chore: update new api response

.github/workflows/build.yaml

@@ -17,7 +17,7 @@ jobs:
       - name: Setup LXD
         uses: canonical/setup-lxd@main
         with:
-            channel: 5.20/stable
+            channel: 5.21/stable
 
       - name: Install charmcraft
         run: sudo snap install charmcraft --classic

.github/workflows/integration-test.yaml

@@ -32,7 +32,7 @@ jobs:
           provider: microk8s
           channel: 1.29-strict/stable
           juju-channel: 3.4/stable
-          lxd-channel: 5.20/stable
+          lxd-channel: 5.21/stable
 
       - name: Enable Metallb
         run: /usr/bin/sg snap_microk8s -c "sudo microk8s enable metallb:10.0.0.2-10.0.0.10"

src/charm.py

@@ -271,8 +271,9 @@ def _configure_certificate_requirers(self):
                 if str(csr.certificate_signing_request) == request_notary_entry.csr
             ]
             if (
-                request_notary_entry.certificate_chain == "rejected"
-                or request_notary_entry.certificate_chain == ""
+                request_notary_entry.status == "Rejected"
+                or request_notary_entry.status == "Revoked"
+                or request_notary_entry.status == "Outstanding"
             ):
                 if len(certificates_provided_for_csr) > 0:
                     last_provided_certificate = certificates_provided_for_csr[0]

src/notary.py

@@ -104,7 +104,8 @@ class CertificateRequest:
 
     id: int
     csr: str
-    certificate_chain: list[str] | Literal["", "rejected"]
+    certificate_chain: list[str]
+    status: Literal["Outstanding", "Rejected", "Revoked", "Active"]
 
 
 class Notary:
@@ -232,7 +233,8 @@ def list_certificate_requests(self, token: str) -> List[CertificateRequest]:
                 CertificateRequest(
                     id=cert.get("id"),
                     csr=cert.get("csr"),
-                    certificate_chain=serialize(cert.get("certificate")),
+                    certificate_chain=serialize(cert.get("certificate_chain")),
+                    status=cert.get("status"),
                 )
                 for cert in response.result
             ]
@@ -281,16 +283,14 @@ def create_certificate_from_csr(
         return None
 
 
-def serialize(pem_string: str) -> list[str] | Literal["", "rejected"]:
+def serialize(pem_string: str) -> list[str]:
     """Process the certificate entry coming from Notary.
 
     Returns:
         a list of pem strings, an empty string or a rejected string.
     """
-    if pem_string != "" and pem_string != "rejected":
-        return [
-            cert.strip() + "-----END CERTIFICATE-----"
-            for cert in pem_string.split("-----END CERTIFICATE-----")
-            if cert.strip()
-        ]
-    return pem_string
+    return [
+        cert.strip() + "-----END CERTIFICATE-----"
+        for cert in pem_string.split("-----END CERTIFICATE-----")
+        if cert.strip()
+    ]

tests/unit/test_charm.py

@@ -3227,7 +3227,9 @@ def test_given_tls_requirers_available_when_csrs_already_posted_then_duplicate_c
                     "is_initialized.return_value": True,
                     "token_is_valid.return_value": True,
                     "list_certificate_requests.return_value": [
-                        CertificateRequestEntry(id=1, csr=str(csr), certificate_chain="")
+                        CertificateRequestEntry(
+                            id=1, csr=str(csr), certificate_chain=[], status="Outstanding"
+                        )
                     ],
                     "post_csr": post_call,
                     "get_version.return_value": None,
@@ -3299,7 +3301,10 @@ def test_given_tls_requirers_available_when_certificate_available_then_certs_pro
                     "token_is_valid.return_value": True,
                     "list_certificate_requests.return_value": [
                         CertificateRequestEntry(
-                            id=1, csr=str(csr), certificate_chain=[str(cert), str(ca)]
+                            id=1,
+                            csr=str(csr),
+                            certificate_chain=[str(cert), str(ca)],
+                            status="Active",
                         )
                     ],
                     "get_version.return_value": None,
@@ -3385,7 +3390,10 @@ def test_given_tls_requirers_when_invalid_certificate_available_when_configure_t
                     "token_is_valid.return_value": True,
                     "list_certificate_requests.return_value": [
                         CertificateRequestEntry(
-                            id=1, csr=str(csr), certificate_chain=[str(new_cert), str(ca)]
+                            id=1,
+                            csr=str(csr),
+                            certificate_chain=[str(new_cert), str(ca)],
+                            status="Active",
                         )
                     ],
                     "get_version.return_value": None,
@@ -3469,7 +3477,9 @@ def test_given_certificate_rejected_in_notary_when_configure_then_certificate_re
                     "is_initialized.return_value": True,
                     "token_is_valid.return_value": True,
                     "list_certificate_requests.return_value": [
-                        CertificateRequestEntry(id=1, csr=str(csr), certificate_chain="rejected")
+                        CertificateRequestEntry(
+                            id=1, csr=str(csr), certificate_chain=[], status="Rejected"
+                        )
                     ],
                     "get_version.return_value": None,
                 },