# See the License for the specific language governing permissions and
# limitations under the License.
-import sys
+import base64
+from glob import glob
import logging
-
-sys.path.append("lib")
+from pathlib import Path
+from string import Template
+import sys
from ops.charm import CharmBase
from ops.framework import StoredState, Object
from ops.model import (
ActiveStatus,
MaintenanceStatus,
+ BlockedStatus,
+ ModelError,
+ WaitingStatus,
)
-from glob import glob
-from pathlib import Path
-from string import Template
logger = logging.getLogger(__name__)
def __init__(self, framework, key):
super().__init__(framework, key)
self.state.set_default(spec=None)
+ self.state.set_default(nbi_host=None)
+ self.state.set_default(nbi_port=None)
# Observe Charm related events
self.framework.observe(self.on.config_changed, self.on_config_changed)
self.framework.observe(self.on.start, self.on_start)
self.framework.observe(self.on.upgrade_charm, self.on_upgrade_charm)
- # self.framework.observe(
- # self.on.nbi_relation_joined, self.on_nbi_relation_joined
- # )
+ self.framework.observe(
+ self.on.nbi_relation_changed, self.on_nbi_relation_changed
+ )
+
+ # SSL Certificate path
+ self.ssl_folder = "/certs"
+ self.ssl_crt_name = "ssl_certificate.crt"
+ self.ssl_key_name = "ssl_certificate.key"
def _apply_spec(self):
# Only apply the spec if this unit is a leader.
- if not self.framework.model.unit.is_leader():
+ unit = self.model.unit
+ if not unit.is_leader():
+ unit.status = ActiveStatus("ready")
return
+ if not self.state.nbi_host or not self.state.nbi_port:
+ unit.status = WaitingStatus("Waiting for NBI")
+ return
+ unit.status = MaintenanceStatus("Applying new pod spec")
+
new_spec = self.make_pod_spec()
if new_spec == self.state.spec:
+ unit.status = ActiveStatus("ready")
return
self.framework.model.pod.set_spec(new_spec)
self.state.spec = new_spec
+ unit.status = ActiveStatus("ready")
def make_pod_spec(self):
config = self.framework.model.config
- ports = [
- {"name": "port", "containerPort": config["port"], "protocol": "TCP",},
- ]
-
- kubernetes = {
- "readinessProbe": {
- "tcpSocket": {"port": config["port"]},
- "timeoutSeconds": 5,
- "periodSeconds": 5,
- "initialDelaySeconds": 10,
- },
- "livenessProbe": {
- "tcpSocket": {"port": config["port"]},
- "timeoutSeconds": 5,
- "initialDelaySeconds": 45,
- },
- }
config_spec = {
- "port": config["port"],
+ "http_port": config["port"],
+ "https_port": config["https_port"],
"server_name": config["server_name"],
"client_max_body_size": config["client_max_body_size"],
- "nbi_hostname": config["nbi_hostname"],
- "nbi_port": config["nbi_port"],
+ "nbi_host": self.state.nbi_host or config["nbi_host"],
+ "nbi_port": self.state.nbi_port or config["nbi_port"],
+ "ssl_crt": "",
+ "ssl_crt_key": "",
}
+ ssl_certificate = None
+ ssl_certificate_key = None
+ ssl_enabled = False
+
+ if "ssl_certificate" in config and "ssl_certificate_key" in config:
+ # Get bytes of cert and key
+ cert_b = base64.b64decode(config["ssl_certificate"])
+ key_b = base64.b64decode(config["ssl_certificate_key"])
+ # Decode key and cert
+ ssl_certificate = cert_b.decode("utf-8")
+ ssl_certificate_key = key_b.decode("utf-8")
+ # Get paths
+ cert_path = "{}/{}".format(self.ssl_folder, self.ssl_crt_name)
+ key_path = "{}/{}".format(self.ssl_folder, self.ssl_key_name)
+
+ config_spec["port"] = "{} ssl".format(config["https_port"])
+ config_spec["ssl_crt"] = "ssl_certificate {};".format(cert_path)
+ config_spec["ssl_crt_key"] = "ssl_certificate_key {};".format(key_path)
+ ssl_enabled = True
+ else:
+ config_spec["ssl_crt"] = ""
+ config_spec["ssl_crt_key"] = ""
+
files = [
{
"name": "configuration",
.substitute(config_spec)
for filename in glob("files/*")
},
+ }
+ ]
+ port = config["https_port"] if ssl_enabled else config["port"]
+ ports = [
+ {
+ "name": "port",
+ "containerPort": port,
+ "protocol": "TCP",
},
]
+
+ kubernetes = {
+ "readinessProbe": {
+ "tcpSocket": {"port": port},
+ "timeoutSeconds": 5,
+ "periodSeconds": 5,
+ "initialDelaySeconds": 10,
+ },
+ "livenessProbe": {
+ "tcpSocket": {"port": port},
+ "timeoutSeconds": 5,
+ "initialDelaySeconds": 45,
+ },
+ }
+
+ if ssl_certificate and ssl_certificate_key:
+ files.append(
+ {
+ "name": "ssl",
+ "mountPath": self.ssl_folder,
+ "files": {
+ self.ssl_crt_name: ssl_certificate,
+ self.ssl_key_name: ssl_certificate_key,
+ },
+ }
+ )
+
logger.debug(files)
+
spec = {
"version": 2,
"containers": [
{
"name": self.framework.model.app.name,
- "image": "{}".format(config["image"]),
+ "imageDetails": {
+ "imagePath": config["image"],
+ "username": config["image_username"],
+ "password": config["image_password"],
+ },
"ports": ports,
"kubernetes": kubernetes,
"files": files,
def on_config_changed(self, event):
"""Handle changes in configuration"""
- unit = self.model.unit
- unit.status = MaintenanceStatus("Applying new pod spec")
self._apply_spec()
- unit.status = ActiveStatus("Ready")
def on_start(self, event):
"""Called when the charm is being installed"""
- unit = self.model.unit
- unit.status = MaintenanceStatus("Applying pod spec")
self._apply_spec()
- unit.status = ActiveStatus("Ready")
def on_upgrade_charm(self, event):
"""Upgrade the charm."""
unit.status = MaintenanceStatus("Upgrading charm")
self.on_start(event)
- # def on_nbi_relation_joined(self, event):
- # unit = self.model.unit
- # if not unit.is_leader():
- # return
- # config = self.framework.model.config
- # unit = MaintenanceStatus("Sending connection data")
-
- # unit = ActiveStatus("Ready")
+ def on_nbi_relation_changed(self, event):
+ nbi_host = event.relation.data[event.unit].get("host")
+ nbi_port = event.relation.data[event.unit].get("port")
+ if nbi_host and self.state.nbi_host != nbi_host:
+ self.state.nbi_host = nbi_host
+ if nbi_port and self.state.nbi_port != nbi_port:
+ self.state.nbi_port = nbi_port
+ self._apply_spec()
if __name__ == "__main__":