Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

implement certificate transfer interface #279

Merged
merged 4 commits into from
Dec 5, 2023
Merged

implement certificate transfer interface #279

merged 4 commits into from
Dec 5, 2023

Conversation

bencekov
Copy link
Contributor

Issue

This PR is a solution for issue #277.

Solution

This pr implements handling the self-signed-certificate's certificate_transfer interface.
When the certificate_transfer integration databag is updated with a new certificate the following steps are taken:

  • Grafana app restarts.
  • The cert from the relation is stored in a file in directory /usr/local/share/ca-certificates.
  • Trusted certificates are updated.

When the cert is revoked by the relation, the file in /usr/local/share/ca-certificates is deleted, grafana is restarted,
and the trusted certificates are updated.

Context

Testing Instructions

An integration test is included to check for the received certificate being included among the trusted certificates.
tox -e integration

Release Notes

nsklikas
nsklikas reviewed Nov 30, 2023
View reviewed changes
src/charm.py Outdated Show resolved Hide resolved
metadata.yaml Show resolved Hide resolved
src/charm.py Show resolved Hide resolved
src/charm.py Outdated Show resolved Hide resolved
shipperizer
shipperizer reviewed Nov 30, 2023
View reviewed changes
src/charm.py Outdated Show resolved Hide resolved
src/charm.py Outdated Show resolved Hide resolved
src/charm.py Show resolved Hide resolved
@observability-noctua-bot observability-noctua-bot changed the title Iam 591 implement certificate transfer interface implement certificate transfer interface Nov 30, 2023
@bencekov bencekov marked this pull request as ready for review December 1, 2023 12:11
sed-i
sed-i reviewed Dec 4, 2023
View reviewed changes
.wokeignore Outdated Show resolved Hide resolved
metadata.yaml Show resolved Hide resolved
src/charm.py Show resolved Hide resolved
src/charm.py Show resolved Hide resolved
bencekov added a commit to bencekov/grafana-k8s-operator that referenced this pull request Dec 4, 2023
@bencekov
fix: minor fixes based on comments on pr canonical#279
3650399
@bencekov bencekov force-pushed the IAM-591-Implement-certificate-transfer-interface branch from 5be044b to 00b505f Compare December 4, 2023 22:26
@bencekov
Copy link
Contributor Author

bencekov commented Dec 4, 2023

To avoid the issues with asyncio that came from the recent breaking changes I pinned pytest-asyncio to version 0.21.1.

@bencekov bencekov mentioned this pull request Dec 5, 2023
Open
@PietroPasotti PietroPasotti merged commit 1ac9090 into canonical:main Dec 5, 2023
12 checks passed
@nsklikas nsklikas mentioned this pull request Jan 16, 2024
Merged
@ca-scribner ca-scribner mentioned this pull request Jan 19, 2024
Open
@sed-i sed-i mentioned this pull request Apr 18, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sed-i sed-i sed-i approved these changes

@shipperizer shipperizer Awaiting requested review from shipperizer

@nsklikas nsklikas Awaiting requested review from nsklikas

@Abuelodelanada Abuelodelanada Awaiting requested review from Abuelodelanada

@lucabello lucabello Awaiting requested review from lucabello

@PietroPasotti PietroPasotti Awaiting requested review from PietroPasotti

@dstathis dstathis Awaiting requested review from dstathis

@simskij simskij Awaiting requested review from simskij

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@bencekov @shipperizer @nsklikas @sed-i @PietroPasotti