projects / osm / devops.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Update install_osm.sh to solve the issue with no valid OpenPGP data found
[osm/devops.git] / installers / charm / ro / src / charm.py
diff --git a/installers/charm/ro/src/charm.py b/installers/charm/ro/src/charm.py
index 951f281..1367a44 100755 (executable)
--- a/installers/charm/ro/src/charm.py
+++ b/installers/charm/ro/src/charm.py
@@ -24,14 +24,19 @@
 
 import base64
 import logging
 
 import base64
 import logging
-from typing import NoReturn, Optional
+from typing import Dict, NoReturn, Optional
 
 from ops.main import main
 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
 from opslib.osm.interfaces.kafka import KafkaClient
 from opslib.osm.interfaces.mongo import MongoClient
 from opslib.osm.interfaces.mysql import MysqlClient
 
 from ops.main import main
 from opslib.osm.charm import CharmedOsmBase, RelationsMissing
 from opslib.osm.interfaces.kafka import KafkaClient
 from opslib.osm.interfaces.mongo import MongoClient
 from opslib.osm.interfaces.mysql import MysqlClient
-from opslib.osm.pod import ContainerV3Builder, FilesV3Builder, PodSpecV3Builder
+from opslib.osm.pod import (
+    ContainerV3Builder,
+    FilesV3Builder,
+    PodRestartPolicy,
+    PodSpecV3Builder,
+)
 from opslib.osm.validator import ModelValidator, validator
 
 logger = logging.getLogger(__name__)
 from opslib.osm.validator import ModelValidator, validator
 
 logger = logging.getLogger(__name__)
@@ -73,6 +78,9 @@ class ConfigModel(ModelValidator):
     ro_database: str
     openmano_tenant: str
     certificates: Optional[str]
     ro_database: str
     openmano_tenant: str
     certificates: Optional[str]
+    image_pull_policy: str
+    debug_mode: bool
+    security_context: bool
 
     @validator("log_level")
     def validate_log_level(cls, v):
 
     @validator("log_level")
     def validate_log_level(cls, v):
@@ -98,6 +106,18 @@ class ConfigModel(ModelValidator):
             raise ValueError("Mysql port out of range")
         return v
 
             raise ValueError("Mysql port out of range")
         return v
 
+    @validator("image_pull_policy")
+    def validate_image_pull_policy(cls, v):
+        values = {
+            "always": "Always",
+            "ifnotpresent": "IfNotPresent",
+            "never": "Never",
+        }
+        v = v.lower()
+        if v not in values.keys():
+            raise ValueError("value must be always, ifnotpresent or never")
+        return values[v]
+
     @property
     def certificates_dict(cls):
         return _extract_certificates(cls.certificates) if cls.certificates else {}
     @property
     def certificates_dict(cls):
         return _extract_certificates(cls.certificates) if cls.certificates else {}
@@ -108,8 +128,22 @@ class RoCharm(CharmedOsmBase):
 
     def __init__(self, *args) -> NoReturn:
         """Prometheus Charm constructor."""
 
     def __init__(self, *args) -> NoReturn:
         """Prometheus Charm constructor."""
-        super().__init__(*args, oci_image="image")
-
+        super().__init__(
+            *args,
+            oci_image="image",
+            vscode_workspace=VSCODE_WORKSPACE,
+        )
+        if self.config.get("debug_mode"):
+            self.enable_debug_mode(
+                pubkey=self.config.get("debug_pubkey"),
+                hostpaths={
+                    "osm_common": {
+                        "hostpath": self.config.get("debug_common_local_path"),
+                        "container-path": "/usr/lib/python3/dist-packages/osm_common",
+                    },
+                    **_get_ro_host_paths(self.config.get("debug_ro_local_path")),
+                },
+            )
         self.kafka_client = KafkaClient(self, "kafka")
         self.framework.observe(self.on["kafka"].relation_changed, self.configure_pod)
         self.framework.observe(self.on["kafka"].relation_broken, self.configure_pod)
         self.kafka_client = KafkaClient(self, "kafka")
         self.framework.observe(self.on["kafka"].relation_changed, self.configure_pod)
         self.framework.observe(self.on["kafka"].relation_broken, self.configure_pod)
@@ -142,7 +176,10 @@ class RoCharm(CharmedOsmBase):
         missing_relations = []
 
         if config.enable_ng_ro:
         missing_relations = []
 
         if config.enable_ng_ro:
-            if self.kafka_client.is_missing_data_in_unit():
+            if (
+                self.kafka_client.is_missing_data_in_unit()
+                and self.kafka_client.is_missing_data_in_app()
+            ):
                 missing_relations.append("kafka")
             if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
                 missing_relations.append("mongodb")
                 missing_relations.append("kafka")
             if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
                 missing_relations.append("mongodb")
@@ -192,11 +229,22 @@ class RoCharm(CharmedOsmBase):
         # Check relations
         self._check_missing_dependencies(config)
 
         # Check relations
         self._check_missing_dependencies(config)
 
+        security_context_enabled = (
+            config.security_context if not config.debug_mode else False
+        )
+
         # Create Builder for the PodSpec
         # Create Builder for the PodSpec
-        pod_spec_builder = PodSpecV3Builder()
+        pod_spec_builder = PodSpecV3Builder(
+            enable_security_context=security_context_enabled
+        )
 
         # Build Container
 
         # Build Container
-        container_builder = ContainerV3Builder(self.app.name, image_info)
+        container_builder = ContainerV3Builder(
+            self.app.name,
+            image_info,
+            config.image_pull_policy,
+            run_as_non_root=security_context_enabled,
+        )
         certs_files = self._build_cert_files(config)
 
         if certs_files:
         certs_files = self._build_cert_files(config)
 
         if certs_files:
@@ -226,6 +274,15 @@ class RoCharm(CharmedOsmBase):
         )
 
         if config.enable_ng_ro:
         )
 
         if config.enable_ng_ro:
+            # Add secrets to the pod
+            mongodb_secret_name = f"{self.app.name}-mongodb-secret"
+            pod_spec_builder.add_secret(
+                mongodb_secret_name,
+                {
+                    "uri": config.mongodb_uri or self.mongodb_client.connection_string,
+                    "commonkey": config.database_commonkey,
+                },
+            )
             container_builder.add_envs(
                 {
                     "OSMRO_MESSAGE_DRIVER": "kafka",
             container_builder.add_envs(
                 {
                     "OSMRO_MESSAGE_DRIVER": "kafka",
@@ -233,11 +290,18 @@ class RoCharm(CharmedOsmBase):
                     "OSMRO_MESSAGE_PORT": self.kafka_client.port,
                     # MongoDB configuration
                     "OSMRO_DATABASE_DRIVER": "mongo",
                     "OSMRO_MESSAGE_PORT": self.kafka_client.port,
                     # MongoDB configuration
                     "OSMRO_DATABASE_DRIVER": "mongo",
-                    "OSMRO_DATABASE_URI": config.mongodb_uri
-                    or self.mongodb_client.connection_string,
-                    "OSMRO_DATABASE_COMMONKEY": config.database_commonkey,
                 }
             )
                 }
             )
+            container_builder.add_secret_envs(
+                secret_name=mongodb_secret_name,
+                envs={
+                    "OSMRO_DATABASE_URI": "uri",
+                    "OSMRO_DATABASE_COMMONKEY": "commonkey",
+                },
+            )
+            restart_policy = PodRestartPolicy()
+            restart_policy.add_secrets(secret_names=(mongodb_secret_name,))
+            pod_spec_builder.set_restart_policy(restart_policy)
 
         else:
             container_builder.add_envs(
 
         else:
             container_builder.add_envs(
@@ -269,5 +333,130 @@ class RoCharm(CharmedOsmBase):
         return pod_spec_builder.build()
 
 
         return pod_spec_builder.build()
 
 
+VSCODE_WORKSPACE = {
+    "folders": [
+        {"path": "/usr/lib/python3/dist-packages/osm_ng_ro"},
+        {"path": "/usr/lib/python3/dist-packages/osm_common"},
+        {"path": "/usr/lib/python3/dist-packages/osm_ro_plugin"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_arista_cloudvision"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_dpb"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_dynpac"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_floodlightof"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_ietfl2vpn"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_juniper_contrail"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_odlof"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_onos_vpls"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rosdn_onosof"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_aws"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_azure"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_gcp"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_fos"},
+        # {"path": "/usr/lib/python3/dist-packages/osm_rovim_opennebula"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_openstack"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_openvim"},
+        {"path": "/usr/lib/python3/dist-packages/osm_rovim_vmware"},
+    ],
+    "launch": {
+        "configurations": [
+            {
+                "module": "osm_ng_ro.ro_main",
+                "name": "NG RO",
+                "request": "launch",
+                "type": "python",
+                "justMyCode": False,
+            }
+        ],
+        "version": "0.2.0",
+    },
+    "settings": {},
+}
+
+
+def _get_ro_host_paths(ro_host_path: str) -> Dict:
+    """Get RO host paths"""
+    return (
+        {
+            "NG-RO": {
+                "hostpath": f"{ro_host_path}/NG-RO",
+                "container-path": "/usr/lib/python3/dist-packages/osm_ng_ro",
+            },
+            "RO-plugin": {
+                "hostpath": f"{ro_host_path}/RO-plugin",
+                "container-path": "/usr/lib/python3/dist-packages/osm_ro_plugin",
+            },
+            "RO-SDN-arista_cloudvision": {
+                "hostpath": f"{ro_host_path}/RO-SDN-arista_cloudvision",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_arista_cloudvision",
+            },
+            "RO-SDN-dpb": {
+                "hostpath": f"{ro_host_path}/RO-SDN-dpb",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_dpb",
+            },
+            "RO-SDN-dynpac": {
+                "hostpath": f"{ro_host_path}/RO-SDN-dynpac",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_dynpac",
+            },
+            "RO-SDN-floodlight_openflow": {
+                "hostpath": f"{ro_host_path}/RO-SDN-floodlight_openflow",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_floodlightof",
+            },
+            "RO-SDN-ietfl2vpn": {
+                "hostpath": f"{ro_host_path}/RO-SDN-ietfl2vpn",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_ietfl2vpn",
+            },
+            "RO-SDN-juniper_contrail": {
+                "hostpath": f"{ro_host_path}/RO-SDN-juniper_contrail",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_juniper_contrail",
+            },
+            "RO-SDN-odl_openflow": {
+                "hostpath": f"{ro_host_path}/RO-SDN-odl_openflow",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_odlof",
+            },
+            "RO-SDN-onos_openflow": {
+                "hostpath": f"{ro_host_path}/RO-SDN-onos_openflow",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_onosof",
+            },
+            "RO-SDN-onos_vpls": {
+                "hostpath": f"{ro_host_path}/RO-SDN-onos_vpls",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rosdn_onos_vpls",
+            },
+            "RO-VIM-aws": {
+                "hostpath": f"{ro_host_path}/RO-VIM-aws",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_aws",
+            },
+            "RO-VIM-azure": {
+                "hostpath": f"{ro_host_path}/RO-VIM-azure",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_azure",
+            },
+            "RO-VIM-gcp": {
+                "hostpath": f"{ro_host_path}/RO-VIM-gcp",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_gcp",
+            },
+            "RO-VIM-fos": {
+                "hostpath": f"{ro_host_path}/RO-VIM-fos",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_fos",
+            },
+            "RO-VIM-opennebula": {
+                "hostpath": f"{ro_host_path}/RO-VIM-opennebula",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_opennebula",
+            },
+            "RO-VIM-openstack": {
+                "hostpath": f"{ro_host_path}/RO-VIM-openstack",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_openstack",
+            },
+            "RO-VIM-openvim": {
+                "hostpath": f"{ro_host_path}/RO-VIM-openvim",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_openvim",
+            },
+            "RO-VIM-vmware": {
+                "hostpath": f"{ro_host_path}/RO-VIM-vmware",
+                "container-path": "/usr/lib/python3/dist-packages/osm_rovim_vmware",
+            },
+        }
+        if ro_host_path
+        else {}
+    )
+
+
 if __name__ == "__main__":
     main(RoCharm)
 if __name__ == "__main__":
     main(RoCharm)