Merge branch 'master' into 3762-delete-list-worker

[arvados.git] / sdk / go / keepclient / keepclient.go

diff --git a/sdk/go/keepclient/keepclient.go b/sdk/go/keepclient/keepclient.go
index dbc24666393a4c7d866702abd77c5b438ec9d0db..5d791948dcb808f3373555d183d61f7df5a22100 100644 (file)
--- a/sdk/go/keepclient/keepclient.go
+++ b/sdk/go/keepclient/keepclient.go
@@ -3,6 +3,7 @@ package keepclient
 
 import (
        "crypto/md5"
+       "crypto/tls"
        "errors"
        "fmt"
        "git.curoverse.com/arvados.git/sdk/go/arvadosclient"
@@ -10,8 +11,8 @@ import (
        "io"
        "io/ioutil"
        "log"
-       "net"
        "net/http"
+       "os"
        "regexp"
        "strings"
        "sync"
@@ -45,28 +46,16 @@ type KeepClient struct {
 // Create a new KeepClient.  This will contact the API server to discover Keep
 // servers.
 func MakeKeepClient(arv *arvadosclient.ArvadosClient) (kc KeepClient, err error) {
+       var matchTrue = regexp.MustCompile("^(?i:1|yes|true)$")
+       insecure := matchTrue.MatchString(os.Getenv("ARVADOS_API_HOST_INSECURE"))
        kc = KeepClient{
                Arvados:       arv,
                Want_replicas: 2,
                Using_proxy:   false,
-               Client: &http.Client{
-                       // The maximum duration of the connection, will be
-                       // closed if exceeded.
-                       Timeout: 5 * time.Minute,
-                       Transport: &http.Transport{
-                               Dial: (&net.Dialer{
-                                       // The maximum time to wait to set up
-                                       // the initial TCP connection.
-                                       Timeout: 60 * time.Second,
-
-                                       // The TCP keep alive heartbeat
-                                       // interval.
-                                       KeepAlive: 60 * time.Second,
-                               }).Dial,
-                               TLSHandshakeTimeout: 10 * time.Second,
-                       }}}
-
-       err = (&kc).DiscoverKeepServers()
+               Client: &http.Client{Transport: &http.Transport{
+                       TLSClientConfig: &tls.Config{InsecureSkipVerify: insecure}}},
+       }
+       _, err = (&kc).DiscoverKeepServers()
 
        return kc, err
 }
@@ -175,10 +164,17 @@ func (this KeepClient) AuthorizedGet(hash string,
 
                var resp *http.Response
                if resp, err = this.Client.Do(req); err != nil || resp.StatusCode != http.StatusOK {
-                       respbody, _ := ioutil.ReadAll(&io.LimitedReader{resp.Body, 4096})
+                       statusCode := -1
+                       var respbody []byte
+                       if resp != nil {
+                               statusCode = resp.StatusCode
+                               if resp.Body != nil {
+                                       respbody, _ = ioutil.ReadAll(&io.LimitedReader{resp.Body, 4096})
+                               }
+                       }
                        response := strings.TrimSpace(string(respbody))
                        log.Printf("[%v] Download %v status code: %v error: \"%v\" response: \"%v\"",
-                               requestId, url, resp.StatusCode, err, response)
+                               requestId, url, statusCode, err, response)
                        continue
                }