openstack/sunbeam-charms
Code Issues Proposed changes

Fix trusted dashboard relation

Browse Source 
This change has a number of fixes:

* Do not call clear() in relation broken hook. This can lead to access
denied error given that in relation broken we no longer have access to
the data bag
* Set the trusted dashboard URL regardless of whether or not the remote
end sets any provider. There is no reason to condition the availability
of trusted dashboard on the availability of federated providers.
* Account for the case when TLS is enabled after providers are added and
update the dashboard url.

Change-Id: I4102b2c12fcbf2fe19a29cf57bc369f15fa451d2
Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
This commit is contained in:
Gabriel Adrian Samfira
2025-07-18 19:08:50 +03:00
parent 0cad423b7e
commit 174a204359
3 changed files with 6 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
charms/horizon-k8s/lib/charms/horizon_k8s/v0/trusted_dashboard.py
View File

@@ -308,7 +308,6 @@ class TrustedDashboardRequirer(Object):
"""Handle relation broken event.""" """Handle relation broken event."""
logger.info("Relation broken, clearing federated providers.") logger.info("Relation broken, clearing federated providers.")
event.relation.data[event.app].clear()
self.on.dashboard_changed.emit(trusted_dashboard="") self.on.dashboard_changed.emit(trusted_dashboard="")
def get_trusted_dashboard(self, relation_id: Optional[int] = None) -> Optional[str]: def get_trusted_dashboard(self, relation_id: Optional[int] = None) -> Optional[str]:

13
charms/horizon-k8s/src/charm.py
View File

@@ -214,14 +214,8 @@ class HorizonOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
if not self.model.unit.is_leader(): if not self.model.unit.is_leader():
return return
fid_providers = event.fid_providers # Set the trusted dashboard URL regardless of whether or not the
if not fid_providers: # requirer sets FID providers.
logger.debug("No FID providers found, skipping update.")
return
logger.debug(
"Setting trusted dashboard provider info: %s", fid_providers
)
self.trusted_dashboard.set_provider_info( self.trusted_dashboard.set_provider_info(
trusted_dashboard=self._websso_url trusted_dashboard=self._websso_url
) )
@@ -299,6 +293,9 @@ class HorizonOperatorCharm(sunbeam_charm.OSBaseOperatorAPICharm):
"""Configure charm services.""" """Configure charm services."""
super().configure_charm(event) super().configure_charm(event)
if self.bootstrapped(): if self.bootstrapped():
# Handle the case where TLS is enabled/external hostname is changed
# and we need to update the trusted dashboard URL in keystone.
self._on_trusted_dashboard_providers_changed(event)
self.status.set(ops.model.ActiveStatus("")) self.status.set(ops.model.ActiveStatus(""))
if self.model.unit.is_leader(): if self.model.unit.is_leader():
if self.ingress_public.url: if self.ingress_public.url:

3
charms/keystone-k8s/src/charm.py
View File

@@ -673,8 +673,7 @@ class TrustedDashboardRequiresHandler(sunbeam_rhandlers.RelationHandler):
) )
def _on_trusted_dashboard(self, event): def _on_trusted_dashboard(self, event):
if self.interface.get_trusted_dashboard(): self.callback_f(event)
self.callback_f(event)
def context(self): def context(self):
"""Configuration context.""" """Configuration context."""