feat(garm): add get-credentials action#254
Conversation
cbartz
left a comment
There was a problem hiding this comment.
LGMT. This was not planned, but seems indeed like a useful feature.
There was a problem hiding this comment.
Pull request overview
Adds a get-credentials Juju action to the garm charm to expose the admin credentials stored in the garm-admin-credentials Juju secret, along with unit/integration test coverage and a new how-to guide documenting usage.
Changes:
- Add
get-credentialsaction wiring in the charm and declare it incharmcraft.yaml. - Add unit + integration tests for the action’s success/failure behavior.
- Add a new how-to guide and link it from the docs how-to index; update
.gitignoreentries.
Reviewed changes
Copilot reviewed 6 out of 7 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
charms/garm/src/charm.py |
Observes and implements the get-credentials action handler that returns admin secret content. |
charms/garm/charmcraft.yaml |
Declares the get-credentials action. |
charms/garm/tests/unit/test_charm.py |
Adds unit tests covering action success and failure paths. |
charms/tests/integration/test_garm.py |
Adds an integration test that runs the action and validates returned fields. |
docs/how-to/retrieve-garm-credentials.md |
Adds a how-to guide describing how to run the action and interpret output. |
docs/how-to/index.rst |
Adds the new how-to page to the toctree. |
.gitignore |
Fixes .vscode/ ignore entry and adds .worktrees/. |
| GarmCharm._on_get_credentials_action(charm, event) | ||
|
|
||
| event.set_results.assert_called_once_with(credentials) | ||
| event.fail.assert_not_called() |
There was a problem hiding this comment.
can we add assertion that the credentials returned is as expected
There was a problem hiding this comment.
It's what the event.set_results.assert_called_once_with(credentials) is doing. Since we're mocking the event and not using scenario we don't have a way to actually get the output ( the hook methods always return None )
There was a problem hiding this comment.
i see, is there a reason why we cannot use scenario? ideally it's better to test the state, not interaction
There was a problem hiding this comment.
No particular reason aside from that I like to keep tests simple if it's only a single method. And using scenario we'd still only call the hook method so it's a bit more overhead. But I can switch to scenario if needed, wdyt?
Head branch was pushed to by a user without write access
…n charmcraft.yaml
Co-authored-by: Erin Conley <erin.conley@canonical.com>
Co-authored-by: Erin Conley <erin.conley@canonical.com>
yhaliaw
left a comment
There was a problem hiding this comment.
Posting three minor findings from a code review pass — all cosmetic/convention issues, none blocking.
| """ | ||
| arrange: Admin credentials secret exists and contains valid content. | ||
| act: Call _on_get_credentials_action(). | ||
| """ |
There was a problem hiding this comment.
This docstring is missing its assert: section — it only has arrange:/act:, while the test body performs two assertions. The sibling test added in the same commit (test_get_credentials_action_fails_when_credentials_unavailable) includes all three sections, as does every other test in this file.
Suggestion:
| """ | |
| assert: event.set_results is called once with the credentials dict and | |
| event.fail is not called. | |
| """ |
| event.fail.assert_called_once() | ||
| fail_message = event.fail.call_args[0][0] | ||
| assert "not yet available" in fail_message | ||
| event.set_results.assert_not_called() |
There was a problem hiding this comment.
There are zero blank lines between the end of this test and the next top-level def test_reconcile_scalesets_skips_when_no_admin_credentials(): — PEP 8 / ruff E302 expects two. This won't fail CI (this charm's tox -e lint only checks src, not tests/), but it will get reformatted the next time someone runs tox -e fmt, producing unrelated churn in a future PR.
| event.set_results.assert_not_called() | |
| event.set_results.assert_not_called() | |
Summary
get-credentialsJuju action to the GARM charm, exposing the admin credentials stored in thegarm-admin-credentialsJuju secret to the operatorUsage