This is an automated email from the ASF dual-hosted git repository.
mdeuser pushed a commit to branch master
in repository
https://gitbox.apache.org/repos/asf/incubator-openwhisk-client-go.git
The following commit(s) were added to refs/heads/master by this push:
new 41bdfc4 Load X509 cert on client creation (#112)
41bdfc4 is described below
commit 41bdfc4b124d7a9e419ba72ab19ce31f01338509
Author: Mingyu Zhou <[email protected]>
AuthorDate: Mon Jan 21 20:59:58 2019 +0800
Load X509 cert on client creation (#112)
* load X509 cert on client creation
* remove unnecessary comments
* resolve comments
---
whisk/action.go | 2 +-
whisk/client.go | 63 ++++++++++++++++++++++++++++++++-------------------------
whisk/info.go | 4 ----
whisk/sdk.go | 4 ----
4 files changed, 37 insertions(+), 36 deletions(-)
diff --git a/whisk/action.go b/whisk/action.go
index c1e06ea..254c45c 100644
--- a/whisk/action.go
+++ b/whisk/action.go
@@ -213,7 +213,7 @@ func (s *ActionService) Insert(action *Action, overwrite
bool) (*Action, *http.R
req, err := s.client.NewRequest("PUT", route, action,
IncludeNamespaceInUrl)
if err != nil {
- Debug(DbgError, "http.NewRequest(PUT, %s, %#v) error: '%s'\n",
route, err, action)
+ Debug(DbgError, "http.NewRequest(PUT, %s, %#v) error: '%s'\n",
route, action, err)
errMsg := wski18n.T("Unable to create HTTP request for PUT
'{{.route}}': {{.err}}",
map[string]interface{}{"route": route, "err": err})
whiskErr := MakeWskErrorFromWskError(errors.New(errMsg), err,
EXIT_CODE_ERR_NETWORK, DISPLAY_MSG,
diff --git a/whisk/client.go b/whisk/client.go
index cbedf83..79dda39 100644
--- a/whisk/client.go
+++ b/whisk/client.go
@@ -24,7 +24,6 @@ import (
"encoding/json"
"errors"
"fmt"
- "github.com/apache/incubator-openwhisk-client-go/wski18n"
"io"
"io/ioutil"
"net"
@@ -35,6 +34,8 @@ import (
"runtime"
"strings"
"time"
+
+ "github.com/apache/incubator-openwhisk-client-go/wski18n"
)
const (
@@ -111,10 +112,15 @@ var DefaultObfuscateArr = []ObfuscateSet{
},
}
-func NewClient(httpClient *http.Client, config_input *Config) (*Client, error)
{
+// NewClient creates a new whisk client with the provided http client and
whisk configuration.
+//
+// A new http.Transport will be created when client cert or TLS insecure
options are set.
+// If one use custom tranport and want to keep it intact, please opt out TLS
related fields
+// in configInput and construct TLS conguration in the custom transport.
+func NewClient(httpClient *http.Client, configInput *Config) (*Client, error) {
var config *Config
- if config_input == nil {
+ if configInput == nil {
defaultConfig, err := GetDefaultConfig()
if err != nil {
return nil, err
@@ -122,7 +128,7 @@ func NewClient(httpClient *http.Client, config_input
*Config) (*Client, error) {
config = defaultConfig
}
} else {
- config = config_input
+ config = configInput
}
if httpClient == nil {
@@ -138,7 +144,7 @@ func NewClient(httpClient *http.Client, config_input
*Config) (*Client, error) {
} else if config.BaseURL == nil {
config.BaseURL, err = GetUrlBase(config.Host)
if err != nil {
- Debug(DbgError, "Unable to create request URL, because
the api host %s is invalid\n", config.Host, err)
+ Debug(DbgError, "Unable to create request URL, because
the api host %s is invalid: %s\n", config.Host, err)
errStr = wski18n.T("Unable to create request URL,
because the api host '{{.host}}' is invalid: {{.err}}",
map[string]interface{}{"host": config.Host,
"err": err})
}
@@ -176,6 +182,11 @@ func NewClient(httpClient *http.Client, config_input
*Config) (*Client, error) {
c.Info = &InfoService{client: c}
c.Apis = &ApiService{client: c}
+ werr := c.LoadX509KeyPair()
+ if werr != nil {
+ return nil, werr
+ }
+
return c, nil
}
@@ -214,19 +225,26 @@ func (c *Client) LoadX509KeyPair() error {
}
}
- // Use the defaultTransport as the transport basis to maintain proxy
support
- c.client.Transport = &http.Transport{
- Proxy: http.ProxyFromEnvironment,
- DialContext: (&net.Dialer{
- Timeout: 30 * time.Second,
- KeepAlive: 30 * time.Second,
- DualStack: true,
- }).DialContext,
- MaxIdleConns: 100,
- IdleConnTimeout: 90 * time.Second,
- TLSHandshakeTimeout: 10 * time.Second,
- ExpectContinueTimeout: 1 * time.Second,
- TLSClientConfig: tlsConfig,
+ // Only replace the existing transport when a custom TLS configuration
is needed
+ if tlsConfig.InsecureSkipVerify || tlsConfig.Certificates != nil {
+ if c.client.Transport != nil {
+ warningStr := "The provided http.Transport is replaced
to match the TLS configuration. Custom transport cannot coexist with nondefault
TLS configuration"
+ Debug(DbgWarn, warningStr)
+ }
+ // Use the defaultTransport as the transport basis to maintain
proxy support
+ c.client.Transport = &http.Transport{
+ Proxy: http.ProxyFromEnvironment,
+ DialContext: (&net.Dialer{
+ Timeout: 30 * time.Second,
+ KeepAlive: 30 * time.Second,
+ DualStack: true,
+ }).DialContext,
+ MaxIdleConns: 100,
+ IdleConnTimeout: 90 * time.Second,
+ TLSHandshakeTimeout: 10 * time.Second,
+ ExpectContinueTimeout: 1 * time.Second,
+ TLSClientConfig: tlsConfig,
+ }
}
return nil
@@ -241,11 +259,6 @@ var ReadX509KeyPair = func(certFile, keyFile string)
(tls.Certificate, error) {
///////////////////////////////
func (c *Client) NewRequest(method, urlStr string, body interface{},
includeNamespaceInUrl bool) (*http.Request, error) {
- werr := c.LoadX509KeyPair()
- if werr != nil {
- return nil, werr
- }
-
if includeNamespaceInUrl {
if c.Config.Namespace != "" {
urlStr = fmt.Sprintf("%s/namespaces/%s/%s",
c.Config.Version, c.Config.Namespace, urlStr)
@@ -705,10 +718,6 @@ func (c *Client) NewRequestUrl(
useAuthentication bool) (*http.Request, error) {
var requestUrl *url.URL
var err error
- error := c.LoadX509KeyPair()
- if error != nil {
- return nil, error
- }
if appendOpenWhiskPath {
var urlVerNamespaceStr string
diff --git a/whisk/info.go b/whisk/info.go
index 939412f..1cc9179 100644
--- a/whisk/info.go
+++ b/whisk/info.go
@@ -38,10 +38,6 @@ type InfoService struct {
func (s *InfoService) Get() (*Info, *http.Response, error) {
// make a request to c.BaseURL / v1
- err := s.client.LoadX509KeyPair()
- if err != nil {
- return nil, nil, err
- }
urlStr := fmt.Sprintf("%s/%s", s.client.BaseURL.String(),
s.client.Config.Version)
u, err := url.Parse(urlStr)
if err != nil {
diff --git a/whisk/sdk.go b/whisk/sdk.go
index 06743b1..dae850d 100644
--- a/whisk/sdk.go
+++ b/whisk/sdk.go
@@ -39,10 +39,6 @@ type SdkRequest struct {
// Install artifact {component = docker || swift || iOS}
func (s *SdkService) Install(relFileUrl string) (*http.Response, error) {
- err := s.client.LoadX509KeyPair()
- if err != nil {
- return nil, err
- }
baseURL := s.client.Config.BaseURL
// Remove everything but the scheme, host, and port
baseURL.Path, baseURL.RawQuery, baseURL.Fragment = "", "", ""
