def test_publish_global_client_cert_already_gend(self, vault_pki):
tls = self.endpoint_from_flag.return_value
self.is_flag_set.side_effect = [True, False]
self.unitdata.kv().get.return_value = {
'certificate': 'crt',
'private_key': 'key'
}
handlers.publish_global_client_cert()
assert not vault_pki.generate_certificate.called
assert not self.set_flag.called
self.unitdata.kv().get.assert_called_with('charm.vault.'
'global-client-cert')
tls.set_client_cert.assert_called_with('crt', 'key')
def test_publish_global_client_certe(self, vault_pki):
tls = self.endpoint_from_flag.return_value
self.is_flag_set.side_effect = [False, False]
bundle = {'certificate': 'crt', 'private_key': 'key'}
vault_pki.generate_certificate.return_value = bundle
handlers.publish_global_client_cert()
vault_pki.generate_certificate.assert_called_with(
'client', 'global-client', [])
self.unitdata.kv().set.assert_called_with(
'charm.vault.'
'global-client-cert', bundle)
self.set_flag.assert_called_with('charm.vault.'
'global-client-cert.created')
tls.set_client_cert.assert_called_with('crt', 'key')
def test_publish_global_client_cert_reissue(self, vault_pki):
self.config.return_value = {
'default-ttl': '3456h',
'max-ttl': '3456h',
}
tls = self.endpoint_from_flag.return_value
self.is_flag_set.side_effect = [True, True]
bundle = {'certificate': 'crt', 'private_key': 'key'}
vault_pki.generate_certificate.return_value = bundle
handlers.publish_global_client_cert()
vault_pki.generate_certificate.assert_called_with(
'client', 'global-client', [], '3456h', '3456h')
self.unitdata.kv().set.assert_called_with(
'charm.vault.'
'global-client-cert', bundle)
self.set_flag.assert_called_with('charm.vault.'
'global-client-cert.created')
tls.set_client_cert.assert_called_with('crt', 'key')