diff --git a/e2e/terraform/nomad-acls.tf b/e2e/terraform/nomad-acls.tf index 1cc1feab8..6d1f16430 100644 --- a/e2e/terraform/nomad-acls.tf +++ b/e2e/terraform/nomad-acls.tf @@ -30,7 +30,39 @@ data "template_file" "bootstrap_nomad_script" { template = "${local.nomad_env} ./scripts/bootstrap-nomad.sh" } -data "local_file" "nomad_token" { +data "local_sensitive_file" "nomad_token" { depends_on = [null_resource.bootstrap_nomad_acls] filename = "${path.root}/keys/nomad_root_token" } + +# push the token out to the servers for humans to use. +# cert/key files are placed by ./provision-nomad module. +# this is here instead of there, because the servers +# must be provisioned before the token can be made, +# so this avoids a dependency cycle. +locals { + root_nomad_env = <