Certificate Transfer Interface

  • Canonical Telco
Channel Revision Published Runs on
latest/edge 83 Yesterday
Ubuntu 22.04
juju deploy certificate-transfer-interface --channel edge
Show information

Platform:

Ubuntu
22.04

charms.certificate_transfer_interface.v0.certificate_transfer

Library for the certificate_transfer relation.

This library contains the Requires and Provides classes for handling the ertificate-transfer interface.

Getting Started

From a charm directory, fetch the library using charmcraft:

charmcraft fetch-lib charms.certificate_transfer_interface.v0.certificate_transfer
Provider charm

The provider charm is the charm providing public certificates to another charm that requires them.

Example:

from ops.charm import CharmBase, RelationJoinedEvent
from ops.main import main

from lib.charms.certificate_transfer_interface.v0.certificate_transfer import(
    CertificateTransferProvides,
)


class DummyCertificateTransferProviderCharm(CharmBase):
    def __init__(self, *args):
        super().__init__(*args)
        self.certificate_transfer = CertificateTransferProvides(self, "certificates")
        self.framework.observe(
            self.on.certificates_relation_joined, self._on_certificates_relation_joined
        )

    def _on_certificates_relation_joined(self, event: RelationJoinedEvent):
        certificate = "my certificate"
        ca = "my CA certificate"
        chain = ["certificate 1", "certificate 2"]
        self.certificate_transfer.set_certificate(
            certificate=certificate, ca=ca, chain=chain, relation_id=event.relation.id
        )


if __name__ == "__main__":
    main(DummyCertificateTransferProviderCharm)
Requirer charm

The requirer charm is the charm requiring certificates from another charm that provides them.

Example:


from ops.charm import CharmBase
from ops.main import main

from lib.charms.certificate_transfer_interface.v0.certificate_transfer import (
    CertificateAvailableEvent,
    CertificateRemovedEvent,
    CertificateTransferRequires,
)


class DummyCertificateTransferRequirerCharm(CharmBase):
    def __init__(self, *args):
        super().__init__(*args)
        self.certificate_transfer = CertificateTransferRequires(self, "certificates")
        self.framework.observe(
            self.certificate_transfer.on.certificate_available, self._on_certificate_available
        )
        self.framework.observe(
            self.certificate_transfer.on.certificate_removed, self._on_certificate_removed
        )

    def _on_certificate_available(self, event: CertificateAvailableEvent):
        print(event.certificate)
        print(event.ca)
        print(event.chain)
        print(event.relation_id)

    def _on_certificate_removed(self, event: CertificateRemovedEvent):
        print(event.relation_id)


if __name__ == "__main__":
    main(DummyCertificateTransferRequirerCharm)

You can relate both charms by running:

juju relate <certificate_transfer provider charm> <certificate_transfer requirer charm>

class CertificateAvailableEvent

Description

Charm Event triggered when a TLS certificate is available. None

Methods

CertificateAvailableEvent. __init__( self , handle: Handle , certificate: str , ca: str , chain , relation_id: int )

CertificateAvailableEvent. snapshot( self )

Description

Return snapshot. None

CertificateAvailableEvent. restore( self , snapshot: dict )

Description

Restores snapshot. None

class CertificateRemovedEvent

Description

Charm Event triggered when a TLS certificate is removed. None

Methods

CertificateRemovedEvent. __init__( self , handle: Handle , relation_id: int )

CertificateRemovedEvent. snapshot( self )

Description

Return snapshot. None

CertificateRemovedEvent. restore( self , snapshot: dict )

Description

Restores snapshot. None

class CertificateTransferRequirerCharmEvents

Description

List of events that the Certificate Transfer requirer charm can leverage. None

class CertificateTransferProvides

Description

Certificate Transfer provider class. None

Methods

CertificateTransferProvides. __init__( self , charm: CharmBase , relationship_name: str )

CertificateTransferProvides. set_certificate( self , certificate: str , ca: str , chain , relation_id: int )

Add certificates to relation data.

Arguments

certificate (str)

Certificate

ca (str)

CA Certificate

chain (list)

CA Chain

relation_id (int)

Juju relation ID

Returns

None

CertificateTransferProvides. remove_certificate( self , relation_id: int )

Remove a given certificate from relation data.

Arguments

relation_id (int)

Relation ID

Returns

None

class CertificateTransferRequires

Description

TLS certificates requirer class to be instantiated by TLS certificates requirers. None

Methods

CertificateTransferRequires. __init__( self , charm: CharmBase , relationship_name: str )

Generates/use private key and observes relation changed event.

Arguments

charm

Charm object

relationship_name

Juju relation name