Kubernetes Control Plane Charm

keystone-ssl-ca config option should override keystone-credentials:ca_cert relation data

Bug #1954838 reported by Adam Dyess on 2021-12-14

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	Kubernetes Control Plane Charm	New	Undecided	Unassigned

Bug Description

keystone-ssl-ca config option appropriately defaults to empty
https://github.com/charmed-kubernetes/charm-kubernetes-master/blob/master/config.yaml#L268-L273

If this option is not empty, and keystone is related via the keystone-credentials relation, the charm should attempt to use the ca_cert option from the relation's endpoint.

1) use the configured value
2) use the relation value from keystone-credentials endpoint if available
See definition of relation: https://github.com/openstack/charm-interface-keystone-credentials/blob/53e93b8820899f2251d207ed5d5c3b212ceb64de/requires.py#L20-L35 >
3) Remain empty and assume that keystone is rooted in a public cert

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.