Merge branch '12033-multisite-search'

[arvados.git] / apps / workbench / app / models / arvados_api_client.rb

diff --git a/apps/workbench/app/models/arvados_api_client.rb b/apps/workbench/app/models/arvados_api_client.rb
index 4d549d194728eb00a9f3a2a01fd097d84955a16e..8638b0aa510b08cab457cf115fa9d42163ea6bd9 100644 (file)
--- a/apps/workbench/app/models/arvados_api_client.rb
+++ b/apps/workbench/app/models/arvados_api_client.rb
@@ -1,3 +1,7 @@
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
+
 require 'httpclient'
 require 'thread'
 
@@ -85,11 +89,17 @@ class ArvadosApiClient
     if not @api_client
       @client_mtx.synchronize do
         @api_client = HTTPClient.new
+        @api_client.ssl_config.timeout = Rails.configuration.api_client_connect_timeout
+        @api_client.connect_timeout = Rails.configuration.api_client_connect_timeout
+        @api_client.receive_timeout = Rails.configuration.api_client_receive_timeout
         if Rails.configuration.arvados_insecure_https
           @api_client.ssl_config.verify_mode = OpenSSL::SSL::VERIFY_NONE
         else
           # Use system CA certificates
-          @api_client.ssl_config.add_trust_ca('/etc/ssl/certs')
+          ["/etc/ssl/certs/ca-certificates.crt",
+           "/etc/pki/tls/certs/ca-bundle.crt"]
+            .select { |ca_path| File.readable?(ca_path) }
+            .each { |ca_path| @api_client.ssl_config.add_trust_ca(ca_path) }
         end
         if Rails.configuration.api_response_compression
           @api_client.transparent_gzip_decompression = true
@@ -111,6 +121,7 @@ class ArvadosApiClient
                            Thread.current[:reader_tokens] ||
                            []) +
                           [Rails.configuration.anonymous_user_token]).to_json,
+      'current_request_id' => (Thread.current[:current_request_id] || ''),
     }
     if !data.nil?
       data.each do |k,v|