handler: avoid to tune backend pki when service is pause/sealed
Change-Id: I0e59655446c3d76ba290d8a9e53c897890b99929 Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>
This commit is contained in:
parent
c982239239
commit
b0ba16efd1
|
@ -843,7 +843,15 @@ def tune_pki_backend():
|
|||
@when('config.set.default-ttl')
|
||||
@when('config.set.max-ttl')
|
||||
def tune_pki_backend_config_changed():
|
||||
ttl = config()['default-ttl']
|
||||
max_ttl = config()['max-ttl']
|
||||
vault_pki.tune_pki_backend(ttl=ttl, max_ttl=max_ttl)
|
||||
vault_pki.update_roles(max_ttl=max_ttl)
|
||||
if is_unit_paused_set():
|
||||
log("The Vault unit is paused, passing on tunning pki backend.")
|
||||
return
|
||||
# TODO(sahid): Add check when service is not running
|
||||
client = vault.get_client(url=vault.VAULT_LOCALHOST_URL)
|
||||
if client.is_sealed():
|
||||
log("Unable to tune pki backend, service sealed.")
|
||||
else:
|
||||
ttl = config()['default-ttl']
|
||||
max_ttl = config()['max-ttl']
|
||||
vault_pki.tune_pki_backend(ttl=ttl, max_ttl=max_ttl)
|
||||
vault_pki.update_roles(max_ttl=max_ttl)
|
||||
|
|
|
@ -875,8 +875,11 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
|
|||
ttl='8759h')
|
||||
self.set_flag.assert_called_once_with('pki.backend.tuned')
|
||||
|
||||
@mock.patch.object(handlers, 'vault')
|
||||
@mock.patch.object(handlers, 'vault_pki')
|
||||
def test_tune_pki_backend_config_changed(self, vault_pki):
|
||||
def test_tune_pki_backend_config_changed(self, vault_pki, _vault):
|
||||
self.is_unit_paused_set.return_value = False
|
||||
self._set_sealed(_vault, False)
|
||||
self.config.return_value = {
|
||||
'default-ttl': '8759h',
|
||||
'max-ttl': '87600h',
|
||||
|
@ -887,6 +890,28 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
|
|||
ttl='8759h')
|
||||
vault_pki.update_roles.assert_called_once_with(max_ttl='87600h')
|
||||
|
||||
@mock.patch.object(handlers, 'vault')
|
||||
@mock.patch.object(handlers, 'vault_pki')
|
||||
def test_tune_pki_backend_config_changed_sealed(self, vault_pki, _vault):
|
||||
self.is_unit_paused_set.return_value = False
|
||||
self._set_sealed(_vault, True)
|
||||
self.config.return_value = {
|
||||
'default-ttl': '8759h',
|
||||
'max-ttl': '87600h',
|
||||
}
|
||||
|
||||
handlers.tune_pki_backend_config_changed()
|
||||
assert not vault_pki.tune_pki_backend.called
|
||||
assert not vault_pki.update_roles.called
|
||||
|
||||
@mock.patch.object(handlers, 'vault_pki')
|
||||
def test_tune_pki_backend_config_changed_paused(self, vault_pki):
|
||||
self.is_unit_paused_set.return_value = True
|
||||
|
||||
handlers.tune_pki_backend_config_changed()
|
||||
assert not vault_pki.tune_pki_backend.called
|
||||
assert not vault_pki.update_roles.called
|
||||
|
||||
@mock.patch.object(handlers, 'config')
|
||||
@mock.patch.object(handlers, 'clear_flag')
|
||||
@mock.patch.object(handlers, 'set_flag')
|
||||
|
|
Loading…
Reference in New Issue