Spec.ForceRenewal() overrides validation logic and forces renewal; this internal boolean wasn't being reset when a PKI update happened successfully; this PR fixes that.
cfssl 1.3.3 was buggy and would trigger panic's while parsing yaml content;
bump our dependency to a revision of cfssl that contains the fixes I wrote for this that fix the panic-y behaviour.
remove fetch backoff logic that can exceed an hour
Code comments explaining this are also inline; short version, cfssl transports default backoff
settings induce up to a 5 minute delay on the first failure, and
build beyond that by powers of 2 up to 5 total failures.
We already have retry logic via the manager, thus having massively
long delays like this isn't desirable and overrides the intervals
folks configured.
Instead, just use a simplistic exponential back off that starts at .5s
delay, and builds to a max of 2 minutes before giving up.
Remember, this line of code is effectively single thread; so what was
in place was seriously nonviable, and what's now being added still
sucks- this can be resolved via splitting seperate watcher threads
per spec in a follow up PR.
Finally, make Spec.TakeAction private. Like the other 'convert to private', the point here is to absolutely limit what the public API is for this so that we can refactor the internals as we go forward. They need it, but it's not preferable to hold up a release due to API semver while code hygiene gets cleaned up. This (like previous PRs) helps to decouple that.
remove fetch backoff logic that can exceed an hour Code comments explaining this are also inline; short version, cfssl transports default backoff settings induce up to a 5 minute delay on the first failure, and build beyond that by powers of 2 up to 5 total failures.
We already have retry logic via the manager, thus having massively long delays like this isn't desirable and overrides the intervals folks configured.
Instead, just use a simplistic exponential back off that starts at .5s delay, and builds to a max of 2 minutes before giving up.
Remember, this line of code is effectively single thread; so what was in place was seriously nonviable, and what's now being added still sucks- this can be resolved via splitting seperate watcher threads per spec in a follow up PR.