[DPE-3737] Implement ZK client interface

metadata.yaml

@@ -26,7 +26,7 @@ peers:
     interface: upgrade
 
 provides:
-  zookeeper:
+  database:
     interface: zookeeper
   cos-agent:
     interface: cos_agent

pyproject.toml

@@ -31,14 +31,13 @@ authors = []
 [tool.poetry.dependencies]
 python = "^3.10"
 ops = "^2.4.1"
-kazoo = ">=2.8.0"
+kazoo = ">=2.8.0,<2.10"
 tenacity = ">=8.0.1"
 pure-sasl = ">=0.6.2"
 cryptography = ">42.0.0"
 cosl = ">=0.0.5"
 pydantic = "^1.10.7"
 pyyaml = "^6.0.1"
-poetry-plugin-export = ">=1.6"
 
 [tool.poetry.group.fmt]
 optional = true
@@ -79,8 +78,8 @@ pytest-operator-cache = {git = "https://github.com/canonical/data-platform-workf
 
 [tool.ruff]
 line-length = 99
-select = ["E", "W", "F", "C", "N", "D", "I001"]
-extend-ignore = [
+lint.select = ["E", "W", "F", "C", "N", "D", "I001"]
+lint.extend-ignore = [
     "D203",
     "D204",
     "D213",
@@ -94,13 +93,13 @@ extend-ignore = [
     "D409",
     "D413",
 ]
-ignore = ["E501", "D107"]
+lint.ignore = ["E501", "D107"]
 extend-exclude = ["__pycache__", "*.egg_info", "tests/integration/app-charm/lib"]
-per-file-ignores = {"tests/*" = ["D100","D101","D102","D103","D104", "E999"], "src/literals.py" = ["D101"]}
+lint.per-file-ignores = {"tests/*" = ["D100","D101","D102","D103","D104", "E999"], "src/literals.py" = ["D101"]}
 target-version="py310"
 src = ["src", "tests"]
 
-[tool.ruff.mccabe]
+[tool.ruff.lint.mccabe]
 max-complexity = 10
 
 [tool.pyright]

requirements.txt

@@ -1,54 +1,13 @@
-build==1.0.3 ; python_version >= "3.10" and python_version < "4.0"
-cachecontrol[filecache]==0.13.1 ; python_version >= "3.10" and python_version < "4.0"
-certifi==2023.11.17 ; python_version >= "3.10" and python_version < "4.0"
-cffi==1.16.0 ; python_version >= "3.10" and python_version < "4.0" and (platform_python_implementation != "PyPy" or sys_platform == "darwin")
-charset-normalizer==3.3.2 ; python_version >= "3.10" and python_version < "4.0"
-cleo==2.1.0 ; python_version >= "3.10" and python_version < "4.0"
-colorama==0.4.6 ; python_version >= "3.10" and python_version < "4.0" and os_name == "nt"
-cosl==0.0.7 ; python_version >= "3.10" and python_version < "4.0"
-crashtest==0.4.1 ; python_version >= "3.10" and python_version < "4.0"
+cffi==1.16.0 ; python_version >= "3.10" and python_version < "4.0" and platform_python_implementation != "PyPy"
+cosl==0.0.11 ; python_version >= "3.10" and python_version < "4.0"
 cryptography==42.0.5 ; python_version >= "3.10" and python_version < "4.0"
-distlib==0.3.8 ; python_version >= "3.10" and python_version < "4.0"
-dulwich==0.21.7 ; python_version >= "3.10" and python_version < "4.0"
-fastjsonschema==2.19.1 ; python_version >= "3.10" and python_version < "4.0"
-filelock==3.13.1 ; python_version >= "3.10" and python_version < "4.0"
-idna==3.6 ; python_version >= "3.10" and python_version < "4.0"
-importlib-metadata==7.0.1 ; python_version >= "3.10" and python_version < "3.12"
-installer==0.7.0 ; python_version >= "3.10" and python_version < "4.0"
-jaraco-classes==3.3.0 ; python_version >= "3.10" and python_version < "4.0"
-jeepney==0.8.0 ; python_version >= "3.10" and python_version < "4.0" and sys_platform == "linux"
 kazoo==2.9.0 ; python_version >= "3.10" and python_version < "4.0"
-keyring==24.3.0 ; python_version >= "3.10" and python_version < "4.0"
-more-itertools==10.2.0 ; python_version >= "3.10" and python_version < "4.0"
-msgpack==1.0.7 ; python_version >= "3.10" and python_version < "4.0"
-ops==2.9.0 ; python_version >= "3.10" and python_version < "4.0"
-packaging==23.2 ; python_version >= "3.10" and python_version < "4.0"
-pexpect==4.9.0 ; python_version >= "3.10" and python_version < "4.0"
-pkginfo==1.9.6 ; python_version >= "3.10" and python_version < "4.0"
-platformdirs==3.11.0 ; python_version >= "3.10" and python_version < "4.0"
-poetry-core==1.8.1 ; python_version >= "3.10" and python_version < "4.0"
-poetry-plugin-export==1.6.0 ; python_version >= "3.10" and python_version < "4.0"
-poetry==1.7.1 ; python_version >= "3.10" and python_version < "4.0"
-ptyprocess==0.7.0 ; python_version >= "3.10" and python_version < "4.0"
+ops==2.13.0 ; python_version >= "3.10" and python_version < "4.0"
 pure-sasl==0.6.2 ; python_version >= "3.10" and python_version < "4.0"
-pycparser==2.21 ; python_version >= "3.10" and python_version < "4.0" and (platform_python_implementation != "PyPy" or sys_platform == "darwin")
-pydantic==1.10.13 ; python_version >= "3.10" and python_version < "4.0"
-pyproject-hooks==1.0.0 ; python_version >= "3.10" and python_version < "4.0"
-pywin32-ctypes==0.2.2 ; python_version >= "3.10" and python_version < "4.0" and sys_platform == "win32"
+pycparser==2.22 ; python_version >= "3.10" and python_version < "4.0" and platform_python_implementation != "PyPy"
+pydantic==1.10.15 ; python_version >= "3.10" and python_version < "4.0"
 pyyaml==6.0.1 ; python_version >= "3.10" and python_version < "4.0"
-rapidfuzz==3.6.1 ; python_version >= "3.10" and python_version < "4.0"
-requests-toolbelt==1.0.0 ; python_version >= "3.10" and python_version < "4.0"
-requests==2.31.0 ; python_version >= "3.10" and python_version < "4.0"
-secretstorage==3.3.3 ; python_version >= "3.10" and python_version < "4.0" and sys_platform == "linux"
-shellingham==1.5.4 ; python_version >= "3.10" and python_version < "4.0"
 six==1.16.0 ; python_version >= "3.10" and python_version < "4.0"
 tenacity==8.2.3 ; python_version >= "3.10" and python_version < "4.0"
-tomli==2.0.1 ; python_version >= "3.10" and python_version < "3.11"
-tomlkit==0.12.3 ; python_version >= "3.10" and python_version < "4.0"
-trove-classifiers==2024.1.8 ; python_version >= "3.10" and python_version < "4.0"
-typing-extensions==4.9.0 ; python_version >= "3.10" and python_version < "4.0"
-urllib3==2.1.0 ; python_version >= "3.10" and python_version < "4.0"
-virtualenv==20.25.0 ; python_version >= "3.10" and python_version < "4.0"
-websocket-client==1.7.0 ; python_version >= "3.10" and python_version < "4.0"
-xattr==0.10.1 ; python_version >= "3.10" and python_version < "4.0" and sys_platform == "darwin"
-zipp==3.17.0 ; python_version >= "3.10" and python_version < "3.12"
+typing-extensions==4.11.0 ; python_version >= "3.10" and python_version < "4.0"
+websocket-client==1.8.0 ; python_version >= "3.10" and python_version < "4.0"

src/charm.py

@@ -65,7 +65,7 @@ def __init__(self, *args):
             self,
             substrate=SUBSTRATE,
             dependency_model=ZooKeeperDependencyModel(
-                **DEPENDENCIES  # pyright: ignore[reportGeneralTypeIssues]
+                **DEPENDENCIES  # pyright: ignore[reportArgumentType]
             ),
         )
 
@@ -318,7 +318,7 @@ def init_server(self):
         if (
             self.state.cluster.tls
             and self.state.unit_server.certificate
-            and self.state.unit_server.ca
+            and self.state.unit_server.ca_cert
         ):  # TLS is probably completed
             self.tls_manager.set_private_key()
             self.tls_manager.set_ca()
@@ -422,12 +422,15 @@ def update_client_data(self) -> None:
 
             client.update(
                 {
-                    "uris": client.uris,
                     "endpoints": client.endpoints,
                     "tls": client.tls,
                     "username": client.username,
                     "password": client.password,
-                    "chroot": client.chroot,
+                    "database": client.database,
+                    # Duplicated for compatibility with older requirers
+                    # TODO (zkclient): Remove these entries
+                    "chroot": client.database,
+                    "uris": client.uris,
                 }
             )
 

src/core/models.py

@@ -4,6 +4,7 @@
 
 """Collection of state objects for the ZooKeeper relations, apps and units."""
 import logging
+import warnings
 from collections.abc import MutableMapping
 from typing import Literal
 
@@ -104,7 +105,12 @@ def endpoints(self) -> str:
     @property
     def uris(self) -> str:
         """The ZooKeeper connection uris for the client application to connect with."""
-        return self._uris + self.chroot if self._uris else ""
+        # TODO (zkclient): Remove this property
+        warnings.warn(
+            "Using 'uris' in the databag is deprecated, use 'endpoints' instead",
+            DeprecationWarning,
+        )
+        return self._uris + self.database if self._uris else ""
 
     @property
     def tls(self) -> str:
@@ -126,12 +132,51 @@ def chroot_acl(self) -> str:
             - 'w' - write
             - 'a' - append
         """
-        return self.relation_data.get("chroot-acl", "cdrwa")
+        # TODO (zkclient): Remove this property and replace by "cdrwa" in self.extra_user_roles
+        acl = self.relation_data.get("chroot-acl")
+        if acl is not None:
+            warnings.warn(
+                "Using 'chroot-acl' in the databag is deprecated, use 'extra-user-roles' instead",
+                DeprecationWarning,
+            )
+
+        else:
+            acl = "cdrwa"
+
+        return acl
+
+    @property
+    def extra_user_roles(self) -> str:
+        """The client defined ACLs for their requested ACL.
+
+        Contains:
+            - 'c' - create
+            - 'd' - delete
+            - 'r' - read
+            - 'w' - write
+            - 'a' - append
+        """
+        return self.relation_data.get("extra-user-roles", self.chroot_acl)
 
     @property
     def chroot(self) -> str:
         """The client requested root zNode path value."""
+        # TODO (zkclient): Remove this property and replace by "" in self.database
         chroot = self.relation_data.get("chroot", "")
+        if chroot:
+            warnings.warn(
+                "Using 'chroot' in the databag is deprecated, use 'database' instead",
+                DeprecationWarning,
+            )
+        if chroot and not chroot.startswith("/"):
+            chroot = f"/{chroot}"
+
+        return chroot
+
+    @property
+    def database(self) -> str:
+        """The client requested root zNode path value."""
+        chroot = self.relation_data.get("database", self.chroot)
         if chroot and not chroot.startswith("/"):
             chroot = f"/{chroot}"
 
@@ -366,7 +411,19 @@ def certificate(self) -> str:
     def ca(self) -> str:
         """The root CA contents for the unit to use for TLS."""
         # Backwards compatibility
-        return self.relation_data.get("ca-cert", self.relation_data.get("ca", ""))
+        # TODO (zkclient): Remove this property and replace by "" in self.ca_cert
+        ca = self.relation_data.get("ca", "")
+        if ca:
+            warnings.warn(
+                "Using 'ca' in the databag is deprecated, use 'ca_cert' instead",
+                DeprecationWarning,
+            )
+        return ca
+
+    @property
+    def ca_cert(self) -> str:
+        """The root CA contents for the unit to use for TLS."""
+        return self.relation_data.get("ca-cert", self.ca)
 
     @property
     def sans(self) -> dict[str, list[str]]:

src/events/provider.py

@@ -75,7 +75,7 @@ def _on_client_relation_updated(self, event: RelationEvent) -> None:
         # FIXME: should be data-platform-libs
         # setting password for new users to relation data
         for client in self.charm.state.clients:
-            if not client.chroot:
+            if not client.database:
                 continue
 
             if (

src/literals.py

@@ -16,7 +16,7 @@
 CHARM_KEY = "zookeeper"
 
 PEER = "cluster"
-REL_NAME = "zookeeper"
+REL_NAME = "database"
 CONTAINER = "zookeeper"
 CHARM_USERS = ["super", "sync"]
 CERTS_REL_NAME = "certificates"

src/managers/quorum.py

@@ -195,37 +195,37 @@ def update_acls(self, event: RelationEvent | None = None) -> None:
         requested_chroots = set()
 
         for client in self.state.clients:
-            if not client.chroot:
+            if not client.database:
                 continue
 
             generated_acl = make_acl(
                 scheme="sasl",
                 credential=client.username,
-                read="r" in client.chroot_acl,
-                write="w" in client.chroot_acl,
-                create="c" in client.chroot_acl,
-                delete="d" in client.chroot_acl,
-                admin="a" in client.chroot_acl,
+                read="r" in client.extra_user_roles,
+                write="w" in client.extra_user_roles,
+                create="c" in client.extra_user_roles,
+                delete="d" in client.extra_user_roles,
+                admin="a" in client.extra_user_roles,
             )
             logger.info(f"{generated_acl=}")
 
             requested_acls.add(generated_acl)
 
             # FIXME: data-platform-libs should handle this when it's implemented
-            if client.chroot:
+            if client.database:
                 if event and client.relation and client.relation.id == event.relation.id:
                     continue  # skip broken chroots, so they're removed
                 else:
-                    requested_chroots.add(client.chroot)
+                    requested_chroots.add(client.database)
 
             # Looks for newly related applications not in config yet
-            if client.chroot not in leader_chroots:
-                logger.info(f"CREATE CHROOT - {client.chroot}")
-                self.client.create_znode_leader(path=client.chroot, acls=[generated_acl])
+            if client.database not in leader_chroots:
+                logger.info(f"CREATE CHROOT - {client.database}")
+                self.client.create_znode_leader(path=client.database, acls=[generated_acl])
 
             # Looks for existing related applications
-            logger.info(f"UPDATE CHROOT - {client.chroot}")
-            self.client.set_acls_znode_leader(path=client.chroot, acls=[generated_acl])
+            logger.info(f"UPDATE CHROOT - {client.database}")
+            self.client.set_acls_znode_leader(path=client.database, acls=[generated_acl])
 
         # Looks for applications no longer in the relation but still in config
         for chroot in sorted(leader_chroots - requested_chroots, reverse=True):

src/managers/tls.py

@@ -34,11 +34,11 @@ def set_private_key(self) -> None:
 
     def set_ca(self) -> None:
         """Sets the unit CA."""
-        if not self.state.unit_server.ca:
+        if not self.state.unit_server.ca_cert:
             logger.error("Can't set CA to unit, missing CA in relation data")
             return
 
-        self.workload.write(content=self.state.unit_server.ca, path=self.workload.paths.ca)
+        self.workload.write(content=self.state.unit_server.ca_cert, path=self.workload.paths.ca)
 
     def set_certificate(self) -> None:
         """Sets the unit certificate."""