diff options
Diffstat (limited to 'app/services/pages_domains/obtain_lets_encrypt_certificate_service.rb')
-rw-r--r-- | app/services/pages_domains/obtain_lets_encrypt_certificate_service.rb | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/app/services/pages_domains/obtain_lets_encrypt_certificate_service.rb b/app/services/pages_domains/obtain_lets_encrypt_certificate_service.rb index 58f795e639e..93445dd4ddd 100644 --- a/app/services/pages_domains/obtain_lets_encrypt_certificate_service.rb +++ b/app/services/pages_domains/obtain_lets_encrypt_certificate_service.rb @@ -36,8 +36,8 @@ module PagesDomains when 'valid' save_certificate(acme_order.private_key, api_order) acme_order.destroy! - # when 'invalid' - # TODO: implement error handling + when 'invalid' + save_order_error(acme_order, api_order) end end @@ -47,5 +47,28 @@ module PagesDomains certificate = api_order.certificate pages_domain.update!(gitlab_provided_key: private_key, gitlab_provided_certificate: certificate) end + + def save_order_error(acme_order, api_order) + log_error(api_order) + + return unless Feature.enabled?(:pages_letsencrypt_errors, pages_domain.project) + + pages_domain.assign_attributes(auto_ssl_failed: true) + pages_domain.save!(validate: false) + + acme_order.destroy! + end + + def log_error(api_order) + Gitlab::AppLogger.error( + message: "Failed to obtain Let's Encrypt certificate", + acme_error: api_order.challenge_error, + project_id: pages_domain.project_id, + pages_domain: pages_domain.domain + ) + rescue => e + # getting authorizations is an additional network request which can raise errors + Gitlab::ErrorTracking.track_exception(e) + end end end |