Merge "Rework enforce_ssl to use host name, not address"

hooks/horizon_contexts.py

@@ -31,8 +31,10 @@ from charmhelpers.contrib.openstack.context import (
     HAProxyContext,
     context_complete
 )
+from charmhelpers.contrib.openstack.ip import (
+    resolve_address,
+)
 from charmhelpers.contrib.openstack.utils import (
-    get_host_ip,
     git_default_repos,
     git_pip_venv_dir,
 )
@@ -215,14 +217,7 @@ class ApacheContext(OSContextGenerator):
         if config('enforce-ssl'):
             # NOTE(dosaboy): if ssl is not configured we shouldn't allow this
             if all(get_cert()):
-                if config('vip'):
-                    addr = config('vip')
-                elif config('prefer-ipv6'):
-                    addr = format_ipv6_addr(get_ipv6_addr()[0])
-                else:
-                    addr = get_host_ip(unit_get('private-address'))
-
-                ctxt['ssl_addr'] = addr
+                ctxt['ssl_addr'] = resolve_address()
             else:
                 log("Enforce ssl redirect requested but ssl not configured - "
                     "skipping redirect", level=WARNING)

unit_tests/test_horizon_contexts.py

@@ -32,7 +32,7 @@ TO_PATCH = [
     'local_unit',
     'unit_get',
     'pwgen',
-    'get_host_ip'
+    'resolve_address',
 ]
 
 
@@ -67,10 +67,10 @@ class TestHorizonContexts(CharmTestCase):
 
     def test_Apachecontext_enforce_ssl(self):
         self.test_config.set('enforce-ssl', True)
-        self.get_host_ip.return_value = '10.0.0.1'
+        self.resolve_address.return_value = 'horizon.example.stack'
         self.assertEqual(horizon_contexts.ApacheContext()(),
                          {'http_port': 70, 'https_port': 433,
-                          'ssl_addr': '10.0.0.1'})
+                          'ssl_addr': 'horizon.example.stack'})
 
     @patch.object(horizon_contexts, 'get_ca_cert', lambda: None)
     @patch('os.chmod')