Configure TLS on config-changed events

Ensure that TLS is potentially reconfigured in the event of a
config-changed hook execution - ssl_* configuration options may
have been changed so certs, keys and CA files on disk will need
to be updated.

Change-Id: I00d2eb16714785b15e13b196ea12716dc8a5b527
Related-Bug: 1865842
Co-Authored-By: James Page <james.page@ubuntu.com>

charms_openstack/charm/classes.py

@@ -428,6 +428,10 @@ def config_defined_ssl_cert(self):
     def config_defined_ssl_ca(self):
         return self._get_b64decode_for('ssl_ca')
 
+    def config_changed(self):
+        tls = reactive.endpoint_from_flag('certificates.available')
+        self.configure_tls(certificates_interface=tls)
+
     def configure_ssl(self, keystone_interface=None):
         """DEPRECATED Configure SSL certificates and keys.
 

unit_tests/charms_openstack/charm/test_classes.py

@@ -510,6 +510,22 @@ def test_configure_rabbit_cert(self):
                 'w')
             mock_file.write.assert_called_with('rabbit_cert')
 
+    def test_config_changed(self):
+        self.patch_target('configure_tls')
+        self.target.config_changed()
+        self.configure_tls.assert_called_once_with(certificates_interface=None)
+
+        self.configure_tls.reset_mock()
+        ep_mock = mock.MagicMock()
+        self.patch_object(
+            chm.reactive,
+            'endpoint_from_flag',
+            return_value=ep_mock)
+        self.patch_target('configure_tls')
+        self.target.config_changed()
+        self.target.configure_tls.assert_called_once_with(
+            certificates_interface=ep_mock)
+
     def test_configure_tls(self):
         tls_objs = [
             {