Most requests to external servers should have a timeout attached, in case the server is not responding in a timely manner. By default, requests do not time out unless a timeout value is set explicitly. Without a timeout, your code may hang for minutes or more.
This is a problem in case a connection is blocked by a firewall. A systemd socket with a failing service does behave similiar when the service has restart enabled. I noticed the problem today while I was working on new Fedora packages.
Proposed solution:
Add a timeout option to custodia.client library, perhaps with a sensible default time out (5 sec, 10 sec, 30 sec?)
Add a timeout argument to custodia-cli with a sensible default time out (10 sec?)
Custodia uses Python's requests library to perform HTTP requests. By default requests does not time out, https://requests.readthedocs.io/en/master/user/advanced/#timeouts
This is a problem in case a connection is blocked by a firewall. A systemd socket with a failing service does behave similiar when the service has restart enabled. I noticed the problem today while I was working on new Fedora packages.
Proposed solution:
custodia.client
library, perhaps with a sensible default time out (5 sec, 10 sec, 30 sec?)custodia-cli
with a sensible default time out (10 sec?)