Comments (8)
But I would like to add that, before this occurred, kubernetes-letsencrypt
has been running in production for months without a single hiccup! So thank you for the good work :) 👏
from kubernetes-letsencrypt.
Reasoning about the bug: looks like it happens here, where an empty List<Zone>
is being reduced.
Would it be meaningful to just return null
if the collection is empty? (I have a very vague idea about how the DNS challenge works, but not details that allow me to easily make sense of the business logic)
from kubernetes-letsencrypt.
Update: as already identified in #72, this error leads to the misbehaviour reported there (too many currently pending authz
) - so the two bugs are different but indeed linked.
from kubernetes-letsencrypt.
@f-f Interesting, thanks for looking into it a bit!
The "currently pending authz" issue should've been resolved by the change LE did on their side (i.e. automatically recycling authorisations) which required - according to their announcement - no client-side changes as the service simply returns the existing authorisation.
Did you see that one recently, too?
Would it be meaningful to just return
null
if the collection is empty?
It'd be the empty Option
variant instead of null
, but yes!
from kubernetes-letsencrypt.
Did you see that one recently, too?
Yep, this morning I deleted and recreated the controller, and started getting #72.
I just applied the workaround listed there (deleting the letzencrypt-keypair
secret), and I started getting this again.
from kubernetes-letsencrypt.
Actually, I think this condition is being triggered by a configuration mistake of us - basically I'm trying to get a certificate for the wrong DNS (however it shouldn't fail this badly, as in the same certificate request I have some domains for which the DNS is correct).
from kubernetes-letsencrypt.
however it shouldn't fail this badly
Agreed! I've put in a PR that will add the relevant check to prevent it from throwing an unnecessary exception here.
from kubernetes-letsencrypt.
Awesome, thank you! 👏
from kubernetes-letsencrypt.
Related Issues (20)
- Allow single certificate for multiple services HOT 1
- Route 53 Split-horizon DNS HOT 8
- prepareDnsChallenge cleanup exception HOT 2
- Always determine authoritative NS from root
- Support ACME V2 API and wildcard certificates HOT 5
- Influence the cert filenames HOT 3
- Add support for ingress controller secret format HOT 2
- Error creating new authz :: too many currently pending authorizations HOT 5
- NullPointerException in DnsRecordObserver.findAuthoritativeNameservers HOT 4
- Transient error: "Must agree to subscriber agreement" HOT 1
- DnsException: Login Required HOT 6
- Exception in thread "Thread-23" HOT 2
- 403 Forbidden HOT 1
- create a chained cert for nginx as well HOT 7
- Is this project still active? HOT 22
- No pom.xml? HOT 1
- hanging in fail-loop HOT 2
- Failed due to invalid challenge HOT 5
- LetsencryptException: No matching zone found. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes-letsencrypt.