def _check_certificates(self) -> None:
for d in self.mgr.cache.get_daemons_by_type('grafana'):
- cert = self.mgr.get_store(f'{d.hostname}/grafana_crt')
- key = self.mgr.get_store(f'{d.hostname}/grafana_key')
+ host = d.hostname
+ assert host is not None
+ cert = self.mgr.cert_key_store.get_cert('grafana_cert', host=host)
+ key = self.mgr.cert_key_store.get_key('grafana_key', host=host)
if (not cert or not cert.strip()) and (not key or not key.strip()):
# certificate/key are empty... nothing to check
return
return config_file, sorted(deps)
def prepare_certificates(self, daemon_spec: CephadmDaemonDeploySpec) -> Tuple[str, str]:
- cert_path = f'{daemon_spec.host}/grafana_crt'
- key_path = f'{daemon_spec.host}/grafana_key'
- cert = self.mgr.get_store(cert_path)
- pkey = self.mgr.get_store(key_path)
+ # TODO: move these variables to migrations
+ # cert_path = f'{daemon_spec.host}/grafana_crt'
+ # key_path = f'{daemon_spec.host}/grafana_key'
+ cert = self.mgr.cert_key_store.get_cert('grafana_cert', host=daemon_spec.host)
+ pkey = self.mgr.cert_key_store.get_key('grafana_key', host=daemon_spec.host)
certs_present = (cert and pkey)
is_valid_certificate = False
(org, cn) = (None, None)
logger.info('Regenerating cephadm self-signed grafana TLS certificates')
host_fqdn = socket.getfqdn(daemon_spec.host)
cert, pkey = create_self_signed_cert('Ceph', host_fqdn)
- self.mgr.set_store(cert_path, cert)
- self.mgr.set_store(key_path, pkey)
+ self.mgr.cert_key_store.save_cert('grafana_cert', cert, host=daemon_spec.host)
+ self.mgr.cert_key_store.save_key('grafana_key', pkey, host=daemon_spec.host)
if 'dashboard' in self.mgr.get('mgr_map')['modules']:
self.mgr.check_mon_command({
'prefix': 'dashboard set-grafana-api-ssl-verify',
"""
if daemon.hostname is not None:
# delete cert/key entires for this grafana daemon
- cert_path = f'{daemon.hostname}/grafana_crt'
- key_path = f'{daemon.hostname}/grafana_key'
- self.mgr.set_store(cert_path, None)
- self.mgr.set_store(key_path, None)
+ self.mgr.cert_key_store.rm_cert('grafana_cert', host=daemon.hostname)
+ self.mgr.cert_key_store.rm_key('grafana_key', host=daemon.hostname)
def ok_to_stop(self,
daemon_ids: List[str],
_run_cephadm.side_effect = async_side_effect(("{}", "", 0))
with with_host(cephadm_module, "test"):
- cephadm_module.set_store("test/grafana_crt", grafana_cert)
- cephadm_module.set_store("test/grafana_key", grafana_key)
+ cephadm_module.cert_key_store.save_cert('grafana_cert', grafana_cert, host='test')
+ cephadm_module.cert_key_store.save_key('grafana_key', grafana_key, host='test')
with with_service(
cephadm_module, PrometheusSpec("prometheus")
) as _, with_service(cephadm_module, ServiceSpec("mgr")) as _, with_service(
projects / ceph-ci.git / commitdiff