kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-04 09:25:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

ACLs: allow/deny/default config for Consul/Vault clusters by namespace (#18425)

Browse Source 
In Nomad Enterprise when multiple Vault/Consul clusters are configured, cluster admins can control access to clusters for jobs via namespace ACLs, similar to how we've done so for node pools. This changeset updates the ACL configuration structs, but doesn't wire them up.
This commit is contained in:
Tim Gross
2023-09-08 11:37:20 -04:00
committed by GitHub
parent b022346575
commit 3ee6c31241
12 changed files with 348 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
command/agent/command.go
View File

@@ -395,6 +395,17 @@ func (c *Command) IsValidConfig(config, cmdConfig *Config) bool {
}
}
for _, consul := range config.Consuls {
if err := structs.ValidateConsulClusterName(consul.Name); err != nil {
c.Ui.Error(fmt.Sprintf("Invalid Consul configuration: %v", err))
}
}
for _, vault := range config.Vaults {
if err := structs.ValidateVaultClusterName(vault.Name); err != nil {
c.Ui.Error(fmt.Sprintf("Invalid Vault configuration: %v", err))
}
}
for _, volumeConfig := range config.Client.HostVolumes {
if volumeConfig.Path == "" {
c.Ui.Error("Missing path in host_volume config")