Grafana Charm

Merge ~cjohnston/charm-grafana:ssl-fixes into charm-grafana:master

  1. Git
  2. lp:~cjohnston/charm-grafana
  3. ssl-fixes
  4. Merge into master
Proposed by Chris Johnston
Status: Merged
Approved by: James Troup
Approved revision: 3c5395262462ff8d556d51c3532674dcaff726e7
Merged at revision: 336504ee467922b9a8e157b89201c7dc35a6f2ca
Proposed branch: ~cjohnston/charm-grafana:ssl-fixes
Merge into: charm-grafana:master
Diff against target: 118 lines (+28/-10)
3 files modified
src/config.yaml (+8/-6)
src/lib/charms/layer/grafana.py (+9/-0)
src/reactive/grafana.py (+11/-4)
Reviewer Review Type Date Requested Status
Celia Wang Approve
BootStack Reviewers Pending
Review via email: mp+410186@code.launchpad.net

Commit message

If instance_name is provided, use instance_name for checks instead of 127.0.0.1

This is needed when using SSL with certs provided by the user as the certs don't include 127.0.0.1.

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Celia Wang (ziyiwang) wrote :

lint and unittests passed. running functional tests
code lgtm

Revision history for this message
Celia Wang (ziyiwang) wrote :

test passed. +1

fyi:
$ juju config grafana ssl_key="$(base64 -w 0 < ~/test.key)"
$ juju config grafana ssl_cert="$(base64 -w 0 < ~/test.crt)"
$ juju config grafana ssl_ca="$(base64 -w 0 < ~/test.ca)"

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 336504ee467922b9a8e157b89201c7dc35a6f2ca

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/src/config.yaml b/src/config.yaml
2index 9cc540b..ed84bc2 100644
3--- a/src/config.yaml
4+++ b/src/config.yaml
5@@ -196,18 +196,19 @@ options:
6 external_network:
7 default: "ext_net"
8 type: string
9- description: \
10+ description: |
11 Name for the network which hosts the Public IP address space.
12 allow_embedding:
13 default: False
14 type: boolean
15- description: \
16+ description: |
17 If false the Grafana HTTP responses will instruct browsers to not allow rendering Grafana in a <frame>, <iframe>, <embed> or <object>.
18 ssl_cert:
19 type: string
20 default:
21 description: |
22- TLS certificate to install and use for any listening services.
23+ Base64 encoded TLS certificate to install and use for any listening services.
24+ For example: `juju config grafana ssl_cert=$(base64 -w 0 /path/to/server.crt)`
25 .
26 __NOTE__: This configuration option will take precedence over any
27 certificates received over the ``certificates`` relation.
28@@ -215,15 +216,16 @@ options:
29 type: string
30 default:
31 description: |
32- TLS key to use with certificate specified as ``ssl_cert``.
33- .
34+ Base64 encoded TLS key to use with certificate specified as ``ssl_cert``.
35+ For example: `juju config grafana ssl_key=$(base64 -w 0 /path/to/server.key)` .
36 __NOTE__: This configuration option will take precedence over any
37 certificates received over the ``certificates`` relation.
38 ssl_ca:
39 type: string
40 default:
41 description: |
42- TLS CA to use to communicate with other components in a deployment.
43+ Base64 encoded TLS CA to use to communicate with other components in a deployment.
44+ For example: `juju config grafana ssl_ca=$(base64 -w 0 /path/to/ca.crt)` .
45 .
46 __NOTE__: This configuration option will take precedence over any
47 certificates received over the ``certificates`` relation.
48diff --git a/src/lib/charms/layer/grafana.py b/src/lib/charms/layer/grafana.py
49index 0fc3bd0..10135be 100644
50--- a/src/lib/charms/layer/grafana.py
51+++ b/src/lib/charms/layer/grafana.py
52@@ -370,3 +370,12 @@ def config_defined_ssl_cert():
53 def config_defined_ssl_ca():
54 """Get SSL CA from juju config."""
55 return _get_b64decode_for("ssl_ca")
56+
57+
58+@cached
59+def get_instance_name():
60+ """If defined, return the instance name."""
61+ if config("instance_name"):
62+ return config("instance_name")
63+ else:
64+ return "127.0.0.1"
65diff --git a/src/reactive/grafana.py b/src/reactive/grafana.py
66index cb641e8..0a96d4f 100644
67--- a/src/reactive/grafana.py
68+++ b/src/reactive/grafana.py
69@@ -103,6 +103,7 @@ from charms.layer.grafana import (
70 get_ca_cert_path,
71 get_deb_package_version,
72 get_installed_package_version,
73+ get_instance_name,
74 get_protocol,
75 import_dashboard,
76 )
77@@ -823,7 +824,9 @@ def get_current_dashboards(port, passwd):
78 https://grafana.com/docs/grafana/latest/http_api/folder_dashboard_search/
79 """
80 dash_req = requests.get(
81- "{}://127.0.0.1:{}/api/search?type=dash-db".format(get_protocol(), port),
82+ "{}://{}:{}/api/search?type=dash-db".format(
83+ get_protocol(), get_instance_name(), port
84+ ),
85 auth=("admin", passwd),
86 verify=get_ca_cert_path(),
87 )
88@@ -843,7 +846,9 @@ def get_current_dashboard_json(uid, port, passwd):
89 return default_dashboard
90
91 dash_req = requests.get(
92- "{}://127.0.0.1:{}/api/dashboards/uid/{}".format(get_protocol(), port, uid),
93+ "{}://{}:{}/api/dashboards/uid/{}".format(
94+ get_protocol(), get_instance_name(), port, uid
95+ ),
96 auth=("admin", passwd),
97 verify=get_ca_cert_path(),
98 )
99@@ -934,7 +939,9 @@ def check_and_add_dashboard(
100 )
101
102 hookenv.log("Using Dashboard Template: {}".format(filename))
103- post_req = "{}://127.0.0.1:{}/api/dashboards/db".format(get_protocol(), port)
104+ post_req = "{}://{}:{}/api/dashboards/db".format(
105+ get_protocol(), get_instance_name(), port
106+ )
107 r = requests.post(
108 post_req,
109 json=dashboard_json,
110@@ -1160,7 +1167,7 @@ def get_orgs(port, passwd):
111 https://grafana.com/docs/grafana/latest/http_api/org/
112 """
113 req = requests.get(
114- "{}://127.0.0.1:{}/api/orgs".format(get_protocol(), port),
115+ "{}://{}:{}/api/orgs".format(get_protocol(), get_instance_name(), port),
116 auth=("admin", passwd),
117 verify=get_ca_cert_path(),
118 )

Subscribers

People subscribed via source and target branches

to all changes: