openstack/charm-neutron-api
Code Issues Proposed changes

Check Apache ssl dir when determining restart map

Browse Source 
If the certificates change then services needs to
be restarted. This change adds the SSL directory to the restart map
to ensure any certificate changes trigger a restart.

Change-Id: I891b3104c08c6b9cde06ce30d4279a239ae329b1
Closes-Bug: 1828530
This commit is contained in:
Liam Young 2019-05-10 13:09:22 +00:00
parent 7bcb45381a
commit 1cdfc381ad
3 changed files with 34 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
hooks/neutron_api_utils.py
View File

@ -141,6 +141,7 @@ NEUTRON_VPNAAS_CONF = '%s/neutron_vpnaas.conf' % NEUTRON_CONF_DIR
HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
APACHE_CONF = '/etc/apache2/sites-available/openstack_https_frontend'
APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
APACHE_SSL_DIR = '/etc/apache2/ssl/neutron'
NEUTRON_DEFAULT = '/etc/default/neutron-server'
CA_CERT_PATH = '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt'
MEMCACHED_CONF = '/etc/memcached.conf'
@ -511,9 +512,13 @@ def register_configs(release=None):
def restart_map():
return OrderedDict([(cfg, v['services'])
for cfg, v in resource_map().items()
if v['services']])
restart_map = OrderedDict([(cfg, v['services'])
for cfg, v in resource_map().items()
if v['services']])
if os.path.isdir(APACHE_SSL_DIR):
restart_map['{}/*'.format(APACHE_SSL_DIR)] = ['apache2',
'neutron-server']
return restart_map
def services():

8
unit_tests/test_neutron_api_context.py
View File

@ -260,6 +260,7 @@ class IdentityServiceContext(CharmTestCase):
self.test_config.set('region', 'region457')
self.test_config.set('prefer-ipv6', False)
@patch.object(charmhelpers.contrib.openstack.context, 'os_release')
@patch.object(charmhelpers.contrib.openstack.context, 'format_ipv6_addr')
@patch.object(charmhelpers.contrib.openstack.context, 'context_complete')
@patch.object(charmhelpers.contrib.openstack.context, 'relation_get')
@ -267,7 +268,8 @@ class IdentityServiceContext(CharmTestCase):
@patch.object(charmhelpers.contrib.openstack.context, 'relation_ids')
@patch.object(charmhelpers.contrib.openstack.context, 'log')
def test_ids_ctxt(self, _log, _rids, _runits, _rget, _ctxt_comp,
format_ipv6_addr):
format_ipv6_addr, _os_release):
_os_release.return_value = 'rocky'
_rids.return_value = 'rid1'
_runits.return_value = 'runit'
_ctxt_comp.return_value = True
@ -284,9 +286,11 @@ class IdentityServiceContext(CharmTestCase):
ids_ctxt = context.IdentityServiceContext()
self.assertEqual(ids_ctxt()['region'], 'region457')
@patch.object(charmhelpers.contrib.openstack.context, 'os_release')
@patch.object(charmhelpers.contrib.openstack.context, 'relation_ids')
@patch.object(charmhelpers.contrib.openstack.context, 'log')
def test_ids_ctxt_no_rels(self, _log, _rids):
def test_ids_ctxt_no_rels(self, _log, _rids, _os_release):
_os_release.return_value = 'rocky'
_rids.return_value = []
ids_ctxt = context.IdentityServiceContext()
self.assertEqual(ids_ctxt(), None)

20
unit_tests/test_neutron_api_utils.py
View File

@ -223,6 +223,26 @@ class TestNeutronAPIUtils(CharmTestCase):
])
self.assertEqual(_restart_map, expect)
@patch.object(nutils.os.path, 'isdir')
@patch.object(nutils.os.path, 'exists')
def test_restart_map_ssl(self, mock_path_exists, mock_path_isdir):
self.os_release.return_value = 'havana'
mock_path_exists.return_value = False
mock_path_isdir.return_value = True
_restart_map = nutils.restart_map()
ML2CONF = "/etc/neutron/plugins/ml2/ml2_conf.ini"
expect = OrderedDict([
(nutils.NEUTRON_CONF, ['neutron-server']),
(nutils.NEUTRON_DEFAULT, ['neutron-server']),
(nutils.API_PASTE_INI, ['neutron-server']),
(nutils.APACHE_CONF, ['apache2']),
(nutils.HAPROXY_CONF, ['haproxy']),
(ML2CONF, ['neutron-server']),
('{}/*'.format(nutils.APACHE_SSL_DIR),
['apache2', 'neutron-server']),
])
self.assertEqual(_restart_map, expect)
@patch('os.path.exists')
def test_register_configs(self, mock_path_exists):
self.os_release.return_value = 'havana'