leader-get decodes using json, but leader-set just sets the keys. This
wasn't taken into consideration when fetching all the keys to filter for
cached keys when a relation is leaving. This is resolved in this patch.
This cache is used to store certificates and keys
issued by the leader unit. Non-leader units read
these certificates and keep data in their
"tls-certificates" relations up to date.
This ensures that charm units that receive certs
from vault can read from relation data of any
vault unit and receive correct data.
This patch is mostly the same as
I18aa6c9193379ea454851b6f60a8f331ef88a980
but improved to avoid LP#1896542 by removing
the section where a certificate can be reused
from cache during create_certs.
Revert "Implement cert cache for vault units (v3)"
This reverts commit acabfa31a7d6dbef20e6a3b5110141dad57cac7c.
Reason for revert:
Reason for revert:
The bug in [1] caused all the yoga tests to fail in integration testing. Testing with a version of the charm without this commit allowed tests to complete. Thus reverting this until a more complete solution can be found to the original bug(s) [2..4]
This cache is used to store certificates and keys
issued by the leader unit. Non-leader units read
these certificates and keep data in their
"tls-certificates" relations up to date.
This ensures that charm units that receive certs
from vault can read from relation data of any
vault unit and receive correct data.
This patch is mostly the same as
f55055b8783ca6f3f569209b4f82285377f5ac64
but improved to avoid LP#1983269 by breaking
down the cert cache into separate key-value pairs
for each remote unit and avoiding a race-condition
caused by get-csr action. Instead of using
leader-settings, this patch is now using
application data bag provided by a new vault-ha
relation implementation.
Tox 4.0.0 was recently released and it has several breaking changes.
We pin to < 4.0.0 here. We are planning to move forward only on the
master charm branches.
Tox is also pinned to < 4.0.0 for stable branches in upstream
openstack-zuul-jobs as well as in zosci-config. However, the
requires= section in the charm's tox.ini file ends up installing
tox>4, wiping out the zuul-pinned tox<4 that was already installed
installed. This patch fixes that.
Additional changes included in this patch:
- Add bindep.txt to install standard binary dependencies.
- Switch charm-tools to 2.8.4 to remove ruamel requirement that
doesn't work on Python 3.10.