Fix to is_ca_ready() which used read_role() incorrectly
A recent change (1) switched to the newer methods in hvac 11.2, but unfortunately the semantics between client.secrets.pki.read_role() and client.read() are different, in that the latter returns None on InvalidPath, whereas the former allow the exception to bubble up. Also updates tests and fixes a mocking issue on service_reload. [1] https://review.opendev.org/c/openstack/charm-vault/+/848205 Change-Id: Id3d112104b1aa45b242e402709fb855131d5203e
This commit is contained in:
parent
68fecd9ba8
commit
ee3271063d
|
@ -71,7 +71,12 @@ def is_ca_ready(client, name, role):
|
|||
:returns: Whether CA is ready
|
||||
:rtype: bool
|
||||
"""
|
||||
return client.secrets.pki.read_role(role, mount_point=name) is not None
|
||||
try:
|
||||
# read_role raises InvalidPath is the role is not available
|
||||
client.secrets.pki.read_role(role, mount_point=name)
|
||||
return True
|
||||
except hvac.exceptions.InvalidPath:
|
||||
return False
|
||||
|
||||
|
||||
def get_chain(name=None):
|
||||
|
|
|
@ -61,8 +61,8 @@ class TestLibCharmVaultPKI(unit_tests.test_utils.CharmTestCase):
|
|||
client_mock = mock.MagicMock()
|
||||
|
||||
def read_role(role, mount_point=None):
|
||||
if role == "role":
|
||||
return "role info"
|
||||
if role != "role":
|
||||
raise hvac.exceptions.InvalidPath()
|
||||
|
||||
client_mock.secrets.pki.read_role.side_effect = read_role
|
||||
self.assertTrue(vault_pki.is_ca_ready(client_mock, 'mp', 'role'))
|
||||
|
|
|
@ -59,6 +59,7 @@ class TestHandlers(unit_tests.test_utils.CharmTestCase):
|
|||
'log',
|
||||
'network_get_primary_address',
|
||||
'open_port',
|
||||
'service_reload',
|
||||
'service_restart',
|
||||
'service_running',
|
||||
'service',
|
||||
|
|
Loading…
Reference in New Issue