# pylint: disable=E0213
-import logging
-from typing import Optional, NoReturn
from ipaddress import ip_network
+import logging
+from typing import NoReturn, Optional
from urllib.parse import urlparse
-from ops.main import main
+from ops.main import main
from opslib.osm.charm import CharmedOsmBase, RelationsMissing
-
+from opslib.osm.interfaces.http import HttpServer
+from opslib.osm.interfaces.kafka import KafkaClient
+from opslib.osm.interfaces.keystone import KeystoneClient
+from opslib.osm.interfaces.mongo import MongoClient
+from opslib.osm.interfaces.prometheus import PrometheusClient
from opslib.osm.pod import (
ContainerV3Builder,
- PodSpecV3Builder,
IngressResourceV3Builder,
+ PodSpecV3Builder,
)
-
-
-from opslib.osm.validator import (
- ModelValidator,
- validator,
-)
-
-from opslib.osm.interfaces.kafka import KafkaClient
-from opslib.osm.interfaces.mongo import MongoClient
-from opslib.osm.interfaces.prometheus import PrometheusClient
-from opslib.osm.interfaces.keystone import KeystoneClient
-from opslib.osm.interfaces.http import HttpServer
+from opslib.osm.validator import ModelValidator, validator
logger = logging.getLogger(__name__)
log_level: str
max_file_size: int
site_url: Optional[str]
+ cluster_issuer: Optional[str]
ingress_whitelist_source_range: Optional[str]
tls_secret_name: Optional[str]
"nginx.ingress.kubernetes.io/whitelist-source-range"
] = config.ingress_whitelist_source_range
+ if config.cluster_issuer:
+ annotations["cert-manager.io/cluster-issuer"] = config.cluster_issuer
+
if parsed.scheme == "https":
ingress_resource_builder.add_tls(
[parsed.hostname], config.tls_secret_name