Merge lp:~gtrkiller/charm-haproxy/autocert_bug_fix into lp:charm-haproxy

Proposed by Franco Luciano Forneron Buschiazzo
Status: Merged
Approved by: Tom Haddon
Approved revision: 159
Merged at revision: 157
Proposed branch: lp:~gtrkiller/charm-haproxy/autocert_bug_fix
Merge into: lp:charm-haproxy
Diff against target: 74 lines (+23/-3)
1 file modified
hooks/hooks.py (+23/-3)
To merge this branch: bzr merge lp:~gtrkiller/charm-haproxy/autocert_bug_fix
Reviewer Review Type Date Requested Status
Tom Haddon Approve
Canonical IS Reviewers Pending
Review via email: mp+447213@code.launchpad.net

Commit message

bugfix #2027680

Description of the change

With this fix, the charm will now be aware if the cert files are missing and block the charm/restart haproxy accordingly.

To post a comment you must log in.
Revision history for this message
Tom Haddon (mthaddon) wrote :

Some comments inline

158. By Franco Luciano Forneron Buschiazzo

addressing comments

Revision history for this message
Tom Haddon (mthaddon) wrote :

Some comments inline. I think https://paste.ubuntu.com/p/YhywzTkF7D/ applied to this MP would address the comments, but please test to confirm it works as expected.

159. By Franco Luciano Forneron Buschiazzo

addressing comments

Revision history for this message
Tom Haddon (mthaddon) wrote :

LGTM, thx

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 157

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'hooks/hooks.py'
2--- hooks/hooks.py 2023-07-13 10:12:04 +0000
3+++ hooks/hooks.py 2023-07-20 14:32:33 +0000
4@@ -29,6 +29,7 @@
5 opened_ports,
6 close_port,
7 unit_get,
8+ status_get,
9 status_set,
10 INFO,
11 DEBUG,
12@@ -953,6 +954,9 @@
13 return None
14 elif action == "check":
15 command = ['/usr/sbin/haproxy', '-f', haproxy_config, '-c']
16+ process = subprocess.Popen(command, stdout=subprocess.DEVNULL, stderr=subprocess.PIPE)
17+ stdout, stderr = process.communicate()
18+ return process.returncode, stderr.decode()
19 else:
20 command = ['service', 'haproxy', action]
21 return_value = subprocess.call(command)
22@@ -1033,7 +1037,8 @@
23 write_metrics_cronjob(metrics_script_path,
24 metrics_cronjob_path)
25
26- if service_haproxy("check"):
27+ return_code, stderr = service_haproxy("check")
28+ if return_code == 0:
29 update_service_ports(old_service_ports, get_service_ports())
30 service_haproxy("reload")
31 if not (get_listen_stanzas() == old_stanzas):
32@@ -1043,8 +1048,13 @@
33 # XXX Ideally the config should be restored to a working state if the
34 # check fails, otherwise an inadvertent reload will cause the service
35 # to be broken.
36- log("HAProxy configuration check failed, exiting.")
37- sys.exit(1)
38+ log("The HAProxy service check failed with the following message: %s" % stderr)
39+ if "unable to stat SSL certificate from file" in stderr:
40+ log("Setting status to blocked, waiting for cert to be generated")
41+ status_set('blocked', 'Waiting for cert to be generated')
42+ sys.exit()
43+ else:
44+ sys.exit(1)
45 if config_data.changed("global_log") or config_data.changed("source"):
46 # restart rsyslog to pickup haproxy rsyslog config
47 # This could be removed once the following bug is fixed in the haproxy
48@@ -1483,6 +1493,14 @@
49
50 def assess_status():
51 '''Assess status of current unit'''
52+ check_status, error = service_haproxy("check")
53+ if check_status != 0:
54+ if "unable to stat SSL certificate from file" in error:
55+ status_set('blocked', 'Waiting for cert to be generated')
56+ return
57+ charm_status, message = status_get()
58+ if charm_status == "blocked" and check_status == 0:
59+ service_haproxy("restart")
60 if(service_haproxy("status")):
61 status_set('active', 'Unit is ready')
62 else:
63@@ -1492,6 +1510,8 @@
64 def main(hook_name):
65 if hook_name == "install":
66 install_hook()
67+ elif hook_name == "update-status":
68+ pass
69 elif hook_name == "upgrade-charm":
70 install_hook()
71 config_changed()
72
73=== added symlink 'hooks/update-status'
74=== target is './hooks.py'

Subscribers

People subscribed via source and target branches