From 8092d81e3c3783131e34dd09bfffcc09692c41e2 Mon Sep 17 00:00:00 2001 From: Dragomir Penev Date: Mon, 9 Jan 2023 14:53:20 +0200 Subject: [PATCH 1/2] Prevent relation extensions --- .github/workflows/ci.yaml | 20 ++++++++++---------- src/relations/db.py | 4 +++- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 0a37b1a80b..b66f14f986 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Install dependencies run: python3 -m pip install tox - name: Run linters @@ -20,13 +20,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Install dependencies run: python -m pip install tox - name: Run tests run: tox -e unit - name: Upload Coverage to Codecov - uses: codecov/codecov-action@v2 + uses: codecov/codecov-action@v3 integration-test-lxd-charm: name: Integration tests for charm deployment (lxd) @@ -36,7 +36,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: @@ -52,7 +52,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: @@ -86,7 +86,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: @@ -102,7 +102,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: @@ -120,7 +120,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: @@ -136,7 +136,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup operator environment uses: charmed-kubernetes/actions-operator@main with: diff --git a/src/relations/db.py b/src/relations/db.py index 601eb0e479..c7785e2725 100644 --- a/src/relations/db.py +++ b/src/relations/db.py @@ -92,7 +92,9 @@ def _on_relation_changed(self, event: RelationChangedEvent) -> None: application_relation_databag = event.relation.data[self.charm.app] # Do not allow apps requesting extensions to be installed. - if "extensions" in unit_relation_databag or "extensions" in application_relation_databag: + if "extensions" in event.relation.data[ + event.app + ] or "extensions" in event.relation.data.get(event.unit, {}): logger.error( "ERROR - `extensions` cannot be requested through relations" " - they should be installed through a database charm config in the future" From 4ee6f3b050967cff958c3fe8d1899bca5f8282c8 Mon Sep 17 00:00:00 2001 From: Dragomir Penev Date: Wed, 11 Jan 2023 01:30:20 +0200 Subject: [PATCH 2/2] Integration test --- tests/integration/test_db.py | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/tests/integration/test_db.py b/tests/integration/test_db.py index 7212d53086..f0ccb56e29 100644 --- a/tests/integration/test_db.py +++ b/tests/integration/test_db.py @@ -5,6 +5,7 @@ import psycopg2 as psycopg2 import pytest as pytest +from juju.errors import JujuUnitError from mailmanclient import Client from pytest_operator.plugin import OpsTest @@ -14,6 +15,7 @@ check_database_users_existence, check_databases_creation, deploy_and_relate_application_with_postgresql, + find_unit, ) logger = logging.getLogger(__name__) @@ -156,3 +158,39 @@ async def test_relation_data_is_updated_correctly_when_scaling(ops_test: OpsTest await ops_test.model.wait_for_idle(apps=[DATABASE_APP_NAME], status="active", timeout=1000) with pytest.raises(psycopg2.OperationalError): psycopg2.connect(primary_connection_string) + + +@pytest.mark.db_relation_tests +async def test_nextcloud_db_blocked(ops_test: OpsTest, charm: str) -> None: + async with ops_test.fast_forward(): + # Deploy Nextcloud. + await ops_test.model.deploy( + "nextcloud", + channel="edge", + application_name="nextcloud", + num_units=APPLICATION_UNITS, + ) + await ops_test.model.wait_for_idle( + apps=["nextcloud"], + status="blocked", + raise_on_blocked=False, + timeout=1000, + ) + + await ops_test.model.relate("nextcloud:db", f"{DATABASE_APP_NAME}:db") + + # Only the leader will block + leader_unit = await find_unit(ops_test, DATABASE_APP_NAME, True) + + try: + await ops_test.model.wait_for_idle( + apps=[DATABASE_APP_NAME], + status="blocked", + raise_on_blocked=True, + timeout=1000, + ) + assert False, "Leader didn't block" + except JujuUnitError: + pass + + leader_unit.workload_status_message == "extensions requested through relation"