Merge pull request #51 from gnuoy/support-user-supplied-ca

Support passing a CA to ldap plugin
canonical · Oct 31, 2023 · 0a54b39 · 0a54b39
2 parents 68d7e9e + e5a74c7
commit 0a54b39
Showing 1 changed file with 21 additions and 10 deletions.
diff --git a/sunbeam-python/sunbeam/plugins/ldap/plugin.py b/sunbeam-python/sunbeam/plugins/ldap/plugin.py
@@ -162,8 +162,11 @@ def run(self, status: Optional[Status] = None) -> Result:
             tfvars = read_config(self.client, config_key)
         except ConfigItemNotFoundException:
             tfvars = {}
-        if tfvars["ldap-apps"].get(self.charm_config["domain-name"]):
-            tfvars["ldap-apps"][self.charm_config["domain-name"]] = self.charm_config
+        config = tfvars["ldap-apps"].get(self.charm_config["domain-name"])
+        if config:
+            for k in config.keys():
+                if self.charm_config.get(k):
+                    config[k] = self.charm_config[k]
         else:
             return Result(ResultType.FAILED, "Domain not found")
 
@@ -327,10 +330,16 @@ def add_domain(
         """Add LDAP backed domain."""
         with Path(domain_config_file).open(mode="r") as f:
             content = yaml.safe_load(f)
+        if ca_cert_file:
+            with Path(ca_cert_file).open(mode="r") as f:
+                ca = f.read()
+        else:
+            ca = ""
+        data_location = self.snap.paths.user_data
         charm_config = {
             "ldap-config-flags": json.dumps(content),
             "domain-name": domain_name,
-            "tls-ca-ldap": "",
+            "tls-ca-ldap": ca,
         }
         data_location = self.snap.paths.user_data
         tfhelper = TerraformHelper(
@@ -368,13 +377,15 @@ def update_domain(
         self, ca_cert_file: str, domain_config_file: str, domain_name: str
     ) -> None:
         """Add LDAP backed domain."""
-        with Path(domain_config_file).open(mode="r") as f:
-            content = yaml.safe_load(f)
-        charm_config = {
-            "ldap-config-flags": json.dumps(content),
-            "domain-name": domain_name,
-            "tls-ca-ldap": "",
-        }
+        charm_config = {"domain-name": domain_name}
+        if domain_config_file:
+            with Path(domain_config_file).open(mode="r") as f:
+                content = yaml.safe_load(f)
+            charm_config["ldap-config-flags"] = json.dumps(content)
+        if ca_cert_file:
+            with Path(ca_cert_file).open(mode="r") as f:
+                ca = f.read()
+            charm_config["tls-ca-ldap"] = ca
         data_location = self.snap.paths.user_data
         tfhelper = TerraformHelper(
             path=self.snap.paths.user_common / "etc" / f"deploy-{self.tfplan}",