introduces dynamic service_account emails read from the group's orchestration files

2026-06-13 05:58:35 +03:00 · 2025-02-11 22:50:00 +00:00
parent 0834f55520
commit 17b3705b64
12 changed files with 88 additions and 15 deletions
--- a/app/shared/db/models.py
+++ b/app/shared/db/models.py
@@ -87,6 +87,7 @@ class Group(Base):
    orchestrator = Column(String, default=None)
    orchestrator_sheet = Column(String, default=None)
    permissions = Column(JSON, default={})
+    service_account_email = Column(String, default=None)
    domains = Column(JSON, default=[])

    archives = relationship("Archive", back_populates="group")
--- a/app/shared/settings.py
+++ b/app/shared/settings.py
@@ -33,11 +33,12 @@ class Settings(BaseSettings):

    # redis
    REDIS_PASSWORD: str = ""
+    REDIS_HOSTNAME: str = "localhost"
    @property
    def CELERY_BROKER_URL(self)-> str:
        if self.REDIS_PASSWORD:
-            return f"redis://:{self.REDIS_PASSWORD}@localhost:6379"
-        return "redis://localhost:6379"
+            return f"redis://:{self.REDIS_PASSWORD}@{self.REDIS_HOSTNAME}:6379"
+        return f"redis://{self.REDIS_HOSTNAME}:6379"
    REDIS_EXCEPTIONS_CHANNEL: str = "exceptions-channel"
    
 	# observability
--- a/app/shared/task_messaging.py
+++ b/app/shared/task_messaging.py
@@ -15,6 +15,4 @@ def get_celery(name:str="") -> Celery:


 def get_redis() -> redis.Redis:
-    from loguru import logger
-    logger.debug(get_settings().CELERY_BROKER_URL)
    return redis.Redis.from_url(get_settings().CELERY_BROKER_URL)
--- a/app/shared/user_groups.py
+++ b/app/shared/user_groups.py
@@ -1,7 +1,8 @@
+import json
 import os
 import yaml
 from loguru import logger
-from pydantic import BaseModel, field_validator, Field, model_validator
+from pydantic import BaseModel, computed_field, field_validator, Field, model_validator
 from typing import Dict, List, Set
 from typing_extensions import Self

@@ -74,11 +75,39 @@ class GroupModel(BaseModel):
    permissions: GroupPermissions

    @field_validator('orchestrator', 'orchestrator_sheet', mode='before')
-    def validate_priority(cls, v):
+    def validate_orchestrator(cls, v):
        if not os.path.exists(v):
            raise ValueError(f"Orchestrator file not found with this path: {v}")
        return v

+    @computed_field
+    @property
+    def service_account_email(self) -> str:
+        if hasattr(self, "_service_account_email"):
+            return self._service_account_email
+        orch = yaml.safe_load(open(self.orchestrator_sheet))
+
+        def find_service_account_email(d):
+            for k, v in d.items():
+                if k == "service_account":
+                    return v
+                if isinstance(v, dict):
+                    if result := find_service_account_email(v):
+                        return result
+            return False
+
+        service_account_json = find_service_account_email(orch)
+        if not service_account_json:
+            raise ValueError(f"service_account key not found in orchestrator sheet file: {self.orchestrator_sheet}.")
+
+        with open(service_account_json) as f:
+            self._service_account_email = json.load(f).get("client_email")
+
+        if not self._service_account_email:
+            raise ValueError(f"Service account email not found in {service_account_json}.")
+
+        return self._service_account_email
+

 class UserGroupModel(BaseModel):
    users: Dict[str, List[str]] = Field(default_factory=dict)
@@ -137,4 +166,4 @@ class UserGroupModel(BaseModel):

 class GroupInfo(GroupPermissions):
    description: str = ""
-    service_account_emails: list[str] = []
+    service_account_email: str = ""