Configure TLS on config-changed events
Ensure that TLS is potentially reconfigured in the event of a config-changed hook execution - ssl_* configuration options may have been changed so certs, keys and CA files on disk will need to be updated. Change-Id: I00d2eb16714785b15e13b196ea12716dc8a5b527 Related-Bug: 1865842 Co-Authored-By: James Page <james.page@ubuntu.com>
This commit is contained in:
parent
d0d3e2b1ea
commit
69eb753b02
|
@ -428,6 +428,10 @@ class OpenStackCharm(BaseOpenStackCharm,
|
|||
def config_defined_ssl_ca(self):
|
||||
return self._get_b64decode_for('ssl_ca')
|
||||
|
||||
def config_changed(self):
|
||||
tls = reactive.endpoint_from_flag('certificates.available')
|
||||
self.configure_tls(certificates_interface=tls)
|
||||
|
||||
def configure_ssl(self, keystone_interface=None):
|
||||
"""DEPRECATED Configure SSL certificates and keys.
|
||||
|
||||
|
|
|
@ -510,6 +510,22 @@ class TestMyOpenStackCharm(BaseOpenStackCharmTest):
|
|||
'w')
|
||||
mock_file.write.assert_called_with('rabbit_cert')
|
||||
|
||||
def test_config_changed(self):
|
||||
self.patch_target('configure_tls')
|
||||
self.target.config_changed()
|
||||
self.configure_tls.assert_called_once_with(certificates_interface=None)
|
||||
|
||||
self.configure_tls.reset_mock()
|
||||
ep_mock = mock.MagicMock()
|
||||
self.patch_object(
|
||||
chm.reactive,
|
||||
'endpoint_from_flag',
|
||||
return_value=ep_mock)
|
||||
self.patch_target('configure_tls')
|
||||
self.target.config_changed()
|
||||
self.target.configure_tls.assert_called_once_with(
|
||||
certificates_interface=ep_mock)
|
||||
|
||||
def test_configure_tls(self):
|
||||
tls_objs = [
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue