The IdentityServiceContext was recently updated to add the application
data bag. Unfortunately, they keystone charm uses both the regular
relation data primarily, but the updates for endpoints are on both the
application database and the regular relation data. The
IdentityServiceContext used the app data bag exclusively if there were
any keys available, which leads to it ignoring the existing relation
data entirely; this results in 'identity relation not ready' with
missing data items.
charm-helpers is patched at [1] to solve the issue and this is a
charm-helpers sync that includes that patch. This changes the
functionality of the IdentityServiceContext so that it preferentially
selects keys from the application data bag unless they are None, in
which case it tries for those keys on the existing relation data. e.g.
it will stitch the two relations together with the app data bag taking
priority. This allows the nova-cloud-controller charm to correctly
access the identity relation data and form a complete context.
[1] https://github.com/juju/charm-helpers/pull/746
Change-Id: Ic868213c6bb42bc2a28ad25a2f7344a28ab9f04d
* sync charm-helpers to classic charms
* change openstack-origin/source default to zed
* align testing with zed
* add new zed bundles
* add zed bundles to tests.yaml
* add zed tests to osci.yaml and .zuul.yaml
* update build-on and run-on bases
* add bindep.txt for py310
* sync tox.ini and requirements.txt for ruamel
* use charmcraft_channel 2.0/stable
* drop reactive plugin overrides
* move interface/layer env vars to charmcraft.yaml
Change-Id: I8f2c34f3a4a0601ee19aa694b323cc0f9ee65616
* charm-helpers sync for classic charms
* build.lock file for reactive charms
* ensure tox.ini is from release-tools
* ensure requirements.txt files are from release-tools
* On reactive charms:
- ensure stable/21.04 branch for charms.openstack
- ensure stable/21.04 branch for charm-helpers
Change-Id: I95f8da0789b7f165677b031284acc4fadfdfeab4
The charm looked for `keystone_juju_ca_cert` on disk
instead of
`/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt`
Synced charm-helpers for
https://github.com/juju/charm-helpers/pull/570
Change-Id: Ib7cfdadc3a75fca951792ef2c2e2b454b1ad021d
Closes-Bug: #1915504
* charm-helpers sync for classic charms
* rebuild for reactive charms
* ensure tox.ini is from release-tools
* ensure requirements.txt files are from release-tools
* On reactive charms:
- ensure master branch for charms.openstack
- ensure master branch for charm-helpers
Change-Id: I65d378de1b124c3c668e05bb37c79fe45596747b
The console proxy service run as user ``nova`` throughout its lifespan,
it has no load certificates before dropping privileges mechanism.
Set file permissions on certificate files to support this.
Sync charm helpers.
Closes-Bug: #1819140
Change-Id: I597b82070e51506c56500267daa2b59d8145b9f9
Using the new version of the sync tool which removes the charmhelpers
directory before syncing, run charm helpers sync to find any unexpected
missing dependencies.
Change-Id: I1d414271c6191829992a8628de62f160dfc66ee0
Some major changes:
* the charm has been rebased (from a Python perspective) to be rooted in
the charm directory. This is a single root.
* Imports have been changed so that the don't add lots of imports to the
namespace of the module doing the import.
* The code that used to run at module import time has been made lazy
such that it only has to run if the relevant functions are called.
This includes restart_on_change parameters, the harden function and
the parameters to the guard_map. Appropriate changes will be
submitted to charm-helpers.
* Several tests had to be re-written as (incorrect) mocking meant that
text fixtures didn't actually match what the code was doing. Thus,
the tests were meaningless.
* This has had a net positive impact on the unit tests wrt to importing
modules and mocking.
Change-Id: Id07d9d1caaa9b29453a63c2e49ba831071e9457f