PyPI - qontract-reconcile - Versions diffs - 0.10.2.dev361__py3-none-any.whl → 0.10.2.dev474__py3-none-any.whl - Mend

qontract-reconcile 0.10.2.dev361py3-none-any.whl → 0.10.2.dev474py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (371) hide show

{qontract_reconcile-0.10.2.dev361.dist-info → qontract_reconcile-0.10.2.dev474.dist-info}/METADATA +14 -13
{qontract_reconcile-0.10.2.dev361.dist-info → qontract_reconcile-0.10.2.dev474.dist-info}/RECORD +371 -364
{qontract_reconcile-0.10.2.dev361.dist-info → qontract_reconcile-0.10.2.dev474.dist-info}/WHEEL +1 -1
reconcile/acs_rbac.py +2 -2
reconcile/aus/advanced_upgrade_service.py +18 -12
reconcile/aus/aus_sts_gate_handler.py +59 -0
reconcile/aus/base.py +137 -34
reconcile/aus/cluster_version_data.py +15 -5
reconcile/aus/models.py +3 -1
reconcile/aus/ocm_addons_upgrade_scheduler_org.py +1 -0
reconcile/aus/ocm_upgrade_scheduler.py +8 -1
reconcile/aus/ocm_upgrade_scheduler_org.py +20 -5
reconcile/aus/version_gate_approver.py +1 -16
reconcile/aus/version_gates/sts_version_gate_handler.py +5 -72
reconcile/automated_actions/config/integration.py +16 -4
reconcile/aws_account_manager/integration.py +21 -9
reconcile/aws_account_manager/reconciler.py +3 -3
reconcile/aws_account_manager/utils.py +1 -1
reconcile/aws_ami_cleanup/integration.py +8 -12
reconcile/aws_ami_share.py +69 -62
reconcile/aws_cloudwatch_log_retention/integration.py +155 -126
reconcile/aws_ecr_image_pull_secrets.py +1 -1
reconcile/aws_iam_keys.py +1 -0
reconcile/aws_saml_idp/integration.py +12 -4
reconcile/aws_saml_roles/integration.py +30 -23
reconcile/aws_version_sync/integration.py +6 -12
reconcile/change_owners/README.md +1 -1
reconcile/change_owners/bundle.py +3 -3
reconcile/change_owners/change_log_tracking.py +3 -2
reconcile/change_owners/change_owners.py +108 -42
reconcile/change_owners/decision.py +1 -1
reconcile/change_owners/diff.py +0 -2
reconcile/checkpoint.py +11 -3
reconcile/cli.py +94 -11
reconcile/dashdotdb_dora.py +5 -12
reconcile/dashdotdb_slo.py +1 -1
reconcile/database_access_manager.py +123 -117
reconcile/dynatrace_token_provider/integration.py +1 -1
reconcile/endpoints_discovery/integration.py +4 -1
reconcile/endpoints_discovery/merge_request.py +1 -1
reconcile/endpoints_discovery/merge_request_manager.py +8 -8
reconcile/external_resources/factories.py +4 -6
reconcile/external_resources/integration.py +1 -1
reconcile/external_resources/manager.py +8 -6
reconcile/external_resources/meta.py +0 -1
reconcile/external_resources/metrics.py +1 -1
reconcile/external_resources/model.py +19 -15
reconcile/external_resources/reconciler.py +7 -4
reconcile/external_resources/secrets_sync.py +6 -10
reconcile/external_resources/state.py +26 -16
reconcile/fleet_labeler/integration.py +1 -1
reconcile/gabi_authorized_users.py +5 -2
reconcile/gcp_image_mirror.py +2 -2
reconcile/github_org.py +1 -1
reconcile/github_owners.py +4 -0
reconcile/gitlab_housekeeping.py +13 -15
reconcile/gitlab_members.py +6 -12
reconcile/gitlab_owners.py +15 -11
reconcile/gitlab_permissions.py +8 -12
reconcile/glitchtip_project_alerts/integration.py +3 -1
reconcile/gql_definitions/acs/acs_instances.py +5 -5
reconcile/gql_definitions/acs/acs_policies.py +5 -5
reconcile/gql_definitions/acs/acs_rbac.py +5 -5
reconcile/gql_definitions/advanced_upgrade_service/aus_clusters.py +5 -5
reconcile/gql_definitions/advanced_upgrade_service/aus_organization.py +5 -5
reconcile/gql_definitions/app_interface_metrics_exporter/onboarding_status.py +5 -5
reconcile/gql_definitions/app_sre_tekton_access_revalidation/roles.py +5 -5
reconcile/gql_definitions/app_sre_tekton_access_revalidation/users.py +5 -5
reconcile/gql_definitions/automated_actions/instance.py +46 -7
reconcile/gql_definitions/aws_account_manager/aws_accounts.py +14 -5
reconcile/gql_definitions/aws_ami_cleanup/aws_accounts.py +15 -5
reconcile/gql_definitions/aws_cloudwatch_log_retention/aws_accounts.py +27 -66
reconcile/gql_definitions/aws_saml_idp/aws_accounts.py +15 -5
reconcile/gql_definitions/aws_saml_roles/aws_accounts.py +15 -5
reconcile/gql_definitions/aws_saml_roles/roles.py +5 -5
reconcile/gql_definitions/aws_version_sync/clusters.py +5 -5
reconcile/gql_definitions/aws_version_sync/namespaces.py +5 -5
reconcile/gql_definitions/change_owners/queries/change_types.py +5 -5
reconcile/gql_definitions/change_owners/queries/self_service_roles.py +5 -5
reconcile/gql_definitions/cluster_auth_rhidp/clusters.py +5 -5
reconcile/gql_definitions/common/alerting_services_settings.py +5 -5
reconcile/gql_definitions/common/app_code_component_repos.py +5 -5
reconcile/gql_definitions/common/app_interface_custom_messages.py +5 -5
reconcile/gql_definitions/common/app_interface_dms_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_repo_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_roles.py +5 -5
reconcile/gql_definitions/common/app_interface_state_settings.py +5 -5
reconcile/gql_definitions/common/app_interface_vault_settings.py +5 -5
reconcile/gql_definitions/common/app_quay_repos_escalation_policies.py +5 -5
reconcile/gql_definitions/common/apps.py +5 -5
reconcile/gql_definitions/common/aws_vpc_requests.py +18 -5
reconcile/gql_definitions/common/aws_vpcs.py +5 -5
reconcile/gql_definitions/common/clusters.py +7 -5
reconcile/gql_definitions/common/clusters_minimal.py +5 -5
reconcile/gql_definitions/common/clusters_with_dms.py +5 -5
reconcile/gql_definitions/common/clusters_with_peering.py +5 -5
reconcile/gql_definitions/common/github_orgs.py +5 -5
reconcile/gql_definitions/common/jira_settings.py +5 -5
reconcile/gql_definitions/common/jiralert_settings.py +5 -5
reconcile/gql_definitions/common/ldap_settings.py +5 -5
reconcile/gql_definitions/common/namespaces.py +5 -5
reconcile/gql_definitions/common/namespaces_minimal.py +7 -5
reconcile/gql_definitions/common/ocm_env_telemeter.py +5 -5
reconcile/gql_definitions/common/ocm_environments.py +5 -5
reconcile/gql_definitions/common/pagerduty_instances.py +5 -5
reconcile/gql_definitions/common/pgp_reencryption_settings.py +5 -5
reconcile/gql_definitions/common/pipeline_providers.py +5 -5
reconcile/gql_definitions/common/quay_instances.py +5 -5
reconcile/gql_definitions/common/quay_orgs.py +5 -5
reconcile/gql_definitions/common/reserved_networks.py +5 -5
reconcile/gql_definitions/common/rhcs_provider_settings.py +5 -5
reconcile/gql_definitions/common/saas_files.py +5 -5
reconcile/gql_definitions/common/saas_target_namespaces.py +5 -5
reconcile/gql_definitions/common/saasherder_settings.py +5 -5
reconcile/gql_definitions/common/slack_workspaces.py +5 -5
reconcile/gql_definitions/common/smtp_client_settings.py +5 -5
reconcile/gql_definitions/common/state_aws_account.py +5 -5
reconcile/gql_definitions/common/users.py +5 -5
reconcile/gql_definitions/common/users_with_paths.py +5 -5
reconcile/gql_definitions/cost_report/app_names.py +5 -5
reconcile/gql_definitions/cost_report/cost_namespaces.py +5 -5
reconcile/gql_definitions/cost_report/settings.py +5 -5
reconcile/gql_definitions/dashdotdb_slo/slo_documents_query.py +5 -5
reconcile/gql_definitions/dynatrace_token_provider/dynatrace_bootstrap_tokens.py +5 -5
reconcile/gql_definitions/dynatrace_token_provider/token_specs.py +5 -5
reconcile/gql_definitions/email_sender/apps.py +5 -5
reconcile/gql_definitions/email_sender/emails.py +5 -5
reconcile/gql_definitions/email_sender/users.py +5 -5
reconcile/gql_definitions/endpoints_discovery/apps.py +5 -5
reconcile/gql_definitions/external_resources/aws_accounts.py +5 -5
reconcile/gql_definitions/external_resources/external_resources_modules.py +5 -5
reconcile/gql_definitions/external_resources/external_resources_namespaces.py +38 -7
reconcile/gql_definitions/external_resources/external_resources_settings.py +5 -5
reconcile/gql_definitions/external_resources/fragments/external_resources_module_overrides.py +5 -5
reconcile/gql_definitions/fleet_labeler/fleet_labels.py +5 -5
reconcile/gql_definitions/fragments/aus_organization.py +5 -5
reconcile/gql_definitions/fragments/aws_account_common.py +7 -5
reconcile/gql_definitions/fragments/aws_account_managed.py +5 -5
reconcile/gql_definitions/fragments/aws_account_sso.py +5 -5
reconcile/gql_definitions/fragments/aws_infra_management_account.py +5 -5
reconcile/gql_definitions/fragments/aws_organization.py +33 -0
reconcile/gql_definitions/fragments/aws_vpc.py +5 -5
reconcile/gql_definitions/fragments/aws_vpc_request.py +12 -5
reconcile/gql_definitions/fragments/container_image_mirror.py +5 -5
reconcile/gql_definitions/fragments/deploy_resources.py +5 -5
reconcile/gql_definitions/fragments/disable.py +5 -5
reconcile/gql_definitions/fragments/email_service.py +5 -5
reconcile/gql_definitions/fragments/email_user.py +5 -5
reconcile/gql_definitions/fragments/jumphost_common_fields.py +5 -5
reconcile/gql_definitions/fragments/membership_source.py +5 -5
reconcile/gql_definitions/fragments/minimal_ocm_organization.py +5 -5
reconcile/gql_definitions/fragments/oc_connection_cluster.py +5 -5
reconcile/gql_definitions/fragments/ocm_environment.py +5 -5
reconcile/gql_definitions/fragments/pipeline_provider_retention.py +5 -5
reconcile/gql_definitions/fragments/prometheus_instance.py +5 -5
reconcile/gql_definitions/fragments/resource_limits_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_requests_requirements.py +5 -5
reconcile/gql_definitions/fragments/resource_values.py +5 -5
reconcile/gql_definitions/fragments/saas_slo_document.py +5 -5
reconcile/gql_definitions/fragments/saas_target_namespace.py +5 -5
reconcile/gql_definitions/fragments/serviceaccount_token.py +5 -5
reconcile/gql_definitions/fragments/terraform_state.py +5 -5
reconcile/gql_definitions/fragments/upgrade_policy.py +5 -5
reconcile/gql_definitions/fragments/user.py +5 -5
reconcile/gql_definitions/fragments/vault_secret.py +5 -5
reconcile/gql_definitions/gcp/gcp_docker_repos.py +5 -5
reconcile/gql_definitions/gcp/gcp_projects.py +5 -5
reconcile/gql_definitions/gitlab_members/gitlab_instances.py +5 -5
reconcile/gql_definitions/gitlab_members/permissions.py +5 -5
reconcile/gql_definitions/glitchtip/glitchtip_instance.py +5 -5
reconcile/gql_definitions/glitchtip/glitchtip_project.py +5 -5
reconcile/gql_definitions/glitchtip_project_alerts/glitchtip_project.py +5 -5
reconcile/gql_definitions/integrations/integrations.py +5 -5
reconcile/gql_definitions/introspection.json +775 -136
reconcile/gql_definitions/jenkins_configs/jenkins_configs.py +5 -5
reconcile/gql_definitions/jenkins_configs/jenkins_instances.py +5 -5
reconcile/gql_definitions/jira/jira_servers.py +5 -5
reconcile/gql_definitions/jira_permissions_validator/jira_boards_for_permissions_validator.py +9 -5
reconcile/gql_definitions/jumphosts/jumphosts.py +5 -5
reconcile/gql_definitions/ldap_groups/roles.py +5 -5
reconcile/gql_definitions/ldap_groups/settings.py +5 -5
reconcile/gql_definitions/maintenance/maintenances.py +5 -5
reconcile/gql_definitions/membershipsources/roles.py +5 -5
reconcile/gql_definitions/ocm_labels/clusters.py +5 -5
reconcile/gql_definitions/ocm_labels/organizations.py +5 -5
reconcile/gql_definitions/openshift_cluster_bots/clusters.py +5 -5
reconcile/gql_definitions/openshift_groups/managed_groups.py +5 -5
reconcile/gql_definitions/openshift_groups/managed_roles.py +5 -5
reconcile/gql_definitions/openshift_serviceaccount_tokens/tokens.py +5 -5
reconcile/gql_definitions/quay_membership/quay_membership.py +5 -5
reconcile/gql_definitions/rhcs/certs.py +25 -79
reconcile/gql_definitions/rhcs/openshift_resource_rhcs_cert.py +43 -0
reconcile/gql_definitions/rhidp/organizations.py +5 -5
reconcile/gql_definitions/service_dependencies/jenkins_instance_fragment.py +5 -5
reconcile/gql_definitions/service_dependencies/service_dependencies.py +5 -5
reconcile/gql_definitions/sharding/aws_accounts.py +5 -5
reconcile/gql_definitions/sharding/ocm_organization.py +5 -5
reconcile/gql_definitions/skupper_network/site_controller_template.py +5 -5
reconcile/gql_definitions/skupper_network/skupper_networks.py +5 -5
reconcile/gql_definitions/slack_usergroups/clusters.py +5 -5
reconcile/gql_definitions/slack_usergroups/permissions.py +5 -5
reconcile/gql_definitions/slack_usergroups/users.py +5 -5
reconcile/gql_definitions/slo_documents/slo_documents.py +5 -5
reconcile/gql_definitions/status_board/status_board.py +5 -5
reconcile/gql_definitions/statuspage/statuspages.py +5 -5
reconcile/gql_definitions/templating/template_collection.py +5 -5
reconcile/gql_definitions/templating/templates.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_dns/app_interface_cloudflare_dns_settings.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_dns/terraform_cloudflare_zones.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_accounts.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_resources/terraform_cloudflare_resources.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_users/app_interface_setting_cloudflare_and_vault.py +5 -5
reconcile/gql_definitions/terraform_cloudflare_users/terraform_cloudflare_roles.py +5 -5
reconcile/gql_definitions/terraform_init/aws_accounts.py +19 -5
reconcile/gql_definitions/terraform_repo/terraform_repo.py +5 -5
reconcile/gql_definitions/terraform_resources/database_access_manager.py +5 -5
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +37 -7
reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py +15 -5
reconcile/gql_definitions/unleash_feature_toggles/feature_toggles.py +5 -5
reconcile/gql_definitions/vault_instances/vault_instances.py +5 -5
reconcile/gql_definitions/vault_policies/vault_policies.py +5 -5
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator.py +8 -5
reconcile/gql_definitions/vpc_peerings_validator/vpc_peerings_validator_peered_cluster_fragment.py +6 -5
reconcile/integrations_manager.py +3 -3
reconcile/jenkins_worker_fleets.py +10 -8
reconcile/jira_permissions_validator.py +237 -122
reconcile/ldap_groups/integration.py +1 -1
reconcile/ocm/types.py +35 -57
reconcile/ocm_aws_infrastructure_access.py +1 -1
reconcile/ocm_clusters.py +4 -4
reconcile/ocm_labels/integration.py +3 -2
reconcile/ocm_machine_pools.py +33 -27
reconcile/openshift_base.py +113 -4
reconcile/openshift_cluster_bots.py +1 -1
reconcile/openshift_namespace_labels.py +1 -1
reconcile/openshift_namespaces.py +96 -101
reconcile/openshift_resources_base.py +6 -2
reconcile/openshift_rhcs_certs.py +74 -37
reconcile/openshift_rolebindings.py +7 -11
reconcile/openshift_saas_deploy.py +4 -5
reconcile/openshift_saas_deploy_change_tester.py +9 -7
reconcile/openshift_saas_deploy_trigger_cleaner.py +3 -5
reconcile/openshift_serviceaccount_tokens.py +2 -2
reconcile/openshift_upgrade_watcher.py +4 -4
reconcile/oum/labelset.py +5 -3
reconcile/oum/models.py +1 -4
reconcile/prometheus_rules_tester/integration.py +3 -3
reconcile/quay_base.py +25 -6
reconcile/quay_membership.py +55 -29
reconcile/quay_mirror.py +1 -1
reconcile/quay_mirror_org.py +6 -4
reconcile/quay_permissions.py +81 -75
reconcile/quay_repos.py +35 -37
reconcile/queries.py +132 -1
reconcile/rhidp/common.py +3 -5
reconcile/rhidp/sso_client/base.py +16 -5
reconcile/saas_auto_promotions_manager/merge_request_manager/renderer.py +1 -1
reconcile/saas_auto_promotions_manager/subscriber.py +4 -3
reconcile/skupper_network/integration.py +2 -2
reconcile/slack_usergroups.py +35 -14
reconcile/sql_query.py +1 -0
reconcile/status_board.py +6 -6
reconcile/statuspage/atlassian.py +7 -7
reconcile/statuspage/integrations/maintenances.py +4 -3
reconcile/statuspage/page.py +4 -9
reconcile/statuspage/status.py +5 -8
reconcile/templates/rosa-classic-cluster-creation.sh.j2 +1 -1
reconcile/templates/rosa-hcp-cluster-creation.sh.j2 +1 -1
reconcile/templating/lib/rendering.py +3 -3
reconcile/templating/renderer.py +2 -2
reconcile/templating/validator.py +4 -4
reconcile/terraform_aws_route53.py +7 -1
reconcile/terraform_cloudflare_dns.py +3 -3
reconcile/terraform_cloudflare_resources.py +5 -5
reconcile/terraform_cloudflare_users.py +3 -2
reconcile/terraform_init/integration.py +187 -23
reconcile/terraform_repo.py +16 -12
reconcile/terraform_resources.py +6 -6
reconcile/terraform_tgw_attachments.py +27 -19
reconcile/terraform_users.py +7 -0
reconcile/terraform_vpc_peerings.py +14 -3
reconcile/terraform_vpc_resources/integration.py +20 -8
reconcile/terraform_vpc_resources/merge_request.py +12 -2
reconcile/terraform_vpc_resources/merge_request_manager.py +43 -19
reconcile/typed_queries/aws_account_tags.py +41 -0
reconcile/typed_queries/cost_report/app_names.py +1 -1
reconcile/typed_queries/cost_report/cost_namespaces.py +2 -2
reconcile/typed_queries/saas_files.py +20 -15
reconcile/typed_queries/status_board.py +2 -2
reconcile/unleash_feature_toggles/integration.py +4 -2
reconcile/utils/acs/base.py +6 -3
reconcile/utils/acs/policies.py +2 -2
reconcile/utils/aws_api.py +51 -20
reconcile/utils/aws_api_typed/api.py +38 -9
reconcile/utils/aws_api_typed/cloudformation.py +149 -0
reconcile/utils/aws_api_typed/logs.py +73 -0
reconcile/utils/aws_api_typed/organization.py +4 -2
reconcile/utils/binary.py +7 -12
reconcile/utils/datetime_util.py +67 -0
reconcile/utils/deadmanssnitch_api.py +1 -1
reconcile/utils/differ.py +2 -3
reconcile/utils/early_exit_cache.py +11 -12
reconcile/utils/environ.py +5 -0
reconcile/utils/expiration.py +7 -3
reconcile/utils/external_resource_spec.py +2 -0
reconcile/utils/filtering.py +1 -1
reconcile/utils/gitlab_api.py +19 -5
reconcile/utils/glitchtip/client.py +6 -2
reconcile/utils/glitchtip/models.py +25 -28
reconcile/utils/gql.py +4 -7
reconcile/utils/helpers.py +1 -1
reconcile/utils/instrumented_wrappers.py +1 -1
reconcile/utils/internal_groups/client.py +2 -2
reconcile/utils/internal_groups/models.py +8 -17
reconcile/utils/jinja2/utils.py +6 -101
reconcile/utils/jira_client.py +82 -63
reconcile/utils/jjb_client.py +26 -13
reconcile/utils/jobcontroller/controller.py +2 -2
reconcile/utils/jobcontroller/models.py +17 -1
reconcile/utils/json.py +43 -1
reconcile/utils/membershipsources/app_interface_resolver.py +4 -2
reconcile/utils/membershipsources/models.py +16 -23
reconcile/utils/membershipsources/resolver.py +4 -2
reconcile/utils/merge_request_manager/merge_request_manager.py +4 -4
reconcile/utils/merge_request_manager/parser.py +6 -6
reconcile/utils/metrics.py +5 -5
reconcile/utils/models.py +304 -82
reconcile/utils/mr/app_interface_reporter.py +2 -2
reconcile/utils/mr/notificator.py +3 -3
reconcile/utils/mr/update_access_report_base.py +3 -4
reconcile/utils/mr/user_maintenance.py +3 -2
reconcile/utils/oc.py +252 -201
reconcile/utils/oc_filters.py +3 -3
reconcile/utils/ocm/addons.py +0 -1
reconcile/utils/ocm/base.py +17 -20
reconcile/utils/ocm/cluster_groups.py +1 -1
reconcile/utils/ocm/identity_providers.py +2 -2
reconcile/utils/ocm/labels.py +1 -1
reconcile/utils/ocm/products.py +8 -8
reconcile/utils/ocm/search_filters.py +3 -6
reconcile/utils/ocm/service_log.py +4 -6
reconcile/utils/ocm/sre_capability_labels.py +20 -13
reconcile/utils/openshift_resource.py +8 -3
reconcile/utils/pagerduty_api.py +10 -7
reconcile/utils/promotion_state.py +6 -11
reconcile/utils/quay_api.py +74 -87
reconcile/utils/raw_github_api.py +1 -1
reconcile/utils/rhcsv2_certs.py +86 -23
reconcile/utils/rosa/session.py +16 -0
reconcile/utils/runtime/integration.py +2 -3
reconcile/utils/runtime/runner.py +2 -2
reconcile/utils/saasherder/interfaces.py +13 -20
reconcile/utils/saasherder/models.py +23 -20
reconcile/utils/saasherder/saasherder.py +50 -27
reconcile/utils/slack_api.py +2 -2
reconcile/utils/sloth.py +171 -2
reconcile/utils/structs.py +1 -1
reconcile/utils/terraform_client.py +5 -4
reconcile/utils/terrascript_aws_client.py +274 -124
reconcile/utils/unleash/server.py +2 -8
reconcile/utils/vault.py +5 -12
reconcile/utils/vcs.py +8 -8
reconcile/vault_replication.py +107 -42
reconcile/vpc_peerings_validator.py +13 -0
tools/app_interface_reporter.py +4 -4
tools/cli_commands/cost_report/cost_management_api.py +3 -3
tools/cli_commands/cost_report/view.py +7 -6
tools/cli_commands/erv2.py +1 -1
tools/qontract_cli.py +28 -17
tools/template_validation.py +3 -1
{qontract_reconcile-0.10.2.dev361.dist-info → qontract_reconcile-0.10.2.dev474.dist-info}/entry_points.txt +0 -0

reconcile/terraform_tgw_attachments.py CHANGED Viewed

@@ -32,6 +32,7 @@ from reconcile.typed_queries.app_interface_vault_settings import (
     get_app_interface_vault_settings,
 )
 from reconcile.typed_queries.clusters_with_peering import get_clusters_with_peering
+from reconcile.typed_queries.external_resources import get_settings
 from reconcile.typed_queries.terraform_tgw_attachments.aws_accounts import (
     get_aws_accounts,
 )
@@ -68,7 +69,7 @@ class ValidationError(Exception):
 class TGWAccountProviderInfo(BaseModel):
     name: str
     uid: str
-    assume_role: str | None
+    assume_role: str | None = None
     assume_region: str
@@ -80,10 +81,10 @@ class Requester(BaseModel):
     tgw_id: str
     tgw_arn: str
     region: str
-    routes: list[dict] | None
-    rules: list[dict] | None
-    hostedzones: list[str] | None
-    cidr_block: str | None
+    routes: list[dict] | None = None
+    rules: list[dict] | None = None
+    hostedzones: list[str] | None = None
+    cidr_block: str | None = None
     cidr_blocks: list[str]
     account: TGWAccountProviderInfo
@@ -91,11 +92,11 @@ class Requester(BaseModel):
 class Accepter(BaseModel):
     cidr_block: str
     region: str
-    vpc_id: str | None
-    route_table_ids: list[str] | None
-    subnets_id_az: list[dict[str, str]] | None
+    vpc_id: str | None = None
+    route_table_ids: list[str] | None = None
+    subnets_id_az: list[dict[str, str]] | None = None
     account: ClusterAccountProviderInfo
-    api_security_group_id: str | None
+    api_security_group_id: str | None = None
 class DesiredStateItem(BaseModel):
@@ -192,7 +193,7 @@ def _build_desired_state_tgw_connection(
         yield None
     account_tgws = awsapi.get_tgws_details(
-        peer_connection.account.dict(by_alias=True),
+        peer_connection.account.model_dump(by_alias=True),
         cluster_region,
         cluster_cidr_block,
         tags=peer_connection.tags or {},
@@ -274,7 +275,7 @@ def _build_accepter(
     )
     (vpc_id, route_table_ids, subnets_id_az, api_security_group_id) = (
         awsapi.get_cluster_vpc_details(
-            account.dict(by_alias=True),
+            account.model_dump(by_alias=True),
             route_tables=bool(peer_connection.manage_routes),
             subnets=True,
             hcp_vpc_endpoint_sg=allow_hcp_private_api_access,
@@ -317,12 +318,12 @@ def _build_ocm_map(
     clusters: Iterable[ClusterV1],
     vault_settings: AppInterfaceSettingsV1,
 ) -> OCMMap | None:
-    ocm_clusters = [c.dict(by_alias=True) for c in clusters if c.ocm]
+    ocm_clusters = [c.model_dump(by_alias=True) for c in clusters if c.ocm]
     return (
         OCMMap(
             clusters=ocm_clusters,
             integration=QONTRACT_INTEGRATION,
-            settings=vault_settings.dict(by_alias=True),
+            settings=vault_settings.model_dump(by_alias=True),
         )
         if ocm_clusters
         # this is a case for an OCP cluster which is not provisioned
@@ -346,7 +347,7 @@ def _populate_tgw_attachments_working_dirs(
     accounts_by_infra_account_name: dict[str, list[dict[str, Any]]] = {}
     for item in desired_state:
         accounts_by_infra_account_name.setdefault(item.infra_acount_name, []).append(
-            item.accepter.account.dict(by_alias=True)
+            item.accepter.account.model_dump(by_alias=True)
         )
     for infra_account_name, accounts in accounts_by_infra_account_name.items():
         ts.populate_additional_providers(infra_account_name, accounts)
@@ -428,7 +429,9 @@ def setup(
     print_to_file: str | None = None,
 ) -> tuple[SecretReaderBase, AWSApi, Terraform, Terrascript]:
     tgw_clusters = desired_state_data_source.clusters
-    all_accounts = [a.dict(by_alias=True) for a in desired_state_data_source.accounts]
+    all_accounts = [
+        a.model_dump(by_alias=True) for a in desired_state_data_source.accounts
+    ]
     account_by_name = {a["name"]: a for a in all_accounts}
     vault_settings = get_app_interface_vault_settings()
     secret_reader = create_secret_reader(vault_settings.vault)
@@ -444,13 +447,18 @@ def setup(
         raise RuntimeError("Could not find VPC ID for cluster")
     _validate_tgw_connection_names(desired_state)
+    try:
+        default_tags = get_settings().default_tags
+    except ValueError:
+        # no external resources settings found
+        default_tags = None
     ts = Terrascript(
         QONTRACT_INTEGRATION,
         "",
         thread_pool_size,
         tgw_accounts,
-        settings=vault_settings.dict(by_alias=True),
+        settings=vault_settings.model_dump(by_alias=True),
+        default_tags=default_tags,
     )
     tgw_rosa_cluster_accounts = [
         account_by_name[c.spec.account.name]
@@ -510,7 +518,7 @@ def run(
 ) -> None:
     desired_state_data_source = _fetch_desired_state_data_source(account_name)
     tgw_accounts = [
-        a.dict(by_alias=True)
+        a.model_dump(by_alias=True)
         for a in _filter_tgw_accounts(
             desired_state_data_source.accounts, desired_state_data_source.clusters
         )
@@ -567,7 +575,7 @@ def early_exit_desired_state(*args: Any, **kwargs: Any) -> dict[str, Any]:
     desired_state = _fetch_desired_state_data_source()
     for a in desired_state.accounts:
         a.deletion_approvals = []
-    return desired_state.dict(by_alias=True)
+    return desired_state.model_dump(by_alias=True)
 def desired_state_shard_config() -> DesiredStateShardConfig:

reconcile/terraform_users.py CHANGED Viewed

@@ -11,6 +11,7 @@ from reconcile import (
 )
 from reconcile.change_owners.diff import IDENTIFIER_FIELD_NAME
 from reconcile.gql_definitions.common.pgp_reencryption_settings import query
+from reconcile.typed_queries.external_resources import get_settings
 from reconcile.utils import (
     expiration,
     gql,
@@ -126,12 +127,18 @@ def setup(
     participating_aws_accounts = _filter_participating_aws_accounts(accounts, roles)
     settings = queries.get_app_interface_settings()
+    try:
+        default_tags = get_settings().default_tags
+    except ValueError:
+        # no external resources settings found
+        default_tags = None
     ts = Terrascript(
         QONTRACT_INTEGRATION,
         QONTRACT_TF_PREFIX,
         thread_pool_size,
         participating_aws_accounts,
         settings=settings,
+        default_tags=default_tags,
     )
     err = ts.populate_users(
         roles,

reconcile/terraform_vpc_peerings.py CHANGED Viewed

@@ -7,6 +7,7 @@ from typing import Any, TypedDict
 import reconcile.utils.terraform_client as terraform
 import reconcile.utils.terrascript_aws_client as terrascript
 from reconcile import queries
+from reconcile.typed_queries import external_resources
 from reconcile.utils import (
     aws_api,
     ocm,
@@ -654,8 +655,18 @@ def run(
         ])
     account_by_name = {a["name"]: a for a in accounts}
+    try:
+        default_tags = external_resources.get_settings().default_tags
+    except ValueError:
+        # no external resources settings found
+        default_tags = None
     with terrascript.TerrascriptClient(
-        QONTRACT_INTEGRATION, "", thread_pool_size, infra_accounts, settings=settings
+        QONTRACT_INTEGRATION,
+        "",
+        thread_pool_size,
+        infra_accounts,
+        settings=settings,
+        default_tags=default_tags,
     ) as ts:
         rosa_cluster_accounts = [
             account_by_name[c["spec"]["account"]["name"]]
@@ -664,8 +675,8 @@ def run(
         ]
         ts.populate_configs(rosa_cluster_accounts)
-        for infra_account_name, items in participating_accounts.items():
-            ts.populate_additional_providers(infra_account_name, items)
+        for infra_account_name, accounts in participating_accounts.items():
+            ts.populate_additional_providers(infra_account_name, accounts)
         ts.populate_vpc_peerings(desired_state)
         working_dirs = ts.dump(print_to_file=print_to_file)
         terraform_configurations = ts.terraform_configurations()

reconcile/terraform_vpc_resources/integration.py CHANGED Viewed

@@ -20,9 +20,11 @@ from reconcile.typed_queries.app_interface_vault_settings import (
     get_app_interface_vault_settings,
 )
 from reconcile.typed_queries.aws_vpc_requests import get_aws_vpc_requests
+from reconcile.typed_queries.external_resources import get_settings
 from reconcile.typed_queries.github_orgs import get_github_orgs
 from reconcile.typed_queries.gitlab_instances import get_gitlab_instances
 from reconcile.utils import gql
+from reconcile.utils.disabled_integrations import integration_is_enabled
 from reconcile.utils.runtime.integration import (
     DesiredStateShardConfig,
     PydanticRunParams,
@@ -61,12 +63,14 @@ class TerraformVpcResources(QontractReconcileIntegration[TerraformVpcResourcesPa
     ) -> list[AWSAccountV1]:
         """Return a list of accounts extracted from the provided VPCRequests.
         If account_name is given returns the account object with that name."""
-        accounts = [vpc.account for vpc in data]
-        if account_name:
-            accounts = [account for account in accounts if account.name == account_name]
-        return accounts
+        return [
+            vpc.account
+            for vpc in data
+            if (
+                integration_is_enabled(self.name, vpc.account)
+                and (not account_name or vpc.account.name == account_name)
+            )
+        ]
     def _handle_outputs(
         self, requests: Iterable[VPCRequest], outputs: Mapping[str, Any]
@@ -154,20 +158,28 @@ class TerraformVpcResources(QontractReconcileIntegration[TerraformVpcResourcesPa
         if data:
             accounts = self._filter_accounts(data, account_name)
             if account_name and not accounts:
-                msg = f"The account {account_name} doesn't have any managed vpc. Verify your input"
+                msg = f"The account {account_name} doesn't have any managed vpcs or the {QONTRACT_INTEGRATION} integration is disabled for this account. Verify your input"
                 logging.debug(msg)
                 sys.exit(ExitCodes.SUCCESS)
         else:
             logging.debug("No VPC requests found, nothing to do.")
             sys.exit(ExitCodes.SUCCESS)
-        accounts_untyped: list[dict] = [acc.dict(by_alias=True) for acc in accounts]
+        accounts_untyped: list[dict] = [
+            acc.model_dump(by_alias=True) for acc in accounts
+        ]
+        try:
+            default_tags = get_settings().default_tags
+        except ValueError:
+            # no external resources settings found
+            default_tags = None
         with TerrascriptClient(
             integration=QONTRACT_INTEGRATION,
             integration_prefix=QONTRACT_TF_PREFIX,
             thread_pool_size=thread_pool_size,
             accounts=accounts_untyped,
             secret_reader=secret_reader,
+            default_tags=default_tags,
         ) as ts_client:
             ts_client.populate_vpc_requests(data, AWS_PROVIDER_VERSION)

reconcile/terraform_vpc_resources/merge_request.py CHANGED Viewed

@@ -1,5 +1,6 @@
 import re
 import string
+from enum import StrEnum
 from pydantic import BaseModel
@@ -9,6 +10,12 @@ PROMOTION_DATA_SEPARATOR = "**DO NOT MANUALLY CHANGE ANYTHING BELOW THIS LINE**"
 VERSION = "0.1.0"
 LABEL = "terraform-vpc-resources"
+class Action(StrEnum):
+    CREATE = "create"
+    UPDATE = "update"
 VERSION_REF = "tf_vpc_resources_version"
 ACCOUNT_REF = "account"
 COMPILED_REGEXES = {
@@ -53,5 +60,8 @@ class Renderer:
     def render_description(self, account: str) -> str:
         return DESC.safe_substitute(account=account)
-    def render_title(self, account: str) -> str:
-        return f"[auto] VPC data file creation to {account}"
+    def render_title(self, account: str, action: Action) -> str:
+        return f"[auto] {action} VPC data file for {account}"
+    def render_update_title(self, account: str) -> str:
+        return f"[auto] VPC data file update for {account}"

reconcile/terraform_vpc_resources/merge_request_manager.py CHANGED Viewed

@@ -5,6 +5,7 @@ from pydantic import BaseModel
 from reconcile.terraform_vpc_resources.merge_request import (
     LABEL,
+    Action,
     Info,
     Renderer,
 )
@@ -28,6 +29,7 @@ class VPCRequestMR(MergeRequestBase):
         vpc_tmpl_file_path: str,
         vpc_tmpl_file_content: str,
         labels: list[str],
+        action: Action,
     ):
         super().__init__()
         self._title = title
@@ -35,6 +37,7 @@ class VPCRequestMR(MergeRequestBase):
         self._vpc_tmpl_file_path = vpc_tmpl_file_path
         self._vpc_tmpl_file_content = vpc_tmpl_file_content
         self.labels = labels
+        self._action = action
     @property
     def title(self) -> str:
@@ -45,12 +48,21 @@ class VPCRequestMR(MergeRequestBase):
         return self._description
     def process(self, gitlab_cli: GitLabApi) -> None:
-        gitlab_cli.create_file(
-            branch_name=self.branch,
-            file_path=self._vpc_tmpl_file_path,
-            commit_message="add vpc datafile",
-            content=self._vpc_tmpl_file_content,
-        )
+        # Create or update file based on whether it already exists
+        if self._action == Action.UPDATE:
+            gitlab_cli.update_file(
+                branch_name=self.branch,
+                file_path=self._vpc_tmpl_file_path,
+                commit_message="update vpc datafile",
+                content=self._vpc_tmpl_file_content,
+            )
+        else:
+            gitlab_cli.create_file(
+                branch_name=self.branch,
+                file_path=self._vpc_tmpl_file_path,
+                commit_message="add vpc datafile",
+                content=self._vpc_tmpl_file_content,
+            )
 class MrData(BaseModel):
@@ -73,26 +85,37 @@ class MergeRequestManager(MergeRequestManagerBase[Info]):
         self._renderer = renderer
         self._auto_merge_enabled = auto_merge_enabled
-    def create_merge_request(self, data: MrData) -> None:
-        """Open a new MR, if not already present, for a VPC datafile and close any outdated before."""
-        if not self._housekeeping_ran:
-            self.housekeeping()
+    def _create_action(self, data: MrData) -> Action | None:
         if self._merge_request_already_exists({"account": data.account}):
             logging.info("MR already exists for %s", data.account)
             return None
         try:
-            self._vcs.get_file_content_from_app_interface_ref(file_path=data.path)
-            # the file exists, nothing to do
-            return None
+            existing_content = self._vcs.get_file_content_from_app_interface_ref(
+                file_path=data.path
+            )
         except GitlabGetError as e:
-            if e.response_code != 404:
-                raise
+            if e.response_code == 404:
+                return Action.CREATE
+            raise
+        if existing_content.strip() != data.content.strip():
+            return Action.UPDATE
+        logging.info("VPC data file exists and is up-to-date for %s", data.account)
+        return None
+    def create_merge_request(self, data: MrData) -> None:
+        """Open a new MR for VPC datafile updates, or update existing if changed."""
+        if not self._housekeeping_ran:
+            self.housekeeping()
+        action = self._create_action(data)
+        if action is None:
+            return
         description = self._renderer.render_description(account=data.account)
-        title = self._renderer.render_title(account=data.account)
-        logging.info("Open MR for %s", data.account)
+        title = self._renderer.render_title(account=data.account, action=action)
+        logging.info("Open MR for %s (%s)", data.account, action)
         mr_labels = [LABEL]
         if self._auto_merge_enabled:
             mr_labels.append(AUTO_MERGE)
@@ -103,5 +126,6 @@ class MergeRequestManager(MergeRequestManagerBase[Info]):
                 description=description,
                 vpc_tmpl_file_content=data.content,
                 labels=mr_labels,
+                action=action,
             )
         )

reconcile/typed_queries/aws_account_tags.py ADDED Viewed

@@ -0,0 +1,41 @@
+import json
+from collections.abc import Mapping
+from reconcile.gql_definitions.fragments.aws_organization import (
+    AWSOrganization,
+)
+def get_aws_account_tags(
+    organization: AWSOrganization | Mapping | None,
+) -> dict[str, str]:
+    """
+    Get AWS account tags by merging payer account tags
+    Args:
+        organization: AWSOrganization | Mapping | None - The organization object from which to extract tags.
+    Returns:
+        dict[str, str]: A dictionary containing the merged tags from the payer account and the account itself.
+    """
+    if organization is None:
+        return {}
+    match organization:
+        case AWSOrganization():
+            payer_account_tags = (
+                organization.payer_account.organization_account_tags or {}
+            )
+            account_tags = organization.tags or {}
+        case Mapping():
+            payer_account_tags = organization.get("payerAccount", {}).get(
+                "organizationAccountTags", {}
+            )
+            if isinstance(payer_account_tags, str):
+                payer_account_tags = json.loads(payer_account_tags)
+            account_tags = organization.get("tags", {})
+            if isinstance(account_tags, str):
+                account_tags = json.loads(account_tags)
+    return payer_account_tags | account_tags

reconcile/typed_queries/cost_report/app_names.py CHANGED Viewed

@@ -6,7 +6,7 @@ from reconcile.utils.gql import GqlApi
 class App(BaseModel):
     name: str
-    parent_app_name: str | None
+    parent_app_name: str | None = None
 def get_app_names(

reconcile/typed_queries/cost_report/cost_namespaces.py CHANGED Viewed

@@ -13,7 +13,7 @@ class CostNamespace(BaseModel, frozen=True):
     labels: CostNamespaceLabels
     app_name: str
     cluster_name: str
-    cluster_external_id: str | None
+    cluster_external_id: str | None = None
 def get_cost_namespaces(
@@ -32,7 +32,7 @@ def get_cost_namespaces(
     return [
         CostNamespace(
             name=namespace.name,
-            labels=CostNamespaceLabels.parse_obj(namespace.labels or {}),
+            labels=CostNamespaceLabels.model_validate(namespace.labels or {}),
             app_name=namespace.app.name,
             cluster_name=namespace.cluster.name,
             cluster_external_id=namespace.cluster.spec.external_id

reconcile/typed_queries/saas_files.py CHANGED Viewed

@@ -6,7 +6,6 @@ from typing import Any
 from jsonpath_ng.exceptions import JsonPathParserError
 from pydantic import (
     BaseModel,
-    Extra,
     Field,
     Json,
 )
@@ -43,6 +42,7 @@ from reconcile.gql_definitions.fragments.saas_target_namespace import (
     SaasTargetNamespace,
 )
 from reconcile.utils import gql
+from reconcile.utils.environ import used_for_security_is_enabled
 from reconcile.utils.exceptions import (
     AppInterfaceSettingsError,
     ParameterError,
@@ -51,7 +51,12 @@ from reconcile.utils.json import json_dumps
 from reconcile.utils.jsonpath import parse_jsonpath
-class SaasResourceTemplateTarget(ConfiguredBaseModel):
+class SaasResourceTemplateTarget(
+    ConfiguredBaseModel,
+    validate_by_alias=True,
+    # ignore `namespaceSelector` and 'provider' fields from the GQL schema
+    extra="ignore",
+):
     path: str | None = Field(..., alias="path")
     name: str | None = Field(..., alias="name")
     # the namespace must be required to fulfill the saas file schema (utils.saasherder.interface.SaasFile)
@@ -74,17 +79,17 @@ class SaasResourceTemplateTarget(ConfiguredBaseModel):
         self, parent_saas_file_name: str, parent_resource_template_name: str
     ) -> str:
         """Returns a unique identifier for a target."""
-        return hashlib.blake2s(
-            f"{parent_saas_file_name}:{parent_resource_template_name}:{self.name or 'default'}:{self.namespace.cluster.name}:{self.namespace.name}".encode(),
-            digest_size=20,
-        ).hexdigest()
-    class Config:
-        # ignore `namespaceSelector` and 'provider' fields from the GQL schema
-        extra = Extra.ignore
+        data = f"{parent_saas_file_name}:{parent_resource_template_name}:{self.name or 'default'}:{self.namespace.cluster.name}:{self.namespace.name}".encode()
+        if used_for_security_is_enabled():
+            # When USED_FOR_SECURITY is enabled, use blake2s without digest_size and truncate to 20 bytes
+            # This is needed for FIPS compliance where digest_size parameter is not supported
+            return hashlib.sha256(data).digest()[:20].hex()
+        else:
+            # Default behavior: use blake2s with digest_size=20
+            return hashlib.blake2s(data, digest_size=20).hexdigest()
-class SaasResourceTemplate(ConfiguredBaseModel):
+class SaasResourceTemplate(ConfiguredBaseModel, validate_by_alias=True):
     name: str = Field(..., alias="name")
     url: str = Field(..., alias="url")
     path: str = Field(..., alias="path")
@@ -97,7 +102,7 @@ class SaasResourceTemplate(ConfiguredBaseModel):
     targets: list[SaasResourceTemplateTarget] = Field(..., alias="targets")
-class SaasFile(ConfiguredBaseModel):
+class SaasFile(ConfiguredBaseModel, validate_by_alias=True):
     path: str = Field(..., alias="path")
     name: str = Field(..., alias="name")
     labels: Json | None = Field(..., alias="labels")
@@ -221,7 +226,7 @@ class SaasFileList:
             with self._namespaces_as_dict_lock:
                 self._namespaces_as_dict_cache = {
                     "namespace": [
-                        ns.dict(by_alias=True, exclude_none=True)
+                        ns.model_dump(by_alias=True, exclude_none=True)
                         for ns in self.namespaces
                     ]
                 }
@@ -283,7 +288,7 @@ class SaasFileList:
             if app_name and saas_file.app.name != app_name:
                 continue
-            sf = saas_file.copy(deep=True)
+            sf = saas_file.model_copy(deep=True)
             if env_name:
                 for rt in sf.resource_templates[:]:
                     for target in rt.targets[:]:
@@ -314,7 +319,7 @@ def convert_parameters_to_json_string(root: dict[str, Any]) -> dict[str, Any]:
 def export_model(model: BaseModel) -> dict[str, Any]:
-    return convert_parameters_to_json_string(model.dict(by_alias=True))
+    return convert_parameters_to_json_string(model.model_dump(by_alias=True))
 def get_saas_files(

reconcile/typed_queries/status_board.py CHANGED Viewed

@@ -32,7 +32,7 @@ def get_selected_app_names(
             prefix = f"{namespace.app.parent_app.name}-"
         name = f"{prefix}{namespace.app.name}"
         selected_app_names.add(name)
-        app = namespace.app.dict(by_alias=True)
+        app = namespace.app.model_dump(by_alias=True)
         app["name"] = name
         apps["apps"].append(app)
@@ -40,7 +40,7 @@ def get_selected_app_names(
             name = f"{namespace.app.name}-{child.name}"
             if name not in selected_app_names:
                 selected_app_names.add(f"{namespace.app.name}-{child.name}")
-                child_dict = child.dict(by_alias=True)
+                child_dict = child.model_dump(by_alias=True)
                 child_dict["name"] = name
                 apps["apps"].append(child_dict)

reconcile/unleash_feature_toggles/integration.py CHANGED Viewed

@@ -31,7 +31,7 @@ QONTRACT_INTEGRATION_VERSION = make_semver(1, 0, 0)
 class UnleashTogglesIntegrationParams(PydanticRunParams):
-    instance: str | None
+    instance: str | None = None
 def feature_toggle_equal(c: FeatureToggle, d: FeatureToggleUnleashV1) -> bool:
@@ -68,7 +68,9 @@ class UnleashTogglesIntegration(
         if not query_func:
             query_func = gql.get_api().query
         return {
-            "toggles": [ft.dict() for ft in self.get_unleash_instances(query_func)],
+            "toggles": [
+                ft.model_dump() for ft in self.get_unleash_instances(query_func)
+            ],
         }
     def get_unleash_instances(

reconcile/utils/acs/base.py CHANGED Viewed

@@ -6,7 +6,7 @@ from typing import (
 )
 import requests
-from pydantic import BaseModel
+from pydantic import BaseModel, ConfigDict
 from reconcile.gql_definitions.acs.acs_instances import AcsInstanceV1
 from reconcile.gql_definitions.acs.acs_instances import query as acs_instances_query
@@ -19,8 +19,11 @@ class AcsBaseApi(BaseModel):
     timeout: int = 30
     session: requests.Session = requests.Session()
-    class Config:
-        arbitrary_types_allowed = True
+    model_config = ConfigDict(
+        validate_by_name=True,
+        validate_by_alias=True,
+        arbitrary_types_allowed=True,
+    )
     def __enter__(self) -> Self:
         return self

reconcile/utils/acs/policies.py CHANGED Viewed

@@ -11,7 +11,7 @@ class Scope(BaseModel):
     """
     cluster: str
-    namespace: str | None
+    namespace: str | None = None
 class PolicyCondition(BaseModel):
@@ -23,7 +23,7 @@ class PolicyCondition(BaseModel):
     """
     field_name: str
-    negate: bool | None
+    negate: bool | None = None
     values: list[str]

qontract-reconcile 0.10.2.dev361__py3-none-any.whl → 0.10.2.dev474__py3-none-any.whl

qontract-reconcile 0.10.2.dev361py3-none-any.whl → 0.10.2.dev474py3-none-any.whl