Cert-alarm used to request new token for each file. This used to
result in token requests of 3-5 calls per execution. Incorporating
token caching from cert-mon service to reduce the number of requests.
Other changes include:
- Log level change in case of exceptions thrown from FM API. A
condition where exception is thrown should not just log it at
a warning level (so that it's not missed), but should have
a more detailed/traceable log.
- Logic fix for raising alarm at right level. It was noticed that
alarm was tagged as expired on the day before expiry. This changes
to wait until the date has actually passed before the certificate
is marked as expired.
- Safer call to use dict.get() in case of missing annotations of
cert-manager Certificate resources.
Test Plan:
PASS: Verify that token caching reduces the number of calls
PASS: Verify that an exception thrown from FM API gets a more
detailed log
PASS: Verify to make sure certificate expiry alarm waits
until expiry date is passed before 'Expired' alarm is
raised.
PASS: Verify that if Certificate CRD does not contain
metadata.annotations, cert-alarm will handle the condition
and create the annotations without error.
Story: 2008946
Task: 42852
Signed-off-by: Sabeel Ansari <Sabeel.Ansari@windriver.com>
Change-Id: Icfedfdadd43757c1375459e7ee4b4d3d97e8d02f
5c42dde784