Page MenuHomePhabricator
Create Task
Maniphest T218543

acme-chief calls unnecessarily to ACMEChief._push_live_certificates() on daemon start
Closed, ResolvedPublic
Actions

Description

acmechief calls unnecesarily to _push_live_certificates() as part of create_initial_certs() when the certificates are already valid, causing the following log:

Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Number of certificates per status: Counter({'VALID': 28})
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for apt
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till apt / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for archiva
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till archiva / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for dumps
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till dumps / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for gerrit
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till gerrit / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for icinga
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for ldap
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for ldap-labtest
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for librenms
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till librenms / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for lists
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till lists / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for mirrors
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till mirrors / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for mx
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till mx / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for netbox
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till netbox / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for pinkunicorn
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for tendril
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till tendril / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Starting main loop...

Details

SubjectRepoBranchLines +/-
acme-chief: Avoid unneeded calls to _push_live_certificate()operations/software/acme-chiefmaster+1 -1
debian: Add release 0.12 to changelogoperations/software/acme-chiefdebian+6 -0
Release 0.12operations/software/acme-chiefdebian+2 -2
acme-chief: Avoid unneeded calls to _push_live_certificate()operations/software/acme-chiefdebian+1 -1
Release 0.12operations/software/acme-chiefmaster+2 -2
Customize query in gerrit
TitleReferenceAuthorSource BranchDest Branch
Release 0.36-2 for Bookwormrepos/sre/acme-chief!2brettchange-948672-release-0-36-for-bookwormdebian
Customize query in GitLab

Related Objects

Event Timeline

Vgutierrez created this task.Mar 18 2019, 9:14 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 18 2019, 9:14 AM
gerritbot subscribed.Mar 18 2019, 9:17 AM

Change 497249 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@master] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497249

gerritbot added a project: Patch-For-Review.Mar 18 2019, 9:17 AM
Vgutierrez mentioned this in rOSAC161996e1308a: acme-chief: Avoid unneeded calls to _push_live_certificate().Mar 18 2019, 9:19 AM
Vgutierrez triaged this task as High priority.Mar 18 2019, 9:54 AM
gerritbot added a comment.Mar 18 2019, 9:57 AM

Change 497249 merged by jenkins-bot:
[operations/software/acme-chief@master] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497249

gerritbot added a comment.Mar 18 2019, 10:00 AM

Change 497256 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@master] Release 0.12

https://gerrit.wikimedia.org/r/497256

Vgutierrez mentioned this in rOSACd8418eb62e1e: Release 0.12.Mar 18 2019, 10:02 AM
gerritbot added a comment.Mar 18 2019, 10:03 AM

Change 497256 merged by jenkins-bot:
[operations/software/acme-chief@master] Release 0.12

https://gerrit.wikimedia.org/r/497256

gerritbot added a comment.Mar 18 2019, 10:06 AM

Change 497257 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497257

gerritbot added a comment.Mar 18 2019, 10:06 AM

Change 497258 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] Release 0.12

https://gerrit.wikimedia.org/r/497258

gerritbot added a comment.Mar 18 2019, 10:06 AM

Change 497259 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] debian: Add release 0.12 to changelog

https://gerrit.wikimedia.org/r/497259

gerritbot added a comment.Mar 18 2019, 10:09 AM

Change 497257 merged by jenkins-bot:
[operations/software/acme-chief@debian] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497257

Vgutierrez mentioned this in rOSAC02a65ee8eb60: acme-chief: Avoid unneeded calls to _push_live_certificate().Mar 18 2019, 10:09 AM
Vgutierrez mentioned this in rOSAC8c4f5657daed: Release 0.12.
Vgutierrez mentioned this in rOSAC296e548c2131: debian: Add release 0.12 to changelog.
gerritbot added a comment.Mar 18 2019, 10:09 AM

Change 497258 merged by jenkins-bot:
[operations/software/acme-chief@debian] Release 0.12

https://gerrit.wikimedia.org/r/497258

gerritbot added a comment.Mar 18 2019, 10:09 AM

Change 497259 merged by jenkins-bot:
[operations/software/acme-chief@debian] debian: Add release 0.12 to changelog

https://gerrit.wikimedia.org/r/497259

Stashbot subscribed.Mar 18 2019, 10:12 AM

Mentioned in SAL (#wikimedia-operations) [2019-03-18T10:12:57Z] <vgutierrez> uploaded acme-chief 0.12 to apt.wikimedia.org (buster) - T218543

Vgutierrez closed this task as Resolved.Mar 18 2019, 10:14 AM
Vgutierrez removed a project: Patch-For-Review.
jijiki mentioned this in rOSAC9249177f5dca: acme-chief: Avoid unneeded calls to _push_live_certificate().Mar 18 2019, 4:31 PM
jijiki mentioned this in rOSAC5d4666a475b7: Release 0.12.
jijiki mentioned this in rOSACc7611cbcd36a: acme-chief: Avoid unneeded calls to _push_live_certificate().
jijiki mentioned this in rOSACd9f8c69a077b: debian: Add release 0.12 to changelog.
jijiki mentioned this in rOSAC2af0229aa784: Release 0.12.
CodeReviewBot added a project: Patch-For-Review.Sep 28 2023, 9:36 PM

brett opened https://gitlab.wikimedia.org/repos/sre/acme-chief/-/merge_requests/2

Draft: BCornwall's avatar Release 0.36-2 for Bookworm

CodeReviewBot added a comment.Nov 2 2023, 9:11 PM

brett merged https://gitlab.wikimedia.org/repos/sre/acme-chief/-/merge_requests/2

Release 0.36-2 for Bookworm

Maintenance_bot removed a project: Patch-For-Review.Nov 2 2023, 9:30 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits