Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Temporary DNS failure terminates notarization wait #169

Open
basilevs opened this issue Nov 8, 2024 · 0 comments · May be fixed by #174
Open

Temporary DNS failure terminates notarization wait #169

basilevs opened this issue Nov 8, 2024 · 0 comments · May be fixed by #174

Comments

@basilevs
Copy link

basilevs commented Nov 8, 2024
edited
Loading

Test steps

  • Run notary-submit --staple on an unstable network.
$ rcodesign notary-submit --api-key-file key.json --staple --max-wait-seconds 3600 /tmp/notarization_service_0hu7yuzg/iTest-macosx.cocoa.x86_64_stapled.dmg
creating Notary API submission for iTest-macosx.cocoa.aarch64_stapled.dmg (sha256: 15bd73e4fcb1d88c9ed0d8e30e4d36762bedd095242bd7d2e351e5736bd09409)
 created submission ID: 6f7ff498-37dd-4773-91c5-f6d851338af9
 resolving AWS S3 configuration from Apple-provided credentials
 uploading asset to s3://notary-submissions-prod/prod/AROARQRX7CZS3PRF6ZA5L:6f7ff498-37dd-4773-98c5-f6d851338af9
 (you may see additional log output from S3 client)
 S3 upload completed successfully
 waiting up to 3600s for package upload 6f7ff498-37de-4773-98c5-f6d851338af9 to finish processing
 poll state after 0s: InProgress
 poll state after 3s: InProgress
......
 poll state after 1412s: InProgress
 poll state after 1415s: InProgress
 poll state after 1419s: InProgress
 poll state after 1422s: InProgress
 poll state after 1425s: InProgress
 poll state after 1429s: InProgress
 poll state after 1432s: InProgress
 Error: error sending request for url (https://appstoreconnect.apple.com/notary/v2/submissions/6f7ff498-35dd-4773-98c5-f6d851338af9): error trying to connect: dns error: failed to lookup address information: Try again

Actual result

The exit code is 0. The DMG is left unstapled. Notarization logs are not yet available.

Expected result

DNS failure should be considered either fatal or not:

DNS failure is fatal

rcodesign should terminate with a non-zero exit code.

DNS failure is non-fatal

rcodesign should continue waiting for the notarization process to complete and staple the DMG.

Rationale:
Build scripts using rcodesign are confused by the fact that succesfull termination of rcodesign does not produce a notarized DMG file.
basilevs added a commit to basilevs/apple-platform-rs that referenced this issue Dec 8, 2024
@basilevs
apple-codesign: survive network brownout
4400e41 
Notarization performs a lot of polling requests.
Some may fail due to network problems.
Only the last request result is required for succefull notarization.
Therefore we can safely ignore non-fatal errors until timeout is exceded.

Fixes indygreg#169
@basilevs basilevs linked a pull request Dec 8, 2024 that will close this issue
Open
basilevs added a commit to basilevs/apple-platform-rs that referenced this issue Dec 8, 2024
@basilevs
apple-codesign: survive network brownout
e3b063f 
Notarization performs a lot of polling requests.
Some may fail due to network problems.
Only the last request result is required for succefull notarization.
Therefore we can safely ignore non-fatal errors until timeout is exceded.

Fixes indygreg#169
basilevs added a commit to basilevs/apple-platform-rs that referenced this issue Dec 9, 2024
@basilevs
apple-codesign: survive network brownout
46dfdba 
Notarization performs a lot of polling requests.
Some may fail due to network problems.
Only the last request result is required for succefull notarization.
Therefore we can safely ignore non-fatal errors until timeout is exceded.

Fixes indygreg#169
basilevs added a commit to basilevs/apple-platform-rs that referenced this issue Dec 9, 2024
@basilevs
apple-codesign: survive network brownout
d4fe63d 
Notarization performs a lot of polling requests.
Some may fail due to network problems.
Only the last request result is required for succefull notarization.
Therefore we can safely ignore non-fatal errors until timeout is exceded.

Fixes indygreg#169
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

apple-codesign: survive network brownout basilevs/apple-platform-rs
1 participant
@basilevs