This fixes the edge case when the communication to vault is very slow
and the passed token is about to expire, it can happen that
the call to lookup self returns success but the following vault calls
still run into an error as the token just expired.
This problem becomes more severe as vault communication sometimes
can be quite slow.
This change will fix this edge by calculating the maximal time, a call to
vault will take. That is:
(Read Timeout + Open Timeout + Retry Intervall in Milliseconds / 1000) * Max Retried
This is capped to 60 seconds as the documentation
for the read and open timeout parameters were wrong. As the previous
documentation stated that the timeout parameter are ms valued, they
are actually seconds. See: openTimout and readTimeout
This could cause users to have high values
in these parameters. To prevent continues token refreshing in that case,
the maximal guaranteed token validity is capped to 60 seconds.
This fixes the edge case when the communication to vault is very slow and the passed token is about to expire, it can happen that the call to
lookup selfreturns success but the following vault calls still run into an error as the token just expired.This problem becomes more severe as vault communication sometimes can be quite slow.
This change will fix this edge by calculating the maximal time, a call to vault will take. That is:
This is capped to 60 seconds as the documentation for the read and open timeout parameters were wrong. As the previous documentation stated that the timeout parameter are ms valued, they are actually seconds. See: openTimout and readTimeout
This could cause users to have high values in these parameters. To prevent continues token refreshing in that case, the maximal guaranteed token validity is capped to 60 seconds.
I couldn't test my PR with the docker images due to: https://github.com/rundeck-plugins/vault-storage/issues/37