Improve snap channel refresh mechanism
- stop vault.service before rephrasing it
- added a warning note that changing the channel config option will
cause the vault to be sealed
Related-Bug: 2007587
Change-Id: I240ebb4bd14932a6bf95f41da3f2cd7776742266
(cherry picked from commit 9e927889d0)
This commit is contained in:
Robert Gildein
parent
ba1ffbf3b5
commit
4856a068e8
@ -56,6 +56,9 @@ options:
|
|||||||
default: 1.7/stable
|
default: 1.7/stable
|
||||||
description: >-
|
description: >-
|
||||||
The snap channel to install from.
|
The snap channel to install from.
|
||||||
|
WARNING: Changing this value will cause ALL the vault units to become
|
||||||
|
sealed, due to the snap refresh and the service being restarted on each
|
||||||
|
unit.
|
||||||
dns-ha-access-record:
|
dns-ha-access-record:
|
||||||
type: string
|
type: string
|
||||||
default:
|
default:
|
||||||
|
|||||||
@ -42,8 +42,8 @@ from charmhelpers.core.hookenv import (
|
|||||||
from charmhelpers.core.host import (
|
from charmhelpers.core.host import (
|
||||||
service,
|
service,
|
||||||
service_reload,
|
service_reload,
|
||||||
service_restart,
|
|
||||||
service_running,
|
service_running,
|
||||||
|
service_stop,
|
||||||
write_file,
|
write_file,
|
||||||
is_container,
|
is_container,
|
||||||
)
|
)
|
||||||
@ -185,12 +185,13 @@ def snap_refresh():
|
|||||||
channel = config('channel') or 'stable'
|
channel = config('channel') or 'stable'
|
||||||
if validate_snap_channel(channel):
|
if validate_snap_channel(channel):
|
||||||
clear_flag('snap.channel.invalid')
|
clear_flag('snap.channel.invalid')
|
||||||
snap.refresh('vault', channel=channel)
|
if snap.get_installed_channel("vault") != channel:
|
||||||
if vault.can_restart():
|
log("Stopping the vault.service to perform a snap refresh")
|
||||||
log("Restarting vault", level=DEBUG)
|
service_stop("vault")
|
||||||
service_restart('vault')
|
snap.refresh("vault", channel=channel)
|
||||||
if config('totally-unsecure-auto-unlock'):
|
log("Vault was refreshed to {}".format(channel))
|
||||||
vault.prepare_vault()
|
start_vault()
|
||||||
|
log("The vault.service has been started")
|
||||||
else:
|
else:
|
||||||
set_flag('snap.channel.invalid')
|
set_flag('snap.channel.invalid')
|
||||||
|
|
||||||
|
|||||||
@ -57,8 +57,8 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
|
|||||||
'log',
|
'log',
|
||||||
'network_get_primary_address',
|
'network_get_primary_address',
|
||||||
'open_port',
|
'open_port',
|
||||||
'service_restart',
|
|
||||||
'service_running',
|
'service_running',
|
||||||
|
'service_stop',
|
||||||
'service',
|
'service',
|
||||||
'set_state',
|
'set_state',
|
||||||
'status_set',
|
'status_set',
|
||||||
@ -549,31 +549,28 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
|
|||||||
self.config.assert_called_with('channel')
|
self.config.assert_called_with('channel')
|
||||||
self.set_flag.assert_called_with('snap.channel.invalid')
|
self.set_flag.assert_called_with('snap.channel.invalid')
|
||||||
|
|
||||||
@patch.object(handlers.vault, 'can_restart')
|
@mock.patch.object(handlers, "start_vault")
|
||||||
def test_snap_refresh_restartable(self, can_restart):
|
def test_snap_refresh_version_not_changed(self, mock_start_vault):
|
||||||
conf = {
|
conf = {'channel': '1.8/edge'}
|
||||||
'channel': 'edge',
|
|
||||||
'totally-unsecure-auto-unlock': False}
|
|
||||||
self.config.side_effect = lambda x: conf[x]
|
self.config.side_effect = lambda x: conf[x]
|
||||||
can_restart.return_value = True
|
self.snap.get_installed_channel.return_value = "1.8/edge"
|
||||||
handlers.snap_refresh()
|
handlers.snap_refresh()
|
||||||
self.snap.refresh.assert_called_with('vault', channel='edge')
|
self.config.assert_called_once_with("channel")
|
||||||
self.service_restart.assert_called_with('vault')
|
self.clear_flag.assert_called_once_with('snap.channel.invalid')
|
||||||
self.clear_flag.assert_called_with('snap.channel.invalid')
|
self.snap.refresh.assert_not_called()
|
||||||
config_calls = [
|
mock_start_vault.assert_not_called()
|
||||||
mock.call('channel'),
|
|
||||||
mock.call('totally-unsecure-auto-unlock')]
|
|
||||||
self.config.assert_has_calls(config_calls)
|
|
||||||
|
|
||||||
@patch.object(handlers.vault, 'can_restart')
|
@mock.patch.object(handlers, "start_vault")
|
||||||
def test_snap_refresh_not_restartable(self, can_restart):
|
def test_snap_refresh_version_changed(self, mock_start_vault):
|
||||||
self.config.return_value = 'edge'
|
conf = {'channel': '1.8/edge'}
|
||||||
can_restart.return_value = False
|
self.config.side_effect = lambda x: conf[x]
|
||||||
|
self.snap.get_installed_channel.return_value = "1.8/stable"
|
||||||
handlers.snap_refresh()
|
handlers.snap_refresh()
|
||||||
self.snap.refresh.assert_called_with('vault', channel='edge')
|
self.config.assert_called_with("channel")
|
||||||
self.config.assert_called_with('channel')
|
self.clear_flag.assert_called_once_with('snap.channel.invalid')
|
||||||
self.service_restart.assert_not_called()
|
self.service_stop.assert_called_once_with("vault")
|
||||||
self.clear_flag.assert_called_with('snap.channel.invalid')
|
self.snap.refresh.assert_called_once_with("vault", channel="1.8/edge")
|
||||||
|
mock_start_vault.assert_called_once()
|
||||||
|
|
||||||
def test_snap_refresh_invalid_channel(self):
|
def test_snap_refresh_invalid_channel(self):
|
||||||
self.config.return_value = 'foorbar'
|
self.config.return_value = 'foorbar'
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user