Skip to content

Fix TLS flag #44

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 23 commits into from
Oct 27, 2022
Merged

Fix TLS flag #44

merged 23 commits into from
Oct 27, 2022

Conversation

marceloneppel
Copy link
Member

@marceloneppel marceloneppel commented Oct 26, 2022
edited
Loading

Issue

  • Jira issue: DPE-820
  • A TLS flag was not set when the charm was not ready but is already related to the TLS certificates operator. This commonly happens when the charm is deployed in a bundle together with the TLS certificates operator.
  • Also, another problem happened and was related to the charm sending a certificate signing request (CSR) with it's IP address as a DNS name instead of an IP address.

Solution

  • Update the code to correctly set the TLS flag when the workload hasn't started yet, but already has a relation with the TLS certificates operator.

Context

  • You can FOCUS on the following files when reviewing:

    • src/charm.py: has the change in the restart logic (to match the k8s charm) and also adds the missing change of the TLS flag (that is used internally by the charm to call the Patroni REST API using either HTTP or HTTPS).

    • tests/integration/test_tls.py: has the updates that Will made to improve the test (simulating what we have on a bundle deployment: no wait_for_idle).

  • Other files and what has changed on them:

Testing

  • The integration test was improved and two new units tests were added.

Release Notes

  • Fix TLS flag value change when the workload hasn't started yet.
  • Fix IP address on certificate signing request.

Thanks @WRFitch for starting this fixes.

WRFitch and others added 21 commits October 18, 2022 12:48
fix early tls deployment by only reloading patroni config if it's alr…
84fca0c 
…eady running
added unit test for reloading patroni
2b76d2e
lint
edcfb0c
removing postgres restart check
51cee09
adding series flags to test apps
5a97730
adding series flags to test apps
072252a
made series into a list
f340ccf
@WRFitch
Update test_new_relations.py
b537e82
updating test to better emulate bundle deploymen
60bc8e2
Merge branch 'fix-early-tls-deployment' of https://github.com/canonic…
dc3dd8f 
…al/postgresql-operator into fix-early-tls-deployment
updated tls lib
08afd96
@marceloneppel
Fix TLS IP address on CSR
fc442d2
removed failing test for now. This will be fixed before merge
df746ec
@marceloneppel
Fix TLS
3048622
@marceloneppel
Update TLS lib
3491333
@marceloneppel
Remove unneeded series
e0c041e
@marceloneppel
Add comment
0181b42
@marceloneppel
Add Juju agent version bootstrap constraint
5b13744
@marceloneppel
Add test for restart method
30f57d8
@marceloneppel
Update TLS lib
ba62fa8
@marceloneppel
Add test for update config method
f3d88ab
@codecov
Copy link

codecov bot commented Oct 26, 2022
edited
Loading

Codecov Report

Merging #44 (1bacda9) into main (4994516) will increase coverage by 1.60%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##             main      #44      +/-   ##
==========================================
+ Coverage   62.45%   64.05%   +1.60%     
==========================================
  Files           6        6              
  Lines         815      818       +3     
  Branches      122      121       -1     
==========================================
+ Hits          509      524      +15     
+ Misses        276      264      -12     
  Partials       30       30
Impacted Files Coverage Δ
src/charm.py 56.25% <100.00%> (+2.99%) ⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@marceloneppel marceloneppel marked this pull request as ready for review October 27, 2022 00:08
@marceloneppel marceloneppel changed the title Fix TLS switch Fix TLS flag Oct 27, 2022
Mehdi-Bendriss
Mehdi-Bendriss approved these changes Oct 27, 2022
View reviewed changes
Copy link

@Mehdi-Bendriss Mehdi-Bendriss left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Very good work, Marcelo!

MiaAltieri
MiaAltieri approved these changes Oct 27, 2022
View reviewed changes
Copy link
Contributor

@MiaAltieri MiaAltieri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great 2 minor comments

@marceloneppel marceloneppel merged commit 5c6e5f7 into main Oct 27, 2022
@marceloneppel marceloneppel deleted the fix-tls-switch branch October 27, 2022 09:58
@marceloneppel
Copy link
Member Author

Thanks for the reviews, @Mehdi-Bendriss and @MiaAltieri!

BON4 pushed a commit to BON4/postgresql-operator that referenced this pull request Apr 23, 2024
@marceloneppel @WRFitch
Fix TLS flag (canonical#44)
73bc73f 
* fix early tls deployment by only reloading patroni config if it's already running

* added unit test for reloading patroni

* lint

* removing postgres restart check

* adding series flags to test apps

* adding series flags to test apps

* made series into a list

* Update test_new_relations.py

* updating test to better emulate bundle deploymen

* updated tls lib

* Fix TLS IP address on CSR

* removed failing test for now. This will be fixed before merge

* Fix TLS

* Update TLS lib

* Remove unneeded series

* Add comment

* Add Juju agent version bootstrap constraint

* Add test for restart method

* Update TLS lib

* Add test for update config method

* Update TLS lib

* Improve comment

Co-authored-by: WRFitch <will.fitch@canonical.com>
Co-authored-by: Will Fitch <WRFitch@outlook.com>
github-actions bot added a commit to canonical/test-runners-2-github-x64-postgresql-operator that referenced this pull request May 23, 2024
@github-actions
Allure report canonical#44
96a25d8
github-actions bot added a commit to canonical/test-runners-2-azure-arm64-postgresql-operator that referenced this pull request May 23, 2024
@github-actions
Allure report canonical#44
1dbc423
github-actions bot added a commit to canonical/test-runners-2-is-x64-postgresql-operator that referenced this pull request May 23, 2024
@github-actions
Allure report canonical#44
f4c9347
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Mehdi-Bendriss Mehdi-Bendriss Mehdi-Bendriss approved these changes

@shayancanonical shayancanonical Awaiting requested review from shayancanonical

@marcoppenheimer marcoppenheimer Awaiting requested review from marcoppenheimer

@zmraul zmraul Awaiting requested review from zmraul

@welpaolo welpaolo Awaiting requested review from welpaolo

@WRFitch WRFitch Awaiting requested review from WRFitch

@paulomach paulomach Awaiting requested review from paulomach

@averma-canonical averma-canonical Awaiting requested review from averma-canonical

+1 more reviewer

@MiaAltieri MiaAltieri MiaAltieri approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@marceloneppel @MiaAltieri @Mehdi-Bendriss @WRFitch