Don't use unittests

zaza/charm_tests/vault/setup.py

@@ -14,12 +14,16 @@
 
 """Run configuration phase."""
 
-import unittest
+import requests
+import tempfile
+
+import zaza.charm_lifecycle.utils as lifecycle_utils
 import zaza.charm_tests.vault.utils as vault_utils
-import zaza.charm_tests.vault.tests as vault_tests
+import zaza.model
+import zaza.utilities.cert
 
 
-def basic_setup(cacert=None):
+def basic_setup(cacert=None, unseal_and_authorize=False):
     """Run basic setup for vault tests.
 
     :param cacert: Path to CA cert used for vaults api cert.
@@ -40,12 +44,58 @@ def basic_setup(cacert=None):
         vault_creds = vault_utils.init_vault(unseal_client)
         vault_utils.store_credentails(vault_creds)
 
+    if unseal_and_authorize:
+        vault_utils.unseal_all(clients, vault_creds['keys'][0])
+        vault_utils.auth_all(clients, vault_creds['root_token'])
+        action = vault_utils.run_charm_authorize(
+            vault_creds['root_token'])
 
-def auto_inititialize():
+
+def auto_inititialize(cacert=None):
     """Auto initialize vault for testing.
 
-    In a stack that includes and relies on certificate in vault initialize
+    Generating a csr and uploading a signed certificate.
+    In a stack that includes and relies on certificates in vault initialize
     vault by unsealing and creating a certificate authority.
     """
-    suite = unittest.TestLoader().loadTestsFromTestCase(vault_tests.VaultTest)
-    unittest.TextTestRunner(verbosity=2).run(suite)
+
+    basic_setup(cacert=cacert, unseal_and_authorize=True)
+    
+    action = vault_utils.run_get_csr()
+    intermediate_csr = action.data['results']['output']
+    (cakey, cacert) = zaza.utilities.cert.generate_cert(
+        'DivineAuthority',
+        generate_ca=True)
+    intermediate_cert = zaza.utilities.cert.sign_csr(
+        intermediate_csr,
+        cakey.decode(),
+        cacert.decode(),
+        generate_ca=True)
+    action = vault_utils.run_upload_signed_csr(
+        pem=intermediate_cert,
+        root_ca=cacert,
+        allowed_domains='openstack.local')
+    
+    validate_ca(cacert)
+
+
+def validate_ca(cacert, application="keystone", port=5000):
+
+    vault_creds = vault_utils.get_credentails()
+    test_config = lifecycle_utils.get_charm_config()
+
+    zaza.model.block_until_file_has_contents(
+        application,
+        '/usr/local/share/ca-certificates/keystone_juju_ca_cert.crt',
+        cacert.decode().strip())
+    zaza.model.wait_for_application_states(
+        states=test_config.get('target_deploy_status', {}))
+    vip = zaza.model.get_application_config(application).get("vip").get("value")
+    if vip:
+        ip = vip
+    else:
+        ip = zaza.model.get_app_ips(application)[0]
+    with tempfile.NamedTemporaryFile(mode='w') as fp:
+        fp.write(cacert.decode())
+        fp.flush()
+        requests.get('https://{}:{}'.format(ip, str(port)), verify=fp.name)