github/client-go
1
0
Fork 0
mirror of https://github.com/kubernetes/client-go.git synced 2025-06-24 14:12:18 +00:00
Code Issues Projects Releases Wiki Activity

Shorten re-read period for token files to work with ProjectedTokenVolumeSource

Browse Source 
Kubernetes-commit: a432a7cf683e4ea304ae8e39e191a438e37a813e
This commit is contained in:
Jordan Liggitt 2018-12-29 22:18:28 -05:00 committed by Kubernetes Publisher
parent 7ab9b6348c
commit f46a378f78
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
transport/token_source.go
View File

@ -47,14 +47,14 @@ func TokenSourceWrapTransport(ts oauth2.TokenSource) func(http.RoundTripper) htt
func NewCachedFileTokenSource(path string) oauth2.TokenSource { func NewCachedFileTokenSource(path string) oauth2.TokenSource {
return &cachingTokenSource{ return &cachingTokenSource{
now: time.Now, now: time.Now,
leeway: 1 * time.Minute, leeway: 10 * time.Second,
base: &fileTokenSource{ base: &fileTokenSource{
path: path, path: path,
// This period was picked because it is half of the minimum validity // This period was picked because it is half of the duration between when the kubelet
// duration for a token provisioned by they TokenRequest API. This is // refreshes a projected service account token and when the original token expires.
// unsophisticated and should induce rotation at a frequency that should // Default token lifetime is 10 minutes, and the kubelet starts refreshing at 80% of lifetime.
// work with the token volume source. // This should induce re-reading at a frequency that works with the token volume source.
period: 5 * time.Minute, period: time.Minute,
}, },
} }
} }