It looks like both the tls-certificates-operator charm and the self-signed-certificates operator charm can generate self-signed certificates? Wouldn’t it be better to have just one charm that can do this and another than that be configured with certificates? Seems like it could be a little confusing for operators otherwise about which charm they should use in what circumstances.
Hi @mthaddon, the TLS Certificates Operator does not support self-signed certificates in its edge and beta channels and we will soon promote this behaviour to stable. We do have a legacy track that still contains this same behaviour because it is needed by the Data Platform team. As soon as they move over we’ll get rid of this track as well.
1 Like
Cool, thanks for the explanation
I agree, it makes a lot of sense, will update the description.
manual-tls-certificates
| Review item | Objective | Review criteria | Notes |
|---|---|---|---|
| Intended functionality | Despite all the items for publication readiness, the charm must work. | Charm does what it is meant to do - ideally done in a demo. | PASSED |
| Charmhub.io charm detail page | A complete and consistent appearance of the charm is required for a quality impression of the charm collection. | The overall appearance looks good, which means: * The name complies with the naming guidelines. * The publisher is identified. * The links are provided. * The documentation looks reasonable. | PASSED |
| Source repository | Generally, the source code for charms must be accessible by the community for transparency and collaboration. | It is not entirely mandatory to have the charm published as OSS for review, but the repository must be accessible from the persons working on the review request. | PASSED |
| Coding conventions | The source code of the charm is accessible in the sense of approachability. Consistent source code style and formatting are also considered a sign of being committed to quality. | The implemented checks for coding conventions are reasonable and implemented in the regular CI/CD implementation. | PASSED |
| Release automation implementation | An implementation for automated releasing to charmhub.io improves the ability to provide updates covering vulnerabilities quickly. | Release automation for unstable channels to enable testing when new versions of the charm code or the workload become available. | PASSED |
| Unit tests implementation | In particular, for the charms review, assuring a reasonable test suite is essential to allow for automated releases in future. | The unit tests show relevant coverage. It is a case-dependent review.At the time of review, the test runs successfully. | PASSED |
| Unit tests results | Availability of test results is mandatory for a working collaborative project. | URL to test results from CI/CD automation. | PASSED |
| Installation test implemented (could be part of the integration test) | In particular, for the charm review, assuring a reasonable test suite is essential to allow for automated releases in future. With this test, for every build, it is ensured that the installation is successful. | An implementation for checking the installation is present. The implementation should also check for successful installation as part of the automation, and the workload behaves as expected. At the time of review, the test runs successfully. | PASSED |
| Installation test results | Availability of test results is mandatory for a working collaborative project. | URL to test results from CI/CD automation. | PASSED |
| Integration tests implemented | In particular for the review of charms, assuring a reasonable test suite is important to allow for automated releases in future. With this test, for every build, it is ensured that the integration with other charms is successful. | An implementation for testing the required integrations (if applicable) is present. The implementation should also check for successful integration as part of he automation and the workload behaves as expected. At the time of review, the test runs successfully. | PASSED |
| Integration test results | Availability of test results is mandatory for a working collaborative project. | URL to test results from CI/CD automation. | PASSED |
| Documentation for usage | The documentation for using the charm should be separate from the documentation for developing or contributing to the charm. | URL to this documentation is present. | PASSED |
| Documentation for contributing | The documentation for contributing to the charm should be separate from the documentation for developing or using the charm. | URL to this documentation is present. | PASSED |
| Licensing statement | For the charm shared, OSS or not, the licensing terms of the charm are clarified (which also implies an identified authorship of the charm). | URL to the ruling licensing statement is present. | PASSED |
self-signed-certificates
| Review item | Review criteria | Evidence / notes |
|---|---|---|
| Charmhub.io charm detail page | The overall charmhub.io appearance looks good, which means: * The name complies with the naming guidelines. * The publisher is identified. * The links are provided. * The documentation looks reasonable. | PASSED |
| Source repository | Link to source repository accessible by reviewer | PASSED |
| Coding conventions | A reasonable styleguide is enforced in tox.ini/similar and in CI/CD. | PASSED |
| Release automation implementation | CI auto releases charm to edge on merge. | PASSED |
| Unit tests implementation | Unit tests are run in CI, pass, have at least 50% coverage, and their results are available to the reviewer. | PASSED |
| Integration tests implemented | Integration tests for installation, usage and relations are run in CI, pass, and their results are available to the reviewer. | PASSED |
| Documentation for usage | A usage doc exists separate from README.md. | PASSED |
| Documentation for contributing | A contributing doc (e.g. CONTRIBUTING.md) exists. | PASSED |
| Licensing statement | LICENCE is clearly available to potential users. | PASSED |
vault
| Review item | Review criteria | Evidence / notes |
|---|---|---|
| Charmhub.io charm detail page | The overall charmhub.io appearance looks good, which means: * The name complies with the naming guidelines. * The publisher is identified. * The links are provided. * The documentation looks reasonable. | PASSED |
| Source repository | Link to source repository accessible by reviewer | PASSED |
| Coding conventions | A reasonable styleguide is enforced in tox.ini/similar and in CI/CD. | PASSED |
| Release automation implementation | CI auto releases charm to edge on merge. | PASSED |
| Unit tests implementation | Unit tests are run in CI, pass, have at least 50% coverage, and their results are available to the reviewer. | PASSED |
| Integration tests implemented | Integration tests for installation, usage and relations are run in CI, pass, and their results are available to the reviewer. | PASSED |
| Documentation for usage | A usage doc exists separate from README.md. | PASSED |
| Documentation for contributing | A contributing doc (e.g. CONTRIBUTING.md) exists. | PASSED |
| Licensing statement | LICENCE is clearly available to potential users. | PASSED |
Hello,
TLS Certificates Operator
We changed the name to manual-tls-certificates. Here is the the associated PR and new project in charmhub:
- https://github.com/canonical/manual-tls-certificates-operator/pull/75
- Charmhub | Deploy Manual TLS Certificates using Charmhub - The Open Operator Collection
There is a request out there to have the ownership changed to Canonical Telco but that should not be a blocker for the review process.
Self-signed certificates
- Missing backlinks to repos and issues: This is fixed in the edge channel.
- Reference doc links are all broken. I don’t have the necessary access to edit other people’s discourse post. @gatici, can you please remove the reference section altogether here, people can directly click on actions and other items.
Vault
- No docs: This is fixed now. Btw do we really want the charm review process to validate diataxis?
- See above
1 Like
Re manual-tls-certificates-operator: the docs still reference the old name. Is that intentional?
No this was not intentional, I just asked @dariofaccin to address this as I don’t have the necessary permissions to do so.
Hurray! Updated.
1 Like
@gruyaume, If you agree to provide one individual post per charm next time? 
@odysseus-k could we ask you to set the three charms to listed?
2 Likes
There’s a mistake in the charms you referenced. The 3 ones to list are:
- Charmhub | Deploy Manual TLS Certificates using Charmhub - The Open Operator Collection
- Charmhub | Deploy Self Signed X.509 Certificates using Charmhub - The Open Operator Collection
- Charmhub | Deploy vault-k8s using Charmhub - The Open Operator Collection
Manual TLS Certificates is the new name for the charm as discussed above.
1 Like
Hi,
- Charmhub | Deploy Manual TLS Certificates using Charmhub - The Open Operator Collection
- Charmhub | Deploy Self Signed X.509 Certificates using Charmhub - The Open Operator Collection
- Charmhub | Deploy vault-k8s using Charmhub - The Open Operator Collection
are now listed.
Thanks,
Odysseus
1 Like
They don’t show up in the search, is there a delay?
Hi,
For the charms to show up there needs to be at least one revision published as stable. AFAICT, none of these 3 charms currently have a revision published as such.
Thanks,
Odysseus
Ok thank you!
ouf the entire things seems to be complicated: What apparently happened is that the name was changed during the review, but the original posting was not corrected, but at least it seems to be done now.