Ceph OSD Charm

Unclear type of key needed on 'key' charm setting

Bug #1942605 reported by David Negreira on 2021-09-03

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Ceph OSD Charm	Fix Released	Undecided	Unassigned	Ceph OSD Charm 21.10

Bug Description

When one goes through the charm config.yaml, it is unclear the type of key necessary for the 'key' setting, one has to go through the source code to find which type of key is supported.
This bug is raised in order to bring more visibility to users who want to know what type of key is supported.
As per `hooks/charmhelpers/fetch/ubuntu.py` currently:

def import_key(key):
"""Import an ASCII Armor key.

    A Radix64 format keyid is also supported for backwards
    compatibility. In this case Ubuntu keyserver will be
    queried for a key via HTTPS by its keyid. This method
    is less preferrable because https proxy servers may
    require traffic decryption which is equivalent to a
    man-in-the-middle attack (a proxy server impersonates
    keyserver TLS certificates and has to be explicitly
    trusted by the system).

    :param key: A GPG key in ASCII armor format,
                  including BEGIN and END markers or a keyid.
    :type key: (bytes, str)
    :raises: GPGKeyError if the key could not be imported
    """

I believe the 'param' describes what we want to put on config.yaml for better visibility.

OpenStack Infra (hudson-openstack) on 2021-09-03

Changed in charm-ceph-osd:
status:	New → In Progress

Revision history for this message

Felipe Reyes (freyes) wrote on 2021-09-07:

Reactive charms will carry this description provided by the 'apt' layer - https://git.launchpad.net/layer-apt/tree/config.yaml#n22

Revision history for this message

Alex Kavanagh (ajkavanagh) wrote on 2021-09-11:

> Reactive charms will carry this description provided by the 'apt' layer - https://git.launchpad.net/layer-apt/tree/config.yaml#n22

Note for OpenStack reactive charms: they don't use this layer as they use the charms.openstack library instead which uses layer-openstack and layer-openstack-* layers which provide the apt functionality from charm-helpers.

The ceph-osd charm is a 'classic' charm, in that it doesn't use the reactive framework, and uses charm-helpers 'vendored-in' to the charm via the charm_helpers_sync.py utility (see the Makefile in classic OpenStack charms).

Billy Olsen (billy-olsen) on 2021-10-06

Changed in charm-ceph-osd:
milestone:	none → 21.10

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2021-10-06: Fix merged to charm-ceph-osd (master)

Reviewed: https://review.opendev.org/c/openstack/charm-ceph-osd/+/807311
Committed: https://opendev.org/openstack/charm-ceph-osd/commit/13cc2411e3130726815ef1f94f26763459c450b1
Submitter: "Zuul (22348)"
Branch: master

commit 13cc2411e3130726815ef1f94f26763459c450b1
Author: David Negreira <email address hidden>
Date: Fri Sep 3 14:41:30 2021 +0200

Add accepted formats on 'key' configuration

Add a bit more information on config.yaml about the type of keys
that can be passed as a parameter to the 'key' configuration.

    Signed-off-by: David Negreira <email address hidden>
    Change-Id: Ieeb0f598ca9a7188f81619c2b4fe88af14f260fd
    Closes-Bug: #1942605

Changed in charm-ceph-osd:
status:	In Progress → Fix Committed

Alex Kavanagh (ajkavanagh) on 2021-10-22

Changed in charm-ceph-osd:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.