Debian: fix system registry image commands

On Debian system regirstry image commands such as
system registry-image-list fails with traceback in sysinv log.

The root cause is that the command is looking for system trusted
CA bundle in a hardcoded path "/etc/ssl/certs/ca-bundle.crt".
But on Debian the CA bundle is /etc/ssl/certs/ca-certificates.crt

Fixed this by adding a generic function to find the CA bundle in
a list that have the CA bundle path for Debian, CentOS, Suse and
FreeBSD/OpenBSD.

Test Plan for Debian and CentOS:
PASS: package build, image build
PASS: system bootstrap, controller unlock
PASS: system registry-image-list succeed without error

Closes-Bug: 1978320
Signed-off-by: Andy Ning <andy.ning@windriver.com>
Change-Id: I9fbf19ea6a78c1e4d93855815f239eb29b6f7551

sysinv/sysinv/sysinv/sysinv/common/utils.py

@@ -3666,3 +3666,17 @@ def replace_helmrepo_url_with_floating_address(dbapi, helmrepository_url):
         get_http_port(dbapi),
         parsed_helm_repo_url.path
     )
+
+
+def get_system_ca_file():
+    """Return path to system default CA file."""
+    # Standard CA file locations for Debian/Ubuntu, RedHat/Fedora,
+    # Suse, FreeBSD/OpenBSD
+    ca_path = ['/etc/ssl/certs/ca-certificates.crt',
+               '/etc/pki/tls/certs/ca-bundle.crt',
+               '/etc/ssl/ca-bundle.pem',
+               '/etc/ssl/cert.pem']
+    for ca in ca_path:
+        if os.path.exists(ca):
+            return ca
+    return None

sysinv/sysinv/sysinv/sysinv/conductor/docker_registry.py

@@ -10,9 +10,10 @@ import requests
 from oslo_serialization import base64
 from sysinv.common import constants
 from sysinv.common import exception
+from sysinv.common import utils as cutils
 
 DOCKER_CERT_PATH = '/etc/ssl/private/registry-cert.crt'
-SYSTEM_CERT_PATH = '/etc/ssl/certs/ca-bundle.crt'
+SYSTEM_CERT_PATH = cutils.get_system_ca_file()
 KEYRING_SERVICE = 'CGCS'
 REGISTRY_USERNAME = 'admin'
 REGISTRY_BASEURL = 'https://%s/v2/' % constants.DOCKER_REGISTRY_SERVER