Ensure that we always close GitLab API response body

This change is important because in case of receiving a JSON payload
from GitLab API that is invalid, and is larger than 512, deserializer
will stop reading it after 512 bytes and will not close the reader.

This will result in HTTP connection not being reused.

This commit ensures that we always read reasponse body until EOF and
that we close the reader afterwards.

1 files changed, 36 insertions, 0 deletions

diff --git a/internal/source/gitlab/client/client_test.go b/internal/source/gitlab/client/client_test.go
index 58729153..02684860 100644
--- a/internal/source/gitlab/client/client_test.go
+++ b/internal/source/gitlab/client/client_test.go
@@ -6,6 +6,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/http/httptest"
+	"net/http/httptrace"
 	"testing"
 	"time"
 
@@ -20,6 +21,41 @@ const (
 	defaultJWTTokenExpiry    = 30 * time.Second
 )
 
+func TestConnectionReuse(t *testing.T) {
+	mux := http.NewServeMux()
+
+	mux.HandleFunc("/api/v4/internal/pages", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusOK)
+
+		// we want to test for an invalid JSON that is larger than 512 bytes
+		b := make([]byte, 513)
+		for i := range b {
+			b[i] = 'x'
+		}
+
+		w.Write(b)
+	})
+
+	server := httptest.NewServer(mux)
+	defer server.Close()
+
+	client := defaultClient(t, server.URL)
+	reused := make(chan bool, 2)
+
+	trace := &httptrace.ClientTrace{
+		GotConn: func(connInfo httptrace.GotConnInfo) {
+			reused <- connInfo.Reused
+		},
+	}
+
+	ctx := httptrace.WithClientTrace(context.Background(), trace)
+	client.GetLookup(ctx, "group.gitlab.io")
+	client.GetLookup(ctx, "group.gitlab.io")
+
+	require.False(t, <-reused)
+	require.True(t, <-reused)
+}
+
 func TestNewValidBaseURL(t *testing.T) {
 	_, err := NewClient("https://gitlab.com", secretKey(t), defaultClientConnTimeout, defaultJWTTokenExpiry)
 	require.NoError(t, err)