Merge pull request #832 from juju/bug/2028683/stable/train
[stable/train] Ensure get_requests_for_local_unit doesn't fail on incomplete relation (#824)
7c437ce...
by
Alex Kavanagh <email address hidden>
[stable/train] Ensure get_requests_for_local_unit doesn't fail on incomplete relation (#824)
If the certificates relation has been set from a consuming charm for
certificates, but the provider hasn't supplied a certificate, and the
request is in the 'legacy' form, then the get_request_for_local_unit()
function in cert_utils fails on accessing the (non-existant) 'ca'
parameter in the databag. This patch ensures that if the 'ca' key is
missing that the processing moves on to the next relation.
The tls-certificates interface supports two ways of requesting
certs and openstack.cert_utils needs to support both when checking
if certificates are ready to be used. Without this it will never
declare certificates as ready if they were requested with the
old/legacy method.
Closes-Bug: #2022980
(cherry picked from commit 58097330bd15cfd7b539481c55718c6cee8ca124)
Update method for checking endpoint protocol (#769) (#775)
Update method for checking endpoint protocol
The `https` method is used to check if an endpoint is expected to
be http or https. One of the checks it performs is to examine the
the certificates relation. If the relation is present then it looks
for the existance of a CA. However the OpenStack charms do not
switch to https until a certificate is provided via the certificates
relation. This means there can be a disconnect if the
certificate provider has provided a CA but has not yet provided
the unit specific certificates. If this happens then the payload
will still be using http but the `https` method will return True.
This patch updates the `https` method to return False if an unfilled
certificate request exists.
(cherry picked from commit 6064a34627882d1c8acf74644c48d05db67ee3b4)
Co-authored-by: Liam Young <email address hidden>
(cherry picked from commit ed01437357921a95f2dedcff1ec50ae68ef46a53)
Charm-helpers has stable git branches that need to run the CI (github
actions workflow) too.
(cherry picked from commit b26627541bfb62e5f5a1e747715b315b835e3d88)
* Update Makefile to be consistent with CI (#777)
Also remove python3.5 from the CI build,
because that is no longer supported in charm-helpers,
and use a supported runs-on ubuntu version for github CI.
(cherry picked from commit 59f134b7d8b0b918ac71cbac8aa641e21babbdee)
* Pep8 fixes.
(cherry picked from commit a085ade940264a774716e43aae2c8327f26526ad)
* Pin dnspython to sensible versions
* Use yaml.safe_load()
---------
Co-authored-by: Samuel Walladge <email address hidden>
e67d825...
by
Luciano Lo Giudice <email address hidden>
Make ows_check_services_running() public (#658) (#758)
