Lego Base K8S

  • Canonical Telco
Channel Revision Published Runs on
latest/edge 88 29 Jul 2024
Ubuntu 22.04 Ubuntu 20.04
juju deploy lego-base-k8s --channel edge
Show information

Learn to deploy on juju >

Platform:

Ubuntu
22.04 20.04

charms.lego_base_k8s.v0.lego_client

lego_client Library.

This library is designed to enable developers to easily create new charms for the ACME protocol. This library contains all the logic necessary to get certificates from an ACME server.

Getting Started

To get started using the library, you need to fetch the library using charmcraft.

charmcraft fetch-lib charms.lego_client_operator.v0.lego_client

You will also need the following libraries:

charmcraft fetch-lib charms.tls_certificates_interface.v3.tls_certificates
charmcraft fetch-lib charms.certificate_transfer_interface.v1.certificate_transfer
charmcraft fetch-lib charms.loki_k8s.v1.loki_push_api

You will also need to add the following library to the charm's requirements.txt file:

  • jsonschema
  • cryptography
  • cosl

Then, to use the library in an example charm, you can do the following:

from charms.lego_client_operator.v0.lego_client import AcmeClient
from ops.main import main
class ExampleAcmeCharm(AcmeClient):
    def __init__(self, *args):
        super().__init__(*args, plugin="namecheap")
        self._server = "https://acme-staging-v02.api.letsencrypt.org/directory"

    def _validate_plugin_config(self) -> str:
        if not self._api_key:
            return "API key was not provided"
        return ""

    @property
    def _plugin_config(self):
        return {}

Charms using this library are expected to:

  • Inherit from AcmeClient
  • Call super().__init__(*args, plugin="") with the lego plugin name
  • Observe ConfigChanged to a method called _on_config_changed
  • Implement the _validate_plugin_config method, it should validate the plugin specific configuration, returning a string with an error message if the plugin specific configuration is invalid, otherwise an empty string.
  • Implement the _plugin_config property, returning a dictionary of its specific configuration. Keys must be capitalized and follow the plugins documentation from lego.
  • Specify a certificates integration in their metadata.yaml file:
provides:
  certificates:
    interface: tls-certificates
  send-ca-cert:
    interface: certificate_transfer
  • Specify a logging integration in their metadata.yaml file:
requires:
  logging:
    interface: loki_push_api

Index

class AcmeClient

Base charm for charms that use the ACME protocol to get certificates.

Description

This charm implements the tls_certificates interface as a provider.

Methods

AcmeClient. __init__( self )

AcmeClient. validate_generic_acme_config( self )

Validate generic ACME config.

Returns

def get_env_var(env_var: str)

Get the environment variable value.

Arguments

env_var

Name of the environment variable.

Returns

Value of the environment variable. None if not found.

Description

Looks for all upper-case and all low-case of the env_var.