Fix Nomad client TLS defaults
This commit is contained in:
parent
b3f162a8a6
commit
48a2c8e41c
2 changed files with 15 additions and 7 deletions
|
@ -79,13 +79,17 @@ func (p *Provider) SetDefaults() {
|
||||||
Address: defConfig.Address,
|
Address: defConfig.Address,
|
||||||
Region: defConfig.Region,
|
Region: defConfig.Region,
|
||||||
Token: defConfig.SecretID,
|
Token: defConfig.SecretID,
|
||||||
TLS: &types.ClientTLS{
|
}
|
||||||
|
|
||||||
|
if defConfig.TLSConfig != nil && (defConfig.TLSConfig.Insecure || defConfig.TLSConfig.CACert != "" || defConfig.TLSConfig.ClientCert != "" || defConfig.TLSConfig.ClientKey != "") {
|
||||||
|
p.Endpoint.TLS = &types.ClientTLS{
|
||||||
CA: defConfig.TLSConfig.CACert,
|
CA: defConfig.TLSConfig.CACert,
|
||||||
Cert: defConfig.TLSConfig.ClientCert,
|
Cert: defConfig.TLSConfig.ClientCert,
|
||||||
Key: defConfig.TLSConfig.ClientKey,
|
Key: defConfig.TLSConfig.ClientKey,
|
||||||
InsecureSkipVerify: defConfig.TLSConfig.Insecure,
|
InsecureSkipVerify: defConfig.TLSConfig.Insecure,
|
||||||
},
|
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
p.Prefix = defaultPrefix
|
p.Prefix = defaultPrefix
|
||||||
p.ExposedByDefault = true
|
p.ExposedByDefault = true
|
||||||
p.RefreshInterval = ptypes.Duration(15 * time.Second)
|
p.RefreshInterval = ptypes.Duration(15 * time.Second)
|
||||||
|
@ -173,19 +177,24 @@ func (p *Provider) loadConfiguration(ctx context.Context, configurationC chan<-
|
||||||
}
|
}
|
||||||
|
|
||||||
func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) {
|
func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) {
|
||||||
return api.NewClient(&api.Config{
|
config := api.Config{
|
||||||
Address: endpoint.Address,
|
Address: endpoint.Address,
|
||||||
Namespace: namespace,
|
Namespace: namespace,
|
||||||
Region: endpoint.Region,
|
Region: endpoint.Region,
|
||||||
SecretID: endpoint.Token,
|
SecretID: endpoint.Token,
|
||||||
WaitTime: time.Duration(endpoint.EndpointWaitTime),
|
WaitTime: time.Duration(endpoint.EndpointWaitTime),
|
||||||
TLSConfig: &api.TLSConfig{
|
}
|
||||||
|
|
||||||
|
if endpoint.TLS != nil {
|
||||||
|
config.TLSConfig = &api.TLSConfig{
|
||||||
CACert: endpoint.TLS.CA,
|
CACert: endpoint.TLS.CA,
|
||||||
ClientCert: endpoint.TLS.Cert,
|
ClientCert: endpoint.TLS.Cert,
|
||||||
ClientKey: endpoint.TLS.Key,
|
ClientKey: endpoint.TLS.Key,
|
||||||
Insecure: endpoint.TLS.InsecureSkipVerify,
|
Insecure: endpoint.TLS.InsecureSkipVerify,
|
||||||
},
|
}
|
||||||
})
|
}
|
||||||
|
|
||||||
|
return api.NewClient(&config)
|
||||||
}
|
}
|
||||||
|
|
||||||
// configuration contains information from the service's tags that are globals
|
// configuration contains information from the service's tags that are globals
|
||||||
|
|
|
@ -84,7 +84,6 @@ func TestProvider_SetDefaults_Endpoint(t *testing.T) {
|
||||||
envs: map[string]string{},
|
envs: map[string]string{},
|
||||||
expected: &EndpointConfig{
|
expected: &EndpointConfig{
|
||||||
Address: "http://127.0.0.1:4646",
|
Address: "http://127.0.0.1:4646",
|
||||||
TLS: &types.ClientTLS{},
|
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in a new issue