canonical · dragomirp · Apr 29, 2024 · Apr 29, 2024 · Apr 29, 2024
diff --git a/lib/charms/loki_k8s/v0/loki_push_api.py b/lib/charms/loki_k8s/v0/loki_push_api.py
@@ -480,7 +480,9 @@ def _alert_rules_error(self, event):
 
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
-LIBPATCH = 28
+LIBPATCH = 29
+
+PYDEPS = ["cosl"]
 
 logger = logging.getLogger(__name__)
 

diff --git a/lib/charms/prometheus_k8s/v0/prometheus_scrape.py b/lib/charms/prometheus_k8s/v0/prometheus_scrape.py
@@ -362,7 +362,7 @@ def _on_scrape_targets_changed(self, event):
 
 # Increment this PATCH version before using `charmcraft publish-lib` or reset
 # to 0 if you are raising the major API version
-LIBPATCH = 44
+LIBPATCH = 46
 
 PYDEPS = ["cosl"]
 
@@ -521,8 +521,8 @@ def expand_wildcard_targets_into_individual_jobs(
                         # for such a target. Therefore labeling with Juju topology, excluding the
                         # unit name.
                         non_wildcard_static_config["labels"] = {
-                            **non_wildcard_static_config.get("labels", {}),
                             **topology.label_matcher_dict,
+                            **non_wildcard_static_config.get("labels", {}),
                         }
 
                     non_wildcard_static_configs.append(non_wildcard_static_config)
@@ -547,9 +547,9 @@ def expand_wildcard_targets_into_individual_jobs(
                         if topology:
                             # Add topology labels
                             modified_static_config["labels"] = {
-                                **modified_static_config.get("labels", {}),
                                 **topology.label_matcher_dict,
                                 **{"juju_unit": unit_name},
+                                **modified_static_config.get("labels", {}),
                             }
 
                             # Instance relabeling for topology should be last in order.
@@ -1537,12 +1537,11 @@ def set_scrape_job_spec(self, _=None):
             relation.data[self._charm.app]["scrape_metadata"] = json.dumps(self._scrape_metadata)
             relation.data[self._charm.app]["scrape_jobs"] = json.dumps(self._scrape_jobs)
 
-            if alert_rules_as_dict:
-                # Update relation data with the string representation of the rule file.
-                # Juju topology is already included in the "scrape_metadata" field above.
-                # The consumer side of the relation uses this information to name the rules file
-                # that is written to the filesystem.
-                relation.data[self._charm.app]["alert_rules"] = json.dumps(alert_rules_as_dict)
+            # Update relation data with the string representation of the rule file.
+            # Juju topology is already included in the "scrape_metadata" field above.
+            # The consumer side of the relation uses this information to name the rules file
+            # that is written to the filesystem.
+            relation.data[self._charm.app]["alert_rules"] = json.dumps(alert_rules_as_dict)
 
     def _set_unit_ip(self, _=None):
         """Set unit host address.

diff --git a/src/relations/backend_database.py b/src/relations/backend_database.py
@@ -214,6 +214,45 @@ def ready(self) -> bool:
 
         return True
 
+    def collect_databases(self) -> List[str]:
+        """Collects the names of all client dbs to inject or remove the auth_query."""
+        databases = [self.database.database, PG]
+        for relation in self.charm.model.relations.get("db", []):
+            database = self.charm.legacy_db_relation.get_databags(relation)[0].get("database")
+            if database and relation.units:
+                try:
+                    con = self.postgres._connect_to_database(database)
+                    con.close()
+                    databases.append(database)
+                except psycopg2.OperationalError:
+                    logger.debug("database %s not yet created", database)
+
+        for relation in self.charm.model.relations.get("db-admin", []):
+            database = self.charm.legacy_db_admin_relation.get_databags(relation)[0].get(
+                "database"
+            )
+            if database and relation.units:
+                try:
+                    con = self.postgres._connect_to_database(database)
+                    con.close()
+                    databases.append(database)
+                except psycopg2.OperationalError:
+                    logger.debug("database %s not yet created", database)
+
+        for _, data in self.charm.client_relation.database_provides.fetch_relation_data(
+            fields=["database"]
+        ).items():
+            database = data.get("database")
+            if database:
+                try:
+                    con = self.postgres._connect_to_database(database)
+                    con.close()
+                    databases.append(database)
+                except psycopg2.OperationalError:
+                    logger.debug("database %s not yet created", database)
+
+        return databases
+
     def _on_database_created(self, event: DatabaseCreatedEvent) -> None:
         """Handle backend-database-database-created event.
 
@@ -258,7 +297,7 @@ def _on_database_created(self, event: DatabaseCreatedEvent) -> None:
         # create authentication user on postgres database, so we can authenticate other users
         # later on
         self.postgres.create_user(self.auth_user, hashed_password, admin=True)
-        self.initialise_auth_function([self.database.database, PG])
+        self.initialise_auth_function(self.collect_databases())
 
         # Add the monitoring user.
         if not (monitoring_password := self.charm.get_secret(APP_SCOPE, MONITORING_PASSWORD_KEY)):
@@ -325,7 +364,7 @@ def _on_relation_departed(self, event: RelationDepartedEvent):
             # TODO de-authorise all databases
             logger.info("removing auth user")
             # Remove auth function before broken-hook, while we can still connect to postgres.
-            self.remove_auth_function([PGB, PG])
+            self.remove_auth_function(self.collect_databases())
         except psycopg2.Error:
             remove_auth_fail_msg = (
                 "failed to remove auth user when disconnecting from postgres application."