Support disabling apache wsgi socket rotation

Bug LP 1863232 introduced a new Apache configuration option called WSGISocketRotation which allows users to disable wsgi socket rotation. This patch makes this configurable with a new wsgi-socket-rotation config option that defaults to the Apache default and can optionally be set to False. Closes-Bug: #2021550 Change-Id: I671f4b7f655f12cc558fc64116e31f16560dd2e7
2023-09-04 18:30:45 +08:00 · 2023-09-04 18:30:45 +08:00 · 5c34112030
parent 21c1ab037e
commit 5c34112030
8 changed files with 80 additions and 22 deletions
--- a/charmhelpers/contrib/openstack/cert_utils.py
+++ b/charmhelpers/contrib/openstack/cert_utils.py
@ -414,18 +414,27 @@ def get_requests_for_local_unit(relation_name=None):
        is_legacy_request = set(sent).intersection(legacy_keys)
        for unit in related_units(rid):
            data = relation_get(rid=rid, unit=unit)
-            if data.get(raw_certs_key):
-                bundles.append({
-                    'ca': data['ca'],
-                    'chain': data.get('chain'),
-                    'certs': json.loads(data[raw_certs_key])})
-            elif is_legacy_request:
-                bundles.append({
-                    'ca': data['ca'],
-                    'chain': data.get('chain'),
-                    'certs': {sent['common_name']:
-                              {'cert': data.get(local_name + '.server.cert'),
-                               'key': data.get(local_name + '.server.key')}}})
+            # Note: Bug#2028683 - data may not be available if the certificates
+            # relation hasn't been populated by the providing charm. If no 'ca'
+            # in the data then don't attempt the bundle at all.
+            if data.get('ca'):
+                if data.get(raw_certs_key):
+                    bundles.append({
+                        'ca': data['ca'],
+                        'chain': data.get('chain'),
+                        'certs': json.loads(data[raw_certs_key])
+                    })
+                elif is_legacy_request:
+                    bundles.append({
+                        'ca': data['ca'],
+                        'chain': data.get('chain'),
+                        'certs': {
+                            sent['common_name']: {
+                                'cert': data.get(local_name + '.server.cert'),
+                                'key': data.get(local_name + '.server.key')
+                            }
+                        }
+                    })

    return bundles

--- a/charmhelpers/contrib/openstack/context.py
+++ b/charmhelpers/contrib/openstack/context.py
@ -1748,9 +1748,9 @@ class WSGIWorkerConfigContext(WorkerConfigContext):

    def __call__(self):
        total_processes = _calculate_workers()
-        enable_wsgi_rotation = config('wsgi-rotation')
-        if enable_wsgi_rotation is None:
-            enable_wsgi_rotation = True
+        enable_wsgi_socket_rotation = config('wsgi-socket-rotation')
+        if enable_wsgi_socket_rotation is None:
+            enable_wsgi_socket_rotation = True
        ctxt = {
            "service_name": self.service_name,
            "user": self.user,
@ -1764,7 +1764,7 @@ class WSGIWorkerConfigContext(WorkerConfigContext):
            "public_processes": int(math.ceil(self.public_process_weight *
                                              total_processes)),
            "threads": 1,
-            "wsgi_rotation": enable_wsgi_rotation,
+            "wsgi_socket_rotation": enable_wsgi_socket_rotation,
        }
        return ctxt

--- a/charmhelpers/contrib/openstack/templates/wsgi-openstack-api.conf
+++ b/charmhelpers/contrib/openstack/templates/wsgi-openstack-api.conf
@ -12,7 +12,7 @@ Listen {{ admin_port }}
 Listen {{ public_port }}
 {% endif -%}

-{% if wsgi_rotation -%}
+{% if wsgi_socket_rotation -%}
 WSGISocketRotation On
 {% else -%}
 WSGISocketRotation Off
--- a/charmhelpers/contrib/openstack/templates/wsgi-openstack-metadata.conf
+++ b/charmhelpers/contrib/openstack/templates/wsgi-openstack-metadata.conf
@ -12,7 +12,7 @@ Listen {{ admin_port }}
 Listen {{ public_port }}
 {% endif -%}

-{% if wsgi_rotation -%}
+{% if wsgi_socket_rotation -%}
 WSGISocketRotation On
 {% else -%}
 WSGISocketRotation Off
--- a/charmhelpers/contrib/storage/linux/ceph.py
+++ b/charmhelpers/contrib/storage/linux/ceph.py
@ -158,15 +158,19 @@ def get_osd_settings(relation_name):
    return _order_dict_by_key(osd_settings)


-def send_application_name(relid=None):
+def send_application_name(relid=None, app_name=None):
    """Send the application name down the relation.

    :param relid: Relation id to set application name in.
    :type relid: str
+    :param app_name: Application name to send in the relation.
+    :type app_name: str
    """
+    if app_name is None:
+        app_name = application_name()
    relation_set(
        relation_id=relid,
-        relation_settings={'application-name': application_name()})
+        relation_settings={'application-name': app_name})


 def send_osd_settings():
--- a/charmhelpers/core/unitdata.py
+++ b/charmhelpers/core/unitdata.py
@ -151,6 +151,7 @@ import contextlib
 import datetime
 import itertools
 import json
+import logging
 import os
 import pprint
 import sqlite3
@ -521,6 +522,42 @@ _KV = None

 def kv():
    global _KV
+
+    # If we are running unit tests, it is useful to go into memory-backed KV store to
+    # avoid concurrency issues when running multiple tests. This is not a
+    # problem when juju is running normally.
+
+    env_var = os.environ.get("CHARM_HELPERS_TESTMODE", "auto").lower()
+    if env_var not in ["auto", "no", "yes"]:
+        logging.warning("Unknown value for CHARM_HELPERS_TESTMODE '%s'"
+                        ", assuming 'no'", env_var)
+        env_var = "no"
+
+    if env_var == "no":
+        in_memory_db = False
+    elif env_var == "yes":
+        in_memory_db = True
+    elif env_var == "auto":
+        # If UNIT_STATE_DB is set, respect this request
+        if "UNIT_STATE_DB" in os.environ:
+            in_memory_db = False
+        # Autodetect normal juju execution by looking for juju variables
+        elif "JUJU_CHARM_DIR" in os.environ or "JUJU_UNIT_NAME" in os.environ:
+            in_memory_db = False
+        else:
+            # We are probably running in unit test mode
+            logging.warning("Auto-detected unit test environment for KV store.")
+            in_memory_db = True
+    else:
+        # Help the linter realise that in_memory_db is always set
+        raise Exception("Cannot reach this line")
+
    if _KV is None:
-        _KV = Storage()
+        if in_memory_db:
+            _KV = Storage(":memory:")
+        else:
+            _KV = Storage()
+    else:
+        if in_memory_db and _KV.db_path != ":memory:":
+            logging.warning("Running with in_memory_db and KV is not set to :memory:")
    return _KV
--- a/charmhelpers/fetch/snap.py
+++ b/charmhelpers/fetch/snap.py
@ -52,7 +52,7 @@ def _snap_exec(commands):
    :param commands: List commands
    :return: Integer exit code
    """
-    assert type(commands) == list
+    assert isinstance(commands, list)

    retry_count = 0
    return_code = None
--- a/config.yaml
+++ b/config.yaml
@ -492,3 +492,11 @@ options:
    description: |
      This option can be used to toggle the Router/Floating-IP panel visibility in dashboard.
      Set True for visibility and False to hide.
+  wsgi-socket-rotation:
+    type: boolean
+    default: True
+    description: |
+      Allow users to disable Apache wsgi socket rotation. If not configured,
+      this option sets True as the default value, which is consistent with the
+      default value 'WSGISocketRotation On' in Apache. This option should be
+      used with caution. Please read the Apache doc page for more information.