You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Httprequest can serve multiple TLS requirers. If it serves 2 requirers, and for the first one it returns 403, and for the second it returns 200, what should the status be?
Also, if there's a network error that prevents the endpoint from being reached for a moment, should the charm status be Blocked? Should the charm make curl calls every x min, to the provided endpoint to make sure it is continuously reachable? I am tempted to say no.
I understand the concern regarding the lack of feedback when requests don't work as expected, however I'm not convinced we should change the charm status.
I think if it serves 2 requirers and one returns 403 and the other returns 200 the status should reflect that one has failed.
If there's a network error that prevents the endpoint from being reached for a while charms typically retry up to a fixed number of times and then either go into error state or blocked state.
I'm not sure why you're reluctant to change charm status. How else is the user supposed to know that there's been a problem getting a certificate?
I think if it serves 2 requirers and one returns 403 and the other returns 200 the status should reflect that one has failed.
I am reluctant to change the charm status because it would require the charm to store a state for each of its relation. What we can do instead is reflect in the status message the number of certificate requests fulfilled. Ex.
Status Message
Active "1/3 certificate requests fulfilled"
If there's a network error that prevents the endpoint from being reached for a while charms typically retry
I agree that we should retry if it fails, I'm not sure whether that's the case right now. If it's not, we should do it.
and then either go into error state or blocked state.
I'm not sure about this, if the charm serves 99 requirers and everything works fine for 98 of them, but one of the requirers inserted a badly formatted common name, let's encrypt would return an error. Should httprequest go from active to blocked? My opinion is no it should not, the charm is functioning correctly. I agree we should do our best to reflect the information to the user. We do so with logs and we can improve the status message in the manner described above if it's useful.
Bug Description
If you deploy the charm and give it credentials and an endpoint that ends up with a 403, the charm is still reporting active/idle status.
To Reproduce
juju debug-log
is requiredEnvironment
Running on Charmed K8s on top of Openstack. Using Juju 3.1.8.
Relevant log output
Additional context
No response
The text was updated successfully, but these errors were encountered: