Error entering in stable state when proxy doesn't work

[ThomasJLLN]

Hi,

I've noticed a problem when we use a proxy with the ENV variables (HTTP_PROXY & RSYNC_PROXY).
When the proxy doesn't work for some reason, OctoRPKI failed to fetch the TALs and turn in a stable state with revalidation in 20 minutes.

In the attached file is an example with a connection refused on the proxy (bad port configured intentionally on the ENV variables) : octorpki_proxyerror.log

Thanks!

[lspgn]

Hi @ThomasJLLN,
I had a look at the logs.
There is no easy way to have stable that indicates that everything 100% functional.
Stable indicates that there is no more explorations done. There is exploration every time a new repository is discovered (eg: APNIC root -> JPNIC repository -> Delegated CA of a JP org).
Often, some repositories will fail. If an endpoint is unreachable, exploration of the branch stops.
In the case where the proxy fails, I'm not sure what the behavior should be since by default it is considered like the repo failed. I do not have an easy way of determining if the rsync proxy failed, for http it might be more complex. Unless if we probe beforehand.
Additionally if the proxy fails after having successfully done a complete validation: it should continue working with the previous set and retry normally but it is still considered stable.

This said, I'm open to suggestions on how to treat this failure scenario without disrupting a current validation.