Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

http_config: Allow customizing TLS config and settings. #748

Merged
merged 3 commits into from
Jan 16, 2025
Merged

http_config: Allow customizing TLS config and settings. #748

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
ca379f3
http_config: Allow customizing TLS config and settings.
bwplotka Jan 16, 2025
072259e
Switched to newTLSConfigFunc
bwplotka Jan 16, 2025
7ece29f
Addressed comments.
bwplotka Jan 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 23 additions & 1 deletion config/http_config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -452,8 +452,12 @@ func (a *BasicAuth) UnmarshalYAML(unmarshal func(interface{}) error) error {
// by net.Dialer.
type DialContextFunc func(context.Context, string, string) (net.Conn, error)

// NewTLSConfigFunc returns new tls.Config.
type NewTLSConfigFunc func() (*tls.Config, error)

type httpClientOptions struct {
dialContextFunc DialContextFunc
newTLSConfigFunc NewTLSConfigFunc
keepAlivesEnabled bool
http2Enabled bool
idleConnTimeout time.Duration
Expand All @@ -473,13 +477,22 @@ func (f httpClientOptionFunc) applyToHTTPClientOptions(options *httpClientOption
f(options)
}

// WithDialContextFunc allows you to override func gets used for the actual dialing. The default is `net.Dialer.DialContext`.
// WithDialContextFunc allows you to override the func gets used for the dialing.
// The default is `net.Dialer.DialContext`.
func WithDialContextFunc(fn DialContextFunc) HTTPClientOption {
return httpClientOptionFunc(func(opts *httpClientOptions) {
opts.dialContextFunc = fn
})
}

// WithNewTLSConfigFunc allows you to override the func that creates the TLS config
// from the prometheus http config.
func WithNewTLSConfigFunc(newTLSConfigFunc NewTLSConfigFunc) HTTPClientOption {
bwplotka marked this conversation as resolved.
Show resolved Hide resolved
return httpClientOptionFunc(func(opts *httpClientOptions) {
opts.newTLSConfigFunc = newTLSConfigFunc
})
}

// WithKeepAlivesDisabled allows to disable HTTP keepalive.
func WithKeepAlivesDisabled() HTTPClientOption {
return httpClientOptionFunc(func(opts *httpClientOptions) {
Expand Down Expand Up @@ -670,6 +683,14 @@ func NewRoundTripperFromConfigWithContext(ctx context.Context, cfg HTTPClientCon
return rt, nil
}

if opts.newTLSConfigFunc != nil {
tlsConfig, err := opts.newTLSConfigFunc()
if err != nil {
return nil, err
}
return newRT(tlsConfig)
bwplotka marked this conversation as resolved.
Show resolved Hide resolved
}

tlsConfig, err := NewTLSConfig(&cfg.TLSConfig, WithSecretManager(opts.secretManager))
if err != nil {
return nil, err
Expand All @@ -679,6 +700,7 @@ func NewRoundTripperFromConfigWithContext(ctx context.Context, cfg HTTPClientCon
if err != nil {
return nil, err
}

if tlsSettings.immutable() {
// No need for a RoundTripper that reloads the files automatically.
return newRT(tlsConfig)
Expand Down
Loading