Get content signatures from Autograph for actions

RESOLVED FIXED

Status

()

Firefox
Normandy Server
P2
normal
RESOLVED FIXED
2 years ago
3 months ago

People

(Reporter: mythmon, Assigned: mythmon)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

2 years ago
When an action is created or updated, it should have a content signature generated by making an API call to Autograph [0].

These signatures are made with short lived keys that could expire in as little as six weeks. There will be at least a two week overlap where the old key is valid, but Autograph uses a new key for new signatures. There should be a management command that will refresh the content signatures of any action who's signature is more than one week old. This command can be run on a daily cron job.

Ops will provide the infrastructure for running cron jobs, in this bug we only have to make the management command that will be run in the cronjob and the create/update hooks to get new keys.

[0]: https://github.com/mozilla-services/autograph
(Assignee)

Updated

2 years ago
Assignee: nobody → mcooper
Status: NEW → ASSIGNED
Priority: -- → P1
Priority: P1 → P2
(Assignee)

Updated

2 years ago
Assignee: mcooper → nobody
Status: ASSIGNED → NEW
(Assignee)

Updated

2 years ago
Assignee: nobody → mcooper
(Assignee)

Comment 1

2 years ago
This landed on master in PR #222

https://github.com/mozilla/normandy/pull/222
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Resolution: --- → FIXED

Updated

3 months ago
Product: Shield → Firefox
You need to log in before you can comment on or make changes to this bug.