runbooks 1.1.4__py3-none-any.whl → 1.1.5__py3-none-any.whl

runbooks/inventory/drift_detection_cli.py

@@ -11,7 +11,7 @@ Strategic Alignment:
 
 Features:
 - Real-time AWS API cross-validation
-- Terraform state drift detection  
+- Terraform state drift detection
 - Rich CLI enterprise UX with visual indicators
 - Evidence-based drift reporting
 - Profile override priority system
@@ -34,7 +34,7 @@ from ..common.rich_utils import console, print_error, print_info, print_success
 from .mcp_inventory_validator import (
     create_inventory_mcp_validator,
     generate_drift_report,
-    validate_inventory_results_with_mcp
+    validate_inventory_results_with_mcp,
 )
 
 
@@ -45,46 +45,32 @@ def drift():
 
 
 @drift.command("detect")
-@click.option(
-    "--profile",
-    help="AWS profile to use (overrides environment variables)"
-)
-@click.option(
-    "--profiles", 
-    help="Comma-separated list of AWS profiles for multi-account analysis"
-)
+@click.option("--profile", help="AWS profile to use (overrides environment variables)")
+@click.option("--profiles", help="Comma-separated list of AWS profiles for multi-account analysis")
 @click.option(
     "--terraform-dir",
     default="/Volumes/Working/1xOps/CloudOps-Runbooks/terraform-aws",
-    help="Path to terraform configuration directory"
+    help="Path to terraform configuration directory",
 )
 @click.option(
     "--report-format",
     type=click.Choice(["console", "json", "csv"]),
     default="console",
-    help="Output format for drift report"
-)
-@click.option(
-    "--output-file",
-    help="File path to save drift report (optional)"
-)
-@click.option(
-    "--threshold",
-    type=float,
-    default=99.5,
-    help="Accuracy threshold for drift detection (default: 99.5%)"
+    help="Output format for drift report",
 )
+@click.option("--output-file", help="File path to save drift report (optional)")
+@click.option("--threshold", type=float, default=99.5, help="Accuracy threshold for drift detection (default: 99.5%)")
 def detect_drift(
     profile: Optional[str],
-    profiles: Optional[str], 
+    profiles: Optional[str],
     terraform_dir: str,
     report_format: str,
     output_file: Optional[str],
-    threshold: float
+    threshold: float,
 ):
     """
     Detect infrastructure drift using 3-way validation.
-    
+
     Compares inventory collection results against AWS API and terraform state
     to identify discrepancies and provide actionable recommendations.
     """
@@ -98,9 +84,9 @@ def detect_drift(
             # Use operational profile as default
             default_profile = get_profile_for_operation("operational", None)
             profile_list = [default_profile]
-            
+
         print_info(f"Starting drift detection for {len(profile_list)} profile(s)")
-        
+
         # Validate all profiles
         valid_profiles = []
         for prof in profile_list:
@@ -108,99 +94,83 @@ def detect_drift(
                 valid_profiles.append(prof)
             else:
                 print_error(f"Profile '{prof}' validation failed - skipping")
-                
+
         if not valid_profiles:
             print_error("No valid profiles available for drift detection")
             return
-            
+
         # Create validator with terraform integration
-        validator = create_inventory_mcp_validator(
-            profiles=valid_profiles,
-            terraform_directory=terraform_dir
-        )
-        
+        validator = create_inventory_mcp_validator(profiles=valid_profiles, terraform_directory=terraform_dir)
+
         # Set custom threshold if provided
         validator.validation_threshold = threshold
-        
+
         console.print(f"[blue]🔍 Initializing drift detection...[/]")
         console.print(f"[dim]Terraform directory: {terraform_dir}[/]")
         console.print(f"[dim]Accuracy threshold: {threshold}%[/]")
-        
+
         # For demonstration, create mock inventory data
         # In practice, this would come from actual inventory collection
         mock_inventory = _create_mock_inventory_data(valid_profiles)
-        
+
         # Perform enhanced validation with drift detection
         validation_results = validator.validate_inventory_data(mock_inventory)
-        
+
         # Generate summary results
         overall_accuracy = validation_results.get("total_accuracy", 0)
         terraform_integration = validation_results.get("terraform_integration", {})
-        
+
         if validation_results.get("passed_validation", False):
             print_success(f"✅ Drift detection completed: {overall_accuracy:.1f}% accuracy")
         else:
             console.print(f"[yellow]🔄 Infrastructure drift detected: {overall_accuracy:.1f}% accuracy[/]")
-            
+
         # Display terraform integration status
         if terraform_integration.get("enabled", False):
             tf_files = terraform_integration.get("state_files_discovered", 0)
             print_info(f"Terraform integration: {tf_files} configuration files analyzed")
-            
+
             drift_analysis = terraform_integration.get("drift_analysis", {})
             if drift_analysis:
                 drift_pct = drift_analysis.get("drift_percentage", 0)
                 tf_coverage = drift_analysis.get("terraform_coverage_percentage", 0)
                 console.print(f"[dim]📊 {drift_pct:.1f}% of accounts have drift detected[/]")
                 console.print(f"[dim]🎯 {tf_coverage:.1f}% of accounts have terraform coverage[/]")
-        
+
         # Generate and export report if requested
         if output_file or report_format != "console":
             drift_report = generate_drift_report(valid_profiles, mock_inventory, terraform_dir)
-            
+
             if output_file:
                 _export_drift_report(drift_report, output_file, report_format)
                 print_success(f"Drift report exported to: {output_file}")
-                
+
         print_info("Drift detection analysis complete")
-        
+
     except Exception as e:
         print_error(f"Drift detection failed: {str(e)}")
         raise click.Abort()
 
 
 @drift.command("report")
-@click.option(
-    "--profile",
-    help="AWS profile to use for single-account analysis"
-)
+@click.option("--profile", help="AWS profile to use for single-account analysis")
 @click.option(
     "--terraform-dir",
     default="/Volumes/Working/1xOps/CloudOps-Runbooks/terraform-aws",
-    help="Path to terraform configuration directory"
+    help="Path to terraform configuration directory",
 )
 @click.option(
     "--format",
     "report_format",
     type=click.Choice(["json", "csv", "markdown"]),
     default="json",
-    help="Report output format"
+    help="Report output format",
 )
-@click.option(
-    "--output",
-    "output_file",
-    required=True,
-    help="Output file path for drift report"
-)
-def generate_report(
-    profile: Optional[str],
-    terraform_dir: str,
-    report_format: str,
-    output_file: str
-):
+@click.option("--output", "output_file", required=True, help="Output file path for drift report")
+def generate_report(profile: Optional[str], terraform_dir: str, report_format: str, output_file: str):
     """
     Generate comprehensive infrastructure drift report.
-    
+
     Creates detailed drift analysis report with actionable recommendations
     for infrastructure as code management and compliance.
     """
@@ -208,35 +178,35 @@ def generate_report(
         # Use default profile if none specified
         if not profile:
             profile = get_profile_for_operation("operational", None)
-            
+
         print_info(f"Generating drift report for profile: {profile}")
-        
+
         # Validate profile
         if not validate_profile_access(profile, "drift-reporting"):
             print_error(f"Profile '{profile}' validation failed")
             return
-            
+
         # Create mock inventory for demonstration
         mock_inventory = _create_mock_inventory_data([profile])
-        
+
         # Generate comprehensive drift report
         drift_report = generate_drift_report([profile], mock_inventory, terraform_dir)
-        
+
         # Export report
         _export_drift_report(drift_report, output_file, report_format)
-        
+
         print_success(f"Drift report generated: {output_file}")
-        
+
         # Display summary
         accounts_analyzed = drift_report.get("accounts_analyzed", 0)
         overall_accuracy = drift_report.get("overall_accuracy", 0)
         drift_detected = drift_report.get("drift_detected", False)
-        
+
         console.print(f"[dim]📊 Analysis Summary:[/]")
         console.print(f"[dim]  Accounts analyzed: {accounts_analyzed}[/]")
         console.print(f"[dim]  Overall accuracy: {overall_accuracy:.1f}%[/]")
         console.print(f"[dim]  Drift detected: {'Yes' if drift_detected else 'No'}[/]")
-        
+
     except Exception as e:
         print_error(f"Report generation failed: {str(e)}")
         raise click.Abort()
@@ -245,7 +215,7 @@ def generate_report(
 def _create_mock_inventory_data(profiles: List[str]) -> dict:
     """Create mock inventory data for demonstration purposes."""
     mock_data = {}
-    
+
     for profile in profiles:
         mock_data[profile] = {
             "resource_counts": {
@@ -258,12 +228,12 @@ def _create_mock_inventory_data(profiles: List[str]) -> dict:
                 "cloudformation": 4,
                 "elbv2": 1,
                 "route53": 2,
-                "sns": 3
+                "sns": 3,
             },
             "regions": ["us-east-1", "us-west-2", "ap-southeast-2"],
-            "collection_timestamp": "2024-09-10T12:00:00Z"
+            "collection_timestamp": "2024-09-10T12:00:00Z",
         }
-    
+
     return mock_data
 
 
@@ -271,50 +241,53 @@ def _export_drift_report(report_data: dict, output_file: str, format_type: str)
     """Export drift report to specified format."""
     import json
     from pathlib import Path
-    
+
     output_path = Path(output_file)
     output_path.parent.mkdir(parents=True, exist_ok=True)
-    
+
     if format_type == "json":
-        with open(output_path, 'w') as f:
+        with open(output_path, "w") as f:
             json.dump(report_data, f, indent=2, default=str)
     elif format_type == "csv":
         # Create CSV summary
         import csv
-        with open(output_path, 'w', newline='') as f:
+
+        with open(output_path, "w", newline="") as f:
             writer = csv.writer(f)
-            writer.writerow(['Account ID', 'Profile', 'Accuracy %', 'Drift Detected', 'Terraform Coverage'])
-            
+            writer.writerow(["Account ID", "Profile", "Accuracy %", "Drift Detected", "Terraform Coverage"])
+
             for account in report_data.get("detailed_analysis", []):
-                writer.writerow([
-                    account.get("account_id", "Unknown"),
-                    account.get("profile", "Unknown"),
-                    f"{account.get('accuracy_percent', 0):.1f}",
-                    "Yes" if account.get("drift_summary", {}).get("drift_detected", 0) > 0 else "No",
-                    "Yes" if account.get("terraform_coverage", False) else "No"
-                ])
+                writer.writerow(
+                    [
+                        account.get("account_id", "Unknown"),
+                        account.get("profile", "Unknown"),
+                        f"{account.get('accuracy_percent', 0):.1f}",
+                        "Yes" if account.get("drift_summary", {}).get("drift_detected", 0) > 0 else "No",
+                        "Yes" if account.get("terraform_coverage", False) else "No",
+                    ]
+                )
     elif format_type == "markdown":
         # Create markdown report
-        with open(output_path, 'w') as f:
+        with open(output_path, "w") as f:
             f.write("# Infrastructure Drift Analysis Report\n\n")
             f.write(f"**Generated:** {report_data.get('generated_timestamp', 'Unknown')}\n\n")
-            
+
             terraform_info = report_data.get("terraform_integration", {})
             f.write(f"**Terraform Integration:** {terraform_info.get('enabled', False)}\n")
             f.write(f"**State Files Discovered:** {terraform_info.get('state_files_discovered', 0)}\n\n")
-            
+
             f.write("## Summary\n\n")
             f.write(f"- **Accounts Analyzed:** {report_data.get('accounts_analyzed', 0)}\n")
             f.write(f"- **Overall Accuracy:** {report_data.get('overall_accuracy', 0):.1f}%\n")
             f.write(f"- **Drift Detected:** {'Yes' if report_data.get('drift_detected', False) else 'No'}\n\n")
-            
+
             f.write("## Detailed Analysis\n\n")
             for account in report_data.get("detailed_analysis", []):
                 f.write(f"### Account: {account.get('account_id', 'Unknown')}\n\n")
                 f.write(f"- **Profile:** {account.get('profile', 'Unknown')}\n")
                 f.write(f"- **Accuracy:** {account.get('accuracy_percent', 0):.1f}%\n")
                 f.write(f"- **Terraform Coverage:** {'Yes' if account.get('terraform_coverage', False) else 'No'}\n\n")
-                
+
                 recommendations = account.get("recommendations", [])
                 if recommendations:
                     f.write("**Recommendations:**\n")
@@ -324,4 +297,4 @@ def _export_drift_report(report_data: dict, output_file: str, format_type: str)
 
 
 if __name__ == "__main__":
-    drift()
+    drift()

runbooks/inventory/inventory_mcp_cli.py

@@ -25,22 +25,28 @@ from .mcp_inventory_validator import create_inventory_mcp_validator
 
 
 @click.command()
-@click.option('--profile', help='AWS profile name (takes precedence over environment variables)')
-@click.option('--resource-types', multiple=True, 
-              type=click.Choice(['ec2', 's3', 'rds', 'lambda', 'vpc', 'iam', 'cloudformation']),
-              default=['ec2', 's3', 'vpc'], 
-              help='Resource types to validate')
-@click.option('--test-mode', is_flag=True, default=True, 
-              help='Run in test mode with sample data')
-@click.option('--real-validation', is_flag=True, default=False,
-              help='Run validation against real AWS APIs (requires valid profiles)')
+@click.option("--profile", help="AWS profile name (takes precedence over environment variables)")
+@click.option(
+    "--resource-types",
+    multiple=True,
+    type=click.Choice(["ec2", "s3", "rds", "lambda", "vpc", "iam", "cloudformation"]),
+    default=["ec2", "s3", "vpc"],
+    help="Resource types to validate",
+)
+@click.option("--test-mode", is_flag=True, default=True, help="Run in test mode with sample data")
+@click.option(
+    "--real-validation",
+    is_flag=True,
+    default=False,
+    help="Run validation against real AWS APIs (requires valid profiles)",
+)
 def validate_inventory_mcp(profile: Optional[str], resource_types: List[str], test_mode: bool, real_validation: bool):
     """
     Test inventory MCP validation functionality.
-    
+
     This command demonstrates inventory MCP validation integration
     following proven enterprise patterns from FinOps module success.
-    
+
     Examples:
         runbooks inventory validate-mcp --profile my-profile --resource-types ec2,s3
         runbooks inventory validate-mcp --test-mode --resource-types ec2,vpc,rds
@@ -48,7 +54,9 @@ def validate_inventory_mcp(profile: Optional[str], resource_types: List[str], te
     """
     try:
         console.print(f"[blue]🔍 Inventory MCP Validation Test[/blue]")
-        console.print(f"[dim]Profile: {profile or 'environment fallback'} | Resources: {', '.join(resource_types)} | Test mode: {test_mode}[/dim]")
+        console.print(
+            f"[dim]Profile: {profile or 'environment fallback'} | Resources: {', '.join(resource_types)} | Test mode: {test_mode}[/dim]"
+        )
 
         # Apply profile priority system following proven patterns
         operational_profile = get_profile_for_operation("operational", profile)
@@ -61,7 +69,7 @@ def validate_inventory_mcp(profile: Optional[str], resource_types: List[str], te
         if test_mode and not real_validation:
             # Test mode: Use sample data to demonstrate validation
             print_info("Running test mode with sample inventory data")
-            
+
             # Create sample inventory data for testing
             sample_inventory = {
                 operational_profile: {
@@ -72,89 +80,83 @@ def validate_inventory_mcp(profile: Optional[str], resource_types: List[str], te
                         "lambda": 12,
                         "vpc": 4,
                         "iam": 25,
-                        "cloudformation": 6
+                        "cloudformation": 6,
                     },
-                    "regions": ["us-east-1", "us-west-2"]
+                    "regions": ["us-east-1", "us-west-2"],
                 }
             }
-            
+
             # Filter to requested resource types
             filtered_inventory = {
                 operational_profile: {
                     "resource_counts": {
-                        rt: sample_inventory[operational_profile]["resource_counts"].get(rt, 0)
-                        for rt in resource_types
+                        rt: sample_inventory[operational_profile]["resource_counts"].get(rt, 0) for rt in resource_types
                     },
-                    "regions": sample_inventory[operational_profile]["regions"]
+                    "regions": sample_inventory[operational_profile]["regions"],
                 }
             }
-            
-            print_info(f"Testing validation with sample resource counts: {filtered_inventory[operational_profile]['resource_counts']}")
-            
+
+            print_info(
+                f"Testing validation with sample resource counts: {filtered_inventory[operational_profile]['resource_counts']}"
+            )
+
             # Note: In test mode, this will compare sample data against real AWS APIs
             # This demonstrates the validation mechanism without requiring mock data
             validation_results = validator.validate_inventory_data(filtered_inventory)
-            
+
         elif real_validation:
             # Real validation mode: Requires actual inventory collection
             print_warning("Real validation mode requires actual inventory collection")
             print_info("This would typically be called from the main inventory collector")
-            
+
             # For demonstration, we'll validate empty inventory (should show 0 vs actual counts)
             empty_inventory = {
-                operational_profile: {
-                    "resource_counts": {rt: 0 for rt in resource_types},
-                    "regions": ["us-east-1"]
-                }
+                operational_profile: {"resource_counts": {rt: 0 for rt in resource_types}, "regions": ["us-east-1"]}
             }
-            
+
             print_info("Validating empty inventory against real AWS APIs (demonstrates detection capability)")
             validation_results = validator.validate_inventory_data(empty_inventory)
-            
+
         else:
             # Resource count validation only
             print_info("Running resource count validation test")
-            
-            sample_counts = {
-                "ec2": 10,
-                "s3": 5,
-                "vpc": 2
-            }
-            
+
+            sample_counts = {"ec2": 10, "s3": 5, "vpc": 2}
+
             # Filter to requested resource types
             test_counts = {rt: sample_counts.get(rt, 0) for rt in resource_types if rt in sample_counts}
-            
+
             validation_results = validator.validate_resource_counts(test_counts)
 
         # Display results summary
         console.print(f"\n[bright_cyan]📊 Validation Test Results Summary[/]")
-        
+
         if isinstance(validation_results, dict):
             if "total_accuracy" in validation_results:
                 accuracy = validation_results.get("total_accuracy", 0)
                 passed = validation_results.get("passed_validation", False)
-                
+
                 if passed:
                     print_success(f"✅ Test validation completed: {accuracy:.1f}% accuracy")
                 else:
                     print_warning(f"⚠️ Test validation: {accuracy:.1f}% accuracy (target: ≥99.5%)")
-                
+
                 profiles_validated = validation_results.get("profiles_validated", 0)
                 console.print(f"[dim]Profiles validated: {profiles_validated}[/dim]")
-                
+
                 # Show resource summary if available
                 resource_summary = validation_results.get("resource_validation_summary", {})
                 if resource_summary:
                     console.print(f"[dim]Resource types validated: {len(resource_summary)}[/dim]")
-                    
+
             elif "validated_count" in validation_results:
                 validated_count = validation_results.get("validated_count", 0)
                 passed_count = validation_results.get("passed_count", 0)
                 print_info(f"Resource count validation: {passed_count}/{validated_count} passed")
-                
+
             else:
                 print_info("Validation completed - see detailed output above")
-        
+
         # Integration guidance
         console.print(f"\n[bright_cyan]💡 Integration Information[/]")
         console.print(f"[dim]This MCP validator is automatically integrated into:[/dim]")
@@ -168,4 +170,4 @@ def validate_inventory_mcp(profile: Optional[str], resource_types: List[str], te
 
 
 if __name__ == "__main__":
-    validate_inventory_mcp()
+    validate_inventory_mcp()