From e41af9ff45e00d0c40f9641f00936671ae8dddcb Mon Sep 17 00:00:00 2001
From: Xuyang Weng <xweng@singularitysystems.com>
Date: Fri, 2 Feb 2024 17:08:24 +0800
Subject: [PATCH] fix:  AWS status check within KES the returned response body
 is not closed casued the file descriptor exceed the system limit

---
 internal/keystore/aws/secrets-manager.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/internal/keystore/aws/secrets-manager.go b/internal/keystore/aws/secrets-manager.go
index c989ecd7..0c34190b 100644
--- a/internal/keystore/aws/secrets-manager.go
+++ b/internal/keystore/aws/secrets-manager.go
@@ -112,9 +112,12 @@ func (s *Store) Status(ctx context.Context) (kes.KeyStoreState, error) {
 	}
 
 	start := time.Now()
-	if _, err = http.DefaultClient.Do(req); err != nil {
+	res, err := http.DefaultClient.Do(req)
+	if err != nil {
 		return kes.KeyStoreState{}, &keystore.ErrUnreachable{Err: err}
 	}
+	defer res.Body.Close()
+	
 	return kes.KeyStoreState{
 		Latency: time.Since(start),
 	}, nil