Add secure option to registry

registry/consul_registry.go

@@ -1,10 +1,14 @@
 package registry
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"net"
+	"net/http"
+	"runtime"
+	"time"
 
 	consul "github.com/hashicorp/consul/api"
 )
@@ -15,6 +19,24 @@ type consulRegistry struct {
 	Options Options
 }
 
+func newTransport() *http.Transport {
+	t := &http.Transport{
+		Proxy: http.ProxyFromEnvironment,
+		Dial: (&net.Dialer{
+			Timeout:   30 * time.Second,
+			KeepAlive: 30 * time.Second,
+		}).Dial,
+		TLSHandshakeTimeout: 10 * time.Second,
+		TLSClientConfig: &tls.Config{
+			InsecureSkipVerify: true,
+		},
+	}
+	runtime.SetFinalizer(&t, func(tr **http.Transport) {
+		(*tr).CloseIdleConnections()
+	})
+	return t
+}
+
 func encodeEndpoints(en []*Endpoint) []string {
 	var tags []string
 	for _, e := range en {
@@ -94,6 +116,13 @@ func newConsulRegistry(addrs []string, opts ...Option) Registry {
 		}
 	}
 
+	// requires secure connection?
+	if opt.Secure {
+		config.Scheme = "https"
+		// We're going to support InsecureSkipVerify
+		config.HttpClient.Transport = newTransport()
+	}
+
 	// create the client
 	client, _ := consul.NewClient(config)
 

registry/options.go

@@ -8,6 +8,7 @@ import (
 
 type Options struct {
 	Timeout time.Duration
+	Secure  bool
 
 	// Other options for implementations of the interface
 	// can be stored in a context
@@ -19,3 +20,10 @@ func Timeout(t time.Duration) Option {
 		o.Timeout = t
 	}
 }
+
+// Secure communication with the registry
+func Secure(b bool) Option {
+	return func(o *Options) {
+		o.Secure = b
+	}
+}