Backport support for access rules
This patch is a charm-helpers sync to get the fixes application credential access-rules. Change-Id: Id2e74e0e34edd82b288622780b13027d87bc7c96 Related-Bug: #1965967
This commit is contained in:
Edward Hope-Morley
parent
5c30e13a26
commit
be2aacea4f
|
|
@ -434,6 +434,9 @@ class IdentityServiceContext(OSContextGenerator):
|
|||
('password', ctxt.get('admin_password', '')),
|
||||
('signing_dir', ctxt.get('signing_dir', '')),))
|
||||
|
||||
if ctxt.get('service_type'):
|
||||
c.update((('service_type', ctxt.get('service_type')),))
|
||||
|
||||
return c
|
||||
|
||||
def __call__(self):
|
||||
|
|
@ -476,6 +479,9 @@ class IdentityServiceContext(OSContextGenerator):
|
|||
'internal_protocol': int_protocol,
|
||||
'api_version': api_version})
|
||||
|
||||
if rdata.get('service_type'):
|
||||
ctxt['service_type'] = rdata.get('service_type')
|
||||
|
||||
if float(api_version) > 2:
|
||||
ctxt.update({
|
||||
'admin_domain_name': rdata.get('service_domain'),
|
||||
|
|
@ -547,6 +553,9 @@ class IdentityCredentialsContext(IdentityServiceContext):
|
|||
'api_version': api_version
|
||||
})
|
||||
|
||||
if rdata.get('service_type'):
|
||||
ctxt['service_type'] = rdata.get('service_type')
|
||||
|
||||
if float(api_version) > 2:
|
||||
ctxt.update({'admin_domain_name':
|
||||
rdata.get('domain')})
|
||||
|
|
|
|||
|
|
@ -22,6 +22,8 @@ Listen {{ ext_port }}
|
|||
ProxyPassReverse / http://localhost:{{ int }}/
|
||||
ProxyPreserveHost on
|
||||
RequestHeader set X-Forwarded-Proto "https"
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
</VirtualHost>
|
||||
{% endfor -%}
|
||||
<Proxy *>
|
||||
|
|
|
|||
|
|
@ -22,6 +22,8 @@ Listen {{ ext_port }}
|
|||
ProxyPassReverse / http://localhost:{{ int }}/
|
||||
ProxyPreserveHost on
|
||||
RequestHeader set X-Forwarded-Proto "https"
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
</VirtualHost>
|
||||
{% endfor -%}
|
||||
<Proxy *>
|
||||
|
|
|
|||
|
|
@ -9,4 +9,7 @@ project_name = {{ admin_tenant_name }}
|
|||
username = {{ admin_user }}
|
||||
password = {{ admin_password }}
|
||||
signing_dir = {{ signing_dir }}
|
||||
{% if service_type -%}
|
||||
service_type = {{ service_type }}
|
||||
{% endif -%}
|
||||
{% endif -%}
|
||||
|
|
|
|||
|
|
@ -6,6 +6,9 @@ auth_uri = {{ service_protocol }}://{{ service_host }}:{{ service_port }}/v3
|
|||
auth_url = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}/v3
|
||||
project_domain_name = {{ admin_domain_name }}
|
||||
user_domain_name = {{ admin_domain_name }}
|
||||
{% if service_type -%}
|
||||
service_type = {{ service_type }}
|
||||
{% endif -%}
|
||||
{% else -%}
|
||||
auth_uri = {{ service_protocol }}://{{ service_host }}:{{ service_port }}
|
||||
auth_url = {{ auth_protocol }}://{{ auth_host }}:{{ auth_port }}
|
||||
|
|
|
|||
|
|
@ -20,6 +20,8 @@ Listen {{ public_port }}
|
|||
WSGIScriptAlias / {{ script }}
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
|
|
@ -46,6 +48,8 @@ Listen {{ public_port }}
|
|||
WSGIScriptAlias / {{ admin_script }}
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
|
|
@ -72,6 +76,8 @@ Listen {{ public_port }}
|
|||
WSGIScriptAlias / {{ public_script }}
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
|
|
|
|||
|
|
@ -20,6 +20,8 @@ Listen {{ public_port }}
|
|||
WSGIScriptAlias / {{ script }}
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
|
|
@ -46,6 +48,8 @@ Listen {{ public_port }}
|
|||
WSGIScriptAlias / {{ admin_script }}
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
|
|
@ -72,6 +76,8 @@ Listen {{ public_port }}
|
|||
WSGIScriptAlias / {{ public_script }}
|
||||
WSGIApplicationGroup %{GLOBAL}
|
||||
WSGIPassAuthorization On
|
||||
KeepAliveTimeout 75
|
||||
MaxKeepAliveRequests 1000
|
||||
<IfVersion >= 2.4>
|
||||
ErrorLogFormat "%{cu}t %M"
|
||||
</IfVersion>
|
||||
|
|
|
|||
|
|
@ -1039,7 +1039,7 @@ def _determine_os_workload_status(
|
|||
state, message, lambda: charm_func(configs))
|
||||
|
||||
if state is None:
|
||||
state, message = _ows_check_services_running(services, ports)
|
||||
state, message = ows_check_services_running(services, ports)
|
||||
|
||||
if state is None:
|
||||
state = 'active'
|
||||
|
|
@ -1213,7 +1213,12 @@ def _ows_check_charm_func(state, message, charm_func_with_configs):
|
|||
return state, message
|
||||
|
||||
|
||||
@deprecate("use ows_check_services_running() instead", "2022-05", log=juju_log)
|
||||
def _ows_check_services_running(services, ports):
|
||||
return ows_check_services_running(services, ports)
|
||||
|
||||
|
||||
def ows_check_services_running(services, ports):
|
||||
"""Check that the services that should be running are actually running
|
||||
and that any ports specified are being listened to.
|
||||
|
||||
|
|
|
|||
|
|
@ -813,8 +813,10 @@ def get_mon_map(service):
|
|||
ceph command fails.
|
||||
"""
|
||||
try:
|
||||
octopus_or_later = cmp_pkgrevno('ceph-common', '15.0.0') >= 0
|
||||
mon_status_cmd = 'quorum_status' if octopus_or_later else 'mon_status'
|
||||
mon_status = check_output(['ceph', '--id', service,
|
||||
'mon_status', '--format=json'])
|
||||
mon_status_cmd, '--format=json'])
|
||||
if six.PY3:
|
||||
mon_status = mon_status.decode('UTF-8')
|
||||
try:
|
||||
|
|
|
|||
Loading…
Reference in New Issue