Merge "add restart and reload action"

2021-03-08 08:07:09 +00:00 · 2021-03-08 08:07:09 +00:00 · 1f6eac97dd
parent 2bdaf3d1b9 6521e42c1c
commit 1f6eac97dd
6 changed files with 37 additions and 0 deletions
--- a/src/README.md
+++ b/src/README.md
@ -219,6 +219,8 @@ Actions allow specific operations to be performed on a per-unit basis.
 * `reissue-certificates`
 * `resume`
 * `upload-signed-csr`
+* `reload`
+* `restart`

 To display action descriptions run `juju actions --schema vault`. If the charm
 is not deployed then see file `actions.yaml`.
--- a/src/actions.yaml
+++ b/src/actions.yaml
@ -134,3 +134,7 @@ pause:
  description: Pause the vault unit.
 resume:
  description: Resume the vault unit.
+restart:
+  description: Restarts the vault unit.
+reload:
+  description: Reloads the vault unit.
--- a/src/actions/actions.py
+++ b/src/actions/actions.py
@ -27,6 +27,7 @@ basic.init_config_states()

 import charmhelpers.core.hookenv as hookenv
 import charmhelpers.core.unitdata as unitdata
+import charmhelpers.core.host as host

 import charm.vault as vault
 import charm.vault_pki as vault_pki
@ -164,6 +165,31 @@ def resume(args):
    handlers.resume_vault_unit()


+def restart(args):
+    """Restart the Vault service.
+
+    The result of this action will be to have vault daemon
+    restarted.
+    Mind that this action will cause the Vault to be sealed.
+
+    """
+    host.service_restart(service_name='vault')
+
+
+def reload(args):
+    """Reload the Vault service.
+
+    The result of this action will be to have vault daemon
+    reloaded (preferably with HUP signal in systemd).
+    That allows for live changes in listener (only certs)
+    without need of User intervention to unseal the vault.
+    Unfortunately other options like disable_mlock, ui
+    are not supported.
+
+    """
+    host.service_reload(service_name='vault')
+
+
 # Actions to function mapping, to allow for illegal python action names that
 # can map to a python function.
 ACTIONS = {
@ -177,6 +203,8 @@ ACTIONS = {
    "disable-pki": disable_pki,
    "pause": pause,
    "resume": resume,
+    "restart": restart,
+    "reload": reload
 }


--- a/src/actions/reload
+++ b/src/actions/reload
@ -0,0 +1 @@
+actions.py
--- a/src/actions/restart
+++ b/src/actions/restart
@ -0,0 +1 @@
+actions.py
--- a/src/templates/vault.service.j2
+++ b/src/templates/vault.service.j2
@ -5,6 +5,7 @@ After=syslog.target
 [Service]
 Type=simple
 ExecStart=/snap/bin/vault server -config /var/snap/vault/common/vault.hcl
+ExecReload=/bin/kill --signal HUP $MAINPID
 Restart=always
 User=root