Commit 928dcc19 authored by Grzegorz Bizon's avatar Grzegorz Bizon

Merge branch...

Merge branch '30146-let-s-encrypt-integration-doesn-t-scale-and-does-not-give-any-feedback-to-user-on-errors-3' into 'master'

Stop obtaining Let's Encrypt certificates if we already failed

See merge request gitlab-org/gitlab!27775
parents 3e5582ce 8a53aa17
...@@ -10,6 +10,11 @@ class PagesDomainSslRenewalCronWorker # rubocop:disable Scalability/IdempotentWo ...@@ -10,6 +10,11 @@ class PagesDomainSslRenewalCronWorker # rubocop:disable Scalability/IdempotentWo
return unless ::Gitlab::LetsEncrypt.enabled? return unless ::Gitlab::LetsEncrypt.enabled?
PagesDomain.need_auto_ssl_renewal.with_logging_info.find_each do |domain| PagesDomain.need_auto_ssl_renewal.with_logging_info.find_each do |domain|
# Ideally that should be handled in PagesDomain.need_auto_ssl_renewal scope
# but it's hard to make scope work with feature flags
# once we remove feature flag we can modify scope to implement this behaviour
next if Feature.enabled?(:pages_letsencrypt_errors, domain.project) && domain.auto_ssl_failed
with_context(project: domain.project) do with_context(project: domain.project) do
PagesDomainSslRenewalWorker.perform_async(domain.id) PagesDomainSslRenewalWorker.perform_async(domain.id)
end end
......
...@@ -21,6 +21,10 @@ describe PagesDomainSslRenewalCronWorker do ...@@ -21,6 +21,10 @@ describe PagesDomainSslRenewalCronWorker do
let!(:domain_without_auto_certificate) do let!(:domain_without_auto_certificate) do
create(:pages_domain, :without_certificate, :without_key, project: project, auto_ssl_enabled: true) create(:pages_domain, :without_certificate, :without_key, project: project, auto_ssl_enabled: true)
end end
let!(:domain_with_failed_auto_ssl) do
create(:pages_domain, :without_certificate, :without_key, project: project,
auto_ssl_enabled: true, auto_ssl_failed: true)
end
let!(:domain_with_expired_auto_ssl) do let!(:domain_with_expired_auto_ssl) do
create(:pages_domain, :letsencrypt, :with_expired_certificate, project: project) create(:pages_domain, :letsencrypt, :with_expired_certificate, project: project)
...@@ -34,7 +38,8 @@ describe PagesDomainSslRenewalCronWorker do ...@@ -34,7 +38,8 @@ describe PagesDomainSslRenewalCronWorker do
end end
[domain, [domain,
domain_with_obtained_letsencrypt].each do |domain| domain_with_obtained_letsencrypt,
domain_with_failed_auto_ssl].each do |domain|
expect(PagesDomainSslRenewalWorker).not_to receive(:perform_async).with(domain.id) expect(PagesDomainSslRenewalWorker).not_to receive(:perform_async).with(domain.id)
end end
......
...@@ -26,6 +26,8 @@ describe PagesDomainSslRenewalWorker do ...@@ -26,6 +26,8 @@ describe PagesDomainSslRenewalWorker do
shared_examples 'does nothing' do shared_examples 'does nothing' do
it 'does nothing' do it 'does nothing' do
expect(::PagesDomains::ObtainLetsEncryptCertificateService).not_to receive(:new) expect(::PagesDomains::ObtainLetsEncryptCertificateService).not_to receive(:new)
worker.perform(domain.id)
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment