On first run, nothing happens for the first 5 minutes (monitorLogInterval?)

[paravoid]

Trying out the new daemon mode - thanks so much! I may be missing something obvious, or this perhaps is intentional, but it looks like the first 5 minutes are wasted, with no processing happening, or useful output?

For example:

TMPDIR="$(mktemp -d)"
export CERTSPOTTER_CONFIG_DIR=$TMPDIR/certspotter-cfg
export CERTSPOTTER_STATE_DIR=$TMPDIR/certspotter

mkdir $CERTSPOTTER_CONFIG_DIR $CERTSPOTTER_STATE_DIR
echo '.' > $CERTSPOTTER_CONFIG_DIR/watchlist

certspotter -no_save -start_at_end -stdout -verbose

Output:

2023/02/09 02:55:16 fetched 17 logs from "https://loglist.certspotter.org/monitor.json"
2023/02/09 02:55:16 starting task for log c9meiRtMlnigIH1HneayxhzQUV5xGSqMa4AQesF3crU= (https://nessie2024.ct.digicert.com/log/)

[... more logs ...]

2023/02/09 02:55:17 brand new log https://nessie2024.ct.digicert.com/log/ (starting from 19367775)
2023/02/09 02:55:17 saving state in defer for https://nessie2024.ct.digicert.com/log/

[...more logs...]

[nothing happens for 5 minutes]

2023/02/09 03:00:16 downloading entries from https://ct.cloudflare.com/logs/nimbus2023/ in range [409205419, 409345193)

[..more logs...]

[...certificates in stdout...]

[AGWA]

Hey @paravoid, yeah that's expected when using -start_at_end. If certspotter has nothing to do, it waits for 5 minutes before checking if logs have new entries.

If this is for the test case in the debian package, I would recommend not using -start_at_end, and doing something like:

certspotter -no_save -stdout | head -n 100 | grep -q Pubkey

This ensures certspotter will always do something useful, even if the test case happens to run at a time when no entries are being added to CT logs.

[paravoid]

Ah, that makes sense! And your guess was excellent, and will adjust the case to be exactly as you described. Thanks so much :)