PyPI - qontract-reconcile - Versions diffs - 0.10.2.dev334__py3-none-any.whl → 0.10.2.dev439__py3-none-any.whl - Mend

qontract-reconcile 0.10.2.dev334py3-none-any.whl → 0.10.2.dev439py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of qontract-reconcile might be problematic. Click here for more details.

Files changed (370) hide show

{qontract_reconcile-0.10.2.dev334.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/METADATA +13 -12
{qontract_reconcile-0.10.2.dev334.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/RECORD +366 -361
reconcile/acs_rbac.py +2 -2
reconcile/aus/advanced_upgrade_service.py +18 -12
reconcile/aus/base.py +134 -32
reconcile/aus/cluster_version_data.py +15 -5
reconcile/aus/models.py +3 -1
reconcile/aus/ocm_addons_upgrade_scheduler_org.py +1 -0
reconcile/aus/ocm_upgrade_scheduler.py +8 -1
reconcile/aus/ocm_upgrade_scheduler_org.py +20 -5
reconcile/aus/version_gates/sts_version_gate_handler.py +54 -1
reconcile/automated_actions/config/integration.py +16 -4
reconcile/aws_account_manager/integration.py +8 -8
reconcile/aws_account_manager/reconciler.py +3 -3
reconcile/aws_ami_cleanup/integration.py +8 -12
reconcile/aws_ami_share.py +69 -62
reconcile/aws_cloudwatch_log_retention/integration.py +155 -126
reconcile/aws_ecr_image_pull_secrets.py +3 -3
reconcile/aws_iam_keys.py +1 -0
reconcile/aws_saml_idp/integration.py +12 -4
reconcile/aws_saml_roles/integration.py +32 -25
reconcile/aws_version_sync/integration.py +6 -12
reconcile/change_owners/bundle.py +3 -3
reconcile/change_owners/change_log_tracking.py +3 -2
reconcile/change_owners/change_owners.py +1 -1
reconcile/change_owners/diff.py +2 -4
reconcile/checkpoint.py +11 -3
reconcile/cli.py +111 -18
reconcile/dashdotdb_dora.py +5 -12
reconcile/dashdotdb_slo.py +1 -1
reconcile/database_access_manager.py +123 -117
reconcile/dynatrace_token_provider/integration.py +1 -1
reconcile/endpoints_discovery/integration.py +4 -1
reconcile/endpoints_discovery/merge_request.py +1 -1
reconcile/endpoints_discovery/merge_request_manager.py +9 -11
reconcile/external_resources/factories.py +5 -12
reconcile/external_resources/integration.py +1 -1
reconcile/external_resources/manager.py +8 -5
reconcile/external_resources/meta.py +0 -1
reconcile/external_resources/metrics.py +1 -1
reconcile/external_resources/model.py +20 -20
reconcile/external_resources/reconciler.py +7 -4
reconcile/external_resources/secrets_sync.py +8 -11
reconcile/external_resources/state.py +26 -16
reconcile/fleet_labeler/integration.py +1 -1
reconcile/gabi_authorized_users.py +8 -5
reconcile/gcp_image_mirror.py +2 -2
reconcile/github_org.py +1 -1
reconcile/github_owners.py +4 -0
reconcile/gitlab_housekeeping.py +13 -15
reconcile/gitlab_members.py +6 -12
reconcile/gitlab_mr_sqs_consumer.py +2 -2
reconcile/gitlab_owners.py +15 -11
reconcile/gitlab_permissions.py +8 -12
reconcile/glitchtip_project_alerts/integration.py +3 -1
reconcile/gql_definitions/acs/acs_instances.py +10 -10
reconcile/gql_definitions/acs/acs_policies.py +5 -5
reconcile/gql_definitions/acs/acs_rbac.py +6 -6
reconcile/gql_definitions/advanced_upgrade_service/aus_clusters.py +32 -32
reconcile/gql_definitions/advanced_upgrade_service/aus_organization.py +26 -26
reconcile/gql_definitions/app_interface_metrics_exporter/onboarding_status.py +6 -7
reconcile/gql_definitions/app_sre_tekton_access_revalidation/roles.py +5 -5
reconcile/gql_definitions/app_sre_tekton_access_revalidation/users.py +5 -5
reconcile/gql_definitions/automated_actions/instance.py +51 -12
reconcile/gql_definitions/aws_account_manager/aws_accounts.py +11 -11
reconcile/gql_definitions/aws_ami_cleanup/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_cloudwatch_log_retention/aws_accounts.py +28 -68
reconcile/gql_definitions/aws_saml_idp/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_saml_roles/aws_accounts.py +20 -10
reconcile/gql_definitions/aws_saml_roles/roles.py +5 -5
reconcile/gql_definitions/aws_version_sync/clusters.py +10 -10
reconcile/gql_definitions/aws_version_sync/namespaces.py +5 -5
reconcile/gql_definitions/change_owners/queries/change_types.py +5 -5
reconcile/gql_definitions/change_owners/queries/self_service_roles.py +9 -9
reconcile/gql_definitions/cluster_auth_rhidp/clusters.py +18 -18
reconcile/gql_definitions/common/alerting_services_settings.py +9 -9
reconcile/gql_definitions/common/app_code_component_repos.py +5 -5
reconcile/gql_definitions/common/app_interface_custom_messages.py +5 -5
reconcile/gql_definitions/common/app_interface_dms_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_repo_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_roles.py +120 -0
reconcile/gql_definitions/common/app_interface_state_settings.py +10 -10
reconcile/gql_definitions/common/app_interface_vault_settings.py +5 -5
reconcile/gql_definitions/common/app_quay_repos_escalation_policies.py +5 -5
reconcile/gql_definitions/common/apps.py +5 -5
reconcile/gql_definitions/common/aws_vpc_requests.py +22 -9
reconcile/gql_definitions/common/aws_vpcs.py +11 -11
reconcile/gql_definitions/common/clusters.py +37 -35
reconcile/gql_definitions/common/clusters_minimal.py +14 -14
reconcile/gql_definitions/common/clusters_with_dms.py +6 -6
reconcile/gql_definitions/common/clusters_with_peering.py +29 -30
reconcile/gql_definitions/common/github_orgs.py +10 -10
reconcile/gql_definitions/common/jira_settings.py +10 -10
reconcile/gql_definitions/common/jiralert_settings.py +5 -5
reconcile/gql_definitions/common/ldap_settings.py +5 -5
reconcile/gql_definitions/common/namespaces.py +42 -44
reconcile/gql_definitions/common/namespaces_minimal.py +15 -13
reconcile/gql_definitions/common/ocm_env_telemeter.py +12 -12
reconcile/gql_definitions/common/ocm_environments.py +19 -19
reconcile/gql_definitions/common/pagerduty_instances.py +9 -9
reconcile/gql_definitions/common/pgp_reencryption_settings.py +6 -6
reconcile/gql_definitions/common/pipeline_providers.py +29 -29
reconcile/gql_definitions/common/quay_instances.py +5 -5
reconcile/gql_definitions/common/quay_orgs.py +5 -5
reconcile/gql_definitions/common/reserved_networks.py +5 -5
reconcile/gql_definitions/common/rhcs_provider_settings.py +5 -5
reconcile/gql_definitions/common/saas_files.py +44 -44
reconcile/gql_definitions/common/saas_target_namespaces.py +10 -10
reconcile/gql_definitions/common/saasherder_settings.py +5 -5
reconcile/gql_definitions/common/slack_workspaces.py +5 -5
reconcile/gql_definitions/common/smtp_client_settings.py +19 -19
reconcile/gql_definitions/common/state_aws_account.py +7 -8
reconcile/gql_definitions/common/users.py +5 -5
reconcile/gql_definitions/common/users_with_paths.py +5 -5
reconcile/gql_definitions/cost_report/app_names.py +5 -5
reconcile/gql_definitions/cost_report/cost_namespaces.py +5 -5
reconcile/gql_definitions/cost_report/settings.py +9 -9
reconcile/gql_definitions/dashdotdb_slo/slo_documents_query.py +43 -43
reconcile/gql_definitions/dynatrace_token_provider/dynatrace_bootstrap_tokens.py +10 -10
reconcile/gql_definitions/dynatrace_token_provider/token_specs.py +5 -5
reconcile/gql_definitions/email_sender/apps.py +5 -5
reconcile/gql_definitions/email_sender/emails.py +8 -8
reconcile/gql_definitions/email_sender/users.py +6 -6
reconcile/gql_definitions/endpoints_discovery/apps.py +10 -10
reconcile/gql_definitions/external_resources/aws_accounts.py +9 -9
reconcile/gql_definitions/external_resources/external_resources_modules.py +23 -23
reconcile/gql_definitions/external_resources/external_resources_namespaces.py +494 -410
reconcile/gql_definitions/external_resources/external_resources_settings.py +28 -26
reconcile/gql_definitions/external_resources/fragments/external_resources_module_overrides.py +5 -5
reconcile/gql_definitions/fleet_labeler/fleet_labels.py +40 -40
reconcile/gql_definitions/fragments/aus_organization.py +5 -5
reconcile/gql_definitions/fragments/aws_account_common.py +7 -5
reconcile/gql_definitions/fragments/aws_account_managed.py +5 -5
reconcile/gql_definitions/fragments/aws_account_sso.py +5 -5
reconcile/gql_definitions/fragments/aws_infra_management_account.py +5 -5
reconcile/gql_definitions/fragments/{aws_vpc_request_subnet.py → aws_organization.py} +12 -8
reconcile/gql_definitions/fragments/aws_vpc.py +5 -5
reconcile/gql_definitions/fragments/aws_vpc_request.py +12 -5
reconcile/gql_definitions/fragments/container_image_mirror.py +5 -5
reconcile/gql_definitions/fragments/deploy_resources.py +5 -5
reconcile/gql_definitions/fragments/disable.py +5 -5
reconcile/gql_definitions/fragments/email_service.py +5 -5
reconcile/gql_definitions/fragments/email_user.py +5 -5
reconcile/gql_definitions/fragments/jumphost_common_fields.py +5 -5
reconcile/gql_definitions/fragments/membership_source.py +5 -5
reconcile/gql_definitions/fragments/minimal_ocm_organization.py +5 -5
reconcile/gql_definitions/fragments/oc_connection_cluster.py +5 -5
reconcile/gql_definitions/fragments/ocm_environment.py +5 -5
reconcile/gql_definitions/fragments/pipeline_provider_retention.py +5 -5
reconcile/gql_definitions/fragments/prometheus_instance.py +5 -5
reconcile/gql_definitions/fragments/resource_limits_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_requests_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_values.py +5 -5
reconcile/gql_definitions/fragments/saas_slo_document.py +5 -5
reconcile/gql_definitions/fragments/saas_target_namespace.py +5 -5
reconcile/gql_definitions/fragments/serviceaccount_token.py +5 -5
reconcile/gql_definitions/fragments/terraform_state.py +5 -5
reconcile/gql_definitions/fragments/upgrade_policy.py +5 -5
reconcile/gql_definitions/fragments/user.py +5 -5
reconcile/gql_definitions/fragments/vault_secret.py +5 -5
reconcile/gql_definitions/gcp/gcp_docker_repos.py +9 -9
reconcile/gql_definitions/gcp/gcp_projects.py +9 -9
reconcile/gql_definitions/gitlab_members/gitlab_instances.py +9 -9
reconcile/gql_definitions/gitlab_members/permissions.py +9 -9
reconcile/gql_definitions/glitchtip/glitchtip_instance.py +9 -9
reconcile/gql_definitions/glitchtip/glitchtip_project.py +11 -11
reconcile/gql_definitions/glitchtip_project_alerts/glitchtip_project.py +9 -9
reconcile/gql_definitions/integrations/integrations.py +48 -51
reconcile/gql_definitions/introspection.json +3207 -1683
reconcile/gql_definitions/jenkins_configs/jenkins_configs.py +11 -11
reconcile/gql_definitions/jenkins_configs/jenkins_instances.py +10 -10
reconcile/gql_definitions/jira/jira_servers.py +5 -5
reconcile/gql_definitions/jira_permissions_validator/jira_boards_for_permissions_validator.py +14 -10
reconcile/gql_definitions/jumphosts/jumphosts.py +13 -13
reconcile/gql_definitions/ldap_groups/roles.py +5 -5
reconcile/gql_definitions/ldap_groups/settings.py +9 -9
reconcile/gql_definitions/maintenance/maintenances.py +5 -5
reconcile/gql_definitions/membershipsources/roles.py +5 -5
reconcile/gql_definitions/ocm_labels/clusters.py +18 -19
reconcile/gql_definitions/ocm_labels/organizations.py +5 -5
reconcile/gql_definitions/openshift_cluster_bots/clusters.py +22 -22
reconcile/gql_definitions/openshift_groups/managed_groups.py +5 -5
reconcile/gql_definitions/openshift_groups/managed_roles.py +6 -6
reconcile/gql_definitions/openshift_serviceaccount_tokens/tokens.py +10 -10
reconcile/gql_definitions/quay_membership/quay_membership.py +6 -6
reconcile/gql_definitions/rhcs/certs.py +33 -87
reconcile/gql_definitions/rhcs/openshift_resource_rhcs_cert.py +43 -0
reconcile/gql_definitions/rhidp/organizations.py +18 -18
reconcile/gql_definitions/service_dependencies/jenkins_instance_fragment.py +5 -5
reconcile/gql_definitions/service_dependencies/service_dependencies.py +8 -8
reconcile/gql_definitions/sharding/aws_accounts.py +10 -10
reconcile/gql_definitions/sharding/ocm_organization.py +8 -8
reconcile/gql_definitions/skupper_network/site_controller_template.py +5 -5
reconcile/gql_definitions/skupper_network/skupper_networks.py +10 -10
reconcile/gql_definitions/slack_usergroups/clusters.py +5 -5
reconcile/gql_definitions/slack_usergroups/permissions.py +9 -9
reconcile/gql_definitions/slack_usergroups/users.py +5 -5
reconcile/gql_definitions/slo_documents/slo_documents.py +5 -5
reconcile/gql_definitions/status_board/status_board.py +6 -7
reconcile/gql_definitions/statuspage/statuspages.py +9 -9
reconcile/gql_definitions/templating/template_collection.py +5 -5
reconcile/gql_definitions/templating/templates.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_dns/app_interface_cloudflare_dns_settings.py +6 -6
reconcile/gql_definitions/terraform_cloudflare_dns/terraform_cloudflare_zones.py +11 -11
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_accounts.py +11 -11
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_resources.py +20 -25
reconcile/gql_definitions/terraform_cloudflare_users/app_interface_setting_cloudflare_and_vault.py +6 -6
reconcile/gql_definitions/terraform_cloudflare_users/terraform_cloudflare_roles.py +12 -12
reconcile/gql_definitions/terraform_init/aws_accounts.py +23 -9
reconcile/gql_definitions/terraform_repo/terraform_repo.py +9 -9
reconcile/gql_definitions/terraform_resources/database_access_manager.py +5 -5
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +440 -407
reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py +23 -17
reconcile/gql_definitions/unleash_feature_toggles/feature_toggles.py +9 -9
reconcile/gql_definitions/vault_instances/vault_instances.py +61 -61
reconcile/gql_definitions/vault_policies/vault_policies.py +11 -11
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator.py +8 -8
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator_peered_cluster_fragment.py +5 -5
reconcile/integrations_manager.py +3 -3
reconcile/jenkins_worker_fleets.py +10 -8
reconcile/jira_permissions_validator.py +237 -122
reconcile/ldap_groups/integration.py +1 -1
reconcile/ocm/types.py +35 -56
reconcile/ocm_aws_infrastructure_access.py +1 -1
reconcile/ocm_clusters.py +4 -4
reconcile/ocm_labels/integration.py +3 -2
reconcile/ocm_machine_pools.py +33 -27
reconcile/openshift_base.py +113 -5
reconcile/openshift_cluster_bots.py +3 -2
reconcile/openshift_namespace_labels.py +1 -1
reconcile/openshift_namespaces.py +97 -101
reconcile/openshift_resources_base.py +6 -2
reconcile/openshift_rhcs_certs.py +74 -37
reconcile/openshift_rolebindings.py +230 -130
reconcile/openshift_saas_deploy.py +6 -7
reconcile/openshift_saas_deploy_change_tester.py +9 -7
reconcile/openshift_saas_deploy_trigger_cleaner.py +3 -5
reconcile/openshift_serviceaccount_tokens.py +2 -2
reconcile/openshift_upgrade_watcher.py +4 -4
reconcile/openshift_users.py +5 -3
reconcile/oum/labelset.py +5 -3
reconcile/oum/models.py +1 -4
reconcile/prometheus_rules_tester/integration.py +3 -3
reconcile/quay_mirror.py +1 -1
reconcile/queries.py +131 -0
reconcile/rhidp/common.py +3 -5
reconcile/rhidp/sso_client/base.py +16 -5
reconcile/saas_auto_promotions_manager/merge_request_manager/renderer.py +1 -1
reconcile/saas_auto_promotions_manager/subscriber.py +4 -3
reconcile/skupper_network/integration.py +2 -2
reconcile/slack_usergroups.py +35 -14
reconcile/sql_query.py +1 -0
reconcile/status_board.py +6 -6
reconcile/statuspage/atlassian.py +7 -7
reconcile/statuspage/integrations/maintenances.py +4 -3
reconcile/statuspage/page.py +4 -9
reconcile/statuspage/status.py +5 -8
reconcile/templates/rosa-classic-cluster-creation.sh.j2 +5 -1
reconcile/templates/rosa-hcp-cluster-creation.sh.j2 +4 -1
reconcile/templating/lib/merge_request_manager.py +2 -2
reconcile/templating/lib/rendering.py +3 -3
reconcile/templating/renderer.py +12 -13
reconcile/terraform_aws_route53.py +7 -1
reconcile/terraform_cloudflare_dns.py +3 -3
reconcile/terraform_cloudflare_resources.py +5 -5
reconcile/terraform_cloudflare_users.py +3 -2
reconcile/terraform_init/integration.py +187 -23
reconcile/terraform_repo.py +16 -12
reconcile/terraform_resources.py +17 -7
reconcile/terraform_tgw_attachments.py +27 -19
reconcile/terraform_users.py +7 -0
reconcile/terraform_vpc_peerings.py +14 -3
reconcile/terraform_vpc_resources/integration.py +20 -8
reconcile/typed_queries/app_interface_roles.py +10 -0
reconcile/typed_queries/aws_account_tags.py +41 -0
reconcile/typed_queries/cost_report/app_names.py +1 -1
reconcile/typed_queries/cost_report/cost_namespaces.py +2 -2
reconcile/typed_queries/saas_files.py +13 -13
reconcile/typed_queries/status_board.py +2 -2
reconcile/unleash_feature_toggles/integration.py +4 -2
reconcile/utils/acs/base.py +6 -3
reconcile/utils/acs/policies.py +2 -2
reconcile/utils/aggregated_list.py +4 -3
reconcile/utils/aws_api.py +51 -20
reconcile/utils/aws_api_typed/api.py +38 -9
reconcile/utils/aws_api_typed/cloudformation.py +149 -0
reconcile/utils/aws_api_typed/logs.py +73 -0
reconcile/utils/aws_api_typed/organization.py +4 -2
reconcile/utils/binary.py +7 -12
reconcile/utils/datetime_util.py +67 -0
reconcile/utils/deadmanssnitch_api.py +1 -1
reconcile/utils/differ.py +2 -3
reconcile/utils/early_exit_cache.py +11 -12
reconcile/utils/expiration.py +7 -3
reconcile/utils/external_resource_spec.py +24 -1
reconcile/utils/filtering.py +1 -1
reconcile/utils/gitlab_api.py +7 -5
reconcile/utils/glitchtip/client.py +6 -2
reconcile/utils/glitchtip/models.py +25 -28
reconcile/utils/gql.py +4 -7
reconcile/utils/helm.py +2 -1
reconcile/utils/helpers.py +1 -1
reconcile/utils/instrumented_wrappers.py +1 -1
reconcile/utils/internal_groups/client.py +2 -2
reconcile/utils/internal_groups/models.py +8 -17
reconcile/utils/jinja2/utils.py +6 -8
reconcile/utils/jira_client.py +82 -63
reconcile/utils/jjb_client.py +28 -15
reconcile/utils/jobcontroller/controller.py +2 -2
reconcile/utils/jobcontroller/models.py +17 -1
reconcile/utils/json.py +74 -0
reconcile/utils/membershipsources/app_interface_resolver.py +4 -2
reconcile/utils/membershipsources/models.py +16 -23
reconcile/utils/membershipsources/resolver.py +4 -2
reconcile/utils/merge_request_manager/merge_request_manager.py +4 -4
reconcile/utils/merge_request_manager/parser.py +6 -6
reconcile/utils/metrics.py +5 -5
reconcile/utils/models.py +304 -82
reconcile/utils/mr/app_interface_reporter.py +2 -2
reconcile/utils/mr/base.py +2 -2
reconcile/utils/mr/notificator.py +3 -3
reconcile/utils/mr/update_access_report_base.py +3 -4
reconcile/utils/mr/user_maintenance.py +3 -2
reconcile/utils/oc.py +249 -203
reconcile/utils/oc_filters.py +3 -3
reconcile/utils/ocm/addons.py +0 -1
reconcile/utils/ocm/base.py +18 -21
reconcile/utils/ocm/cluster_groups.py +1 -1
reconcile/utils/ocm/identity_providers.py +2 -2
reconcile/utils/ocm/labels.py +1 -1
reconcile/utils/ocm/products.py +9 -3
reconcile/utils/ocm/search_filters.py +3 -6
reconcile/utils/ocm/service_log.py +4 -6
reconcile/utils/ocm/sre_capability_labels.py +20 -13
reconcile/utils/openshift_resource.py +10 -5
reconcile/utils/output.py +3 -2
reconcile/utils/pagerduty_api.py +10 -7
reconcile/utils/promotion_state.py +6 -11
reconcile/utils/raw_github_api.py +1 -1
reconcile/utils/rhcsv2_certs.py +138 -35
reconcile/utils/rosa/session.py +16 -0
reconcile/utils/runtime/integration.py +2 -3
reconcile/utils/runtime/runner.py +2 -2
reconcile/utils/saasherder/interfaces.py +13 -20
reconcile/utils/saasherder/models.py +25 -21
reconcile/utils/saasherder/saasherder.py +55 -31
reconcile/utils/slack_api.py +26 -4
reconcile/utils/sloth.py +224 -0
reconcile/utils/sqs_gateway.py +2 -1
reconcile/utils/state.py +2 -1
reconcile/utils/structs.py +1 -1
reconcile/utils/terraform_client.py +5 -4
reconcile/utils/terrascript_aws_client.py +192 -114
reconcile/utils/unleash/server.py +2 -8
reconcile/utils/vault.py +5 -12
reconcile/utils/vcs.py +8 -8
reconcile/vault_replication.py +107 -42
tools/app_interface_reporter.py +4 -4
tools/cli_commands/cost_report/cost_management_api.py +3 -3
tools/cli_commands/cost_report/view.py +7 -6
tools/cli_commands/erv2.py +1 -1
tools/cli_commands/systems_and_tools.py +5 -1
tools/qontract_cli.py +31 -18
tools/template_validation.py +3 -1
reconcile/gql_definitions/cna/__init__.py +0 -0
reconcile/gql_definitions/cna/queries/__init__.py +0 -0
reconcile/gql_definitions/ocm_oidc_idp/__init__.py +0 -0
reconcile/gql_definitions/ocm_subscription_labels/__init__.py +0 -0
{qontract_reconcile-0.10.2.dev334.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/WHEEL +0 -0
{qontract_reconcile-0.10.2.dev334.dist-info → qontract_reconcile-0.10.2.dev439.dist-info}/entry_points.txt +0 -0

reconcile/utils/acs/policies.py CHANGED Viewed

@@ -11,7 +11,7 @@ class Scope(BaseModel):
     """
     cluster: str
-    namespace: str | None
+    namespace: str | None = None
 class PolicyCondition(BaseModel):
@@ -23,7 +23,7 @@ class PolicyCondition(BaseModel):
     """
     field_name: str
-    negate: bool | None
+    negate: bool | None = None
     values: list[str]

reconcile/utils/aggregated_list.py CHANGED Viewed

@@ -1,8 +1,9 @@
-import json
 import logging
 from collections.abc import Callable, KeysView
 from typing import Any, TypedDict
+from reconcile.utils.json import json_dumps
 Action = Callable[[Any, list[Any]], bool]
 Cond = Callable[[Any], bool]
@@ -89,11 +90,11 @@ class AggregatedList:
         return list(self._dict.values())
     def to_json(self) -> str:
-        return json.dumps(self.dump(), indent=4)
+        return json_dumps(self.dump(), indent=4)
     @staticmethod
     def hash_params(params: Any) -> int:
-        return hash(json.dumps(params, sort_keys=True))
+        return hash(json_dumps(params))
 class AggregatedDiffRunner:

reconcile/utils/aws_api.py CHANGED Viewed

@@ -3,7 +3,6 @@ from __future__ import annotations
 import logging
 import operator
 import os
-import re
 from functools import lru_cache
 from threading import Lock
 from typing import (
@@ -25,6 +24,7 @@ import reconcile.utils.lean_terraform_client as terraform
 from reconcile.utils.secret_reader import SecretReader, SecretReaderBase
 if TYPE_CHECKING:
+    import re
     from collections.abc import (
         Iterable,
         Iterator,
@@ -1074,28 +1074,40 @@ class AWSApi:
         return [rt["RouteTableId"] for rt in vpc_route_tables]
     @staticmethod
-    def _filter_amis(
-        images: Iterable[ImageTypeDef], regex: str
-    ) -> list[dict[str, Any]]:
-        results = []
-        pattern = re.compile(regex)
-        for i in images:
-            if not re.search(pattern, i["Name"]):
-                continue
-            if i["State"] != "available":
-                continue
-            item = {"image_id": i["ImageId"], "tags": i.get("Tags", [])}
-            results.append(item)
+    def normalize_tags(tags: Iterable[TagTypeDef]) -> dict[str, str]:
+        return {tag["Key"]: tag["Value"] for tag in tags}
-        return results
+    @staticmethod
+    def _filter_amis(
+        images: Iterable[ImageTypeDef],
+        regex: re.Pattern,
+    ) -> dict[str, dict[str, str]]:
+        return {
+            image["ImageId"]: AWSApi.normalize_tags(image.get("Tags", []))
+            for image in images
+            if regex.search(image["Name"]) and image["State"] == "available"
+        }
     def get_amis_details(
         self,
         account: Mapping[str, Any],
         owner_account: Mapping[str, Any],
-        regex: str,
+        regex: re.Pattern,
         region: str | None = None,
-    ) -> list[dict[str, Any]]:
+    ) -> dict[str, dict[str, str]]:
+        """
+        Get AMI details for an account, find AMI name matches regex and state is available.
+        Return ImageId and normalized tags.
+        Args:
+            account: AWS account
+            owner_account: AMI owner AWS account uid
+            regex: regex to filter AMI name
+            region: AWS account region
+        Returns:
+            dict[str, dict[str, str]]: Key is AMI ImageId, value is AMI normalized tags.
+        """
         ec2 = self._account_ec2_client(account["name"], region_name=region)
         images = self.get_account_amis(ec2, owner=owner_account["uid"])
         return self._filter_amis(images, regex)
@@ -1175,12 +1187,31 @@ class AWSApi:
         client = self._account_cloudwatch_client(account_name, region_name=region_name)
         client.delete_log_group(logGroupName=group_name)
-    def create_tag(
-        self, account: Mapping[str, Any], resource_id: str, tag: Mapping[str, str]
+    def create_tags(
+        self,
+        account: Mapping[str, Any],
+        resource_id: str,
+        tags: Mapping[str, str],
     ) -> None:
+        """
+        Create tags on EC2 resources (AMI)
+        Args:
+            account: AWS account
+            resource_id: AWS resource id
+            tags: tags to update
+        Returns:
+            None
+        """
         ec2 = self._account_ec2_client(account["name"])
-        tag_type_def: TagTypeDef = {"Key": tag["Key"], "Value": tag["Value"]}
-        ec2.create_tags(Resources=[resource_id], Tags=[tag_type_def])
+        formatted_tags: list[TagTypeDef] = [
+            {"Key": k, "Value": v} for k, v in tags.items()
+        ]
+        ec2.create_tags(
+            Resources=[resource_id],
+            Tags=formatted_tags,
+        )
     def get_alb_network_interface_ips(
         self, account: awsh.Account, service_name: str

reconcile/utils/aws_api_typed/api.py CHANGED Viewed

@@ -6,9 +6,11 @@ from functools import cached_property
 from typing import TYPE_CHECKING, Any, TypeVar
 from boto3 import Session
+from botocore.config import Config
 from pydantic import BaseModel
 import reconcile.utils.aws_api_typed.account
+import reconcile.utils.aws_api_typed.cloudformation
 import reconcile.utils.aws_api_typed.dynamodb
 import reconcile.utils.aws_api_typed.iam
 import reconcile.utils.aws_api_typed.organization
@@ -17,8 +19,10 @@ import reconcile.utils.aws_api_typed.service_quotas
 import reconcile.utils.aws_api_typed.sts
 import reconcile.utils.aws_api_typed.support
 from reconcile.utils.aws_api_typed.account import AWSApiAccount
+from reconcile.utils.aws_api_typed.cloudformation import AWSApiCloudFormation
 from reconcile.utils.aws_api_typed.dynamodb import AWSApiDynamoDB
 from reconcile.utils.aws_api_typed.iam import AWSApiIam
+from reconcile.utils.aws_api_typed.logs import AWSApiLogs
 from reconcile.utils.aws_api_typed.organization import AWSApiOrganizations
 from reconcile.utils.aws_api_typed.s3 import AWSApiS3
 from reconcile.utils.aws_api_typed.service_quotas import AWSApiServiceQuotas
@@ -31,7 +35,9 @@ if TYPE_CHECKING:
 SubApi = TypeVar(
     "SubApi",
     AWSApiAccount,
+    AWSApiCloudFormation,
     AWSApiDynamoDB,
+    AWSApiLogs,
     AWSApiIam,
     AWSApiOrganizations,
     AWSApiS3,
@@ -40,6 +46,13 @@ SubApi = TypeVar(
     AWSApiSupport,
 )
+DEFAULT_CONFIG = Config(
+    retries={
+        "mode": "standard",
+        "total_max_attempts": 10,
+    },
+)
 class AWSCredentials(ABC):
     @abstractmethod
@@ -174,28 +187,34 @@ class AWSApi:
         """Return a new or cached sub api client."""
         match api_cls:
             case reconcile.utils.aws_api_typed.account.AWSApiAccount:
-                client = self.session.client("account")
+                client = self.session.client("account", config=DEFAULT_CONFIG)
+                api = api_cls(client)
+            case reconcile.utils.aws_api_typed.cloudformation.AWSApiCloudFormation:
+                client = self.session.client("cloudformation", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.dynamodb.AWSApiDynamoDB:
-                client = self.session.client("dynamodb")
+                client = self.session.client("dynamodb", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.iam.AWSApiIam:
-                client = self.session.client("iam")
+                client = self.session.client("iam", config=DEFAULT_CONFIG)
+                api = api_cls(client)
+            case reconcile.utils.aws_api_typed.logs.AWSApiLogs:
+                client = self.session.client("logs", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.organization.AWSApiOrganizations:
-                client = self.session.client("organizations")
+                client = self.session.client("organizations", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.s3.AWSApiS3:
-                client = self.session.client("s3")
+                client = self.session.client("s3", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.service_quotas.AWSApiServiceQuotas:
-                client = self.session.client("service-quotas")
+                client = self.session.client("service-quotas", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.sts.AWSApiSts:
-                client = self.session.client("sts")
+                client = self.session.client("sts", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case reconcile.utils.aws_api_typed.support.AWSApiSupport:
-                client = self.session.client("support")
+                client = self.session.client("support", config=DEFAULT_CONFIG)
                 api = api_cls(client)
             case _:
                 raise ValueError(f"Unknown API class: {api_cls}")
@@ -205,9 +224,14 @@ class AWSApi:
     @cached_property
     def account(self) -> AWSApiAccount:
-        """Return an AWS Acount Api client"""
+        """Return an AWS Account Api client"""
         return self._init_sub_api(AWSApiAccount)
+    @cached_property
+    def cloudformation(self) -> AWSApiCloudFormation:
+        """Return an AWS CloudFormation Api client"""
+        return self._init_sub_api(AWSApiCloudFormation)
     @cached_property
     def dynamodb(self) -> AWSApiDynamoDB:
         """Return an AWS DynamoDB Api client"""
@@ -218,6 +242,11 @@ class AWSApi:
         """Return an AWS IAM Api client."""
         return self._init_sub_api(AWSApiIam)
+    @cached_property
+    def logs(self) -> AWSApiLogs:
+        """Return an AWS Logs Api client."""
+        return self._init_sub_api(AWSApiLogs)
     @cached_property
     def organizations(self) -> AWSApiOrganizations:
         """Return an AWS Organizations Api client."""

reconcile/utils/aws_api_typed/cloudformation.py ADDED Viewed

@@ -0,0 +1,149 @@
+from __future__ import annotations
+from typing import TYPE_CHECKING
+from reconcile.utils.json import json_dumps
+if TYPE_CHECKING:
+    from mypy_boto3_cloudformation import CloudFormationClient
+    from mypy_boto3_cloudformation.type_defs import (
+        ParameterTypeDef,
+        StackTypeDef,
+        TagTypeDef,
+    )
+class AWSApiCloudFormation:
+    def __init__(self, client: CloudFormationClient) -> None:
+        self.client = client
+    def create_stack(
+        self,
+        stack_name: str,
+        change_set_name: str,
+        template_body: str,
+        parameters: dict[str, str] | None = None,
+        tags: dict[str, str] | None = None,
+    ) -> str:
+        """
+        Create a CloudFormation stack using a change set with import existing resources.
+        This method creates a change set of type "CREATE" with the provided template and parameters,
+        waits for the change set to be created, executes it, and then waits for the stack creation to complete.
+        It returns the StackId of the created stack.
+        Args:
+            stack_name (str): The name of the stack to create.
+            change_set_name (str): The name of the change set to create.
+            template_body (str): The CloudFormation template body as a string.
+            parameters (dict[str, str] | None): A dictionary of parameter key-value pairs for
+                the stack. Defaults to None.
+            tags (dict[str, str] | None): A dictionary of tag key-value pairs to
+                associate with the stack. Defaults to None.
+        Returns:
+            str: The StackId of the created stack.
+        """
+        response = self.client.create_change_set(
+            StackName=stack_name,
+            ChangeSetName=change_set_name,
+            TemplateBody=template_body,
+            ChangeSetType="CREATE",
+            Parameters=self._build_parameters(parameters or {}),
+            Tags=self._build_tags(tags or {}),
+            ImportExistingResources=True,
+        )
+        change_set_arn = response["Id"]
+        self.client.get_waiter("change_set_create_complete").wait(
+            ChangeSetName=change_set_arn
+        )
+        self.client.execute_change_set(ChangeSetName=change_set_arn)
+        self.client.get_waiter("stack_create_complete").wait(StackName=stack_name)
+        return response["StackId"]
+    def update_stack(
+        self,
+        stack_name: str,
+        template_body: str,
+        parameters: dict[str, str] | None = None,
+        tags: dict[str, str] | None = None,
+    ) -> str:
+        """
+        Update a CloudFormation stack with the provided template and parameters.
+        This method updates the specified stack, waits for the update to complete,
+        and returns the StackId of the updated stack.
+        Args:
+            stack_name (str): The name of the stack to update.
+            template_body (str): The CloudFormation template body as a string.
+            parameters (dict[str, str] | None): A dictionary of parameter key-value pairs for
+                the stack. Defaults to None.
+            tags (dict[str, str] | None): A dictionary of tag key-value pairs to
+                associate with the stack. Defaults to None.
+        Returns:
+            str: The StackId of the updated stack.
+        """
+        response = self.client.update_stack(
+            StackName=stack_name,
+            TemplateBody=template_body,
+            Parameters=self._build_parameters(parameters or {}),
+            Tags=self._build_tags(tags or {}),
+        )
+        self.client.get_waiter("stack_update_complete").wait(StackName=stack_name)
+        return response["StackId"]
+    def get_stack(self, stack_name: str) -> StackTypeDef | None:
+        """
+        Retrieve information about a CloudFormation stack by its name.
+        If the stack exists, it returns the stack details as a dictionary.
+        If the stack does not exist, it returns None.
+        Args:
+            stack_name (str): The name of the stack to retrieve.
+        Returns:
+            StackTypeDef | None: The stack details if found, otherwise None.
+        """
+        try:
+            response = self.client.describe_stacks(StackName=stack_name)
+            return response["Stacks"][0]
+        except self.client.exceptions.ClientError as e:
+            if e.response["Error"]["Code"] == "ValidationError":
+                return None
+            raise
+    def get_template_body(self, stack_name: str) -> str:
+        """
+        Retrieve the CloudFormation template body for a specified stack.
+        Args:
+            stack_name (str): The name of the stack whose template is to be retrieved.
+        Returns:
+            str: The CloudFormation template body as a string.
+        """
+        response = self.client.get_template(StackName=stack_name)
+        # TemplateBody is str when using yaml
+        if isinstance(response["TemplateBody"], str):
+            return response["TemplateBody"]
+        return json_dumps(response["TemplateBody"])
+    @staticmethod
+    def _build_parameters(parameters: dict[str, str]) -> list[ParameterTypeDef]:
+        return [
+            {
+                "ParameterKey": key,
+                "ParameterValue": value,
+            }
+            for key, value in sorted(parameters.items())
+        ]
+    @staticmethod
+    def _build_tags(tags: dict[str, str]) -> list[TagTypeDef]:
+        return [
+            {
+                "Key": key,
+                "Value": value,
+            }
+            for key, value in sorted(tags.items())
+        ]

reconcile/utils/aws_api_typed/logs.py ADDED Viewed

@@ -0,0 +1,73 @@
+from __future__ import annotations
+from typing import TYPE_CHECKING
+if TYPE_CHECKING:
+    from collections.abc import Iterable, Iterator
+    from mypy_boto3_logs import CloudWatchLogsClient
+    from mypy_boto3_logs.type_defs import LogGroupTypeDef
+class AWSApiLogs:
+    def __init__(self, client: CloudWatchLogsClient) -> None:
+        self.client = client
+    def get_log_groups(self) -> Iterator[LogGroupTypeDef]:
+        paginator = self.client.get_paginator("describe_log_groups")
+        for page in paginator.paginate():
+            yield from page["logGroups"]
+    def delete_log_group(self, log_group_name: str) -> None:
+        self.client.delete_log_group(logGroupName=log_group_name)
+    def put_retention_policy(
+        self,
+        log_group_name: str,
+        retention_in_days: int,
+    ) -> None:
+        self.client.put_retention_policy(
+            logGroupName=log_group_name,
+            retentionInDays=retention_in_days,
+        )
+    def get_tags(self, arn: str) -> dict[str, str]:
+        tags = self.client.list_tags_for_resource(
+            resourceArn=self._normalize_log_group_arn(arn),
+        )
+        return tags.get("tags") or {}
+    def set_tags(
+        self,
+        arn: str,
+        tags: dict[str, str],
+    ) -> None:
+        self.client.tag_resource(
+            resourceArn=self._normalize_log_group_arn(arn),
+            tags=tags,
+        )
+    def delete_tags(
+        self,
+        arn: str,
+        tag_keys: Iterable[str],
+    ) -> None:
+        self.client.untag_resource(
+            resourceArn=self._normalize_log_group_arn(arn),
+            tagKeys=list(tag_keys),
+        )
+    @staticmethod
+    def _normalize_log_group_arn(arn: str) -> str:
+        """
+        Normalize a log group ARN by removing any trailing ":*".
+        DescribeLogGroups response arn has additional :* at the end.
+        Args:
+            arn: The ARN of the log group.
+        Returns:
+            The normalized ARN without the trailing ":*".
+        """
+        return arn.rstrip(":*")

reconcile/utils/aws_api_typed/organization.py CHANGED Viewed

@@ -52,9 +52,11 @@ class AwsOrganizationOU(BaseModel):
 class AWSAccountStatus(BaseModel):
     id: str = Field(..., alias="Id")
     name: str = Field(..., alias="AccountName")
-    uid: str | None = Field(alias="AccountId")
+    uid: str | None = Field(None, alias="AccountId")
     state: str = Field(..., alias="State")
-    failure_reason: CreateAccountFailureReasonType | None = Field(alias="FailureReason")
+    failure_reason: CreateAccountFailureReasonType | None = Field(
+        None, alias="FailureReason"
+    )
 class AWSAccount(BaseModel):

reconcile/utils/binary.py CHANGED Viewed

@@ -38,10 +38,7 @@ def binary_version(
     def deco_binary_version(f: Callable) -> Callable:
         @wraps(f)
         def f_binary_version(*args: Any, **kwargs: Any) -> None:
-            regex = re.compile(search_regex)
-            cmd = [binary]
-            cmd.extend(version_args)
+            cmd = [binary, *version_args]
             try:
                 result = subprocess.run(cmd, capture_output=True, check=True)
             except subprocess.CalledProcessError as e:
@@ -50,15 +47,13 @@ def binary_version(
                 )
                 raise Exception(msg) from e
-            found = False
-            match = None
-            for line in result.stdout.splitlines():
-                match = regex.search(line.decode("utf-8"))
-                if match is not None:
-                    found = True
-                    break
+            match = re.search(
+                search_regex,
+                result.stdout.decode("utf-8"),
+                re.MULTILINE,
+            )
-            if not found or not match:
+            if match is None:
                 raise Exception(
                     f"Could not find version for binary '{binary}' via regex "
                     f"for binary version check: "

reconcile/utils/datetime_util.py ADDED Viewed

@@ -0,0 +1,67 @@
+from datetime import UTC, datetime
+ISO8601 = "%Y-%m-%dT%H:%M:%SZ"
+ISO8601_MICRO = "%Y-%m-%dT%H:%M:%S.%fZ"
+def utc_now() -> datetime:
+    """
+    Get the current UTC datetime.
+    Returns:
+        A datetime object representing the current time in UTC.
+    """
+    return datetime.now(tz=UTC)
+def ensure_utc(dt: datetime) -> datetime:
+    """
+    Ensure the provided datetime is in UTC timezone.
+    Args:
+        dt: A datetime object.
+    Returns:
+        A datetime object in UTC timezone.
+    """
+    if dt.tzinfo is None:
+        return dt.replace(tzinfo=UTC)
+    return dt.astimezone(UTC)
+def to_utc_seconds_iso_format(dt: datetime) -> str:
+    """
+    Convert a datetime object to ISO 8601 format YYYY-MM-DDTHH:MM:SSZ.
+    Args:
+        dt: A datetime object.
+    Returns:
+        A string representing the datetime in ISO 8601 format.
+    """
+    return ensure_utc(dt).strftime(ISO8601)
+def to_utc_microseconds_iso_format(dt: datetime) -> str:
+    """
+    Convert a datetime object to ISO 8601 format with microseconds YYYY-MM-DDTHH:MM:SS.mmmmmmZ.
+    Args:
+        dt: A datetime object.
+    Returns:
+        A string representing the datetime in ISO 8601 format with microseconds.
+    """
+    return ensure_utc(dt).strftime(ISO8601_MICRO)
+def from_utc_iso_format(dt_str: str) -> datetime:
+    """
+    Parse a datetime string in ISO 8601 format to a datetime object.
+    Args:
+        dt_str: A string representing the datetime in ISO 8601 format.
+    Returns:
+        A datetime object in UTC timezone.
+    """
+    return ensure_utc(datetime.fromisoformat(dt_str))

reconcile/utils/deadmanssnitch_api.py CHANGED Viewed

@@ -26,7 +26,7 @@ class Snitch(BaseModel):
     interval: str
     alert_type: str
     alert_email: list[str]
-    vault_data: str | None
+    vault_data: str | None = None
     def needs_vault_update(self) -> bool:
         return self.vault_data is not None and self.check_in_url != self.vault_data

reconcile/utils/differ.py CHANGED Viewed

@@ -7,7 +7,6 @@ from collections.abc import (
 from dataclasses import dataclass
 from typing import (
     Any,
-    Generic,
     TypeVar,
 )
@@ -18,13 +17,13 @@ Key = TypeVar("Key")
 @dataclass(frozen=True, eq=True)
-class DiffPair(Generic[Current, Desired]):
+class DiffPair[Current, Desired]:
     current: Current
     desired: Desired
 @dataclass(frozen=True, eq=True)
-class DiffResult(Generic[Current, Desired, Key]):
+class DiffResult[Current, Desired, Key]:
     add: dict[Key, Desired]
     delete: dict[Key, Current]
     change: dict[Key, DiffPair[Current, Desired]]

qontract-reconcile 0.10.2.dev334__py3-none-any.whl → 0.10.2.dev439__py3-none-any.whl

Potentially problematic release.

qontract-reconcile 0.10.2.dev334py3-none-any.whl → 0.10.2.dev439py3-none-any.whl