Add ``kv_mountpoint`` to plugin configuration

Use bus for auto-loading charm modules instead of import.
This commit is contained in:
Frode Nordahl 2018-10-19 10:08:03 +02:00
parent c7ea27cde7
commit 449b85d0b5
No known key found for this signature in database
GPG Key ID: 6A5D59A3BA48373F
3 changed files with 26 additions and 15 deletions

View File

@ -21,3 +21,8 @@ class BarbicanVaultCharm(charms_openstack.charm.OpenStackCharm):
packages = ['python-castellan']
adapters_class = charms_openstack.adapters.OpenStackRelationAdapters
@property
def secret_backend_name(self):
"""Build secret backend name from name of the deployed charm."""
return 'charm-' + self.configuration_class().application_name

View File

@ -16,11 +16,10 @@ import charmhelpers.core as ch_core
import charms.reactive as reactive
import charms_openstack.bus
import charms_openstack.charm as charm
# The charm class is not used by any handlers, but the import needs to be here
# for ``charms.openstack`` to find the charm instance.
import charm.openstack.barbican_vault as barbican_vault # noqa
charms_openstack.bus.discover()
# Use the charms.openstack defaults for common states and hooks
charm.use_defaults(
@ -38,7 +37,9 @@ def secret_backend_vault_request():
ch_core.hookenv.log('Requesting access to vault ({})'
.format(secrets_storage.vault_url),
level=ch_core.hookenv.INFO)
secrets_storage.request_secret_backend('charm-barbican-vault')
with charm.provide_charm_instance() as barbican_vault_charm:
secrets_storage.request_secret_backend(
barbican_vault_charm.secret_backend_name)
@reactive.when_all('endpoint.secrets.joined', 'secrets-storage.available')
@ -46,12 +47,14 @@ def plugin_info_barbican_publish():
barbican = reactive.endpoint_from_flag('endpoint.secrets.joined')
secrets_storage = reactive.endpoint_from_flag(
'secrets-storage.available')
vault_data = {
'approle_role_id': secrets_storage.unit_role_id,
'approle_secret_id': secrets_storage.unit_token,
'vault_url': secrets_storage.vault_url,
'use_ssl': 'false', # XXX
}
ch_core.hookenv.log('Publishing vault plugin info to barbican',
level=ch_core.hookenv.INFO)
barbican.publish_plugin_info('vault', vault_data)
with charm.provide_charm_instance() as barbican_vault_charm:
vault_data = {
'approle_role_id': secrets_storage.unit_role_id,
'approle_secret_id': secrets_storage.unit_token,
'vault_url': secrets_storage.vault_url,
'kv_mountpoint': barbican_vault_charm.secret_backend_name,
'use_ssl': 'false', # XXX
}
ch_core.hookenv.log('Publishing vault plugin info to barbican',
level=ch_core.hookenv.INFO)
barbican.publish_plugin_info('vault', vault_data)

View File

@ -57,12 +57,14 @@ class TestBarbicanVaultHandlers(test_utils.PatchHelper):
self.provide_charm_instance().__enter__.return_value = \
barbican_vault_charm
self.provide_charm_instance().__exit__.return_value = None
return barbican_vault_charm
def test_secret_backend_vault_request(self):
self.patch_charm()
barbican_vault_charm = self.patch_charm()
self.patch_object(handlers.reactive, 'endpoint_from_flag')
secrets_storage = mock.MagicMock()
self.endpoint_from_flag.return_value = secrets_storage
barbican_vault_charm.secret_backend_name = 'charm-barbican-vault'
handlers.secret_backend_vault_request()
self.endpoint_from_flag.assert_called_once_with(
@ -71,7 +73,7 @@ class TestBarbicanVaultHandlers(test_utils.PatchHelper):
'charm-barbican-vault')
def test_plugin_info_barbican_publish(self):
self.patch_charm()
barbican_vault_charm = self.patch_charm()
self.patch_object(handlers.reactive, 'endpoint_from_flag')
barbican = mock.MagicMock()
secrets_storage = mock.MagicMock()
@ -86,6 +88,7 @@ class TestBarbicanVaultHandlers(test_utils.PatchHelper):
'approle_role_id': secrets_storage.unit_role_id,
'approle_secret_id': secrets_storage.unit_token,
'vault_url': secrets_storage.vault_url,
'kv_mountpoint': barbican_vault_charm.secret_backend_name,
'use_ssl': 'false', # XXX
}
barbican.publish_plugin_info.assert_called_once_with(