Clear ssl_ca when certificates relation departs
Closes-Bug: #1914299 Change-Id: I573ac3519687f48790809bd3c1c61fba1f5a54da
This commit is contained in:
parent
e84d862890
commit
ee2aff9278
|
@ -1137,6 +1137,12 @@ class MySQLInnoDBClusterCharm(charms_openstack.charm.OpenStackCharm):
|
||||||
:returns: True if successful
|
:returns: True if successful
|
||||||
:rtype: Bool
|
:rtype: Bool
|
||||||
"""
|
"""
|
||||||
|
if interface is None:
|
||||||
|
ch_core.hookenv.log(
|
||||||
|
"create_databases_and_users received a NoneType interface. "
|
||||||
|
"We may be in a departing hook. Skipping "
|
||||||
|
"create_databases_and_users", "WARNING")
|
||||||
|
return False
|
||||||
completed = []
|
completed = []
|
||||||
db_host = ch_net_ip.get_relation_ip(interface.endpoint_name)
|
db_host = ch_net_ip.get_relation_ip(interface.endpoint_name)
|
||||||
db_helper = self.get_db_helper()
|
db_helper = self.get_db_helper()
|
||||||
|
@ -1180,6 +1186,14 @@ class MySQLInnoDBClusterCharm(charms_openstack.charm.OpenStackCharm):
|
||||||
allowed_units = " ".join(
|
allowed_units = " ".join(
|
||||||
[x.unit_name for x in unit.relation.joined_units])
|
[x.unit_name for x in unit.relation.joined_units])
|
||||||
|
|
||||||
|
if not self.ssl_ca:
|
||||||
|
# Reset ssl_ca in case we previously had it set
|
||||||
|
ch_core.hookenv.log(
|
||||||
|
"Proactively resetting ssl_ca", "DEBUG")
|
||||||
|
interface.relations[
|
||||||
|
unit.relation.relation_id].to_publish_raw[
|
||||||
|
"ssl_ca"] = None
|
||||||
|
|
||||||
# Only set relation data if db/user create was successful
|
# Only set relation data if db/user create was successful
|
||||||
if password:
|
if password:
|
||||||
interface.set_db_connection_info(
|
interface.set_db_connection_info(
|
||||||
|
|
|
@ -338,7 +338,8 @@ def request_certificates():
|
||||||
|
|
||||||
@reactive.when_any(
|
@reactive.when_any(
|
||||||
'certificates.ca.changed',
|
'certificates.ca.changed',
|
||||||
'certificates.certs.changed')
|
'certificates.certs.changed',
|
||||||
|
'endpoint.certificates.departed')
|
||||||
def configure_certificates():
|
def configure_certificates():
|
||||||
"""When the certificates interface is available, this default handler
|
"""When the certificates interface is available, this default handler
|
||||||
updates on-disk certificates and switches on the TLS support.
|
updates on-disk certificates and switches on the TLS support.
|
||||||
|
|
Loading…
Reference in New Issue