Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

utilities/openstack: Fix handling of unit.run for CA check #1174

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

utilities/openstack: Fix handling of unit.run for CA check #1174

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
52e0852
utilities/openstack: Fix handling of unit.run for CA check
fnordahl Dec 5, 2023
ff0c2e6
vault: Allow consecutive invocations of auto_initialize
fnordahl Dec 31, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions zaza/openstack/charm_tests/vault/setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -162,6 +162,10 @@ def auto_initialize(cacert=None, validation_application='keystone', wait=True,
basic_setup(cacert=cacert, unseal_and_authorize=True)

action = vault_utils.run_get_csr()
if 'output' not in action.data['results']:
logging.warning("Running 'get-csr' action with force, "
"vault already initialized?")
action = vault_utils.run_get_csr(force=True)
intermediate_csr = action.data['results']['output']
(cakey, cacertificate) = zaza.openstack.utilities.cert.generate_cert(
'DivineAuthority',
Expand Down
9 changes: 7 additions & 2 deletions zaza/openstack/charm_tests/vault/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -474,18 +474,23 @@ def run_charm_authorize(token):
action_params={'token': token})


def run_get_csr():
def run_get_csr(force=None):
"""Retrieve CSR from vault.

Run vault charm action to retrieve CSR from vault.

:param force: Force regeneration of intermediate ca.
:type force: Optional[bool]
:returns: Action object
:rtype: juju.action.Action
"""
action_params={}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

zaza/openstack/charm_tests/vault/utils.py:487:18: E225 missing whitespace around operator

if force is not None:
action_params.update({'force': force})
return zaza.model.run_action_on_leader(
'vault',
'get-csr',
action_params={})
action_params=action_params)


def run_upload_signed_csr(pem, root_ca, allowed_domains):
Expand Down
11 changes: 9 additions & 2 deletions zaza/openstack/utilities/openstack.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,8 +237,15 @@ async def _check_ca_present(model, ca_files):
for ca_file in ca_files:
for unit in units:
try:
output = await unit.run('cat {}'.format(ca_file))
contents = output.data.get('results').get('Stdout', '')
action = await unit.run('cat {}'.format(ca_file))
action = await action.wait()
# NOTE(fnordahl): yes, this is a call to a private
# function, and to be pragmatic we are already
# mocking about under the hood in this function, so let's
# just make it work.
results = zaza.model._normalise_action_results(
getattr(action, 'results', action.data.get('results')))
contents = results.get('stdout', '')
if ca_cert not in contents:
break
# libjuju throws a generic error for connection failure. So we
Expand Down
Loading