From 2a009a9e3913b95d8b08d1c0ecaf8877427cbf6b Mon Sep 17 00:00:00 2001
From: PietroPasotti <starfire.daemon@gmail.com>
Date: Wed, 24 Apr 2024 15:26:14 +0200
Subject: [PATCH] Fix certhandler relation broken (#84)

* skip pushing csr if relation is dead

* fixed issue with relation-broken in certhandler:

* lint
---
 lib/charms/observability_libs/v0/cert_handler.py | 9 ++++++++-
 lib/charms/observability_libs/v1/cert_handler.py | 9 ++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/lib/charms/observability_libs/v0/cert_handler.py b/lib/charms/observability_libs/v0/cert_handler.py
index 9dcfc8f..0fc610f 100644
--- a/lib/charms/observability_libs/v0/cert_handler.py
+++ b/lib/charms/observability_libs/v0/cert_handler.py
@@ -67,7 +67,7 @@
 
 LIBID = "b5cd5cd580f3428fa5f59a8876dcbe6a"
 LIBAPI = 0
-LIBPATCH = 11
+LIBPATCH = 12
 
 
 def is_ip_address(value: str) -> bool:
@@ -240,6 +240,13 @@ def _generate_csr(
 
         This method intentionally does not emit any events, leave it for caller's responsibility.
         """
+        # if we are in a relation-broken hook, we might not have a relation to publish the csr to.
+        if not self.charm.model.get_relation(self.certificates_relation_name):
+            logger.warning(
+                f"No {self.certificates_relation_name!r} relation found. " f"Cannot generate csr."
+            )
+            return
+
         # At this point, assuming "peer joined" and "certificates joined" have already fired
         # (caller must guard) so we must have a private_key entry in relation data at our disposal.
         # Otherwise, traceback -> debug.
diff --git a/lib/charms/observability_libs/v1/cert_handler.py b/lib/charms/observability_libs/v1/cert_handler.py
index 1375550..79458e0 100644
--- a/lib/charms/observability_libs/v1/cert_handler.py
+++ b/lib/charms/observability_libs/v1/cert_handler.py
@@ -65,7 +65,7 @@
 
 LIBID = "b5cd5cd580f3428fa5f59a8876dcbe6a"
 LIBAPI = 1
-LIBPATCH = 4
+LIBPATCH = 5
 
 
 def is_ip_address(value: str) -> bool:
@@ -221,6 +221,13 @@ def _generate_csr(
 
         This method intentionally does not emit any events, leave it for caller's responsibility.
         """
+        # if we are in a relation-broken hook, we might not have a relation to publish the csr to.
+        if not self.charm.model.get_relation(self.certificates_relation_name):
+            logger.warning(
+                f"No {self.certificates_relation_name!r} relation found. " f"Cannot generate csr."
+            )
+            return
+
         # In case we already have a csr, do not overwrite it by default.
         if overwrite or renew or not self._csr:
             private_key = self.private_key