Modify the cta-get-encryption-key script to accept the encryption key ID directly from the Tape Server
Introduction
At the moment, the script cta-get-encryption-key queries cta-admin
(whish interacts with the ctafrontend) to query for the encryption Key ID. As mentioned in https://gitlab.cern.ch/cta/operations/-/issues/839, this dependency on the ctafrontend can cause some HA related problems.
Fortunately, we can simplify bypass this check - simplify the script a lot - by passing the Key ID directly from the Tape Server. The Tape Server has access to the catalogue, therefore there is no reason not to get this field there.
Task
The cta-get-encryption-key scrpitp needs to be modified to accept the Key ID from the Tape Server and directly use it to obtain the Encryption Key, without using cta-admin command.
As a consequence, it will no longer need to use cta-admin
directly, which completely removes the need to interact with the CTA frontend.
As part of this issue, we need to discuss how the new value will be received by the script (and distinguished from a VID).