openstack/charm-nova-cloud-controller
Code Issues Proposed changes

Use wss protocol when SSL enabled

Browse Source 
This patch checks if HTTPS configuration is enabled in Apache to
determine if the websocket protocol should switch from 'ws' to 'wss' or
not.

Change-Id: I738652373604966b6df079e45a0ad26c83e21688
Closes-Bug: #2039490
This commit is contained in:
Felipe Reyes 2023-10-26 17:41:41 -03:00
parent 3d237a44ec
commit b915f8e6f8
4 changed files with 30 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
hooks/nova_cc_context.py
View File

@ -27,6 +27,10 @@ import charmhelpers.core.hookenv as hookenv
import hooks.nova_cc_common as common
APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
APACHE_24_CONF_ENABLED = ('/etc/apache2/sites-enabled/'
'openstack_https_frontend.conf')
def context_complete(ctxt):
_missing = []
@ -595,10 +599,17 @@ class SerialConsoleContext(ch_context.OSContextGenerator):
ip_addr = ch_ip.resolve_address(endpoint_type=ch_ip.PUBLIC)
ip_addr = ch_network_ip.format_ipv6_addr(ip_addr) or ip_addr
if os.path.isfile(APACHE_24_CONF):
protocol = 'wss'
else:
protocol = 'ws'
ctxt = {
'enable_serial_console':
str(hookenv.config('enable-serial-console')).lower(),
'serial_console_base_url': 'ws://{}:6083/'.format(ip_addr),
'serial_console_base_url':
'{protocol}://{ip_addr}:6083/'.format(ip_addr=ip_addr,
protocol=protocol),
}
if hookenv.config('enable-serial-console'):
for rel_id in hookenv.relation_ids('dashboard'):

5
hooks/nova_cc_utils.py
View File

@ -113,7 +113,6 @@ VENDORDATA_FILE = '%s/vendor_data.json' % NOVA_CONF_DIR
HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
APACHE_PORTS_CONF = '/etc/apache2/ports.conf'
APACHE_CONF = '/etc/apache2/sites-available/openstack_https_frontend'
APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
APACHE_SSL_DIR = '/etc/apache2/ssl/nova'
MEMCACHED_CONF = '/etc/memcached.conf'
WSGI_NOVA_PLACEMENT_API_CONF = \
@ -218,7 +217,7 @@ def get_base_resource_map():
determine_ports)],
'services': ['apache2'],
}),
(APACHE_24_CONF, {
(nova_cc_context.APACHE_24_CONF, {
'contexts': [nova_cc_context.ApacheSSLContext(
determine_ports)],
'services': ['apache2'],
@ -273,7 +272,7 @@ def resource_map(actual_services=True):
if os.path.exists('/etc/apache2/conf-available'):
_resource_map.pop(APACHE_CONF)
else:
_resource_map.pop(APACHE_24_CONF)
_resource_map.pop(nova_cc_context.APACHE_24_CONF)
_resource_map[NOVA_CONF]['contexts'].append(
nova_cc_context.NeutronCCContext())

12
unit_tests/test_nova_cc_contexts.py
View File

@ -565,6 +565,18 @@ class NovaComputeContextTests(CharmTestCase):
'10.20.30.40']}
)
with mock.patch('os.path.isfile') as isfile:
isfile.return_value = True
ctxt = context.SerialConsoleContext()()
self.assertEqual(
ctxt,
{'serial_console_base_url': 'wss://10.10.10.1:6083/',
'enable_serial_console': 'true',
'console_allowed_origins': ['myhostname', '1.2.3.4',
'10.20.30.40']}
)
isfile.assert_called_with(context.APACHE_24_CONF)
@mock.patch.object(context, 'ch_cluster')
@mock.patch('os.path.exists')
@mock.patch('charmhelpers.contrib.openstack.ip.resolve_address')

8
unit_tests/test_nova_cc_utils.py
View File

@ -453,10 +453,10 @@ class NovaCCUtilsTests(CharmTestCase):
_exists.return_value = True
self.os_release.return_value = 'diablo'
_map = utils.restart_map()
self.assertTrue('/etc/apache2/sites-available/'
'openstack_https_frontend.conf' in _map)
self.assertTrue('/etc/apache2/sites-available/'
'openstack_https_frontend' not in _map)
self.assertIn('/etc/apache2/sites-available/'
'openstack_https_frontend.conf', _map)
self.assertNotIn('/etc/apache2/sites-available/'
'openstack_https_frontend', _map)
@patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
@patch('os.path.exists')