wordpress-charmers team mailing list archive
-
wordpress-charmers team
-
Mailing list archive
-
Message #00568
[Merge] ~mthaddon/charm-k8s-wordpress/+git/charm-k8s-wordpress:optional-tls into charm-k8s-wordpress:master
Tom Haddon has proposed merging ~mthaddon/charm-k8s-wordpress/+git/charm-k8s-wordpress:optional-tls into charm-k8s-wordpress:master.
Commit message:
Make tls_secret_name optional to avoid one step in local dev setup
Requested reviews:
Wordpress Charmers (wordpress-charmers)
For more details, see:
https://code.launchpad.net/~mthaddon/charm-k8s-wordpress/+git/charm-k8s-wordpress/+merge/396062
Make tls_secret_name optional to avoid one step in local dev setup.
This will mean we don't have to create a TLS cert to use locally. Will propose doc updates separately, as we have some in flight MPs that are making invasive changes to the README.
--
Your team Wordpress Charmers is requested to review the proposed merge of ~mthaddon/charm-k8s-wordpress/+git/charm-k8s-wordpress:optional-tls into charm-k8s-wordpress:master.
diff --git a/src/charm.py b/src/charm.py
index edade47..9d00649 100755
--- a/src/charm.py
+++ b/src/charm.py
@@ -201,18 +201,23 @@ class WordpressCharm(CharmBase):
},
}
],
- "tls": [
- {
- "hosts": [self.model.config["blog_hostname"]],
- "secretName": self.model.config["tls_secret_name"],
- }
- ],
},
}
]
},
}
+ ingress = resources["kubernetesResources"]["ingressResources"][0]
+ if self.model.config["tls_secret_name"]:
+ ingress["spec"]["tls"] = [
+ {
+ "hosts": [self.model.config["blog_hostname"]],
+ "secretName": self.model.config["tls_secret_name"],
+ }
+ ]
+ else:
+ ingress["annotations"]['nginx.ingress.kubernetes.io/ssl-redirect'] = 'false'
+
out = io.StringIO()
pprint(resources, out)
logger.info("This is the Kubernetes Pod resources <<EOM\n{}\nEOM".format(out.getvalue()))
@@ -264,7 +269,7 @@ class WordpressCharm(CharmBase):
self.model.unit.status = BlockedStatus("Missing initial_settings")
is_valid = False
- want = ("image", "db_host", "db_name", "db_user", "db_password", "tls_secret_name")
+ want = ("image", "db_host", "db_name", "db_user", "db_password")
missing = [k for k in want if config[k].rstrip() == ""]
if missing:
message = "Missing required config: {}".format(" ".join(missing))
diff --git a/tests/unit/test_charm.py b/tests/unit/test_charm.py
index 1840a4c..88eecfc 100644
--- a/tests/unit/test_charm.py
+++ b/tests/unit/test_charm.py
@@ -39,7 +39,7 @@ class TestWordpressCharm(unittest.TestCase):
# Test for invalid model config.
want_msg_fmt = "Missing required config: {}"
- want_keys = ("image", "db_host", "db_name", "db_user", "db_password", "tls_secret_name")
+ want_keys = ("image", "db_host", "db_name", "db_user", "db_password")
for wanted_key in want_keys:
self.harness.update_config({wanted_key: ""})
want_false = self.harness.charm.is_valid_config()
@@ -124,3 +124,36 @@ class TestWordpressCharm(unittest.TestCase):
}
}
self.assertEqual(self.harness.charm.make_pod_resources(), expected)
+
+ # And now test with no tls config.
+ self.harness.update_config({"tls_secret_name": ""})
+ expected = {
+ 'kubernetesResources': {
+ 'ingressResources': [
+ {
+ "annotations": {
+ "nginx.ingress.kubernetes.io/proxy-body-size": "10m",
+ "nginx.ingress.kubernetes.io/proxy-send-timeout": "300s",
+ "nginx.ingress.kubernetes.io/ssl-redirect": "false",
+ },
+ 'name': ingress_name,
+ 'spec': {
+ 'rules': [
+ {
+ 'host': 'blog.example.com',
+ 'http': {
+ 'paths': [
+ {
+ 'path': '/',
+ 'backend': {'serviceName': 'wordpress', 'servicePort': 80},
+ }
+ ]
+ },
+ }
+ ],
+ },
+ }
+ ]
+ }
+ }
+ self.assertEqual(self.harness.charm.make_pod_resources(), expected)
Follow ups
