Create hockeypuck rock and update charm files

charmcraft.yaml

@@ -1,7 +1,5 @@
 # Copyright 2025 Canonical Ltd.
 # See LICENSE file for licensing details.
-# This file configures Charmcraft.
-# See https://juju.is/docs/sdk/charmcraft-config for guidance.
 
 type: charm
 bases:

hockeypuck_rock/hockeypuck.conf.tmpl

@@ -0,0 +1,44 @@
+# Initial config file for hockeypuck docker-compose/standalone deployments
+# Environment variables are substituted using golang template markup
+# See https://pkg.go.dev/text/template
+
+[hockeypuck]
+loglevel="INFO"
+indexTemplate="/hockeypuck/lib/templates/index.html.tmpl"
+vindexTemplate="/hockeypuck/lib/templates/index.html.tmpl"
+statsTemplate="/hockeypuck/lib/templates/stats.html.tmpl"
+webroot="/hockeypuck/lib/www"
+hostname="${FQDN}"
+contact="${FINGERPRINT}"
+adminKeys=[
+    # List your admin key fingerprint(s) here.
+    # It is NOT RECOMMENDED to use the same key for both contact and admin.
+]
+
+[hockeypuck.hkp]
+bind=":11371"
+logRequestDetails=false
+
+# prevent abusively large keys
+[hockeypuck.openpgp]
+maxPacketLength=8192
+maxKeyLength=1048576
+# Full fingerprints of keys to ignore, minus the leading 0x
+blacklist=[
+    # "DEADBEEFDEADBEEFDEADBEEFDEADBEEFDEADBEEF",
+]
+
+[hockeypuck.openpgp.db]
+driver="postgres-jsonb"
+dsn="database=hkp host=${POSTGRES_HOST} user=${POSTGRES_USER} password=${POSTGRES_PASSWORD} port=${POSTGRES_PORT} sslmode=disable"
+
+[hockeypuck.conflux.recon]
+allowCIDRs=["127.0.0.1/8"]
+
+[hockeypuck.conflux.recon.leveldb]
+path="/hockeypuck/data/ptree"
+
+# Gossip peers
+#[hockeypuck.conflux.recon.partner.keyserver_example_com]
+#httpAddr="keyserver.example.com:11371"
+#reconAddr="keyserver.example.com:11370"

hockeypuck_rock/hockeypuck_wrapper.sh

@@ -0,0 +1,15 @@
+#!/bin/bash
+
+TEMPLATE_FILE="/hockeypuck/etc/hockeypuck.conf.tmpl"
+OUTPUT_FILE="/hockeypuck/etc/hockeypuck.conf"
+
+if [[ ! -f $TEMPLATE_FILE ]]; then
+    echo "Template file $TEMPLATE_FILE not found."
+    exit 1
+fi
+
+envsubst < "$TEMP_FILE" > "$OUTPUT_FILE"
+
+echo "Substitution complete. Output written to $OUTPUT_FILE."
+
+exec /hockeypuck/bin/hockeypuck -config $OUTPUT_FILE

hockeypuck_rock/rockcraft.yaml

@@ -0,0 +1,43 @@
+# Copyright 2025 Canonical Ltd.
+# See LICENSE file for licensing details.
+
+name: hockeypuck
+base: [email protected]
+version: 0.1
+summary: Hockeypuck is an OpenPGP public keyserver.
+description: |
+  Hockeypuck is an openPGP public keyserver or a software tool
+  used to manage public key infrastructure for PGP (Pretty Good Privacy),
+  which is a system for securing communication through encryption and
+  digital signatures.
+platforms:
+  amd64:
+    build-on:
+    - amd64
+    build-for:
+    - amd64
+parts:
+  hockeypuck:
+    plugin: make
+    source: https://github.com/hockeypuck/hockeypuck.git
+    source-tag: 2.2.2
+    source-type: git
+    source-depth: 1
+    build-snaps:
+      - go
+    organize:
+      usr/bin/hockeypuck: hockeypuck/bin/hockeypuck
+      usr/bin/hockeypuck-dump: hockeypuck/bin/hockeypuck-dump
+      usr/bin/hockeypuck-load: hockeypuck/bin/hockeypuck-load
+      usr/bin/hockeypuck-pbuild: hockeypuck/bin/hockeypuck-pbuild
+      var/lib/hockeypuck/*: hockeypuck/lib/
+    stage-packages:
+    - gettext-base
+  copy-files:
+    plugin: dump
+    source: .
+    organize:
+      hockeypuck.conf.tmpl: hockeypuck/etc/hockeypuck.conf.tmpl
+      hockeypuck_wrapper.sh: hockeypuck/bin/hockeypuck_wrapper.sh
+    prime:
+    - hockeypuck/*

metadata.yaml

@@ -1,50 +1,39 @@
 # Copyright 2025 Canonical Ltd.
 # See LICENSE file for licensing details.
-# This file populates the Overview on Charmhub.
-# See https://juju.is/docs/sdk/metadata-reference for a checklist and guidance.
-
-# The charm package name, no spaces (required)
-# See https://juju.is/docs/sdk/naming#heading--naming-charms for guidance.
-name: is-charms-template
-
-# The following metadata are human-readable and will be published prominently on Charmhub.
-
-# (Recommended)
-display-name: Charm Template
-
-# (Required)
-summary: A very short one-line summary of the charm.
-docs: https://discourse.charmhub.io
-issues: https://github.com/canonical/is-charms-template-repo/issues
+name: hockeypuck-k8s
+assumes:
+  - juju >= 3.1
+  - k8s-api
+display-name: Hockeypuck K8s
+summary: Hockeypuck openPGP public keyserver
 maintainers: 
   - https://launchpad.net/~canonical-is-devops
-source: https://github.com/canonical/is-charms-template-repo
-
 description: |
-  A single sentence that says what the charm is, concisely and memorably.
-
-  A paragraph of one to three short sentences, that describe what the charm does.
-
-  A third paragraph that explains what need the charm meets.
-
-  Finally, a paragraph that describes whom the charm is useful for.
-
-# The containers and resources metadata apply to Kubernetes charms only.
-# Remove them if not required.
-
-# Your workload’s containers.
+  A [Juju](https://juju.is/) [charm](https://juju.is/docs/olm/charmed-operators)
+  for deploying and managin [Hockeypuck](https://hockeypuck.io/) on Kubernetes. Hockeypuck is an
+  openPGP public keyserver or a software tool used to manage public key infrastructure for PGP 
+  (Pretty Good Privacy), which is a system for securing communication through encryption and 
+  digital signatures.
+
+  The Server provides interfaces to add, lookup, replace and delete public keys from the keyserver.
+  Hockeypuck can synchronize public key material with SKS and other Hockeypuck servers. It 
+  implements the HTTP Keyserver Protocol and the SKS database reconciliation protocol.
+
+  For DevOps and SRE teams, this charm will make operating Hockeypuck simple and straightforward
+  through Juju's clean interface.
+docs: https://discourse.charmhub.io # TO BE UPDATED
+issues: https://github.com/canonical/hockeypuck-k8s-operator/issues
+source: https://github.com/canonical/hockeypuck-k8s-operator
 containers:
-  httpbin:
-    resource: httpbin-image
+  hockeypuck:
+    resource: hockeypuck-image
 
-# This field populates the Resources tab on Charmhub.
 resources:
-  # An OCI image resource for each container listed above.
-  # You may remove this if your charm will run without a workload sidecar container.
-  httpbin-image:
+  hockeypuck-image:
     type: oci-image
-    description: OCI image for httpbin
-    # The upstream-source field is ignored by Juju. It is included here as a reference
-    # so the integration testing suite knows which image to deploy during testing. This field
-    # is also used by the 'canonical/charming-actions' Github action for automated releasing.
-    upstream-source: kennethreitz/httpbin
+    description: OCI image for Hockeypuck
+
+requires:
+  database:
+    interface: postgresql_client
+    limit: 1