From 5aca4e01421fd9dd957bad737b732d24a13c0fb6 Mon Sep 17 00:00:00 2001 From: Petr Muller Date: Fri, 6 Jan 2023 13:14:25 +0100 Subject: [PATCH] Revert "Bug 2090680: pkg/cvo/updatepayload.go: timeout payload retrieval" --- pkg/cvo/updatepayload.go | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/pkg/cvo/updatepayload.go b/pkg/cvo/updatepayload.go index e3b9b1b09b..186585665b 100644 --- a/pkg/cvo/updatepayload.go +++ b/pkg/cvo/updatepayload.go @@ -89,12 +89,22 @@ func (r *payloadRetriever) RetrievePayload(ctx context.Context, update configv1. if index := strings.LastIndex(update.Image, "@"); index != -1 { releaseDigest = update.Image[index+1:] } + verifyCtx := ctx + + // if 'force' specified, ensure call to verify payload signature times out well before parent context + // to allow time to perform forced update + if update.Force { + timeout := time.Minute * 2 + if deadline, deadlineSet := ctx.Deadline(); deadlineSet { + timeout = time.Until(deadline) / 2 + } + klog.V(2).Infof("Forced update so reducing payload signature verification timeout to %s", timeout) + var cancel context.CancelFunc + verifyCtx, cancel = context.WithTimeout(ctx, timeout) + defer cancel() + } - // set up a new context with reasonable timeout for signature and payload retrieval - retrieveCtx, cancel := context.WithTimeout(ctx, time.Minute*4) - defer cancel() - - if err := r.verifier.Verify(retrieveCtx, releaseDigest); err != nil { + if err := r.verifier.Verify(verifyCtx, releaseDigest); err != nil { vErr := &payload.UpdateError{ Reason: "ImageVerificationFailed", Message: fmt.Sprintf("The update cannot be verified: %v", err), @@ -112,7 +122,7 @@ func (r *payloadRetriever) RetrievePayload(ctx context.Context, update configv1. // download the payload to the directory var err error - info.Directory, err = r.targetUpdatePayloadDir(retrieveCtx, update) + info.Directory, err = r.targetUpdatePayloadDir(ctx, update) if err != nil { return PayloadInfo{}, &payload.UpdateError{ Reason: "UpdatePayloadRetrievalFailed",