Skip to content

Commit

Permalink
entrust: use reasonable defaults for HTTP transport (#477)
Browse files Browse the repository at this point in the history
This commit fixes the HTTP transport of the entrust keycontrol client
to use a connection pool to reuse connections or close idle ones.

Signed-off-by: Andreas Auernhammer <[email protected]>
  • Loading branch information
aead authored Aug 16, 2024
1 parent ef3f85c commit 0d1464e
Showing 1 changed file with 12 additions and 1 deletion.
13 changes: 12 additions & 1 deletion internal/keystore/entrust/keycontrol.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ import (
"fmt"
"io"
"log"
"net"
"net/http"
"net/url"
"strings"
Expand Down Expand Up @@ -69,7 +70,17 @@ func (c *Config) Clone() *Config {
func Login(ctx context.Context, config *Config) (*KeyControl, error) {
config = config.Clone()
transport := &http.Transport{
TLSClientConfig: config.TLS,
Proxy: http.ProxyFromEnvironment,
DialContext: (&net.Dialer{
Timeout: 30 * time.Second,
KeepAlive: 30 * time.Second,
}).DialContext,
ForceAttemptHTTP2: true,
MaxIdleConns: 100,
IdleConnTimeout: 90 * time.Second,
TLSHandshakeTimeout: 10 * time.Second,
ExpectContinueTimeout: 1 * time.Second,
TLSClientConfig: config.TLS,
}
token, expiresAt, err := login(ctx, transport, config.Endpoint, config.VaultID, config.Username, config.Password)
if err != nil {
Expand Down

0 comments on commit 0d1464e

Please sign in to comment.