def tune_pki_backend(): """Ensure Vault PKI backend is correctly tuned """ ttl = config()['default-ttl'] max_ttl = config()['max-ttl'] vault_pki.tune_pki_backend(ttl=ttl, max_ttl=max_ttl) set_flag('pki.backend.tuned')
def test_tune_secret_backend(self, is_backend_mounted, get_local_client): is_backend_mounted.return_value = True mock_client = mock.MagicMock() get_local_client.return_value = mock_client vault_pki.tune_pki_backend(ttl='3456h') is_backend_mounted.assert_called_with(mock_client, vault_pki.CHARM_PKI_MP) mock_client.tune_secret_backend.assert_called_with( backend_type='pki', mount_point=vault_pki.CHARM_PKI_MP, max_lease_ttl='3456h')
def tune_pki_backend_config_changed(): if is_unit_paused_set(): log("The Vault unit is paused, passing on tunning pki backend.") return if not service_running('vault'): set_flag('failed.to.start') return client = vault.get_client(url=vault.VAULT_LOCALHOST_URL) if client.is_sealed(): log("Unable to tune pki backend, service sealed.") else: ttl = config()['default-ttl'] max_ttl = config()['max-ttl'] vault_pki.tune_pki_backend(ttl=ttl, max_ttl=max_ttl) vault_pki.update_roles(max_ttl=max_ttl)
def tune_pki_backend(): """Ensure Vault PKI backend is correctly tuned """ vault_pki.tune_pki_backend() set_flag('pki.backend.tuned')