runbooks 0.7.9__py3-none-any.whl → 0.9.0__py3-none-any.whl

runbooks/main.py

@@ -88,6 +88,12 @@ import boto3
 
 from runbooks import __version__
 from runbooks.cfat.runner import AssessmentRunner
+from runbooks.common.performance_monitor import get_performance_benchmark
+from runbooks.common.profile_utils import (
+    create_management_session,
+    create_operational_session,
+    get_profile_for_operation,
+)
 from runbooks.common.rich_utils import console, create_table, print_banner, print_header, print_status
 from runbooks.config import load_config, save_config
 from runbooks.inventory.core.collector import InventoryCollector
@@ -102,10 +108,10 @@ console = Console()
 
 def get_account_id_for_context(profile: str = "default") -> str:
     """
-    Resolve actual AWS account ID for context creation.
+    Resolve actual AWS account ID for context creation using enterprise profile management.
 
     This replaces hardcoded 'current' strings with actual account IDs
-    to fix Pydantic validation failures.
+    to fix Pydantic validation failures. Uses the proven three-tier profile system.
 
     Args:
         profile: AWS profile name
@@ -114,11 +120,14 @@ def get_account_id_for_context(profile: str = "default") -> str:
         12-digit AWS account ID string
     """
     try:
-        session = boto3.Session(profile_name=profile)
+        # Use enterprise profile management for session creation
+        resolved_profile = get_profile_for_operation("management", profile)
+        session = create_management_session(profile)
         sts = session.client("sts")
         response = sts.get_caller_identity()
         return response["Account"]
-    except Exception:
+    except Exception as e:
+        console.log(f"[yellow]Warning: Could not resolve account ID, using fallback: {e}[/yellow]")
         # Fallback to a valid format if STS call fails
         return "123456789012"  # Valid 12-digit format for validation
 
@@ -128,6 +137,51 @@ def get_account_id_for_context(profile: str = "default") -> str:
 # ============================================================================
 
 
+def preprocess_space_separated_profiles():
+    """
+    Preprocess sys.argv to convert space-separated profiles to comma-separated format.
+
+    Converts: --profile prof1 prof2
+    To: --profile prof1,prof2
+
+    This enables backward compatibility with space-separated profile syntax
+    while using Click's standard option parsing.
+    """
+    import sys
+
+    # Only process if we haven't already processed
+    if hasattr(preprocess_space_separated_profiles, "_processed"):
+        return
+
+    new_argv = []
+    i = 0
+    while i < len(sys.argv):
+        if sys.argv[i] == "--profile" and i + 1 < len(sys.argv):
+            # Found --profile flag, collect all following non-flag arguments
+            profiles = []
+            new_argv.append("--profile")
+            i += 1
+
+            # Collect profiles until we hit another flag or end of arguments
+            while i < len(sys.argv) and not sys.argv[i].startswith("-"):
+                profiles.append(sys.argv[i])
+                i += 1
+
+            # Join profiles with commas and add as single argument
+            if profiles:
+                new_argv.append(",".join(profiles))
+
+            # Don't increment i here as we want to process the current argument
+            continue
+        else:
+            new_argv.append(sys.argv[i])
+            i += 1
+
+    # Replace sys.argv with processed version
+    sys.argv = new_argv
+    preprocess_space_separated_profiles._processed = True
+
+
 def common_aws_options(f):
     """
     Standard AWS connection and safety options for all commands.
@@ -142,17 +196,26 @@ def common_aws_options(f):
         Decorated function with AWS options
 
     Added Options:
-        --profile: AWS profile name (default: 'default')
+        --profile: AWS profile name(s) - supports repeated flag syntax
         --region: AWS region identifier (default: 'ap-southeast-2')
         --dry-run: Safety flag to preview operations without execution
 
     Examples:
         ```bash
         runbooks inventory ec2 --profile production --region us-west-2 --dry-run
-        runbooks operate s3 create-bucket --profile dev --region eu-west-1
+        runbooks finops --profile prof1 prof2  # Space-separated (SUPPORTED via preprocessing)
+        runbooks finops --profile prof1 --profile prof2  # Multiple flags (Click standard)
+        runbooks finops --profile prof1,prof2  # Comma-separated (Alternative)
         ```
     """
-    f = click.option("--profile", default="default", help="AWS profile (default: 'default')")(f)
+    # FIXED: Space-separated profiles now supported via preprocessing in cli_entry_point()
+    # All three formats work: --profile prof1 prof2, --profile prof1 --profile prof2, --profile prof1,prof2
+    f = click.option(
+        "--profile",
+        multiple=True,
+        default=("default",),  # Tuple default for multiple=True
+        help="AWS profile(s) - supports: --profile prof1 prof2 OR --profile prof1 --profile prof2 OR --profile prof1,prof2",
+    )(f)
     f = click.option("--region", default="ap-southeast-2", help="AWS region (default: 'ap-southeast-2')")(f)
     f = click.option("--dry-run", is_flag=True, help="Enable dry-run mode for safety")(f)
     return f
@@ -229,7 +292,7 @@ def common_filter_options(f):
 # ============================================================================
 
 
-@click.group(invoke_without_command=True)
+@click.group()
 @click.version_option(version=__version__)
 @click.option("--debug", is_flag=True, help="Enable debug logging")
 @common_aws_options
@@ -3141,20 +3204,24 @@ def assess(ctx, checks, export_formats):
         from runbooks.security.security_baseline_tester import SecurityBaselineTester
 
         console.print(f"[blue]🔒 Starting Security Assessment[/blue]")
-        console.print(f"[dim]Profile: {ctx.obj['profile']} | Language: {ctx.obj['language']} | Export: {', '.join(export_formats)}[/dim]")
+        console.print(
+            f"[dim]Profile: {ctx.obj['profile']} | Language: {ctx.obj['language']} | Export: {', '.join(export_formats)}[/dim]"
+        )
 
         # Initialize tester with export formats
         tester = SecurityBaselineTester(
-            profile=ctx.obj["profile"], 
-            lang_code=ctx.obj["language"], 
+            profile=ctx.obj["profile"],
+            lang_code=ctx.obj["language"],
             output_dir=ctx.obj.get("output_file"),
-            export_formats=list(export_formats)
+            export_formats=list(export_formats),
         )
 
         # Run assessment with Rich CLI
         tester.run()
 
-        console.print(f"[green]✅ Security assessment completed with export formats: {', '.join(export_formats)}[/green]")
+        console.print(
+            f"[green]✅ Security assessment completed with export formats: {', '.join(export_formats)}[/green]"
+        )
 
     except Exception as e:
         console.print(f"[red]❌ Security assessment failed: {e}[/red]")
@@ -4786,26 +4853,212 @@ def auto_fix(ctx, findings_file, severity, max_operations):
         raise click.ClickException(str(e))
 
 
+# ============================================================================
+# SRE COMMANDS (Site Reliability Engineering)
+# ============================================================================
+
+
+@click.command("sre")
+@click.option(
+    "--action",
+    type=click.Choice(["health", "recovery", "optimize", "suite"]),
+    default="health",
+    help="SRE action to perform",
+)
+@click.option("--config", type=click.Path(), help="MCP configuration file path")
+@click.option("--save-report", is_flag=True, help="Save detailed report to artifacts")
+@click.option("--continuous", is_flag=True, help="Run continuous monitoring")
+@click.pass_context
+def sre_reliability(ctx, action, config, save_report, continuous):
+    """
+    SRE Automation - Enterprise MCP Reliability & Infrastructure Monitoring
+
+    Provides comprehensive Site Reliability Engineering automation including:
+    - MCP server health monitoring and diagnostics
+    - Automated failure detection and recovery
+    - Performance optimization and SLA validation
+    - >99.9% uptime target achievement
+
+    Examples:
+        runbooks sre --action health          # Health check all MCP servers
+        runbooks sre --action recovery        # Automated recovery procedures
+        runbooks sre --action optimize        # Performance optimization
+        runbooks sre --action suite           # Complete reliability suite
+    """
+    import asyncio
+
+    from runbooks.common.rich_utils import console, print_error, print_info, print_success
+    from runbooks.sre.mcp_reliability_engine import MCPReliabilityEngine, run_mcp_reliability_suite
+
+    try:
+        print_info(f"🚀 Starting SRE automation - Action: {action}")
+
+        if action == "suite":
+            # Run complete reliability suite
+            results = asyncio.run(run_mcp_reliability_suite())
+
+            if results.get("overall_success", False):
+                print_success("✅ SRE Reliability Suite completed successfully")
+                console.print(f"🎯 Final Health: {results.get('final_health_percentage', 0):.1f}%")
+                console.print(f"📈 Improvement: +{results.get('health_improvement', 0):.1f}%")
+            else:
+                print_error("❌ SRE Reliability Suite encountered issues")
+                console.print("🔧 Review detailed logs for remediation guidance")
+
+        else:
+            # Initialize reliability engine for specific actions
+            from pathlib import Path
+
+            config_path = Path(config) if config else None
+            reliability_engine = MCPReliabilityEngine(config_path=config_path)
+
+            if action == "health":
+                # Health check only
+                results = asyncio.run(reliability_engine.run_comprehensive_health_check())
+
+                if results["health_percentage"] >= 99.9:
+                    print_success(f"✅ All systems healthy: {results['health_percentage']:.1f}%")
+                else:
+                    console.print(f"⚠️ Health: {results['health_percentage']:.1f}% - Review recommendations")
+
+            elif action == "recovery":
+                # Automated recovery procedures
+                results = asyncio.run(reliability_engine.implement_automated_recovery())
+
+                actions_taken = len(results.get("actions_taken", []))
+                if actions_taken > 0:
+                    print_success(f"🔄 Recovery completed: {actions_taken} actions taken")
+                else:
+                    print_info("✅ No recovery needed - all systems healthy")
+
+            elif action == "optimize":
+                # Performance optimization
+                results = asyncio.run(reliability_engine.run_performance_optimization())
+
+                optimizations = results.get("optimizations_applied", 0)
+                if optimizations > 0:
+                    print_success(f"⚡ Optimization completed: {optimizations} improvements applied")
+                else:
+                    print_info("✅ Performance already optimal")
+
+        # Save detailed report if requested
+        if save_report and "results" in locals():
+            import json
+            from datetime import datetime
+            from pathlib import Path
+
+            artifacts_dir = Path("./artifacts/sre")
+            artifacts_dir.mkdir(parents=True, exist_ok=True)
+
+            timestamp = datetime.now().strftime("%Y%m%d_%H%M%S")
+            report_file = artifacts_dir / f"sre_report_{action}_{timestamp}.json"
+
+            with open(report_file, "w") as f:
+                json.dump(results, f, indent=2, default=str)
+
+            print_success(f"📊 Detailed report saved: {report_file}")
+
+        # Continuous monitoring mode
+        if continuous:
+            print_info("🔄 Starting continuous monitoring mode...")
+            console.print("Press Ctrl+C to stop monitoring")
+
+            try:
+                while True:
+                    import time
+
+                    time.sleep(60)  # Check every minute
+
+                    # Quick health check
+                    reliability_engine = MCPReliabilityEngine()
+                    health_summary = reliability_engine.connection_pool.get_health_summary()
+
+                    console.print(
+                        f"🏥 Health: {health_summary['healthy_servers']}/{health_summary['total_servers']} servers healthy"
+                    )
+
+            except KeyboardInterrupt:
+                print_info("🛑 Continuous monitoring stopped")
+
+    except Exception as e:
+        print_error(f"❌ SRE automation failed: {str(e)}")
+        logger.error(f"SRE reliability command failed: {str(e)}")
+        raise click.ClickException(str(e))
+
+
+# Add SRE command to CLI
+main.add_command(sre_reliability)
+
+
 # ============================================================================
 # FINOPS COMMANDS (Cost & Usage Analytics)
 # ============================================================================
 
 
-@main.group(invoke_without_command=True)
+def _parse_profiles_parameter(profiles_tuple):
+    """Parse profiles parameter to handle multiple formats:
+    - Multiple --profiles options: --profiles prof1 --profiles prof2
+    - Comma-separated in single option: --profiles "prof1,prof2"
+    - Space-separated in single option: --profiles "prof1 prof2"
+    """
+    if not profiles_tuple:
+        return None
+
+    all_profiles = []
+    for profile_item in profiles_tuple:
+        # Handle comma or space separated profiles in a single item
+        if "," in profile_item:
+            all_profiles.extend([p.strip() for p in profile_item.split(",")])
+        elif " " in profile_item:
+            all_profiles.extend([p.strip() for p in profile_item.split()])
+        else:
+            all_profiles.append(profile_item.strip())
+
+    return [p for p in all_profiles if p]  # Remove empty strings
+
+
+@main.command()
 @common_aws_options
 @click.option("--time-range", type=int, help="Time range in days (default: current month)")
-@click.option(
-    "--report-type", multiple=True, type=click.Choice(["csv", "json", "pdf"]), default=("csv",), help="Report types"
-)
+@click.option("--report-type", type=click.Choice(["csv", "json", "pdf", "markdown"]), help="Report type for export")
 @click.option("--report-name", help="Base name for report files (without extension)")
 @click.option("--dir", help="Directory to save report files (default: current directory)")
-@click.option("--profiles", multiple=True, help="Specific AWS profiles to use")
+@click.option(
+    "--profiles",
+    multiple=True,
+    help="AWS profiles: --profiles prof1 prof2 OR --profiles 'prof1,prof2' OR --profiles prof1 --profiles prof2",
+)
 @click.option("--regions", multiple=True, help="AWS regions to check")
 @click.option("--all", is_flag=True, help="Use all available AWS profiles")
 @click.option("--combine", is_flag=True, help="Combine profiles from the same AWS account")
 @click.option("--tag", multiple=True, help="Cost allocation tag to filter resources")
 @click.option("--trend", is_flag=True, help="Display trend report for past 6 months")
 @click.option("--audit", is_flag=True, help="Display audit report with cost anomalies and resource optimization")
+@click.option("--pdf", is_flag=True, help="Generate PDF report (convenience flag for --report-type pdf)")
+@click.option(
+    "--export-markdown", "--markdown", is_flag=True, help="Generate Rich-styled markdown export with 10-column format"
+)
+@click.option(
+    "--profile-display-length",
+    type=int,
+    help="Maximum characters for profile name display (optional, no truncation if not specified)",
+)
+@click.option(
+    "--service-name-length",
+    type=int,
+    help="Maximum characters for service name display (optional, no truncation if not specified)",
+)
+@click.option(
+    "--max-services-text",
+    type=int,
+    help="Maximum number of services in text summaries (optional, no limit if not specified)",
+)
+@click.option(
+    "--high-cost-threshold", type=float, default=5000, help="High cost threshold for highlighting (default: 5000)"
+)
+@click.option(
+    "--medium-cost-threshold", type=float, default=1000, help="Medium cost threshold for highlighting (default: 1000)"
+)
 @click.pass_context
 def finops(
     ctx,
@@ -4823,6 +5076,13 @@ def finops(
     tag,
     trend,
     audit,
+    pdf,
+    export_markdown,
+    profile_display_length,
+    service_name_length,
+    max_services_text,
+    high_cost_threshold,
+    medium_cost_threshold,
 ):
     """
     AWS FinOps - Cost and usage analytics.
@@ -4836,50 +5096,112 @@ def finops(
         runbooks finops --time-range 30 --report-name monthly_costs
     """
 
-    if ctx.invoked_subcommand is None:
-        # Run default dashboard with all options
-        import argparse
+    # Run finops dashboard with all options
+    import argparse
+
+    # Import enhanced routing for service-per-row layout (Enterprise requirement)
+    try:
+        from runbooks.finops.dashboard_router import route_finops_request
 
+        use_enhanced_routing = True
+        click.echo(click.style("🚀 Using Enhanced Service-Focused Dashboard", fg="cyan", bold=True))
+    except Exception as e:
         from runbooks.finops.dashboard_runner import run_dashboard
 
-        args = argparse.Namespace(
-            profile=profile,
-            region=region,
-            dry_run=dry_run,
-            time_range=time_range,
-            report_type=list(report_type),
-            report_name=report_name,
-            dir=dir,
-            profiles=list(profiles) if profiles else None,
-            regions=list(regions) if regions else None,
-            all=all,
-            combine=combine,
-            tag=list(tag) if tag else None,
-            trend=trend,
-            audit=audit,
-            config_file=None,  # Not exposed in Click interface yet
-        )
-        return run_dashboard(args)
+        use_enhanced_routing = False
+        click.echo(click.style(f"⚠️ Enhanced routing failed ({str(e)[:50]}), using legacy mode", fg="yellow"))
+
+    # Handle report type logic - support --report-type, --pdf, and --export-markdown flags
+    report_types = []
+    if pdf:
+        report_types = ["pdf"]
+    elif export_markdown:
+        report_types = ["markdown"]
+        # Set default filename if none provided
+        if not report_name:
+            report_name = "finops_markdown_export"
+        # Ensure exports directory exists
+        if not dir:
+            dir = "./exports"
+        import os
+
+        os.makedirs(dir, exist_ok=True)
+        click.echo(
+            click.style("📝 Rich-styled markdown export activated - 10-column format for MkDocs", fg="cyan", bold=True)
+        )
+    elif report_type:
+        report_types = [report_type]
+    elif report_name:  # If report name provided but no type, default to csv
+        report_types = ["csv"]
+
+    # Parse profiles from updated --profile parameter (now supports multiple=True)
+    parsed_profiles = None
+    if profile:
+        # Handle the new tuple/list format from click.option(multiple=True)
+        if isinstance(profile, (tuple, list)):
+            # Flatten and handle comma-separated values within each element
+            all_profiles = []
+            for profile_item in profile:
+                if profile_item and "," in profile_item:
+                    all_profiles.extend([p.strip() for p in profile_item.split(",") if p.strip()])
+                elif profile_item and profile_item.strip():
+                    all_profiles.append(profile_item.strip())
+
+            # Filter out empty and "default" profiles, keep actual profiles
+            parsed_profiles = [p for p in all_profiles if p and p != "default"]
+            # If no valid profiles after filtering, use default
+            if not parsed_profiles:
+                parsed_profiles = ["default"]
+        else:
+            # Legacy single string handling (backward compatibility)
+            if "," in profile:
+                parsed_profiles = [p.strip() for p in profile.split(",") if p.strip()]
+            else:
+                parsed_profiles = [profile.strip()]
+
+    # Combine with --profiles parameter if both are provided
+    if profiles:
+        legacy_profiles = _parse_profiles_parameter(profiles)
+        if parsed_profiles:
+            parsed_profiles.extend(legacy_profiles)
+        else:
+            parsed_profiles = legacy_profiles
+
+    # CRITICAL FIX: Ensure single profile is correctly handled for downstream processing
+    # When multiple profiles are provided via --profile, use the first one as primary profile
+    primary_profile = (
+        parsed_profiles[0] if parsed_profiles else (profile[0] if isinstance(profile, tuple) and profile else profile)
+    )
+
+    args = argparse.Namespace(
+        profile=primary_profile,  # Primary profile for single-profile operations
+        region=region,
+        dry_run=dry_run,
+        time_range=time_range,
+        report_type=report_types,
+        report_name=report_name,
+        dir=dir,
+        profiles=parsed_profiles,  # Use parsed profiles from both --profile and --profiles
+        regions=list(regions) if regions else None,
+        all=all,
+        combine=combine,
+        tag=list(tag) if tag else None,
+        trend=trend,
+        audit=audit,
+        export_markdown=export_markdown,  # Add export_markdown parameter
+        config_file=None,  # Not exposed in Click interface yet
+        # Display configuration parameters
+        profile_display_length=profile_display_length,
+        service_name_length=service_name_length,
+        max_services_text=max_services_text,
+        high_cost_threshold=high_cost_threshold,
+        medium_cost_threshold=medium_cost_threshold,
+    )
+    # Route to appropriate dashboard implementation
+    if use_enhanced_routing:
+        return route_finops_request(args)
     else:
-        # Pass context to subcommands
-        ctx.obj.update(
-            {
-                "profile": profile,
-                "region": region,
-                "dry_run": dry_run,
-                "time_range": time_range,
-                "report_type": list(report_type),
-                "report_name": report_name,
-                "dir": dir,
-                "profiles": list(profiles) if profiles else None,
-                "regions": list(regions) if regions else None,
-                "all": all,
-                "combine": combine,
-                "tag": list(tag) if tag else None,
-                "trend": trend,
-                "audit": audit,
-            }
-        )
+        return run_dashboard(args)
 
 
 # ============================================================================
@@ -5300,6 +5622,273 @@ def scan(ctx, profile, region, dry_run, resources):
         sys.exit(1)
 
 
+# ============================================================================
+# DORA METRICS COMMANDS (Enterprise SRE Monitoring)
+# ============================================================================
+
+
+@main.group()
+@click.pass_context
+def dora(ctx):
+    """
+    📊 DORA metrics and SRE performance monitoring
+
+    Enterprise DORA metrics collection, analysis, and reporting for Site Reliability Engineering.
+    Tracks Lead Time, Deployment Frequency, Mean Time to Recovery (MTTR), and Change Failure Rate.
+
+    Features:
+    - Real-time DORA metrics calculation
+    - SLA compliance monitoring
+    - Automated incident detection
+    - Enterprise dashboard generation
+    - CloudWatch/Datadog integration
+
+    Examples:
+        runbooks dora report            # Generate comprehensive DORA report
+        runbooks dora dashboard         # Create SRE dashboard data
+        runbooks dora track-deployment  # Track git deployment
+        runbooks dora simulate          # Run demonstration simulation
+    """
+    pass
+
+
+@dora.command()
+@click.option("--days", default=30, help="Number of days to analyze (default: 30)")
+@click.option("--output-dir", default="./artifacts/sre-reports", help="Output directory for reports")
+@click.option("--format", type=click.Choice(["json", "console"]), default="console", help="Output format")
+@click.pass_context
+def report(ctx, days, output_dir, format):
+    """
+    📊 Generate comprehensive DORA metrics report
+
+    Creates enterprise-grade DORA metrics analysis including Lead Time,
+    Deployment Frequency, MTTR, Change Failure Rate, and SLA compliance.
+
+    Examples:
+        runbooks dora report --days 7 --format json
+        runbooks dora report --days 30 --output-dir ./reports
+    """
+    console.print("[cyan]📊 DORA Metrics Enterprise Report[/cyan]")
+
+    try:
+        from runbooks.metrics.dora_metrics_engine import DORAMetricsEngine
+
+        # Initialize DORA metrics engine
+        engine = DORAMetricsEngine()
+
+        # Generate comprehensive report
+        console.print(f"[dim]Analyzing last {days} days...[/dim]")
+        report_data = engine.generate_comprehensive_report(days_back=days)
+
+        if format == "json":
+            import json
+
+            output = json.dumps(report_data, indent=2, default=str)
+            console.print(output)
+        else:
+            # Display formatted console output
+            console.print(f"\n🎯 [bold]DORA Metrics Summary ({days} days)[/bold]")
+
+            # Performance Analysis
+            perf = report_data["performance_analysis"]
+            console.print(
+                f"Overall Performance: [bold]{perf['overall_performance_percentage']:.1f}%[/bold] ({perf['performance_grade']})"
+            )
+            console.print(f"SLA Compliance: [bold]{perf['sla_compliance_score']:.1f}%[/bold]")
+
+            # DORA Metrics
+            dora_metrics = report_data["dora_metrics"]
+            console.print(f"\n📈 [bold]Core DORA Metrics[/bold]")
+            console.print(
+                f"• Lead Time: [cyan]{dora_metrics['lead_time']['value']:.2f}[/cyan] {dora_metrics['lead_time']['unit']}"
+            )
+            console.print(
+                f"• Deploy Frequency: [cyan]{dora_metrics['deployment_frequency']['value']:.2f}[/cyan] {dora_metrics['deployment_frequency']['unit']}"
+            )
+            console.print(f"• Change Failure Rate: [cyan]{dora_metrics['change_failure_rate']['value']:.2%}[/cyan]")
+            console.print(f"• MTTR: [cyan]{dora_metrics['mttr']['value']:.2f}[/cyan] {dora_metrics['mttr']['unit']}")
+
+            # Recommendations
+            recommendations = report_data["recommendations"]
+            if recommendations:
+                console.print(f"\n💡 [bold]SRE Recommendations[/bold]")
+                for i, rec in enumerate(recommendations[:3], 1):  # Show top 3
+                    console.print(f"{i}. {rec}")
+
+            # Raw Data Summary
+            raw_data = report_data["raw_data"]
+            console.print(f"\n📋 [bold]Data Summary[/bold]")
+            console.print(f"• Deployments: {raw_data['deployments_count']}")
+            console.print(f"• Incidents: {raw_data['incidents_count']}")
+            console.print(f"• Automation Rate: {raw_data['automation_rate']:.1f}%")
+
+        console.print(f"\n[green]✅ DORA report generated for {days} days[/green]")
+        console.print(f"[dim]💾 Report saved to: {output_dir}/[/dim]")
+
+    except Exception as e:
+        console.print(f"[red]❌ Error generating DORA report: {e}[/red]")
+        logger.error(f"DORA report failed: {e}")
+        sys.exit(1)
+
+
+@dora.command()
+@click.option("--days", default=30, help="Number of days to analyze for dashboard")
+@click.option("--output-file", help="Output file for dashboard JSON data")
+@click.option("--cloudwatch", is_flag=True, help="Export metrics to CloudWatch")
+@click.pass_context
+def dashboard(ctx, days, output_file, cloudwatch):
+    """
+    📊 Generate SRE dashboard data for visualization tools
+
+    Creates dashboard-ready data for SRE tools like Datadog, Grafana,
+    or CloudWatch with time series data and KPI summaries.
+
+    Examples:
+        runbooks dora dashboard --days 7 --cloudwatch
+        runbooks dora dashboard --output-file dashboard.json
+    """
+    console.print("[cyan]📊 Generating SRE Dashboard Data[/cyan]")
+
+    try:
+        from runbooks.metrics.dora_metrics_engine import DORAMetricsEngine
+
+        engine = DORAMetricsEngine()
+
+        # Generate dashboard data
+        console.print(f"[dim]Creating dashboard for last {days} days...[/dim]")
+        dashboard_data = engine.generate_sre_dashboard(days_back=days)
+
+        # Display KPI summary
+        kpis = dashboard_data["kpi_summary"]
+        console.print(f"\n🎯 [bold]Key Performance Indicators[/bold]")
+        console.print(f"• Performance Score: [cyan]{kpis['overall_performance_score']:.1f}%[/cyan]")
+        console.print(f"• SLA Compliance: [cyan]{kpis['sla_compliance_score']:.1f}%[/cyan]")
+        console.print(f"• DORA Health: [cyan]{kpis['dora_metrics_health']:.1f}%[/cyan]")
+        console.print(f"• Active Incidents: [cyan]{kpis['active_incidents']}[/cyan]")
+        console.print(f"• Automation: [cyan]{kpis['automation_percentage']:.1f}%[/cyan]")
+
+        # Export to file if requested
+        if output_file:
+            import json
+
+            with open(output_file, "w") as f:
+                json.dump(dashboard_data, f, indent=2, default=str)
+            console.print(f"\n[green]💾 Dashboard data exported: {output_file}[/green]")
+
+        # Export to CloudWatch if requested
+        if cloudwatch:
+            console.print(f"\n[dim]Exporting to CloudWatch...[/dim]")
+            success = engine.export_cloudwatch_metrics()
+            if success:
+                console.print("[green]✅ Metrics published to CloudWatch[/green]")
+            else:
+                console.print("[yellow]⚠️ CloudWatch export failed (check AWS permissions)[/yellow]")
+
+        console.print(f"\n[green]✅ SRE dashboard data generated[/green]")
+
+    except Exception as e:
+        console.print(f"[red]❌ Error generating dashboard: {e}[/red]")
+        logger.error(f"DORA dashboard failed: {e}")
+        sys.exit(1)
+
+
+@dora.command()
+@click.option("--commit-sha", required=True, help="Git commit SHA")
+@click.option("--branch", default="main", help="Git branch name")
+@click.option("--author", help="Commit author")
+@click.option("--message", help="Commit message")
+@click.pass_context
+def track_deployment(ctx, commit_sha, branch, author, message):
+    """
+    🔗 Track deployment from git operations for DORA metrics
+
+    Automatically records deployment events for DORA metrics collection,
+    linking git commits to production deployments for lead time calculation.
+
+    Examples:
+        runbooks dora track-deployment --commit-sha abc123 --branch main --author developer
+        runbooks dora track-deployment --commit-sha def456 --message "Feature update"
+    """
+    console.print("[cyan]🔗 Tracking Git Deployment for DORA Metrics[/cyan]")
+
+    try:
+        from runbooks.metrics.dora_metrics_engine import DORAMetricsEngine
+
+        engine = DORAMetricsEngine()
+
+        # Track git deployment
+        deployment = engine.track_git_deployment(
+            commit_sha=commit_sha, branch=branch, author=author or "unknown", message=message or ""
+        )
+
+        console.print(f"\n✅ [bold]Deployment Tracked[/bold]")
+        console.print(f"• Deployment ID: [cyan]{deployment.deployment_id}[/cyan]")
+        console.print(f"• Environment: [cyan]{deployment.environment}[/cyan]")
+        console.print(f"• Version: [cyan]{deployment.version}[/cyan]")
+        console.print(f"• Branch: [cyan]{branch}[/cyan]")
+        console.print(f"• Author: [cyan]{author or 'unknown'}[/cyan]")
+
+        console.print(f"\n[green]🎯 Deployment automatically tracked for DORA lead time calculation[/green]")
+
+    except Exception as e:
+        console.print(f"[red]❌ Error tracking deployment: {e}[/red]")
+        logger.error(f"DORA deployment tracking failed: {e}")
+        sys.exit(1)
+
+
+@dora.command()
+@click.option("--duration", default=5, help="Simulation duration in minutes")
+@click.option("--show-report", is_flag=True, help="Display comprehensive report after simulation")
+@click.pass_context
+def simulate(ctx, duration, show_report):
+    """
+    🧪 Run DORA metrics simulation for demonstration
+
+    Creates simulated deployment and incident events to demonstrate
+    DORA metrics calculation and reporting capabilities.
+
+    Examples:
+        runbooks dora simulate --duration 2 --show-report
+        runbooks dora simulate --duration 10
+    """
+    console.print("[cyan]🧪 Running DORA Metrics Simulation[/cyan]")
+
+    try:
+        import asyncio
+
+        from runbooks.metrics.dora_metrics_engine import simulate_dora_metrics_collection
+
+        # Run simulation
+        console.print(f"[dim]Simulating {duration} minutes of operations...[/dim]")
+
+        async def run_simulation():
+            return await simulate_dora_metrics_collection(duration_minutes=duration)
+
+        report = asyncio.run(run_simulation())
+
+        # Display results
+        perf = report["performance_analysis"]
+        console.print(f"\n🎯 [bold]Simulation Results[/bold]")
+        console.print(f"• Performance Grade: [cyan]{perf['performance_grade']}[/cyan]")
+        console.print(f"• Targets Met: [cyan]{sum(perf['targets_met'].values())}/{len(perf['targets_met'])}[/cyan]")
+        console.print(f"• Overall Score: [cyan]{perf['overall_performance_percentage']:.1f}%[/cyan]")
+
+        if show_report:
+            # Display comprehensive report
+            console.print(f"\n📊 [bold]Detailed DORA Metrics[/bold]")
+            for metric_name, metric_data in report["dora_metrics"].items():
+                console.print(
+                    f"• {metric_name.replace('_', ' ').title()}: [cyan]{metric_data['value']:.2f}[/cyan] {metric_data['unit']}"
+                )
+
+        console.print(f"\n[green]✅ DORA metrics simulation completed successfully[/green]")
+
+    except Exception as e:
+        console.print(f"[red]❌ Error running simulation: {e}[/red]")
+        logger.error(f"DORA simulation failed: {e}")
+        sys.exit(1)
+
+
 # ============================================================================
 # VPC NETWORKING COMMANDS (New Wrapper Architecture)
 # ============================================================================
@@ -5448,15 +6037,16 @@ def optimize(ctx, profile, region, dry_run, billing_profile, target_reduction, o
 # MCP VALIDATION FRAMEWORK
 # ============================================================================
 
+
 @main.group()
-@click.pass_context  
+@click.pass_context
 def validate(ctx):
     """
     🔍 MCP validation framework with 99.5% accuracy target
-    
+
     Comprehensive validation between runbooks outputs and MCP server results
     for enterprise AWS operations with real-time performance monitoring.
-    
+
     Examples:
         runbooks validate all                    # Full validation suite
         runbooks validate costs                  # Cost Explorer validation
@@ -5465,34 +6055,33 @@ def validate(ctx):
     """
     pass
 
+
 @validate.command()
 @common_aws_options
-@click.option('--tolerance', default=5.0, help='Tolerance percentage for variance detection')
-@click.option('--performance-target', default=30.0, help='Performance target in seconds')
-@click.option('--save-report', is_flag=True, help='Save detailed report to artifacts')
+@click.option("--tolerance", default=5.0, help="Tolerance percentage for variance detection")
+@click.option("--performance-target", default=30.0, help="Performance target in seconds")
+@click.option("--save-report", is_flag=True, help="Save detailed report to artifacts")
 @click.pass_context
 def all(ctx, profile, region, dry_run, tolerance, performance_target, save_report):
     """Run comprehensive MCP validation across all critical operations."""
-    
+
     console.print("[bold blue]🔍 Enterprise MCP Validation Framework[/bold blue]")
     console.print(f"Target Accuracy: 99.5% | Tolerance: ±{tolerance}% | Performance: <{performance_target}s")
-    
+
     try:
         import asyncio
+
         from runbooks.validation.mcp_validator import MCPValidator
-        
+
         # Initialize validator
-        validator = MCPValidator(
-            tolerance_percentage=tolerance,
-            performance_target_seconds=performance_target
-        )
-        
+        validator = MCPValidator(tolerance_percentage=tolerance, performance_target_seconds=performance_target)
+
         # Run validation
         report = asyncio.run(validator.validate_all_operations())
-        
-        # Display results  
+
+        # Display results
         validator.display_validation_report(report)
-        
+
         # Exit code based on results
         if report.overall_accuracy >= 99.5:
             console.print("[bold green]✅ Validation PASSED - Deploy with confidence[/bold green]")
@@ -5503,7 +6092,7 @@ def all(ctx, profile, region, dry_run, tolerance, performance_target, save_repor
         else:
             console.print("[bold red]❌ Validation FAILED - Address issues before deployment[/bold red]")
             sys.exit(2)
-            
+
     except ImportError as e:
         console.print(f"[red]❌ MCP validation dependencies not available: {e}[/red]")
         console.print("[yellow]Install with: pip install runbooks[mcp][/yellow]")
@@ -5512,39 +6101,41 @@ def all(ctx, profile, region, dry_run, tolerance, performance_target, save_repor
         console.print(f"[red]❌ Validation error: {e}[/red]")
         sys.exit(3)
 
+
 @validate.command()
 @common_aws_options
-@click.option('--tolerance', default=5.0, help='Cost variance tolerance percentage')
+@click.option("--tolerance", default=5.0, help="Cost variance tolerance percentage")
 @click.pass_context
 def costs(ctx, profile, region, dry_run, tolerance):
     """Validate Cost Explorer data accuracy."""
-    
+
     console.print("[bold cyan]💰 Cost Explorer Validation[/bold cyan]")
-    
+
     try:
         import asyncio
+
         from runbooks.validation.mcp_validator import MCPValidator
-        
+
         validator = MCPValidator(tolerance_percentage=tolerance)
         result = asyncio.run(validator.validate_cost_explorer())
-        
+
         # Display result
-        from rich.table import Table
         from rich import box
-        
+        from rich.table import Table
+
         table = Table(title="Cost Validation Result", box=box.ROUNDED)
         table.add_column("Metric", style="cyan")
         table.add_column("Value", style="bold")
-        
+
         status_color = "green" if result.status.value == "PASSED" else "red"
         table.add_row("Status", f"[{status_color}]{result.status.value}[/{status_color}]")
         table.add_row("Accuracy", f"{result.accuracy_percentage:.2f}%")
         table.add_row("Execution Time", f"{result.execution_time:.2f}s")
-        
+
         console.print(table)
-        
+
         sys.exit(0 if result.status.value == "PASSED" else 1)
-        
+
     except ImportError as e:
         console.print(f"[red]❌ MCP validation not available: {e}[/red]")
         sys.exit(3)
@@ -5552,43 +6143,45 @@ def costs(ctx, profile, region, dry_run, tolerance):
         console.print(f"[red]❌ Cost validation error: {e}[/red]")
         sys.exit(3)
 
+
 @validate.command()
 @common_aws_options
 @click.pass_context
 def organizations(ctx, profile, region, dry_run):
     """Validate Organizations API data accuracy."""
-    
+
     console.print("[bold cyan]🏢 Organizations Validation[/bold cyan]")
-    
+
     try:
         import asyncio
+
         from runbooks.validation.mcp_validator import MCPValidator
-        
+
         validator = MCPValidator()
         result = asyncio.run(validator.validate_organizations_data())
-        
+
         # Display result
-        from rich.table import Table
         from rich import box
-        
+        from rich.table import Table
+
         table = Table(title="Organizations Validation Result", box=box.ROUNDED)
         table.add_column("Metric", style="cyan")
         table.add_column("Value", style="bold")
-        
+
         status_color = "green" if result.status.value == "PASSED" else "red"
         table.add_row("Status", f"[{status_color}]{result.status.value}[/{status_color}]")
         table.add_row("Accuracy", f"{result.accuracy_percentage:.2f}%")
         table.add_row("Execution Time", f"{result.execution_time:.2f}s")
-        
+
         if result.variance_details:
-            details = result.variance_details.get('details', {})
-            table.add_row("Runbooks Accounts", str(details.get('runbooks_accounts', 'N/A')))
-            table.add_row("MCP Accounts", str(details.get('mcp_accounts', 'N/A')))
-        
+            details = result.variance_details.get("details", {})
+            table.add_row("Runbooks Accounts", str(details.get("runbooks_accounts", "N/A")))
+            table.add_row("MCP Accounts", str(details.get("mcp_accounts", "N/A")))
+
         console.print(table)
-        
+
         sys.exit(0 if result.status.value == "PASSED" else 1)
-        
+
     except ImportError as e:
         console.print(f"[red]❌ MCP validation not available: {e}[/red]")
         sys.exit(3)
@@ -5596,29 +6189,28 @@ def organizations(ctx, profile, region, dry_run):
         console.print(f"[red]❌ Organizations validation error: {e}[/red]")
         sys.exit(3)
 
+
 @validate.command()
-@click.option('--target-accuracy', default=99.5, help='Target accuracy percentage')
-@click.option('--iterations', default=5, help='Number of benchmark iterations')
-@click.option('--performance-target', default=30.0, help='Performance target in seconds')
+@click.option("--target-accuracy", default=99.5, help="Target accuracy percentage")
+@click.option("--iterations", default=5, help="Number of benchmark iterations")
+@click.option("--performance-target", default=30.0, help="Performance target in seconds")
 @click.pass_context
 def benchmark(ctx, target_accuracy, iterations, performance_target):
     """Run performance benchmark for MCP validation framework."""
-    
+
     console.print("[bold magenta]🏋️ MCP Validation Benchmark[/bold magenta]")
     console.print(f"Target: {target_accuracy}% | Iterations: {iterations} | Performance: <{performance_target}s")
-    
+
     try:
         import asyncio
+
         from runbooks.validation.benchmark import MCPBenchmarkRunner
-        
-        runner = MCPBenchmarkRunner(
-            target_accuracy=target_accuracy,
-            performance_target=performance_target
-        )
-        
+
+        runner = MCPBenchmarkRunner(target_accuracy=target_accuracy, performance_target=performance_target)
+
         suite = asyncio.run(runner.run_benchmark(iterations))
         runner.display_benchmark_results(suite)
-        
+
         # Exit based on benchmark results
         overall_status = runner._assess_benchmark_results(suite)
         if overall_status == "PASSED":
@@ -5627,7 +6219,7 @@ def benchmark(ctx, target_accuracy, iterations, performance_target):
             sys.exit(1)
         else:
             sys.exit(2)
-            
+
     except ImportError as e:
         console.print(f"[red]❌ MCP benchmark not available: {e}[/red]")
         sys.exit(3)
@@ -5635,67 +6227,73 @@ def benchmark(ctx, target_accuracy, iterations, performance_target):
         console.print(f"[red]❌ Benchmark error: {e}[/red]")
         sys.exit(3)
 
+
 @validate.command()
 @click.pass_context
 def status(ctx):
     """Show MCP validation framework status."""
-    
+
     console.print("[bold cyan]📊 MCP Validation Framework Status[/bold cyan]")
-    
-    from rich.table import Table
+
     from rich import box
-    
+    from rich.table import Table
+
     table = Table(title="Framework Status", box=box.ROUNDED)
     table.add_column("Component", style="cyan")
-    table.add_column("Status", style="bold") 
+    table.add_column("Status", style="bold")
     table.add_column("Details")
-    
+
     # Check MCP integration
     try:
         from notebooks.mcp_integration import MCPIntegrationManager
+
         table.add_row("MCP Integration", "[green]✅ Available[/green]", "Ready for validation")
     except ImportError:
         table.add_row("MCP Integration", "[red]❌ Unavailable[/red]", "Install MCP dependencies")
-    
+
     # Check validation framework
     try:
         from runbooks.validation.mcp_validator import MCPValidator
+
         table.add_row("Validation Framework", "[green]✅ Ready[/green]", "All components loaded")
     except ImportError as e:
         table.add_row("Validation Framework", "[red]❌ Missing[/red]", str(e))
-    
-    # Check benchmark suite  
+
+    # Check benchmark suite
     try:
         from runbooks.validation.benchmark import MCPBenchmarkRunner
+
         table.add_row("Benchmark Suite", "[green]✅ Ready[/green]", "Performance testing available")
     except ImportError as e:
         table.add_row("Benchmark Suite", "[red]❌ Missing[/red]", str(e))
-    
+
     # Check AWS profiles
     profiles = [
-        'ams-admin-Billing-ReadOnlyAccess-909135376185',
-        'ams-admin-ReadOnlyAccess-909135376185',
-        'ams-centralised-ops-ReadOnlyAccess-335083429030',
-        'ams-shared-services-non-prod-ReadOnlyAccess-499201730520'
+        "ams-admin-Billing-ReadOnlyAccess-909135376185",
+        "ams-admin-ReadOnlyAccess-909135376185",
+        "ams-centralised-ops-ReadOnlyAccess-335083429030",
+        "ams-shared-services-non-prod-ReadOnlyAccess-499201730520",
     ]
-    
+
     valid_profiles = 0
     for profile_name in profiles:
         try:
             session = boto3.Session(profile_name=profile_name)
-            sts = session.client('sts')
+            sts = session.client("sts")
             identity = sts.get_caller_identity()
             valid_profiles += 1
         except:
             pass
-    
+
     if valid_profiles == len(profiles):
-        table.add_row("AWS Profiles", "[green]✅ All Valid[/green]", f"{valid_profiles}/{len(profiles)} profiles configured")
+        table.add_row(
+            "AWS Profiles", "[green]✅ All Valid[/green]", f"{valid_profiles}/{len(profiles)} profiles configured"
+        )
     elif valid_profiles > 0:
         table.add_row("AWS Profiles", "[yellow]⚠️ Partial[/yellow]", f"{valid_profiles}/{len(profiles)} profiles valid")
     else:
         table.add_row("AWS Profiles", "[red]❌ None Valid[/red]", "Configure AWS profiles")
-    
+
     console.print(table)
 
 
@@ -5703,5 +6301,13 @@ def status(ctx):
 # MAIN ENTRY POINT
 # ============================================================================
 
-if __name__ == "__main__":
+
+def cli_entry_point():
+    """Entry point with preprocessing for space-separated profiles."""
+    # Preprocess command line to handle space-separated profiles
+    preprocess_space_separated_profiles()
     main()
+
+
+if __name__ == "__main__":
+    cli_entry_point()