chore: DBTP-1700 Deprecate cross_enviroment_service_access application property

dbt_platform_helper/providers/platform_config_schema.py

@@ -506,7 +506,9 @@ def _valid_s3_bucket_arn(key):
                         },
                         Optional("cross_environment_service_access"): {
                             PlatformConfigSchema.__valid_schema_key(): {
-                                "application": str,
+                                # Deprecated: We didn't implement cross application access, no service teams are asking for it.
+                                # application should be removed once we can confirm that no-one is using it.
+                                Optional("application"): str,
                                 "environment": PlatformConfigSchema.__valid_environment_name(),
                                 "account": str,
                                 "service": str,

tests/platform_helper/domain/test_copilot_environment.py

@@ -113,7 +113,6 @@ def s3_xenv_extensions(self):
                         "bucket_name": "x-acc-bucket",
                         "cross_environment_service_access": {
                             "test_access": {
-                                "application": "app2",
                                 "environment": "staging",
                                 "account": "123456789010",
                                 "service": "test_svc",
@@ -137,7 +136,6 @@ def s3_xenv_multiple_extensions(self):
                         "bucket_name": "x-acc-bucket-1",
                         "cross_environment_service_access": {
                             "test_access_1": {
-                                "application": "app1",
                                 "environment": "staging",
                                 "account": "123456789010",
                                 "service": "other_svc_1",
@@ -146,7 +144,6 @@ def s3_xenv_multiple_extensions(self):
                                 "cyber_sign_off_by": "[email protected]",
                             },
                             "test_access_2": {
-                                "application": "app2",
                                 "environment": "dev",
                                 "account": "123456789010",
                                 "service": "other_svc_2",
@@ -166,7 +163,6 @@ def s3_xenv_multiple_extensions(self):
                         "bucket_name": "x-acc-bucket-2",
                         "cross_environment_service_access": {
                             "test_access_3": {
-                                "application": "app2",
                                 "environment": "hotfix",
                                 "account": "987654321010",
                                 "service": "other_svc_2",
@@ -180,7 +176,6 @@ def s3_xenv_multiple_extensions(self):
                         "bucket_name": "x-acc-bucket-3",
                         "cross_environment_service_access": {
                             "test_access_4": {
-                                "application": "app2",
                                 "environment": "staging",
                                 "account": "123456789010",
                                 "service": "other_svc_3",
@@ -194,7 +189,6 @@ def s3_xenv_multiple_extensions(self):
                         "bucket_name": "x-acc-bucket-4",
                         "cross_environment_service_access": {
                             "test_access_5": {
-                                "application": "app2",
                                 "environment": "staging",
                                 "account": "123456789010",
                                 "service": "other_svc_4",

tests/platform_helper/utils/fixtures/addons_files/s3_addons.yml

@@ -55,11 +55,11 @@ my-s3-bucket-with-data-migration:
       bucket_name: s3-data-migration
       versioning: false
       data_migration:
-        import: 
+        import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
           worker_role_arn: arn:aws:iam::123456789012:role/test-role
-          
+
 my-s3-bucket-with-data-migration-import-sources:
   type: s3
   environments:
@@ -91,7 +91,6 @@ my-s3-cross-environment-service-access-bucket:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: prod
           account: test-account
           service: web

tests/platform_helper/utils/fixtures/addons_files/s3_addons_bad_data.yml

@@ -130,7 +130,7 @@ my-s3-bucket-data-migration-source-bucket-invalid-arn:
         import:
           source_bucket_arn: 1234abc
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
 
 my-s3-bucket-data-migration-source-kms-key-invalid-arn:
   type: s3
@@ -141,7 +141,7 @@ my-s3-bucket-data-migration-source-kms-key-invalid-arn:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: 1234abc
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
 
 my-s3-bucket-data-migration-worker-role-invalid-arn:
   type: s3
@@ -153,7 +153,7 @@ my-s3-bucket-data-migration-worker-role-invalid-arn:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
           worker_role_arn: 1234abc
-          
+
 my-s3-bucket-data-migration-import-sources-source-bucket-2-invalid-arn:
   type: s3
   environments:
@@ -167,7 +167,7 @@ my-s3-bucket-data-migration-import-sources-source-bucket-2-invalid-arn:
           - source_bucket_arn: arn:aws:s3:::valid-source-bucket-2
             source_kms_key_arn: arn:aws:kms::123456789012:key/test-key-3
             worker_role_arn: arn:aws:iam::123456789012:role/test-role-3
-            
+
 my-s3-bucket-data-migration-import-cannot-have-both-import-and-import-sources:
   type: s3
   environments:
@@ -195,7 +195,7 @@ my-s3-bucket-data-migration-import-sources-source-bucket-3-invalid-arn:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
         import_sources:
           - source_bucket_arn: arn:aws:s3:::valid-source-bucket-2
             source_kms_key_arn: arn:aws:kms::123456789012:key/test-key-2
@@ -213,7 +213,7 @@ my-s3-bucket-data-migration-import-sources-kms-key-invalid-arn:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
         import_sources:
           - source_bucket_arn: arn:aws:s3:::test-app-2
             source_kms_key_arn: 1234abc
@@ -228,7 +228,7 @@ my-s3-bucket-data-migration-import-sources-worker-role-invalid-arn:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
         import_sources:
           - source_bucket_arn: arn:aws:s3:::test-app-2
             source_kms_key_arn: arn:aws:kms::123456789012:key/test-key-2
@@ -243,7 +243,7 @@ my-s3-bucket-data-migration-import-sources-empty:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
         import_sources: []
 
 my-s3-bucket-data-migration-import-sources-missing-bucket-arn:
@@ -255,11 +255,11 @@ my-s3-bucket-data-migration-import-sources-missing-bucket-arn:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
         import_sources:
           - source_kms_key_arn: arn:aws:kms::123456789012:key/test-key-2
             worker_role_arn: arn:aws:iam::123456789012:role/test-role-2
-            
+
 my-s3-bucket-data-migration-import-sources-missing-worker-role-arn:
   type: s3
   environments:
@@ -269,10 +269,10 @@ my-s3-bucket-data-migration-import-sources-missing-worker-role-arn:
         import:
           source_bucket_arn: arn:aws:s3:::test-app
           source_kms_key_arn: arn:aws:kms::123456789012:key/test-key
-          worker_role_arn: arn:aws:iam::123456789012:role/test-role 
+          worker_role_arn: arn:aws:iam::123456789012:role/test-role
         import_sources:
           - source_kms_key_arn: arn:aws:kms::123456789012:key/test-key-2
-            source_bucket_arn: arn:aws:s3:::test-app-2              
+            source_bucket_arn: arn:aws:s3:::test-app-2
 
 my-s3-external-access-bucket-invalid-arn:
   type: s3
@@ -305,7 +305,6 @@ my-s3-cross-environment-service-access-bucket-invalid-environment:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: hyphen-not-allowed-in-environment
           account: test-account
           service: web
@@ -320,36 +319,20 @@ my-s3-cross-environment-service-access-bucket-invalid-email:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: anotherenvironment
           account: test-account
           service: web
           write: True
           read: True
           cyber_sign_off_by: noone-signed-this-off
 
-my-s3-cross-environment-service-access-bucket-missing-application:
-  type: s3
-  environments:
-    dev:
-      bucket_name: mandatory
-      cross_environment_service_access:
-        demodjango-hotfix:
-          environment: anotherenvironment
-          account: test-account
-          service: web
-          write: True
-          read: True
-          cyber_sign_off_by: [email protected]
-
 my-s3-cross-environment-service-access-bucket-missing-environment:
   type: s3
   environments:
     dev:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           account: test-account
           service: web
           write: True
@@ -363,7 +346,6 @@ my-s3-cross-environment-service-access-bucket-missing-account:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: anotherenvironment
           service: web
           write: True
@@ -377,7 +359,6 @@ my-s3-cross-environment-service-access-bucket-missing-service:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: anotherenvironment
           account: test-account
           write: True
@@ -391,7 +372,6 @@ my-s3-cross-environment-service-access-bucket-invalid-write:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: anotherenvironment
           account: test-account
           service: web
@@ -406,7 +386,6 @@ my-s3-cross-environment-service-access-bucket-invalid-read:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: anotherenvironment
           account: test-account
           service: web
@@ -421,7 +400,6 @@ my-s3-cross-environment-service-access-bucket-missing-cyber-sign-off:
       bucket_name: mandatory
       cross_environment_service_access:
         demodjango-hotfix:
-          application: test-app
           environment: anotherenvironment
           account: test-account
           service: web

tests/platform_helper/utils/test_validation.py

@@ -95,7 +95,6 @@ def test_validate_addons_success(addons_file):
                 "my-s3-external-access-bucket-invalid-email": r"cyber_sign_off_by must contain a valid DBT email address",
                 "my-s3-cross-environment-service-access-bucket-invalid-environment": r"Environment name hyphen-not-allowed-in-environment is invalid",
                 "my-s3-cross-environment-service-access-bucket-invalid-email": r"cyber_sign_off_by must contain a valid DBT email address",
-                "my-s3-cross-environment-service-access-bucket-missing-application": r"Missing key: 'application'",
                 "my-s3-cross-environment-service-access-bucket-missing-environment": r"Missing key: 'environment'",
                 "my-s3-cross-environment-service-access-bucket-missing-account": r"Missing key: 'account'",
                 "my-s3-cross-environment-service-access-bucket-missing-service": r"Missing key: 'service'",