Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refresh authn.DefaultKeychain creds every 5 min #1624

Merged
merged 1 commit into from
Apr 5, 2023
Merged

Refresh authn.DefaultKeychain creds every 5 min #1624

merged 1 commit into from
Apr 5, 2023

Conversation

jonjohnsonjr
Copy link
Collaborator

Sometimes Authenticators stick around for a while and eventually expire. This changes modifies Authenticators returned by DefaultKeychain to re-resolve after 5 minutes to ensure the underlying creds are fresh.

The hard-coded 5 minutes should prevent us from spamming the underlying Keychain (it can be expensive) while also preventing the creds from expiring.

imjasonh
imjasonh approved these changes Apr 5, 2023
View reviewed changes
Copy link
Collaborator

@imjasonh imjasonh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Love it.

pkg/authn/keychain.go Show resolved Hide resolved
@codecov-commenter
Copy link

Codecov Report

Merging #1624 (e01b487) into main (b8d1c0a) will increase coverage by 0.06%.
The diff coverage is 90.62%.

@@            Coverage Diff             @@
##             main    #1624      +/-   ##
==========================================
+ Coverage   72.75%   72.81%   +0.06%     
==========================================
  Files         118      118              
  Lines        9466     9498      +32     
==========================================
+ Hits         6887     6916      +29     
- Misses       1880     1882       +2     
- Partials      699      700       +1
Impacted Files Coverage Δ
pkg/authn/keychain.go 94.23% <90.62%> (-1.61%) ⬇️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@jonjohnsonjr
Refresh authn.DefaultKeychain creds every 5 min
29da376 
Sometimes Authenticators stick around for a while and eventually expire.
This changes modifies Authenticators returned by DefaultKeychain to
re-resolve after 5 minutes to ensure the underlying creds are fresh.

The hard-coded 5 minutes should prevent us from spamming the underlying
Keychain (it can be expensive) while also preventing the creds from
expiring.

This also exposes authn.RefreshingKeychain for others to use.
@jonjohnsonjr jonjohnsonjr merged commit 249d7e1 into google:main Apr 5, 2023
@jonjohnsonjr jonjohnsonjr deleted the refresh branch April 5, 2023 20:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@imjasonh imjasonh imjasonh approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jonjohnsonjr @codecov-commenter @imjasonh