Traffic Ops Portal/API CDN DNSSEC generate will break the world #2723
Labels
bug
something isn't working as intended
high impact
impacts the basic function, deployment, or operation of a CDN
Traffic Portal v1
related to Traffic Portal version 1
So, whether this is a Portal or API bug is a little ambiguous.
The problem:
effectiveDate
must be a UNIX epoch.effectiveDate
field.effectiveDate
as a string2018-08-21+14:26:06
, and the Perl UI server side converts that to a UNIX epoch.effectiveDate
type and value is sent, and puts that in Riak. You can sendfoo
and it shove that in Riak.2018-08-21 14:14:42
. The API, per Fix server scripted graph #4, shoves this into Riak. The world subsequently breaks.This is a problem today, in master, and has been since the Portal and API were written. This is a critical bug. Pressing the CDN DNSSEC "generate" button in the Portal will break all of DNSSEC for the given CDN.
Again, where the bug lies and how to fix it are a big ambiguous. The API endpoint is currently being rewritten in Go. Per the Robustness Principle, I propose:
This will:
Normally, users should always upgrade both TO and the Portal; but with a bug as critical as this, IMO it's worth the extra effort to make the bug fixable by just upgrading one of them.
The text was updated successfully, but these errors were encountered: