Skip to content

Commit

Permalink
Ensure get_requests_for_local_unit doesn't fail on incomplete relation
Browse files Browse the repository at this point in the history 
This is a rebuild/make sync for charms to pickup the fix in charmhelpers to fix
any inadvertant accesses of ['ca'] in the relation data before it is available
from vault in the certificates relation.  Fix in charmhelpers is in [1].

[1] juju/charm-helpers#824
Closes-Bug: #2028683

Change-Id: Ie197482fcba7cadd27ea74f22e2a6e2c97eaddac
  • Loading branch information
@ajkavanagh
ajkavanagh committed Aug 4, 2023
1 parent 4e5659b commit fb1a1bb
Show file tree
Hide file tree
Showing 2 changed files with 58 additions and 13 deletions.
33 changes: 21 additions & 12 deletions charmhelpers/contrib/openstack/cert_utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -414,18 +414,27 @@ def get_requests_for_local_unit(relation_name=None):
is_legacy_request = set(sent).intersection(legacy_keys)
for unit in related_units(rid):
data = relation_get(rid=rid, unit=unit)
if data.get(raw_certs_key):
bundles.append({
'ca': data['ca'],
'chain': data.get('chain'),
'certs': json.loads(data[raw_certs_key])})
elif is_legacy_request:
bundles.append({
'ca': data['ca'],
'chain': data.get('chain'),
'certs': {sent['common_name']:
{'cert': data.get(local_name + '.server.cert'),
'key': data.get(local_name + '.server.key')}}})
# Note: Bug#2028683 - data may not be available if the certificates
# relation hasn't been populated by the providing charm. If no 'ca'
# in the data then don't attempt the bundle at all.
if data.get('ca'):
if data.get(raw_certs_key):
bundles.append({
'ca': data['ca'],
'chain': data.get('chain'),
'certs': json.loads(data[raw_certs_key])
})
elif is_legacy_request:
bundles.append({
'ca': data['ca'],
'chain': data.get('chain'),
'certs': {
sent['common_name']: {
'cert': data.get(local_name + '.server.cert'),
'key': data.get(local_name + '.server.key')
}
}
})

return bundles

Expand Down
38 changes: 37 additions & 1 deletion charmhelpers/core/unitdata.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -151,6 +151,7 @@ def config_changed():
import datetime
import itertools
import json
import logging
import os
import pprint
import sqlite3
Expand Down Expand Up @@ -521,6 +522,41 @@ class DeltaSet(Record):

def kv():
global _KV

# If we are running unit tests, it is useful to go into memory-backed KV store to
# avoid concurrency issues when running multiple tests. This is not a
# problem when juju is running normally.

env_var = os.environ.get("CHARM_HELPERS_TESTMODE", "auto").lower()
if env_var not in ["auto", "no", "yes"]:
logging.warning(f"Unknown value for CHARM_HELPERS_TESTMODE '{env_var}', assuming 'no'")
env_var = "no"

if env_var == "no":
in_memory_db = False
elif env_var == "yes":
in_memory_db = True
elif env_var == "auto":
# If UNIT_STATE_DB is set, respect this request
if "UNIT_STATE_DB" in os.environ:
in_memory_db = False
# Autodetect normal juju execution by looking for juju variables
elif "JUJU_CHARM_DIR" in os.environ or "JUJU_UNIT_NAME" in os.environ:
in_memory_db = False
else:
# We are probably running in unit test mode
logging.warning("Auto-detected unit test environment for KV store.")
in_memory_db = True
else:
# Help the linter realise that in_memory_db is always set
raise Exception("Cannot reach this line")

if _KV is None:
_KV = Storage()
if in_memory_db:
_KV = Storage(":memory:")
else:
_KV = Storage()
else:
if in_memory_db and _KV.db_path != ":memory:":
logging.warning("Running with in_memory_db and KV is not set to :memory:")
return _KV

0 comments on commit fb1a1bb

Please sign in to comment.