Mojo: Continuous Delivery for Juju

Merge ~cjwatson/mojo/+git/subordinates:userdir-ldap into ~mojo-maintainers/mojo/+git/subordinates:master

  1. Git
  2. lp:~cjwatson/mojo/+git/subordinates
  3. userdir-ldap
  4. Merge into master
Proposed by Colin Watson
Status: Merged
Approved by: Tom Haddon
Approved revision: 8fbb0da1f1dbe7a5030ab7309c4b098bc8a7c930
Merged at revision: a21ca12cce08a4cd0f95bcdb9c08fdde28023ff9
Proposed branch: ~cjwatson/mojo/+git/subordinates:userdir-ldap
Merge into: ~mojo-maintainers/mojo/+git/subordinates:master
Diff against target: 143 lines (+46/-8)
6 files modified
README.md (+5/-0)
bundle-userdir-ldap.yaml (+7/-0)
charms_to_relate.yaml (+4/-0)
manifest-userdir-ldap (+7/-0)
tests/test_relations.py (+15/-5)
utils/relations.py (+8/-3)
Reviewer Review Type Date Requested Status
Tom Haddon Approve
Canonical IS Reviewers Pending
Review via email: mp+402416@code.launchpad.net

Commit message

Add an optional manifest-userdir-ldap

Description of the change

Some deployments want userdir-ldap, which is a reasonable fit here, but isn't wanted everywhere. Add a separate manifest for this as suggested by Tom Haddon in https://portal.admin.canonical.com/C130650.

To post a comment you must log in.
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
Tom Haddon (mthaddon) wrote :

One comment line about the archive to use for this.

Also, can you update the README to mention this?

Revision history for this message
Colin Watson (cjwatson) wrote :

The inline comment was lost somehow, but you were wondering whether we could use an IS-owned (private) PPA for this. I looked into that, since I'd certainly prefer to use a PPA over CAT. Unfortunately it's rather painful. add-apt-repository only supports public PPAs (https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/645404), so the only way to do this would be to put explicit username/password credentials in the URL. Those obviously can't be committed to a git repository like this. If at some point there could be a public version of that PPA (IIRC it originally derived from Debian code anyway?), it would be straightforward to switch to that; or it could be configured manually for individual deployments (`juju config userdir-ldap apt-repo-spec` etc.) if it's thought to be worth it. Otherwise I can't really think of a way to do what you request.

I've updated the README as requested.

Revision history for this message
Tom Haddon (mthaddon) wrote :

Thanks for the readme update.

I think we could require a secret to be configured in the environment that includes the required credentials (as we do for UA and landscape). We could adapt the check-secrets script to confirm the secrets necessary are there, and then update the bundle line to use the appropriate secrets.

Having said that, I'm not actually sure off the top of my head whether what's needed via the PPA (or -cat) really does need to be secret, or could be moved to a public PPA. I'll follow up on this next week.

Revision history for this message
Colin Watson (cjwatson) wrote :

@mthaddon, did you have a chance to follow up on the PPA privacy question, or should I go ahead with sorting out secrets configuration? I'd obviously prefer to avoid that work if we can just make the thing public instead, but otherwise I can deal with it.

Revision history for this message
Colin Watson (cjwatson) wrote :

I notice that a not-very-much-older version is already public in https://launchpad.net/~canonical-bootstack/+archive/ubuntu/public/+packages.

Revision history for this message
Tom Haddon (mthaddon) wrote :

LGTM, thx

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision a21ca12cce08a4cd0f95bcdb9c08fdde28023ff9

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/README.md b/README.md
2index a628656..a3fbbb0 100644
3--- a/README.md
4+++ b/README.md
5@@ -24,3 +24,8 @@ deployed Juju 2 model:
6 If you've already deployed and want to upgrade charms, run:
7
8 mojo run -m manifest-upgrade git+lp:~mojo-maintainers/mojo/+git/subordinates subordinates
9+
10+Some deployments want the userdir-ldap subordinate as well. To deploy that,
11+run the following after deploying the common subordinates above:
12+
13+ mojo run -m manifest-userdir-ldap git+lp:~mojo-maintainers/mojo/+git/subordinates subordinates
14diff --git a/bundle-userdir-ldap.yaml b/bundle-userdir-ldap.yaml
15new file mode 100644
16index 0000000..cd8e1e9
17--- /dev/null
18+++ b/bundle-userdir-ldap.yaml
19@@ -0,0 +1,7 @@
20+series: {{ series }}
21+applications:
22+ userdir-ldap:
23+ series: {{ series }}
24+ charm: cs:userdir-ldap
25+ options:
26+ apt-repo-spec: "ppa:canonical-sysadmins/ubuntu/ud-ldap"
27diff --git a/charms_to_relate.yaml b/charms_to_relate.yaml
28index 1d081d3..49b2586 100644
29--- a/charms_to_relate.yaml
30+++ b/charms_to_relate.yaml
31@@ -21,3 +21,7 @@ telegraf:
32 condition-check-output-split-fail-include: status
33 ubuntu-advantage:
34 install-everywhere: true
35+userdir-ldap:
36+ install-everywhere: true
37+ source-relation: general-info
38+ optional: true
39diff --git a/manifest-userdir-ldap b/manifest-userdir-ldap
40new file mode 100644
41index 0000000..e02a3fc
42--- /dev/null
43+++ b/manifest-userdir-ldap
44@@ -0,0 +1,7 @@
45+# Confirm the environment is in a good state before proceeding
46+include config=manifest-verify
47+## Allow `waiting` as a ready state here, because we've just deployed
48+## some subordinates, but we're not adding relations until the next step.
49+bundle config=bundle-userdir-ldap.yaml additional-ready-states=waiting
50+script config=add-relations
51+include config=manifest-verify
52diff --git a/tests/test_relations.py b/tests/test_relations.py
53index 42fef33..454e783 100644
54--- a/tests/test_relations.py
55+++ b/tests/test_relations.py
56@@ -30,7 +30,17 @@ class TestUtilsRelations(unittest.TestCase):
57 "WARNING:root:DRYRUN: would run 'juju relate telegraf:juju-info rabbitmq:juju-info'",
58 "WARNING:root:DRYRUN: would run 'juju relate ubuntu-advantage:juju-info rabbitmq:juju-info'",
59 ]
60- utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, None)
61+ utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, {})
62+ self.assertEqual(_logs.output, expected_logs)
63+ # Test with the optional userdir-ldap subordinate deployed.
64+ with self.assertLogs() as _logs:
65+ expected_logs = [
66+ "WARNING:root:DRYRUN: would run 'juju relate landscape-client:container rabbitmq:juju-info'",
67+ "WARNING:root:DRYRUN: would run 'juju relate telegraf:juju-info rabbitmq:juju-info'",
68+ "WARNING:root:DRYRUN: would run 'juju relate ubuntu-advantage:juju-info rabbitmq:juju-info'",
69+ "WARNING:root:DRYRUN: would run 'juju relate userdir-ldap:general-info rabbitmq:juju-info'",
70+ ]
71+ utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, {"userdir-ldap": {}})
72 self.assertEqual(_logs.output, expected_logs)
73 # Now test with a charm that defines specific relations.
74 applications = (('mysql', ''),)
75@@ -41,7 +51,7 @@ class TestUtilsRelations(unittest.TestCase):
76 "WARNING:root:DRYRUN: would run 'juju relate telegraf:mysql mysql:db-admin'",
77 "WARNING:root:DRYRUN: would run 'juju relate ubuntu-advantage:juju-info mysql:juju-info'",
78 ]
79- utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, None)
80+ utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, {})
81 self.assertEqual(_logs.output, expected_logs)
82 # Test if we're in a container, we shouldn't install ubuntu-advantage.
83 _deployed_to_containers.return_value = True
84@@ -52,7 +62,7 @@ class TestUtilsRelations(unittest.TestCase):
85 "WARNING:root:DRYRUN: would run 'juju relate telegraf:juju-info rabbitmq:juju-info'",
86 'WARNING:root:ubuntu-advantage is deployed in containers - skipping ubuntu-advantage',
87 ]
88- utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, None)
89+ utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, {})
90 self.assertEqual(_logs.output, expected_logs)
91 # Test already related.
92 _already_related.return_value = True
93@@ -62,7 +72,7 @@ class TestUtilsRelations(unittest.TestCase):
94 'WARNING:root:telegraf is already related to rabbitmq',
95 'WARNING:root:ubuntu-advantage is already related to rabbitmq',
96 ]
97- utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, None)
98+ utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, {})
99 self.assertEqual(_logs.output, expected_logs)
100 # Test hulk-smashed.
101 _deployed_to_containers.return_value = False
102@@ -78,5 +88,5 @@ class TestUtilsRelations(unittest.TestCase):
103 "primary",
104 "WARNING:root:DRYRUN: would run 'juju relate ubuntu-advantage:juju-info mysql:juju-info'",
105 ]
106- utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, None)
107+ utils.relations.process_charms_to_relate(args, ["juju", "relate"], applications, {})
108 self.assertEqual(_logs.output, expected_logs)
109diff --git a/utils/relations.py b/utils/relations.py
110index 7b00683..fc7b6aa 100644
111--- a/utils/relations.py
112+++ b/utils/relations.py
113@@ -14,15 +14,17 @@ def parse_charms_to_relate():
114 for item in charm_config:
115 charm_relation = {"source_application": item}
116 if "install-everywhere" in charm_config[item] and charm_config[item]["install-everywhere"]:
117- if "source-relation" in charm_config[item]:
118- charm_relation["source_relation"] = charm_config[item]["source-relation"]
119+ # Translate keys from yaml to python-friendly format.
120+ for key in ["source-relation", "optional"]:
121+ if key in charm_config[item]:
122+ charm_relation[key.replace("-", "_")] = charm_config[item][key]
123 charms_to_relate.append(charm_relation)
124 if "relations" in charm_config[item]:
125 for relation in charm_config[item]["relations"]:
126 charm_relation = {"source_application": item}
127 # Translate keys from yaml to python-friendly format.
128 for key in ["source-relation", "target-application", "target-relation", "condition-check-cmd",
129- "condition-check-output-split-fail-include"]:
130+ "condition-check-output-split-fail-include", "optional"]:
131 if key in relation:
132 charm_relation[key.replace("-", "_")] = relation[key]
133 charms_to_relate.append(charm_relation)
134@@ -54,6 +56,9 @@ def process_charms_to_relate(args, command, applications, applications_status):
135 relation_data.update(charm_to_relate)
136 if relation_data["target_application"] and relation_data["target_application"] != application:
137 continue
138+ # Skip optional charms if they are not deployed.
139+ if relation_data.get("optional") and relation_data["source_application"] not in applications_status:
140+ continue
141 # If this application is a primary charm and is on a machine that
142 # has another primary charm deployed to it, don't install telegraf.
143 if relation_data["source_application"] == "telegraf" and utils.juju.is_primary_hulk_smashed(

Subscribers

People subscribed via source and target branches

to all changes: