From b915f8e6f81df6a776fc1ad6725207a199440a3b Mon Sep 17 00:00:00 2001
From: Felipe Reyes <felipe.reyes@canonical.com>
Date: Thu, 26 Oct 2023 17:41:41 -0300
Subject: [PATCH] Use wss protocol when SSL enabled

This patch checks if HTTPS configuration is enabled in Apache to
determine if the websocket protocol should switch from 'ws' to 'wss' or
not.

Change-Id: I738652373604966b6df079e45a0ad26c83e21688
Closes-Bug: #2039490
---
 hooks/nova_cc_context.py            | 13 ++++++++++++-
 hooks/nova_cc_utils.py              |  5 ++---
 unit_tests/test_nova_cc_contexts.py | 12 ++++++++++++
 unit_tests/test_nova_cc_utils.py    |  8 ++++----
 4 files changed, 30 insertions(+), 8 deletions(-)

diff --git a/hooks/nova_cc_context.py b/hooks/nova_cc_context.py
index e244b6ac..1281b861 100644
--- a/hooks/nova_cc_context.py
+++ b/hooks/nova_cc_context.py
@@ -27,6 +27,10 @@ import charmhelpers.core.hookenv as hookenv
 
 import hooks.nova_cc_common as common
 
+APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
+APACHE_24_CONF_ENABLED = ('/etc/apache2/sites-enabled/'
+                          'openstack_https_frontend.conf')
+
 
 def context_complete(ctxt):
     _missing = []
@@ -595,10 +599,17 @@ class SerialConsoleContext(ch_context.OSContextGenerator):
         ip_addr = ch_ip.resolve_address(endpoint_type=ch_ip.PUBLIC)
         ip_addr = ch_network_ip.format_ipv6_addr(ip_addr) or ip_addr
 
+        if os.path.isfile(APACHE_24_CONF):
+            protocol = 'wss'
+        else:
+            protocol = 'ws'
+
         ctxt = {
             'enable_serial_console':
                 str(hookenv.config('enable-serial-console')).lower(),
-            'serial_console_base_url': 'ws://{}:6083/'.format(ip_addr),
+            'serial_console_base_url':
+                '{protocol}://{ip_addr}:6083/'.format(ip_addr=ip_addr,
+                                                      protocol=protocol),
         }
         if hookenv.config('enable-serial-console'):
             for rel_id in hookenv.relation_ids('dashboard'):
diff --git a/hooks/nova_cc_utils.py b/hooks/nova_cc_utils.py
index 1d9ae07a..bda6e142 100644
--- a/hooks/nova_cc_utils.py
+++ b/hooks/nova_cc_utils.py
@@ -113,7 +113,6 @@ VENDORDATA_FILE = '%s/vendor_data.json' % NOVA_CONF_DIR
 HAPROXY_CONF = '/etc/haproxy/haproxy.cfg'
 APACHE_PORTS_CONF = '/etc/apache2/ports.conf'
 APACHE_CONF = '/etc/apache2/sites-available/openstack_https_frontend'
-APACHE_24_CONF = '/etc/apache2/sites-available/openstack_https_frontend.conf'
 APACHE_SSL_DIR = '/etc/apache2/ssl/nova'
 MEMCACHED_CONF = '/etc/memcached.conf'
 WSGI_NOVA_PLACEMENT_API_CONF = \
@@ -218,7 +217,7 @@ def get_base_resource_map():
                     determine_ports)],
                 'services': ['apache2'],
             }),
-            (APACHE_24_CONF, {
+            (nova_cc_context.APACHE_24_CONF, {
                 'contexts': [nova_cc_context.ApacheSSLContext(
                     determine_ports)],
                 'services': ['apache2'],
@@ -273,7 +272,7 @@ def resource_map(actual_services=True):
     if os.path.exists('/etc/apache2/conf-available'):
         _resource_map.pop(APACHE_CONF)
     else:
-        _resource_map.pop(APACHE_24_CONF)
+        _resource_map.pop(nova_cc_context.APACHE_24_CONF)
 
     _resource_map[NOVA_CONF]['contexts'].append(
         nova_cc_context.NeutronCCContext())
diff --git a/unit_tests/test_nova_cc_contexts.py b/unit_tests/test_nova_cc_contexts.py
index e6d03fe2..a5407e89 100644
--- a/unit_tests/test_nova_cc_contexts.py
+++ b/unit_tests/test_nova_cc_contexts.py
@@ -565,6 +565,18 @@ class NovaComputeContextTests(CharmTestCase):
                                          '10.20.30.40']}
         )
 
+        with mock.patch('os.path.isfile') as isfile:
+            isfile.return_value = True
+            ctxt = context.SerialConsoleContext()()
+            self.assertEqual(
+                ctxt,
+                {'serial_console_base_url': 'wss://10.10.10.1:6083/',
+                 'enable_serial_console': 'true',
+                 'console_allowed_origins': ['myhostname', '1.2.3.4',
+                                             '10.20.30.40']}
+            )
+            isfile.assert_called_with(context.APACHE_24_CONF)
+
     @mock.patch.object(context, 'ch_cluster')
     @mock.patch('os.path.exists')
     @mock.patch('charmhelpers.contrib.openstack.ip.resolve_address')
diff --git a/unit_tests/test_nova_cc_utils.py b/unit_tests/test_nova_cc_utils.py
index 6e62e722..981f3644 100644
--- a/unit_tests/test_nova_cc_utils.py
+++ b/unit_tests/test_nova_cc_utils.py
@@ -453,10 +453,10 @@ class NovaCCUtilsTests(CharmTestCase):
         _exists.return_value = True
         self.os_release.return_value = 'diablo'
         _map = utils.restart_map()
-        self.assertTrue('/etc/apache2/sites-available/'
-                        'openstack_https_frontend.conf' in _map)
-        self.assertTrue('/etc/apache2/sites-available/'
-                        'openstack_https_frontend' not in _map)
+        self.assertIn('/etc/apache2/sites-available/'
+                      'openstack_https_frontend.conf', _map)
+        self.assertNotIn('/etc/apache2/sites-available/'
+                         'openstack_https_frontend', _map)
 
     @patch('charmhelpers.contrib.openstack.context.SubordinateConfigContext')
     @patch('os.path.exists')