From 90a9b1d6044235ab84af99922cb45b7e3093f4cd Mon Sep 17 00:00:00 2001 From: Alexander Smolyakov Date: Wed, 4 Oct 2023 21:00:11 +0400 Subject: [terraform] Update retry logic to handle DNS-related errors more gracefully (#713) * [terraform] Update retry logic - Add `dnsutils` package to dependencies - Update retry logic to handle DNS-related errors more gracefully * Update install.sh * Bump version --- src/terraform/install.sh | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'src/terraform/install.sh') diff --git a/src/terraform/install.sh b/src/terraform/install.sh index 1156f6d..c1a3825 100755 --- a/src/terraform/install.sh +++ b/src/terraform/install.sh @@ -77,6 +77,25 @@ receive_gpg_keys() { sleep 10s fi done + + # If all attempts fail, try getting the keyserver IP address and explicitly passing it to gpg + if [ "${gpg_ok}" = "false" ]; then + retry_count=0; + echo "(*) Resolving GPG keyserver IP address..." + local keyserver_ip_address=$( dig +short keyserver.ubuntu.com | head -n1 ) + echo "(*) GPG keyserver IP address $keyserver_ip_address" + + until [ "${gpg_ok}" = "true" ] || [ "${retry_count}" -eq "3" ]; + do + echo "(*) Downloading GPG key..." + ( echo "${keys}" | xargs -n 1 gpg -q ${keyring_args} --recv-keys --keyserver ${keyserver_ip_address}) 2>&1 && gpg_ok="true" + if [ "${gpg_ok}" != "true" ]; then + echo "(*) Failed getting key, retring in 10s..." + (( retry_count++ )) + sleep 10s + fi + done + fi set -e if [ "${gpg_ok}" = "false" ]; then echo "(!) Failed to get gpg key." @@ -183,7 +202,7 @@ ensure_cosign() { export DEBIAN_FRONTEND=noninteractive # Install dependencies if missing -check_packages curl ca-certificates gnupg2 dirmngr coreutils unzip +check_packages curl ca-certificates gnupg2 dirmngr coreutils unzip dnsutils if ! type git > /dev/null 2>&1; then check_packages git fi -- cgit v1.2.3