X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fcharm%2Flcm%2Fsrc%2Fcharm.py;h=7c644189def38208dffaee0fc9f00c71b74fe8d7;hb=8a00e59f4f7928dfb0208c2eaa5efc8fe1666452;hp=fecd1b3c0072c5e25affa2daae3e182c7659616f;hpb=8686601c00337e33edb3f74d79d61c68d61d135f;p=osm%2Fdevops.git diff --git a/installers/charm/lcm/src/charm.py b/installers/charm/lcm/src/charm.py index fecd1b3c..7c644189 100755 --- a/installers/charm/lcm/src/charm.py +++ b/installers/charm/lcm/src/charm.py @@ -27,12 +27,12 @@ import logging from typing import NoReturn, Optional +from charms.kafka_k8s.v0.kafka import KafkaEvents, KafkaRequires from ops.main import main from opslib.osm.charm import CharmedOsmBase, RelationsMissing from opslib.osm.interfaces.http import HttpClient -from opslib.osm.interfaces.kafka import KafkaClient from opslib.osm.interfaces.mongo import MongoClient -from opslib.osm.pod import ContainerV3Builder, PodSpecV3Builder +from opslib.osm.pod import ContainerV3Builder, PodRestartPolicy, PodSpecV3Builder from opslib.osm.validator import ModelValidator, validator @@ -110,6 +110,9 @@ class ConfigModel(ModelValidator): vca_model_config_update_status_hook_interval: Optional[str] vca_stablerepourl: Optional[str] vca_helm_ca_certs: Optional[str] + image_pull_policy: str + debug_mode: bool + security_context: bool @validator("log_level") def validate_log_level(cls, v): @@ -123,14 +126,50 @@ class ConfigModel(ModelValidator): raise ValueError("mongodb_uri is not properly formed") return v + @validator("image_pull_policy") + def validate_image_pull_policy(cls, v): + values = { + "always": "Always", + "ifnotpresent": "IfNotPresent", + "never": "Never", + } + v = v.lower() + if v not in values.keys(): + raise ValueError("value must be always, ifnotpresent or never") + return values[v] + class LcmCharm(CharmedOsmBase): - def __init__(self, *args) -> NoReturn: - super().__init__(*args, oci_image="image") - self.kafka_client = KafkaClient(self, "kafka") - self.framework.observe(self.on["kafka"].relation_changed, self.configure_pod) - self.framework.observe(self.on["kafka"].relation_broken, self.configure_pod) + on = KafkaEvents() + + def __init__(self, *args) -> NoReturn: + super().__init__( + *args, + oci_image="image", + vscode_workspace=VSCODE_WORKSPACE, + ) + if self.config.get("debug_mode"): + self.enable_debug_mode( + pubkey=self.config.get("debug_pubkey"), + hostpaths={ + "LCM": { + "hostpath": self.config.get("debug_lcm_local_path"), + "container-path": "/usr/lib/python3/dist-packages/osm_lcm", + }, + "N2VC": { + "hostpath": self.config.get("debug_n2vc_local_path"), + "container-path": "/usr/lib/python3/dist-packages/n2vc", + }, + "osm_common": { + "hostpath": self.config.get("debug_common_local_path"), + "container-path": "/usr/lib/python3/dist-packages/osm_common", + }, + }, + ) + self.kafka = KafkaRequires(self) + self.framework.observe(self.on.kafka_available, self.configure_pod) + self.framework.observe(self.on.kafka_broken, self.configure_pod) self.mongodb_client = MongoClient(self, "mongodb") self.framework.observe(self.on["mongodb"].relation_changed, self.configure_pod) @@ -143,7 +182,7 @@ class LcmCharm(CharmedOsmBase): def _check_missing_dependencies(self, config: ConfigModel): missing_relations = [] - if self.kafka_client.is_missing_data_in_unit(): + if not self.kafka.host or not self.kafka.port: missing_relations.append("kafka") if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit(): missing_relations.append("mongodb") @@ -163,11 +202,33 @@ class LcmCharm(CharmedOsmBase): # Check relations self._check_missing_dependencies(config) + security_context_enabled = ( + config.security_context if not config.debug_mode else False + ) + # Create Builder for the PodSpec - pod_spec_builder = PodSpecV3Builder() + pod_spec_builder = PodSpecV3Builder( + enable_security_context=security_context_enabled + ) + + # Add secrets to the pod + mongodb_secret_name = f"{self.app.name}-mongodb-secret" + pod_spec_builder.add_secret( + mongodb_secret_name, + { + "uri": config.mongodb_uri or self.mongodb_client.connection_string, + "commonkey": config.database_commonkey, + "helm_ca_certs": config.vca_helm_ca_certs, + }, + ) # Build Container - container_builder = ContainerV3Builder(self.app.name, image_info) + container_builder = ContainerV3Builder( + self.app.name, + image_info, + config.image_pull_policy, + run_as_non_root=security_context_enabled, + ) container_builder.add_port(name=self.app.name, port=PORT) container_builder.add_envs( { @@ -180,36 +241,54 @@ class LcmCharm(CharmedOsmBase): "OSMLCM_RO_TENANT": "osm", # Kafka configuration "OSMLCM_MESSAGE_DRIVER": "kafka", - "OSMLCM_MESSAGE_HOST": self.kafka_client.host, - "OSMLCM_MESSAGE_PORT": self.kafka_client.port, + "OSMLCM_MESSAGE_HOST": self.kafka.host, + "OSMLCM_MESSAGE_PORT": self.kafka.port, # Database configuration "OSMLCM_DATABASE_DRIVER": "mongo", - "OSMLCM_DATABASE_URI": config.mongodb_uri - or self.mongodb_client.connection_string, - "OSMLCM_DATABASE_COMMONKEY": config.database_commonkey, # Storage configuration "OSMLCM_STORAGE_DRIVER": "mongo", "OSMLCM_STORAGE_PATH": "/app/storage", "OSMLCM_STORAGE_COLLECTION": "files", - "OSMLCM_STORAGE_URI": config.mongodb_uri - or self.mongodb_client.connection_string, "OSMLCM_VCA_STABLEREPOURL": config.vca_stablerepourl, - "OSMLCM_VCA_HELM_CA_CERTS": config.vca_helm_ca_certs, } ) + container_builder.add_secret_envs( + secret_name=mongodb_secret_name, + envs={ + "OSMLCM_DATABASE_URI": "uri", + "OSMLCM_DATABASE_COMMONKEY": "commonkey", + "OSMLCM_STORAGE_URI": "uri", + "OSMLCM_VCA_HELM_CA_CERTS": "helm_ca_certs", + }, + ) if config.vca_host: - container_builder.add_envs( + vca_secret_name = f"{self.app.name}-vca-secret" + pod_spec_builder.add_secret( + vca_secret_name, { + "host": config.vca_host, + "port": str(config.vca_port), + "user": config.vca_user, + "pubkey": config.vca_pubkey, + "secret": config.vca_secret, + "cacert": config.vca_cacert, + "cloud": config.vca_cloud, + "k8s_cloud": config.vca_k8s_cloud, + }, + ) + container_builder.add_secret_envs( + secret_name=vca_secret_name, + envs={ # VCA configuration - "OSMLCM_VCA_HOST": config.vca_host, - "OSMLCM_VCA_PORT": config.vca_port, - "OSMLCM_VCA_USER": config.vca_user, - "OSMLCM_VCA_PUBKEY": config.vca_pubkey, - "OSMLCM_VCA_SECRET": config.vca_secret, - "OSMLCM_VCA_CACERT": config.vca_cacert, - "OSMLCM_VCA_CLOUD": config.vca_cloud, - "OSMLCM_VCA_K8S_CLOUD": config.vca_k8s_cloud, - } + "OSMLCM_VCA_HOST": "host", + "OSMLCM_VCA_PORT": "port", + "OSMLCM_VCA_USER": "user", + "OSMLCM_VCA_PUBKEY": "pubkey", + "OSMLCM_VCA_SECRET": "secret", + "OSMLCM_VCA_CACERT": "cacert", + "OSMLCM_VCA_CLOUD": "cloud", + "OSMLCM_VCA_K8S_CLOUD": "k8s_cloud", + }, ) if config.vca_apiproxy: container_builder.add_env("OSMLCM_VCA_APIPROXY", config.vca_apiproxy) @@ -226,9 +305,36 @@ class LcmCharm(CharmedOsmBase): # Add container to pod spec pod_spec_builder.add_container(container) + # Add restart policy + restart_policy = PodRestartPolicy() + restart_policy.add_secrets() + pod_spec_builder.set_restart_policy(restart_policy) + return pod_spec_builder.build() +VSCODE_WORKSPACE = { + "folders": [ + {"path": "/usr/lib/python3/dist-packages/osm_lcm"}, + {"path": "/usr/lib/python3/dist-packages/n2vc"}, + {"path": "/usr/lib/python3/dist-packages/osm_common"}, + ], + "settings": {}, + "launch": { + "version": "0.2.0", + "configurations": [ + { + "name": "LCM", + "type": "python", + "request": "launch", + "module": "osm_lcm.lcm", + "justMyCode": False, + } + ], + }, +} + + if __name__ == "__main__": main(LcmCharm)