Add use-public-endpoint config option

Currently, this charm sets the host_href config option with the
admin endpoint. This patch adds a config option to allow it to be
configured to use the public endpoint, so that the secrets could
be accessible through this endpoint.

Closes-bug: #1642769
Change-Id: Ice7131459753f15e1184c687a24301689df338e2
(cherry picked from commit c3bb1bb650)
This commit is contained in:
tpsilva 2022-02-11 14:20:32 -03:00 committed by Tiago Pasqualini da Silva
parent d679b0e814
commit 97fa818412
2 changed files with 19 additions and 1 deletions

View File

@ -44,3 +44,5 @@ options:
type: int
description: |
Maximum allowed http request size against the barbican-api.
use-internal-endpoints:
default: True

View File

@ -2,7 +2,23 @@
debug = {{ options.debug }}
bind_host = {{ options.service_listen_info.barbican_worker.ip }}
bind_port = {{ options.service_listen_info.barbican_worker.port }}
host_href = {{ options.external_endpoints.barbican_worker.url }}
{% if options.use_internal_endpoints %}
{% set hostname = options.os_admin_hostname %}
{% set port = options.port_map["barbican-worker"]["admin"] %}
{% else %}
{% set hostname = options.os_public_hostname %}
{% set port = options.port_map["barbican-worker"]["public"] %}
{%- endif %}
{% if options.ssl -%}
{% set proto = "https://" %}
{% else %}
{% set proto = "http://" %}
{%- endif %}
host_href = {{ proto }}{{ hostname }}:{{ port }}
db_auto_create = False
max_allowed_secret_in_bytes = {{ options.max_allowed_secret_size }}
max_allowed_request_size_in_bytes = {{ options.max_allowed_request_size }}