The query to find portfolios that are pending provisioning is updated to
check for:
- a period of performance that has started
- a portfolio state machine that has an UNSTARTED or one of the CREATED
states
I left several TODOs to ensure that the orchestration functions
correctly for portfolio.
Like claim_for_update, the claim_many_for_update claims resources with
an expiring lock. This was written to allow the updating of multiple
application roles with a single cloud_id, since multiple application
roles will map to a single Azure Active Directory user.
Adds cloud_id and claimed_until columns to the application_roles table
so that rows can be locked when they're being processed and updated with
relevant Azure information when processing is finished. Since the
claimed_until column is now common to a few different models, I've also
moved it to a mixin.
Currently the create call will be consumed by on-demand requests from the frontend, and the 2 stage create will be used by the enviroment management group provisioning to verify an initial subscription was created.
The tenant ID should be hashed and used as the key for the JSON blob of
relevant creds for any given tenant. Azure CSP interface methods that
need to source creds should call the internal `_source_creds` method,
either with a `tenant_id` or no parameters. That method will source the
creds. If a tenant ID is provided, it will source them from the Key
Vault. If not provided, it will return the default creds for the app
registration in the home tenant.
Having `get_stage_csp_class` in the csp module meant that any file that interacted with that import path would throw an error in a REPL. This will allow importing of the Azure and Mock providers for interactive dev.
We don't know yet how useful the job failue tables will be, and
maintaining multiple failure tables--one for every entity involved in
CSP provisioning--is burdensome. This collapses them all into a single
table that track the entity type (environment, portfolio, etc.) and the
entity ID. That way we can construct queries when needed to find task
results.
Adds a method to the Applications domain class that can return a list of
UUIDs for applications that are ready to be provisioned. It requires
that:
- the associated portfolio and state machine have a state of COMPLETED
- the application not have been marked deleted
- the application not have an existing cloud_id
- the application does not have an existing claim on it
This is leftover from a previous iteration of ATAT where inviting a user
to a portfolio would create a pending entry in the users table. This is
no longer used.
This commit removes properties that weren't be used anywhere in the code
base. It also refactors two properties to use sum() with a generator
comprehension instead of a for loop.
Also removes the clock class.
Makes PoP date ranges inclusive such that a task order with:
- a start date on or after the current date
and
- an end date on or before the current date
should be considered valid.
This commit also removes the Clock class. This class had two methods as
shortcuts for common uses of pendlum functions. But it wasn't being used
in very many places, and it took up about the same space as
from pendulum import today()
...
today(tz="UTC").date()
If we want to add this back in, it might be a good idea to extend it for
other time functions we have sprinkled around, like the random date
functions in our tests
