gss doesn't support TLS service endpoint when using internal webserver for metadata access

This looks odd - gss should push its data to swift/radosgw and register endpoints against the swift endpoint - is 10.110.126.220 the IP of the gss unit?

Is swift or radosgw deployed as part of the cloud?

The sync update process should be querying the service catalog for an object-store endpoint - as soon as this exists, the endpoint should be updated to refer to the data stored there rather than the simple webserver that gss runs.

if config:use_swift is not set to true this will not happen.

The config option use_swift is set to False. For one of the deployments we have an external ceph and no radosgw / object store.

[Expired for OpenStack glance-simplestreams-sync charm because there has been no activity for 60 days.]

I dug into exactly how much effort would be required to enable HTTPS support for the internal web server as provided by this charm and its somewhat of a non-trivial effort as currently it performs no daemon management and as such has none of the usual scaffolding in place to make this enabled a) easy or b) stable update worthy.

Considering that the charm also has no HA features and is designed as a stateless maintenance charm for synchronising images I'm also concerned about the use of the charm in this way - kinda feels like the next request would be that the charm does not support HA like the rest of the OpenStack charms.

Please reconsider the field-high subscription for this charm - this is a feature gap in the charm which I'm not entirely convinced we should even be fixing - infact maybe we should remove the 'use_swift' configuration option.

Worth noting that the Ceph RADOS Gateway is a standard part of every PCB build - so making the assumption that object storage of some sort will be present in the cloud is not an unsafe assumption.

Related fix proposed to branch: master
Review: https://review.opendev.org/742380

This bug was discussed during a recent team meeting - the locally hosted product-streams 'feature' was only ever added to reduce the amount of units required in the charm tests gates.

However we have switched all testing to rely on the presence of a swift object storage platform as part of the deployment.

The local web server option/use_swift has been deprecated for removal - see linked review.

Reviewed: https://review.opendev.org/742380
Committed: https://git.openstack.org/cgit/openstack/charm-glance-simplestreams-sync/commit/?id=25a0877228efedee21ffb2475326d2983a49690a
Submitter: Zuul
Branch: master

commit 25a0877228efedee21ffb2475326d2983a49690a
Author: James Page <email address hidden>
Date: Wed Jul 22 10:30:42 2020 +0100

    Deprecate the use_swift option

    The use_swift option was added to make testing of the charm more
    lightweight in the charm test gates.

    However tests have since been updated to make use of the Ceph
    RADOS Gateway as this is aligned to the original intent of
    the charm in production use cases.

    Deprecate this configuration option and add a note that use_swift=False
    was only ever for testing purposes and not for use in production
    clouds.

    This option will be removed in the 20.10 charm release.

    Change-Id: I6d6b2327adf0a9a49954a4cf2fd1844fbb5901cb
    Related-Bug: 1871175