runbooks 1.1.5__py3-none-any.whl → 1.1.7__py3-none-any.whl

runbooks/__init__.py

@@ -61,7 +61,7 @@ s3_ops = S3Operations()
 
 # Centralized Version Management - Single Source of Truth
 # All modules MUST import __version__ from this location
-__version__ = "1.1.5"
+__version__ = "1.1.7"
 
 # Fallback for legacy importlib.metadata usage during transition
 try:

runbooks/cli/commands/finops.py

@@ -14,8 +14,14 @@ import click
 # DRY Pattern Manager - eliminates duplication across CLI modules
 from runbooks.common.patterns import get_console, get_error_handlers, get_click_group_creator, get_common_decorators
 
-# Import common utilities and decorators
-from runbooks.common.decorators import common_aws_options
+# Import unified CLI decorators (v1.1.7 standardization)
+from runbooks.common.cli_decorators import (
+    common_aws_options,
+    common_output_options,
+    common_multi_account_options,
+    common_filter_options,
+    mcp_validation_option
+)
 
 # Single console instance shared across all modules (DRY principle)
 console = get_console()
@@ -47,9 +53,13 @@ def create_finops_group():
     """
 
     @click.group(invoke_without_command=True)
+    @common_filter_options
+    @common_multi_account_options
+    @common_output_options
     @common_aws_options
     @click.pass_context
-    def finops(ctx, profile, region, dry_run):
+    def finops(ctx, profile, region, dry_run, output_format, output_dir, export,
+               all_profiles, profiles, regions, all_regions, tags, accounts):
         """
         Financial operations and cost optimization for AWS resources.
 
@@ -64,13 +74,27 @@ def create_finops_group():
 
         Examples:
             runbooks finops dashboard --profile billing-profile
-            runbooks finops analyze --service ec2 --timeframe monthly
+            runbooks finops dashboard --all-profiles --timeframe monthly
+            runbooks finops dashboard --regions us-east-1 us-west-2
             runbooks finops export --format pdf --output-dir ./reports
         """
         # Ensure context object exists
         if ctx.obj is None:
             ctx.obj = {}
-        ctx.obj.update({"profile": profile, "region": region, "dry_run": dry_run})
+        ctx.obj.update({
+            "profile": profile,
+            "region": region,
+            "dry_run": dry_run,
+            "output_format": output_format,
+            "output_dir": output_dir,
+            "export": export,
+            "all_profiles": all_profiles,
+            "profiles": profiles,
+            "regions": regions,
+            "all_regions": all_regions,
+            "tags": tags,
+            "accounts": accounts
+        })
 
         if ctx.invoked_subcommand is None:
             click.echo(ctx.get_help())

runbooks/cli/commands/inventory.py

@@ -12,8 +12,14 @@ import click
 import os
 import sys
 
-# Import common utilities and decorators
-from runbooks.common.decorators import common_aws_options, common_output_options, common_filter_options
+# Import unified CLI decorators (v1.1.7 standardization)
+from runbooks.common.cli_decorators import (
+    common_aws_options,
+    common_output_options,
+    common_multi_account_options,
+    common_filter_options,
+    mcp_validation_option
+)
 
 # Test Mode Support: Disable Rich Console in test environments to prevent I/O conflicts
 # Issue: Rich Console writes to StringIO buffer that Click CliRunner closes, causing ValueError
@@ -60,11 +66,13 @@ def create_inventory_group():
     """
 
     @click.group(invoke_without_command=True)
-    @common_aws_options
-    @common_output_options
     @common_filter_options
+    @common_multi_account_options
+    @common_output_options
+    @common_aws_options
     @click.pass_context
-    def inventory(ctx, profile, region, dry_run, output_format, output_file, tags, accounts, regions):
+    def inventory(ctx, profile, region, dry_run, output_format, output_dir, export,
+                  all_profiles, profiles, regions, all_regions, tags, accounts):
         """
         Universal AWS resource discovery and inventory - works with ANY AWS environment.
 
@@ -95,10 +103,14 @@ def create_inventory_group():
                 "region": region,
                 "dry_run": dry_run,
                 "output_format": output_format,
-                "output_file": output_file,
+                "output_dir": output_dir,
+                "export": export,
+                "all_profiles": all_profiles,
+                "profiles": profiles,
+                "regions": regions,
+                "all_regions": all_regions,
                 "tags": tags,
                 "accounts": accounts,
-                "regions": regions,
             }
         )
 
@@ -106,7 +118,6 @@ def create_inventory_group():
             click.echo(ctx.get_help())
 
     @inventory.command()
-    @common_aws_options
     @click.option("--resources", "-r", multiple=True, help="Resource types (ec2, rds, lambda, s3, etc.)")
     @click.option("--all-resources", is_flag=True, help="Collect all resource types")
     @click.option("--all-profiles", is_flag=True, help="Collect from all organization accounts")
@@ -152,9 +163,6 @@ def create_inventory_group():
     @click.pass_context
     def collect(
         ctx,
-        profile,
-        region,
-        dry_run,
         resources,
         all_resources,
         all_profiles,
@@ -209,6 +217,11 @@ def create_inventory_group():
         try:
             from runbooks.inventory.core.collector import run_inventory_collection
 
+            # Access group-level AWS options from context (Bug #1 fix: profile override priority)
+            profile = ctx.obj.get('profile')
+            region = ctx.obj.get('region')
+            dry_run = ctx.obj.get('dry_run', False)
+
             # Enhanced context for inventory collection
             context_args = {
                 "profile": profile,
@@ -266,18 +279,27 @@ def create_inventory_group():
         help="Resource types to validate",
     )
     @click.option("--test-mode", is_flag=True, default=True, help="Run in test mode with sample data")
+    @click.option(
+        "--real-validation",
+        is_flag=True,
+        default=False,
+        help="Run validation against real AWS APIs (requires valid profiles)",
+    )
     @click.pass_context
-    def validate_mcp(ctx, resource_types, test_mode):
+    def validate_mcp(ctx, resource_types, test_mode, real_validation):
         """Test inventory MCP validation functionality."""
         try:
             from runbooks.inventory.mcp_inventory_validator import create_inventory_mcp_validator
             from runbooks.common.profile_utils import get_profile_for_operation
 
+            # Access profile from group-level context (Bug #3 fix: profile override support)
+            profile = ctx.obj.get('profile')
+
             console.print(f"[blue]🔍 Testing Inventory MCP Validation[/blue]")
-            console.print(f"[dim]Profile: {ctx.obj['profile']} | Resources: {', '.join(resource_types)}[/dim]")
+            console.print(f"[dim]Profile: {profile or 'environment fallback'} | Resources: {', '.join(resource_types)} | Test mode: {test_mode}[/dim]")
 
             # Initialize validator
-            operational_profile = get_profile_for_operation("operational", ctx.obj["profile"])
+            operational_profile = get_profile_for_operation("operational", profile)
             validator = create_inventory_mcp_validator([operational_profile])
 
             # Test with sample data
@@ -302,78 +324,9 @@ def create_inventory_group():
             console.print(f"[red]❌ MCP validation test failed: {e}[/red]")
             raise click.ClickException(str(e))
 
-    @inventory.command("rds-snapshots")
-    @common_aws_options
-    @click.option("--all", is_flag=True, help="Use all available AWS profiles for multi-account collection")
-    @click.option("--combine", is_flag=True, help="Combine results from the same AWS account")
-    @click.option(
-        "--export-format",
-        type=click.Choice(["json", "csv", "markdown", "table"]),
-        default="table",
-        help="Export format for results",
-    )
-    @click.option("--output-dir", default="./awso_evidence", help="Output directory for exports")
-    @click.option("--filter-account", help="Filter snapshots by specific account ID")
-    @click.option("--filter-status", help="Filter snapshots by status (available, creating, deleting)")
-    @click.option("--max-age-days", type=int, help="Filter snapshots older than specified days")
-    @click.pass_context
-    def discover_rds_snapshots(
-        ctx,
-        profile,
-        region,
-        dry_run,
-        all,
-        combine,
-        export_format,
-        output_dir,
-        filter_account,
-        filter_status,
-        max_age_days,
-    ):
-        """
-        🔍 Discover RDS snapshots using AWS Config organization-aggregator.
-
-        ✅ Enhanced Cross-Account Discovery:
-        - Leverages AWS Config organization-aggregator for cross-account access
-        - Multi-region discovery across 7 key AWS regions
-        - Intelligent Organizations detection with graceful standalone fallback
-        - Multi-format exports: JSON, CSV, Markdown, Table
-
-        Profile Priority: User > Environment > Default
-        Universal AWS compatibility with any profile configuration
-
-        Examples:
-            runbooks inventory rds-snapshots                              # Default profile
-            runbooks inventory rds-snapshots --profile org-profile        # Organizations profile
-            runbooks inventory rds-snapshots --all --combine              # Multi-account discovery
-            runbooks inventory rds-snapshots --filter-status available    # Filter by status
-            runbooks inventory rds-snapshots --max-age-days 30 --csv      # Recent snapshots
-        """
-        try:
-            from runbooks.inventory.rds_snapshots_discovery import run_rds_snapshots_discovery
-
-            # Enhanced context for RDS snapshots discovery
-            context_args = {
-                "profile": profile,
-                "region": region,
-                "dry_run": dry_run,
-                "all": all,
-                "combine": combine,
-                "export_format": export_format,
-                "output_dir": output_dir,
-                "filter_account": filter_account,
-                "filter_status": filter_status,
-                "max_age_days": max_age_days,
-            }
-
-            # Run RDS snapshots discovery
-            return run_rds_snapshots_discovery(**context_args)
-
-        except ImportError as e:
-            console.print(f"[red]❌ RDS snapshots discovery module not available: {e}[/red]")
-            raise click.ClickException("RDS snapshots discovery functionality not available")
-        except Exception as e:
-            console.print(f"[red]❌ RDS snapshots discovery failed: {e}[/red]")
-            raise click.ClickException(str(e))
+    # NOTE: rds-snapshots command removed in v1.1.6 (Bug #2 fix: phantom command elimination)
+    # Reason: Module rds_snapshots_discovery.py doesn't exist (was never implemented)
+    # Future work: Implement proper RDS snapshots discovery in v1.2.0
+    # See: artifacts/future-work/rds-snapshots-discovery-v1.2.0.md
 
     return inventory

runbooks/common/accuracy_validator.py

@@ -85,18 +85,12 @@ except ImportError:
     # Fallback implementation if FinOps not available
     FINOPS_INTEGRATION_AVAILABLE = False
 
-    class ValidationStatus(Enum):
-        PASSED = "PASSED"
-        FAILED = "FAILED"
-        WARNING = "WARNING"
-        ERROR = "ERROR"
-        IN_PROGRESS = "IN_PROGRESS"
-
-    class AccuracyLevel(Enum):
-        ENTERPRISE = 99.99
-        BUSINESS = 99.50
-        OPERATIONAL = 95.00
-        DEVELOPMENT = 90.00
+    # Import ValidationResult from mcp_validator which is the source of truth
+    from ..finops.mcp_validator import ValidationResult, ValidationStatus, AccuracyLevel
+
+    # Define AccuracyCrossValidator as None for compatibility
+    AccuracyCrossValidator = None
+    CrossValidationReport = None
 
 
 T = TypeVar("T")

runbooks/common/cli_decorators.py

@@ -193,3 +193,64 @@ def all_standard_options(f: Callable) -> Callable:
         return f(*args, **kwargs)
 
     return wrapper
+
+
+def common_multi_account_options(f: Callable) -> Callable:
+    """
+    Multi-account and multi-region AWS options for enterprise operations.
+
+    Provides:
+    - --all-profiles: Process all configured AWS profiles (multi-account)
+    - --profiles: [LEGACY] Specific profiles (use --all-profiles for all)
+    - --regions: Specific AWS regions (space-separated)
+    - --all-regions: Process all enabled AWS regions
+
+    Note: --profile is provided by common_aws_options decorator
+
+    Usage:
+        @common_multi_account_options
+        @common_aws_options
+        @click.command()
+        def my_command(profile, all_profiles, profiles, regions, all_regions, **kwargs):
+            # Multi-account command logic
+    """
+
+    @click.option('--all-profiles', is_flag=True, default=False,
+                  help='Process all configured AWS profiles (multi-account)')
+    @click.option('--profiles', type=str, multiple=True,
+                  help='[LEGACY] Specific profiles (use --all-profiles for all)')
+    @click.option('--regions', type=str, multiple=True,
+                  help='Specific AWS regions (space-separated)')
+    @click.option('--all-regions', is_flag=True, default=False,
+                  help='Process all enabled AWS regions')
+    @wraps(f)
+    def wrapper(*args, **kwargs):
+        return f(*args, **kwargs)
+
+    return wrapper
+
+
+def common_filter_options(f: Callable) -> Callable:
+    """
+    Common filtering options for resource discovery.
+
+    Provides:
+    - --tags: Filter by tags (key=value format)
+    - --accounts: Filter by specific account IDs
+
+    Usage:
+        @common_filter_options
+        @click.command()
+        def my_command(tags, accounts, **kwargs):
+            # Filtering logic
+    """
+
+    @click.option('--tags', type=str, multiple=True,
+                  help='Filter by tags (key=value format)')
+    @click.option('--accounts', type=str, multiple=True,
+                  help='Filter by specific account IDs')
+    @wraps(f)
+    def wrapper(*args, **kwargs):
+        return f(*args, **kwargs)
+
+    return wrapper

runbooks/common/mcp_integration.py

@@ -457,6 +457,9 @@ class EnterpriseMCPIntegrator:
 
             ec2_client = ops_session.client("ec2")
 
+            # Track validation results for accuracy calculation
+            validation_results = []
+
             with Progress(
                 SpinnerColumn(),
                 TextColumn("[progress.description]{task.description}"),
@@ -468,10 +471,12 @@ class EnterpriseMCPIntegrator:
                 task = progress.add_task("Cross-validating VPC data with AWS APIs...", total=100)
 
                 # Cross-validate VPC discovery
-                await self._validate_vpc_discovery(ec2_client, vpc_data, progress, task)
+                vpc_discovery_result = await self._validate_vpc_discovery(ec2_client, vpc_data, progress, task)
+                validation_results.append(vpc_discovery_result)
 
                 # Validate VPC dependencies (ENIs, subnets, etc.)
-                await self._validate_vpc_dependencies(ec2_client, vpc_data, progress, task)
+                vpc_dependency_result = await self._validate_vpc_dependencies(ec2_client, vpc_data, progress, task)
+                validation_results.append(vpc_dependency_result)
 
                 # Validate cost data if available
                 if "cost_data" in vpc_data:
@@ -482,19 +487,27 @@ class EnterpriseMCPIntegrator:
 
                 progress.update(task, completed=100)
 
-            result.success = True
-            result.accuracy_score = 99.8  # High consistency for direct AWS API comparison
+            # Calculate real accuracy from validation results
+            total_validations = sum(r["total"] for r in validation_results)
+            successful_validations = sum(r["validated"] for r in validation_results)
+            calculated_accuracy = (successful_validations / total_validations * 100) if total_validations > 0 else 0.0
+
+            result.success = calculated_accuracy >= 99.5  # Success only if meets threshold
+            result.accuracy_score = calculated_accuracy  # Real calculated value, not hardcoded
             result.total_resources_validated = len(vpc_data.get("vpc_candidates", []))
             result.performance_metrics = {
                 "validation_time_seconds": time.time() - start_time,
                 "vpc_discovery_validated": True,
                 "dependency_analysis_validated": True,
+                "total_validations": total_validations,
+                "successful_validations": successful_validations,
             }
 
-            print_success(f"VPC MCP validation complete: {result.accuracy_score}% accuracy")
+            print_success(f"VPC MCP validation complete: {result.accuracy_score:.1f}% accuracy")
 
         except Exception as e:
             result.success = False
+            result.accuracy_score = 0.0  # Honest failure - no optimistic defaults
             result.error_details = [str(e)]
             print_error(f"VPC MCP validation failed: {str(e)}")
 
@@ -635,7 +648,7 @@ class EnterpriseMCPIntegrator:
         except Exception as e:
             print_warning(f"Cost validation error: {str(e)[:50]}...")
 
-    async def _validate_vpc_discovery(self, ec2_client, vpc_data: Dict, progress, task) -> None:
+    async def _validate_vpc_discovery(self, ec2_client, vpc_data: Dict, progress, task) -> Dict[str, Any]:
         """Validate VPC discovery against AWS EC2 API."""
         try:
             # Get actual VPCs from AWS
@@ -663,14 +676,23 @@ class EnterpriseMCPIntegrator:
 
             print_info(f"VPC Discovery Validation: {validated_vpcs} validated out of {vpc_count_match} actual VPCs")
 
+            # Return validation results for accuracy calculation
+            return {
+                "total": vpc_count_match,
+                "validated": validated_vpcs,
+                "accuracy": (validated_vpcs / vpc_count_match * 100) if vpc_count_match > 0 else 0.0
+            }
+
         except Exception as e:
             print_warning(f"VPC discovery validation error: {str(e)[:50]}...")
+            return {"total": 0, "validated": 0, "accuracy": 0.0}
 
-    async def _validate_vpc_dependencies(self, ec2_client, vpc_data: Dict, progress, task) -> None:
+    async def _validate_vpc_dependencies(self, ec2_client, vpc_data: Dict, progress, task) -> Dict[str, Any]:
         """Validate VPC dependency counts (ENIs, subnets, etc.)."""
         try:
             vpc_candidates = vpc_data.get("vpc_candidates", [])
             validated_count = 0
+            total_checked = 0
 
             for candidate in vpc_candidates[:5]:  # Sample validation for performance
                 vpc_id = (
@@ -680,6 +702,7 @@ class EnterpriseMCPIntegrator:
                 )
 
                 if vpc_id:
+                    total_checked += 1
                     # Cross-validate ENI count (critical for safety)
                     eni_response = ec2_client.describe_network_interfaces(
                         Filters=[{"Name": "vpc-id", "Values": [vpc_id]}]
@@ -697,8 +720,16 @@ class EnterpriseMCPIntegrator:
 
             progress.update(task, advance=30, description=f"Validated dependencies for {validated_count} VPCs...")
 
+            # Return validation results for accuracy calculation
+            return {
+                "total": total_checked,
+                "validated": validated_count,
+                "accuracy": (validated_count / total_checked * 100) if total_checked > 0 else 0.0
+            }
+
         except Exception as e:
             print_warning(f"VPC dependency validation error: {str(e)[:50]}...")
+            return {"total": 0, "validated": 0, "accuracy": 0.0}
 
     async def _validate_vpc_cost_data(self, cost_client, vpc_data: Dict, progress, task) -> None:
         """Validate VPC cost data using Cost Explorer API."""

runbooks/common/rich_utils.py

@@ -50,27 +50,76 @@ USE_RICH = os.getenv("RUNBOOKS_TEST_MODE") != "1"
 
 if USE_RICH:
     from rich.console import Console as RichConsole
+    from rich.progress import Progress as RichProgress
 
     Console = RichConsole
     Table = RichTable
+    Progress = RichProgress
 else:
     # Mock Rich Console for testing - plain text output compatible with Click CliRunner
     class MockConsole:
         """Mock console that prints to stdout without Rich formatting."""
 
+        def __init__(self, **kwargs):
+            """Initialize mock console - ignore all kwargs for compatibility."""
+            self._capture_buffer = None
+
         def print(self, *args, **kwargs):
-            """Mock print that outputs plain text to stdout."""
+            """
+            Mock print that outputs plain text to stdout.
+
+            Accepts all Rich Console.print() parameters but ignores styling.
+            Compatible with Click CliRunner's StringIO buffer management.
+            """
+            # Ignore all kwargs (style, highlight, etc.) - test mode doesn't need them
             if args:
                 # Extract text content from Rich markup if present
                 text = str(args[0]) if args else ""
                 # Remove Rich markup tags for plain output
                 text = re.sub(r"\[.*?\]", "", text)
-                print(text, file=sys.stdout)
+
+                # If capturing, append to buffer instead of printing
+                if self._capture_buffer is not None:
+                    self._capture_buffer.append(text)
+                else:
+                    # Use print() to stdout - avoid sys.stdout.write() which causes I/O errors
+                    # DO NOT use file= parameter or flush= parameter with Click CliRunner
+                    print(text)
+
+        def log(self, *args, **kwargs):
+            """Mock log method - same as print for testing compatibility."""
+            self.print(*args, **kwargs)
+
+        def capture(self):
+            """
+            Mock capture context manager for testing.
+
+            Returns a context manager that captures console output to a buffer
+            instead of printing to stdout. Compatible with Rich Console.capture() API.
+            """
+            class MockCapture:
+                def __init__(self, console):
+                    self.console = console
+                    self.buffer = []
+
+                def __enter__(self):
+                    self.console._capture_buffer = self.buffer
+                    return self
+
+                def __exit__(self, *args):
+                    self.console._capture_buffer = None
+
+                def get(self):
+                    """Return captured output as string."""
+                    return "\n".join(self.buffer)
+
+            return MockCapture(self)
 
         def __enter__(self):
             return self
 
         def __exit__(self, *args):
+            # CRITICAL: Don't close anything - let Click CliRunner manage streams
             pass
 
     class MockTable:
@@ -87,8 +136,70 @@ else:
         def add_row(self, *args):
             self.rows.append(args)
 
+    class MockProgress:
+        """
+        Mock Progress for testing - prevents I/O conflicts with Click CliRunner.
+
+        Provides complete Rich.Progress API compatibility without any stream operations
+        that could interfere with Click's StringIO buffer management.
+        """
+
+        def __init__(self, *columns, **kwargs):
+            """Initialize mock progress - ignore all kwargs for test compatibility."""
+            self.columns = columns
+            self.kwargs = kwargs
+            self.tasks = {}
+            self.task_counter = 0
+            self._started = False
+
+        def add_task(self, description, total=None, **kwargs):
+            """Add a mock task and return task ID."""
+            task_id = self.task_counter
+            self.tasks[task_id] = {
+                "description": description,
+                "total": total,
+                "completed": 0,
+                "kwargs": kwargs
+            }
+            self.task_counter += 1
+            return task_id
+
+        def update(self, task_id, **kwargs):
+            """Update mock task progress."""
+            if task_id in self.tasks:
+                self.tasks[task_id].update(kwargs)
+
+        def start(self):
+            """Mock start method - no-op for test safety."""
+            self._started = True
+            return self
+
+        def stop(self):
+            """Mock stop method - CRITICAL: no stream operations."""
+            self._started = False
+            # IMPORTANT: Do NOT close any streams or file handles
+            # Click CliRunner manages its own StringIO lifecycle
+
+        def __enter__(self):
+            """Context manager entry - start progress."""
+            self.start()
+            return self
+
+        def __exit__(self, *args):
+            """
+            Context manager exit - stop progress WITHOUT stream closure.
+
+            CRITICAL: This method must NOT perform any file operations that could
+            close Click CliRunner's StringIO buffer. The stop() method is intentionally
+            a no-op to prevent "ValueError: I/O operation on closed file" errors.
+            """
+            self.stop()
+            # Explicitly return None to allow exception propagation
+            return None
+
     Console = MockConsole
     Table = MockTable
+    Progress = MockProgress
 
 # CloudOps Custom Theme
 CLOUDOPS_THEME = Theme(
@@ -917,6 +1028,9 @@ __all__ = [
     "CLOUDOPS_THEME",
     "STATUS_INDICATORS",
     "console",
+    "Console",
+    "Progress",
+    "Table",
     "get_console",
     "get_context_aware_console",
     "print_header",

runbooks/inventory/CLAUDE.md

@@ -309,7 +309,7 @@ three_mode_validation:
 ```
 
 ### MCP Validation Protocols ✨ **100% ACCURACY ACHIEVED**
-**AWS MCP Server Integration (Proven FinOps Pattern)**:
+**AWS MCP Server Integration (Proven Enterprise Direct Function Testing Pattern)**:
 
 ```yaml
 mcp_validation_framework:

runbooks/inventory/aws_decorators.py

@@ -84,9 +84,8 @@ import functools
 import time
 from typing import Any, Callable
 
-from colorama import Fore, init
+from runbooks.common.rich_utils import console
 
-init()
 
 
 def timer(to_time_or_not: bool = False) -> Callable:
@@ -191,7 +190,7 @@ def timer(to_time_or_not: bool = False) -> Callable:
             # Display timing information if enabled with colorized output
             if to_time_or_not:
                 print()
-                print(f"{Fore.GREEN}Finished function {func.__name__!r} in {run_time:.4f} seconds{Fore.RESET}")
+                print(f"[green]Finished function {func.__name__!r} in {run_time:.4f} seconds")
                 print()
 
             return value