diff --git a/src/charm.py b/src/charm.py index 3c4512a..bbd6398 100755 --- a/src/charm.py +++ b/src/charm.py @@ -308,6 +308,7 @@ def _send_ca_cert(self): certificates={ca_cert}, relation_id=relation.id ) logger.info("Sent CA certificate to relation %s", relation.id) + def _configure_juju_workload_version(self): """Set the Juju workload version to the Notary version.""" if not self.unit.is_leader(): diff --git a/tests/integration/test_charm.py b/tests/integration/test_charm.py index fcaa92c..630115d 100644 --- a/tests/integration/test_charm.py +++ b/tests/integration/test_charm.py @@ -33,8 +33,6 @@ TRAEIK_K8S_APPLICATION_NAME = "traefik-k8s" TLS_PROVIDER_APPLICATION_NAME = "self-signed-certificates" TLS_REQUIRER_APPLICATION_NAME = "tls-certificates-requirer" -# TODO: Set correct revision when https://github.com/canonical/traefik-k8s-operator/pull/407 is merged -TRAEIK_K8S_REVISION = 1 @pytest.mark.abort_on_fail @@ -199,15 +197,19 @@ async def test_given_application_deployed_when_related_to_traefik_k8s_then_all_s application_name=TRAEIK_K8S_APPLICATION_NAME, trust=True, channel="stable", - revision=TRAEIK_K8S_REVISION, ) + # TODO (Tracked in TLSENG-475): This is a workaround so Traefik has the same CA as Notary + # This should be removed and certificate transfer should be used instead + # Notary k8s implements V1 of the certificate transfer interface, + # And the following PR is needed to get Traefik to use it too: + # https://github.com/canonical/traefik-k8s-operator/issues/407 await ops_test.model.integrate( - relation1=f"{APP_NAME}:ingress", - relation2=f"{TRAEIK_K8S_APPLICATION_NAME}:ingress", + relation1=f"{TLS_PROVIDER_APPLICATION_NAME}:certificates", + relation2=f"{TRAEIK_K8S_APPLICATION_NAME}", ) await ops_test.model.integrate( - relation1=f"{APP_NAME}:send-ca-cert", - relation2=f"{TRAEIK_K8S_APPLICATION_NAME}:receive-ca-cert-v1", + relation1=f"{APP_NAME}:ingress", + relation2=f"{TRAEIK_K8S_APPLICATION_NAME}:ingress", ) await ops_test.model.wait_for_idle( apps=[APP_NAME, TRAEIK_K8S_APPLICATION_NAME], @@ -226,9 +228,9 @@ async def get_notary_endpoint(ops_test: OpsTest) -> str: notary_ip = status.applications[APP_NAME].units[f"{APP_NAME}/0"].address return f"https://{notary_ip}:2111" + async def get_external_notary_endpoint(ops_test: OpsTest) -> str: assert ops_test.model - status = await ops_test.model.get_status() traefik_proxied_endpoints = await run_show_traefik_proxied_endpoints_action(ops_test) return json.loads(traefik_proxied_endpoints).get(APP_NAME, "").get("url", "") @@ -259,6 +261,7 @@ async def run_get_certificate_action(ops_test: OpsTest) -> str: action_output = await ops_test.model.get_action_output(action_uuid=action.entity_id, wait=30) return action_output.get("certificates", "") + async def run_show_traefik_proxied_endpoints_action(ops_test: OpsTest) -> str: assert ops_test.model traefik_k8s_unit = ops_test.model.units[f"{TRAEIK_K8S_APPLICATION_NAME}/0"] @@ -266,6 +269,7 @@ async def run_show_traefik_proxied_endpoints_action(ops_test: OpsTest) -> str: action_output = await ops_test.model.get_action_output(action_uuid=action.entity_id, wait=30) return action_output.get("proxied-endpoints", "") + async def get_file_from_notary(ops_test: OpsTest, file_name: str) -> str: notary_unit = ops_test.model.units[f"{APP_NAME}/0"] # type: ignore action = await notary_unit.run(f"cat /var/lib/juju/storage/config/0/{file_name}") # type: ignore diff --git a/tests/unit/test_charm.py b/tests/unit/test_charm.py index d704a13..e9f50c2 100644 --- a/tests/unit/test_charm.py +++ b/tests/unit/test_charm.py @@ -3690,8 +3690,9 @@ def test_given_send_ca_requirer_when_configure_then_ca_cert_sent( **{ "is_api_available.return_value": True, "is_initialized.return_value": True, - "login.return_value": "example-token", + "login.return_value": LoginResponse(token="example-token"), "token_is_valid.return_value": True, + "get_version.return_value": "1.2.3", }, ), ):