X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=installers%2Fcharm%2Fng-ui%2Fsrc%2Fcharm.py;h=ce48927ad1e13b747df90ee7ccfe665daefededa;hb=c52339680d17351fd5c873d82292d4c63af81c70;hp=23d316138153c451595a04b9ad9d3b086173f2a3;hpb=081f469ea6358cdd9c6d4c992a7668a2199c8cdc;p=osm%2Fdevops.git diff --git a/installers/charm/ng-ui/src/charm.py b/installers/charm/ng-ui/src/charm.py index 23d31613..ce48927a 100755 --- a/installers/charm/ng-ui/src/charm.py +++ b/installers/charm/ng-ui/src/charm.py @@ -15,6 +15,7 @@ import sys import logging +import base64 sys.path.append("lib") @@ -24,6 +25,9 @@ from ops.main import main from ops.model import ( ActiveStatus, MaintenanceStatus, + BlockedStatus, + ModelError, + WaitingStatus, ) from glob import glob @@ -39,53 +43,78 @@ class NGUICharm(CharmBase): def __init__(self, framework, key): super().__init__(framework, key) self.state.set_default(spec=None) + self.state.set_default(nbi_host=None) + self.state.set_default(nbi_port=None) # Observe Charm related events self.framework.observe(self.on.config_changed, self.on_config_changed) self.framework.observe(self.on.start, self.on_start) self.framework.observe(self.on.upgrade_charm, self.on_upgrade_charm) - # self.framework.observe( - # self.on.nbi_relation_joined, self.on_nbi_relation_joined - # ) + self.framework.observe( + self.on.nbi_relation_changed, self.on_nbi_relation_changed + ) + + # SSL Certificate path + self.ssl_folder = "/certs" + self.ssl_crt_name = "ssl_certificate.crt" + self.ssl_key_name = "ssl_certificate.key" def _apply_spec(self): # Only apply the spec if this unit is a leader. - if not self.framework.model.unit.is_leader(): + unit = self.model.unit + if not unit.is_leader(): + unit.status = ActiveStatus("ready") + return + if not self.state.nbi_host or not self.state.nbi_port: + unit.status = WaitingStatus("Waiting for NBI") return + unit.status = MaintenanceStatus("Applying new pod spec") + new_spec = self.make_pod_spec() if new_spec == self.state.spec: + unit.status = ActiveStatus("ready") return self.framework.model.pod.set_spec(new_spec) self.state.spec = new_spec + unit.status = ActiveStatus("ready") def make_pod_spec(self): config = self.framework.model.config - ports = [ - {"name": "port", "containerPort": config["port"], "protocol": "TCP",}, - ] - - kubernetes = { - "readinessProbe": { - "tcpSocket": {"port": config["port"]}, - "timeoutSeconds": 5, - "periodSeconds": 5, - "initialDelaySeconds": 10, - }, - "livenessProbe": { - "tcpSocket": {"port": config["port"]}, - "timeoutSeconds": 5, - "initialDelaySeconds": 45, - }, - } config_spec = { - "port": config["port"], + "http_port": config["port"], + "https_port": config["https_port"], "server_name": config["server_name"], "client_max_body_size": config["client_max_body_size"], - "nbi_hostname": config["nbi_hostname"], - "nbi_port": config["nbi_port"], + "nbi_host": self.state.nbi_host or config["nbi_host"], + "nbi_port": self.state.nbi_port or config["nbi_port"], + "ssl_crt": "", + "ssl_crt_key": "", } + ssl_certificate = None + ssl_certificate_key = None + ssl_enabled = False + + if "ssl_certificate" in config and "ssl_certificate_key" in config: + # Get bytes of cert and key + cert_b = base64.b64decode(config["ssl_certificate"]) + key_b = base64.b64decode(config["ssl_certificate_key"]) + # Decode key and cert + ssl_certificate = cert_b.decode("utf-8") + ssl_certificate_key = key_b.decode("utf-8") + # Get paths + cert_path = "{}/{}".format(self.ssl_folder, self.ssl_crt_name) + key_path = "{}/{}".format(self.ssl_folder, self.ssl_key_name) + + config_spec["port"] = "{} ssl".format(config["https_port"]) + config_spec["ssl_crt"] = "ssl_certificate {};".format(cert_path) + config_spec["ssl_crt_key"] = "ssl_certificate_key {};".format(key_path) + ssl_enabled = True + else: + config_spec["ssl_crt"] = "" + config_spec["ssl_crt_key"] = "" + files = [ { "name": "configuration", @@ -96,8 +125,38 @@ class NGUICharm(CharmBase): .substitute(config_spec) for filename in glob("files/*") }, - }, + } + ] + port = config["https_port"] if ssl_enabled else config["port"] + ports = [ + {"name": "port", "containerPort": port, "protocol": "TCP", }, ] + + kubernetes = { + "readinessProbe": { + "tcpSocket": {"port": port}, + "timeoutSeconds": 5, + "periodSeconds": 5, + "initialDelaySeconds": 10, + }, + "livenessProbe": { + "tcpSocket": {"port": port}, + "timeoutSeconds": 5, + "initialDelaySeconds": 45, + }, + } + + if ssl_certificate and ssl_certificate_key: + files.append( + { + "name": "ssl", + "mountPath": self.ssl_folder, + "files": { + self.ssl_crt_name: ssl_certificate, + self.ssl_key_name: ssl_certificate_key, + }, + } + ) logger.debug(files) spec = { "version": 2, @@ -116,17 +175,11 @@ class NGUICharm(CharmBase): def on_config_changed(self, event): """Handle changes in configuration""" - unit = self.model.unit - unit.status = MaintenanceStatus("Applying new pod spec") self._apply_spec() - unit.status = ActiveStatus("Ready") def on_start(self, event): """Called when the charm is being installed""" - unit = self.model.unit - unit.status = MaintenanceStatus("Applying pod spec") self._apply_spec() - unit.status = ActiveStatus("Ready") def on_upgrade_charm(self, event): """Upgrade the charm.""" @@ -134,14 +187,13 @@ class NGUICharm(CharmBase): unit.status = MaintenanceStatus("Upgrading charm") self.on_start(event) - # def on_nbi_relation_joined(self, event): - # unit = self.model.unit - # if not unit.is_leader(): - # return - # config = self.framework.model.config - # unit = MaintenanceStatus("Sending connection data") - - # unit = ActiveStatus("Ready") + def on_nbi_relation_changed(self, event): + unit = self.model.unit + if not unit.is_leader(): + return + self.state.nbi_host = event.relation.data[event.unit].get("host") + self.state.nbi_port = event.relation.data[event.unit].get("port") + self._apply_spec() if __name__ == "__main__":