158 lines
5.7 KiB
Python
158 lines
5.7 KiB
Python
#!/usr/bin/python
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
import base64
|
|
|
|
from charms.reactive import RelationBase
|
|
from charms.reactive import hook
|
|
from charms.reactive import scopes
|
|
|
|
|
|
class KeystoneRequires(RelationBase):
|
|
scope = scopes.GLOBAL
|
|
|
|
# These remote data fields will be automatically mapped to accessors
|
|
# with a basic documentation string provided.
|
|
|
|
auto_accessors = ['private-address', 'service_host', 'service_protocol',
|
|
'service_port', 'service_tenant', 'service_username',
|
|
'service_password', 'service_tenant_id', 'auth_host',
|
|
'auth_protocol', 'auth_port', 'admin_token', 'ssl_key',
|
|
'ca_cert', 'ssl_cert', 'https_keystone',
|
|
'ssl_cert_admin', 'ssl_cert_internal',
|
|
'ssl_cert_public', 'ssl_key_admin', 'ssl_key_internal',
|
|
'ssl_key_public', 'api_version', 'service_domain']
|
|
|
|
@hook('{requires:keystone}-relation-joined')
|
|
def joined(self):
|
|
self.set_state('{relation_name}.connected')
|
|
self.update_state()
|
|
|
|
def update_state(self):
|
|
if self.base_data_complete():
|
|
self.set_state('{relation_name}.available')
|
|
if self.ssl_data_complete():
|
|
self.set_state('{relation_name}.available.ssl')
|
|
else:
|
|
self.remove_state('{relation_name}.available.ssl')
|
|
if self.ssl_data_complete_legacy():
|
|
self.set_state('{relation_name}.available.ssl_legacy')
|
|
else:
|
|
self.remove_state('{relation_name}.available.ssl_legacy')
|
|
if self.auth_data_complete():
|
|
self.set_state('{relation_name}.available.auth')
|
|
else:
|
|
self.remove_state('{relation_name}.available.auth')
|
|
else:
|
|
self.remove_state('{relation_name}.available')
|
|
self.remove_state('{relation_name}.available.ssl')
|
|
self.remove_state('{relation_name}.available.ssl_legacy')
|
|
self.remove_state('{relation_name}.available.auth')
|
|
|
|
@hook('{requires:keystone}-relation-changed')
|
|
def changed(self):
|
|
self.update_state()
|
|
|
|
@hook('{requires:keystone}-relation-{broken,departed}')
|
|
def departed(self):
|
|
self.update_state()
|
|
|
|
def base_data_complete(self):
|
|
data = {
|
|
'private-address': self.private_address(),
|
|
'service_host': self.service_host(),
|
|
'service_protocol': self.service_protocol(),
|
|
'service_port': self.service_port(),
|
|
'auth_host': self.auth_host(),
|
|
'auth_protocol': self.auth_protocol(),
|
|
'auth_port': self.auth_port(),
|
|
}
|
|
if all(data.values()):
|
|
return True
|
|
return False
|
|
|
|
def auth_data_complete(self):
|
|
data = {
|
|
'service_tenant': self.service_tenant(),
|
|
'service_username': self.service_username(),
|
|
'service_password': self.service_password(),
|
|
'service_tenant_id': self.service_tenant_id(),
|
|
}
|
|
if all(data.values()):
|
|
return True
|
|
return False
|
|
|
|
def ssl_data_complete(self):
|
|
data = {
|
|
'ssl_cert_admin': self.ssl_cert_admin(),
|
|
'ssl_cert_internal': self.ssl_cert_internal(),
|
|
'ssl_cert_public': self.ssl_cert_public(),
|
|
'ssl_key_admin': self.ssl_key_admin(),
|
|
'ssl_key_internal': self.ssl_key_internal(),
|
|
'ssl_key_public': self.ssl_key_public(),
|
|
'ca_cert': self.ca_cert(),
|
|
}
|
|
for value in data.values():
|
|
if not value or value == '__null__':
|
|
return False
|
|
return True
|
|
|
|
def ssl_data_complete_legacy(self):
|
|
data = {
|
|
'ssl_key': self.ssl_key(),
|
|
'ssl_cert': self.ssl_cert(),
|
|
'ca_cert': self.ca_cert(),
|
|
}
|
|
for value in data.values():
|
|
if not value or value == '__null__':
|
|
return False
|
|
return True
|
|
|
|
def register_endpoints(self, service, region, public_url, internal_url,
|
|
admin_url):
|
|
"""
|
|
Register this service with keystone
|
|
"""
|
|
relation_info = {
|
|
'service': service,
|
|
'public_url': public_url,
|
|
'internal_url': internal_url,
|
|
'admin_url': admin_url,
|
|
'region': region,
|
|
}
|
|
self.set_local(**relation_info)
|
|
self.set_remote(**relation_info)
|
|
|
|
def request_keystone_endpoint_information(self):
|
|
self.register_endpoints('None', 'None', 'None', 'None', 'None')
|
|
|
|
def get_ssl_key(self, cn=None):
|
|
relation_key = 'ssl_key_{}'.format(cn) if cn else 'ssl_key'
|
|
key = self.get_remote(relation_key)
|
|
if key:
|
|
key = base64.b64decode(key).decode('utf-8')
|
|
return key
|
|
|
|
def get_ssl_cert(self, cn=None):
|
|
relation_key = 'ssl_cert_{}'.format(cn) if cn else 'ssl_cert'
|
|
cert = self.get_remote(relation_key)
|
|
if cert:
|
|
cert = base64.b64decode(cert).decode('utf-8')
|
|
return cert
|
|
|
|
def get_ssl_ca(self, cn=None):
|
|
ca = None
|
|
if self.ca_cert():
|
|
ca = base64.b64decode(self.ca_cert()).decode('utf-8')
|
|
return ca
|