Allow passing in a config to the watch plan to use when creating the API client

This allows watches from consul agent config (rather than consul watch command) to be able to utilize HTTPs

agent/agent.go

@@ -646,14 +646,19 @@ func (a *Agent) reloadWatches(cfg *config.RuntimeConfig) error {
 
 	// Determine the primary http(s) endpoint.
 	var netaddr net.Addr
+	https := false
 	if len(cfg.HTTPAddrs) > 0 {
 		netaddr = cfg.HTTPAddrs[0]
 	} else {
 		netaddr = cfg.HTTPSAddrs[0]
+		https = true
 	}
 	addr := netaddr.String()
 	if netaddr.Network() == "unix" {
 		addr = "unix://" + addr
+		https = false
+	} else if https {
+		addr = "https://" + addr
 	}
 
 	// Fire off a goroutine for each new watch plan.
@@ -669,7 +674,19 @@ func (a *Agent) reloadWatches(cfg *config.RuntimeConfig) error {
 				wp.Handler = makeHTTPWatchHandler(a.LogOutput, httpConfig)
 			}
 			wp.LogOutput = a.LogOutput
-			if err := wp.Run(addr); err != nil {
+
+			config := api.DefaultConfig()
+			if https {
+				if a.config.CAPath != "" {
+					config.TLSConfig.CAPath = a.config.CAPath
+				}
+				if a.config.CAFile != "" {
+					config.TLSConfig.CAFile = a.config.CAFile
+				}
+				config.TLSConfig.Address = addr
+			}
+
+			if err := wp.Run(addr, config); err != nil {
 				a.logger.Printf("[ERR] agent: Failed to run watch: %v", err)
 			}
 		}(wp)

command/watch/watch.go

@@ -226,7 +226,7 @@ func (c *cmd) Run(args []string) int {
 	}()
 
 	// Run the watch
-	if err := wp.Run(c.http.Addr()); err != nil {
+	if err := wp.Run(c.http.Addr(), nil); err != nil {
 		c.UI.Error(fmt.Sprintf("Error querying Consul agent: %s", err))
 		return 1
 	}

watch/plan.go

@@ -20,10 +20,12 @@ const (
 )
 
 // Run is used to run a watch plan
-func (p *Plan) Run(address string) error {
+func (p *Plan) Run(address string, conf *consulapi.Config) error {
 	// Setup the client
 	p.address = address
-	conf := consulapi.DefaultConfig()
+	if conf == nil {
+		conf = consulapi.DefaultConfig()
+	}
 	conf.Address = address
 	conf.Datacenter = p.Datacenter
 	conf.Token = p.Token