EnTeQuAk
commented
5 years ago We already quickly talked about that in IRC, @g-k mentioned increasing the HAWK authentication token clock skew tolerance.
Assigning to me to keep track of it.
Closed AlexandraMoga closed 5 years ago
EnTeQuAk
commented
5 years ago We already quickly talked about that in IRC, @g-k mentioned increasing the HAWK authentication token clock skew tolerance.
Assigning to me to keep track of it.
g-k
commented
5 years ago Nice find! We ran into this signing larger APKs too.
Bumped up the hawk timestamp validity for stage and prod in hiera-sops commit 992e5e9e108a2f26da0438475711d958edc73b54.
autograph -dev updated in hiera-sops commit b4672fd882533e7e9bfcff020303684f6f6be210
Need to redeploy to these envs.
g-k
commented
5 years ago Updated dev (deploying to dev is broken) and redeployed to stage. Will deploy to prod at some point (but feel free to remind me).
Dev now has:
curl http://localhost/__version__
{"commit":"b361e521227c5971e71195daddd9c7c9aa08e417","version":"2.8.1","source":"https://github.com/mozilla-services/autograph","build":"https://circleci.com/gh/mozilla-services/autograph/1854"}So this should be fixed in autograph -dev and -stage.
EnTeQuAk
commented
5 years ago Awesome, thanks @g-k for the help. I'm closing this for now then.
AlexandraMoga
commented
5 years ago I haven't run into signing errors anymore.
@EnTeQuAk however, our server begins to act out a bit if I'm trying to upload larger files. There are two intermittent errors I've run into so far, with packages between 60Mb and 130Mb: either a 502 response from nginx, either the following validation error:
EnTeQuAk
commented
5 years ago either the following validation error:
That's on -dev too right?
AlexandraMoga
commented
5 years ago @EnTeQuAk sorry, yes. This is on -dev.
Follow up for mozilla/addons#5936
STR:
Sign Add-onbuttonActual result: The signing process fails with a server error (500)
Expected result: Add-on is correctly signed
Notes: