Conversation
A Coder customer reported that the cert refresh command can return 1 while still generating new certs. Right now Coder Toolbox does not reload the certs if the refresh command exits with a status other than 0. - resolves #276
Co-authored-by: Zach <3724288+zedkipp@users.noreply.github.com>
|
Small update and context, we had a private chat about the issue and the discussion clarified a change in the control flow of The upstream system polls every five seconds, and a client had reported cases where their certificate refresh command successfully updated certificates but still returned a non-zero error code. Originally, refreshes were only considered valid when the return code was 0, and any other result caused the polling loop to stop and show a login screen. With new requirements, the return code can no longer be trusted, so the polling loop should not be terminated based on it. As a potential improvement, it was suggested that instead of relying on the return code, the code could detect whether the CA files actually changed and use that information to preserve the earlier control flow if needed. |
Instead of relying on the refresh command return code to report the issue upstream (which most of the time means breaking the poll loop and go back to the login scree), the code could detect whether the CA files actually changed and use that information to preserve the earlier control flow if needed.
Using a buffer instead of reading byte-by-byte is a more efficient mechanism.
…ub.com:coder/coder-jetbrains-toolbox-plugin into trigger-ca-reload-even-when-cert-refresh-faild
2 participants
A Coder customer reported that the cert refresh command can return 1 while still generating new certs. Right now Coder Toolbox does not reload the certs if the refresh command exits with a status other than 0.