openstack
/
charm-mysql-innodb-cluster
Code Issues Proposed changes

Clear ssl_ca when certificates relation departs 

Closes-Bug: #1914299
Change-Id: I573ac3519687f48790809bd3c1c61fba1f5a54da
This commit is contained in:
David Ames 2021-02-03 14:31:03 -08:00 committed by Aurelien Lourot
parent e84d862890
commit ee2aff9278
2 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/lib/charm/openstack/mysql_innodb_cluster.py
View File

@ -1137,6 +1137,12 @@ class MySQLInnoDBClusterCharm(charms_openstack.charm.OpenStackCharm):
:returns: True if successful
:rtype: Bool
"""
if interface is None:
ch_core.hookenv.log(
"create_databases_and_users received a NoneType interface. "
"We may be in a departing hook. Skipping "
"create_databases_and_users", "WARNING")
return False
completed = []
db_host = ch_net_ip.get_relation_ip(interface.endpoint_name)
db_helper = self.get_db_helper()
@ -1180,6 +1186,14 @@ class MySQLInnoDBClusterCharm(charms_openstack.charm.OpenStackCharm):
allowed_units = " ".join(
[x.unit_name for x in unit.relation.joined_units])
if not self.ssl_ca:
# Reset ssl_ca in case we previously had it set
ch_core.hookenv.log(
"Proactively resetting ssl_ca", "DEBUG")
interface.relations[
unit.relation.relation_id].to_publish_raw[
"ssl_ca"] = None
# Only set relation data if db/user create was successful
if password:
interface.set_db_connection_info(

3
src/reactive/mysql_innodb_cluster_handlers.py
View File

@ -338,7 +338,8 @@ def request_certificates():
@reactive.when_any(
'certificates.ca.changed',
'certificates.certs.changed')
'certificates.certs.changed',
'endpoint.certificates.departed')
def configure_certificates():
"""When the certificates interface is available, this default handler
updates on-disk certificates and switches on the TLS support.