Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Builds with "noKey" fail when any keyserver is down #305

Closed
ao-apps opened this issue Jul 15, 2021 · 3 comments
Closed

Builds with "noKey" fail when any keyserver is down #305

ao-apps opened this issue Jul 15, 2021 · 3 comments
Labels
enhancement New feature or request. good first issue Good for newcomers. to grab Ready to do and to grab by those willing.

Comments

@ao-apps
Copy link
Contributor

ao-apps commented Jul 15, 2021

PR s4u/pgp-keys-map#229 build was failing while pgp.mit.edu was down. pgp.mit.edu has a history of going down, and while down builds relying on "noKey" will fail.

I suggest that "noKey" map entries not even attempt to query any keyservers. This would avoid the overhead of querying every keyserver on every build, and also will not fail builds when any of the keyservers are down.

I tried various combinations of "*", "noSig", "badSig", and "noKey" and was unable to find a way to prevent the keyserver lookup.

Related, other projects have avoiding using pgp.mit.edu, as it is a single server. Instead, they only use keyserver pools: nginxinc/docker-nginx#156

@slawekjaranowski
Copy link
Member

sks-keyservers.net is down ... #296

@slawekjaranowski
Copy link
Member

slawekjaranowski commented Jul 15, 2021

My proposition is to store 404 status in cache.
When we first lookup for key and will be not available we store such information and next lookup will not occurs but identical exception should be thrown by cache like during real key download.

Additional when one server return 404 and another servers have connection problem result 404 should be returned to client

Because key can appears in some time we should invalidate such information for time to time. Invalidation should be implemented in #284

@slawekjaranowski
Copy link
Member

will be continued in another issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request. good first issue Good for newcomers. to grab Ready to do and to grab by those willing.
Development

No branches or pull requests

2 participants