From 89ed4456c63df5c453201e7b4ef776920f398f1a Mon Sep 17 00:00:00 2001
From: Felipe Reyes <felipe.reyes@canonical.com>
Date: Thu, 26 Oct 2023 17:41:41 -0300
Subject: [PATCH] Use wss protocol when SSL enabled

This patch checks if HTTPS configuration is enabled in Apache to
determine if the websocket protocol should switch from 'ws' to 'wss' or
not.

Change-Id: I738652373604966b6df079e45a0ad26c83e21688
Closes-Bug: #2039490
(cherry picked from commit b915f8e6f81df6a776fc1ad6725207a199440a3b)
---
 hooks/nova_cc_context.py            | 13 ++++++++++++-
 hooks/nova_cc_utils.py              |  5 ++---
 unit_tests/test_nova_cc_contexts.py | 12 ++++++++++++
 unit_tests/test_nova_cc_utils.py    |  8 ++++----
 4 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/hooks/nova_cc_context.py b/hooks/nova_cc_context.py
index dca04d29..fd16e107 100644
--- a/hooks/nova_cc_context.py
+++ b/hooks/nova_cc_context.py
@@ -27,6 +27,10 @@ import charmhelpers.core.hookenv as hookenv
 
 import hooks.nova_cc_common as common
 
+APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
+APACHE_24_CONF_ENABLED = ('/etc/apache2/sites-enabled/'
+                          'openstack_https_frontend.conf')
+
 
 def context_complete(ctxt):
     _missing = []
@@ -572,10 +576,17 @@ class SerialConsoleContext(ch_context.OSContextGenerator):
         ip_addr = ch_ip.resolve_address(endpoint_type=ch_ip.PUBLIC)
         ip_addr = ch_network_ip.format_ipv6_addr(ip_addr) or ip_addr
 
+        if os.path.isfile(APACHE_24_CONF):
+            protocol = 'wss'
+        else:
+            protocol = 'ws'
+
         ctxt = {
             'enable_serial_console':
                 str(hookenv.config('enable-serial-console')).lower(),
-            'serial_console_base_url': 'ws://{}:6083/'.format(ip_addr),
+            'serial_console_base_url':
+                '{protocol}://{ip_addr}:6083/'.format(ip_addr=ip_addr,
+                                                      protocol=protocol),
         }
         if hookenv.config('enable-serial-console'):
             for rel_id in hookenv.relation_ids('dashboard'):
diff --git a/hooks/nova_cc_utils.py b/hooks/nova_cc_utils.py
index 1d9ae07a..bda6e142 100644
--- a/hooks/nova_cc_utils.py
+++ b/hooks/nova_cc_utils.py
@@ -113,7 +113,6 @@ VENDORDATA_FILE = '%s/vendor_data.json' % NOVA_CONF_DIR
 HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
 APACHE_PORTS_CONF = '/etc/apache2/ports.conf'
 APACHE_CONF = '/etc/apache2/sites-available/openstack_https_frontend'
-APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
 APACHE_SSL_DIR = '/etc/apache2/ssl/nova'
 MEMCACHED_CONF = '/etc/memcached.conf'
 WSGI_NOVA_PLACEMENT_API_CONF = \
@@ -218,7 +217,7 @@ def get_base_resource_map():
                     determine_ports)],
                 'services': ['apache2'],
             }),
-            (APACHE_24_CONF, {
+            (nova_cc_context.APACHE_24_CONF, {
                 'contexts': [nova_cc_context.ApacheSSLContext(
                     determine_ports)],
                 'services': ['apache2'],
@@ -273,7 +272,7 @@ def resource_map(actual_services=True):
     if os.path.exists('/etc/apache2/conf-available'):
         _resource_map.pop(APACHE_CONF)
     else:
-        _resource_map.pop(APACHE_24_CONF)
+        _resource_map.pop(nova_cc_context.APACHE_24_CONF)
 
     _resource_map[NOVA_CONF]['contexts'].append(
         nova_cc_context.NeutronCCContext())
diff --git a/unit_tests/test_nova_cc_contexts.py b/unit_tests/test_nova_cc_contexts.py
index 5bc2c0a7..7afa00e3 100644
--- a/unit_tests/test_nova_cc_contexts.py
+++ b/unit_tests/test_nova_cc_contexts.py
@@ -562,6 +562,18 @@ class NovaComputeContextTests(CharmTestCase):
                                          '10.20.30.40']}
         )
 
+        with mock.patch('os.path.isfile') as isfile:
+            isfile.return_value = True
+            ctxt = context.SerialConsoleContext()()
+            self.assertEqual(
+                ctxt,
+                {'serial_console_base_url': 'wss://10.10.10.1:6083/',
+                 'enable_serial_console': 'true',
+                 'console_allowed_origins': ['myhostname', '1.2.3.4',
+                                             '10.20.30.40']}
+            )
+            isfile.assert_called_with(context.APACHE_24_CONF)
+
     @mock.patch.object(context, 'ch_cluster')
     @mock.patch('os.path.exists')
     @mock.patch('charmhelpers.contrib.openstack.ip.resolve_address')
diff --git a/unit_tests/test_nova_cc_utils.py b/unit_tests/test_nova_cc_utils.py
index f2cf3704..7f6444b3 100644
--- a/unit_tests/test_nova_cc_utils.py
+++ b/unit_tests/test_nova_cc_utils.py
@@ -453,10 +453,10 @@ class NovaCCUtilsTests(CharmTestCase):
         _exists.return_value = True
         self.os_release.return_value = 'diablo'
         _map = utils.restart_map()
-        self.assertTrue('/etc/apache2/sites-available/'
-                        'openstack_https_frontend.conf' in _map)
-        self.assertTrue('/etc/apache2/sites-available/'
-                        'openstack_https_frontend' not in _map)
+        self.assertIn('/etc/apache2/sites-available/'
+                      'openstack_https_frontend.conf', _map)
+        self.assertNotIn('/etc/apache2/sites-available/'
+                         'openstack_https_frontend', _map)
 
     @patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
     @patch('os.path.exists')