Fix [TT-1311] (TykTechnologies#3441)

## Description
Disable certificate migration and all scan operations for the legacy cloud

The previous PR have not fully fixed issue, and we need fully remove all scan operations

## Related Issue
https://github.com/TykTechnologies/tyk/pull/3410/files

## Motivation and Context
Legacy Cloud still suffering

## Screenshots (if appropriate)

## Types of changes
<!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: -->
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality)

## Checklist
<!-- Go over all the following points, and put an `x` in all the boxes that apply -->
<!-- If you're unsure about any of these, don't hesitate to ask; we're here to help! -->
- [ ] Make sure you are requesting to **pull a topic/feature/bugfix branch** (right side). If pulling from your own
      fork, don't request your `master`!
- [ ] Make sure you are making a pull request against the **`master` branch** (left side). Also, you should start
      *your branch* off *our latest `master`*.
- [ ] My change requires a change to the documentation.
  - [ ] If you've changed APIs, describe what needs to be updated in the documentation.
  - [ ] If new config option added, ensure that it can be set via ENV variable
- [ ] I have updated the documentation accordingly.
- [ ] Modules and vendor dependencies have been updated; run `go mod tidy && go mod vendor`
- [ ] When updating library version must provide reason/explanation for this update.
- [ ] I have added tests to cover my changes.
- [ ] All new and existing tests passed.
- [ ] Check your code additions will not fail linting checks:
  - [ ] `go fmt -s`
  - [ ] `go vet`

certs/manager.go

@@ -37,22 +37,24 @@ type StorageHandler interface {
 }
 
 type CertificateManager struct {
-	storage StorageHandler
-	logger  *logrus.Entry
-	cache   *cache.Cache
-	secret  string
+	storage         StorageHandler
+	logger          *logrus.Entry
+	cache           *cache.Cache
+	secret          string
+	migrateCertList bool
 }
 
-func NewCertificateManager(storage StorageHandler, secret string, logger *logrus.Logger) *CertificateManager {
+func NewCertificateManager(storage StorageHandler, secret string, logger *logrus.Logger, migrateCertList bool) *CertificateManager {
 	if logger == nil {
 		logger = logrus.New()
 	}
 
 	return &CertificateManager{
-		storage: storage,
-		logger:  logger.WithFields(logrus.Fields{"prefix": "cert_storage"}),
-		cache:   cache.New(5*time.Minute, 10*time.Minute),
-		secret:  secret,
+		storage:         storage,
+		logger:          logger.WithFields(logrus.Fields{"prefix": "cert_storage"}),
+		cache:           cache.New(5*time.Minute, 10*time.Minute),
+		secret:          secret,
+		migrateCertList: migrateCertList,
 	}
 }
 
@@ -462,7 +464,7 @@ func (c *CertificateManager) ListRawPublicKey(keyID string) (out interface{}) {
 func (c *CertificateManager) ListAllIds(prefix string) (out []string) {
 	indexKey := prefix + "-index"
 	exists, _ := c.storage.Exists(indexKey)
-	if exists && prefix != "" {
+	if !c.migrateCertList || (exists && prefix != "") {
 		keys, _ := c.storage.GetListRange(indexKey, 0, -1)
 		for _, key := range keys {
 			out = append(out, strings.TrimPrefix(key, "raw-"))

certs/manager_test.go

@@ -115,7 +115,7 @@ func (s *dummyStorage) GetKeys(pattern string) (keys []string) {
 }
 
 func newManager() *CertificateManager {
-	return NewCertificateManager(newDummyStorage(), "test", nil)
+	return NewCertificateManager(newDummyStorage(), "test", nil, false)
 }
 
 func genCertificate(template *x509.Certificate, isExpired bool) ([]byte, []byte) {

gateway/server.go

@@ -247,7 +247,7 @@ func setupGlobals(ctx context.Context) {
 		certificateSecret = config.Global().Security.PrivateCertificateEncodingSecret
 	}
 
-	CertificateManager = certs.NewCertificateManager(getGlobalStorageHandler("cert-", false), certificateSecret, log)
+	CertificateManager = certs.NewCertificateManager(getGlobalStorageHandler("cert-", false), certificateSecret, log, !config.Global().Cloud)
 
 	if config.Global().NewRelic.AppName != "" {
 		NewRelicApplication = SetupNewRelic()

go.mod

@@ -15,7 +15,6 @@ require (
 	github.com/TykTechnologies/leakybucket v0.0.0-20170301023702-71692c943e3c
 	github.com/TykTechnologies/murmur3 v0.0.0-20180602122059-1915e687e465
 	github.com/TykTechnologies/openid2go v0.0.0-20200312160651-00c254a52b19
-	github.com/TykTechnologies/tyk/certs v0.0.1
 	github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 // indirect
 	github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d // indirect
 	github.com/bshuster-repo/logrus-logstash-hook v0.4.1

go.sum

@@ -37,8 +37,6 @@ github.com/TykTechnologies/murmur3 v0.0.0-20180602122059-1915e687e465 h1:A2gBjoX
 github.com/TykTechnologies/murmur3 v0.0.0-20180602122059-1915e687e465/go.mod h1:sqH/SPFr11m9cahie7ulBuBX9TOhfBX1sp+qf9jh3Vg=
 github.com/TykTechnologies/openid2go v0.0.0-20200312160651-00c254a52b19 h1:mgi8xtMR6Pxj/5Rncalb67ArL8TCJbHSQmMfJg9lE4s=
 github.com/TykTechnologies/openid2go v0.0.0-20200312160651-00c254a52b19/go.mod h1:rGlqNE4CvxZIeiHp0mgrw+/jdGSjJzkZ0n78hhHMdfM=
-github.com/TykTechnologies/tyk/certs v0.0.1 h1:dhRT7HeKS5zHMbmNHuulBdC0pN90kdUxmQ6UB4RpmOk=
-github.com/TykTechnologies/tyk/certs v0.0.1/go.mod h1:Xq3wD9z699ZujmiGvndoOPi3ElE46pmiiHrHSUjpqb0=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751 h1:JYp7IbQjafoB+tBA3gMyHYHrpOtNuDiK/uB5uXxq5wM=
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d h1:UQZhZ2O0vMHr2cI+DC1Mbh0TJxzA3RcLoMsFw+aXw7E=