Remove TLS related helpers

We will add these further up the stack in ``layer-openstack``, addition counterpart: I12f45236632b608e07fdd35d31b90b84ca92eb1f Needed-By: I8a72acd451dd21e1b042b7f71f6d98e164737ac1 Depends-On: I12f45236632b608e07fdd35d31b90b84ca92eb1f Closes-Bug: #1840899 Change-Id: I007275c041ca5465664a6b5d441e56c0316c405d
2019-08-26 11:37:22 +02:00 · 2019-08-26 11:37:22 +02:00 · d0860d9f2d
parent 3025060167
commit d0860d9f2d
4 changed files with 1 additions and 55 deletions
--- a/README.md
+++ b/README.md
@ -4,7 +4,6 @@ This layer provides the base layer for OpenStack charms that are will deploy
 API services, and provides all of the core functionality for:

 - HA (using the hacluster charm)
- - SSL (using configuration options or keystone for certificates)
 - Juju 2.0 network space support for API endpoints
 - Configuration based network binding of API endpoints

--- a/config.yaml
+++ b/config.yaml
@ -122,22 +122,3 @@ options:
    description: |
      Default CIDR netmask to use for HA vip when it cannot be automatically
      determined.
-  ssl_cert:
-    type: string
-    default:
-    description: |
-      SSL certificate to install and use for API ports.  Setting this value
-      and ssl_key will enable reverse proxying, point Glance's entry in the
-      Keystone catalog to use https, and override any certficiate and key
-      issued by Keystone (if it is configured to do so).
-  ssl_key:
-    type: string
-    default:
-    description: |
-      SSL key to use with certificate specified as ssl_cert.
-  ssl_ca:
-    type: string
-    default:
-    description: |
-      SSL CA to use with the certificate and key provided - this is only
-      required if you are providing a privately signed ssl_cert and ssl_key.
--- a/layer.yaml
+++ b/layer.yaml
@ -1,5 +1,4 @@
 includes: ['layer:openstack-principle', 'interface:mysql-shared',
           'interface:rabbitmq', 'interface:keystone',
-           'interface:hacluster', 'interface:openstack-ha',
-           'interface:tls-certificates', 'layer:tls-client']
+           'interface:hacluster', 'interface:openstack-ha']
 repo: 'https://github.com/openstack/charm-layer-openstack-api'
--- a/reactive/layer_openstack_api.py
+++ b/reactive/layer_openstack_api.py
@ -51,36 +51,3 @@ def default_setup_endpoint_connection(keystone):
                                    instance.internal_url,
                                    instance.admin_url)
        instance.assess_status()
-
-
-@reactive.when('identity-service.available',
-               'charms.openstack.do-default-identity-service.available')
-def default_setup_endpoint_available(keystone):
-    """When the identity-service interface is available, this default
-    handler switches on the SSL support.
-    """
-    with charm.provide_charm_instance() as instance:
-        instance.configure_ssl(keystone)
-        instance.assess_status()
-
-
-@reactive.when('certificates.available')
-def default_setup_certificates(tls):
-    """When the identity-service interface is available, this default
-    handler switches on the SSL support.
-    """
-    with charm.provide_charm_instance() as instance:
-        for cn, req in instance.get_certificate_requests().items():
-            tls.add_request_server_cert(cn, req['sans'])
-        tls.request_server_certs()
-        instance.assess_status()
-
-
-@reactive.when('certificates.batch.cert.available')
-def default_setup_endpoint_available(tls):
-    """When the identity-service interface is available, this default
-    handler switches on the SSL support.
-    """
-    with charm.provide_charm_instance() as instance:
-        instance.configure_ssl(tls)
-        instance.assess_status()