Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid to use the http.DefaultClient #4667

Merged
merged 4 commits into from
Jan 3, 2024
Merged

Avoid to use the http.DefaultClient #4667

merged 4 commits into from
Jan 3, 2024

Conversation

andresgomezfrr
Copy link
Contributor

@andresgomezfrr andresgomezfrr commented Jan 3, 2024
edited
Loading

Tracking issue

Closes #4666

Why are the changes needed?

We need to avoid using the http.DefaultClient because it doesn't have the proper transport configured with the TLS configurations.

What changes were proposed in this pull request?

Instead of using the http.DefaultClient to configure the read-only requests (cache) and the dynamic rest mapper. We are going to create a new client using the config to ensure that the TLS configuration is loaded.

Check all the applicable boxes

  • I updated the documentation accordingly.
  • All new and existing tests passed.
  • All commits are signed-off.

@andresgomezfrr andresgomezfrr marked this pull request as ready for review January 3, 2024 13:33
@dosubot dosubot bot added size:S This PR changes 10-29 lines, ignoring generated files. enhancement New feature or request security Issues related to Security improvements labels Jan 3, 2024
honnix
honnix reviewed Jan 3, 2024
View reviewed changes
flyteplugins/go/tasks/pluginmachinery/k8s/client.go
@@ -40,9 +38,14 @@ type Options struct {
// NewKubeClient creates a new KubeClient that caches reads and falls back to
// make API calls on failure. Write calls are not cached.
func NewKubeClient(config *rest.Config, options Options) (core.KubeClient, error) {
httpClient, err := rest.HTTPClientFor(config)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A question. We used to have three different http clients for different purposes, and now we will only have one. Do you know the implication, or do you prefer we still have three? @eapolinario

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be clear, I don't see why we would need three different struct instances given the config is the same.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

// The Client's Transport typically has internal state (cached TCP
// connections), so Clients should be reused instead of created as
// needed. Clients are safe for concurrent use by multiple goroutines.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this was the PR kubernetes-sigs/controller-runtime#2122, which carried exactly the same rationale.

@andresgomezfrr
Add httpClient to ClientOptions
32d1c35 
Signed-off-by: Andres Gomez Ferrer <[email protected]>
@codecov Codecov
Copy link

codecov bot commented Jan 3, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (ba10600) 58.12% compared to head (32d1c35) 58.11%.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #4667      +/-   ##
==========================================
- Coverage   58.12%   58.11%   -0.01%     
==========================================
  Files         626      626              
  Lines       53815    53815              
==========================================
- Hits        31278    31274       -4     
- Misses      20035    20040       +5     
+ Partials     2502     2501       -1
Flag Coverage Δ
unittests 58.11% <ø> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dosubot dosubot bot added the lgtm This PR has been approved by a maintainer label Jan 3, 2024
@pingsutw pingsutw merged commit a726c36 into flyteorg:master Jan 3, 2024
44 of 45 checks passed
@honnix honnix deleted the not-use-default-http-client branch January 5, 2024 12:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pingsutw pingsutw pingsutw approved these changes

@honnix honnix honnix approved these changes

Assignees
No one assigned
Labels
enhancement New feature or request lgtm This PR has been approved by a maintainer security Issues related to Security improvements size:S This PR changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[BUG] Unable to validate certificates using ray plugin
3 participants
@andresgomezfrr @honnix @pingsutw