Comment 1 for bug 1916921

I made this proof of concept
https://review.opendev.org/c/openstack/charm-vault/+/778059
along with some functional tests, I am not yes 100% sure whether that is correct, so I haven't added yet test-func-pr tag
https://github.com/openstack-charmers/zaza-openstack-tests/compare/master...mastier:master
And the problem is I am not sure if I properly change charm config before running reload.

But there's more to it. It appears that Vault doesn't give damn about the changes in config on reload action with exception to changing tls certificates. That's VEEEERY strange. First I though that's allows only changes to listener but no...
Adding to that... if I change any of the options like enable_ui , disable_mlock I can see that when asking API endpoint for config

root@juju-902b45-12:~# curl -H 'X-Vault-Token: s.mNoS2KgRL01LbrlChiYpIO7N' http://127.0.0.1:8200/v1/sys/config/state/sanitized
...
    "enable_ui": true,
...
and here for instance the actual settings are changed, but when trying get the /ui url it gives 404. Only after proper restart and unsealing it start working
the vault version i 1.5.3, I scanned the changelog and haven't seen anything due to configuration reload , it is either bug or works by design