This was a bit of a research project. I don't want to keep compounding fixes on fixes. So I would like to put the brakes on stable back-ports until we are all in agreement.
This is continued fallout from the keystone_juju_ca_cert.crt to vault_juju_ca_cert.crt rename which I believe began with [0] for CH and [1] for NCC.
Frode then filed LP Bug#1911902 [2] and a fix in [3]. Now Aurelien is working on Vladamir's LP Bug#1915504 [4] with a refactor out of NCC [5] into charm-helpers [6].
I got involved when requested to review the stable back port [7] and [8]. Which is where I am calling stop the line. Where [5] and [6] might be fine for master, [7] and [8] represents a lot of change for a back-port including a "refactor."
Questions:
NCC will not be the last charm that needs to determine its CA from config or the certificates relation, is [6] a generic enough and robust enough solution? For example, I don't quite understand the ca_cert_absolute_path taking in the basename with out extension.
Rather than back porting a refactor, can we use a simpler fix for stable? A potential 2 line change for stable NCC is [9].
This was a bit of a research project. I don't want to keep compounding fixes on fixes. So I would like to put the brakes on stable back-ports until we are all in agreement.
This is continued fallout from the keystone_ juju_ca_ cert.crt to vault_juju_ ca_cert. crt rename which I believe began with [0] for CH and [1] for NCC.
Frode then filed LP Bug#1911902 [2] and a fix in [3]. Now Aurelien is working on Vladamir's LP Bug#1915504 [4] with a refactor out of NCC [5] into charm-helpers [6].
I got involved when requested to review the stable back port [7] and [8]. Which is where I am calling stop the line. Where [5] and [6] might be fine for master, [7] and [8] represents a lot of change for a back-port including a "refactor."
Questions:
NCC will not be the last charm that needs to determine its CA from config or the certificates relation, is [6] a generic enough and robust enough solution? For example, I don't quite understand the ca_cert_ absolute_ path taking in the basename with out extension.
Rather than back porting a refactor, can we use a simpler fix for stable? A potential 2 line change for stable NCC is [9].
[0] https:/ /github. com/juju/ charm-helpers/ commit/ a3a8ce071fa3d49 d7c7d2cadad2a51 ddc9ed4efe /github. com/openstack/ charm-nova- cloud-controlle r/commit/ f4e3c8f21cc5f32 41d61547c9dbb9f 6ee4969d60 /bugs.launchpad .net/charm- nova-compute/ +bug/1911902 /review. opendev. org/c/openstack /charm- nova-cloud- controller/ +/770938 /bugs.launchpad .net/charm- nova-cloud- controller/ +bug/1915504 /review. opendev. org/c/openstack /charm- nova-cloud- controller/ +/775602 /github. com/juju/ charm-helpers/ pull/570 /review. opendev. org/c/openstack /charm- nova-cloud- controller/ +/775900 /github. com/juju/ charm-helpers/ pull/571 /pastebin. ubuntu. com/p/k3fRNNkPm G/
[1] https:/
[2] https:/
[3] https:/
[4] https:/
[5] https:/
[6] https:/
[7] https:/
[8] https:/
[9] https:/