Update certificates as late as possible

See merge request !324

slapos/grid/SlapObject.py

@@ -452,7 +452,6 @@ class Partition(object):
           self.partition_id + '.key')
       self.cert_file = os.path.join(certificate_repository_path,
           self.partition_id + '.crt')
-      self._updateCertificate()
 
     try:
       self.retention_delay = float(retention_delay)
@@ -485,6 +484,10 @@ class Partition(object):
                                       required=bytes2human(required)))
 
   def _updateCertificate(self):
+    if not self.key_file or not self.cert_file:
+      # Certificate files are unset, skip.
+      return
+
     try:
       partition_certificate = self.computer_partition.getCertificate()
     except NotFoundError:

slapos/grid/slapgrid.py

@@ -954,9 +954,11 @@ stderr_logfile_backups=1
     except PromiseError as e:
       self.logger.error(e)
       if partition_access_status is None or not status_error:
+        local_partition._updateCertificate()
         computer_partition.error(e, logger=self.logger)
     else:
       if partition_access_status is None or status_error:
+        local_partition._updateCertificate()
         computer_partition.started()
 
   def processPromise(self, computer_partition):
@@ -1184,6 +1186,9 @@ stderr_logfile_backups=1
       self.logger.info('  Software path: %s' % software_path)
       self.logger.info('  Instance path: %s' % instance_path)
 
+      # Update certifcate at late as possible
+      local_partition._updateCertificate()
+
       # XXX this line breaks 37 tests
       # self.logger.info('  Instance type: %s' % computer_partition.getType())
       self.logger.info('  Instance status: %s' % computer_partition_state)
@@ -1788,6 +1793,7 @@ stderr_logfile_backups=1
             ipv4_global_network=self.ipv4_global_network,
           )
           local_partition.stop()
+          local_partition._updateCertificate()
           try:
             computer_partition.stopped()
           except (SystemExit, KeyboardInterrupt):