Skip to content

Commit

Permalink
chore: update charm libraries
Browse files Browse the repository at this point in the history
  • Loading branch information
observability-noctua-bot committed Aug 16, 2024
1 parent b48489a commit 4c53a67
Show file tree
Hide file tree
Showing 6 changed files with 335 additions and 154 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,6 @@ def _on_certificate_removed(self, event: CertificateRemovedEvent):
"""


import json
import logging
from typing import List, Mapping
Expand All @@ -113,7 +112,7 @@ def _on_certificate_removed(self, event: CertificateRemovedEvent):

# Increment this PATCH version before using `charmcraft publish-lib` or reset
# to 0 if you are raising the major API version
LIBPATCH = 7
LIBPATCH = 8

PYDEPS = ["jsonschema"]

Expand Down
6 changes: 4 additions & 2 deletions lib/charms/loki_k8s/v1/loki_push_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -527,7 +527,7 @@ def _alert_rules_error(self, event):

# Increment this PATCH version before using `charmcraft publish-lib` or reset
# to 0 if you are raising the major API version
LIBPATCH = 11
LIBPATCH = 12

PYDEPS = ["cosl"]

Expand Down Expand Up @@ -2562,7 +2562,9 @@ def _update_logging(self, _):
return

for container in self._charm.unit.containers.values():
self._update_endpoints(container, loki_endpoints)
if container.can_connect():
self._update_endpoints(container, loki_endpoints)
# else: `_update_endpoints` will be called on pebble-ready anyway.

def _retrieve_endpoints_from_relation(self) -> dict:
loki_endpoints = {}
Expand Down
27 changes: 14 additions & 13 deletions lib/charms/observability_libs/v1/cert_handler.py
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,7 @@

import logging

from ops.charm import CharmBase, RelationBrokenEvent
from ops.charm import CharmBase
from ops.framework import EventBase, EventSource, Object, ObjectEvents
from ops.jujuversion import JujuVersion
from ops.model import Relation, Secret, SecretNotFoundError
Expand All @@ -67,7 +67,7 @@

LIBID = "b5cd5cd580f3428fa5f59a8876dcbe6a"
LIBAPI = 1
LIBPATCH = 10
LIBPATCH = 11

VAULT_SECRET_LABEL = "cert-handler-private-vault"

Expand Down Expand Up @@ -260,7 +260,13 @@ def retrieve(self) -> Dict[str, str]:

def clear(self):
"""Clear the vault."""
self._backend.clear()
try:
self._backend.clear()
except SecretNotFoundError:
# guard against: https://github.com/canonical/observability-libs/issues/95
# this is fine, it might mean an earlier hook had already called .clear()
# not sure what exactly the root cause is, might be a juju bug
logger.debug("Could not clear vault: secret is gone already.")


class CertHandler(Object):
Expand Down Expand Up @@ -344,10 +350,6 @@ def __init__(
self.certificates.on.all_certificates_invalidated, # pyright: ignore
self._on_all_certificates_invalidated,
)
self.framework.observe(
self.charm.on[self.certificates_relation_name].relation_broken, # pyright: ignore
self._on_certificates_relation_broken,
)
self.framework.observe(
self.charm.on.upgrade_charm, # pyright: ignore
self._on_upgrade_charm,
Expand Down Expand Up @@ -574,14 +576,13 @@ def _on_certificate_invalidated(self, event: CertificateInvalidatedEvent) -> Non
self.on.cert_changed.emit() # pyright: ignore

def _on_all_certificates_invalidated(self, _: AllCertificatesInvalidatedEvent) -> None:
# Do what you want with this information, probably remove all certificates
# Note: assuming "limit: 1" in metadata
self._generate_csr(overwrite=True, clear_cert=True)
self.on.cert_changed.emit() # pyright: ignore

def _on_certificates_relation_broken(self, _: RelationBrokenEvent) -> None:
"""Clear all secrets data when removing the relation."""
# Note: assuming "limit: 1" in metadata
# The "certificates_relation_broken" event is converted to "all invalidated" custom
# event by the tls-certificates library. Per convention, we let the lib manage the
# relation and we do not observe "certificates_relation_broken" directly.
self.vault.clear()
# We do not generate a CSR here because the relation is gone.
self.on.cert_changed.emit() # pyright: ignore

def _check_juju_supports_secrets(self) -> bool:
Expand Down
Loading

0 comments on commit 4c53a67

Please sign in to comment.