From 3e8321fab29314d3f030cf35bdf949cfddfd4353 Mon Sep 17 00:00:00 2001 From: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> Date: Tue, 16 Jul 2024 10:51:39 -0700 Subject: [PATCH] Have Sidecar reuse the same HTTP client and discard request body (#2213) Signed-off-by: Daniel Valdivia <18384552+dvaldivia@users.noreply.github.com> Co-authored-by: pjuarezd --- sidecar/pkg/sidecar/webhook_server.go | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/sidecar/pkg/sidecar/webhook_server.go b/sidecar/pkg/sidecar/webhook_server.go index e30bc51aa0a..b8a656b28a2 100644 --- a/sidecar/pkg/sidecar/webhook_server.go +++ b/sidecar/pkg/sidecar/webhook_server.go @@ -19,6 +19,7 @@ package sidecar import ( "crypto/tls" "fmt" + "io" "net/http" "time" @@ -78,6 +79,14 @@ func configureProbesServer(c *Controller, tenantTLS bool) *http.Server { return s } +// we do insecure skip verify because we are checking against the local instance and don't care for the certificate +var probeHTTPClient = &http.Client{ + Timeout: time.Millisecond * 500, + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, + }, +} + func readinessHandler(tenantTLS bool) func(w http.ResponseWriter, r *http.Request) { return func(w http.ResponseWriter, r *http.Request) { schema := "https" @@ -92,21 +101,13 @@ func readinessHandler(tenantTLS bool) func(w http.ResponseWriter, r *http.Reques return } - // we do insecure skip verify because we are checking against the local instance and don't care for the - // certificate - client := &http.Client{ - Timeout: time.Millisecond * 500, - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - }, - } - - response, err := client.Do(request) + response, err := probeHTTPClient.Do(request) if err != nil { http.Error(w, fmt.Sprintf("HTTP request failed: %s", err), http.StatusInternalServerError) return } defer response.Body.Close() + _, _ = io.Copy(io.Discard, response.Body) // Discard body to enable connection reuse if response.StatusCode == 403 { fmt.Fprintln(w, "Readiness probe succeeded.")