Merge "Add hostname as a new config option"

2019-05-16 11:18:09 +00:00
parent 23c4c43566 8b99dc2829
commit a3e8d18b1c
3 changed files with 36 additions and 3 deletions
--- a/src/config.yaml
+++ b/src/config.yaml
@@ -74,3 +74,10 @@ options:
      this will use all default values for the root CA cert.  If you want
      to adjust those values, you should use the generate-root-ca action
      instead.
+  hostname:
+    type: string
+    default:
+    description: >-
+      Hostname to be used for the API URL. This hostname should exist as a DNS
+      record and be resolvable by the charms that will consume the relation 
+      with vault.
--- a/src/reactive/vault_handlers.py
+++ b/src/reactive/vault_handlers.py
@@ -493,6 +493,9 @@ def configure_secrets_backend():
 def send_vault_url_and_ca():
    secrets = endpoint_from_flag('secrets.connected')
    if is_flag_set('ha.available'):
+        if config('hostname'):
+            vault_url = vault.get_api_url(address=config('hostname'))
+        else:
            vault_url = vault.get_api_url(address=config('vip'))
    else:
        vault_url = vault.get_api_url()
--- a/unit_tests/test_reactive_vault_handlers.py
+++ b/unit_tests/test_reactive_vault_handlers.py
@@ -604,7 +604,7 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
        ])

    @mock.patch.object(handlers, 'vault')
-    def send_vault_url_and_ca(self, _vault):
+    def test_send_vault_url_and_ca(self, _vault):
        _test_config = {
            'vip': '10.5.100.1',
            'ssl-ca': 'test-ca',
@@ -626,7 +626,7 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
        )

    @mock.patch.object(handlers, 'vault')
-    def send_vault_url_and_ca_ha(self, _vault):
+    def test_send_vault_url_and_ca_ha(self, _vault):
        _test_config = {
            'vip': '10.5.100.1',
            'ssl-ca': 'test-ca',
@@ -647,6 +647,29 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
            vault_ca='test-ca'
        )

+    @mock.patch.object(handlers, 'vault')
+    def test_send_vault_url_and_ca_hostname(self, _vault):
+        _test_config = {
+            'vip': '10.5.100.1',
+            'ssl-ca': 'test-ca',
+            'hostname': 'vault',
+        }
+        self.config.side_effect = lambda key: _test_config.get(key)
+        mock_secrets = mock.MagicMock()
+        self.endpoint_from_flag.return_value = mock_secrets
+        self.is_flag_set.return_value = True
+        _vault.get_api_url.return_value = 'https://vault:8200'
+        handlers.send_vault_url_and_ca()
+        self.endpoint_from_flag.assert_called_with('secrets.connected')
+        self.is_flag_set.assert_called_with('ha.available')
+        _vault.get_api_url.assert_called_once_with(address='vault')
+        mock_secrets.publish_url.assert_called_once_with(
+            vault_url='https://vault:8200'
+        )
+        mock_secrets.publish_ca.assert_called_once_with(
+            vault_ca='test-ca'
+        )
+
    @mock.patch.object(handlers, 'vault_pki')
    def test_publish_ca_info(self, vault_pki):
        tls = self.endpoint_from_flag.return_value