Include KMS in ERv2

reconcile/external_resources/factories.py

@@ -41,13 +41,15 @@
 
 
 class ObjectFactory(Generic[T]):
-    def __init__(self) -> None:
-        self._factories: dict[str, T] = {}
-
-    def register_factory(self, id: str, t: T) -> None:
-        self._factories[id] = t
+    def __init__(
+        self, factories: dict[str, T], default_factory: T | None = None
+    ) -> None:
+        self._factories = factories
+        self._default_factory = default_factory
 
     def get_factory(self, id: str) -> T:
+        if id not in self._factories and self._default_factory:
+            return self._default_factory
         return self._factories[id]
 
 
@@ -94,15 +96,14 @@ def create_provision_data(
 def setup_aws_resource_factories(
     er_inventory: ExternalResourcesInventory, secret_reader: SecretReaderBase
 ) -> ObjectFactory[AWSResourceFactory]:
-    f = ObjectFactory[AWSResourceFactory]()
+    f = ObjectFactory[AWSResourceFactory](
+        default_factory=AWSDefaultResourceFactory(er_inventory, secret_reader)
+    )
     f.register_factory(
         "elasticache", AWSElasticacheFactory(er_inventory, secret_reader)
     )
     f.register_factory("rds", AWSRdsFactory(er_inventory, secret_reader))
     f.register_factory("msk", AWSMskFactory(er_inventory, secret_reader))
-    f.register_factory(
-        "default", AWSDefaultResourceFactory(er_inventory, secret_reader)
-    )
     return f
 
 

reconcile/external_resources/manager.py

@@ -55,24 +55,21 @@ def setup_factories(
 ) -> ObjectFactory[ExternalResourceFactory]:
     tf_factory = TerraformModuleProvisionDataFactory(settings=settings)
 
-    aws_provision_factories = ObjectFactory[ModuleProvisionDataFactory]()
-    aws_provision_factories.register_factory("terraform", tf_factory)
-    aws_provision_factories.register_factory("cdktf", tf_factory)
-
-    of = ObjectFactory[ExternalResourceFactory]()
-    of.register_factory(
-        "aws",
-        AWSExternalResourceFactory(
-            module_inventory=module_inventory,
-            er_inventory=er_inventory,
-            secret_reader=secret_reader,
-            provision_factories=aws_provision_factories,
-            resource_factories=setup_aws_resource_factories(
-                er_inventory, secret_reader
-            ),
-        ),
+    return ObjectFactory[ExternalResourceFactory](
+        factories={
+            "aws": AWSExternalResourceFactory(
+                module_inventory=module_inventory,
+                er_inventory=er_inventory,
+                secret_reader=secret_reader,
+                provision_factories=ObjectFactory[ModuleProvisionDataFactory](
+                    factories={"terraform": tf_factory, "cdktf": tf_factory}
+                ),
+                resource_factories=setup_aws_resource_factories(
+                    er_inventory, secret_reader
+                ),
+            )
+        }
     )
-    return of
 
 
 class ExternalResourceDryRunsValidator:

reconcile/external_resources/model.py

@@ -21,6 +21,7 @@
     ExternalResourcesModuleOverridesV1,
     NamespaceTerraformProviderResourceAWSV1,
     NamespaceTerraformResourceElastiCacheV1,
+    NamespaceTerraformResourceKMSV1,
     NamespaceTerraformResourceMskV1,
     NamespaceTerraformResourceRDSV1,
     NamespaceV1,
@@ -93,6 +94,7 @@ def state_path(self) -> str:
     NamespaceTerraformResourceRDSV1
     | NamespaceTerraformResourceMskV1
     | NamespaceTerraformResourceElastiCacheV1
+    | NamespaceTerraformResourceKMSV1
 )
 
 

reconcile/gql_definitions/external_resources/external_resources_namespaces.gql

@@ -215,6 +215,16 @@ query ExternalResourcesNamespaces {
                 overrides
                 output_resource_name
                 annotations
+                managed_by_erv2
+                delete
+                module_overrides {
+                  module_type
+                  image
+                  version
+                  reconcile_timeout_minutes
+                  outputs_secret_image
+                  outputs_secret_version
+                }
             }
             ... on NamespaceTerraformResourceElasticSearch_v1 {
                 region

reconcile/gql_definitions/external_resources/external_resources_namespaces.py

@@ -272,6 +272,16 @@
                 overrides
                 output_resource_name
                 annotations
+                managed_by_erv2
+                delete
+                module_overrides {
+                  module_type
+                  image
+                  version
+                  reconcile_timeout_minutes
+                  outputs_secret_image
+                  outputs_secret_version
+                }
             }
             ... on NamespaceTerraformResourceElasticSearch_v1 {
                 region
@@ -773,13 +783,25 @@ class NamespaceTerraformResourceCloudWatchV1(NamespaceTerraformResourceAWSV1):
     annotations: Optional[str] = Field(..., alias="annotations")
 
 
+class NamespaceTerraformResourceKMSV1_ExternalResourcesModuleOverridesV1(ConfiguredBaseModel):
+    module_type: Optional[str] = Field(..., alias="module_type")
+    image: Optional[str] = Field(..., alias="image")
+    version: Optional[str] = Field(..., alias="version")
+    reconcile_timeout_minutes: Optional[int] = Field(..., alias="reconcile_timeout_minutes")
+    outputs_secret_image: Optional[str] = Field(..., alias="outputs_secret_image")
+    outputs_secret_version: Optional[str] = Field(..., alias="outputs_secret_version")
+
+
 class NamespaceTerraformResourceKMSV1(NamespaceTerraformResourceAWSV1):
     region: Optional[str] = Field(..., alias="region")
     identifier: str = Field(..., alias="identifier")
     defaults: str = Field(..., alias="defaults")
     overrides: Optional[str] = Field(..., alias="overrides")
     output_resource_name: Optional[str] = Field(..., alias="output_resource_name")
     annotations: Optional[str] = Field(..., alias="annotations")
+    managed_by_erv2: Optional[bool] = Field(..., alias="managed_by_erv2")
+    delete: Optional[bool] = Field(..., alias="delete")
+    module_overrides: Optional[NamespaceTerraformResourceKMSV1_ExternalResourcesModuleOverridesV1] = Field(..., alias="module_overrides")
 
 
 class NamespaceTerraformResourceElasticSearchV1(NamespaceTerraformResourceAWSV1):
@@ -1044,7 +1066,7 @@ class NamespaceTerraformResourceMskV1(NamespaceTerraformResourceAWSV1):
 
 class NamespaceTerraformProviderResourceAWSV1(NamespaceExternalResourceV1):
     provisioner: AWSAccountV1 = Field(..., alias="provisioner")
-    resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceALBV1, NamespaceTerraformResourceS3V1, NamespaceTerraformResourceElastiCacheV1, NamespaceTerraformResourceASGV1, NamespaceTerraformResourceMskV1, NamespaceTerraformResourceRoleV1, NamespaceTerraformResourceSNSTopicV1, NamespaceTerraformResourceServiceAccountV1, NamespaceTerraformResourceS3SQSV1, NamespaceTerraformResourceCloudWatchV1, NamespaceTerraformResourceRosaAuthenticatorVPCEV1, NamespaceTerraformResourceS3CloudFrontV1, NamespaceTerraformResourceKMSV1, NamespaceTerraformResourceElasticSearchV1, NamespaceTerraformResourceACMV1, NamespaceTerraformResourceKinesisV1, NamespaceTerraformResourceRoute53ZoneV1, NamespaceTerraformResourceSQSV1, NamespaceTerraformResourceDynamoDBV1, NamespaceTerraformResourceECRV1, NamespaceTerraformResourceS3CloudFrontPublicKeyV1, NamespaceTerraformResourceSecretsManagerV1, NamespaceTerraformResourceSecretsManagerServiceAccountV1, NamespaceTerraformResourceAWSV1]] = Field(..., alias="resources")
+    resources: list[Union[NamespaceTerraformResourceRDSV1, NamespaceTerraformResourceRosaAuthenticatorV1, NamespaceTerraformResourceALBV1, NamespaceTerraformResourceS3V1, NamespaceTerraformResourceElastiCacheV1, NamespaceTerraformResourceASGV1, NamespaceTerraformResourceKMSV1, NamespaceTerraformResourceMskV1, NamespaceTerraformResourceRoleV1, NamespaceTerraformResourceSNSTopicV1, NamespaceTerraformResourceServiceAccountV1, NamespaceTerraformResourceS3SQSV1, NamespaceTerraformResourceCloudWatchV1, NamespaceTerraformResourceRosaAuthenticatorVPCEV1, NamespaceTerraformResourceS3CloudFrontV1, NamespaceTerraformResourceElasticSearchV1, NamespaceTerraformResourceACMV1, NamespaceTerraformResourceKinesisV1, NamespaceTerraformResourceRoute53ZoneV1, NamespaceTerraformResourceSQSV1, NamespaceTerraformResourceDynamoDBV1, NamespaceTerraformResourceECRV1, NamespaceTerraformResourceS3CloudFrontPublicKeyV1, NamespaceTerraformResourceSecretsManagerV1, NamespaceTerraformResourceSecretsManagerServiceAccountV1, NamespaceTerraformResourceAWSV1]] = Field(..., alias="resources")
 
 
 class EnvironmentV1(ConfiguredBaseModel):