golang tls with self-signed cert

tls-ca.go

package main

import (
	"crypto/tls"
	"crypto/x509"
	"fmt"
	"io/ioutil"
	"net/http"
)

func main() {
	certPool := x509.NewCertPool()
	pem, err := ioutil.ReadFile("ca.crt")
	certPool.AppendCertsFromPEM(pem)

	// tr := &http.Transport{
	// 	TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
	// }

	tr := &http.Transport{
		TLSClientConfig: &tls.Config{
			RootCAs: certPool,
		},
	}

	client := &http.Client{Transport: tr}
	req, err := http.NewRequest(
		"GET",
		"https://api.k8s-cluster.test.cirrostratus.org/api/v1/namespaces/teachers/services/search-service-k8s",
		nil)
	check(err)

	req.Header.Add("Accept", "application/json")
	token, err := ioutil.ReadFile("token")
	check(err)
	req.Header.Add("Authorization", fmt.Sprintf("Bearer %s", token))
	resp, err := client.Do(req)
	check(err)
	defer resp.Body.Close()
	body, err := ioutil.ReadAll(resp.Body)
	check(err)

	fmt.Println(string(body))

	// op, _ := jq.Parse(`.spec.ports.[]`)
	// value, err := op.Apply(body)
	// check(err)
	// fmt.Println(string(value))
}

func check(err error) {
	if err != nil {
		panic(err)
	}
}