Fixing black errors in Keystone
[osm/devops.git] / installers / charm / keystone / src / charm.py
index 808af3b..446d2e0 100755 (executable)
@@ -86,6 +86,7 @@ class ConfigModel(ModelValidator):
     mysql_port: Optional[int]
     mysql_root_password: Optional[str]
     image_pull_policy: str
+    security_context: bool
 
     @validator("max_file_size")
     def validate_max_file_size(cls, v):
@@ -247,9 +248,9 @@ class KeystoneCharm(CharmedOsmBase):
     ):
         credentials_files_builder = FilesV3Builder()
         fernet_files_builder = FilesV3Builder()
-        for (key_id, _) in enumerate(credential_keys):
+        for key_id, _ in enumerate(credential_keys):
             credentials_files_builder.add_file(str(key_id), str(key_id), secret=True)
-        for (key_id, _) in enumerate(fernet_keys):
+        for key_id, _ in enumerate(fernet_keys):
             fernet_files_builder.add_file(str(key_id), str(key_id), secret=True)
         return credentials_files_builder.build(), fernet_files_builder.build()
 
@@ -266,9 +267,14 @@ class KeystoneCharm(CharmedOsmBase):
         self._check_missing_dependencies(config, external_db)
 
         # Create Builder for the PodSpec
-        pod_spec_builder = PodSpecV3Builder()
+        pod_spec_builder = PodSpecV3Builder(
+            enable_security_context=config.security_context
+        )
         container_builder = ContainerV3Builder(
-            self.app.name, image_info, config.image_pull_policy
+            self.app.name,
+            image_info,
+            config.image_pull_policy,
+            run_as_non_root=config.security_context,
         )
 
         # Build files
@@ -366,14 +372,14 @@ class KeystoneCharm(CharmedOsmBase):
             ldap_secrets = {
                 "authentication_domain_name": config_ldap.ldap_authentication_domain_name,
                 "url": config_ldap.ldap_url,
-                "page_size": config_ldap.ldap_page_size,
+                "page_size": str(config_ldap.ldap_page_size),
                 "user_objectclass": config_ldap.ldap_user_objectclass,
                 "user_id_attribute": config_ldap.ldap_user_id_attribute,
                 "user_name_attribute": config_ldap.ldap_user_name_attribute,
                 "user_pass_attribute": config_ldap.ldap_user_pass_attribute,
-                "user_enabled_mask": config_ldap.ldap_user_enabled_mask,
+                "user_enabled_mask": str(config_ldap.ldap_user_enabled_mask),
                 "user_enabled_default": config_ldap.ldap_user_enabled_default,
-                "user_enabled_invert": config_ldap.ldap_user_enabled_invert,
+                "user_enabled_invert": str(config_ldap.ldap_user_enabled_invert),
                 "group_objectclass": config_ldap.ldap_group_objectclass,
             }
             ldap_envs = {
@@ -423,7 +429,7 @@ class KeystoneCharm(CharmedOsmBase):
                 ldap_envs["LDAP_TLS_CACERT_BASE64"] = "tls_cacert_base64"
 
             if config_ldap.ldap_use_starttls:
-                ldap_secrets["use_starttls"] = config_ldap.ldap_use_starttls
+                ldap_secrets["use_starttls"] = str(config_ldap.ldap_use_starttls)
                 ldap_secrets["tls_cacert_base64"] = config_ldap.ldap_tls_cacert_base64
                 ldap_secrets["tls_req_cert"] = config_ldap.ldap_tls_req_cert
                 ldap_envs["LDAP_USE_STARTTLS"] = "use_starttls"