Adds a (currently gated) Akamai CCU API client used to purge GET OCSP responses
from the CDN. It also contains a small tool (cmd/akamai-purger) that can be used
to purge ARLs from the command line.
If a ServiceUnavailableError is returned from GenerateOCSP backoff before
attempting to retry the call as to not to overwhelm the CA with calls that
may instantly fail.
case the mailer is only run once per day.
Use a realistic fake clock, with a non-zero nanosecond part. Since
the DB doesn't store subsecond timestamps, this avoids landing all the
test cases on the edge case where notifications are sent at the exact
nanosecond when the nag window opens.
Fixes#982.
Rather than failing immediately if two OCSP responses differ, which can happen
if ocsp-updater fires in between two requests, we wait until all OCSP responses
reach their expected state, and then check for equality.
Additionally, reorganize the OCSP checking to be somewhat cleaner, and improve
detection of verify failures (e.g. when a OpenSSL can't find a signer
certificate).
- Separated RabbitMq into it's own container
- some various Dockerfile-isms cleanup
- updated routes to linked containers
- removed nodejs, I have not been able to figure out why it was being installed
(so this could be something that is actually needed)
To setup a dev environment:
You now need `docker-compose`, but running the setup with all the
configurations is as simple as:
```
$ docker-compose build
$ docker-compose up
```
Then you can even run the `test.sh` in the container with:
```
$ docker exec -it boulder_boulder_1 bash
root@container $ ./test.sh
```
This is just an _initial_ first pass at refactoring a bunch of this. There is
a bunch more I want to change and make better.
Also with regard to database migration taking awhile I want to try and move
the goose stuff over to the mariadb container, there is just some less savory
things I don't like about starting the db in the background then running the
migration script :/, I like to attach to the process on container start. I do
have some thoughts on a `docker exec` command in the mariadb container which
migrates the db... but trying to think of something better.
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
Roland Shoemaker
Jeff Hodges
Jacob Hoffman-Andrews
bifurcation
Tom Clegg
Richard Barnes
Jessica Frazelle