We've experienced multiple issues with the CodeSignTool. The distributed nature of our build running everything in parallel and transient network failures causes frequent disruptions / build-failures.
Defensive coding has it that one should at least perform a retry if the connection to the server fails. I would also like to add a retry-hold-off setting that will wait X amount of seconds before the next retry attempt.
Lastly, the exit code in case of an error should not be 0, and it could even detail a fatal error (do not retry in case the server is returning e.g. HTTP/429 too many requests, vs. HTTP/408 request timed out, or HTTP/504).
In summary, the sign/batch_sign commands should wrap any request that is sent to the back-end server with a retry (default 3), and a retry-hold-off (default 30s). If an unrecoverable error occur, return -1. Optionally, if the error is believed to be transient return error code -2 or something along those lines.
We've experienced multiple issues with the CodeSignTool. The distributed nature of our build running everything in parallel and transient network failures causes frequent disruptions / build-failures.
Defensive coding has it that one should at least perform a retry if the connection to the server fails. I would also like to add a retry-hold-off setting that will wait X amount of seconds before the next retry attempt.
Lastly, the exit code in case of an error should not be 0, and it could even detail a fatal error (do not retry in case the server is returning e.g. HTTP/429 too many requests, vs. HTTP/408 request timed out, or HTTP/504).
In summary, the sign/batch_sign commands should wrap any request that is sent to the back-end server with a retry (default 3), and a retry-hold-off (default 30s). If an unrecoverable error occur, return -1. Optionally, if the error is believed to be transient return error code -2 or something along those lines.