refactor: Remove event-specific PKI hooks, call _configure (#433)

canonical · Jul 19, 2024 · bb403df · bb403df
1 parent 569f22e
commit bb403df
Show file tree

Hide file tree

Showing 2 changed files with 116 additions and 190 deletions.
diff --git a/src/charm.py b/src/charm.py
@@ -21,8 +21,6 @@
 from charms.loki_k8s.v1.loki_push_api import LogForwarder
 from charms.prometheus_k8s.v0.prometheus_scrape import MetricsEndpointProvider
 from charms.tls_certificates_interface.v3.tls_certificates import (
-    CertificateAvailableEvent,
-    CertificateCreationRequestEvent,
     TLSCertificatesProvidesV3,
     TLSCertificatesRequiresV3,
 )
@@ -53,7 +51,6 @@
     CollectStatusEvent,
     ConfigChangedEvent,
     InstallEvent,
-    RelationJoinedEvent,
     RemoveEvent,
 )
 from ops.main import main
@@ -165,13 +162,24 @@ def __init__(self, *args):
             scheme=lambda: "https",
         )
         self.s3_requirer = S3Requirer(self, S3_RELATION_NAME)
+
+        configure_events = [
+            self.on.update_status,
+            self.on.vault_pebble_ready,
+            self.on.config_changed,
+            self.on[PEER_RELATION_NAME].relation_created,
+            self.on[PEER_RELATION_NAME].relation_changed,
+            self.on.tls_certificates_pki_relation_joined,
+            self.tls_certificates_pki.on.certificate_available,
+            self.vault_pki.on.certificate_creation_request,
+            self.vault_autounseal_requires.on.vault_autounseal_details_ready,
+            self.vault_autounseal_provides.on.vault_autounseal_requirer_relation_created,
+            self.vault_autounseal_requires.on.vault_autounseal_provider_relation_broken,
+        ]
+        for event in configure_events:
+            self.framework.observe(event, self._configure)
         self.framework.observe(self.on.install, self._on_install)
         self.framework.observe(self.on.collect_unit_status, self._on_collect_status)
-        self.framework.observe(self.on.update_status, self._configure)
-        self.framework.observe(self.on.vault_pebble_ready, self._configure)
-        self.framework.observe(self.on.config_changed, self._configure)
-        self.framework.observe(self.on[PEER_RELATION_NAME].relation_created, self._configure)
-        self.framework.observe(self.on[PEER_RELATION_NAME].relation_changed, self._configure)
         self.framework.observe(self.on.remove, self._on_remove)
         self.framework.observe(self.on.authorize_charm_action, self._on_authorize_charm_action)
         self.framework.observe(self.on.create_backup_action, self._on_create_backup_action)
@@ -180,34 +188,10 @@ def __init__(self, *args):
         self.framework.observe(
             self.vault_kv.on.new_vault_kv_client_attached, self._on_new_vault_kv_client_attached
         )
-        self.framework.observe(
-            self.on.tls_certificates_pki_relation_joined,
-            self._on_tls_certificates_pki_relation_joined,
-        )
-        self.framework.observe(
-            self.tls_certificates_pki.on.certificate_available,
-            self._on_tls_certificate_pki_certificate_available,
-        )
-        self.framework.observe(
-            self.vault_pki.on.certificate_creation_request,
-            self._on_vault_pki_certificate_creation_request,
-        )
-        self.framework.observe(
-            self.vault_autounseal_requires.on.vault_autounseal_details_ready,
-            self._configure,
-        )
-        self.framework.observe(
-            self.vault_autounseal_provides.on.vault_autounseal_requirer_relation_created,
-            self._configure,
-        )
         self.framework.observe(
             self.vault_autounseal_provides.on.vault_autounseal_requirer_relation_broken,
             self._on_vault_autounseal_requirer_relation_broken,
         )
-        self.framework.observe(
-            self.vault_autounseal_requires.on.vault_autounseal_provider_relation_broken,
-            self._configure,
-        )
 
     def _on_vault_autounseal_requirer_relation_broken(
         self, event: VaultAutounsealRequirerRelationBroken
@@ -485,10 +469,6 @@ def _on_new_vault_kv_client_attached(self, event: NewVaultKvClientAttachedEvent)
             nonce=event.nonce,
         )
 
-    def _on_tls_certificates_pki_relation_joined(self, _: RelationJoinedEvent) -> None:
-        """Handle the tls-certificates-pki relation joined event."""
-        self._configure_pki_secrets_engine()
-
     def _configure_pki_secrets_engine(self) -> None:
         """Configure the PKI secrets engine."""
         if not self.unit.is_leader():
@@ -646,18 +626,6 @@ def _get_pki_ca_certificate(self) -> Optional[str]:
         logger.info("No certificate matches the PKI CSR in secrets")
         return None
 
-    def _on_tls_certificate_pki_certificate_available(self, event: CertificateAvailableEvent):
-        """Handle the tls-certificates-pki certificate available event."""
-        self._add_ca_certificate_to_pki_secrets_engine()
-
-    def _on_vault_pki_certificate_creation_request(
-        self, event: CertificateCreationRequestEvent
-    ) -> None:
-        """Handle the vault-pki certificate creation request event."""
-        self._generate_pki_certificate_for_requirer(
-            event.certificate_signing_request, event.relation_id
-        )
-
     def _generate_pki_certificate_for_requirer(self, csr: str, relation_id: int):
         """Generate a PKI certificate for a TLS requirer."""
         if not self.unit.is_leader():