github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/e2e/vaultsecrets/input/secrets.nomad

github.com/anth0d/nomad@v0.0.0-20221214183521-ae3a0a2cad06/e2e/vaultsecrets/input/secrets.nomad (about)

     1  job "secrets" {
     2    datacenters = ["dc1", "dc2"]
     3  
     4    constraint {
     5      attribute = "${attr.kernel.name}"
     6      value     = "linux"
     7    }
     8  
     9    group "group" {
    10  
    11      meta {
    12        test_deploy = "DEPLOYNUMBER"
    13      }
    14  
    15      task "task" {
    16  
    17        driver = "docker"
    18  
    19        config {
    20          image   = "busybox:1"
    21          command = "/bin/sh"
    22          args    = ["-c", "sleep 300"]
    23        }
    24  
    25        vault {
    26          policies = ["access-secrets-TESTID"]
    27        }
    28  
    29        template {
    30          data = <<EOT
    31  {{ with secret "pki-TESTID/issue/nomad" "common_name=nomad.service.consul" "ip_sans=127.0.0.1" }}
    32  {{- .Data.certificate -}}
    33  {{ end }}
    34  EOT
    35  
    36          destination = "${NOMAD_SECRETS_DIR}/certificate.crt"
    37          change_mode = "noop"
    38        }
    39  
    40        template {
    41          data = <<EOT
    42  SOME_SECRET={{ with secret "secrets-TESTID/data/myapp" }}{{- .Data.data.key -}}{{end}}
    43  EOT
    44  
    45          destination = "${NOMAD_SECRETS_DIR}/access.key"
    46        }
    47  
    48        resources {
    49          cpu    = 128
    50          memory = 64
    51        }
    52      }
    53  
    54    }
    55  }