Skip to content

Commit

Permalink
Merge branch 'main' into dpe-2838-secret-labels
Browse files Browse the repository at this point in the history
  • Loading branch information
@dragomirp
dragomirp committed Nov 17, 2023
2 parents 70e4e4c + c672b6e commit 30fd8e6
Show file tree
Hide file tree
Showing 15 changed files with 366 additions and 363 deletions.
7 changes: 7 additions & 0 deletions .github/renovate.json5
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,13 @@
"reviewers": ["dragomirp", "marceloneppel", "taurus-forever"],
"packageRules": [
// Later rules override earlier rules
{
"matchPackageNames": ["pydantic"],
"allowedVersions": "<2.0.0"
}, {
"matchPackageNames": ["python"],
"allowedVersions": "<3.11"
}
],
"regexManagers": [
{
Expand Down
10 changes: 8 additions & 2 deletions .github/workflows/ci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ on:
- '.jujuignore'
- 'LICENSE'
- '**.md'
- 'renovate.json'
- .github/renovate.json5
schedule:
- cron: '53 0 * * *' # Daily at 00:53 UTC
# Triggered on push to branch "main" by .github/workflows/release.yaml
Expand Down Expand Up @@ -123,8 +123,14 @@ jobs:
echo Skipping unstable tests
echo "mark_expression=and not unstable" >> "$GITHUB_OUTPUT"
fi
- name: Select test secret usage
id: select-test-secrets
if: ${{ github.event.pull_request.head.repo.full_name != 'canonical/postgresql-operator' }}
run: |
echo Skipping tests using secrets
echo "mark_secrets=and not uses_secrets" >> "$GITHUB_OUTPUT"
- name: Run integration tests
run: tox run -e ${{ matrix.tox-environment }} -- -m 'not ${{ matrix.exclude-mark }} ${{ steps.select-test-stability.outputs.mark_expression }}' --keep-models
run: tox run -e ${{ matrix.tox-environment }} -- -m 'not ${{ matrix.exclude-mark }} ${{ steps.select-test-secrets.outputs.mark_secrets }} ${{ steps.select-test-stability.outputs.mark_expression }}' --keep-models
env:
SECRETS_FROM_GITHUB: |
{
Expand Down
3 changes: 1 addition & 2 deletions .github/workflows/release.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,7 @@ on:
paths-ignore:
- 'tests/**'
- 'docs/**'
- renovate.json
- poetry.lock
- .github/renovate.json5
- pyproject.toml
- '.github/workflows/ci.yaml'
- '.github/workflows/lib-check.yaml'
Expand Down
34 changes: 27 additions & 7 deletions lib/charms/data_platform_libs/v0/data_interfaces.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -320,7 +320,7 @@ def _on_topic_requested(self, event: TopicRequestedEvent):

# Increment this PATCH version before using `charmcraft publish-lib` or reset
# to 0 if you are raising the major API version
LIBPATCH = 22
LIBPATCH = 23

PYDEPS = ["ops>=2.0.0"]

Expand Down Expand Up @@ -807,6 +807,9 @@ def _fetch_relation_data_without_secrets(
This is used typically when the Provides side wants to read the Requires side's data,
or when the Requires side may want to read its own data.
"""
if app not in relation.data or not relation.data[app]:
return {}

if fields:
return {k: relation.data[app][k] for k in fields if k in relation.data[app]}
else:
Expand All @@ -830,6 +833,9 @@ def _fetch_relation_data_with_secrets(
normal_fields = []

if not fields:
if app not in relation.data or not relation.data[app]:
return {}

all_fields = list(relation.data[app].keys())
normal_fields = [field for field in all_fields if not self._is_secret_field(field)]

Expand All @@ -853,8 +859,11 @@ def _fetch_relation_data_with_secrets(

def _update_relation_data_without_secrets(
self, app: Application, relation: Relation, data: Dict[str, str]
):
) -> None:
"""Updating databag contents when no secrets are involved."""
if app not in relation.data or relation.data[app] is None:
return

if any(self._is_secret_field(key) for key in data.keys()):
raise SecretsIllegalUpdateError("Can't update secret {key}.")

Expand All @@ -865,8 +874,19 @@ def _delete_relation_data_without_secrets(
self, app: Application, relation: Relation, fields: List[str]
) -> None:
"""Remove databag fields 'fields' from Relation."""
if app not in relation.data or not relation.data[app]:
return

for field in fields:
relation.data[app].pop(field)
try:
relation.data[app].pop(field)
except KeyError:
logger.debug(
"Non-existing field was attempted to be removed from the databag %s, %s",
str(relation.id),
str(field),
)
pass

# Public interface methods
# Handling Relation Fields seamlessly, regardless if in databag or a Juju Secret
Expand All @@ -880,9 +900,6 @@ def get_relation(self, relation_name, relation_id) -> Relation:
"Relation %s %s couldn't be retrieved", relation_name, relation_id
)

if not relation.app:
raise DataInterfacesError("Relation's application missing")

return relation

def fetch_relation_data(
Expand Down Expand Up @@ -1089,7 +1106,10 @@ def _delete_relation_secret(
# Remove secret from the relation if it's fully gone
if not new_content:
field = self._generate_secret_field_name(group)
relation.data[self.local_app].pop(field)
try:
relation.data[self.local_app].pop(field)
except KeyError:
pass

# Return the content that was removed
return True
Expand Down
24 changes: 11 additions & 13 deletions lib/charms/postgresql_k8s/v0/postgresql.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@

# Increment this PATCH version before using `charmcraft publish-lib` or reset
# to 0 if you are raising the major API version
LIBPATCH = 18
LIBPATCH = 20

INVALID_EXTRA_USER_ROLE_BLOCKING_MESSAGE = "invalid role(s) for extra user roles"

Expand Down Expand Up @@ -172,8 +172,7 @@ def create_database(self, database: str, user: str, plugins: List[str] = []) ->
raise PostgreSQLCreateDatabaseError()

# Enable preset extensions
for plugin in plugins:
self.enable_disable_extension(plugin, True, database)
self.enable_disable_extensions({plugin: True for plugin in plugins}, database)

def create_user(
self, user: str, password: str = None, admin: bool = False, extra_user_roles: str = None
Expand Down Expand Up @@ -270,22 +269,16 @@ def delete_user(self, user: str) -> None:
logger.error(f"Failed to delete user: {e}")
raise PostgreSQLDeleteUserError()

def enable_disable_extension(self, extension: str, enable: bool, database: str = None) -> None:
def enable_disable_extensions(self, extensions: Dict[str, bool], database: str = None) -> None:
"""Enables or disables a PostgreSQL extension.
Args:
extension: the name of the extensions.
enable: whether the extension should be enabled or disabled.
extensions: the name of the extensions.
database: optional database where to enable/disable the extension.
Raises:
PostgreSQLEnableDisableExtensionError if the operation fails.
"""
statement = (
f"CREATE EXTENSION IF NOT EXISTS {extension};"
if enable
else f"DROP EXTENSION IF EXISTS {extension};"
)
connection = None
try:
if database is not None:
Expand All @@ -301,7 +294,12 @@ def enable_disable_extension(self, extension: str, enable: bool, database: str =
with self._connect_to_database(
database=database
) as connection, connection.cursor() as cursor:
cursor.execute(statement)
for extension, enable in extensions.items():
cursor.execute(
f"CREATE EXTENSION IF NOT EXISTS {extension};"
if enable
else f"DROP EXTENSION IF EXISTS {extension};"
)
except psycopg2.errors.UniqueViolation:
pass
except psycopg2.Error:
Expand Down Expand Up @@ -514,7 +512,7 @@ def build_postgresql_parameters(
)
if profile == "production":
# Use 25% of the available memory for shared_buffers.
# and the remaind as cache memory.
# and the remaining as cache memory.
shared_buffers = int(available_memory * 0.25)
effective_cache_size = int(available_memory - shared_buffers)
parameters.setdefault("shared_buffers", f"{int(shared_buffers/10**6)}MB")
Expand Down
Loading

0 comments on commit 30fd8e6

Please sign in to comment.