Skip to content

Commit

Permalink
Merge pull request #15565 from barrettj12/merge-3.3-main-20230510
Browse files Browse the repository at this point in the history 
#15565

Merges the following patches:
- #15561
- #15558
- #15554
- #15555
- #15553
- #15552
- #15549
- #15538
- #15541
- #15534
- #15537
- #15535
- #15533
- #15529
- #15530
- #15522
- #15527
- #15523
- #15514
- #15524
- #15515
- #15520
- #15518
- #15510
- #15506
- #15500
- #15508
- #15497
- #15499
- #15492
- #15490
- #15487

### Conflicts
None.
  • Loading branch information
@jujubot
jujubot committed May 10, 2023
2 parents cf55542 + 6c86fae commit 5470622
Show file tree
Hide file tree
Showing 181 changed files with 1,288 additions and 604 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/client-tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,5 +59,5 @@ jobs:
if: (matrix.os == 'macOS-latest')
shell: bash
run: |
go test -v ./cmd/juju/... -check.v -coverprofile=coverage.txt -covermode=atomic -timeout=15m
go test -v ./cmd/plugins/... -check.v -coverprofile=coverage.txt -covermode=atomic -timeout=15m
go test -race -v ./cmd/juju/... -check.v -coverprofile=coverage.txt -covermode=atomic -timeout=15m
go test -race -v ./cmd/plugins/... -check.v -coverprofile=coverage.txt -covermode=atomic -timeout=15m
2 changes: 2 additions & 0 deletions Makefile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -261,6 +261,8 @@ define run_cgo_install
CGO_LDFLAGS_ALLOW="(-Wl,-wrap,pthread_create)|(-Wl,-z,now)" \
LD_LIBRARY_PATH="${DQLITE_EXTRACTED_DEPS_ARCHIVE_PATH}" \
CGO_ENABLED=1 \
GOOS=${GOOS} \
GOARCH=${GOARCH} \
go install \
-mod=$(JUJU_GOMOD_MODE) \
-tags=$(BUILD_TAGS) \
Expand Down
2 changes: 1 addition & 1 deletion api/agent/provisioner/provisioner_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ import (
"github.com/juju/names/v4"
jc "github.com/juju/testing/checkers"
"github.com/juju/utils/v3"
"github.com/juju/utils/v3/arch"
gc "gopkg.in/check.v1"

"github.com/juju/juju/api"
Expand All @@ -21,6 +20,7 @@ import (
apitesting "github.com/juju/juju/api/testing"
apiservererrors "github.com/juju/juju/apiserver/errors"
"github.com/juju/juju/container"
"github.com/juju/juju/core/arch"
"github.com/juju/juju/core/constraints"
"github.com/juju/juju/core/instance"
"github.com/juju/juju/core/life"
Expand Down
5 changes: 0 additions & 5 deletions api/client/modelmanager/modelmanager.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ import (
"github.com/juju/juju/core/model"
"github.com/juju/juju/core/permission"
"github.com/juju/juju/environs/config"
"github.com/juju/juju/rpc"
"github.com/juju/juju/rpc/params"
)

Expand Down Expand Up @@ -76,10 +75,6 @@ func (c *Client) CreateModel(
var modelInfo params.ModelInfo
err := c.facade.FacadeCall("CreateModel", createArgs, &modelInfo)
if err != nil {
// We don't want the message to contain the "(already exists)" suffix.
if rpcErr, ok := errors.Cause(err).(*rpc.RequestError); ok {
return result, errors.New(rpcErr.Message)
}
return result, errors.Trace(err)
}
return convertParamsModelInfo(modelInfo)
Expand Down
2 changes: 1 addition & 1 deletion apiserver/common/tools_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,13 +11,13 @@ import (
"github.com/juju/names/v4"
jujutesting "github.com/juju/testing"
jc "github.com/juju/testing/checkers"
"github.com/juju/utils/v3/arch"
"github.com/juju/version/v2"
gc "gopkg.in/check.v1"

"github.com/juju/juju/apiserver/common"
"github.com/juju/juju/apiserver/common/mocks"
apiservertesting "github.com/juju/juju/apiserver/testing"
"github.com/juju/juju/core/arch"
"github.com/juju/juju/core/network"
coreos "github.com/juju/juju/core/os"
"github.com/juju/juju/environs"
Expand Down
6 changes: 3 additions & 3 deletions apiserver/facades/agent/provisioner/provisioner_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -548,7 +548,7 @@ func (s *withoutControllerSuite) TestMachinesWithTransientErrors(c *gc.C) {
}
err = s.machines[4].SetInstanceStatus(sInfo)
c.Assert(err, jc.ErrorIsNil)
hwChars := instance.MustParseHardware("arch=i386", "mem=4G")
hwChars := instance.MustParseHardware("arch=arm64", "mem=4G")
err = s.machines[4].SetProvisioned("i-am", "", "fake_nonce", &hwChars)
c.Assert(err, jc.ErrorIsNil)

Expand Down Expand Up @@ -1251,7 +1251,7 @@ func (s *withoutControllerSuite) TestSetInstanceInfo(c *gc.C) {
c.Assert(err, jc.ErrorIsNil)

// Provision machine 0 first.
hwChars := instance.MustParseHardware("arch=i386", "mem=4G")
hwChars := instance.MustParseHardware("arch=arm64", "mem=4G")
err = s.machines[0].SetInstanceInfo("i-am", "", "fake_nonce", &hwChars, nil, nil, nil, nil, nil)
c.Assert(err, jc.ErrorIsNil)

Expand Down Expand Up @@ -1358,7 +1358,7 @@ func (s *withoutControllerSuite) TestInstanceId(c *gc.C) {
// Provision 2 machines first.
err := s.machines[0].SetProvisioned("i-am", "", "fake_nonce", nil)
c.Assert(err, jc.ErrorIsNil)
hwChars := instance.MustParseHardware("arch=i386", "mem=4G")
hwChars := instance.MustParseHardware("arch=arm64", "mem=4G")
err = s.machines[1].SetProvisioned("i-am-not", "", "fake_nonce", &hwChars)
c.Assert(err, jc.ErrorIsNil)

Expand Down
53 changes: 45 additions & 8 deletions apiserver/facades/agent/secretsmanager/secrets.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -417,7 +417,7 @@ func (s *SecretsManagerAPI) getSecretConsumerInfo(consumerTag names.Tag, uriStr
if consumer.Label != "" {
return consumer, nil
}
md, err := s.getAppOwnedOrUnitOwnedSecretMetadata(uri, "", false)
md, err := s.getAppOwnedOrUnitOwnedSecretMetadata(uri, "", false, false)
if errors.Is(err, errors.NotFound) {
// The secret is owned by a different application.
return consumer, nil
Expand Down Expand Up @@ -613,14 +613,51 @@ func (s *SecretsManagerAPI) ensureConsumerMetadataForAppOwnedSecretsForPeerUnits
return md, nil
}

func (s *SecretsManagerAPI) getAppOwnedOrUnitOwnedSecretMetadata(uri *coresecrets.URI, label string, ensureConsumerMetaData bool) (md *coresecrets.SecretMetadata, err error) {
func (s *SecretsManagerAPI) updateLabelForAppOwnedOrUnitOwnedSecret(uri *coresecrets.URI, label string, md *coresecrets.SecretMetadata) error {
if uri == nil || label == "" {
// We have done this check before, but it doesn't hurt to do it again.
return nil
}

ownerTag, err := names.ParseTag(md.OwnerTag)
if err != nil {
return errors.Trace(err)
}
isLeaderUnit, err := commonsecrets.IsLeaderUnit(s.authTag, s.leadershipChecker)
if err != nil {
return errors.Trace(err)
}
if ownerTag == s.authTag || commonsecrets.IsSameApplication(ownerTag, s.authTag) && isLeaderUnit {
// The secret is owned by the caller or the caller is the leader unit of the application owning the secret.
token, err := commonsecrets.LeadershipToken(s.authTag, s.leadershipChecker)
if err != nil {
return errors.Trace(err)
}
// Update the label.
_, err = s.secretsState.UpdateSecret(uri, state.UpdateSecretParams{
LeaderToken: token,
Label: &label,
})
return errors.Trace(err)
}
return nil
}

func (s *SecretsManagerAPI) getAppOwnedOrUnitOwnedSecretMetadata(uri *coresecrets.URI, label string, ensureConsumerMetaData, updateLabel bool) (md *coresecrets.SecretMetadata, err error) {
notFoundErr := errors.NotFoundf("secret %q", uri)
if label != "" {
notFoundErr = errors.NotFoundf("secret with label %q", label)
}
defer func() {
if md == nil || md.OwnerTag == s.authTag.String() || !ensureConsumerMetaData {
// Either errored out or found a secret owned by the caller.
if md == nil {
return
}
if updateLabel {
if err = s.updateLabelForAppOwnedOrUnitOwnedSecret(uri, label, md); err != nil {
return
}
}
if md.OwnerTag == s.authTag.String() || !ensureConsumerMetaData {
return
}
md, err = s.ensureConsumerMetadataForAppOwnedSecretsForPeerUnits(md)
Expand Down Expand Up @@ -671,10 +708,13 @@ func (s *SecretsManagerAPI) getSecretContent(arg params.GetSecretContentArg) (
}
}

// arg.Label could be the consumer label for consumers or the owner label for owners.
possibleUpdateLabel := arg.Label != "" && uri != nil

// For local secrets, check those which may be owned by the caller.
if uri == nil || uri.IsLocal(s.modelUUID) {
// Owner units should always have the URI because we resolved the label to URI on uniter side already.
md, err := s.getAppOwnedOrUnitOwnedSecretMetadata(uri, arg.Label, true)
md, err := s.getAppOwnedOrUnitOwnedSecretMetadata(uri, arg.Label, true, possibleUpdateLabel)
if err != nil && !errors.Is(err, errors.NotFound) {
return nil, nil, false, errors.Trace(err)
}
Expand All @@ -694,9 +734,6 @@ func (s *SecretsManagerAPI) getSecretContent(arg params.GetSecretContentArg) (
}
}

// arg.Label is the consumer label for consumers.
possibleUpdateLabel := arg.Label != "" && uri != nil

if uri == nil {
var err error
uri, err = s.secretsConsumer.GetURIByConsumerLabel(arg.Label, s.authTag)
Expand Down
91 changes: 91 additions & 0 deletions apiserver/facades/agent/secretsmanager/secrets_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -716,6 +716,97 @@ func (s *SecretsManagerSuite) TestGetSecretContentForOwnerSecretLabelArg(c *gc.C
})
}

func (s *SecretsManagerSuite) TestGetSecretContentForUnitOwnedSecretUpdateLabel(c *gc.C) {
defer s.setup(c).Finish()

data := map[string]string{"foo": "bar"}
val := coresecrets.NewSecretValue(data)
uri := coresecrets.NewURI()
s.secretsState.EXPECT().ListSecrets(state.SecretsFilter{
OwnerTags: []names.Tag{
names.NewUnitTag("mariadb/0"),
names.NewApplicationTag("mariadb"),
},
}).Return([]*coresecrets.SecretMetadata{
{
URI: uri,
LatestRevision: 668,
Label: "foo",
OwnerTag: s.authTag.String(),
},
}, nil)
s.leadership.EXPECT().LeadershipCheck("mariadb", "mariadb/0").Return(s.token).Times(2)
s.token.EXPECT().Check().Return(nil).Times(2)
s.secretsState.EXPECT().UpdateSecret(uri, state.UpdateSecretParams{
LeaderToken: s.token,
Label: ptr("foo"),
}).Return(nil, nil)

s.secretsState.EXPECT().GetSecretValue(uri, 668).Return(
val, nil, nil,
)

results, err := s.facade.GetSecretContentInfo(params.GetSecretContentArgs{
Args: []params.GetSecretContentArg{
{URI: uri.String(), Label: "foo"},
},
})
c.Assert(err, jc.ErrorIsNil)
c.Assert(results, jc.DeepEquals, params.SecretContentResults{
Results: []params.SecretContentResult{{
Content: params.SecretContentParams{Data: data},
}},
})
}

func (s *SecretsManagerSuite) TestGetSecretContentForAppSecretUpdateLabel(c *gc.C) {
defer s.setup(c).Finish()

data := map[string]string{"foo": "bar"}
val := coresecrets.NewSecretValue(data)
uri := coresecrets.NewURI()
s.secretsState.EXPECT().ListSecrets(state.SecretsFilter{
OwnerTags: []names.Tag{
names.NewUnitTag("mariadb/0"),
names.NewApplicationTag("mariadb"),
},
}).Return([]*coresecrets.SecretMetadata{
{
URI: uri,
LatestRevision: 668,
Label: "foo",
OwnerTag: names.NewApplicationTag("mariadb").String(),
},
}, nil)
s.leadership.EXPECT().LeadershipCheck("mariadb", "mariadb/0").Return(s.token).Times(2)
s.token.EXPECT().Check().Return(nil).Times(2)
s.secretsState.EXPECT().UpdateSecret(uri, state.UpdateSecretParams{
LeaderToken: s.token,
Label: ptr("foo"),
}).Return(nil, nil)

s.secretsConsumer.EXPECT().GetSecretConsumer(uri, s.authTag).
Return(nil, errors.NotFoundf("secret consumer"))
s.secretsConsumer.EXPECT().SaveSecretConsumer(
uri, names.NewUnitTag("mariadb/0"), &coresecrets.SecretConsumerMetadata{}).Return(nil)

s.secretsState.EXPECT().GetSecretValue(uri, 668).Return(
val, nil, nil,
)

results, err := s.facade.GetSecretContentInfo(params.GetSecretContentArgs{
Args: []params.GetSecretContentArg{
{URI: uri.String(), Label: "foo"},
},
})
c.Assert(err, jc.ErrorIsNil)
c.Assert(results, jc.DeepEquals, params.SecretContentResults{
Results: []params.SecretContentResult{{
Content: params.SecretContentParams{Data: data},
}},
})
}

func (s *SecretsManagerSuite) TestGetSecretContentForUnitAccessApplicationOwnedSecret(c *gc.C) {
defer s.setup(c).Finish()

Expand Down
41 changes: 16 additions & 25 deletions apiserver/facades/client/application/application.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -601,34 +601,25 @@ func deployApplication(
return errors.Trace(err)
}

// convertCharmOrigin converts a params CharmOrigin to a core charm
// Origin. If the input origin is nil, a core charm Origin is deduced
// from the provided data. It is used in both deploying and refreshing
// charms, including from old clients which aren't charm origin aware.
// MaybeSeries is a fallback if the origin is not provided.
func convertCharmOrigin(origin *params.CharmOrigin, curl *charm.URL) (corecharm.Origin, error) {
var (
originType string
platform corecharm.Platform
)
if origin != nil {
originType = origin.Type
base, err := series.ParseBase(origin.Base.Name, origin.Base.Channel)
if err != nil {
return corecharm.Origin{}, errors.Trace(err)
}
platform = corecharm.Platform{
Architecture: origin.Architecture,
OS: base.OS,
Channel: base.Channel.Track,
}
if origin == nil {
return corecharm.Origin{}, errors.NotValidf("nil charm origin")
}

switch {
case origin.Source == "local":
return corecharm.Origin{
Type: originType,
Source: corecharm.Local,
Revision: &curl.Revision,
Platform: platform,
}, nil
case origin.Source != "charm-hub":
return corecharm.Origin{}, errors.NotValidf("origin source not local nor charm-hub")
originType := origin.Type
base, err := series.ParseBase(origin.Base.Name, origin.Base.Channel)
if err != nil {
return corecharm.Origin{}, errors.Trace(err)
}
platform := corecharm.Platform{
Architecture: origin.Architecture,
OS: base.OS,
Channel: base.Channel.Track,
}

var track string
Expand Down
Loading

0 comments on commit 5470622

Please sign in to comment.