diff --git a/pkg/provider/nomad/nomad.go b/pkg/provider/nomad/nomad.go index 4b28f4707..348edef34 100644 --- a/pkg/provider/nomad/nomad.go +++ b/pkg/provider/nomad/nomad.go @@ -79,13 +79,17 @@ func (p *Provider) SetDefaults() { Address: defConfig.Address, Region: defConfig.Region, Token: defConfig.SecretID, - TLS: &types.ClientTLS{ + } + + if defConfig.TLSConfig != nil && (defConfig.TLSConfig.Insecure || defConfig.TLSConfig.CACert != "" || defConfig.TLSConfig.ClientCert != "" || defConfig.TLSConfig.ClientKey != "") { + p.Endpoint.TLS = &types.ClientTLS{ CA: defConfig.TLSConfig.CACert, Cert: defConfig.TLSConfig.ClientCert, Key: defConfig.TLSConfig.ClientKey, InsecureSkipVerify: defConfig.TLSConfig.Insecure, - }, + } } + p.Prefix = defaultPrefix p.ExposedByDefault = true p.RefreshInterval = ptypes.Duration(15 * time.Second) @@ -173,19 +177,24 @@ func (p *Provider) loadConfiguration(ctx context.Context, configurationC chan<- } func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) { - return api.NewClient(&api.Config{ + config := api.Config{ Address: endpoint.Address, Namespace: namespace, Region: endpoint.Region, SecretID: endpoint.Token, WaitTime: time.Duration(endpoint.EndpointWaitTime), - TLSConfig: &api.TLSConfig{ + } + + if endpoint.TLS != nil { + config.TLSConfig = &api.TLSConfig{ CACert: endpoint.TLS.CA, ClientCert: endpoint.TLS.Cert, ClientKey: endpoint.TLS.Key, Insecure: endpoint.TLS.InsecureSkipVerify, - }, - }) + } + } + + return api.NewClient(&config) } // configuration contains information from the service's tags that are globals diff --git a/pkg/provider/nomad/nomad_test.go b/pkg/provider/nomad/nomad_test.go index 3bfc54dee..7dab2b2a1 100644 --- a/pkg/provider/nomad/nomad_test.go +++ b/pkg/provider/nomad/nomad_test.go @@ -84,7 +84,6 @@ func TestProvider_SetDefaults_Endpoint(t *testing.T) { envs: map[string]string{}, expected: &EndpointConfig{ Address: "http://127.0.0.1:4646", - TLS: &types.ClientTLS{}, }, }, {