From 79d70e4f8d9ee3710e221504b532a34be97659dc Mon Sep 17 00:00:00 2001
From: Edin Sarajlic <edin.sarajlic@canonical.com>
Date: Thu, 19 Sep 2019 15:12:00 +1000
Subject: [PATCH] Add a function for enabling SSL on Rmq units

---
 .../charm_tests/rabbitmq_server/utils.py      | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/zaza/openstack/charm_tests/rabbitmq_server/utils.py b/zaza/openstack/charm_tests/rabbitmq_server/utils.py
index 99545e1..2c945e7 100644
--- a/zaza/openstack/charm_tests/rabbitmq_server/utils.py
+++ b/zaza/openstack/charm_tests/rabbitmq_server/utils.py
@@ -14,6 +14,7 @@
 
 import json
 import logging
+import time
 
 import pika
 import zaza.model
@@ -186,6 +187,43 @@ def validate_ssl_disabled_units(units):
     return None
 
 
+def configure_ssl_on(units, model_name=None,
+                     port=None, max_wait=60):
+    """Turn ssl charm config option on, with optional non-default
+    ssl port specification.  Confirm that it is enabled on every
+    unit.
+    :param units: list of units
+    :param port: amqp port, use defaults if None
+    :param max_wait: maximum time to wait in seconds to confirm
+    :returns: None if successful.  Raise on error.
+    """
+    logging.debug('Setting ssl charm config option:  on')
+
+    # Enable RMQ SSL
+    config = {'ssl': 'on'}
+    if port:
+        config['ssl_port'] = str(port)
+
+    zaza.model.set_application_config('rabbitmq-server',
+                                      config,
+                                      model_name=model_name)
+
+    # Wait for unit status
+    wait_for_cluster(model_name)
+
+    # Confirm
+    tries = 0
+    ret = validate_ssl_enabled_units(units, port=port)
+    while ret and tries < (max_wait / 4):
+        time.sleep(4)
+        logging.debug('Attempt {}: {}'.format(tries, ret))
+        ret = validate_ssl_enabled_units(units, port=port)
+        tries += 1
+
+    if ret:
+        raise Exception(ret)
+
+
 def is_ssl_enabled_on_unit(unit, port=None):
     """Check a single juju rmq unit for ssl and port in the config file."""
     host = unit.public_address