diff --git a/api-ref/source/api-ref-sysinv-v1-config.rst b/api-ref/source/api-ref-sysinv-v1-config.rst index fbc5e0ae35..e17b11015a 100644 --- a/api-ref/source/api-ref-sysinv-v1-config.rst +++ b/api-ref/source/api-ref-sysinv-v1-config.rst @@ -12054,14 +12054,7 @@ unauthorized (401), forbidden (403), badMethod (405), overLimit (413) :widths: 20, 20, 20, 60 "cert_id", "plain", "xsd:string", "Certificate identifier composed by a combination of -" - "error", "plain", "xsd:string", "The error message in case something wrong happen on the API execution" - -:: - - { - "cert_id": "d70efa2daaee06f8-314121337707572303468615715651317888841", - "error": "" - } + "error", "plain", "xsd:string", "The error message in the event of execution failure" This operation does not accept a request body. @@ -12086,16 +12079,17 @@ forbidden (403), badMethod (405), overLimit (413) :header: "Parameter", "Style", "Type", "Description" :widths: 20, 20, 20, 60 - "success", "plain", "xsd:string", "Certificate identifier composed by a combination of -" - "error", "plain", "xsd:string", "The error message in case something wrong happen on the API execution" + "cert_id", "plain", "xsd:string", "Certificate identifier composed by a combination of -" + "error", "plain", "xsd:string", "The error message in the event of execution failure" :: { - "success": "d70efa2daaee06f8-314121337707572303468615715651317888841", + "cert_id": "d70efa2daaee06f8-314121337707572303468615715651317888841", "error": "" } + This operation does not accept a request body. ****************************** diff --git a/sysinv/cgts-client/cgts-client/cgtsclient/v1/kube_rootca_update.py b/sysinv/cgts-client/cgts-client/cgtsclient/v1/kube_rootca_update.py index dd19d89685..8b228634c9 100644 --- a/sysinv/cgts-client/cgts-client/cgtsclient/v1/kube_rootca_update.py +++ b/sysinv/cgts-client/cgts-client/cgtsclient/v1/kube_rootca_update.py @@ -50,7 +50,9 @@ class KubeRootCAUpdateManager(base.Manager): try: return self._list(self._path('get_cert_id'))[0] except IndexError: - return [] + msg = ("Failed to find the current Kubernetes root CA certificate " + "from file system") + return dict(cert_id="", error=msg) def rootCA_upload(self, pem_content): """Retrieve the details of a given kubernetes rootca update. diff --git a/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/kube_rootca_update.py b/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/kube_rootca_update.py index 422ecc1bff..664b5906a6 100644 --- a/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/kube_rootca_update.py +++ b/sysinv/sysinv/sysinv/sysinv/api/controllers/v1/kube_rootca_update.py @@ -387,8 +387,9 @@ class KubeRootCACetCertIDController(rest.RestController): context=pecan.request.context) return dict(cert_id=rootca_cert, error="") except Exception as e: - msg = ("Failed to get the current kubernetes root CA certificate ID " - f"by error: {e.message}.") + msg = ("Failed to find the current Kubernetes root CA certificate " + "from file system") + LOG.exception(e) return dict(cert_id="", error=msg) diff --git a/sysinv/sysinv/sysinv/sysinv/common/utils.py b/sysinv/sysinv/sysinv/sysinv/common/utils.py index 061d37a19d..37316fb77c 100644 --- a/sysinv/sysinv/sysinv/sysinv/common/utils.py +++ b/sysinv/sysinv/sysinv/sysinv/common/utils.py @@ -2747,8 +2747,8 @@ def get_cert_issuer_string_hash(cert): hashed_attributes = \ hashlib.md5(issuer_attributes.encode()).hexdigest()[:16] - LOG.info("hashed issuer attributes %s from certificate " - % hashed_attributes) + LOG.debug("hashed issuer attributes %s from certificate " + % hashed_attributes) except Exception: LOG.exception() raise exception.SysinvException(_( @@ -2886,7 +2886,6 @@ def build_cert_identifier(cert): hash_subject = get_cert_issuer_string_hash(cert) serial_number = get_cert_serial(cert) cert_id = '%s-%s' % (hash_subject, serial_number) - LOG.info("%s is the identifier for the new root CA certificate" % cert_id) return cert_id diff --git a/sysinv/sysinv/sysinv/sysinv/conductor/manager.py b/sysinv/sysinv/sysinv/sysinv/conductor/manager.py index ec815d86f1..7344eae7f8 100644 --- a/sysinv/sysinv/sysinv/sysinv/conductor/manager.py +++ b/sysinv/sysinv/sysinv/sysinv/conductor/manager.py @@ -17086,6 +17086,8 @@ class ConductorManager(service.PeriodicService): LOG.error(msg) return dict(success="", error=msg) + LOG.info(f"{new_cert_id} is the identifier for the new root CA " + "certificate") return dict(success=new_cert_id, error="") def save_kubernetes_rootca_cert(self, context, ca_file): @@ -17303,15 +17305,17 @@ class ConductorManager(service.PeriodicService): # extract information regarding the new rootca try: - new_cert = cutils.build_cert_identifier(certs[0]) + new_cert_id = cutils.build_cert_identifier(certs[0]) except Exception: msg = "Failed to extract issuer and serial number from new root CA" LOG.error(msg) return dict(success="", error=msg) + LOG.info(f"{new_cert_id} is the identifier for the new root CA " + "certificate") # update db update_obj = {'state': kubernetes.KUBE_ROOTCA_UPDATE_CERT_GENERATED, - 'to_rootca_cert': new_cert} + 'to_rootca_cert': new_cert_id} r = self.dbapi.kube_rootca_update_update(update.id, update_obj) return dict(success=r.to_rootca_cert, error="")