Add support for tls-certificates relation
Add support for the charm to request and receive certificates from the tls-certificates relation. Add missing direct ``amqp`` relation between ``ceilometer-agent`` and ``rabbitmq-server`` Change-Id: I931f5d3fcbf28e85b1a8e3e7cf24d13cf741e4bd Closes-Bug: #1818546
This commit is contained in:
parent
a6fa24941e
commit
7ca09a1793
|
@ -25,20 +25,22 @@ from charmhelpers.fetch import (
|
|||
filter_installed_packages,
|
||||
)
|
||||
from charmhelpers.core.hookenv import (
|
||||
open_port,
|
||||
close_port,
|
||||
relation_get,
|
||||
relation_set,
|
||||
relation_ids,
|
||||
config,
|
||||
Hooks, UnregisteredHookError,
|
||||
log,
|
||||
status_set,
|
||||
WARNING,
|
||||
DEBUG,
|
||||
Hooks,
|
||||
UnregisteredHookError,
|
||||
WARNING,
|
||||
close_port,
|
||||
config,
|
||||
is_leader,
|
||||
leader_get,
|
||||
leader_set,
|
||||
log,
|
||||
open_port,
|
||||
related_units,
|
||||
relation_get,
|
||||
relation_ids,
|
||||
relation_set,
|
||||
status_set,
|
||||
)
|
||||
from charmhelpers.core.host import (
|
||||
service_restart,
|
||||
|
@ -46,6 +48,7 @@ from charmhelpers.core.host import (
|
|||
mkdir,
|
||||
init_is_systemd,
|
||||
)
|
||||
import charmhelpers.contrib.openstack.cert_utils as cert_utils
|
||||
from charmhelpers.contrib.openstack.context import ADDRESS_TYPES
|
||||
from charmhelpers.contrib.openstack.utils import (
|
||||
configure_installation_source,
|
||||
|
@ -170,6 +173,9 @@ def metric_service_joined():
|
|||
@restart_on_change(restart_map())
|
||||
def any_changed():
|
||||
CONFIGS.write_all()
|
||||
for r_id in relation_ids('certificates'):
|
||||
for unit in related_units(r_id):
|
||||
certs_changed(r_id, unit)
|
||||
configure_https()
|
||||
for rid in relation_ids('identity-service'):
|
||||
keystone_joined(relid=rid)
|
||||
|
@ -231,6 +237,10 @@ def config_changed():
|
|||
else:
|
||||
close_port(CEILOMETER_PORT)
|
||||
|
||||
# Refire certificates relations for VIP changes
|
||||
for r_id in relation_ids('certificates'):
|
||||
certs_joined(r_id)
|
||||
|
||||
configure_https()
|
||||
|
||||
# NOTE(jamespage): Iterate identity-{service,credentials} relations
|
||||
|
@ -445,6 +455,22 @@ def post_series_upgrade():
|
|||
resume_unit_helper, CONFIGS)
|
||||
|
||||
|
||||
@hooks.hook('certificates-relation-joined')
|
||||
def certs_joined(relation_id=None):
|
||||
relation_set(
|
||||
relation_id=relation_id,
|
||||
relation_settings=cert_utils.get_certificate_request())
|
||||
|
||||
|
||||
@hooks.hook('certificates-relation-changed')
|
||||
def certs_changed(relation_id=None, unit=None):
|
||||
@restart_on_change(restart_map())
|
||||
def _certs_changed():
|
||||
cert_utils.process_certificates('ceilometer-api', relation_id, unit)
|
||||
configure_https()
|
||||
_certs_changed()
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
try:
|
||||
hooks.execute(sys.argv)
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
ceilometer_hooks.py
|
|
@ -0,0 +1 @@
|
|||
ceilometer_hooks.py
|
|
@ -0,0 +1 @@
|
|||
ceilometer_hooks.py
|
|
@ -0,0 +1 @@
|
|||
ceilometer_hooks.py
|
|
@ -47,6 +47,8 @@ requires:
|
|||
interface: gnocchi
|
||||
event-service:
|
||||
interface: event-service
|
||||
certificates:
|
||||
interface: tls-certificates
|
||||
peers:
|
||||
cluster:
|
||||
interface: ceilometer-ha
|
||||
|
|
|
@ -99,6 +99,7 @@ class CeilometerBasicDeployment(OpenStackAmuletDeployment):
|
|||
'keystone:shared-db': 'percona-cluster:shared-db',
|
||||
'ceilometer:ceilometer-service': 'ceilometer-agent:'
|
||||
'ceilometer-service',
|
||||
'ceilometer-agent:amqp': 'rabbitmq-server:amqp',
|
||||
'nova-compute:nova-ceilometer': 'ceilometer-agent:nova-ceilometer',
|
||||
'nova-compute:amqp': 'rabbitmq-server:amqp',
|
||||
'glance:identity-service': 'keystone:identity-service',
|
||||
|
|
|
@ -140,15 +140,20 @@ class CeilometerHooksTest(CharmTestCase):
|
|||
self.relation_set.assert_called_with(
|
||||
ceilometer_database='ceilometer')
|
||||
|
||||
@patch.object(hooks, 'certs_changed')
|
||||
@patch.object(hooks, 'related_units')
|
||||
@patch.object(hooks, 'keystone_joined')
|
||||
@patch('charmhelpers.core.hookenv.config')
|
||||
@patch.object(hooks, 'ceilometer_joined')
|
||||
def test_any_changed(self, ceilometer_joined, mock_config,
|
||||
keystone_joined):
|
||||
self.relation_ids.return_value = ['identity-service:1']
|
||||
keystone_joined, _related_units, _certs_changed):
|
||||
self.relation_ids.side_effect = [
|
||||
['certificates:42'], ['identity-service:1']]
|
||||
_related_units.return_value = ['vault/0']
|
||||
hooks.hooks.execute(['hooks/shared-db-relation-changed'])
|
||||
self.assertTrue(self.CONFIGS.write_all.called)
|
||||
self.assertTrue(ceilometer_joined.called)
|
||||
_certs_changed.assert_called_once_with('certificates:42', 'vault/0')
|
||||
keystone_joined.assert_called_with(relid='identity-service:1')
|
||||
self.configure_https.assert_called_once()
|
||||
|
||||
|
@ -426,3 +431,20 @@ class CeilometerHooksTest(CharmTestCase):
|
|||
)
|
||||
self.apt_install.assert_called_with(['python3-gnocchiclient'],
|
||||
fatal=True)
|
||||
|
||||
@patch.object(hooks.cert_utils, 'get_certificate_request')
|
||||
@patch.object(hooks, 'relation_set')
|
||||
def test_certs_joined(self, _relation_set, _get_certificate_request):
|
||||
hooks.hooks.execute(['hooks/certificates-relation-joined'])
|
||||
_get_certificate_request.assert_called_once_with()
|
||||
_relation_set.assert_called_once_with(
|
||||
relation_id=None,
|
||||
relation_settings=_get_certificate_request())
|
||||
|
||||
@patch.object(hooks, 'configure_https')
|
||||
@patch.object(hooks.cert_utils, 'process_certificates')
|
||||
def test_certs_changed(self, _process_certificates, _configure_https):
|
||||
hooks.hooks.execute(['hooks/certificates-relation-changed'])
|
||||
_process_certificates.assert_called_once_with(
|
||||
'ceilometer-api', None, None)
|
||||
_configure_https.assert_called_once_with()
|
||||
|
|
Loading…
Reference in New Issue