Update config description

canonical · Dec 9, 2024 · 1dbcebf · 1dbcebf
1 parent 4f210cf
commit 1dbcebf
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 3 deletions.
diff --git a/charmcraft.yaml b/charmcraft.yaml
@@ -26,8 +26,13 @@ config:
     admin-user:
       type: string
       description: |
-        OpenCTI admin user email and password.
-        The content of this configuration should be a 
+        OpenCTI admin user email and password.  
+        The content of this configuration should be a Juju user secret ID.  
+        The Juju user secret should contain two fields, `email` and `password`, 
+        where `email` is the admin user email, and `password` is the admin user password.  
+        Use the following commands to create a Juju user secret for this configuration:  
+        `juju add-secret opencti-admin-user [email protected] password#file=/path/to/password.txt`  
+        `juju grant-secret opencti-admin-user opencti`
 
 requires:
   opensearch-client:

diff --git a/src/charm.py b/src/charm.py
@@ -81,12 +81,16 @@ def __init__(self, *args: typing.Any):
         """
         super().__init__(*args)
         self._container = self.unit.get_container("opencti")
+        if self.app.name == "x-opencti":
+            self.unit.status = ops.BlockedStatus("charm cannot be named 'x-opencti'")
+            return
         self._opensearch = OpenSearchRequires(
             self,
             relation_name="opensearch-client",
             # suppress the OpenSearch charm from creating the index
             # use the name x-opencti so OpenSearch will create an index named 'x-opencti'
-            # which shouldn't interfere with the OpenCTI platform
+            # which shouldn't interfere with the OpenCTI (index prefix is the charm app name)
+            # hope nobody names the charm app 'x-opencti'
             index="x-opencti",
             # the OpenSearch charm can't handle access control for index patterns
             extra_user_roles="admin",
@@ -386,6 +390,7 @@ def _prepare_opensearch_env(self) -> dict[str, str]:
         ]
         env = {
             "ELASTICSEARCH__URL": json.dumps(uris),
+            "ELASTICSEARCH__INDEX_PREFIX": self.app.name,
         }
         if ca := data.get("tls-ca"):
             self._container.make_dir("/opt/opencti/config/", make_parents=True)

diff --git a/tests/unit/test_charm.py b/tests/unit/test_charm.py
@@ -37,6 +37,7 @@ def test_pebble_plan():
                     "APP__PORT": "8080",
                     "APP__TELEMETRY__METRICS__ENABLED": "true",
                     "ELASTICSEARCH__PASSWORD": "opensearch-password",
+                    "ELASTICSEARCH__INDEX_PREFIX": "opencti",
                     "ELASTICSEARCH__SSL__CA": "/opt/opencti/config/opensearch.pem",
                     "ELASTICSEARCH__URL": json.dumps(
                         [