Check Apache ssl dir when determining restart map

If the certificates that Apache is using change then services needs to be restarted. This change adds the SSL directory to the restart map to ensure any certificate changes trigger a restart. Change-Id: Idbdceb5acd80c06a2bde02f9df88a9d9fd2404fb Closes-Bug: 1828530
2019-05-10 12:48:01 +00:00 · 2019-05-10 12:48:01 +00:00 · c9f44a7cec
commit c9f44a7cec
parent 83b304ba18
2 changed files with 34 additions and 2 deletions
--- a/hooks/glance_utils.py
+++ b/hooks/glance_utils.py
@ -124,6 +124,8 @@ HAPROXY_CONF = "/etc/haproxy/haproxy.cfg"
 HTTPS_APACHE_CONF = "/etc/apache2/sites-available/openstack_https_frontend"
 HTTPS_APACHE_24_CONF = "/etc/apache2/sites-available/" \
    "openstack_https_frontend.conf"
+APACHE_SSL_DIR = '/etc/apache2/ssl/glance'
+
 MEMCACHED_CONF = '/etc/memcached.conf'

 TEMPLATES = 'templates/'
@ -366,9 +368,14 @@ def restart_map():
        _map.append((MEMCACHED_CONF, ['memcached']))

    if cmp_release >= 'stein':
-        _map.append((GLANCE_POLICY_FILE, ['glance-api']))
+        glance_svcs = ['glance-api']
    else:
-        _map.append((GLANCE_POLICY_FILE, ['glance-api', 'glance-registry']))
+        glance_svcs = ['glance-api', 'glance-registry']
+
+    _map.append((GLANCE_POLICY_FILE, glance_svcs))
+
+    if os.path.isdir(APACHE_SSL_DIR):
+        _map.append(('{}/*'.format(APACHE_SSL_DIR), glance_svcs + ['apache2']))

    return OrderedDict(_map)

--- a/unit_tests/test_glance_utils.py
+++ b/unit_tests/test_glance_utils.py
@ -183,6 +183,31 @@ class TestGlanceUtils(CharmTestCase):
        del ex_map[utils.MEMCACHED_CONF]
        self.assertEqual(ex_map, utils.restart_map())

+    @patch.object(utils.os.path, 'isdir')
+    def test_restart_map_stein_ssl(self, isdir):
+        isdir.return_value = True
+        self.enable_memcache.return_value = True
+        self.config.side_effect = None
+        self.service_name.return_value = 'glance'
+        self.os_release.return_value = 'stein'
+
+        ex_map = OrderedDict([
+            (utils.GLANCE_API_CONF, ['glance-api']),
+            (utils.GLANCE_SWIFT_CONF, ['glance-api']),
+            (utils.ceph_config_file(), ['glance-api']),
+            (utils.HAPROXY_CONF, ['haproxy']),
+            (utils.HTTPS_APACHE_CONF, ['apache2']),
+            (utils.HTTPS_APACHE_24_CONF, ['apache2']),
+            (utils.MEMCACHED_CONF, ['memcached']),
+            (utils.GLANCE_POLICY_FILE, ['glance-api']),
+            ('{}/*'.format(utils.APACHE_SSL_DIR),
+             ['glance-api', 'apache2']),
+        ])
+        self.assertEqual(ex_map, utils.restart_map())
+        self.enable_memcache.return_value = False
+        del ex_map[utils.MEMCACHED_CONF]
+        self.assertEqual(ex_map, utils.restart_map())
+
    @patch.object(utils, 'token_cache_pkgs')
    def test_determine_packages(self, token_cache_pkgs):
        self.config.side_effect = None