Skip to content

Commit f63681f

Browse files
author
Paulo Gomes
committed
Improve TransportPool documentation
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
1 parent 3b4cc52 commit f63681f

File tree

1 file changed

+32
-1
lines changed

1 file changed

+32
-1
lines changed

internal/helm/getter/transport.go

Lines changed: 32 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,29 @@ import (
2525
"time"
2626
)
2727

28+
// TransportPool is a progressive and non-blocking pool
29+
// for http.Transport objects, optimised for Gargabe Collection
30+
// and without a hard limit on number of objects created.
31+
//
32+
// Its main purpose is to enable for transport objects to be
33+
// used across helm chart download requests and helm/pkg/getter
34+
// instances by leveraging the getter.WithTransport(t) construct.
35+
//
36+
// The use of this pool improves the default behaviour of helm getter
37+
// which creates a new connection per request, or per getter instance,
38+
// resulting on unnecessary TCP connections with the target.
39+
//
40+
// http.Transport objects may contain sensitive material and also have
41+
// settings that may impact the security of HTTP operations using
42+
// them (i.e. InsecureSkipVerify). Therefore, ensure that they are
43+
// used in a thread-safe way, and also by reseting TLS specific state
44+
// after each use.
45+
//
46+
// Calling the Release(t) function will reset TLS specific state whilst
47+
// also releasing the transport back to the pool to be reused.
48+
//
49+
// xref: https://github.com/helm/helm/pull/10568
50+
// xref2: https://github.com/fluxcd/source-controller/issues/578
2851
type TransportPool struct {
2952
}
3053

@@ -34,6 +57,14 @@ var pool = &sync.Pool{
3457
DisableCompression: true,
3558
Proxy: http.ProxyFromEnvironment,
3659

60+
// Due to the non blocking nature of this approach,
61+
// at peak usage a higher number of transport objects
62+
// may be created. sync.Pool will ensure they are
63+
// gargage collected when/if needed.
64+
//
65+
// By setting a low value to IdleConnTimeout the connections
66+
// will be closed after that period of inactivity, allowing the
67+
// transport to be garbage collected.
3768
IdleConnTimeout: 60 * time.Second,
3869

3970
// use safe defaults based off http.DefaultTransport
@@ -50,7 +81,7 @@ var pool = &sync.Pool{
5081
// NewOrIdle tries to return an existing transport that is not currently being used.
5182
// If none is found, creates a new Transport instead.
5283
//
53-
// tlsConfig sets the TLSClientConfig for the transport and can be nil.
84+
// tlsConfig can optionally set the TLSClientConfig for the transport.
5485
func NewOrIdle(tlsConfig *tls.Config) *http.Transport {
5586
t := pool.Get().(*http.Transport)
5687
t.TLSClientConfig = tlsConfig

0 commit comments

Comments
 (0)