Skip to content

Commit

Permalink
Update static secrets
Browse files Browse the repository at this point in the history
  • Loading branch information
dragomirp committed Jan 27, 2024
1 parent 393511f commit 3f11a4a
Show file tree
Hide file tree
Showing 3 changed files with 36 additions and 39 deletions.
62 changes: 30 additions & 32 deletions lib/charms/data_platform_libs/v0/data_interfaces.py
Original file line number Diff line number Diff line change
Expand Up @@ -320,7 +320,7 @@ def _on_topic_requested(self, event: TopicRequestedEvent):

# Increment this PATCH version before using `charmcraft publish-lib` or reset
# to 0 if you are raising the major API version
LIBPATCH = 26
LIBPATCH = 27

PYDEPS = ["ops>=2.0.0"]

Expand Down Expand Up @@ -422,15 +422,15 @@ def diff(event: RelationChangedEvent, bucket: Union[Unit, Application]) -> Diff:
)

# These are the keys that were added to the databag and triggered this event.
added = new_data.keys() - old_data.keys() # pyright: ignore [reportGeneralTypeIssues]
added = new_data.keys() - old_data.keys() # pyright: ignore [reportAssignmentType]
# These are the keys that were removed from the databag and triggered this event.
deleted = old_data.keys() - new_data.keys() # pyright: ignore [reportGeneralTypeIssues]
deleted = old_data.keys() - new_data.keys() # pyright: ignore [reportAssignmentType]
# These are the keys that already existed in the databag,
# but had their values changed.
changed = {
key
for key in old_data.keys() & new_data.keys() # pyright: ignore [reportGeneralTypeIssues]
if old_data[key] != new_data[key] # pyright: ignore [reportGeneralTypeIssues]
for key in old_data.keys() & new_data.keys() # pyright: ignore [reportAssignmentType]
if old_data[key] != new_data[key] # pyright: ignore [reportAssignmentType]
}
# Convert the new_data to a serializable format and save it for a next diff check.
set_encoded_field(event.relation, bucket, "data", new_data)
Expand Down Expand Up @@ -1619,7 +1619,8 @@ def _delete_relation_data(self, relation: Relation, fields: List[str]) -> None:
current_data.get(relation.id, [])
):
logger.error(
"Non-existing secret %s was attempted to be removed.", non_existent
"Non-existing secret %s was attempted to be removed.",
", ".join(non_existent),
)

_, normal_fields = self._process_secret_fields(
Expand Down Expand Up @@ -1686,12 +1687,8 @@ def extra_user_roles(self) -> Optional[str]:
return self.relation.data[self.relation.app].get("extra-user-roles")


class AuthenticationEvent(RelationEvent):
"""Base class for authentication fields for events.
The amount of logic added here is not ideal -- but this was the only way to preserve
the interface when moving to Juju Secrets
"""
class RelationEventWithSecret(RelationEvent):
"""Base class for Relation Events that need to handle secrets."""

@property
def _secrets(self) -> dict:
Expand All @@ -1703,18 +1700,6 @@ def _secrets(self) -> dict:
self._cached_secrets = {}
return self._cached_secrets

@property
def _jujuversion(self) -> JujuVersion:
"""Caching jujuversion to avoid a Juju call on each field evaluation.
DON'T USE the encapsulated helper variable outside of this function
"""
if not hasattr(self, "_cached_jujuversion"):
self._cached_jujuversion = None
if not self._cached_jujuversion:
self._cached_jujuversion = JujuVersion.from_environ()
return self._cached_jujuversion

def _get_secret(self, group) -> Optional[Dict[str, str]]:
"""Retrieveing secrets."""
if not self.app:
Expand All @@ -1730,7 +1715,15 @@ def _get_secret(self, group) -> Optional[Dict[str, str]]:
@property
def secrets_enabled(self):
"""Is this Juju version allowing for Secrets usage?"""
return self._jujuversion.has_secrets
return JujuVersion.from_environ().has_secrets


class AuthenticationEvent(RelationEventWithSecret):
"""Base class for authentication fields for events.
The amount of logic added here is not ideal -- but this was the only way to preserve
the interface when moving to Juju Secrets
"""

@property
def username(self) -> Optional[str]:
Expand Down Expand Up @@ -1813,7 +1806,7 @@ class DatabaseProvidesEvents(CharmEvents):
database_requested = EventSource(DatabaseRequestedEvent)


class DatabaseRequiresEvent(RelationEvent):
class DatabaseRequiresEvent(RelationEventWithSecret):
"""Base class for database events."""

@property
Expand Down Expand Up @@ -1868,6 +1861,11 @@ def uris(self) -> Optional[str]:
if not self.relation.app:
return None

if self.secrets_enabled:
secret = self._get_secret("user")
if secret:
return secret.get("uris")

return self.relation.data[self.relation.app].get("uris")

@property
Expand Down Expand Up @@ -1911,7 +1909,7 @@ class DatabaseRequiresEvents(CharmEvents):
class DatabaseProvides(DataProvides):
"""Provider-side of the database relations."""

on = DatabaseProvidesEvents() # pyright: ignore [reportGeneralTypeIssues]
on = DatabaseProvidesEvents() # pyright: ignore [reportAssignmentType]

def __init__(self, charm: CharmBase, relation_name: str) -> None:
super().__init__(charm, relation_name)
Expand Down Expand Up @@ -2006,7 +2004,7 @@ def set_version(self, relation_id: int, version: str) -> None:
class DatabaseRequires(DataRequires):
"""Requires-side of the database relation."""

on = DatabaseRequiresEvents() # pyright: ignore [reportGeneralTypeIssues]
on = DatabaseRequiresEvents() # pyright: ignore [reportAssignmentType]

def __init__(
self,
Expand Down Expand Up @@ -2335,7 +2333,7 @@ class KafkaRequiresEvents(CharmEvents):
class KafkaProvides(DataProvides):
"""Provider-side of the Kafka relation."""

on = KafkaProvidesEvents() # pyright: ignore [reportGeneralTypeIssues]
on = KafkaProvidesEvents() # pyright: ignore [reportAssignmentType]

def __init__(self, charm: CharmBase, relation_name: str) -> None:
super().__init__(charm, relation_name)
Expand Down Expand Up @@ -2396,7 +2394,7 @@ def set_zookeeper_uris(self, relation_id: int, zookeeper_uris: str) -> None:
class KafkaRequires(DataRequires):
"""Requires-side of the Kafka relation."""

on = KafkaRequiresEvents() # pyright: ignore [reportGeneralTypeIssues]
on = KafkaRequiresEvents() # pyright: ignore [reportAssignmentType]

def __init__(
self,
Expand Down Expand Up @@ -2533,7 +2531,7 @@ class OpenSearchRequiresEvents(CharmEvents):
class OpenSearchProvides(DataProvides):
"""Provider-side of the OpenSearch relation."""

on = OpenSearchProvidesEvents() # pyright: ignore[reportGeneralTypeIssues]
on = OpenSearchProvidesEvents() # pyright: ignore[reportAssignmentType]

def __init__(self, charm: CharmBase, relation_name: str) -> None:
super().__init__(charm, relation_name)
Expand Down Expand Up @@ -2586,7 +2584,7 @@ def set_version(self, relation_id: int, version: str) -> None:
class OpenSearchRequires(DataRequires):
"""Requires-side of the OpenSearch relation."""

on = OpenSearchRequiresEvents() # pyright: ignore[reportGeneralTypeIssues]
on = OpenSearchRequiresEvents() # pyright: ignore[reportAssignmentType]

def __init__(
self,
Expand Down
4 changes: 2 additions & 2 deletions lib/charms/loki_k8s/v0/loki_push_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -456,7 +456,7 @@ def _alert_rules_error(self, event):
from urllib.error import HTTPError

import yaml
from charms.observability_libs.v0.juju_topology import JujuTopology
from cosl import JujuTopology
from ops.charm import (
CharmBase,
HookEvent,
Expand All @@ -480,7 +480,7 @@ def _alert_rules_error(self, event):

# Increment this PATCH version before using `charmcraft publish-lib` or reset
# to 0 if you are raising the major API version
LIBPATCH = 24
LIBPATCH = 25

logger = logging.getLogger(__name__)

Expand Down
9 changes: 4 additions & 5 deletions src/charm.py
Original file line number Diff line number Diff line change
Expand Up @@ -51,7 +51,7 @@
)
from relations.backend_database import BackendDatabaseRequires
from relations.db import DbProvides
from relations.peers import Peers
from relations.peers import CFG_FILE_DATABAG_KEY, Peers
from relations.pgbouncer_provider import PgBouncerProvider
from upgrade import PgbouncerUpgrade, get_pgbouncer_k8s_dependencies_model

Expand All @@ -72,10 +72,9 @@ def __init__(self, *args):
self,
relation_name=PEER_RELATION_NAME,
additional_secret_fields=[
"monitoring-password",
"operator-password",
"replication-password",
"rewind-password",
AUTH_FILE_DATABAG_KEY,
CFG_FILE_DATABAG_KEY,
MONITORING_PASSWORD_KEY,
],
secret_field_name=SECRET_INTERNAL_LABEL,
deleted_label=SECRET_DELETED_LABEL,
Expand Down

0 comments on commit 3f11a4a

Please sign in to comment.