Skip to content

Feature consul tls discovery #1138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
chc0618 wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Feature consul tls discovery #1138

chc0618 wants to merge 3 commits into from

Conversation

@chc0618
Copy link

@chc0618 chc0618 commented Dec 5, 2025

Background

We are using SmallRye Stork with Consul in production.
In our production environment, Consul is running with TLS enabled.

Currently, Stork Consul discovery does not support TLS configuration,
so we added SSL/TLS support and verified it in production.

What’s included

  • Support TLS when discovery services to Consul
  • Support configuration for:
    • trust-store-path (CA file)
    • trust-store-password
    • key-store-path (client certificate + private key)
    • key-store-password
    • verify-host (hostname verification)
    • acl-token (Consul ACL authentication)
  • Backward compatible (non-TLS users are not affected)

Production status

✅ Already running in production.

Why this is useful

More and more users deploy Consul in secure (TLS) mode.
This change allows Stork to be used in secure enterprise environments.

aureamunoz
aureamunoz requested changes Dec 5, 2025
View reviewed changes
Copy link
Collaborator

@aureamunoz aureamunoz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work, thank you very much for this.
We need also some tests to validate this.

aureamunoz
aureamunoz requested changes Dec 5, 2025
View reviewed changes
aureamunoz
aureamunoz requested changes Dec 9, 2025
View reviewed changes
Copy link
Collaborator

@aureamunoz aureamunoz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!
Could you please add some test to validate this feature?

@chc0618
Copy link
Author

chc0618 commented Dec 10, 2025

Thanks! Could you please add some test to validate this feature?

Sure, I will add the required tests.
Since this feature touches both Consul Discovery and Consul Registration, I plan to include:
1. Unit tests for the configuration parsing
2. Integration tests using a test Consul instance (with and without TLS)
3. Verification that the added attributes (ssl, trust-store, key-store, verify-host, acl-token) are correctly passed into the Vert.x HTTP client options.

I will push the test changes in the next update.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aureamunoz aureamunoz aureamunoz requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chc0618 @aureamunoz