Add CN and L options to get-csr action

Add the common_name and locality option(s) for when creating
new Certificate Signing Requests.

Closes-Bug: 1882599

Change-Id: I1900b942ed6a409252b35c539c70226c32ed53e3

src/actions.yaml

@@ -29,6 +29,14 @@ get-csr:
       type: string
       description: >-
         The OU (OrganizationalUnit) values in the subject field of the CSR.
+    common-name:
+      type: string
+      description: >-
+        The CN (Common Name) values in the subject field of the CSR.
+    locality:
+      type: string
+      description: >-
+        The L (Locality) values in the subject field of the CSR.
 upload-signed-csr:
   description: Upload a signed csr to vault
   properties:

src/actions/actions.py

@@ -62,6 +62,8 @@ def get_intermediate_csrs(*args):
     csrs = vault_pki.get_csr(
         ttl=action_config.get('ttl'),
         country=action_config.get('country'),
+        common_name=action_config.get('common-name'),
+        locality=action_config.get('locality'),
         province=action_config.get('province'),
         organization=action_config.get('organization'),
         organizational_unit=action_config.get('organizational-unit'))

src/lib/charm/vault_pki.py

@@ -132,7 +132,8 @@ def generate_certificate(cert_type, common_name, sans, ttl, max_ttl):
     return response['data']
 
 
-def get_csr(ttl=None, country=None, province=None,
+def get_csr(ttl=None, common_name=None, locality=None,
+            country=None, province=None,
             organization=None, organizational_unit=None):
     """Generate a csr for the vault Intermediate Authority
 
@@ -151,20 +152,26 @@ def get_csr(ttl=None, country=None, province=None,
     :param organizational_unit: The OU (OrganizationalUnit) values in the
                                 subject field of the CSR.
     :type organizational_unit: string
+    :param common_name: The CN (Common_Name) values in the
+                                subject field of the CSR.
+    :param locality: The L (Locality) values in the
+                                subject field of the CSR.
     :returns: Certificate signing request
     :rtype: string
     """
     client = vault.get_local_client()
     configure_pki_backend(client, CHARM_PKI_MP)
     config = {
-        'common_name': ("Vault Intermediate Certificate Authority "
-                        "({})".format(CHARM_PKI_MP)),
         #  Year - 1 hour
         'ttl': ttl or '87599h',
         'country': country,
         'province': province,
         'ou': organizational_unit,
-        'organization': organization}
+        'organization': organization,
+        'common_name': common_name or ("Vault Intermediate Certificate "
+                                       "Authority " "({})".format(CHARM_PKI_MP)
+                                       ),
+        'locality': locality}
     config = {k: v for k, v in config.items() if v}
     csr_info = client.write(
         '{}/intermediate/generate/internal'.format(CHARM_PKI_MP),

unit_tests/test_lib_charm_vault_pki.py

@@ -204,6 +204,7 @@ class TestLibCharmVaultPKI(unit_tests.test_utils.CharmTestCase):
             vault_pki.get_csr(
                 ttl='2h',
                 country='GB',
+                locality='here',
                 province='Kent',
                 organizational_unit='My Department',
                 organization='My Company'),
@@ -213,6 +214,7 @@ class TestLibCharmVaultPKI(unit_tests.test_utils.CharmTestCase):
             common_name=('Vault Intermediate Certificate Authority '
                          '(charm-pki-local)'),
             country='GB',
+            locality='here',
             organization='My Company',
             ou='My Department',
             province='Kent',