Permalink
Cannot retrieve contributors at this time
Fetching contributors…
Cannot retrieve contributors at this time
| #!/usr/bin/python | |
| # Licensed under the Apache License, Version 2.0 (the "License"); | |
| # you may not use this file except in compliance with the License. | |
| # You may obtain a copy of the License at | |
| # | |
| # http://www.apache.org/licenses/LICENSE-2.0 | |
| # | |
| # Unless required by applicable law or agreed to in writing, software | |
| # distributed under the License is distributed on an "AS IS" BASIS, | |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| # See the License for the specific language governing permissions and | |
| # limitations under the License. | |
| import os | |
| from charms.reactive import RelationBase | |
| from charms.reactive import hook | |
| from charms.reactive import scopes | |
| class EtcdClient(RelationBase): | |
| scope = scopes.GLOBAL | |
| @hook('{requires:etcd}-relation-{joined,changed}') | |
| def changed(self): | |
| ''' Indicate the relation is connected, and if the relation data is | |
| set it is also available. ''' | |
| self.set_state('{relation_name}.connected') | |
| if self.get_connection_string(): | |
| self.set_state('{relation_name}.available') | |
| # Get the ca, key, cert from the relation data. | |
| cert = self.get_client_credentials() | |
| # The tls state depends on the existance of the ca, key and cert. | |
| if cert['client_cert'] and cert['client_key'] and cert['client_ca']: # noqa | |
| self.set_state('{relation_name}.tls.available') | |
| @hook('{requires:etcd}-relation-{broken, departed}') | |
| def broken(self): | |
| ''' Indicate the relation is no longer available and not connected. ''' | |
| self.remove_state('{relation_name}.available') | |
| self.remove_state('{relation_name}.connected') | |
| self.remove_state('{relation_name}.tls.available') | |
| def connection_string(self): | |
| ''' This method is depreciated but ensures backward compatibility | |
| @see get_connection_string(self). ''' | |
| return self.get_connection_string() | |
| def get_connection_string(self): | |
| ''' Return the connection string, if available, or None. ''' | |
| return self.get_remote('connection_string') | |
| def get_client_credentials(self): | |
| ''' Return a dict with the client certificate, ca and key to | |
| communicate with etcd using tls. ''' | |
| return {'client_cert': self.get_remote('client_cert'), | |
| 'client_key': self.get_remote('client_key'), | |
| 'client_ca': self.get_remote('client_ca')} | |
| def save_client_credentials(self, key, cert, ca): | |
| ''' Save all the client certificates for etcd to local files. ''' | |
| self._save_remote_data('client_cert', cert) | |
| self._save_remote_data('client_key', key) | |
| self._save_remote_data('client_ca', ca) | |
| def _save_remote_data(self, key, path): | |
| ''' Save the remote data to a file indicated by path creating the | |
| parent directory if needed.''' | |
| value = self.get_remote(key) | |
| if value: | |
| parent = os.path.dirname(path) | |
| if not os.path.isdir(parent): | |
| os.makedirs(parent) | |
| with open(path, 'w') as stream: | |
| stream.write(value) |