from opslib.osm.interfaces.kafka import KafkaClient
from opslib.osm.interfaces.mongo import MongoClient
from opslib.osm.interfaces.mysql import MysqlClient
-from opslib.osm.pod import ContainerV3Builder, FilesV3Builder, PodSpecV3Builder
+from opslib.osm.pod import (
+ ContainerV3Builder,
+ FilesV3Builder,
+ PodRestartPolicy,
+ PodSpecV3Builder,
+)
from opslib.osm.validator import ModelValidator, validator
logger = logging.getLogger(__name__)
ro_database: str
openmano_tenant: str
certificates: Optional[str]
- image_pull_policy: Optional[str]
+ image_pull_policy: str
+ debug_mode: bool
+ security_context: bool
@validator("log_level")
def validate_log_level(cls, v):
def __init__(self, *args) -> NoReturn:
"""Prometheus Charm constructor."""
- super().__init__(*args, oci_image="image")
+ super().__init__(
+ *args,
+ oci_image="image",
+ debug_mode_config_key="debug_mode",
+ debug_pubkey_config_key="debug_pubkey",
+ vscode_workspace=VSCODE_WORKSPACE,
+ )
self.kafka_client = KafkaClient(self, "kafka")
self.framework.observe(self.on["kafka"].relation_changed, self.configure_pod)
missing_relations = []
if config.enable_ng_ro:
- if self.kafka_client.is_missing_data_in_unit():
+ if (
+ self.kafka_client.is_missing_data_in_unit()
+ and self.kafka_client.is_missing_data_in_app()
+ ):
missing_relations.append("kafka")
if not config.mongodb_uri and self.mongodb_client.is_missing_data_in_unit():
missing_relations.append("mongodb")
# Check relations
self._check_missing_dependencies(config)
+ security_context_enabled = (
+ config.security_context if not config.debug_mode else False
+ )
+
# Create Builder for the PodSpec
- pod_spec_builder = PodSpecV3Builder()
+ pod_spec_builder = PodSpecV3Builder(
+ enable_security_context=security_context_enabled
+ )
# Build Container
container_builder = ContainerV3Builder(
- self.app.name, image_info, config.image_pull_policy
+ self.app.name,
+ image_info,
+ config.image_pull_policy,
+ run_as_non_root=security_context_enabled,
)
certs_files = self._build_cert_files(config)
)
if config.enable_ng_ro:
+ # Add secrets to the pod
+ mongodb_secret_name = f"{self.app.name}-mongodb-secret"
+ pod_spec_builder.add_secret(
+ mongodb_secret_name,
+ {
+ "uri": config.mongodb_uri or self.mongodb_client.connection_string,
+ "commonkey": config.database_commonkey,
+ },
+ )
container_builder.add_envs(
{
"OSMRO_MESSAGE_DRIVER": "kafka",
"OSMRO_MESSAGE_PORT": self.kafka_client.port,
# MongoDB configuration
"OSMRO_DATABASE_DRIVER": "mongo",
- "OSMRO_DATABASE_URI": config.mongodb_uri
- or self.mongodb_client.connection_string,
- "OSMRO_DATABASE_COMMONKEY": config.database_commonkey,
}
)
+ container_builder.add_secret_envs(
+ secret_name=mongodb_secret_name,
+ envs={
+ "OSMRO_DATABASE_URI": "uri",
+ "OSMRO_DATABASE_COMMONKEY": "commonkey",
+ },
+ )
+ restart_policy = PodRestartPolicy()
+ restart_policy.add_secrets(secret_names=(mongodb_secret_name,))
+ pod_spec_builder.set_restart_policy(restart_policy)
else:
container_builder.add_envs(
return pod_spec_builder.build()
+VSCODE_WORKSPACE = {
+ "folders": [
+ {"path": "/usr/lib/python3/dist-packages/osm_ng_ro"},
+ {"path": "/usr/lib/python3/dist-packages/osm_common"},
+ {"path": "/usr/lib/python3/dist-packages/osm_ro_plugin"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_arista_cloudvision"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_dpb"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_dynpac"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_floodlightof"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_ietfl2vpn"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_juniper_contrail"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_odlof"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_onos_vpls"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rosdn_onosof"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_aws"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_azure"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_fos"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_opennebula"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_openstack"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_openvim"},
+ {"path": "/usr/lib/python3/dist-packages/osm_rovim_vmware"},
+ ],
+ "launch": {
+ "configurations": [
+ {
+ "module": "osm_ng_ro.ro_main",
+ "name": "NG RO",
+ "request": "launch",
+ "type": "python",
+ "justMyCode": False,
+ }
+ ],
+ "version": "0.2.0",
+ },
+ "settings": {},
+}
+
if __name__ == "__main__":
main(RoCharm)
projects / osm / devops.git / blobdiff