fluxcd
/
source-controller
mirror of https://github.com/fluxcd/source-controller.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve TransportPool documentation 

Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
This commit is contained in:
Paulo Gomes 2022-03-02 13:53:31 +00:00
parent 3b4cc52419
commit f63681f372
No known key found for this signature in database
GPG Key ID: 9995233870E99BEE
1 changed files with 32 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
internal/helm/getter/transport.go
View File

@ -25,6 +25,29 @@ import (
"time" "time"
) )
// TransportPool is a progressive and non-blocking pool
// for http.Transport objects, optimised for Gargabe Collection
// and without a hard limit on number of objects created.
//
// Its main purpose is to enable for transport objects to be
// used across helm chart download requests and helm/pkg/getter
// instances by leveraging the getter.WithTransport(t) construct.
//
// The use of this pool improves the default behaviour of helm getter
// which creates a new connection per request, or per getter instance,
// resulting on unnecessary TCP connections with the target.
//
// http.Transport objects may contain sensitive material and also have
// settings that may impact the security of HTTP operations using
// them (i.e. InsecureSkipVerify). Therefore, ensure that they are
// used in a thread-safe way, and also by reseting TLS specific state
// after each use.
//
// Calling the Release(t) function will reset TLS specific state whilst
// also releasing the transport back to the pool to be reused.
//
// xref: https://github.com/helm/helm/pull/10568
// xref2: https://github.com/fluxcd/source-controller/issues/578
type TransportPool struct { type TransportPool struct {
} }
@ -34,6 +57,14 @@ var pool = &sync.Pool{
DisableCompression: true, DisableCompression: true,
Proxy: http.ProxyFromEnvironment, Proxy: http.ProxyFromEnvironment,
// Due to the non blocking nature of this approach,
// at peak usage a higher number of transport objects
// may be created. sync.Pool will ensure they are
// gargage collected when/if needed.
//
// By setting a low value to IdleConnTimeout the connections
// will be closed after that period of inactivity, allowing the
// transport to be garbage collected.
IdleConnTimeout: 60 * time.Second, IdleConnTimeout: 60 * time.Second,
// use safe defaults based off http.DefaultTransport // use safe defaults based off http.DefaultTransport
@ -50,7 +81,7 @@ var pool = &sync.Pool{
// NewOrIdle tries to return an existing transport that is not currently being used. // NewOrIdle tries to return an existing transport that is not currently being used.
// If none is found, creates a new Transport instead. // If none is found, creates a new Transport instead.
// //
// tlsConfig sets the TLSClientConfig for the transport and can be nil. // tlsConfig can optionally set the TLSClientConfig for the transport.
func NewOrIdle(tlsConfig *tls.Config) *http.Transport { func NewOrIdle(tlsConfig *tls.Config) *http.Transport {
t := pool.Get().(*http.Transport) t := pool.Get().(*http.Transport)
t.TLSClientConfig = tlsConfig t.TLSClientConfig = tlsConfig