openstack/charm-placement
Code Issues Proposed changes

Add TLS support and tests

Browse Source 
The Placement API service needs to be TLS-terminated much like other API
services.

Change-Id: Iebacf2ca0569975c39d5bcecbb8bffa7be9a308d
Closes-Bug: #1871650
This commit is contained in:
Dmitrii Shcherbakov 2020-07-22 20:28:15 +03:00
parent c96b0a49a1
commit 8701afb1b3
7 changed files with 111 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/reactive/placement_handlers.py
View File

@ -37,6 +37,7 @@ charms_openstack.charm.use_defaults(
@reactive.when('identity-service.available')
def render_config(*args):
with charms_openstack.charm.provide_charm_instance() as placement_charm:
placement_charm.configure_tls()
placement_charm.render_with_interfaces(args)
placement_charm.assess_status()
reactive.set_state('config.rendered')

15
src/tests/bundles/bionic-train.yaml
View File

@ -27,6 +27,18 @@ relations:
- [ placement, mysql ]
- [ placement, keystone ]
- [ placement, nova-cloud-controller ]
- - vault:shared-db
- mysql:shared-db
- - vault:certificates
- keystone:certificates
- - vault:certificates
- placement:certificates
- - vault:certificates
- neutron-api:certificates
- - vault:certificates
- glance:certificates
- - vault:certificates
- nova-cloud-controller:certificates
applications:
rabbitmq-server:
charm: cs:~openstack-charmers-next/rabbitmq-server
@ -89,3 +101,6 @@ applications:
options:
openstack-origin: cloud:bionic-train
debug: true
vault:
num_units: 1
charm: cs:~openstack-charmers-next/vault

15
src/tests/bundles/bionic-ussuri.yaml
View File

@ -27,6 +27,18 @@ relations:
- [ placement, mysql ]
- [ placement, keystone ]
- [ placement, nova-cloud-controller ]
- - vault:shared-db
- mysql:shared-db
- - vault:certificates
- keystone:certificates
- - vault:certificates
- placement:certificates
- - vault:certificates
- neutron-api:certificates
- - vault:certificates
- glance:certificates
- - vault:certificates
- nova-cloud-controller:certificates
applications:
rabbitmq-server:
charm: cs:~openstack-charmers-next/rabbitmq-server
@ -91,3 +103,6 @@ applications:
options:
openstack-origin: cloud:bionic-ussuri
debug: true
vault:
num_units: 1
charm: cs:~openstack-charmers-next/vault

25
src/tests/bundles/focal-ussuri.yaml
View File

@ -20,6 +20,7 @@ machines:
'8':
'9':
'10':
'11':
applications:
@ -34,6 +35,8 @@ applications:
charm: cs:~openstack-charmers-next/mysql-router
placement-mysql-router:
charm: cs:~openstack-charmers-next/mysql-router
vault-mysql-router:
charm: cs:~openstack-charmers-next/mysql-router
mysql-innodb-cluster:
charm: cs:~openstack-charmers-next/mysql-innodb-cluster
@ -129,6 +132,12 @@ applications:
to:
- '10'
vault:
num_units: 1
charm: cs:~openstack-charmers-next/vault
to:
- '11'
relations:
- - 'keystone:shared-db'
@ -212,3 +221,19 @@ relations:
- - 'placement'
- 'nova-cloud-controller'
- - 'vault:shared-db'
- 'vault-mysql-router:shared-db'
- - 'vault-mysql-router:db-router'
- 'mysql-innodb-cluster:db-router'
- - 'vault:certificates'
- 'keystone:certificates'
- - 'vault:certificates'
- 'placement:certificates'
- - 'vault:certificates'
- 'neutron-api:certificates'
- - 'vault:certificates'
- 'glance:certificates'
- - 'vault:certificates'
- 'nova-cloud-controller:certificates'

25
src/tests/bundles/focal-victoria.yaml
View File

@ -20,6 +20,7 @@ machines:
'8':
'9':
'10':
'11':
applications:
@ -34,6 +35,8 @@ applications:
charm: cs:~openstack-charmers-next/mysql-router
placement-mysql-router:
charm: cs:~openstack-charmers-next/mysql-router
vault-mysql-router:
charm: cs:~openstack-charmers-next/mysql-router
mysql-innodb-cluster:
charm: cs:~openstack-charmers-next/mysql-innodb-cluster
@ -129,6 +132,12 @@ applications:
to:
- '10'
vault:
num_units: 1
charm: cs:~openstack-charmers-next/vault
to:
- '11'
relations:
- - 'keystone:shared-db'
@ -212,3 +221,19 @@ relations:
- - 'placement'
- 'nova-cloud-controller'
- - 'vault:shared-db'
- 'vault-mysql-router:shared-db'
- - 'vault-mysql-router:db-router'
- 'mysql-innodb-cluster:db-router'
- - 'vault:certificates'
- 'keystone:certificates'
- - 'vault:certificates'
- 'placement:certificates'
- - 'vault:certificates'
- 'neutron-api:certificates'
- - 'vault:certificates'
- 'glance:certificates'
- - 'vault:certificates'
- 'nova-cloud-controller:certificates'

25
src/tests/bundles/groovy-victoria.yaml
View File

@ -20,6 +20,7 @@ machines:
'8':
'9':
'10':
'11':
applications:
@ -34,6 +35,8 @@ applications:
charm: cs:~openstack-charmers-next/mysql-router
placement-mysql-router:
charm: cs:~openstack-charmers-next/mysql-router
vault-mysql-router:
charm: cs:~openstack-charmers-next/mysql-router
mysql-innodb-cluster:
charm: cs:~openstack-charmers-next/mysql-innodb-cluster
@ -129,6 +132,12 @@ applications:
to:
- '10'
vault:
num_units: 1
charm: cs:~openstack-charmers-next/vault
to:
- '11'
relations:
- - 'keystone:shared-db'
@ -212,3 +221,19 @@ relations:
- - 'placement'
- 'nova-cloud-controller'
- - 'vault:shared-db'
- 'vault-mysql-router:shared-db'
- - 'vault-mysql-router:db-router'
- 'mysql-innodb-cluster:db-router'
- - 'vault:certificates'
- 'keystone:certificates'
- - 'vault:certificates'
- 'placement:certificates'
- - 'vault:certificates'
- 'neutron-api:certificates'
- - 'vault:certificates'
- 'glance:certificates'
- - 'vault:certificates'
- 'nova-cloud-controller:certificates'

5
src/tests/tests.yaml
View File

@ -1,7 +1,12 @@
charm_name: placement
target_deploy_status:
vault:
workload-status: blocked
workload-status-message: Vault needs to be initialized
tests:
- zaza.openstack.charm_tests.nova.tests.CirrosGuestCreateTest
configure:
- zaza.openstack.charm_tests.vault.setup.auto_initialize
- zaza.openstack.charm_tests.glance.setup.add_cirros_image
- zaza.openstack.charm_tests.glance.setup.add_lts_image
- zaza.openstack.charm_tests.neutron.setup.basic_overcloud_network