Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

  1. Blog
  2. Article

Tom Haddon
on 15 November 2017

Codetree Collect Info

We recently landed a feature in Codetree that I’m pretty excited about. Codetree is a tool for collecting code from various locations and assembling it in a specific directory structure. It can be used in a standalone fashion, but is also tightly integrated with Mojo, which we use to deploy and manage Juju models.

To install Codetree, just run “sudo snap install codetree --classic“.

As an example, let’s say you want to get a subset of the latest OpenStack charms. You could do so by creating a file called openstack-charms with the following contents:

charms                   @
charms/cinder            git+https://github.com/openstack/charm-cinder;revno=stable/17.08
charms/glance            git+https://github.com/openstack/charm-glance;revno=stable/17.08
charms/hacluster         git+https://github.com/openstack/charm-hacluster;revno=stable/17.08
charms/heat              git+https://github.com/openstack/charm-heat;revno=stable/17.08
charms/keystone          git+https://github.com/openstack/charm-keystone;revno=stable/17.08

You’d then run “codetree openstack-charms” and you’d have the charms assembled in a “charms” directory. So far so good.

But what happens three months from now when you want to upgrade the charms you’ve deployed to a newer version? Or two months from now if you come across a bug in the charms and are not sure exactly what version you deployed and when? Juju strips out any dotfiles and dot directories from charms it deploys, so you won’t be able to use git commands to query where the charms on disk in your deployed OpenStack came from.

This is where the new feature we’ve just added to Codetree comes in. Codetree will now inject a file called “codetree-collect-info.yaml” into any directory it downloads, and this file will then be queryable later to confirm what version you deployed. This can be done in situ on your deployed OpenStack instance. For example:

juju ssh keystone/0 “head -4 /var/lib/juju/agents/unit*/charm/codetree-collect-info.yaml”
collect_date: '2017-11-01 14:32:55.815503'
collect_url: git+https://github.com/openstack/charm-keystone;revno=91490b7daf7511a717f75f62b57fc3f97cc6d740
hashes:
  LICENSE: cfc7749b96f63bd31c3c42b5c471bf756814053e847c10f3eb003417bc523d30

Now you can easily see the specific revision the charm was collected from, when it was collected, and the hashes allow you to query if any of the files on disk have been changed.

Our next planned step from here is to add a “charm-report” phase to Mojo to allow us to query this information with one simple command.

Related posts

Henry Coggill
6 June 2025

What is CMMC compliance?

Hardening Article

CMMC version 2.0 came into effect on December 26, 2023, and is designed to ensure adherence to rigorous cybersecurity policies and practices within the public sector and amongst wider industry partners. ...

Rawand Benour
5 June 2025

What if your container images were security-maintained at the source?

Ubuntu Article

Software supply chain security has become a top concern for developers, DevOps engineers, and IT leaders. High-profile breaches and dependency compromises have shown that open source components can introduce risk if not properly vetted and maintained. Although containerization has become commonplace in contemporary development and deploym ...

Octavio Galland
30 May 2025

Apport local information disclosure vulnerability fixes available

Ubuntu Article

Qualys discovered two vulnerabilities in various Linux distributions which allow a local attacker with permission to create user namespaces to leak core dumps for processes of suid executables. These affect both apport, the Ubuntu default core dump handler (CVE-2025-5054), and systemd-coredump, the default core dump handler in Red Hat Ent ...