]]:
         """
         Maps all the OWNERS files content to their respective
         owned directory.
@@ -173,7 +163,7 @@ class RepoOwners:
             }
         return owners_map
-    def _get_aliases(self):
+    def _get_aliases(self) -> dict[str, list[str]] | None:
         """
         Retrieves the approvers aliases from the OWNERS_ALIASES file.
@@ -191,7 +181,9 @@ class RepoOwners:
         return aliases["aliases"]
     @staticmethod
-    def _set_to_sorted_list(owners):
+    def _set_to_sorted_list(
+        owners: Mapping[str, Iterable[str]],
+    ) -> dict[str, list[str]]:
         approvers = owners["approvers"]
         sorted_approvers = sorted(approvers) if approvers else []

reconcile/utils/rhcsv2_certs.py CHANGED Viewed

@@ -1,25 +1,146 @@
+import base64
 import re
-from datetime import UTC, datetime
+from datetime import UTC
+from enum import StrEnum
 import requests
 from cryptography import x509
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives.serialization import pkcs12
 from cryptography.x509.oid import NameOID
 from pydantic import BaseModel, Field
-class RhcsV2Cert(BaseModel):
+class CertificateFormat(StrEnum):
+    PEM = "PEM"
+    PKCS12 = "PKCS12"
+class RhcsV2CertPem(BaseModel, validate_by_name=True, validate_by_alias=True):
     certificate: str = Field(alias="tls.crt")
     private_key: str = Field(alias="tls.key")
     ca_cert: str = Field(alias="ca.crt")
     expiration_timestamp: int
-    class Config:
-        allow_population_by_field_name = True
+class RhcsV2CertPkcs12(BaseModel, validate_by_name=True, validate_by_alias=True):
+    pkcs12_keystore: str = Field(alias="keystore.pkcs12.b64")
+    pkcs12_truststore: str = Field(alias="truststore.pkcs12.b64")
+    expiration_timestamp: int
+def extract_cert(text: str) -> re.Match:
+    # The CA webform returns an HTML page with inline JS that builds an array of “outputList”
+    # objects. Each object looks roughly like:
+    #   outputList = new Object;
+    #   outputList.outputId = "pretty_cert";
+    #   outputList.outputSyntax = "pretty_print";
+    #   outputList.outputVal = "    Certificate:\n ... Not  After: ...";
+    #   outputListSet[0] = outputList;
+    #
+    #   outputList = new Object;
+    #   outputList.outputId = "b64_cert";
+    #   outputList.outputSyntax = "pretty_print";
+    #   outputList.outputVal = "-----BEGIN CERTIFICATE-----\n...base64...\n-----END CERTIFICATE-----\n";
+    #   outputListSet[1] = outputList;
+    #
+    # We must extract the PEM from the *b64_cert* block (the pretty_cert block contains prose
+    # and formatting and is not reliable for parsing).
+    #
+    # The regex below:
+    # - Anchors on `outputId = "b64_cert"` so we only consider the base64 block.
+    # - Tolerates arbitrary whitespace around `=` and `.` (services sometimes reformat JS).
+    # - Jumps non-greedily over whatever properties sit between outputId and outputVal.
+    # - Captures only the PEM body (BEGIN…END), excluding any trailing newline/escape junk.
+    # - Accepts multiple terminators after the closing quote: literal "\\r\\n", literal "\\n",
+    #   or a real newline (`\r?\n`), followed by optional whitespace and the semicolon.
+    # - Uses DOTALL so `.` spans line breaks inside the JS/HTML blob.
+    cert_pem = re.search(
+        r'outputList\s*\.\s*outputId\s*=\s*"b64_cert".*?'
+        r'outputList\s*\.\s*outputVal\s*=\s*"'
+        r"(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----)"
+        r"(?:\\r\\n|\\n|\r?\n)?\s*",
+        text,
+        re.DOTALL,
+    )
+    if not cert_pem:
+        raise ValueError("Could not extract certificate PEM from response")
+    return cert_pem
+def get_cert_expiry_timestamp(js_escaped_pem: str) -> int:
+    """Extract certificate expiry timestamp from JavaScript-escaped PEM."""
+    # Convert JavaScript-escaped PEM to proper format: .encode() is needed because
+    # unicode_escape decoder only works on bytes, then decode JS escape sequences
+    pem_raw = js_escaped_pem.encode().decode("unicode_escape").replace("\\/", "/")
+    cert = x509.load_pem_x509_certificate(pem_raw.encode())
+    dt_expiry = cert.not_valid_after.replace(tzinfo=UTC)
+    return int(dt_expiry.timestamp())
+def _format_pem(
+    private_key: rsa.RSAPrivateKey,
+    cert_pem: str,
+    ca_pem: str,
+    cert_expiry_timestamp: int,
+) -> RhcsV2CertPem:
+    """Generate RhcsV2Cert with PEM components."""
+    private_key_pem = private_key.private_bytes(
+        encoding=serialization.Encoding.PEM,
+        format=serialization.PrivateFormat.TraditionalOpenSSL,
+        encryption_algorithm=serialization.NoEncryption(),
+    ).decode()
+    return RhcsV2CertPem(
+        private_key=private_key_pem,
+        certificate=cert_pem.encode().decode("unicode_escape").replace("\\/", "/"),
+        ca_cert=ca_pem,
+        expiration_timestamp=cert_expiry_timestamp,
+    )
+def _format_pkcs12(
+    private_key: rsa.RSAPrivateKey,
+    cert_pem: str,
+    ca_pem: str,
+    uid: str,
+    pwd: str,
+    cert_expiry_timestamp: int,
+) -> RhcsV2CertPkcs12:
+    """Generate PKCS#12 keystore and truststore components, returns base64-encoded strings."""
+    clean_cert_pem = cert_pem.encode().decode("unicode_escape").replace("\\/", "/")
+    cert_obj = x509.load_pem_x509_certificate(clean_cert_pem.encode())
+    ca_obj = x509.load_pem_x509_certificate(ca_pem.encode())
+    keystore_p12 = pkcs12.serialize_key_and_certificates(
+        name=uid.encode("utf-8"),
+        key=private_key,
+        cert=cert_obj,
+        cas=[ca_obj],
+        encryption_algorithm=serialization.BestAvailableEncryption(pwd.encode("utf-8")),
+    )
+    truststore_p12 = pkcs12.serialize_key_and_certificates(
+        name=b"ca-trust",
+        key=None,
+        cert=None,
+        cas=[ca_obj],
+        encryption_algorithm=serialization.NoEncryption(),
+    )
+    return RhcsV2CertPkcs12(
+        pkcs12_keystore=base64.b64encode(keystore_p12).decode("utf-8"),
+        pkcs12_truststore=base64.b64encode(truststore_p12).decode("utf-8"),
+        expiration_timestamp=cert_expiry_timestamp,
+    )
-def generate_cert(issuer_url: str, uid: str, pwd: str, ca_url: str) -> RhcsV2Cert:
+def generate_cert(
+    issuer_url: str,
+    uid: str,
+    pwd: str,
+    ca_url: str,
+    cert_format: CertificateFormat = CertificateFormat.PEM,
+) -> RhcsV2CertPem | RhcsV2CertPkcs12:
     private_key = rsa.generate_private_key(65537, 4096)
     csr = (
         x509.CertificateSigningRequestBuilder()
@@ -30,6 +151,7 @@ def generate_cert(issuer_url: str, uid: str, pwd: str, ca_url: str) -> RhcsV2Cer
         )
         .sign(private_key, hashes.SHA256())
     )
     data = {
         "uid": uid,
         "pwd": pwd,
@@ -39,38 +161,19 @@ def generate_cert(issuer_url: str, uid: str, pwd: str, ca_url: str) -> RhcsV2Cer
         "renewal": "false",
         "xmlOutput": "false",
     }
-    response = requests.post(issuer_url, data=data)
+    response = requests.post(issuer_url, data=data, timeout=30)
     response.raise_for_status()
+    cert_pem = extract_cert(response.text).group(1)
+    cert_expiry_timestamp = get_cert_expiry_timestamp(cert_pem)
-    cert_pem = re.search(
-        r'outputList\.outputVal="(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----(?:\\n|\r?\n)?)";',
-        response.text,
-        re.DOTALL,
-    )
-    if not cert_pem:
-        raise ValueError("Could not extract certificate PEM from response")
-    cert_expiry = re.search(r"Not\s+After:\s+(.*?UTC)(?:\\n|\r?\n)?", response.text)
-    if not cert_expiry:
-        raise ValueError("Could not extract expiration date from response")
-    # Weekday, Month Day, Year HH:MM:SS PM/AM Timezone
-    dt_expiry = datetime.strptime(cert_expiry.group(1), "%A, %B %d, %Y %I:%M:%S %p %Z")
-    dt_expiry = dt_expiry.replace(tzinfo=UTC)
-    private_key_pem = private_key.private_bytes(
-        encoding=serialization.Encoding.PEM,
-        format=serialization.PrivateFormat.TraditionalOpenSSL,
-        encryption_algorithm=serialization.NoEncryption(),
-    ).decode()
-    response = requests.get(ca_url)
+    response = requests.get(ca_url, timeout=30)
     response.raise_for_status()
     ca_pem = response.text
-    return RhcsV2Cert(
-        private_key=private_key_pem,
-        certificate=cert_pem.group(1)
-        .encode()
-        .decode("unicode_escape")
-        .replace("\\/", "/"),
-        ca_cert=ca_pem,
-        expiration_timestamp=int(dt_expiry.timestamp()),
-    )
+    match cert_format:
+        case CertificateFormat.PKCS12:
+            return _format_pkcs12(
+                private_key, cert_pem, ca_pem, uid, pwd, cert_expiry_timestamp
+            )
+        case CertificateFormat.PEM:
+            return _format_pem(private_key, cert_pem, ca_pem, cert_expiry_timestamp)

reconcile/utils/rosa/session.py CHANGED Viewed

@@ -178,6 +178,22 @@ class RosaSession:
             )
             result.write_logs_to_logger(logging.info)
+    def upgrade_rosa_roles(
+        self,
+        cluster_name: str,
+        upgrade_version: str,
+        policy_version: str,
+        dry_run: bool,
+    ) -> None:
+        logging.info(
+            f"Upgrade  roles in AWS account {self.aws_account_id} to {upgrade_version}"
+        )
+        if not dry_run:
+            result = self.cli_execute(
+                f"rosa upgrade roles  -c {cluster_name} --cluster-version {upgrade_version}  --policy-version {policy_version} -y -m=auto"
+            )
+            result.write_logs_to_logger(logging.info)
 def generate_rosa_creation_script(
     cluster_name: str, cluster: OCMSpec, dry_run: bool

reconcile/utils/runtime/integration.py CHANGED Viewed

@@ -7,7 +7,6 @@ from dataclasses import dataclass
 from types import ModuleType
 from typing import (
     Any,
-    Generic,
     Optional,
     TypeVar,
 )
@@ -120,7 +119,7 @@ class PydanticRunParams(RunParams, BaseModel):
     def copy_and_update(
         self: PydanticRunParamsSelfTypeVar, update: dict[str, Any]
     ) -> PydanticRunParamsSelfTypeVar:
-        return self.copy(update=update)
+        return self.model_copy(update=update)
     def get(self, field: str) -> Any:
         return getattr(self, field)
@@ -144,7 +143,7 @@ IntegrationClassTypeVar = TypeVar(
 )
-class QontractReconcileIntegration(ABC, Generic[RunParamsTypeVar]):
+class QontractReconcileIntegration[RunParamsTypeVar: RunParams](ABC):
     """
     The base class for all integrations. It defines the basic interface to interact
     with an integration and offers hook methods that allow the integration to opt

reconcile/utils/runtime/meta.py CHANGED Viewed

@@ -1,5 +1,6 @@
 import dataclasses
 from dataclasses import dataclass
+from typing import Any
 @dataclass
@@ -8,5 +9,5 @@ class IntegrationMeta:
     args: list[str]
     short_help: str | None
-    def to_dict(self):
+    def to_dict(self) -> dict[str, Any]:
         return dataclasses.asdict(self)

reconcile/utils/runtime/runner.py CHANGED Viewed

@@ -156,7 +156,7 @@ def run_integration_cfg(run_cfg: IntegrationRunConfiguration) -> None:
         _integration_wet_run(run_cfg.integration)
-def _integration_wet_run(
+def _integration_wet_run[RunParamsTypeVar: RunParams](
     integration: QontractReconcileIntegration[RunParamsTypeVar],
 ) -> None:
     """
@@ -165,7 +165,7 @@ def _integration_wet_run(
     integration.run(False)
-def _integration_dry_run(
+def _integration_dry_run[RunParamsTypeVar: RunParams](
     integration: QontractReconcileIntegration[RunParamsTypeVar],
     desired_state_diff: DesiredStateDiff | None,
 ) -> None:

reconcile/utils/saasherder/interfaces.py CHANGED Viewed

@@ -1,7 +1,7 @@
 # ruff: noqa: N801
 from __future__ import annotations
-from collections.abc import Mapping, Sequence, Set
+from collections.abc import Sequence
 from typing import (
     TYPE_CHECKING,
     Any,
@@ -12,6 +12,8 @@ from typing import (
 from reconcile.utils import oc_connection_parameters
 if TYPE_CHECKING:
+    from pydantic.main import IncEx
     from reconcile.gql_definitions.fragments.saas_slo_document import SLODocument
     from reconcile.utils.secret_reader import HasSecret
@@ -27,18 +29,12 @@ class SaasFileSecretParameters(Protocol):
     @property
     def secret(self) -> HasSecret: ...
-    def dict(
-        self,
-        *,
-        by_alias: bool = False,
-        include: AbstractSetIntStr | MappingIntStrAny | None = None,
+    def model_dump(
+        self, *, by_alias: bool = False, include: IncEx | None = None
     ) -> dict[str, Any]: ...
 SaasSecretParameters = Sequence[SaasFileSecretParameters] | None
-# Taken from pydantic.typing
-AbstractSetIntStr = Set[int | str]
-MappingIntStrAny = Mapping[int | str, Any]
 @runtime_checkable
@@ -212,11 +208,8 @@ class SaasResourceTemplateTargetNamespace(Protocol):
     @property
     def cluster(self) -> oc_connection_parameters.Cluster: ...
-    def dict(
-        self,
-        *,
-        by_alias: bool = False,
-        include: AbstractSetIntStr | MappingIntStrAny | None = None,
+    def model_dump(
+        self, *, by_alias: bool = False, include: IncEx | None = None
     ) -> dict[str, Any]: ...
@@ -249,7 +242,7 @@ class SaasResourceTemplateTargetPromotion(Protocol):
     @property
     def promotion_data(self) -> Sequence[SaasPromotionData] | None: ...
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 class Channel(Protocol):
@@ -274,7 +267,7 @@ class SaasPromotion(Protocol):
     @property
     def subscribe(self) -> list[Channel] | None: ...
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 class SaasResourceTemplateTarget_SaasSecretParameters(Protocol):
@@ -295,7 +288,7 @@ class SaasResourceTemplateTargetUpstream(Protocol):
     @property
     def instance(self) -> SaasJenkinsInstance: ...
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 class SaasQuayInstance(Protocol):
@@ -315,7 +308,7 @@ class SaasResourceTemplateTargetImage(Protocol):
     @property
     def org(self) -> SaasQuayOrg: ...
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 class SaasResourceTemplateTarget(HasParameters, HasSecretParameters, Protocol):
@@ -344,7 +337,7 @@ class SaasResourceTemplateTarget(HasParameters, HasSecretParameters, Protocol):
         self, parent_saas_file_name: str, parent_resource_template_name: str
     ) -> str: ...
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 class SaasResourceTemplate(HasParameters, HasSecretParameters, Protocol):
@@ -381,7 +374,7 @@ class ManagedResourceName(Protocol):
     resource: str
     resource_names: list[str]
-    def dict(self) -> dict[str, str]: ...
+    def model_dump(self) -> dict[str, str]: ...
 class SaasFile(HasParameters, HasSecretParameters, Protocol):

reconcile/utils/saasherder/models.py CHANGED Viewed

@@ -7,15 +7,13 @@ from enum import Enum
 from typing import Any, NotRequired, TypedDict
 from github import Github
-from pydantic import (
-    BaseModel,
-    Field,
-)
+from pydantic import BaseModel, Field, model_validator
 from reconcile.gql_definitions.fragments.saas_slo_document import (
     SLODocument,
 )
 from reconcile.utils.jenkins_api import JobBuildState
+from reconcile.utils.json import json_dumps
 from reconcile.utils.oc_connection_parameters import Cluster
 from reconcile.utils.saasherder.interfaces import (
     HasParameters,
@@ -206,7 +204,12 @@ TriggerSpecUnion = (
 )
-class Namespace(BaseModel):
+class Namespace(
+    BaseModel,
+    validate_by_name=True,
+    validate_by_alias=True,
+    arbitrary_types_allowed=True,
+):
     name: str
     environment: SaasEnvironment
     app: SaasApp
@@ -216,29 +219,19 @@ class Namespace(BaseModel):
         ..., alias="managedResourceNames"
     )
-    class Config:
-        arbitrary_types_allowed = True
-        allow_population_by_field_name = True
-class PromotionChannelData(BaseModel):
+class PromotionChannelData(BaseModel, validate_by_name=True, validate_by_alias=True):
     q_type: str = Field(..., alias="type")
-    class Config:
-        allow_population_by_field_name = True
-class ParentSaasPromotion(BaseModel):
+class ParentSaasPromotion(BaseModel, validate_by_name=True, validate_by_alias=True):
     q_type: str = Field(..., alias="type")
-    parent_saas: str | None
-    target_config_hash: str | None
-    class Config:
-        allow_population_by_field_name = True
+    parent_saas: str | None = None
+    target_config_hash: str | None = None
 class PromotionData(BaseModel):
-    channel: str | None
+    channel: str | None = None
     data: list[ParentSaasPromotion | PromotionChannelData] | None = None
@@ -263,6 +256,17 @@ class Promotion(BaseModel):
     saas_file_paths: list[str] | None = None
     target_paths: list[str] | None = None
+    @model_validator(mode="before")
+    @classmethod
+    def handle_gql_classes(cls, data: Any) -> Any:
+        if data.get("promotion_data"):
+            data["promotion_data"] = [
+                # convert a GQL class to a dict
+                item.model_dump() if hasattr(item, "model_dump") else item
+                for item in data["promotion_data"]
+            ]
+        return data
 @dataclass
 class ImageAuth:
@@ -422,7 +426,7 @@ class TargetSpec:
                 elif v is False:
                     parameters[k] = "false"
                 elif any(isinstance(v, t) for t in [dict, list, tuple]):
-                    parameters[k] = json.dumps(v)
+                    parameters[k] = json_dumps(v)
         return parameters
     def _collect_secret_parameters(

qontract-reconcile 0.10.2.dev310__py3-none-any.whl → 0.10.2.dev439__py3-none-any.whl

Potentially problematic release.

qontract-reconcile 0.10.2.dev310py3-none-any.whl → 0.10.2.dev439py3-none-any.whl