fix: Checks if certificate is already requested (#47)

canonical · Nov 15, 2023 · 0386203 · 0386203
1 parent 53d0e6d
commit 0386203
Show file tree

Hide file tree

Showing 2 changed files with 26 additions and 3 deletions.
diff --git a/src/charm.py b/src/charm.py
@@ -242,6 +242,9 @@ def _on_certificates_relation_joined(self, event: EventBase) -> None:
         if not self._private_key_is_stored():
             event.defer()
             return
+        if self._certificate_is_stored():
+            return
+
         self._request_new_certificate()
 
     def _on_certificate_available(self, event: CertificateAvailableEvent) -> None:

diff --git a/tests/unit/test_charm.py b/tests/unit/test_charm.py
@@ -847,7 +847,7 @@ def test_given_private_key_exists_when_on_certificates_relation_joined_then_csr_
         csr = b"whatever csr content"
         patch_generate_csr.return_value = csr
         patch_pull.return_value = StringIO("private key content")
-        patch_exists.return_value = True
+        patch_exists.side_effect = [True, False]
         self.harness.set_can_connect(container="amf", val=True)
 
         self.harness.charm._on_certificates_relation_joined(event=Mock)
@@ -861,7 +861,7 @@ def test_given_private_key_exists_when_on_certificates_relation_joined_then_csr_
     @patch("charm.generate_csr")
     @patch("ops.model.Container.pull")
     @patch("ops.model.Container.exists")
-    def test_given_private_key_exists_when_on_certificates_relation_joined_then_cert_is_requested(
+    def test_given_private_key_exists_and_cert_not_yet_requested_when_on_certificates_relation_joined_then_cert_is_requested(  # noqa: E501
         self,
         patch_exists,
         patch_pull,
@@ -871,13 +871,33 @@ def test_given_private_key_exists_when_on_certificates_relation_joined_then_cert
         csr = b"whatever csr content"
         patch_generate_csr.return_value = csr
         patch_pull.return_value = StringIO("private key content")
-        patch_exists.return_value = True
+        patch_exists.side_effect = [True, False]
         self.harness.set_can_connect(container="amf", val=True)
 
         self.harness.charm._on_certificates_relation_joined(event=Mock)
 
         patch_request_certificate_creation.assert_called_with(certificate_signing_request=csr)
 
+    @patch(
+        "charms.tls_certificates_interface.v2.tls_certificates.TLSCertificatesRequiresV2.request_certificate_creation",  # noqa: E501
+    )
+    @patch("ops.model.Container.push", new=Mock)
+    @patch("ops.model.Container.pull")
+    @patch("ops.model.Container.exists")
+    def test_given_cert_already_stored_when_on_certificates_relation_joined_then_cert_is_not_requested(  # noqa: E501
+        self,
+        patch_exists,
+        patch_pull,
+        patch_request_certificate_creation,
+    ):
+        patch_pull.return_value = StringIO("private key content")
+        patch_exists.return_value = True
+        self.harness.set_can_connect(container="amf", val=True)
+
+        self.harness.charm._on_certificates_relation_joined(event=Mock)
+
+        patch_request_certificate_creation.assert_not_called
+
     @patch("ops.model.Container.pull")
     @patch("ops.model.Container.exists")
     @patch("ops.model.Container.push")