Disabling the static login (through juju config dex-auth enable-password-db=false) will prevent the dex-auth service to start in the absence of a connector properly configured. The workload container will throw this message:
2023-08-07T08:39:31.967Z [dex] failed to initialize server: server: no connectors specified
And the juju debug-log will show:
File "./src/charm.py", line 172, in _update_layer
self._container.restart(self._container_name)
File "/var/lib/juju/agents/unit-dex-auth-0/charm/venv/ops/model.py", line 1466, in restart
self._pebble.restart_services(service_names)
File "/var/lib/juju/agents/unit-dex-auth-0/charm/venv/ops/pebble.py", line 1699, in restart_services
return self._services_action('restart', services, timeout, delay)
File "/var/lib/juju/agents/unit-dex-auth-0/charm/venv/ops/pebble.py", line 1721, in _services_action
raise ChangeError(change.err, change)
ops.pebble.ChangeError: cannot perform the following tasks:
- Start service "dex" (cannot start service: exited quickly with code 2)
----- Logs from task 0 -----
2023-08-07T08:47:10Z INFO Service "dex" has never been started.
Finally, changing this configuration will set the unit to error status without a proper recovery method:
dex-auth/0* error idle 10.1.235.140 hook failed: "config-changed"
All the above goes away when changing dex-auth's connectors config.
Proposed fix
Handle the case where the static login is disabled and no connector has been configured, providing enough logs and messaging to users.
Disabling the static login (through
juju config dex-auth enable-password-db=false
) will prevent the dex-auth service to start in the absence of a connector properly configured. The workload container will throw this message:2023-08-07T08:39:31.967Z [dex] failed to initialize server: server: no connectors specified
And the
juju debug-log
will show:Finally, changing this configuration will set the unit to error status without a proper recovery method:
dex-auth/0* error idle 10.1.235.140 hook failed: "config-changed"
All the above goes away when changing dex-auth's
connectors
config.Proposed fix
Handle the case where the static login is disabled and no connector has been configured, providing enough logs and messaging to users.