Refactor TLSReloadTransport to use non-pointer time.Time for cert exp…

…iration • Changed certExpiration from a pointer to a non-pointer time.Time type. • Updated GetCertExpiration and certificateExpiringWithin methods to handle the non-pointer type. • Removed unnecessary pointer dereferences in httpclient_test.go.
cloudfoundry · Dec 19, 2024 · 2b64c7f · 2b64c7f
1 parent 42081d6
commit 2b64c7f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 7 deletions.
diff --git a/src/autoscaler/helpers/httpclient.go b/src/autoscaler/helpers/httpclient.go
@@ -19,16 +19,16 @@ type TLSReloadTransport struct {
 	Base           http.RoundTripper
 	logger         lager.Logger
 	tlsCerts       *models.TLSCerts
-	certExpiration *time.Time
+	certExpiration time.Time
 
 	HTTPClient *http.Client // Internal HTTP client.
 
 }
 
-func (t *TLSReloadTransport) GetCertExpiration() *time.Time {
-	if t.certExpiration == nil {
+func (t *TLSReloadTransport) GetCertExpiration() time.Time {
+	if t.certExpiration.IsZero() {
 		x509Cert, _ := x509.ParseCertificate(t.tlsClientConfig().Certificates[0].Certificate[0])
-		t.certExpiration = &x509Cert.NotAfter
+		t.certExpiration = x509Cert.NotAfter
 	}
 	return t.certExpiration
 }
@@ -46,11 +46,11 @@ func (t *TLSReloadTransport) reloadCert() {
 	tlsConfig, _ := t.tlsCerts.CreateClientConfig()
 	t.setTLSClientConfig(tlsConfig)
 	x509Cert, _ := x509.ParseCertificate(t.tlsClientConfig().Certificates[0].Certificate[0])
-	t.certExpiration = &x509Cert.NotAfter
+	t.certExpiration = x509Cert.NotAfter
 }
 
 func (t *TLSReloadTransport) certificateExpiringWithin(dur time.Duration) bool {
-	return t.GetCertExpiration().Sub(time.Now()) < dur
+	return time.Until(t.GetCertExpiration()) < dur
 }
 
 func (t *TLSReloadTransport) RoundTrip(req *http.Request) (*http.Response, error) {
@@ -90,6 +90,7 @@ func CreateHTTPSClient(tlsCerts *models.TLSCerts, config cf.ClientConfig, logger
 		Base:     retryClient.Transport,
 		logger:   logger,
 		tlsCerts: tlsCerts,
+
 		// Send wrapped HTTPClient referente to access tls configuration inside RoundTrip
 		// and to abract the TLSReloadTransport from the retryablehttp
 		HTTPClient: retryClient.Transport.(*retryablehttp.RoundTripper).Client.HTTPClient,

diff --git a/src/autoscaler/helpers/httpclient_test.go b/src/autoscaler/helpers/httpclient_test.go
@@ -121,7 +121,7 @@ var _ = Describe("HTTPClient", func() {
 
 func getCertExpirationFromClient(client *http.Client) time.Time {
 	GinkgoHelper()
-	return *client.Transport.(*helpers.TLSReloadTransport).GetCertExpiration()
+	return client.Transport.(*helpers.TLSReloadTransport).GetCertExpiration()
 }
 
 func getCertFromClient(client *http.Client) string {