From 319869987e7e77b282033ede15bfdf090b70c69c Mon Sep 17 00:00:00 2001 From: Javan lacerda Date: Thu, 18 Apr 2024 17:24:47 +0000 Subject: [PATCH 1/3] buiding a new body for conflict reponses Signed-off-by: Javan lacerda --- cmd/prober/write.go | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) diff --git a/cmd/prober/write.go b/cmd/prober/write.go index dbc864ac6..a3c91a47a 100644 --- a/cmd/prober/write.go +++ b/cmd/prober/write.go @@ -139,6 +139,24 @@ func fulcioWriteEndpoint(ctx context.Context, priv *ecdsa.PrivateKey) (*x509.Cer return cert[0], nil } +func makeRekorRequest(cert *x509.Certificate, priv *ecdsa.PrivateKey, hostPath string) (*http.Response, time.Time, error) { + + body, err := rekorEntryRequest(cert, priv) + t := time.Now() + if err != nil { + return nil, t, fmt.Errorf("rekor entry: %w", err) + } + req, err := retryablehttp.NewRequest(http.MethodPost, hostPath, bytes.NewBuffer(body)) + if err != nil { + return nil, t, fmt.Errorf("new request: %w", err) + } + setHeaders(req, "") + + t = time.Now() + resp, err := retryableClient.Do(req) + return resp, t, err +} + // rekorWriteEndpoint tests the write endpoint for rekor, which is // /api/v1/log/entries and adds an entry to the log // if a certificate is provided, the Rekor entry will contain that certificate, @@ -151,19 +169,12 @@ func rekorWriteEndpoint(ctx context.Context, cert *x509.Certificate, priv *ecdsa verificationCounter.With(prometheus.Labels{verifiedLabel: verified}).Inc() }() - body, err := rekorEntryRequest(cert, priv) - if err != nil { - return fmt.Errorf("rekor entry: %w", err) + resp, t, err := makeRekorRequest(cert, priv, hostPath) + // A new body should be created when it is conflicted + for resp.StatusCode == http.StatusConflict { + resp, t, err = makeRekorRequest(cert, priv, hostPath) } - req, err := retryablehttp.NewRequest(http.MethodPost, hostPath, bytes.NewBuffer(body)) - if err != nil { - return fmt.Errorf("new request: %w", err) - } - - setHeaders(req, "") - t := time.Now() - resp, err := retryableClient.Do(req) latency := time.Since(t).Milliseconds() if err != nil { return fmt.Errorf("error adding entry: %w", err) From 91d8d76c7d2e72e42a5ca7f6ad5cfdb727a23fba Mon Sep 17 00:00:00 2001 From: Javan lacerda Date: Fri, 19 Apr 2024 13:59:41 +0000 Subject: [PATCH 2/3] conform lint Signed-off-by: Javan lacerda --- cmd/prober/write.go | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/cmd/prober/write.go b/cmd/prober/write.go index a3c91a47a..ce0541eb5 100644 --- a/cmd/prober/write.go +++ b/cmd/prober/write.go @@ -140,7 +140,6 @@ func fulcioWriteEndpoint(ctx context.Context, priv *ecdsa.PrivateKey) (*x509.Cer } func makeRekorRequest(cert *x509.Certificate, priv *ecdsa.PrivateKey, hostPath string) (*http.Response, time.Time, error) { - body, err := rekorEntryRequest(cert, priv) t := time.Now() if err != nil { @@ -170,16 +169,22 @@ func rekorWriteEndpoint(ctx context.Context, cert *x509.Certificate, priv *ecdsa }() resp, t, err := makeRekorRequest(cert, priv, hostPath) - // A new body should be created when it is conflicted - for resp.StatusCode == http.StatusConflict { - resp, t, err = makeRekorRequest(cert, priv, hostPath) - } - - latency := time.Since(t).Milliseconds() if err != nil { return fmt.Errorf("error adding entry: %w", err) } defer resp.Body.Close() + // A new body should be created when it is conflicted + for { + if resp.StatusCode != http.StatusConflict { + break + } + resp, t, err = makeRekorRequest(cert, priv, hostPath) + if err != nil { + return fmt.Errorf("error adding entry: %w", err) + } + defer resp.Body.Close() + } + latency := time.Since(t).Milliseconds() exportDataToPrometheus(resp, rekorURL, endpoint, POST, latency) if resp.StatusCode != http.StatusCreated { From 59fafe4cc589ea1384bac571a196ebab7f0c5161 Mon Sep 17 00:00:00 2001 From: Javan lacerda Date: Tue, 23 Apr 2024 15:00:36 +0000 Subject: [PATCH 3/3] refactors Signed-off-by: Javan lacerda --- cmd/prober/write.go | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) diff --git a/cmd/prober/write.go b/cmd/prober/write.go index ce0541eb5..0cabaae63 100644 --- a/cmd/prober/write.go +++ b/cmd/prober/write.go @@ -139,21 +139,21 @@ func fulcioWriteEndpoint(ctx context.Context, priv *ecdsa.PrivateKey) (*x509.Cer return cert[0], nil } -func makeRekorRequest(cert *x509.Certificate, priv *ecdsa.PrivateKey, hostPath string) (*http.Response, time.Time, error) { +func makeRekorRequest(cert *x509.Certificate, priv *ecdsa.PrivateKey, hostPath string) (*http.Response, int64, error) { body, err := rekorEntryRequest(cert, priv) - t := time.Now() if err != nil { - return nil, t, fmt.Errorf("rekor entry: %w", err) + return nil, -1, fmt.Errorf("rekor entry: %w", err) } req, err := retryablehttp.NewRequest(http.MethodPost, hostPath, bytes.NewBuffer(body)) if err != nil { - return nil, t, fmt.Errorf("new request: %w", err) + return nil, -1, fmt.Errorf("new request: %w", err) } setHeaders(req, "") - t = time.Now() + t := time.Now() resp, err := retryableClient.Do(req) - return resp, t, err + latency := time.Since(t).Milliseconds() + return resp, latency, err } // rekorWriteEndpoint tests the write endpoint for rekor, which is @@ -167,24 +167,20 @@ func rekorWriteEndpoint(ctx context.Context, cert *x509.Certificate, priv *ecdsa defer func() { verificationCounter.With(prometheus.Labels{verifiedLabel: verified}).Inc() }() - - resp, t, err := makeRekorRequest(cert, priv, hostPath) - if err != nil { - return fmt.Errorf("error adding entry: %w", err) - } - defer resp.Body.Close() + var resp *http.Response + var latency int64 + var err error // A new body should be created when it is conflicted - for { - if resp.StatusCode != http.StatusConflict { - break - } - resp, t, err = makeRekorRequest(cert, priv, hostPath) + for i := 1; i < 10; i++ { + resp, latency, err = makeRekorRequest(cert, priv, hostPath) if err != nil { return fmt.Errorf("error adding entry: %w", err) } defer resp.Body.Close() + if resp.StatusCode != http.StatusConflict { + break + } } - latency := time.Since(t).Milliseconds() exportDataToPrometheus(resp, rekorURL, endpoint, POST, latency) if resp.StatusCode != http.StatusCreated {