canonical · dragomirp · Jan 31, 2024 · Jan 12, 2024 · Jan 12, 2024 · Jan 12, 2024
diff --git a/lib/charms/data_platform_libs/v0/data_interfaces.py b/lib/charms/data_platform_libs/v0/data_interfaces.py
diff --git a/lib/charms/loki_k8s/v0/loki_push_api.py b/lib/charms/loki_k8s/v0/loki_push_api.py
@@ -480,7 +480,7 @@ def _alert_rules_error(self, event):
 
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
-LIBPATCH = 25
+LIBPATCH = 26
 
 logger = logging.getLogger(__name__)
 
@@ -2115,7 +2115,21 @@ def _download_and_push_promtail_to_workload(self, promtail_info: dict) -> None:
                - "zipsha": sha256 sum of zip file of promtail binary
                - "binsha": sha256 sum of unpacked promtail binary
         """
-        with request.urlopen(promtail_info["url"]) as r:
+        # Check for Juju proxy variables and fall back to standard ones if not set
+        proxies: Optional[Dict[str, str]] = {}
+        if proxies and os.environ.get("JUJU_CHARM_HTTP_PROXY"):
+            proxies.update({"http": os.environ["JUJU_CHARM_HTTP_PROXY"]})
+        if proxies and os.environ.get("JUJU_CHARM_HTTPS_PROXY"):
+            proxies.update({"https": os.environ["JUJU_CHARM_HTTPS_PROXY"]})
+        if proxies and os.environ.get("JUJU_CHARM_NO_PROXY"):
+            proxies.update({"no_proxy": os.environ["JUJU_CHARM_NO_PROXY"]})
+        else:
+            proxies = None
+
+        proxy_handler = request.ProxyHandler(proxies)
+        opener = request.build_opener(proxy_handler)
+
+        with opener.open(promtail_info["url"]) as r:
             file_bytes = r.read()
             file_path = os.path.join(BINARY_DIR, promtail_info["filename"] + ".gz")
             with open(file_path, "wb") as f:

diff --git a/lib/charms/tls_certificates_interface/v2/tls_certificates.py b/lib/charms/tls_certificates_interface/v2/tls_certificates.py
@@ -286,7 +286,6 @@ def _on_all_certificates_invalidated(self, event: AllCertificatesInvalidatedEven
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives.serialization import pkcs12
-from cryptography.x509.extensions import Extension, ExtensionNotFound
 from jsonschema import exceptions, validate  # type: ignore[import-untyped]
 from ops.charm import (
     CharmBase,
@@ -308,7 +307,7 @@ def _on_all_certificates_invalidated(self, event: AllCertificatesInvalidatedEven
 
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
-LIBPATCH = 22
+LIBPATCH = 23
 
 PYDEPS = ["cryptography", "jsonschema"]
 
@@ -1676,7 +1675,7 @@ def get_assigned_certificates(self) -> List[Dict[str, str]]:
         """
         final_list = []
         for csr in self.get_certificate_signing_requests(fulfilled_only=True):
-            assert type(csr["certificate_signing_request"]) == str
+            assert isinstance(csr["certificate_signing_request"], str)
             if cert := self._find_certificate_in_relation_data(csr["certificate_signing_request"]):
                 final_list.append(cert)
         return final_list
@@ -1699,7 +1698,7 @@ def get_expiring_certificates(self) -> List[Dict[str, str]]:
         """
         final_list = []
         for csr in self.get_certificate_signing_requests(fulfilled_only=True):
-            assert type(csr["certificate_signing_request"]) == str
+            assert isinstance(csr["certificate_signing_request"], str)
             if cert := self._find_certificate_in_relation_data(csr["certificate_signing_request"]):
                 expiry_time = _get_certificate_expiry_time(cert["certificate"])
                 if not expiry_time:
@@ -1719,11 +1718,12 @@ def get_certificate_signing_requests(
         """Gets the list of CSR's that were sent to the provider.
 
         You can choose to get only the CSR's that have a certificate assigned or only the CSR's
-        that don't.
+          that don't.
 
         Args:
             fulfilled_only (bool): This option will discard CSRs that don't have certificates yet.
             unfulfilled_only (bool): This option will discard CSRs that have certificates signed.
+
         Returns:
             List of CSR dictionaries. For example:
             [
@@ -1733,10 +1733,9 @@ def get_certificate_signing_requests(
                 }
             ]
         """
-
         final_list = []
         for csr in self._requirer_csrs:
-            assert type(csr["certificate_signing_request"]) == str
+            assert isinstance(csr["certificate_signing_request"], str)
             cert = self._find_certificate_in_relation_data(csr["certificate_signing_request"])
             if (unfulfilled_only and cert) or (fulfilled_only and not cert):
                 continue

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -58,6 +58,7 @@ pytest = "^8.0.0"
 pytest-asyncio = "*"
 jinja2 = "^3.1.3"
 psycopg2-binary = "^2.9.9"
+parameterized = "^0.9.0"
 
 [tool.poetry.group.integration]
 optional = true