diff options
author | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-08-18 09:56:12 +0300 |
---|---|---|
committer | Tuomo Ala-Vannesluoma <tuomoav@gmail.com> | 2018-08-18 09:56:12 +0300 |
commit | 82335177a418afc9aeaab9cf117c94f5063fb1b7 (patch) | |
tree | e52a11b2cbad74cfc51459dfc6d862b9bd25beb8 /internal | |
parent | 1966ab9bf8592a32a7ff88e1d1439ed80f7f65bb (diff) |
Combine transports to one package
Diffstat (limited to 'internal')
-rw-r--r-- | internal/artifact/artifact.go | 3 | ||||
-rw-r--r-- | internal/auth/auth.go | 3 | ||||
-rw-r--r-- | internal/auth/transport.go | 55 | ||||
-rw-r--r-- | internal/httptransport/transport.go (renamed from internal/artifact/transport.go) | 5 |
4 files changed, 7 insertions, 59 deletions
diff --git a/internal/artifact/artifact.go b/internal/artifact/artifact.go index 9a23e269..5050b426 100644 --- a/internal/artifact/artifact.go +++ b/internal/artifact/artifact.go @@ -12,6 +12,7 @@ import ( "time" "gitlab.com/gitlab-org/gitlab-pages/internal/httperrors" + "gitlab.com/gitlab-org/gitlab-pages/internal/httptransport" ) const ( @@ -43,7 +44,7 @@ func New(server string, timeoutSeconds int, pagesDomain string) *Artifact { suffix: "." + strings.ToLower(pagesDomain), client: &http.Client{ Timeout: time.Second * time.Duration(timeoutSeconds), - Transport: transport, + Transport: httptransport.Transport, }, } } diff --git a/internal/auth/auth.go b/internal/auth/auth.go index 936754cc..da6789dc 100644 --- a/internal/auth/auth.go +++ b/internal/auth/auth.go @@ -15,6 +15,7 @@ import ( log "github.com/sirupsen/logrus" "gitlab.com/gitlab-org/gitlab-pages/internal/domain" "gitlab.com/gitlab-org/gitlab-pages/internal/httperrors" + "gitlab.com/gitlab-org/gitlab-pages/internal/httptransport" ) const ( @@ -465,7 +466,7 @@ func New(pagesDomain string, storeSecret string, clientID string, clientSecret s storeSecret: storeSecret, apiClient: &http.Client{ Timeout: 5 * time.Second, - Transport: transport, + Transport: httptransport.Transport, }, } } diff --git a/internal/auth/transport.go b/internal/auth/transport.go deleted file mode 100644 index c8682ba2..00000000 --- a/internal/auth/transport.go +++ /dev/null @@ -1,55 +0,0 @@ -package auth - -import ( - "crypto/tls" - "crypto/x509" - "io/ioutil" - "net" - "net/http" - "os" - "sync" - - log "github.com/sirupsen/logrus" -) - -var ( - sysPoolOnce = &sync.Once{} - sysPool *x509.CertPool - - transport = &http.Transport{ - DialTLS: func(network, addr string) (net.Conn, error) { - return tls.Dial(network, addr, &tls.Config{RootCAs: pool()}) - }, - } -) - -// This is here because macOS does not support the SSL_CERT_FILE -// environment variable. We have arrange things to read SSL_CERT_FILE as -// late as possible to avoid conflicts with file descriptor passing at -// startup. -func pool() *x509.CertPool { - sysPoolOnce.Do(loadPool) - return sysPool -} - -func loadPool() { - sslCertFile := os.Getenv("SSL_CERT_FILE") - if sslCertFile == "" { - return - } - - var err error - sysPool, err = x509.SystemCertPool() - if err != nil { - log.WithError(err).Error("failed to load system cert pool for artifacts client") - return - } - - certPem, err := ioutil.ReadFile(sslCertFile) - if err != nil { - log.WithError(err).Error("failed to read SSL_CERT_FILE") - return - } - - sysPool.AppendCertsFromPEM(certPem) -} diff --git a/internal/artifact/transport.go b/internal/httptransport/transport.go index da182df6..207531f4 100644 --- a/internal/artifact/transport.go +++ b/internal/httptransport/transport.go @@ -1,4 +1,4 @@ -package artifact +package httptransport import ( "crypto/tls" @@ -16,7 +16,8 @@ var ( sysPoolOnce = &sync.Once{} sysPool *x509.CertPool - transport = &http.Transport{ + // Transport can be used with httpclient with TLS and certificates + Transport = &http.Transport{ DialTLS: func(network, addr string) (net.Conn, error) { return tls.Dial(network, addr, &tls.Config{RootCAs: pool()}) }, |