def run(dry_run, thread_pool_size=10, internal=None, use_jump_host=True, defer=None): settings = queries.get_app_interface_settings() accounts = queries.get_aws_accounts() clusters = [c for c in queries.get_clusters(minimal=True) if c.get('ocm')] oc_map = OC_Map(clusters=clusters, integration=QONTRACT_INTEGRATION, settings=settings, internal=internal, use_jump_host=use_jump_host, thread_pool_size=thread_pool_size) defer(lambda: oc_map.cleanup()) state = State(integration=QONTRACT_INTEGRATION, accounts=accounts, settings=settings) if not dry_run: slack = init_slack_workspace(QONTRACT_INTEGRATION) now = datetime.utcnow() for cluster in oc_map.clusters(): oc = oc_map.get(cluster) if not oc: logging.log(level=oc.log_level, msg=oc.message) continue upgrade_config = oc.get(namespace='openshift-managed-upgrade-operator', kind='UpgradeConfig', name='osd-upgrade-config', allow_not_found=True) if not upgrade_config: logging.debug(f'[{cluster}] UpgradeConfig not found.') continue upgrade_spec = upgrade_config['spec'] upgrade_at = upgrade_spec['upgradeAt'] version = upgrade_spec['desired']['version'] upgrade_at_obj = datetime.strptime(upgrade_at, '%Y-%m-%dT%H:%M:%SZ') state_key = f'{cluster}-{upgrade_at}' # if this is the first iteration in which 'now' had passed # the upgrade at date time, we send a notification if upgrade_at_obj < now: if state.exists(state_key): # already notified continue logging.info(['cluster_upgrade', cluster]) if not dry_run: state.add(state_key) usergroup = f'{cluster}-cluster' usergroup_id = slack.get_usergroup_id(usergroup) slack.chat_post_message( f'Heads up <!subteam^{usergroup_id}>! ' + f'cluster `{cluster}` is currently ' + f'being upgraded to version `{version}`')
def fetch_desired_state(infer_clusters=True): gqlapi = gql.get_api() state = AggregatedList() roles = gqlapi.query(ROLES_QUERY)['roles'] for role in roles: permissions = list(filter( lambda p: p.get('service') in ['github-org', 'github-org-team'], role['permissions'] )) if not permissions: continue members = [] for user in role['users']: members.append(user['github_username']) for bot in role['bots']: if 'github_username' in bot: members.append(bot['github_username']) members = [m.lower() for m in members] for permission in permissions: if permission['service'] == 'github-org': state.add(permission, members) elif permission['service'] == 'github-org-team': state.add(permission, members) state.add({ 'service': 'github-org', 'org': permission['org'], }, members) if not infer_clusters: return state clusters = gqlapi.query(CLUSTERS_QUERY)['clusters'] settings = queries.get_app_interface_settings() oc_map = OC_Map(clusters=clusters, settings=settings) defer(lambda: oc_map.cleanup()) openshift_users_desired_state = \ openshift_users.fetch_desired_state(oc_map) for cluster in clusters: if not cluster['auth']: continue cluster_name = cluster['name'] members = [ou['user'].lower() for ou in openshift_users_desired_state if ou['cluster'] == cluster_name] state.add({ 'service': 'github-org', 'org': cluster['auth']['org'], }, members) if cluster['auth']['service'] == 'github-org-team': state.add({ 'service': 'github-org-team', 'org': cluster['auth']['org'], 'team': cluster['auth']['team'], }, members) return state