final small refactor

oleksandr-nc · oleksandr-nc · commit 49e23806ad33 · 2025-05-29T08:40:58.000+03:00
Signed-off-by: Oleksander Piskun &lt;oleksandr2088@icloud.com&gt;
diff --git a/haproxy_agent.py b/haproxy_agent.py
@@ -1295,66 +1295,68 @@ async def _install_system_certificates(
     os_info_content: str,
 ) -> None:
     target_cert_dir = _get_target_cert_dir(os_info_content)
-    if target_cert_dir:
-        LOGGER.info("Target system cert directory for container '%s': %s", container_name, target_cert_dir)
+    if not target_cert_dir:
+        LOGGER.warning(
+            "OS in container '%s' not supported for sys cert installation, or bundle empty. Skipping.",
+            container_name,
+        )
+        return
+
+    LOGGER.info("Target system cert directory for container '%s': %s", container_name, target_cert_dir)
+    exit_code, raw_output = await _execute_command_in_container_simplified(
+        session, docker_engine_port, container_name, ["mkdir", "-p", target_cert_dir]
+    )
+    if exit_code != 0:
+        LOGGER.error(
+            "Failed to create cert dir '%s' in container '%s'. Exit: %s, Raw Output: %s",
+            target_cert_dir,
+            container_name,
+            exit_code,
+            raw_output,
+        )
+        raise web.HTTPInternalServerError(
+            text=f"Failed to create cert directory. Exit: {exit_code}. Output: {raw_output[:200]}"
+        )
+
+    certs_to_install = {}
+    parsed_certs = _parse_certs_from_bundle(system_certs_bundle)
+    for i, cert_content in enumerate(parsed_certs):
+        cert_filename = f"custom_ca_cert_{i}.crt"
+        certs_to_install[os.path.join(target_cert_dir.lstrip("/"), cert_filename)] = cert_content
+
+    if not certs_to_install:
+        LOGGER.info(
+            "No individual certificates parsed from system_certs_bundle for container '%s'.",
+            container_name,
+        )
+        return
+
+    tar_bytes = _create_tar_archive_in_memory(certs_to_install)
+    await _put_archive_to_container(session, docker_engine_port, container_name, "/", tar_bytes)
+    LOGGER.info(
+        "Installed %d system CA certificates into '%s' in container '%s'.",
+        len(parsed_certs),
+        target_cert_dir,
+        container_name,
+    )
+
+    update_cmd_list = _get_certificate_update_command(os_info_content)
+    if update_cmd_list:
+        LOGGER.info("Running certificate update command: %s", " ".join(update_cmd_list))
         exit_code, raw_output = await _execute_command_in_container_simplified(
-            session, docker_engine_port, container_name, ["mkdir", "-p", target_cert_dir]
+            session, docker_engine_port, container_name, update_cmd_list
         )
         if exit_code != 0:
             LOGGER.error(
-                "Failed to create cert dir '%s' in container '%s'. Exit: %s, Raw Output: %s",
-                target_cert_dir,
+                "Certificate update command failed in container '%s'. Exit: %s, Raw Output: %s",
                 container_name,
                 exit_code,
                 raw_output,
             )
-            raise web.HTTPInternalServerError(
-                text=f"Failed to create cert directory. Exit: {exit_code}. Output: {raw_output[:200]}"
-            )
-
-        certs_to_install = {}
-        parsed_certs = _parse_certs_from_bundle(system_certs_bundle)
-        for i, cert_content in enumerate(parsed_certs):
-            cert_filename = f"custom_ca_cert_{i}.crt"
-            certs_to_install[os.path.join(target_cert_dir.lstrip("/"), cert_filename)] = cert_content
-
-        if certs_to_install:
-            tar_bytes = _create_tar_archive_in_memory(certs_to_install)
-            await _put_archive_to_container(session, docker_engine_port, container_name, "/", tar_bytes)
-            LOGGER.info(
-                "Installed %d system CA certificates into '%s' in container '%s'.",
-                len(parsed_certs),
-                target_cert_dir,
-                container_name,
-            )
-
-            update_cmd_list = _get_certificate_update_command(os_info_content)
-            if update_cmd_list:
-                LOGGER.info("Running certificate update command: %s", " ".join(update_cmd_list))
-                exit_code, raw_output = await _execute_command_in_container_simplified(
-                    session, docker_engine_port, container_name, update_cmd_list
-                )
-                if exit_code != 0:
-                    LOGGER.error(
-                        "Certificate update command failed in container '%s'. Exit: %s, Raw Output: %s",
-                        container_name,
-                        exit_code,
-                        raw_output,
-                    )
-                else:
-                    LOGGER.info("Certificate update command successful. Raw Output: %s", raw_output.strip())
-            else:
-                LOGGER.warning("No certificate update command found for OS in container '%s'.", container_name)
         else:
-            LOGGER.info(
-                "No individual certificates parsed from system_certs_bundle for container '%s'.",
-                container_name,
-            )
+            LOGGER.info("Certificate update command successful. Raw Output: %s", raw_output.strip())
     else:
-        LOGGER.warning(
-            "OS in container '%s' not supported for sys cert installation, or bundle empty. Skipping.",
-            container_name,
-        )
+        LOGGER.warning("No certificate update command found for OS in container '%s'.", container_name)
 
 
 async def _install_frp_certificates(
