def test_send_vault_url_and_ca_ha_not_ready(
self, mock_network_get_primary_address, mock_config,
mock_get_netmask_for_address):
_test_config = {
'vip': '10.5.100.1 10.6.100.1',
'ssl-ca': 'test-ca',
'hostname': None
}
mock_get_netmask_for_address.return_value = 16
self.config.side_effect = lambda key: _test_config.get(key)
mock_config.side_effect = lambda key: _test_config.get(key)
mock_secrets = mock.MagicMock()
def fake_network_get(binding=None):
if binding == 'external':
return '10.6.0.23'
return '10.5.0.23'
mock_network_get_primary_address.side_effect = fake_network_get
self.endpoint_from_flag.return_value = mock_secrets
# ha.available is not yet set
self.is_flag_set.return_value = False
handlers.send_vault_url_and_ca()
self.endpoint_from_flag.assert_called_with('secrets.connected')
self.is_flag_set.assert_called_with('ha.available')
mock_secrets.publish_url.assert_not_called()
mock_secrets.publish_ca.assert_not_called()
def test_send_vault_url_and_ca_ha(self, mock_network_get_primary_address,
mock_config,
mock_get_netmask_for_address):
_test_config = {
'vip': '10.5.100.1 10.6.100.1',
'ssl-ca': 'test-ca',
'hostname': None
}
mock_get_netmask_for_address.return_value = 16
self.config.side_effect = lambda key: _test_config.get(key)
mock_config.side_effect = lambda key: _test_config.get(key)
mock_secrets = mock.MagicMock()
def fake_network_get(binding=None):
if binding == 'external':
return '10.6.0.23'
return '10.5.0.23'
mock_network_get_primary_address.side_effect = fake_network_get
self.endpoint_from_flag.return_value = mock_secrets
self.is_flag_set.return_value = True
handlers.send_vault_url_and_ca()
self.endpoint_from_flag.assert_called_with('secrets.connected')
self.is_flag_set.assert_called_with('ha.available')
mock_secrets.publish_url.assert_has_calls([
call(vault_url='http://10.5.100.1:8200', remote_binding='access'),
call(vault_url='http://10.6.100.1:8200', remote_binding='external')
])
mock_secrets.publish_ca.assert_called_once_with(vault_ca='test-ca')
def send_vault_url_and_ca_ha(self, _vault):
_test_config = {
'vip': '10.5.100.1',
'ssl-ca': 'test-ca',
}
self.config.side_effect = lambda key: _test_config.get(key)
mock_secrets = mock.MagicMock()
self.endpoint_from_flag.return_value = mock_secrets
self.is_flag_set.return_value = True
_vault.get_api_url.return_value = 'http://10.5.100.1:8200'
handlers.send_vault_url_and_ca()
self.endpoint_from_flag.assert_called_with('secrets.connected')
self.is_flag_set.assert_called_with('ha.available')
_vault.get_api_url.assert_called_once_with(address='10.5.100.1')
mock_secrets.publish_url.assert_called_once_with(
vault_url='http://10.5.100.1:8200')
mock_secrets.publish_ca.assert_called_once_with(vault_ca='test-ca')
def test_send_vault_url_and_ca_hostname(self):
_test_config = {
'ssl-ca': 'test-ca',
'hostname': 'vault',
}
self.config.side_effect = lambda key: _test_config.get(key)
mock_secrets = mock.MagicMock()
self.endpoint_from_flag.return_value = mock_secrets
self.is_flag_set.return_value = True
handlers.send_vault_url_and_ca()
self.endpoint_from_flag.assert_called_with('secrets.connected')
self.is_flag_set.assert_called_with('ha.available')
mock_secrets.publish_url.assert_has_calls(
[call(vault_url='http://vault:8200', remote_binding='access')])
mock_secrets.publish_ca.assert_called_once_with(vault_ca='test-ca')
def test_send_vault_url_and_ca(self, mock_network_get_primary_address):
_test_config = {
'ssl-ca': 'test-ca',
}
self.config.side_effect = lambda key: _test_config.get(key)
mock_secrets = mock.MagicMock()
def fake_network_get(binding=None):
return '10.5.0.23'
mock_network_get_primary_address.side_effect = fake_network_get
self.endpoint_from_flag.return_value = mock_secrets
self.is_flag_set.return_value = False
handlers.send_vault_url_and_ca()
self.endpoint_from_flag.assert_called_with('secrets.connected')
self.is_flag_set.assert_called_with('ha.available')
mock_secrets.publish_url.assert_called_once_with(
vault_url='http://10.5.0.23:8200', remote_binding='access')
mock_secrets.publish_ca.assert_called_once_with(vault_ca='test-ca')
def test_loadbalancer(self):
self.is_flag_set.return_value = False
self.patch_object(handlers.vault, 'get_vip', return_value=None)
mock_secrets = self.endpoint_from_flag()
lb_provider = self.endpoint_from_name()
lb_provider.has_response = True
response = lb_provider.get_response()
response.success = False
handlers.send_vault_url_and_ca()
self.assertFalse(mock_secrets.publish_url.called)
response.error = None
response.address = 'loadbalancer'
handlers.send_vault_url_and_ca()
lb_provider.ack_response.assert_called_with(response)
mock_secrets.publish_url.assert_has_calls([
call(vault_url='http://loadbalancer:8200',
remote_binding='access'),
call(vault_url='http://loadbalancer:8200',
remote_binding='external'),
])
