qontract-reconcile 0.10.2.dev86__py3-none-any.whl → 0.10.2.dev88__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/METADATA +1 -1
- {qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/RECORD +10 -10
- reconcile/external_resources/manager.py +48 -20
- reconcile/external_resources/model.py +17 -12
- reconcile/gql_definitions/external_resources/external_resources_namespaces.py +3 -1
- reconcile/gql_definitions/introspection.json +12 -0
- reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py +3 -1
- reconcile/utils/terrascript_aws_client.py +4 -0
- {qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/WHEEL +0 -0
- {qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/entry_points.txt +0 -0
{qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/METADATA
RENAMED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.4
|
|
2
2
|
Name: qontract-reconcile
|
|
3
|
-
Version: 0.10.2.
|
|
3
|
+
Version: 0.10.2.dev88
|
|
4
4
|
Summary: Collection of tools to reconcile services with their desired state as defined in the app-interface DB.
|
|
5
5
|
Project-URL: homepage, https://github.com/app-sre/qontract-reconcile
|
|
6
6
|
Project-URL: repository, https://github.com/app-sre/qontract-reconcile
|
{qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/RECORD
RENAMED
|
@@ -199,10 +199,10 @@ reconcile/external_resources/aws.py,sha256=wzN3GHxyqVa4Lqqg5HdogqNW2RM532t0ZiKaQ
|
|
|
199
199
|
reconcile/external_resources/factories.py,sha256=C0QHT0soEv6z99-ELAAE19S5MaMHhV0t1fSiQn0Coc4,5970
|
|
200
200
|
reconcile/external_resources/integration.py,sha256=JF38M7R0Z4ADUTx57TZqSZH9k_xpPlbAxQAcGyIISuM,6925
|
|
201
201
|
reconcile/external_resources/integration_secrets_sync.py,sha256=dX09O3r6KURziUYYfiki10orNjOGVma-XojhVqd0ww4,1667
|
|
202
|
-
reconcile/external_resources/manager.py,sha256=
|
|
202
|
+
reconcile/external_resources/manager.py,sha256=mvFfcXPzvNqDWDgKTK8eiSe6C_FUvBtben3bSqrqSoc,18246
|
|
203
203
|
reconcile/external_resources/meta.py,sha256=noaytFzmShpzLA_ebGh7wuP45mOfHIOnnoUxivjDa1I,672
|
|
204
204
|
reconcile/external_resources/metrics.py,sha256=KiBjMUaN_z0cSkF_7Ar_a8RiuiwVqjyMcVdISlxhzXE,3898
|
|
205
|
-
reconcile/external_resources/model.py,sha256=
|
|
205
|
+
reconcile/external_resources/model.py,sha256=HrSkmAjOqw0aT3CsZKXKMLyocM__8XO5qHb-dXcoagw,13747
|
|
206
206
|
reconcile/external_resources/reconciler.py,sha256=-0trp1K-iUgOQn3mm1ZUSmfaReRrUT0eHzPkUhNPolQ,9583
|
|
207
207
|
reconcile/external_resources/secrets_sync.py,sha256=ZDxzGZ6wC4zxLhA7-L39xDRH6rzUM285gytuzmRQdlw,16208
|
|
208
208
|
reconcile/external_resources/state.py,sha256=gF3ACdl7YiUlbQ4uEGrD6i_Txxqr6mT9f8IFlTQ-8dY,13176
|
|
@@ -224,7 +224,7 @@ reconcile/glitchtip_project_alerts/integration.py,sha256=BgMx-NyV9mTuv7Sotb2OioC
|
|
|
224
224
|
reconcile/glitchtip_project_dsn/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
225
225
|
reconcile/glitchtip_project_dsn/integration.py,sha256=2iugub-kHYkHNK33n0v9_TeWonuxCPah_VkoTPvaajE,8077
|
|
226
226
|
reconcile/gql_definitions/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
227
|
-
reconcile/gql_definitions/introspection.json,sha256=
|
|
227
|
+
reconcile/gql_definitions/introspection.json,sha256=fhnOfg-0gFKOL6yrnI5JJE0w9khgA8ivmEzH_gmDajw,2238549
|
|
228
228
|
reconcile/gql_definitions/acs/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
229
229
|
reconcile/gql_definitions/acs/acs_instances.py,sha256=L91WW9LbhJbBSrECqShQpFtjoBOsmNIYLRpMbx1io5o,2181
|
|
230
230
|
reconcile/gql_definitions/acs/acs_policies.py,sha256=bN5i4mks10Z23KJSj7jqp966Osq2dps4d-sPH9gjxEA,7008
|
|
@@ -309,7 +309,7 @@ reconcile/gql_definitions/endpoints_discovery/apps.py,sha256=aBWRAwDUJQ32ghJS4cP
|
|
|
309
309
|
reconcile/gql_definitions/external_resources/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
310
310
|
reconcile/gql_definitions/external_resources/aws_accounts.py,sha256=XR69j9dpTQ0gv8y-AZN7AJ0dPvO-wbHscyCDgrax6Bk,2046
|
|
311
311
|
reconcile/gql_definitions/external_resources/external_resources_modules.py,sha256=JViHtDWEBwjStBUo_bUdm_sxdpjCHcoATeFvwFRLQpU,3009
|
|
312
|
-
reconcile/gql_definitions/external_resources/external_resources_namespaces.py,sha256
|
|
312
|
+
reconcile/gql_definitions/external_resources/external_resources_namespaces.py,sha256=GLkKeODZ4_wJ2WxuYXitfq3TTcISv5XF9w5JOKSzNjg,43187
|
|
313
313
|
reconcile/gql_definitions/external_resources/external_resources_settings.py,sha256=WBkJqnoyYCe1Vimwbp_Pa0RdyTdmWNf6oEWyA749QzA,3589
|
|
314
314
|
reconcile/gql_definitions/external_resources/fragments/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
315
315
|
reconcile/gql_definitions/external_resources/fragments/external_resources_module_overrides.py,sha256=T_qWCRtzU8F9frebBXG9TkeQdrKGt3R9YinSngPoFqM,1262
|
|
@@ -421,7 +421,7 @@ reconcile/gql_definitions/terraform_repo/__init__.py,sha256=47DEQpj8HBSa-_TImW-5
|
|
|
421
421
|
reconcile/gql_definitions/terraform_repo/terraform_repo.py,sha256=9cDKdP9ziBh9J_mw2Gi6GUOP4mFxMABY_D62qSeMtJI,3881
|
|
422
422
|
reconcile/gql_definitions/terraform_resources/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
423
423
|
reconcile/gql_definitions/terraform_resources/database_access_manager.py,sha256=yv0_YC-LmhaKD_gyGG3le1w5BtypBjlsO894-Zgdg4U,4813
|
|
424
|
-
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py,sha256=
|
|
424
|
+
reconcile/gql_definitions/terraform_resources/terraform_resources_namespaces.py,sha256=ERCdAEulqNfKtXHDYlEnrDAIaovkwcs0kAj-MTv6bH8,42913
|
|
425
425
|
reconcile/gql_definitions/terraform_tgw_attachments/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
426
426
|
reconcile/gql_definitions/terraform_tgw_attachments/aws_accounts.py,sha256=FPyPEikpkZ_kvHfXqnkzSUDNmxMMTiUwhI-eLQtuIHM,2616
|
|
427
427
|
reconcile/gql_definitions/unleash_feature_toggles/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -646,7 +646,7 @@ reconcile/utils/state.py,sha256=az4tBmZ0EdbFcAGiBVUxs3cr2-BVWsuDQiNTvjjQq8s,1637
|
|
|
646
646
|
reconcile/utils/structs.py,sha256=LcbLEg8WxfRqM6nW7NhcWN0YeqF7SQzxOgntmLs1SgY,352
|
|
647
647
|
reconcile/utils/template.py,sha256=wTvRU4AnAV_o042tD4Mwls2dwWMuk7MKnde3MaCjaYg,331
|
|
648
648
|
reconcile/utils/terraform_client.py,sha256=H8frsS370y8xfivKLNBD1dwlBLHvfuR6JSN_syBL5Qc,36033
|
|
649
|
-
reconcile/utils/terrascript_aws_client.py,sha256
|
|
649
|
+
reconcile/utils/terrascript_aws_client.py,sha256=Xn5STCd0Ge8oSa-ugl3e0A5VYpGziTAdIuPscRaOJxs,286415
|
|
650
650
|
reconcile/utils/three_way_diff_strategy.py,sha256=oQcHXd9LVhirJfoaOBoHUYuZVGfyL2voKr6KVI34zZE,4833
|
|
651
651
|
reconcile/utils/throughput.py,sha256=iP4UWAe2LVhDo69mPPmgo9nQ7RxHD6_GS8MZe-aSiuM,344
|
|
652
652
|
reconcile/utils/vault.py,sha256=aSA8l9cJlPUHpChFGl27nSY-Mpq9FMjBo7Dcgb1BVfM,15036
|
|
@@ -786,7 +786,7 @@ tools/saas_promotion_state/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJ
|
|
|
786
786
|
tools/saas_promotion_state/saas_promotion_state.py,sha256=UfwwRLS5Ya4_Nh1w5n1dvoYtchQvYE9yj1VANt2IKqI,3925
|
|
787
787
|
tools/sre_checkpoints/__init__.py,sha256=CDaDaywJnmRCLyl_NCcvxi-Zc0hTi_3OdwKiFOyS39I,145
|
|
788
788
|
tools/sre_checkpoints/util.py,sha256=zEDbGr18ZeHNQwW8pUsr2JRjuXIPz--WAGJxZo9sv_Y,894
|
|
789
|
-
qontract_reconcile-0.10.2.
|
|
790
|
-
qontract_reconcile-0.10.2.
|
|
791
|
-
qontract_reconcile-0.10.2.
|
|
792
|
-
qontract_reconcile-0.10.2.
|
|
789
|
+
qontract_reconcile-0.10.2.dev88.dist-info/METADATA,sha256=4n5vQregAp6JSzC4Vf3G7tXclpo0M-GHu_k5hbidAcY,24565
|
|
790
|
+
qontract_reconcile-0.10.2.dev88.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
791
|
+
qontract_reconcile-0.10.2.dev88.dist-info/entry_points.txt,sha256=5i9l54La3vQrDLAdwDKQWC0iG4sV9RRfOb1BpvzOWLc,698
|
|
792
|
+
qontract_reconcile-0.10.2.dev88.dist-info/RECORD,,
|
|
@@ -133,6 +133,40 @@ class ExternalResourcesManager:
|
|
|
133
133
|
self.thread_pool_size = thread_pool_size
|
|
134
134
|
self.dry_runs_validator = dry_runs_validator
|
|
135
135
|
|
|
136
|
+
def _resource_spec_changed(
|
|
137
|
+
self, reconciliation: Reconciliation, state: ExternalResourceState
|
|
138
|
+
) -> bool:
|
|
139
|
+
return reconciliation.resource_hash != state.reconciliation.resource_hash
|
|
140
|
+
|
|
141
|
+
def _resource_drift_detection_ttl_expired(
|
|
142
|
+
self, reconciliation: Reconciliation, state: ExternalResourceState
|
|
143
|
+
) -> bool:
|
|
144
|
+
return (datetime.now(state.ts.tzinfo) - state.ts).total_seconds() > (
|
|
145
|
+
reconciliation.module_configuration.reconcile_drift_interval_minutes * 60
|
|
146
|
+
)
|
|
147
|
+
|
|
148
|
+
def _reconciliation_module_config_overridden(
|
|
149
|
+
self, reconciliation: Reconciliation, state: ExternalResourceState
|
|
150
|
+
) -> bool:
|
|
151
|
+
return reconciliation.module_configuration.overridden and (
|
|
152
|
+
reconciliation.module_configuration.image_version
|
|
153
|
+
!= state.reconciliation.module_configuration.image_version
|
|
154
|
+
)
|
|
155
|
+
|
|
156
|
+
def _reconciliation_needs_dry_run_run(
|
|
157
|
+
self, reconciliation: Reconciliation, state: ExternalResourceState
|
|
158
|
+
) -> bool:
|
|
159
|
+
return (
|
|
160
|
+
reconciliation.action == Action.APPLY
|
|
161
|
+
and (
|
|
162
|
+
self._resource_spec_changed(reconciliation, state)
|
|
163
|
+
or self._reconciliation_module_config_overridden(reconciliation, state)
|
|
164
|
+
)
|
|
165
|
+
) or (
|
|
166
|
+
reconciliation.action == Action.DESTROY
|
|
167
|
+
and not state.resource_status.is_in_progress
|
|
168
|
+
)
|
|
169
|
+
|
|
136
170
|
def _get_reconcile_action(
|
|
137
171
|
self, reconciliation: Reconciliation, state: ExternalResourceState
|
|
138
172
|
) -> ReconcileAction:
|
|
@@ -145,17 +179,16 @@ class ExternalResourcesManager:
|
|
|
145
179
|
case ResourceStatus.ERROR:
|
|
146
180
|
return ReconcileAction.APPLY_ERROR
|
|
147
181
|
case ResourceStatus.CREATED | ResourceStatus.PENDING_SECRET_SYNC:
|
|
148
|
-
if (
|
|
149
|
-
reconciliation.resource_hash
|
|
150
|
-
!= state.reconciliation.resource_hash
|
|
151
|
-
):
|
|
182
|
+
if self._resource_spec_changed(reconciliation, state):
|
|
152
183
|
return ReconcileAction.APPLY_SPEC_CHANGED
|
|
153
|
-
elif (
|
|
154
|
-
|
|
155
|
-
> reconciliation.module_configuration.reconcile_drift_interval_minutes
|
|
156
|
-
* 60
|
|
184
|
+
elif self._resource_drift_detection_ttl_expired(
|
|
185
|
+
reconciliation, state
|
|
157
186
|
):
|
|
158
187
|
return ReconcileAction.APPLY_DRIFT_DETECTION
|
|
188
|
+
elif self._reconciliation_module_config_overridden(
|
|
189
|
+
reconciliation, state
|
|
190
|
+
):
|
|
191
|
+
return ReconcileAction.APPLY_MODULE_CONFIG_OVERRIDDEN
|
|
159
192
|
elif reconciliation.action == Action.DESTROY:
|
|
160
193
|
match state.resource_status:
|
|
161
194
|
case ResourceStatus.CREATED:
|
|
@@ -411,18 +444,13 @@ class ExternalResourcesManager:
|
|
|
411
444
|
self.dry_runs_validator.validate()
|
|
412
445
|
desired_r = self._get_desired_objects_reconciliations()
|
|
413
446
|
deleted_r = self._get_deleted_objects_reconciliations()
|
|
414
|
-
|
|
415
|
-
|
|
416
|
-
|
|
417
|
-
|
|
418
|
-
|
|
419
|
-
|
|
420
|
-
|
|
421
|
-
and state.reconciliation.resource_hash != r.resource_hash
|
|
422
|
-
) or (
|
|
423
|
-
r.action == Action.DESTROY and not state.resource_status.is_in_progress
|
|
424
|
-
):
|
|
425
|
-
triggered.add(r)
|
|
447
|
+
triggered = {
|
|
448
|
+
r
|
|
449
|
+
for r in desired_r.union(deleted_r)
|
|
450
|
+
if self._reconciliation_needs_dry_run_run(
|
|
451
|
+
r, self.state_mgr.get_external_resource_state(key=r.key)
|
|
452
|
+
)
|
|
453
|
+
}
|
|
426
454
|
|
|
427
455
|
threaded.run(
|
|
428
456
|
self.reconciler.reconcile_resource,
|
|
@@ -7,7 +7,7 @@ from collections.abc import ItemsView, Iterable, Iterator, MutableMapping
|
|
|
7
7
|
from enum import StrEnum
|
|
8
8
|
from typing import Any
|
|
9
9
|
|
|
10
|
-
from pydantic import BaseModel
|
|
10
|
+
from pydantic import BaseModel, Field
|
|
11
11
|
|
|
12
12
|
from reconcile.external_resources.meta import (
|
|
13
13
|
FLAG_DELETE_RESOURCE,
|
|
@@ -263,6 +263,7 @@ class ExternalResourceModuleConfiguration(BaseModel, frozen=True):
|
|
|
263
263
|
outputs_secret_image: str = ""
|
|
264
264
|
outputs_secret_version: str = ""
|
|
265
265
|
resources: Resources = Resources()
|
|
266
|
+
overridden: bool = Field(default=False, exclude=True)
|
|
266
267
|
|
|
267
268
|
@property
|
|
268
269
|
def image_version(self) -> str:
|
|
@@ -278,17 +279,19 @@ class ExternalResourceModuleConfiguration(BaseModel, frozen=True):
|
|
|
278
279
|
spec: ExternalResourceSpec,
|
|
279
280
|
settings: ExternalResourcesSettingsV1,
|
|
280
281
|
) -> "ExternalResourceModuleConfiguration":
|
|
281
|
-
module_overrides = spec.metadata.get(
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
282
|
+
module_overrides = spec.metadata.get("module_overrides")
|
|
283
|
+
overridden = module_overrides is not None
|
|
284
|
+
|
|
285
|
+
if module_overrides is None:
|
|
286
|
+
module_overrides = ExternalResourcesModuleOverrides(
|
|
287
|
+
module_type=None,
|
|
288
|
+
image=None,
|
|
289
|
+
version=None,
|
|
290
|
+
reconcile_timeout_minutes=None,
|
|
291
|
+
outputs_secret_image=None,
|
|
292
|
+
outputs_secret_version=None,
|
|
293
|
+
resources=None,
|
|
294
|
+
)
|
|
292
295
|
|
|
293
296
|
return ExternalResourceModuleConfiguration(
|
|
294
297
|
image=module_overrides.image or module.image,
|
|
@@ -307,6 +310,7 @@ class ExternalResourceModuleConfiguration(BaseModel, frozen=True):
|
|
|
307
310
|
or module.resources
|
|
308
311
|
or settings.module_default_resources
|
|
309
312
|
),
|
|
313
|
+
overridden=overridden,
|
|
310
314
|
)
|
|
311
315
|
|
|
312
316
|
|
|
@@ -358,6 +362,7 @@ class ReconcileAction(StrEnum):
|
|
|
358
362
|
APPLY_SPEC_CHANGED = "Resource spec has changed"
|
|
359
363
|
APPLY_DRIFT_DETECTION = "Resource drift detection run"
|
|
360
364
|
APPLY_USER_REQUESTED = "Resource reconciliation requested"
|
|
365
|
+
APPLY_MODULE_CONFIG_OVERRIDDEN = "Module configuration overridden"
|
|
361
366
|
DESTROY_CREATED = "Resource no longer exists in the configuration"
|
|
362
367
|
DESTROY_ERROR = "Resource status in ERROR state"
|
|
363
368
|
|
|
@@ -205,6 +205,7 @@ query ExternalResourcesNamespaces {
|
|
|
205
205
|
output_resource_name
|
|
206
206
|
annotations
|
|
207
207
|
managed_by_erv2
|
|
208
|
+
max_session_duration
|
|
208
209
|
}
|
|
209
210
|
... on NamespaceTerraformResourceSQS_v1 {
|
|
210
211
|
region
|
|
@@ -679,6 +680,7 @@ class NamespaceTerraformResourceRoleV1(NamespaceTerraformResourceAWSV1):
|
|
|
679
680
|
output_resource_name: Optional[str] = Field(..., alias="output_resource_name")
|
|
680
681
|
annotations: Optional[str] = Field(..., alias="annotations")
|
|
681
682
|
managed_by_erv2: Optional[bool] = Field(..., alias="managed_by_erv2")
|
|
683
|
+
max_session_duration: Optional[int] = Field(..., alias="max_session_duration")
|
|
682
684
|
|
|
683
685
|
|
|
684
686
|
class KeyValueV1(ConfiguredBaseModel):
|
|
@@ -1035,7 +1037,7 @@ class NamespaceTerraformResourceMskV1(NamespaceTerraformResourceAWSV1):
|
|
|
1035
1037
|
|
|
1036
1038
|
class NamespaceTerraformProviderResourceAWSV1(NamespaceExternalResourceV1):
|
|
1037
1039
|
provisioner: AWSAccountV1 = Field(..., alias="provisioner")
|
|
1038
|
-
resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceALBV1, NamespaceTerraformResourceS3V1, NamespaceTerraformResourceElastiCacheV1, NamespaceTerraformResourceASGV1, NamespaceTerraformResourceKMSV1, NamespaceTerraformResourceMskV1,
|
|
1040
|
+
resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceALBV1, NamespaceTerraformResourceS3V1, NamespaceTerraformResourceElastiCacheV1, NamespaceTerraformResourceASGV1, NamespaceTerraformResourceRoleV1, NamespaceTerraformResourceKMSV1, NamespaceTerraformResourceMskV1, NamespaceTerraformResourceSNSTopicV1, NamespaceTerraformResourceServiceAccountV1, NamespaceTerraformResourceS3SQSV1, NamespaceTerraformResourceCloudWatchV1, NamespaceTerraformResourceRosaAuthenticatorVPCEV1, NamespaceTerraformResourceS3CloudFrontV1, NamespaceTerraformResourceElasticSearchV1, NamespaceTerraformResourceACMV1, NamespaceTerraformResourceKinesisV1, NamespaceTerraformResourceRoute53ZoneV1, NamespaceTerraformResourceSQSV1, NamespaceTerraformResourceDynamoDBV1, NamespaceTerraformResourceECRV1, NamespaceTerraformResourceS3CloudFrontPublicKeyV1, NamespaceTerraformResourceSecretsManagerV1, NamespaceTerraformResourceSecretsManagerServiceAccountV1, NamespaceTerraformResourceAWSV1]] = Field(..., alias="resources")
|
|
1039
1041
|
|
|
1040
1042
|
|
|
1041
1043
|
class EnvironmentV1(ConfiguredBaseModel):
|
|
@@ -44468,6 +44468,18 @@
|
|
|
44468
44468
|
},
|
|
44469
44469
|
"isDeprecated": false,
|
|
44470
44470
|
"deprecationReason": null
|
|
44471
|
+
},
|
|
44472
|
+
{
|
|
44473
|
+
"name": "max_session_duration",
|
|
44474
|
+
"description": null,
|
|
44475
|
+
"args": [],
|
|
44476
|
+
"type": {
|
|
44477
|
+
"kind": "SCALAR",
|
|
44478
|
+
"name": "Int",
|
|
44479
|
+
"ofType": null
|
|
44480
|
+
},
|
|
44481
|
+
"isDeprecated": false,
|
|
44482
|
+
"deprecationReason": null
|
|
44471
44483
|
}
|
|
44472
44484
|
],
|
|
44473
44485
|
"inputFields": null,
|
|
@@ -177,6 +177,7 @@ query TerraformResourcesNamespaces {
|
|
|
177
177
|
ignore_changes
|
|
178
178
|
}
|
|
179
179
|
managed_by_erv2
|
|
180
|
+
max_session_duration
|
|
180
181
|
}
|
|
181
182
|
... on NamespaceTerraformResourceSQS_v1 {
|
|
182
183
|
region
|
|
@@ -655,6 +656,7 @@ class NamespaceTerraformResourceRoleV1(NamespaceTerraformResourceAWSV1):
|
|
|
655
656
|
annotations: Optional[str] = Field(..., alias="annotations")
|
|
656
657
|
lifecycle: Optional[NamespaceTerraformResourceLifecycleV1] = Field(..., alias="lifecycle")
|
|
657
658
|
managed_by_erv2: Optional[bool] = Field(..., alias="managed_by_erv2")
|
|
659
|
+
max_session_duration: Optional[int] = Field(..., alias="max_session_duration")
|
|
658
660
|
|
|
659
661
|
|
|
660
662
|
class KeyValueV1(ConfiguredBaseModel):
|
|
@@ -1019,7 +1021,7 @@ class NamespaceTerraformResourceMskV1(NamespaceTerraformResourceAWSV1):
|
|
|
1019
1021
|
|
|
1020
1022
|
|
|
1021
1023
|
class NamespaceTerraformProviderResourceAWSV1(NamespaceExternalResourceV1):
|
|
1022
|
-
resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceALBV1,
|
|
1024
|
+
resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceALBV1, NamespaceTerraformResourceRoleV1, NamespaceTerraformResourceS3V1, NamespaceTerraformResourceASGV1, NamespaceTerraformResourceElastiCacheV1, NamespaceTerraformResourceSNSTopicV1, NamespaceTerraformResourceServiceAccountV1, NamespaceTerraformResourceS3SQSV1, NamespaceTerraformResourceCloudWatchV1, NamespaceTerraformResourceRosaAuthenticatorVPCEV1, NamespaceTerraformResourceMskV1, NamespaceTerraformResourceS3CloudFrontV1, NamespaceTerraformResourceKMSV1, NamespaceTerraformResourceElasticSearchV1, NamespaceTerraformResourceACMV1, NamespaceTerraformResourceKinesisV1, NamespaceTerraformResourceRoute53ZoneV1, NamespaceTerraformResourceSQSV1, NamespaceTerraformResourceDynamoDBV1, NamespaceTerraformResourceECRV1, NamespaceTerraformResourceS3CloudFrontPublicKeyV1, NamespaceTerraformResourceSecretsManagerV1, NamespaceTerraformResourceSecretsManagerServiceAccountV1, NamespaceTerraformResourceAWSV1]] = Field(..., alias="resources")
|
|
1023
1025
|
|
|
1024
1026
|
|
|
1025
1027
|
class EnvironmentV1(ConfiguredBaseModel):
|
|
@@ -246,6 +246,7 @@ VARIABLE_KEYS = [
|
|
|
246
246
|
"records",
|
|
247
247
|
"extra_tags",
|
|
248
248
|
"lifecycle",
|
|
249
|
+
"max_session_duration",
|
|
249
250
|
]
|
|
250
251
|
|
|
251
252
|
EMAIL_REGEX = re.compile(r"^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+$")
|
|
@@ -2786,6 +2787,9 @@ class TerrascriptClient: # pylint: disable=too-many-public-methods
|
|
|
2786
2787
|
if lifecycle := self.get_resource_lifecycle(common_values):
|
|
2787
2788
|
values["lifecycle"] = lifecycle
|
|
2788
2789
|
|
|
2790
|
+
if max_session_duration := common_values.get("max_session_duration"):
|
|
2791
|
+
values["max_session_duration"] = max_session_duration
|
|
2792
|
+
|
|
2789
2793
|
role_tf_resource = aws_iam_role(identifier, **values)
|
|
2790
2794
|
tf_resources.append(role_tf_resource)
|
|
2791
2795
|
|
{qontract_reconcile-0.10.2.dev86.dist-info → qontract_reconcile-0.10.2.dev88.dist-info}/WHEEL
RENAMED
|
File without changes
|
|
File without changes
|