diff --git a/src/README.md b/src/README.md index 981e2f6..f7fda9f 100644 --- a/src/README.md +++ b/src/README.md @@ -141,6 +141,7 @@ The key PEM file is the resource file for sp-private-key.pem. The certificate PEM data will be placed in an XML document and will become the sp-signing-keyinfo.xml resource file. +``` @@ -153,7 +154,7 @@ sp-signing-keyinfo.xml resource file. - +``` Set the protocol. This must match the protocol used in the post-deployment configuration steps. We recommend the protocol "mapped." @@ -177,7 +178,7 @@ Attach resources Get keystones SP metadata XML and exchange it with your idP - juju run --unit keystone/0 "cat /etc/apache2/mellon/sp-meta.keystone-saml-mellon.xml" + juju run-action keystone-saml-mellon/0 get-sp-metadata # Post-deployment Configuration diff --git a/src/actions.yaml b/src/actions.yaml new file mode 100644 index 0000000..e98c8ee --- /dev/null +++ b/src/actions.yaml @@ -0,0 +1,4 @@ +get-sp-metadata: + description: | + Display the Service Provider metadata to be exchanged with the Identity + Provider. diff --git a/src/actions/actions.py b/src/actions/actions.py new file mode 100755 index 0000000..72c3b31 --- /dev/null +++ b/src/actions/actions.py @@ -0,0 +1,60 @@ +#!/usr/local/sbin/charm-env python3 +# Copyright 2019 Canonical Ltd +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import os +import sys +import charmhelpers.core.hookenv as hookenv + + +SP_METADATA_FILE = "/etc/apache2/mellon/sp-meta.keystone-saml-mellon.xml" + + +def get_sp_metadata(*args): + if not os.path.exists(SP_METADATA_FILE): + return hookenv.action_fail( + "The SP metadata file {} does not exist" + .format(SP_METADATA_FILE)) + sp_metadata = "" + # By stripping double new lines and tabs we get human readable xml + # Otherwise, show-action-status is a garbled mess + with open(SP_METADATA_FILE, 'r') as f: + for line in f.readlines(): + line = line.replace("\t", " ") + if line.strip(" ") == "\n": + continue + sp_metadata += line + return hookenv.action_set({"output": sp_metadata}) + + +ACTIONS = { + 'get-sp-metadata': get_sp_metadata, +} + + +def main(args): + action_name = os.path.basename(args[0]) + try: + action = ACTIONS[action_name] + except KeyError: + return 'Action {} undefined'.format(action_name) + else: + try: + action(args) + except Exception as e: + hookenv.action_fail(str(e)) + + +if __name__ == '__main__': + sys.exit(main(sys.argv)) diff --git a/src/actions/get-sp-metadata b/src/actions/get-sp-metadata new file mode 120000 index 0000000..405a394 --- /dev/null +++ b/src/actions/get-sp-metadata @@ -0,0 +1 @@ +actions.py \ No newline at end of file diff --git a/src/layer.yaml b/src/layer.yaml index 98a76b8..fca619a 100644 --- a/src/layer.yaml +++ b/src/layer.yaml @@ -5,4 +5,3 @@ options: use_venv: True include_system_packages: True packages: ['python3-lxml', 'python3-cryptography'] - repo: https://github.com/dshcherb/charm-keystone-saml-mellon diff --git a/src/tox.ini b/src/tox.ini index 305bee3..f7075b4 100644 --- a/src/tox.ini +++ b/src/tox.ini @@ -1,4 +1,4 @@ -# Classic charm: ./tox.ini +# Source charm: ./src/tox.ini # This file is managed centrally by release-tools and should not be modified # within individual charm repos. [tox]