Skip to content

Rework secrets #27

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Aug 24, 2022
Merged

Rework secrets #27

merged 3 commits into from
Aug 24, 2022

Conversation

@marceloneppel
Copy link
Member

@marceloneppel marceloneppel commented Aug 23, 2022
edited
Loading

Issue

  • Secrets like passwords and TLS certificates should be moved to Juju secrets in the future.
  • Currently, passwords are being set and retrieved from app relation data in multiple places, what can lead to a big refactor later (even more when we add TLS certificates to the charm).

Solution

  • Move secret implementation logic to specific functions that can be easily refactored in the future to use Juju secrets instead of app relation data.

Context

  • Unit peer relation property was also added for future use cases.
  • Some constants were created to avoid the same strings in multiple places.

Testing

  • Additional unit tests were added.
  • Tested using integration tests (to ensure the new implementation works the same way).

Release Notes

  • Add specific functions to set and get secrets.

@marceloneppel marceloneppel marked this pull request as ready for review August 23, 2022 19:10
paulomach
paulomach approved these changes Aug 23, 2022
View reviewed changes
Copy link
Contributor

@paulomach paulomach left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

no comments, pristine

WRFitch
WRFitch approved these changes Aug 24, 2022
View reviewed changes
src/charm.py
self.legacy_db_admin_relation = DbProvides(self, admin=True)

@property
def app_peer_data(self) -> Dict:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You might want to consider a separate peers.py class in the relations directory in future, since it's technically a relation.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah, good idea. In this specific case, it should be changed to use Juju secrets in the future, so I think it can be kept here.

@marceloneppel marceloneppel merged commit a336356 into main Aug 24, 2022
@marceloneppel marceloneppel mentioned this pull request Aug 25, 2022
Merged
@marceloneppel marceloneppel deleted the rework-secrets branch August 25, 2022 19:05
github-actions bot added a commit to canonical/test-runners-2-github-x64-postgresql-k8s-operator that referenced this pull request May 18, 2024
@github-actions
Allure report canonical#27
bd99d88
github-actions bot added a commit to canonical/test-runners-2-is-x64-postgresql-k8s-operator that referenced this pull request May 18, 2024
@github-actions
Allure report canonical#27
8486437
BON4 pushed a commit to BON4/postgresql-k8s-operator that referenced this pull request May 20, 2024
@marceloneppel
Rework secrets (canonical#27)
48e352b 
* Rework secrets management

* Add unit tests

* Add constants
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@paulomach paulomach paulomach approved these changes

@delgod delgod Awaiting requested review from delgod

@zmraul zmraul Awaiting requested review from zmraul

@shayancanonical shayancanonical Awaiting requested review from shayancanonical

@Mehdi-Bendriss Mehdi-Bendriss Awaiting requested review from Mehdi-Bendriss

@MiaAltieri MiaAltieri Awaiting requested review from MiaAltieri

@marcoppenheimer marcoppenheimer Awaiting requested review from marcoppenheimer

+1 more reviewer

@WRFitch WRFitch WRFitch approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@marceloneppel @paulomach @WRFitch