From f17e32ea25e54d28c01e5a924c138dd9a9e40063 Mon Sep 17 00:00:00 2001
From: David Ames <david.ames@canonical.com>
Date: Thu, 6 Dec 2018 11:36:09 -0800
Subject: [PATCH] Neutron-dynamic-routing support for SSL rabbitmq

The charm was failing to setup enough SSL configuration to communicate
with rabbitmq when rabbitmq uses SSL. This led to Bug:#1807233.

The change and its dependencies guarantees the charm will setup all the
configuration and certificates required for communication with rabbitmq
and SSL.

Depends-On: I6bb56a59cd65310d644aa25ae203996b22ec4b4e
Change-Id: Id78aba7766e045003ad5661ca31d6a6de57d704a
Closes-Bug: #1807233
---
 src/lib/charm/openstack/dragent.py  | 8 ++++++++
 src/reactive/dragent_handlers.py    | 5 +++++
 src/templates/neutron.conf          | 8 +++++---
 unit_tests/test_dragent_handlers.py | 1 +
 4 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/src/lib/charm/openstack/dragent.py b/src/lib/charm/openstack/dragent.py
index b3a7e80..6b34181 100644
--- a/src/lib/charm/openstack/dragent.py
+++ b/src/lib/charm/openstack/dragent.py
@@ -78,6 +78,14 @@ def assess_status():
     DRAgentCharm.singleton.assess_status()
 
 
+def configure_ssl():
+    """Setup SSL communications calling DRAgentCharm.singleton.configure_ssl()
+
+    :returns: None
+    """
+    DRAgentCharm.singleton.configure_ssl()
+
+
 def upgrade_if_available(interfaces_list):
     """Just call the DRAgentCharm.singleton.upgrade_if_available() command to
     update OpenStack package if upgrade is available
diff --git a/src/reactive/dragent_handlers.py b/src/reactive/dragent_handlers.py
index 81e34ec..22cf6cd 100644
--- a/src/reactive/dragent_handlers.py
+++ b/src/reactive/dragent_handlers.py
@@ -56,6 +56,11 @@ def setup_amqp_req(amqp):
     dragent.assess_status()
 
 
+@reactive.when('amqp.available.ssl')
+def configure_ssl(amqp):
+    dragent.configure_ssl()
+
+
 @reactive.when('amqp.available')
 def render_configs(*args):
     """Render the configuration for dynamic routing when all the interfaces are
diff --git a/src/templates/neutron.conf b/src/templates/neutron.conf
index d049af7..2eb4545 100644
--- a/src/templates/neutron.conf
+++ b/src/templates/neutron.conf
@@ -6,9 +6,11 @@
 verbose = {{ options.verbose }}
 debug = {{ options.debug }}
 
-{% if amqp.transport_url -%}
-transport_url = {{ amqp.transport_url }}
-{% endif -%}
+# Transport URL must be in the [DEFAULT] section
+{% include "parts/section-transport-url" %}
+
+# End of [DEFAULT] section
+{% include "parts/section-oslo-messaging-rabbit" %}
 
 [agent]
 root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
diff --git a/unit_tests/test_dragent_handlers.py b/unit_tests/test_dragent_handlers.py
index 6d867da..2cc1ee9 100644
--- a/unit_tests/test_dragent_handlers.py
+++ b/unit_tests/test_dragent_handlers.py
@@ -105,6 +105,7 @@ class TestDRAgentHandlers(unittest.TestCase):
             'publish_bgp_info': ('endpoint.bgp-speaker.changed',),
             'setup_amqp_req': ('amqp.connected', ),
             'render_configs': ('amqp.available', ),
+            'configure_ssl': ('amqp.available.ssl', ),
         }
         when_not_patterns = {}
         # check the when hooks are attached to the expected functions