github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/e2e/terraform/nomad-acls.tf

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/e2e/terraform/nomad-acls.tf (about)

     1  # Bootstrapping Nomad ACLs:
     2  # We can't both bootstrap the ACLs and use the Nomad TF provider's
     3  # resource.nomad_acl_token in the same Terraform run, because there's no way
     4  # to get the management token into the provider's environment after we bootstrap.
     5  # So we run a bootstrapping script and write our management token into a file
     6  # that we read in for the output of $(terraform output environment) later.
     7  
     8  locals {
     9    nomad_env = "NOMAD_ADDR=https://${aws_instance.server.0.public_ip}:4646 NOMAD_CACERT=keys/tls_ca.crt NOMAD_CLIENT_CERT=keys/tls_api_client.crt NOMAD_CLIENT_KEY=keys/tls_api_client.key"
    10  }
    11  
    12  resource "null_resource" "bootstrap_nomad_acls" {
    13    depends_on = [module.nomad_server]
    14    triggers = {
    15      script = data.template_file.bootstrap_nomad_script.rendered
    16    }
    17  
    18    provisioner "local-exec" {
    19      command = data.template_file.bootstrap_nomad_script.rendered
    20    }
    21  }
    22  
    23  # write the bootstrap token to the keys/ directory (where the ssh key is)
    24  # so that we can read it into the data.local_file later. If not set,
    25  # ensure that it's empty.
    26  data "template_file" "bootstrap_nomad_script" {
    27    template = "${local.nomad_env} ./scripts/bootstrap-nomad.sh"
    28  }
    29  
    30  data "local_file" "nomad_token" {
    31    depends_on = [null_resource.bootstrap_nomad_acls]
    32    filename   = "${path.root}/keys/nomad_root_token"
    33  }