Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refresh bearer token from file to avoid stale tokens when using mount… #532

Merged
merged 1 commit into from
Feb 13, 2022
Merged

refresh bearer token from file to avoid stale tokens when using mount… #532

merged 1 commit into from
Feb 13, 2022

Conversation

grosser
Copy link
Contributor

@grosser grosser commented Jan 20, 2022
edited
Loading

…ed service account token

fixes #530

grosser
grosser commented Jan 20, 2022
View reviewed changes
grosser
grosser commented Jan 20, 2022
View reviewed changes
@grosser grosser force-pushed the grosser/stale branch 2 times, most recently from 276b11b to 2022288 Compare January 21, 2022 01:24
@grosser grosser mentioned this pull request Jan 21, 2022
Merged
@grosser
Copy link
Contributor Author

grosser commented Feb 1, 2022

with rebase this is now super clean :D

@grosser grosser force-pushed the grosser/stale branch 3 times, most recently from a1be72d to f9278dd Compare February 1, 2022 15:44
@kjetijor
Copy link
Contributor

@client = Kubeclient::Client.new(....) going straight to @client.api_valid? seems to not work with this, it'll end up missing any call to refresh_bearer_token_from_file.

@grosser
Copy link
Contributor Author

grosser commented Feb 11, 2022

fixed

@cben
Copy link
Collaborator

cben commented Feb 13, 2022

Code is neat 👍

About performance: you mentioned several options on #530 and this implements the last one:

  • reload on every request (in def rest_client and def http_options) since it's pretty cheap and usually an in-memory file

So this will add several syscalls on every request. But only when config uses a token file, which is probably mainly used in-cluster.
I don't know how to judge if that's Good Enough, but OK let's start with it and optimize later if needed.

@cben cben merged commit d68b129 into ManageIQ:master Feb 13, 2022
@cben cben mentioned this pull request Feb 13, 2022
Open
1 task
@cben cben mentioned this pull request Feb 21, 2022
Merged
This was referenced Mar 21, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bearer_token needs to be reloaded every 1h to avoid expired service account tokens
3 participants
@grosser @kjetijor @cben