feat: migrate Tier 2 resources and fix 409 conflicts#533
Closed
michael-richey wants to merge 9 commits intomainfrom
Closed
feat: migrate Tier 2 resources and fix 409 conflicts#533michael-richey wants to merge 9 commits intomainfrom
michael-richey wants to merge 9 commits intomainfrom
Conversation
Migrate 3 complex resources that override map_existing_resources() with custom fetch/mapping logic while using the standardized _existing_resources_map dict. Migrated resources: - roles: override with get_destination_roles_mapping(), removed redundant re-fetch from pre_resource_action_hook (N+1 perf fix) - security_monitoring_rules: override with get_destination_rules(), removed side-effect dest fetch from get_resources() - team_memberships: override with composite team_id:user_id key, O(1) dict lookup replaces O(n) list scan Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…ables Resolve DRALLSTSBX-48: 409 Conflict errors during sync when destination already has a logs_metric or synthetics_global_variable with the same name/ID. synthetics_global_variables was already handled by the Tier 1 migration in the previous PR. This PR adds the same map_existing_resources support to logs_metrics — when a metric already exists at the destination, the CLI now updates it instead of attempting to create (which caused 409s). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…memberships The override was functionally identical to the base class default implementation. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
…tions The three built-in Datadog roles (Admin, Read Only, Standard) are reserved and cannot be created, updated, or deleted via the API. Previously, sync would fail with 400 errors when encountering these roles. Now they are silently skipped at import, sync, and cleanup time. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
The three built-in Datadog roles (Admin, Read Only, Standard) are reserved and cannot be created, updated, or deleted via the API. Previously, sync would fail with 400 errors when encountering these roles, which also caused TestCli cleanup to not run and left monitors on the destination org. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
3 tasks
Removing the filter() override from roles.py so that Datadog's 3 built-in roles (Admin, Read Only, Standard) flow through import and sync. The existing create_resource managed-role guard handles them without any API calls, but creates the source→dest ID mapping in destination state. This allows connect_id in users.py to correctly translate built-in role source IDs to destination IDs, fixing 404 errors when assigning users to roles. Also fix a pre-existing bug in update_user_roles where DeepDiff values_changed could produce a dict object as new_value instead of a string ID. Co-Authored-By: Claude Sonnet 4.6 (1M context) <noreply@anthropic.com>
Collaborator
Author
|
Superseded by #538 which splits code changes and cassettes into separate commits for reviewability. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
roles,security_monitoring_rules,team_memberships) tomap_existing_resourceslogs_metricsandsynthetics_global_variablesThese changes were originally in PRs #529 and #530 which were stacked on #528. PR #528 was squash-merged to main, but the stacked PRs only merged into their intermediate branches. This PR cherry-picks those missing commits onto main.
Test plan
map_existing_resourcescorrectlylogs_metrics🤖 Generated with Claude Code