mirror of
https://github.com/kemko/nomad.git
synced 2026-01-07 02:45:42 +03:00
7b00a118f5
Adds a `nomad_acls` flag to our Terraform stack that bootstraps Nomad ACLs via a `local-exec` provider. There's no way to set the `NOMAD_TOKEN` in the Nomad TF provider if we're bootstrapping in the same Terraform stack, so instead of using `resource.nomad_acl_token`, we also bootstrap a wide-open anonymous policy. The resulting management token is exported as an environment var with `$(terraform output environment)` and tests that want stricter ACLs will be able to write them using that token. This should also provide a basis to do similar work with Consul ACLs in the future.
Shared configs
The only configurations that should go here are ones that we want to be able to toggle on/off for any profile. Adding a new configuration here requires adding a flag to the provision scripts as well to symlink it.