Fix to is_ca_ready() which used read_role() incorrectly

A recent change (1) switched to the newer methods in
hvac 11.2, but unfortunately the semantics between
client.secrets.pki.read_role() and client.read() are different,
in that the latter returns None on InvalidPath, whereas the former
allow the exception to bubble up.

Also updates tests and fixes a mocking issue on service_reload.

[1] https://review.opendev.org/c/openstack/charm-vault/+/848205

Change-Id: Id3d112104b1aa45b242e402709fb855131d5203e

src/lib/charm/vault_pki.py

@@ -71,7 +71,12 @@ def is_ca_ready(client, name, role):
     :returns: Whether CA is ready
     :rtype: bool
     """
-    return client.secrets.pki.read_role(role, mount_point=name) is not None
+    try:
+        # read_role raises InvalidPath is the role is not available
+        client.secrets.pki.read_role(role, mount_point=name)
+        return True
+    except hvac.exceptions.InvalidPath:
+        return False
 
 
 def get_chain(name=None):

unit_tests/test_lib_charm_vault_pki.py

@@ -61,8 +61,8 @@ class TestLibCharmVaultPKI(unit_tests.test_utils.CharmTestCase):
         client_mock = mock.MagicMock()
 
         def read_role(role, mount_point=None):
-            if role == "role":
-                return "role info"
+            if role != "role":
+                raise hvac.exceptions.InvalidPath()
 
         client_mock.secrets.pki.read_role.side_effect = read_role
         self.assertTrue(vault_pki.is_ca_ready(client_mock, 'mp', 'role'))

unit_tests/test_reactive_vault_handlers.py

@@ -59,6 +59,7 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
             'log',
             'network_get_primary_address',
             'open_port',
+            'service_reload',
             'service_restart',
             'service_running',
             'service',