Fix Apache not being installed/configured for ssl

The configuration for SSL was not being run due to the vhost
not having been rendered and the ssl.enabled state not being
set when configure_ssl was run. This change creates a new state
ssl.requested which signals that ssl configuration needs to take
place. Also, an empty vhost is now created so a2ensite does not
fail.

Change-Id: Iaadcd30191e94f9345c55d9eb8551a5593b0fde4
Partial-Bug: #1719331

.gitignore

@@ -4,3 +4,4 @@
 charm.openstack.egg-info
 .ropeproject
 .eggs
+.stestr

charms_openstack/charm/classes.py

@@ -291,12 +291,14 @@ class HAOpenStackCharm(OpenStackAPICharm):
         Enable Apache vhost for SSL termination if vhost exists and it is not
         curently enabled
         """
-        if os.path.exists(self.apache_vhost_file):
-            check_enabled = subprocess.call(
-                ['a2query', '-s', 'openstack_https_frontend'])
-            if check_enabled != 0:
-                subprocess.check_call(['a2ensite', 'openstack_https_frontend'])
-                ch_host.service_reload('apache2', restart_on_failure=True)
+        if not os.path.exists(self.apache_vhost_file):
+            open(self.apache_vhost_file, 'a').close()
+
+        check_enabled = subprocess.call(
+            ['a2query', '-s', 'openstack_https_frontend'])
+        if check_enabled:
+            subprocess.check_call(['a2ensite', 'openstack_https_frontend'])
+            ch_host.service_reload('apache2', restart_on_failure=True)
 
     def configure_apache(self):
         if self.apache_enabled():
@@ -338,7 +340,8 @@ class HAOpenStackCharm(OpenStackAPICharm):
         """Determine if apache is being used
 
         @return True if apache is being used"""
-        return self.get_state('ssl.enabled')
+        return (self.get_state('ssl.enabled') or
+                self.get_state('ssl.requested'))
 
     def haproxy_enabled(self):
         """Determine if haproxy is fronting the services
@@ -528,10 +531,12 @@ class HAOpenStackCharm(OpenStackAPICharm):
             if ssl_objects:
                 if changed:
                     for ssl in ssl_objects:
+                        self.set_state('ssl.requested', True)
                         self.configure_cert(
                             ssl['cert'], ssl['key'], cn=ssl['cn'])
                         self.configure_ca(ssl['ca'])
                     self.configure_apache()
+                    self.remove_state('ssl.requested')
                 self.set_state('ssl.enabled', True)
             else:
                 self.set_state('ssl.enabled', False)

unit_tests/charms_openstack/charm/test_classes.py

@@ -657,6 +657,13 @@ class TestHAOpenStackCharm(BaseOpenStackCharmTest):
         self.patch_object(chm.reactive.bus, 'set_state')
         self.patch_object(chm.reactive.RelationBase, 'from_state',
                           return_value=None)
+        self.patch_object(chm_core.charmhelpers.fetch,
+                          'filter_installed_packages',
+                          name='fip',
+                          return_value=['apache2'])
+        self.patch_object(chm_core.charmhelpers.fetch,
+                          'apt_install',
+                          name='apt_install')
         self.target.configure_ssl()
         cert_calls = [
             mock.call('cert1', 'key1', cn='cn1'),
@@ -664,10 +671,13 @@ class TestHAOpenStackCharm(BaseOpenStackCharmTest):
         ca_calls = [
             mock.call('ca1'),
             mock.call('ca2')]
+        set_state_calls = [
+            mock.call('ssl.requested', True),
+            mock.call('ssl.enabled', True)]
         self.configure_cert.assert_has_calls(cert_calls)
         self.configure_ca.assert_has_calls(ca_calls)
         self.configure_apache.assert_called_once_with()
-        self.set_state.assert_called_once_with('ssl.enabled', True)
+        self.set_state.assert_has_calls(set_state_calls)
 
     def test_configure_ssl_off(self):
         self.patch_target('get_certs_and_keys', return_value=[])