From b76beb5971ae855bb6b4f1f4ab7574129ac01a7d Mon Sep 17 00:00:00 2001 From: Lucas Gameiro Borges Date: Mon, 24 Jun 2024 17:37:49 +0000 Subject: [PATCH] catch 403 errors --- src/charm.py | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/src/charm.py b/src/charm.py index 58189a653..e25a245ef 100755 --- a/src/charm.py +++ b/src/charm.py @@ -208,11 +208,16 @@ def get_all_k8s_node_hostnames_and_ips( self, ) -> Tuple[list[str], list[str]]: """Return all node hostnames and IPs registered in k8s.""" - node = lightkube.Client().get( - lightkube.resources.core_v1.Node, - name=self._node_name, - namespace=self._namespace, - ) + try: + node = lightkube.Client().get( + lightkube.resources.core_v1.Node, + name=self._node_name, + namespace=self._namespace, + ) + except lightkube.ApiError as e: + if e.status.code == 403: + self.on_deployed_without_trust() + return hostnames = [] ips = [] for a in node.status.addresses: @@ -282,7 +287,10 @@ def patch_port(self, use_node_port: bool = False) -> None: patch_type=lightkube.types.PatchType.MERGE, ) logger.debug("Patched k8s service") - except lightkube.ApiError: + except lightkube.ApiError as e: + if e.status.code == 403: + self.on_deployed_without_trust() + return logger.exception("Failed to patch k8s service") raise @@ -924,6 +932,12 @@ def client_relations(self) -> List[Relation]: relations.append(relation) return relations + def on_deployed_without_trust(self) -> None: + """Blocks the application and returns a specific error message for deployments made without --trust.""" + self.unit.status = BlockedStatus( + f"Insufficient permissions, try: `juju trust {self.app.name} --scope=cluster`" + ) + if __name__ == "__main__": main(PgBouncerK8sCharm)