Fix Nomad client TLS defaults

This commit is contained in:
Romain 2023-03-21 15:32:06 +01:00 committed by GitHub
parent b3f162a8a6
commit 48a2c8e41c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 7 deletions

View file

@ -79,13 +79,17 @@ func (p *Provider) SetDefaults() {
Address: defConfig.Address, Address: defConfig.Address,
Region: defConfig.Region, Region: defConfig.Region,
Token: defConfig.SecretID, Token: defConfig.SecretID,
TLS: &types.ClientTLS{ }
if defConfig.TLSConfig != nil && (defConfig.TLSConfig.Insecure || defConfig.TLSConfig.CACert != "" || defConfig.TLSConfig.ClientCert != "" || defConfig.TLSConfig.ClientKey != "") {
p.Endpoint.TLS = &types.ClientTLS{
CA: defConfig.TLSConfig.CACert, CA: defConfig.TLSConfig.CACert,
Cert: defConfig.TLSConfig.ClientCert, Cert: defConfig.TLSConfig.ClientCert,
Key: defConfig.TLSConfig.ClientKey, Key: defConfig.TLSConfig.ClientKey,
InsecureSkipVerify: defConfig.TLSConfig.Insecure, InsecureSkipVerify: defConfig.TLSConfig.Insecure,
}, }
} }
p.Prefix = defaultPrefix p.Prefix = defaultPrefix
p.ExposedByDefault = true p.ExposedByDefault = true
p.RefreshInterval = ptypes.Duration(15 * time.Second) p.RefreshInterval = ptypes.Duration(15 * time.Second)
@ -173,19 +177,24 @@ func (p *Provider) loadConfiguration(ctx context.Context, configurationC chan<-
} }
func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) { func createClient(namespace string, endpoint *EndpointConfig) (*api.Client, error) {
return api.NewClient(&api.Config{ config := api.Config{
Address: endpoint.Address, Address: endpoint.Address,
Namespace: namespace, Namespace: namespace,
Region: endpoint.Region, Region: endpoint.Region,
SecretID: endpoint.Token, SecretID: endpoint.Token,
WaitTime: time.Duration(endpoint.EndpointWaitTime), WaitTime: time.Duration(endpoint.EndpointWaitTime),
TLSConfig: &api.TLSConfig{ }
if endpoint.TLS != nil {
config.TLSConfig = &api.TLSConfig{
CACert: endpoint.TLS.CA, CACert: endpoint.TLS.CA,
ClientCert: endpoint.TLS.Cert, ClientCert: endpoint.TLS.Cert,
ClientKey: endpoint.TLS.Key, ClientKey: endpoint.TLS.Key,
Insecure: endpoint.TLS.InsecureSkipVerify, Insecure: endpoint.TLS.InsecureSkipVerify,
}, }
}) }
return api.NewClient(&config)
} }
// configuration contains information from the service's tags that are globals // configuration contains information from the service's tags that are globals

View file

@ -84,7 +84,6 @@ func TestProvider_SetDefaults_Endpoint(t *testing.T) {
envs: map[string]string{}, envs: map[string]string{},
expected: &EndpointConfig{ expected: &EndpointConfig{
Address: "http://127.0.0.1:4646", Address: "http://127.0.0.1:4646",
TLS: &types.ClientTLS{},
}, },
}, },
{ {