Coverage for gco / stacks / constants.py: 100%

17 statements  

« prev     ^ index     » next       coverage.py v7.13.5, created at 2026-04-30 21:47 +0000

1"""Pinned version constants for GCO infrastructure. 

2 

3Single source of truth for all version-pinned infrastructure components. 

4Centralising these makes it easy to: 

5 

61. See every pinned version at a glance 

72. Update versions in one place 

83. Let the dependency scanner (`.github/scripts/dependency-scan.sh`) 

9 find them with a simple import instead of regex scraping 

104. Write tests that assert versions haven't drifted 

11 

12When updating a version here, also check: 

13- ``lambda/helm-installer/charts.yaml`` for Helm chart versions 

14- ``requirements-lock.txt`` for Python dependency versions 

15- ``cdk.json`` context for ``kubernetes_version`` 

16 

17The dependency scanner runs monthly and opens an issue when any of 

18these fall behind the latest available release. 

19""" 

20 

21from __future__ import annotations 

22 

23# --------------------------------------------------------------------------- 

24# Lambda Runtime 

25# --------------------------------------------------------------------------- 

26# All Lambda functions in GCO use the same Python runtime. Changing this 

27# single constant updates every function across all stacks. 

28LAMBDA_PYTHON_RUNTIME = "PYTHON_3_14" 

29"""CDK enum name for the Lambda runtime (e.g. ``lambda_.Runtime.PYTHON_3_14``).""" 

30 

31# --------------------------------------------------------------------------- 

32# EKS Add-on Versions 

33# --------------------------------------------------------------------------- 

34# Pinned to specific eksbuild versions for reproducible deployments. 

35# The dependency scanner checks ``aws eks describe-addon-versions`` monthly 

36# and opens an issue when newer builds are available. 

37 

38EKS_ADDON_POD_IDENTITY_AGENT = "v1.3.10-eksbuild.3" 

39"""EKS Pod Identity Agent — enables IRSA and Pod Identity for service accounts.""" 

40 

41EKS_ADDON_METRICS_SERVER = "v0.8.1-eksbuild.6" 

42"""Kubernetes Metrics Server — provides CPU/memory metrics for HPA and ``kubectl top``.""" 

43 

44EKS_ADDON_EFS_CSI_DRIVER = "v3.0.1-eksbuild.1" 

45"""Amazon EFS CSI Driver — mounts EFS file systems as Kubernetes persistent volumes.""" 

46 

47EKS_ADDON_CLOUDWATCH_OBSERVABILITY = "v5.3.1-eksbuild.1" 

48"""Amazon CloudWatch Observability — Container Insights, Prometheus metrics, FluentBit logs.""" 

49 

50EKS_ADDON_FSX_CSI_DRIVER = "v1.8.0-eksbuild.2" 

51"""Amazon FSx CSI Driver — mounts FSx for Lustre file systems as Kubernetes persistent volumes.""" 

52 

53# --------------------------------------------------------------------------- 

54# Aurora PostgreSQL Engine Version 

55# --------------------------------------------------------------------------- 

56# Pinned to a specific minor version. The dependency scanner checks 

57# ``aws rds describe-db-engine-versions`` monthly for newer releases 

58# within the same major line. 

59 

60AURORA_POSTGRES_VERSION = "VER_17_9" 

61"""CDK enum name for the Aurora PostgreSQL engine version (e.g. ``rds.AuroraPostgresEngineVersion.VER_17_9``).""" 

62 

63AURORA_POSTGRES_VERSION_DISPLAY = "17.9" 

64"""Human-readable version string for documentation and logging."""