From b05b7c8c2845caa7a8f4a1eb580d5a8670f27533 Mon Sep 17 00:00:00 2001 From: Cyrill Troxler Date: Tue, 17 Dec 2019 10:45:45 +0100 Subject: [PATCH] Do not reuse transport Because this breaks setting VAULT_CACERT as the certificate store from the vault client will be reused --- gcpvault.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/gcpvault.go b/gcpvault.go index 9ead824..eb33686 100644 --- a/gcpvault.go +++ b/gcpvault.go @@ -245,12 +245,11 @@ func newJWTBase(ctx context.Context, cfg Config) (string, error) { } hc := getHTTPClient(ctx, cfg) - // reuse base transport and timeout but sprinkle on the token source for IAM access + // reuse timeout but sprinkle on the token source for IAM access hcIAM := &http.Client{ Timeout: hc.Timeout, Transport: &oauth2.Transport{ Source: tokenSource, - Base: hc.Transport, }, } iamClient, err := iam.New(hcIAM)