qontract-reconcile 0.10.2.dev394__py3-none-any.whl → 0.10.2.dev427__py3-none-any.whl

reconcile/utils/ocm/base.py

@@ -141,16 +141,16 @@ class OCMClusterAWSOperatorRole(BaseModel):
 
 
 class OCMAWSSTS(OCMClusterFlag):
-    role_arn: str | None
-    support_role_arn: str | None
-    oidc_endpoint_url: str | None
-    operator_iam_roles: list[OCMClusterAWSOperatorRole] | None
-    instance_iam_roles: dict[str, str] | None
-    operator_role_prefix: str | None
+    role_arn: str | None = None
+    support_role_arn: str | None = None
+    oidc_endpoint_url: str | None = None
+    operator_iam_roles: list[OCMClusterAWSOperatorRole] | None = None
+    instance_iam_roles: dict[str, str] | None = None
+    operator_role_prefix: str | None = None
 
 
 class OCMClusterAWSSettings(BaseModel):
-    sts: OCMAWSSTS | None
+    sts: OCMAWSSTS | None = None
 
     @property
     def sts_enabled(self) -> bool:
@@ -264,21 +264,21 @@ class OCMCluster(BaseModel):
     product: OCMModelLink
     identity_providers: OCMCollectionLink
 
-    aws: OCMClusterAWSSettings | None
+    aws: OCMClusterAWSSettings | None = None
 
     version: OCMClusterVersion
 
     hypershift: OCMClusterFlag
 
-    console: OCMClusterConsole | None
+    console: OCMClusterConsole | None = None
 
-    api: OCMClusterAPI | None
+    api: OCMClusterAPI | None = None
 
-    dns: OCMClusterDns | None
+    dns: OCMClusterDns | None = None
 
-    external_configuration: OCMExternalConfiguration | None
+    external_configuration: OCMExternalConfiguration | None = None
 
-    external_auth_config: OCMExternalAuthConfig | None
+    external_auth_config: OCMExternalAuthConfig | None = None
 
     def minor_version(self) -> str:
         version_info = parse_semver(self.version.raw_id)
@@ -570,15 +570,12 @@ class OCMOIdentityProviderGithub(OCMOIdentityProvider):
     )
 
 
-class OCMOIdentityProviderOidcOpenIdClaims(BaseModel):
+class OCMOIdentityProviderOidcOpenIdClaims(BaseModel, frozen=True):
     email: list[str]
     name: list[str] = []
     preferred_username: list[str]
     groups: list[str] = []
 
-    class Config:
-        frozen = True
-
 
 class OCMOIdentityProviderOidcOpenId(BaseModel):
     client_id: str
@@ -618,11 +615,11 @@ class OCMAddonUpgradePolicy(BaseModel):
     id: str
     addon_id: str
     cluster_id: str
-    next_run: str | None
-    schedule: str | None
+    next_run: str | None = None
+    schedule: str | None = None
     schedule_type: str
     version: str
-    state: str | None
+    state: str | None = None
 
 
 def build_label_container(

reconcile/utils/ocm/cluster_groups.py

@@ -17,7 +17,7 @@ def add_user_to_cluster_group(
     """
     ocm_api.post(
         build_cluster_group_users_url(cluster_id, group),
-        OCMClusterUser(id=user_name).dict(by_alias=True),
+        OCMClusterUser(id=user_name).model_dump(by_alias=True),
     )
 
 

reconcile/utils/ocm/identity_providers.py

@@ -42,7 +42,7 @@ def add_identity_provider(
         )
     ocm_api.post(
         api_path=ocm_cluster.identity_providers.href,
-        data=idp.dict(by_alias=True, exclude_none=True),
+        data=idp.model_dump(by_alias=True, exclude_none=True),
     )
 
 
@@ -55,7 +55,7 @@ def update_identity_provider(
         raise ValueError(f"IDP {idp.name} does not have a href!")
     ocm_api.patch(
         api_path=idp.href,
-        data=idp.dict(by_alias=True, exclude_none=True, exclude={"name"}),
+        data=idp.model_dump(by_alias=True, exclude_none=True, exclude={"name"}),
     )
 
 

reconcile/utils/ocm/labels.py

@@ -159,7 +159,7 @@ def build_container_for_prefix(
 
     return LabelContainer(
         labels={
-            strip_prefix_if_needed(label.key): label.copy(
+            strip_prefix_if_needed(label.key): label.model_copy(
                 update={"key": strip_prefix_if_needed(label.key)}
             )
             for label in container.labels.values()

reconcile/utils/ocm/products.py

@@ -178,11 +178,11 @@ class OCMProductOsd(OCMProduct):
             ],
             provision_shard_id=provision_shard_id,
             hypershift=cluster["hypershift"]["enabled"],
-            fips=cluster.get("fips"),
+            fips=cluster.get("fips") or False,
         )
 
         if not cluster["ccs"]["enabled"]:
-            cluster_spec_data = spec.dict()
+            cluster_spec_data = spec.model_dump()
             cluster_spec_data["storage"] = (
                 cluster["storage_quota"]["value"] // BYTES_IN_GIGABYTE
             )
@@ -229,7 +229,7 @@ class OCMProductOsd(OCMProduct):
             "compute_machine_type": {"id": default_machine_pool.instance_type},
         }
         if default_machine_pool.autoscale is not None:
-            spec["autoscale_compute"] = default_machine_pool.autoscale.dict()
+            spec["autoscale_compute"] = default_machine_pool.autoscale.model_dump()
         else:
             spec["compute"] = default_machine_pool.replicas
         return spec
@@ -259,7 +259,7 @@ class OCMProductOsd(OCMProduct):
                 if (duwm := cluster.spec.disable_user_workload_monitoring) is not None
                 else True
             ),
-            "fips": bool(cluster.spec.fips),
+            "fips": cluster.spec.fips,
         }
 
         # Workaround to enable type checks.
@@ -429,7 +429,7 @@ class OCMProductRosa(OCMProduct):
             subnet_ids=cluster["aws"].get("subnet_ids"),
             availability_zones=cluster["nodes"].get("availability_zones"),
             oidc_endpoint_url=oidc_endpoint_url,
-            fips=cluster.get("fips"),
+            fips=cluster.get("fips") or False,
         )
 
         machine_pools = [
@@ -474,7 +474,7 @@ class OCMProductRosa(OCMProduct):
             "compute_machine_type": {"id": default_machine_pool.instance_type},
         }
         if default_machine_pool.autoscale is not None:
-            spec["autoscale_compute"] = default_machine_pool.autoscale.dict()
+            spec["autoscale_compute"] = default_machine_pool.autoscale.model_dump()
         else:
             spec["compute"] = default_machine_pool.replicas
         return spec
@@ -517,7 +517,7 @@ class OCMProductRosa(OCMProduct):
                 if (duwm := cluster.spec.disable_user_workload_monitoring) is not None
                 else True
             ),
-            "fips": bool(cluster.spec.fips),
+            "fips": cluster.spec.fips,
         }
 
         provision_shard_id = cluster.spec.provision_shard_id
@@ -706,7 +706,7 @@ class OCMProductHypershift(OCMProduct):
             availability_zones=cluster["nodes"].get("availability_zones"),
             hypershift=cluster["hypershift"]["enabled"],
             oidc_endpoint_url=oidc_endpoint_url,
-            fips=cluster.get("fips"),
+            fips=cluster.get("fips") or False,
         )
 
         network = OCMClusterNetwork(

reconcile/utils/ocm/service_log.py

@@ -55,6 +55,6 @@ def create_service_log(
     return OCMClusterServiceLog(
         **ocm_api.post(
             api_path=CLUSTER_SERVICE_LOGS_CREATE_ENDPOINT,
-            data=service_log.dict(by_alias=True),
+            data=service_log.model_dump(by_alias=True),
         )
     )

reconcile/utils/ocm/sre_capability_labels.py

@@ -1,7 +1,7 @@
 from typing import Any
 
-from pydantic import Field
-from pydantic.fields import ModelField
+from pydantic import WithJsonSchema
+from pydantic.fields import FieldInfo
 
 from reconcile.utils.ocm.base import (
     LabelContainer,
@@ -22,11 +22,11 @@ def sre_capability_label_key(
     return f"sre-capabilities.{sre_capability}.{config_atom}"
 
 
-def labelset_groupfield(group_prefix: str) -> Any:
+def labelset_groupfield(group_prefix: str) -> WithJsonSchema:
     """
     Helper function to build the FieldMeta for a labelset field that groups labels.
     """
-    return Field(group_by_prefix=group_prefix)
+    return WithJsonSchema({"group_by_prefix": group_prefix})
 
 
 def build_labelset(
@@ -36,16 +36,23 @@ def build_labelset(
     Instantiates a dataclass from a set of labels.
     """
     raw_data = {
-        field.alias: _labelset_field_value(labels, field)
-        for field in dataclass.__fields__.values()
+        field.alias or name: _labelset_field_value(labels, name, field)
+        for name, field in dataclass.model_fields.items()
     }
     return dataclass(**raw_data)
 
 
-def _labelset_field_value(labels: LabelContainer, field: ModelField) -> Any | None:
-    key_prefix = field.field_info.extra.get("group_by_prefix")
-    if key_prefix:
-        return build_container_for_prefix(
-            labels, key_prefix, strip_key_prefix=True
-        ).get_values_dict()
-    return labels.get_label_value(field.alias)
+def _labelset_field_value(
+    labels: LabelContainer, name: str, field: FieldInfo
+) -> Any | None:
+    schema = next((m for m in field.metadata if isinstance(m, WithJsonSchema)), None)
+    if (
+        schema is None
+        or not schema.json_schema
+        or "group_by_prefix" not in schema.json_schema
+    ):
+        return labels.get_label_value(field.alias or name)
+
+    return build_container_for_prefix(
+        labels, schema.json_schema["group_by_prefix"], strip_key_prefix=True
+    ).get_values_dict()

reconcile/utils/openshift_resource.py

@@ -5,6 +5,7 @@ import base64
 import contextlib
 import copy
 import hashlib
+import logging
 import re
 from threading import Lock
 from typing import TYPE_CHECKING, Any
@@ -601,6 +602,10 @@ class ResourceInventory:
         resource: OpenshiftResource,
         privileged: bool = False,
     ) -> None:
+        if cluster not in self._clusters:
+            logging.error(f"Cluster {cluster} not initialized in ResourceInventory")
+            return
+
         if resource.kind_and_group in self._clusters[cluster][namespace]:
             kind = resource.kind_and_group
         else:

reconcile/utils/pagerduty_api.py

@@ -52,10 +52,13 @@ class PagerDutyTarget(Protocol):
     which must be implemented by a class to be compatible."""
 
     name: str
-    instance: PagerDutyInstance
     escalation_policy_id: str | None
     schedule_id: str | None
 
+    @property
+    def instance(self) -> PagerDutyInstance:
+        pass
+
 
 class PagerDutyConfig(BaseModel):
     """PagerDuty Config."""
@@ -189,7 +192,7 @@ def get_pagerduty_name(user: PagerDutyUser) -> str:
     return user.pagerduty_username or user.org_username
 
 
-@retry(no_retry_exceptions=PagerDutyTargetError)
+@retry(no_retry_exceptions=(PagerDutyTargetError,))
 def get_usernames_from_pagerduty(
     pagerduties: Iterable[PagerDutyTarget],
     users: Iterable[PagerDutyUser],

reconcile/utils/promotion_state.py

@@ -3,13 +3,12 @@ from collections import defaultdict
 
 from pydantic import (
     BaseModel,
-    Extra,
 )
 
 from reconcile.utils.state import State
 
 
-class PromotionData(BaseModel):
+class PromotionData(BaseModel, extra="forbid"):
     """
     A class that strictly corresponds to the json stored in S3.
 
@@ -20,17 +19,13 @@ class PromotionData(BaseModel):
 
     # The success is primarily used for SAPM auto-promotions
     success: bool
-    target_config_hash: str | None
-    saas_file: str | None
-    check_in: str | None
+    target_config_hash: str | None = None
+    saas_file: str | None = None
+    check_in: str | None = None
     # Whether this promotion has ever succeeded
     # Note, this shouldnt be overridden on subsequent promotions of same ref
     # This attribute is primarily used by saasherder validations
-    has_succeeded_once: bool | None
-
-    class Config:
-        smart_union = True
-        extra = Extra.forbid
+    has_succeeded_once: bool | None = None
 
 
 class PromotionState:
@@ -107,5 +102,5 @@ class PromotionState:
         self, sha: str, channel: str, target_uid: str, data: PromotionData
     ) -> None:
         state_key_v2 = f"promotions_v2/{channel}/{target_uid}/{sha}"
-        self._state.add(state_key_v2, data.dict(), force=True)
+        self._state.add(state_key_v2, data.model_dump(), force=True)
         logging.info("Uploaded %s to %s", data, state_key_v2)

reconcile/utils/raw_github_api.py

@@ -76,7 +76,7 @@ class RawGithubApi:
             if login is not None
         ]
 
-    def team_invitations(self, org_id: str, team_id: str) -> list[str]:
+    def team_invitations(self, org_id: str | int, team_id: str | int) -> list[str]:
         invitations = self.query(f"/organizations/{org_id}/team/{team_id}/invitations")
 
         return [

reconcile/utils/rhcsv2_certs.py

@@ -9,15 +9,12 @@ from cryptography.x509.oid import NameOID
 from pydantic import BaseModel, Field
 
 
-class RhcsV2Cert(BaseModel):
+class RhcsV2Cert(BaseModel, validate_by_name=True, validate_by_alias=True):
     certificate: str = Field(alias="tls.crt")
     private_key: str = Field(alias="tls.key")
     ca_cert: str = Field(alias="ca.crt")
     expiration_timestamp: int
 
-    class Config:
-        allow_population_by_field_name = True
-
 
 def extract_cert(text: str) -> re.Match:
     # The CA webform returns an HTML page with inline JS that builds an array of “outputList”

reconcile/utils/rosa/session.py

@@ -178,6 +178,22 @@ class RosaSession:
             )
             result.write_logs_to_logger(logging.info)
 
+    def upgrade_rosa_roles(
+        self,
+        cluster_name: str,
+        upgrade_version: str,
+        policy_version: str,
+        dry_run: bool,
+    ) -> None:
+        logging.info(
+            f"Upgrade  roles in AWS account {self.aws_account_id} to {upgrade_version}"
+        )
+        if not dry_run:
+            result = self.cli_execute(
+                f"rosa upgrade roles  -c {cluster_name} --cluster-version {upgrade_version}  --policy-version {policy_version} -y -m=auto"
+            )
+            result.write_logs_to_logger(logging.info)
+
 
 def generate_rosa_creation_script(
     cluster_name: str, cluster: OCMSpec, dry_run: bool

reconcile/utils/runtime/integration.py

@@ -119,7 +119,7 @@ class PydanticRunParams(RunParams, BaseModel):
     def copy_and_update(
         self: PydanticRunParamsSelfTypeVar, update: dict[str, Any]
     ) -> PydanticRunParamsSelfTypeVar:
-        return self.copy(update=update)
+        return self.model_copy(update=update)
 
     def get(self, field: str) -> Any:
         return getattr(self, field)

reconcile/utils/saasherder/interfaces.py

@@ -1,7 +1,7 @@
 # ruff: noqa: N801
 from __future__ import annotations
 
-from collections.abc import Mapping, Sequence, Set
+from collections.abc import Sequence
 from typing import (
     TYPE_CHECKING,
     Any,
@@ -12,6 +12,8 @@ from typing import (
 from reconcile.utils import oc_connection_parameters
 
 if TYPE_CHECKING:
+    from pydantic.main import IncEx
+
     from reconcile.gql_definitions.fragments.saas_slo_document import SLODocument
     from reconcile.utils.secret_reader import HasSecret
 
@@ -27,18 +29,12 @@ class SaasFileSecretParameters(Protocol):
     @property
     def secret(self) -> HasSecret: ...
 
-    def dict(
-        self,
-        *,
-        by_alias: bool = False,
-        include: AbstractSetIntStr | MappingIntStrAny | None = None,
+    def model_dump(
+        self, *, by_alias: bool = False, include: IncEx | None = None
     ) -> dict[str, Any]: ...
 
 
 SaasSecretParameters = Sequence[SaasFileSecretParameters] | None
-# Taken from pydantic.typing
-AbstractSetIntStr = Set[int | str]
-MappingIntStrAny = Mapping[int | str, Any]
 
 
 @runtime_checkable
@@ -212,11 +208,8 @@ class SaasResourceTemplateTargetNamespace(Protocol):
     @property
     def cluster(self) -> oc_connection_parameters.Cluster: ...
 
-    def dict(
-        self,
-        *,
-        by_alias: bool = False,
-        include: AbstractSetIntStr | MappingIntStrAny | None = None,
+    def model_dump(
+        self, *, by_alias: bool = False, include: IncEx | None = None
     ) -> dict[str, Any]: ...
 
 
@@ -249,7 +242,7 @@ class SaasResourceTemplateTargetPromotion(Protocol):
     @property
     def promotion_data(self) -> Sequence[SaasPromotionData] | None: ...
 
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 
 
 class Channel(Protocol):
@@ -274,7 +267,7 @@ class SaasPromotion(Protocol):
     @property
     def subscribe(self) -> list[Channel] | None: ...
 
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 
 
 class SaasResourceTemplateTarget_SaasSecretParameters(Protocol):
@@ -295,7 +288,7 @@ class SaasResourceTemplateTargetUpstream(Protocol):
     @property
     def instance(self) -> SaasJenkinsInstance: ...
 
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 
 
 class SaasQuayInstance(Protocol):
@@ -315,7 +308,7 @@ class SaasResourceTemplateTargetImage(Protocol):
     @property
     def org(self) -> SaasQuayOrg: ...
 
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 
 
 class SaasResourceTemplateTarget(HasParameters, HasSecretParameters, Protocol):
@@ -344,7 +337,7 @@ class SaasResourceTemplateTarget(HasParameters, HasSecretParameters, Protocol):
         self, parent_saas_file_name: str, parent_resource_template_name: str
     ) -> str: ...
 
-    def dict(self, *, by_alias: bool = False) -> dict[str, Any]: ...
+    def model_dump(self, *, by_alias: bool = False) -> dict[str, Any]: ...
 
 
 class SaasResourceTemplate(HasParameters, HasSecretParameters, Protocol):
@@ -381,7 +374,7 @@ class ManagedResourceName(Protocol):
     resource: str
     resource_names: list[str]
 
-    def dict(self) -> dict[str, str]: ...
+    def model_dump(self) -> dict[str, str]: ...
 
 
 class SaasFile(HasParameters, HasSecretParameters, Protocol):

reconcile/utils/saasherder/models.py

@@ -7,10 +7,7 @@ from enum import Enum
 from typing import Any, NotRequired, TypedDict
 
 from github import Github
-from pydantic import (
-    BaseModel,
-    Field,
-)
+from pydantic import BaseModel, Field, model_validator
 
 from reconcile.gql_definitions.fragments.saas_slo_document import (
     SLODocument,
@@ -207,7 +204,12 @@ TriggerSpecUnion = (
 )
 
 
-class Namespace(BaseModel):
+class Namespace(
+    BaseModel,
+    validate_by_name=True,
+    validate_by_alias=True,
+    arbitrary_types_allowed=True,
+):
     name: str
     environment: SaasEnvironment
     app: SaasApp
@@ -217,29 +219,19 @@ class Namespace(BaseModel):
         ..., alias="managedResourceNames"
     )
 
-    class Config:
-        arbitrary_types_allowed = True
-        allow_population_by_field_name = True
-
 
-class PromotionChannelData(BaseModel):
+class PromotionChannelData(BaseModel, validate_by_name=True, validate_by_alias=True):
     q_type: str = Field(..., alias="type")
 
-    class Config:
-        allow_population_by_field_name = True
 
-
-class ParentSaasPromotion(BaseModel):
+class ParentSaasPromotion(BaseModel, validate_by_name=True, validate_by_alias=True):
     q_type: str = Field(..., alias="type")
-    parent_saas: str | None
-    target_config_hash: str | None
-
-    class Config:
-        allow_population_by_field_name = True
+    parent_saas: str | None = None
+    target_config_hash: str | None = None
 
 
 class PromotionData(BaseModel):
-    channel: str | None
+    channel: str | None = None
     data: list[ParentSaasPromotion | PromotionChannelData] | None = None
 
 
@@ -264,6 +256,17 @@ class Promotion(BaseModel):
     saas_file_paths: list[str] | None = None
     target_paths: list[str] | None = None
 
+    @model_validator(mode="before")
+    @classmethod
+    def handle_gql_classes(cls, data: Any) -> Any:
+        if data.get("promotion_data"):
+            data["promotion_data"] = [
+                # convert a GQL class to a dict
+                item.model_dump() if hasattr(item, "model_dump") else item
+                for item in data["promotion_data"]
+            ]
+        return data
+
 
 @dataclass
 class ImageAuth: