TLS handshake timeout: transport timeouts too aggressive; requests fail in CI #30
Description
Summary
Requests to calypr-dev.ohsu.edu are failing with a net/http: TLS handshake timeout error when running in CI/CD environments. The current transport-level timeouts may be too aggressive for the network, especially given variability in CI network performance and hospital/institutional infrastructure.
Error details
Observed error:
level=ERROR source=/home/runner/go/pkg/mod/github.com/hashicorp/go-retryablehttp@v0.7.8/client.go:735 msg="request failed" pid=801632 error="Post \"https://calypr-dev.ohsu.edu/user/credentials/api/access_token\": net/http: TLS handshake timeout" method=POST url=https://calypr-dev.ohsu.edu/user/credentials/api/access_token
Current transport config (request/request.go)
DialContext Timeout: 5s
TLSHandshakeTimeout: 5s
ResponseHeaderTimeout: 10s
Proposed fix
Increase transport timeouts to allow for higher-latency environments:
- Dialer.Timeout: 10s
- TLSHandshakeTimeout: 15s
- ResponseHeaderTimeout: 30s
This should prevent premature TLS handshake failures and better accommodate slow network situations in CI and institutional networks.
Additional context
- The http.Client global Timeout is set to 0 (no upper bound), so transport timeouts are critical.
- Retries will not help if each handshake fails due to a short timeout; all will fail the same way.
Request: Update request/request.go to use more permissive transport-level timeouts for reliability.