def test_prepare_vault_unsealed(self, service_running, log, get_vault_health, initialize_vault, unseal_vault, is_leader, setup_charm_vault_access, leader_set): is_leader.return_value = False service_running.return_value = True get_vault_health.return_value = {'initialized': True, 'sealed': False} vault.prepare_vault() self.assertFalse(initialize_vault.called) self.assertFalse(unseal_vault.called) leader_set.assert_not_called()
def test_prepare_vault_non_leader(self, service_running, log, get_vault_health, initialize_vault, unseal_vault, is_leader, leader_set, leader_get): leader_get.return_value = "[]" is_leader.return_value = False service_running.return_value = True get_vault_health.return_value = {'initialized': False, 'sealed': True} vault.prepare_vault() self.assertFalse(initialize_vault.called) unseal_vault.assert_called_once_with()
def snap_refresh(): channel = config('channel') or 'stable' if validate_snap_channel(channel): clear_flag('snap.channel.invalid') snap.refresh('vault', channel=channel) if vault.can_restart(): log("Restarting vault", level=DEBUG) service_restart('vault') if config('totally-unsecure-auto-unlock'): vault.prepare_vault() else: set_flag('snap.channel.invalid')
def test_prepare_vault(self, service_running, log, get_vault_health, initialize_vault, unseal_vault, is_leader, setup_charm_vault_access, leader_set, leader_get): is_leader.return_value = True leader_get.return_value = "[]" service_running.return_value = True get_vault_health.return_value = {'initialized': False, 'sealed': True} vault.prepare_vault() initialize_vault.assert_called_once_with() setup_charm_vault_access.assert_called_once_with() unseal_vault.assert_called_once_with() setup_charm_vault_access.assert_called_once_with() leader_set.assert_called_once_with( {vault.CHARM_ACCESS_ROLE_ID: mock.ANY})
def start_vault(): # start or restart vault vault.opportunistic_restart() @tenacity.retry(wait=tenacity.wait_exponential(multiplier=1, max=10), stop=tenacity.stop_after_attempt(10), retry=tenacity.retry_if_result(lambda b: not b)) def _check_vault_running(): return service_running('vault') if _check_vault_running(): set_flag('started') clear_flag('failed.to.start') if config('totally-unsecure-auto-unlock'): vault.prepare_vault() else: set_flag('failed.to.start')
def file_change_auto_unlock_mode(): log("Calling opportunistic_restart", level=DEBUG) vault.opportunistic_restart() if config('totally-unsecure-auto-unlock'): vault.prepare_vault()
def test_prepare_vault_svc_down(self, service_running, log, initialize_vault, unseal_vault): service_running.return_value = False vault.prepare_vault() self.assertFalse(initialize_vault.called) self.assertFalse(unseal_vault.called)