diff options
Diffstat (limited to 'vendor/github.com/hashicorp/vault/api/client.go')
| -rw-r--r-- | vendor/github.com/hashicorp/vault/api/client.go | 24 |
1 files changed, 18 insertions, 6 deletions
diff --git a/vendor/github.com/hashicorp/vault/api/client.go b/vendor/github.com/hashicorp/vault/api/client.go index fa06d46..5f8a6f6 100644 --- a/vendor/github.com/hashicorp/vault/api/client.go +++ b/vendor/github.com/hashicorp/vault/api/client.go @@ -11,6 +11,8 @@ import ( "sync" "time" + "golang.org/x/net/http2" + "github.com/hashicorp/go-cleanhttp" "github.com/hashicorp/go-rootcerts" "github.com/sethgrid/pester" @@ -25,6 +27,7 @@ const EnvVaultInsecure = "VAULT_SKIP_VERIFY" const EnvVaultTLSServerName = "VAULT_TLS_SERVER_NAME" const EnvVaultWrapTTL = "VAULT_WRAP_TTL" const EnvVaultMaxRetries = "VAULT_MAX_RETRIES" +const EnvVaultToken = "VAULT_TOKEN" // WrappingLookupFunc is a function that, given an HTTP verb and a path, // returns an optional string duration to be used for response wrapping (e.g. @@ -84,8 +87,7 @@ type TLSConfig struct { // setting the `VAULT_ADDR` environment variable. func DefaultConfig() *Config { config := &Config{ - Address: "https://127.0.0.1:8200", - + Address: "https://127.0.0.1:8200", HttpClient: cleanhttp.DefaultClient(), } config.HttpClient.Timeout = time.Second * 60 @@ -104,7 +106,6 @@ func DefaultConfig() *Config { // ConfigureTLS takes a set of TLS configurations and applies those to the the HTTP client. func (c *Config) ConfigureTLS(t *TLSConfig) error { - if c.HttpClient == nil { c.HttpClient = DefaultConfig().HttpClient } @@ -247,6 +248,11 @@ func NewClient(c *Config) (*Client, error) { c.HttpClient = DefaultConfig().HttpClient } + tp := c.HttpClient.Transport.(*http.Transport) + if err := http2.ConfigureTransport(tp); err != nil { + return nil, err + } + redirFunc := func() { // Ensure redirects are not automatically followed // Note that this is sane for the API client as it has its own @@ -254,9 +260,9 @@ func NewClient(c *Config) (*Client, error) { // but in e.g. http_test actual redirect handling is necessary c.HttpClient.CheckRedirect = func(req *http.Request, via []*http.Request) error { // Returning this value causes the Go net library to not close the - // response body and nil out the error. Otherwise pester tries + // response body and to nil out the error. Otherwise pester tries // three times on every redirect because it sees an error from this - // function being passed through. + // function (to prevent redirects) passing through to it. return http.ErrUseLastResponse } } @@ -268,7 +274,7 @@ func NewClient(c *Config) (*Client, error) { config: c, } - if token := os.Getenv("VAULT_TOKEN"); token != "" { + if token := os.Getenv(EnvVaultToken); token != "" { client.SetToken(token) } @@ -292,6 +298,11 @@ func (c *Client) Address() string { return c.addr.String() } +// SetMaxRetries sets the number of retries that will be used in the case of certain errors +func (c *Client) SetMaxRetries(retries int) { + c.config.MaxRetries = retries +} + // SetWrappingLookupFunc sets a lookup function that returns desired wrap TTLs // for a given operation and path func (c *Client) SetWrappingLookupFunc(lookupFunc WrappingLookupFunc) { @@ -322,6 +333,7 @@ func (c *Client) NewRequest(method, path string) *Request { req := &Request{ Method: method, URL: &url.URL{ + User: c.addr.User, Scheme: c.addr.Scheme, Host: c.addr.Host, Path: path, |