Page MenuHomePhabricator

acme-chief calls unnecessarily to ACMEChief._push_live_certificates() on daemon start
Closed, ResolvedPublic

Description

acmechief calls unnecesarily to _push_live_certificates() as part of create_initial_certs() when the certificates are already valid, causing the following log:

Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Number of certificates per status: Counter({'VALID': 28})
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for apt
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till apt / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for archiva
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till archiva / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for dumps
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till dumps / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for gerrit
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till gerrit / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for icinga
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for ldap
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for ldap-labtest
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for librenms
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till librenms / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for lists
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till lists / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for mirrors
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till mirrors / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for mx
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till mx / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for netbox
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till netbox / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for pinkunicorn
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Pushing the new certificate for tendril
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Waiting till tendril / ec-prime256v1 is generated to be able to push the new certificate
Mar 18 09:04:13 acmechief1001 acme-chief-backend[22187]: Starting main loop...

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 18 2019, 9:14 AM

Change 497249 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@master] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497249

Vgutierrez triaged this task as High priority.Mar 18 2019, 9:54 AM

Change 497249 merged by jenkins-bot:
[operations/software/acme-chief@master] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497249

Change 497256 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@master] Release 0.12

https://gerrit.wikimedia.org/r/497256

Change 497256 merged by jenkins-bot:
[operations/software/acme-chief@master] Release 0.12

https://gerrit.wikimedia.org/r/497256

Change 497257 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497257

Change 497258 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] Release 0.12

https://gerrit.wikimedia.org/r/497258

Change 497259 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/software/acme-chief@debian] debian: Add release 0.12 to changelog

https://gerrit.wikimedia.org/r/497259

Change 497257 merged by jenkins-bot:
[operations/software/acme-chief@debian] acme-chief: Avoid unneeded calls to _push_live_certificate()

https://gerrit.wikimedia.org/r/497257

Change 497258 merged by jenkins-bot:
[operations/software/acme-chief@debian] Release 0.12

https://gerrit.wikimedia.org/r/497258

Change 497259 merged by jenkins-bot:
[operations/software/acme-chief@debian] debian: Add release 0.12 to changelog

https://gerrit.wikimedia.org/r/497259

Mentioned in SAL (#wikimedia-operations) [2019-03-18T10:12:57Z] <vgutierrez> uploaded acme-chief 0.12 to apt.wikimedia.org (buster) - T218543

Vgutierrez closed this task as Resolved.Mar 18 2019, 10:14 AM
Vgutierrez removed a project: Patch-For-Review.