vault: Allow consecutive invocations of auto_initialize

The vault charm will expect the ``force`` parameter to be set to
'true' on consecutive runs of the ``get-csr`` or
``regenerate-intermediate-ca`` actions.

zaza/openstack/charm_tests/vault/setup.py

@@ -162,6 +162,10 @@ def auto_initialize(cacert=None, validation_application='keystone', wait=True,
     basic_setup(cacert=cacert, unseal_and_authorize=True)
 
     action = vault_utils.run_get_csr()
+    if 'output' not in action.data['results']:
+        logging.warning("Running 'get-csr' action with force, "
+                        "vault already initialized?")
+        action = vault_utils.run_get_csr(force=True)
     intermediate_csr = action.data['results']['output']
     (cakey, cacertificate) = zaza.openstack.utilities.cert.generate_cert(
         'DivineAuthority',

zaza/openstack/charm_tests/vault/utils.py

@@ -474,18 +474,23 @@ def run_charm_authorize(token):
         action_params={'token': token})
 
 
-def run_get_csr():
+def run_get_csr(force=None):
     """Retrieve CSR from vault.
 
     Run vault charm action to retrieve CSR from vault.
 
+    :param force: Force regeneration of intermediate ca.
+    :type force: Optional[bool]
     :returns: Action object
     :rtype: juju.action.Action
     """
+    action_params = {}
+    if force is not None:
+        action_params.update({'force': force})
     return zaza.model.run_action_on_leader(
         'vault',
         'get-csr',
-        action_params={})
+        action_params=action_params)
 
 
 def run_upload_signed_csr(pem, root_ca, allowed_domains):