mirror of
https://github.com/siderolabs/talos.git
synced 2025-10-17 18:41:16 +02:00
f9b664c947
Fixes #5652 This reworks and unifies HTTP client/transport management in Talos: * cleanhttp is used everywhere consistently * DefaultClient is using pooled client, other clients use regular transport * like before, Proxy vars are inspected on each request (but now consistently) * manifest download functions now recreate the client on each run to pick up latest changes * system CA list is picked up from a fixed locations, and supports reloading on changes Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
35 lines
1.1 KiB
Go
35 lines
1.1 KiB
Go
// This Source Code Form is subject to the terms of the Mozilla Public
|
|
// License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
// file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
// Package httpdefaults provides default HTTP client settings for Talos.
|
|
package httpdefaults
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"net/http"
|
|
"net/url"
|
|
|
|
"golang.org/x/net/http/httpproxy"
|
|
)
|
|
|
|
// PatchTransport updates *http.Transport with Talos-specific settings.
|
|
//
|
|
// Settings applied here only make sense when running in Talos root filesystem.
|
|
func PatchTransport(transport *http.Transport) *http.Transport {
|
|
// Explicitly set the Proxy function to work around proxy.Do
|
|
// once: the environment variables will be reread/initialized each time the
|
|
// http call is made.
|
|
transport.Proxy = func(req *http.Request) (*url.URL, error) {
|
|
return httpproxy.FromEnvironment().ProxyFunc()(req.URL)
|
|
}
|
|
|
|
// Override the TLS config to allow refreshing CA list which might be updated
|
|
// via the machine config on the fly.
|
|
transport.TLSClientConfig = &tls.Config{
|
|
RootCAs: RootCAs(),
|
|
}
|
|
|
|
return transport
|
|
}
|