diff --git a/.changelog/14445.txt b/.changelog/14445.txt new file mode 100644 index 000000000..611fddc28 --- /dev/null +++ b/.changelog/14445.txt @@ -0,0 +1,3 @@ +```release-note:improvement +consul: Allow interpolation of task environment values into Consul Service Mesh configuration +``` diff --git a/client/taskenv/services.go b/client/taskenv/services.go index 18eede7de..087539447 100644 --- a/client/taskenv/services.go +++ b/client/taskenv/services.go @@ -81,7 +81,12 @@ func interpolateMapStringInterface(taskEnv *TaskEnv, orig map[string]interface{} m := make(map[string]interface{}, len(orig)) for k, v := range orig { - m[taskEnv.ReplaceEnv(k)] = v + envK := taskEnv.ReplaceEnv(k) + if vStr, ok := v.(string); ok { + m[envK] = taskEnv.ReplaceEnv(vStr) + } else { + m[envK] = v + } } return m } diff --git a/client/taskenv/services_test.go b/client/taskenv/services_test.go index 525b6a84d..ae5081224 100644 --- a/client/taskenv/services_test.go +++ b/client/taskenv/services_test.go @@ -239,6 +239,7 @@ func TestInterpolate_interpolateConnect(t *testing.T) { }, Config: map[string]interface{}{ "${config1}": 1, + "port": "${port1}", }, }, }, @@ -347,6 +348,7 @@ func TestInterpolate_interpolateConnect(t *testing.T) { }, Config: map[string]interface{}{ "_config1": 1, + "port": "12345", }, }, }, diff --git a/website/content/docs/job-specification/gateway.mdx b/website/content/docs/job-specification/gateway.mdx index 7d39bfe25..297990c75 100644 --- a/website/content/docs/job-specification/gateway.mdx +++ b/website/content/docs/job-specification/gateway.mdx @@ -80,6 +80,7 @@ envoy_gateway_bind_addresses "" { This option applies to terminating gateways that route to services addressed by a hostname. - `config` `(map: nil)` - Escape hatch for [Advanced Configuration] of Envoy. + Keys and values support [runtime variable interpolation][interpolation]. #### `address` Parameters @@ -98,18 +99,18 @@ envoy_gateway_bind_addresses "" { on the gateway. If TLS is enabled, then each host defined in the `host` field will be added as a DNSSAN to the gateway's x509 certificate. -- `tls_min_version` `(string: optional)` - Set the default minimum TLS version +- `tls_min_version` `(string: optional)` - Set the default minimum TLS version supported by the gateway. Refer to [`TLSMinVersion`](https://www.consul.io/docs/connect/config-entries/ingress-gateway#tlsminversion) in the Consul documentation for supported versions. -- `tls_max_version` `(string: optional)` - Set the default maximum TLS version - supported by the gateway. Refer to +- `tls_max_version` `(string: optional)` - Set the default maximum TLS version + supported by the gateway. Refer to [`TLSMaxVersion`](https://www.consul.io/docs/connect/config-entries/ingress-gateway#tlsmaxversion) in the Consul documentation for supported versions. -- `cipher_suites` `(array: optional)` - Set the default list of TLS - cipher suites for the gateway's listeners. Refer to +- `cipher_suites` `(array: optional)` - Set the default list of TLS + cipher suites for the gateway's listeners. Refer to [`CipherSuites`](https://www.consul.io/docs/connect/config-entries/ingress-gateway#ciphersuites) in the Consul documentation for the supported cipher suites. @@ -655,6 +656,7 @@ job "countdash-mesh-two" { [proxy]: /docs/job-specification/gateway#proxy-parameters [linked-service]: /docs/job-specification/gateway#service-parameters-1 [listener]: /docs/job-specification/gateway#listener-parameters +[interpolation]: /docs/runtime/interpolation [service]: /docs/job-specification/gateway#service-parameters [service-default]: https://www.consul.io/docs/agent/config-entries/service-defaults [sidecar_task]: /docs/job-specification/sidecar_task diff --git a/website/content/docs/job-specification/proxy.mdx b/website/content/docs/job-specification/proxy.mdx index 3bda4c0bc..fce984bf6 100644 --- a/website/content/docs/job-specification/proxy.mdx +++ b/website/content/docs/job-specification/proxy.mdx @@ -63,7 +63,7 @@ job "countdash" { - `config` `(map: nil)` - Proxy configuration that's opaque to Nomad and passed directly to Consul. See [Consul Connect's documentation](https://www.consul.io/docs/connect/proxies/envoy#dynamic-configuration) - for details. + for details. Keys and values support [runtime variable interpolation][interpolation]. ## `proxy` Examples diff --git a/website/content/docs/job-specification/sidecar_task.mdx b/website/content/docs/job-specification/sidecar_task.mdx index 452e5c229..052f5bb83 100644 --- a/website/content/docs/job-specification/sidecar_task.mdx +++ b/website/content/docs/job-specification/sidecar_task.mdx @@ -134,6 +134,7 @@ meta.connect.sidecar_image = custom/envoy-${NOMAD_envoy_version}:latest to the same user the Nomad client is being run as. - `config` `(map: nil)` - Configuration provided to the driver for initialization. + Keys and values support [runtime variable interpolation][interpolation]. - `env` `(map: nil)` - Map of environment variables used by the driver.