handler: correctly handle vault sealed exception

In situation where the vault service is restarted the service should
be unsealed. It apears that some parts of the code do not handle the
exception correctly which results the unit to be in an error state.

In the code to handle that we check whether the service is well
unsealed. If that not the case juju will report the service as blocked
asking user to unseal it.

Change-Id: I1b4d83eb4c944a98a06cc457f51d0fb9d0b9a6ce
Signed-off-by: Sahid Orentino Ferdjaoui <sahid.ferdjaoui@canonical.com>

src/reactive/vault_handlers.py

@@ -734,11 +734,15 @@ def takeover_cert_leadership():
       'charm.vault.ca.ready',
       'certificates.available')
 def publish_ca_info():
+    client = vault.get_client(url=vault.VAULT_LOCALHOST_URL)
     tls = endpoint_from_flag('certificates.available')
-    tls.set_ca(vault_pki.get_ca())
-    chain = vault_pki.get_chain()
-    if chain:
-        tls.set_chain(chain)
+    if client.is_sealed():
+        log("Unable to publish ca info, service sealed.")
+    else:
+        tls.set_ca(vault_pki.get_ca())
+        chain = vault_pki.get_chain()
+        if chain:
+            tls.set_chain(chain)
 
 
 @when('leadership.is_leader',