RedHatInsights · joselsegura · Mar 17, 2026 · Mar 16, 2026 · Mar 16, 2026 · Mar 16, 2026
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
diff --git a/.github/workflows/linters.yaml b/.github/workflows/linters.yaml
@@ -0,0 +1,10 @@
+name: Linters
+
+on:
+  push:
+    branches: ["master"]
-  push:
-    branches: ["master"]
+  push:
+    branches: ["main"]
-  push:
-    branches: ["master"]
+  push:
+    branches: ["main"]
+  pull_request:
+
+jobs:
+  lint:
+    uses: RedHatInsights/processing-tools/.github/workflows/linters.yaml@v0.1.0
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,36 +1,56 @@
 exclude: "doc|research|demos"
 repos:
-- repo: https://github.com/psf/black
-  rev: 26.3.1
-  hooks:
-  - id: black
-    args: [--safe, --quiet, --line-length, "100"]
-    language_version: python3.11
-    require_serial: true
-- repo: https://github.com/pre-commit/pre-commit-hooks
-  rev: v6.0.0
-  hooks:
-  - id: trailing-whitespace
-    language_version: python3.11
-  - id: end-of-file-fixer
-    language_version: python3.11
-  - id: check-yaml
-    language_version: python3.11
-  - id: debug-statements
-    language_version: python3.11
-- repo: https://github.com/asottile/pyupgrade
-  rev: v3.21.2
-  hooks:
-  - id: pyupgrade
-    language_version: python3.11
-- repo: https://github.com/PyCQA/flake8
-  rev: 7.3.0
-  hooks:
-    - id: flake8
-      language_version: python3.11
-      args: [--extend-ignore=E501]
-- repo: https://gitlab.com/pycqa/pydocstyle
-  rev: 6.1.1
-  hooks:
-    - id: pydocstyle
-      language_version: python3.11
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v6.0.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+      - id: check-json
+      - id: check-toml
+      - id: check-yaml
+      - id: debug-statements
+      - id: mixed-line-ending
+      - id: check-ast
+      - id: check-merge-conflict
+      - id: check-added-large-files
+
+  - repo: https://github.com/shellcheck-py/shellcheck-py
+    rev: v0.11.0.1
+    hooks:
+      - id: shellcheck
+        # Exclude checks that are commonly problematic in organization scripts
+        # SC1090: Can't follow non-constant source (dynamic sourcing)
+        # SC2086: Double quote to prevent globbing (intentional word splitting)
+        # SC2034: Variable appears unused (used by sourced scripts)
+        # SC1091: Not following included files (dynamic includes)
+        args: ['--exclude=SC1090,SC2086,SC2034,SC1091']
+
+  - repo: https://github.com/golangci/golangci-lint
+    rev: v2.11.3
+    hooks:
+      - id: golangci-lint-config-verify
+      - id: golangci-lint-full
+
+  - repo: https://github.com/RedHatInsights/processing-tools
+    rev: v0.1.0
+    hooks:
+      - id: abcgo
+        args: ['--threshold=64']
+
+      - id: go-version-consistency
+
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.15.5
+    hooks:
+      # Adding a set of rules to ruff check to match pyupgrade rules
+      - id: ruff-check
+        args:
+          - '--fix'
+          - '--line-length=100'
+          - '--select=UP,F632,E,W,F,I,UP,N,B,C4,SIM,D'
+      - id: ruff-format
+
+  # - repo: https://github.com/AleksaC/hadolint-py
+  #   rev: v2.14.0
+  #   hooks:
+  #     - id: hadolint
diff --git a/ccx_upgrades_data_eng/auth.py b/ccx_upgrades_data_eng/auth.py
@@ -13,11 +13,11 @@
 logger = logging.getLogger(__name__)
 
 
-class SessionManagerException(Exception):
+class SessionManagerError(Exception):
     """An exception related to the initialization of the session manager."""
 
 
-class TokenException(Exception):
+class TokenError(Exception):
     """An exception related to the refreshment of the SSO token."""
 
 
@@ -40,7 +40,7 @@ def __init__(
         try:
             oidc_config = requests.get(oauth_config_uri, verify=self.verify).json()
         except Exception as ex:
-            raise SessionManagerException(
+            raise SessionManagerError(
                 f"Error getting the oauth config from the SSO server:\n{ex}"
             ) from ex
 
@@ -67,15 +67,15 @@ def refresh_token(self) -> str:
                 verify=self.verify,
             )
         except Exception as ex:
-            raise TokenException(f"Error refreshing the token:\n{ex}") from ex
+            raise TokenError(f"Error refreshing the token:\n{ex}") from ex
 
     def get_session(self) -> OAuth2Session:
         """Return the OauthSession2 after refreshing the auth token."""
         self.refresh_token()
         return self.session
 
 
-@lru_cache()
+@lru_cache
 def get_session_manager() -> Oauth2Manager:
     """Oauth2Manager cache."""
     settings = get_settings()

diff --git a/ccx_upgrades_data_eng/config.py b/ccx_upgrades_data_eng/config.py
@@ -2,6 +2,7 @@
 
 import logging
 from functools import lru_cache
+
 from pydantic import ValidationError
 from pydantic_settings import BaseSettings
 
@@ -44,7 +45,7 @@ class Settings(BaseSettings):
     cache_size: int = DEFAULT_CACHE_SIZE
 
 
-@lru_cache()
+@lru_cache
 def get_settings() -> Settings:
     """Create the Settings object for the cache."""
     try:

diff --git a/ccx_upgrades_data_eng/examples.py b/ccx_upgrades_data_eng/examples.py
@@ -18,11 +18,15 @@
 EXAMPLE_CONSOLE_URL = "https://console-openshift-console.some_url.com"
 
 URL_ALERT = (
-    EXAMPLE_CONSOLE_URL + "/monitoring/alerts?orderBy=asc&sortBy=Severity&alert-name=" + ALERT_NAME
+    EXAMPLE_CONSOLE_URL
+    + "/monitoring/alerts?orderBy=asc&sortBy=Severity&alert-name="
+    + ALERT_NAME
 )
 
 URL_OPERATOR_CONDITIONS = (
-    EXAMPLE_CONSOLE_URL + "/k8s/cluster/config.openshift.io~v1~ClusterOperator/" + FOC_NAME
+    EXAMPLE_CONSOLE_URL
+    + "/k8s/cluster/config.openshift.io~v1~ClusterOperator/"
+    + FOC_NAME
 )
 
 EXAMPLE_PREDICTORS = {

diff --git a/ccx_upgrades_data_eng/inference.py b/ccx_upgrades_data_eng/inference.py
@@ -1,16 +1,17 @@
 """Utils to interact with Inference service."""
 
 import logging
+from datetime import datetime, timezone
+
 import requests
-from fastapi import HTTPException
 from cachetools import cached
-from datetime import datetime, timezone
+from fastapi import HTTPException
 
 from ccx_upgrades_data_eng.config import get_settings
 from ccx_upgrades_data_eng.models import (
+    InferenceResponse,
     UpgradeApiResponse,
     UpgradeRisksPredictors,
-    InferenceResponse,
     UpgradeRisksPredictorsWithURLs,
 )
 from ccx_upgrades_data_eng.urls import fill_urls
@@ -41,7 +42,9 @@ def get_inference_for_predictors(
 
     response = UpgradeApiResponse(
         upgrade_recommended=calculate_upgrade_recommended(risks),
-        upgrade_risks_predictors=UpgradeRisksPredictorsWithURLs.model_validate(risks.model_dump()),
+        upgrade_risks_predictors=UpgradeRisksPredictorsWithURLs.model_validate(
+            risks.model_dump()
+        ),
         last_checked_at=datetime.now(tz=timezone.utc),
     )
     logger.debug("Inference response is: %s", response)

diff --git a/ccx_upgrades_data_eng/logging_utils.py b/ccx_upgrades_data_eng/logging_utils.py
@@ -12,14 +12,13 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-"""
-Utility functions to redirect logs to cloudwatch.
+"""Utility functions to redirect logs to cloudwatch."""
 
-Copied from https://github.com/RedHatInsights/insights-ccx-messaging/blob/main/ccx_messaging/utils/logging.py  # noqa: E501
-"""
+# Copied from https://github.com/RedHatInsights/insights-ccx-messaging/
+# blob/main/ccx_messaging/utils/logging.py
 
-import os
 import logging
+import os
 
 from boto3.session import Session
 from watchtower import CloudWatchLogHandler
@@ -35,6 +34,7 @@ def __new__(self):
             logging.NullHandler: if the hanlder couldn't be configured.
                 or
             watchtower.CloudWatchLogHandler: if it could be configured.
+
         """
         enabled = os.getenv("LOGGING_TO_CW_ENABLED", "False").lower()
         if enabled not in ("true", "1", "t", "yes"):
@@ -52,7 +52,7 @@ def __new__(self):
         missing_envs = list(
             filter(
                 lambda key: os.environ.get(key, "").strip() == "",
-                [key for key in aws_config_vars],
+                aws_config_vars,
             )
         )
 

diff --git a/ccx_upgrades_data_eng/main.py b/ccx_upgrades_data_eng/main.py
@@ -2,22 +2,24 @@
 
 import logging
 import os
+from contextlib import asynccontextmanager
 from uuid import UUID
 
 from fastapi import Depends, FastAPI, Request, status
 from fastapi.responses import JSONResponse
-from contextlib import asynccontextmanager
+from prometheus_fastapi_instrumentator import Instrumentator
 
+import ccx_upgrades_data_eng.metrics as metrics
 from ccx_upgrades_data_eng.auth import (
+    SessionManagerError,
+    TokenError,
     get_session_manager,
-    SessionManagerException,
-    TokenException,
 )
-from ccx_upgrades_data_eng.config import get_settings, Settings
+from ccx_upgrades_data_eng.config import Settings, get_settings
 from ccx_upgrades_data_eng.inference import get_filled_inference_for_predictors
 from ccx_upgrades_data_eng.models import (
-    ClustersList,
     ClusterPrediction,
+    ClustersList,
     MultiClusterUpgradeApiResponse,
     UpgradeApiResponse,
 )
@@ -26,14 +28,13 @@
     perform_rhobs_request_multi_cluster,
 )
 from ccx_upgrades_data_eng.sentry import init_sentry
-import ccx_upgrades_data_eng.metrics as metrics
-
-from prometheus_fastapi_instrumentator import Instrumentator
 from ccx_upgrades_data_eng.utils import get_retry_decorator
 
 logger = logging.getLogger(__name__)
 
-init_sentry(os.environ.get("SENTRY_DSN", None), None, os.environ.get("SENTRY_ENVIRONMENT", None))
+init_sentry(
+    os.environ.get("SENTRY_DSN", None), None, os.environ.get("SENTRY_ENVIRONMENT", None)
+)
 
 
 def create_lifespan_handler(instrumentator: Instrumentator):
@@ -77,13 +78,13 @@ async def refresh_sso_token(request: Request, call_next) -> JSONResponse:
     """Middleware to ensure SSO token is refreshed before processing the request."""
     try:
         await get_session_and_refresh_token()
-    except SessionManagerException as ex:
+    except SessionManagerError as ex:
         logger.error("Unable to initialize SSO session: %s", ex)
         return JSONResponse(
             "Unable to initialize SSO session",
             status_code=status.HTTP_503_SERVICE_UNAVAILABLE,
         )
-    except TokenException as ex:
+    except TokenError as ex:
         logger.error("Unable to update SSO token: %s", ex)
         return JSONResponse(
             "Unable to update SSO token",
@@ -92,15 +93,22 @@ async def refresh_sso_token(request: Request, call_next) -> JSONResponse:
     return await call_next(request)
 
 
-@app.get("/cluster/{cluster_id}/upgrade-risks-prediction", response_model=UpgradeApiResponse)
-async def upgrade_risks_prediction(cluster_id: UUID, settings: Settings = Depends(get_settings)):
+@app.get(
+    "/cluster/{cluster_id}/upgrade-risks-prediction", response_model=UpgradeApiResponse
+)
+async def upgrade_risks_prediction(
+    cluster_id: UUID,
+    settings: Settings = Depends(get_settings),  # noqa: B008
+):
     """Return the predition of an upgrade failure given a set of alerts and focs."""
     logger.info(f"Received cluster: {cluster_id}")
     logger.debug("Getting predictors from RHOBS")
     predictors, console_url = perform_rhobs_request(cluster_id)
 
     if console_url is None or console_url == "":
-        return JSONResponse("No data for this cluster", status_code=status.HTTP_404_NOT_FOUND)
+        return JSONResponse(
+            "No data for this cluster", status_code=status.HTTP_404_NOT_FOUND
+        )
 
     logger.debug("Getting inference result")
     inference_result = get_filled_inference_for_predictors(predictors, console_url)
@@ -113,16 +121,19 @@ async def upgrade_risks_prediction(cluster_id: UUID, settings: Settings = Depend
 
 @app.post("/upgrade-risks-prediction", response_model=MultiClusterUpgradeApiResponse)
 async def upgrade_risks_multi_cluster_predictions(
-    clusters_list: ClustersList, settings: Settings = Depends(get_settings)
+    clusters_list: ClustersList,
+    settings: Settings = Depends(get_settings),  # noqa: B008
 ):
     """Return the upgrade risks predictions for the provided clusters."""
     logger.info("Received clusters list: %s", clusters_list)
     logger.debug("Getting predictors from RHOBS or cache")
     predictors_per_cluster = perform_rhobs_request_multi_cluster(clusters_list.clusters)
 
-    results = list()
+    results = []
     for cluster, prediction in predictors_per_cluster.items():
-        inference_result = get_filled_inference_for_predictors(prediction[0], prediction[1])
+        inference_result = get_filled_inference_for_predictors(
+            prediction[0], prediction[1]
+        )
         results.append(
             ClusterPrediction(
                 cluster_id=str(cluster),

diff --git a/ccx_upgrades_data_eng/metrics.py b/ccx_upgrades_data_eng/metrics.py
@@ -38,7 +38,9 @@ def update_ccx_upgrades_prediction_total(response: UpgradeApiResponse):
 
 def update_ccx_upgrades_risks_total(response: UpgradeApiResponse):
     """Update CCX_UPGRADES_RISKS_TOTAL."""
-    CCX_UPGRADES_RISKS_TOTAL.labels("alerts").observe(len(response.upgrade_risks_predictors.alerts))
+    CCX_UPGRADES_RISKS_TOTAL.labels("alerts").observe(
+        len(response.upgrade_risks_predictors.alerts)
+    )
     CCX_UPGRADES_RISKS_TOTAL.labels("operator_conditions").observe(
         len(response.upgrade_risks_predictors.operator_conditions)
     )