Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix cleanup on relation broken #85

Merged
merged 2 commits into from
Apr 26, 2024
Merged

Fix cleanup on relation broken #85

merged 2 commits into from
Apr 26, 2024

Conversation

PietroPasotti
Copy link
Contributor

@PietroPasotti PietroPasotti commented Apr 26, 2024
edited
Loading

Might fix canonical/traefik-k8s-operator#340

We need to discuss this a bit though, might want to test some more.

Manual test instructions:

juju deploy traefik-k8s --channel edge traefik
juju deploy self-signed-certificates --channel edge ssc
juju relate traefik:certificates ssc

# OK: 
curl https://<traefik APP IP> --insecure -v  # 404

juju remove-application ssc

juju deploy self-signed-certificates --channel edge ssc2
juju relate traefik:certificates ssc2

# ERROR
curl https://<traefik APP IP> --insecure -v  # ERROR error:0A000458:SSL routines::tlsv1 unrecognized name

# replace the lib

juju scp lib/charms/observability_libs/v1/cert_handler.py traefik/0:/var/lib/juju/agents/unit-traefik-0/charm/lib/charms/observability_libs/v1/cert_handler.py

juju remove-application ssc2

juju deploy self-signed-certificates --channel edge ssc3
juju relate traefik:certificates ssc3

# OK: 
curl https://<traefik APP IP> --insecure -v  # 404

@PietroPasotti PietroPasotti mentioned this pull request Apr 26, 2024
Closed
Abuelodelanada
Abuelodelanada previously approved these changes Apr 26, 2024
View reviewed changes
Abuelodelanada
Abuelodelanada reviewed Apr 26, 2024
View reviewed changes
Copy link
Contributor

@Abuelodelanada Abuelodelanada left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In the second check I'm getting:

$ curl https://192.168.1.250 --insecure -v                                                                                             35 ↵
*   Trying 192.168.1.250:443...
* Connected to 192.168.1.250 (192.168.1.250) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Unknown (21):
* TLSv1.3 (IN), TLS alert, unrecognized name (624):
* error:0A000458:SSL routines::tlsv1 unrecognized name
* Closing connection 0
curl: (35) error:0A000458:SSL routines::tlsv1 unrecognized name

@PietroPasotti PietroPasotti merged commit ec5b5ee into main Apr 26, 2024
13 checks passed
@PietroPasotti PietroPasotti deleted the fix-cleanup-on-relation-broken branch April 26, 2024 14:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Abuelodelanada Abuelodelanada Abuelodelanada approved these changes

@dstathis dstathis Awaiting requested review from dstathis

@IbraAoad IbraAoad Awaiting requested review from IbraAoad

@lucabello lucabello Awaiting requested review from lucabello

@mmkay mmkay Awaiting requested review from mmkay

@sed-i sed-i Awaiting requested review from sed-i

@simskij simskij Awaiting requested review from simskij

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Traefik unable to push certificate
2 participants
@PietroPasotti @Abuelodelanada